- Publicly release installable media versions of a test release
- Test accepted Changes for future releases
- Identify as many Beta blocker bugs as possible
- Identify as many Final blocker bugs as possible
Basic Release Requirements
In order to be released to the general public, a compose must meet all of the following criteria. This is intended to make the decision process as clear and straightforward as possible. Mostly met items are incomplete until they are met. Optional and nice to have items should not be included in this list.
There may be times where a requirement is unmet only in a particular configuration, such as with some keyboard layouts but not others, or if a particular character is used in a username, password or passphrase. In such cases, the release team should use their judgement and refer to precedent to determine whether or not the issue should be considered to block the release. They should consider the number of users likely to be affected by the issue, the severity of the case when the issue is encountered, and the ease or otherwise with which the issue can be avoided by both informed and uninformed users.
The term release-blocking desktops means all the desktop environments in which bugs are currently considered capable of blocking a Fedora release. The current set of release-blocking desktops for x86_64 is GNOME and KDE, and for aarch64 is GNOME. No desktop is release-blocking for 32-bit ARM. Note that bugs in desktops that are not part of this set which would infringe these criteria automatically qualify for freeze exception status, according to the freeze exception bug process.
The term release-blocking images means all the images in which bugs are currently considered capable of blocking a Fedora release. The current set of release-blocking images includes the images defined by the three primary Products - Server, Workstation and Cloud - in their product requirement documents and/or technical specifications, and the KDE live image. As of Fedora 24, no 32-bit x86 image can be 'release-blocking', by FESCo policy. The canonical list of release-blocking images for Fedora 37 is on this page.
A correct checksum must be published for each official release image.
Release-blocking images must boot
All release-blocking images must boot in their supported configurations.
Expected image boot behavior
- Release-blocking dedicated installer images must boot to the expected boot menu, and then after a reasonable timeout to the installer.
- Release-blocking live images must boot to the expected boot menu, and then to a desktop or to a login prompt where it is clear how to log in to a desktop.
- Release-blocking ARM disk images must boot to the initial-setup utility.
- Release-blocking cloud images must allow login with the user authentication configuration requested during instance creation.
- Release blocking IoT images must boot and be configurable by the Zezere utility.
Except where otherwise specified, each of these requirements applies to all supported configurations described above. These requirements do not apply to images which do not use the installer.
Installer must run
The installer must run when launched normally from the release-blocking images.
Remote package sources
When using a release-blocking dedicated installer image, the installer must be able to use HTTP and HTTPS repositories as package sources. Release-blocking network install images must default to a valid publicly-accessible package source.
Media package source
When using a dedicated installer image that contains packages, the installer must be able to use the install medium as a package source.
When using a dedicated installer image, the installer must be able to complete an installation using the text, graphical and VNC installation interfaces.
When installing with a release-blocking dedicated installer image, the installer must be able to install the default package set.
The user must be able to select which of the disks connected to the system will be affected by the installation process.
The installer must be able to complete an installation using any supported locally connected storage interface.
The installer must be able to complete an installation to a single disk using automatic partitioning.
Scripted user creation
The scripted installation mechanism must provide a working function for creating local user accounts, including the ability to specify a hashed password, and for specifying a hashed password for the root account.
The installer must be able to download and use an installer update image from an HTTP and HTTPS server.
The installer must be able to report failures to Bugzilla, with appropriate information included.
Guest on current stable release
The release must install and boot successfully as a virtual guest in a situation where the virtual host is running the current stable Fedora release.
Expected installed system boot behavior
- A working mechanism to create a user account must be clearly presented during installation and/or first boot of the installed system.
- A system installed with a release-blocking desktop must boot to a log in screen where it is possible to log in to a working desktop using a user account created during installation or a 'first boot' utility.
- A system installed without a graphical package set must boot to a state where it is possible to log in through at least one of the default virtual consoles.
- If a utility for creating user accounts and other configuration is configured to launch, it must be visible within 10 seconds of the first boot reaching the launch point.
System service manipulation
The default system init daemon (e.g. systemd) must be capable of starting, stopping, enabling and disabling correctly-defined services.
Installing, removing and updating software
The installed system must be able appropriately to install, remove, and update software with the default console tool for the relevant software type (e.g. default console package manager). This includes downloading of packages to be installed/updated.
A system logging infrastructure must be available, enabled by default, and working.
Unless explicitly specified otherwise, after system installation SELinux must be enabled and in enforcing mode.
It must be possible to trigger a clean system shutdown using standard console commands.
Any component which prominently identifies a Fedora release version number, code name, milestone (Beta, Final), or Edition (Workstation, Server, Atomic) must do so correctly.
It must be possible to run the default web browser and a terminal application from all release-blocking desktop environments.
The default desktop background must be different from that of the last two stable releases.
Server Edition requirements
These requirements apply only to the Server edition.
FreeIPA server requirements
It must be possible to configure a Fedora Server system installed according to the above criteria as a FreeIPA domain controller, using the official deployment tools provided in the distribution FreeIPA packages. Once deployed, the system must handle multiple client enrolments and unenrolments, and client authentication via Kerberos. The web UI must be available and allow at least basic configuration of user accounts and permissions. Prior to Beta, it is acceptable if moderate workarounds are necessary to allow the above.
PostgreSQL server requirements
It must be possible to configure a Fedora Server system installed according to the above criteria as a postgresql database server, using the official deployment tools provided in the distribution postgresql packages. Once deployed, the system must serve requests from the local system on port 5432. The core command line utilities for PostgreSQL must be available and correctly handle basic configuration of the PostgreSQL instance itself, and basic SQL interactions, including creation, modification, deletion, and simple querying of users, tables, columns, and rows. Multiple clients must be able to connect simultaneously to the PostgreSQL instance. Prior to Beta, it is acceptable if moderate workarounds are necessary to allow the above.
It must be possible to join the system to a FreeIPA or Active Directory domain at install time and post-install, and the system must respect the identity, authentication and access control configuration provided by the domain.
After system installation without explicit firewall configuration, the system firewall must be active on all non-loopback interfaces. The only ports which may be open to incoming traffic are port 22 (ssh) and port 9090 (Cockpit web interface). Supported install-time firewall configuration options must work correctly.
Cockpit management interface
Unless explicitly specified otherwise, after system installation the Cockpit web management interface must be running and accessible on its default port (9090).
IoT Edition requirements
These requirements apply only to the IoT Edition.
Zezere user provisioning
The zezere-ignition service must run on all IoT images and allow users to provision a user key for a privileged user (administrator) account.
- When a new ostree is composed and made available, it must be possible to upgrade an existing host using the
- After upgrading to the latest ostree, it must be possible to rollback to an older version using the
- It must be possible to rebase to a different IoT release by using the
- It must be possible to install additional software with the
rpm-ostree installcommand. Software installation must also include dependencies where necessary and installed software should provide the intended functionality.
Confirming Basic Requirements
For nightly composes, compliance with these criteria is enforced via automated testing: composes which fail the automated test suite are not released to mirrors. For milestone candidate composes, QA has the responsibility of determining whether the criteria for the release has been met (as outlined above) through discussion with Development and Release Engineering. QA's findings will be reviewed and discussed at the Go/No-Go Meeting.