From Fedora Project Wiki
This page is a draft only
It is still under construction and content may change. Do not rely on the information on this page. NFR only for developer Users. To complete for Tester, Mirror, & Other

Fedora NFR (No Frozen Rawhide) HOWTO

This document shows you how to update a package you maintain in Fedora. It assumes you already have a package in the Fedora repositories.

Use the procedure explained here to update your package.

Get Automatically Notified on New Upstream Releases

To automatically get notifications via bugzilla whenever upstream has a new release, refer to upstream release monitoring page.

Build a package for Rawhide

To build a package for Rawhide, check it out from the CVS devel/branch.

Install fedora-packager if not already installed.

Check out a local working copy of the CVS module you plan to edit, e.g. (for a description of the directory layout, see the Anatomy page:

fedora-cvs <package_name>
  • If you update to a new upstream version, you have to upload the tarball to an external lookaside cache. Operations on the lookaside cache require a client-side certificate, to get one, run
fedora-cert -n

. To upload a new source tarball and replace an older one, run

make new-sources FILES="/path/to/yournewtarball.tar.gz"

You can omit the path if the source is the current directory.

In the branch directory (i.e. devel in this case) or for multiple files:

make new-sources FILES="yournewtarball.tar.gz yourdata.tar.gz"

This also updates your local copy of the .cvsignore and sources files. You will need to do this for each branch that you will be building the new version for. The new tarball will be uploaded only once and the rest will be md5sum checked and not uploaded, only the .cvsignore and sources files will be updated.

If you just want to add another tarball (e.g. a big gzipped patch or a documentation tarball), use:

make upload FILES="somefile.tar.gz"

Contrary to make new-sources, this does not purge old files from the .cvsignore and sources files.

If you just have a small patch, initscript, or otherwise plain text file, you can commit those directly to CVS. This can be done with the cvs add command, e.g.:

cvs add packagename-fix-the-foobar.patch
  • Use the command make i686 or make x86_64 to test a package build on your local system. Then install and test the package. If something doesn't work, fix it and repeat this step. You can also use the koji build system to do a scratch build perhaps for some arch you don't have locally. For example, to build just for x86_64:
make srpm; koji build --scratch --arch-override x86_64 dist-f14 packagename-version-release.src.rpm
  • Check if everything that has changed is correct with
cvs diff -u
  • Commit the verified changes to the devel/ branch.
cvs commit

As a test whether the full commit was fine, you can check out a fresh working copy into a different directory. It should succeed in fetching the binaries from lookaside cache and also pass simple build tests such as make i686 or make srpm at least.

  • Tag your package:
make tag
  • Instruct the builders to build your package:
make build


fedora-cvs foo
cd foo/devel
wget -N
make new-sources FILES="foo-0.0.2.tar.bz2"
gedit foo.spec
# change the required things in the specfile
make i686
# check that the changes you made are correct
cvs diff -u
# commit
cvs commit -m "Update to 0.0.2"
# request build
make tag build

The package builders publish your package in the development tree, also called "Rawhide." If the package is a stable update, you may also provide it to users of the currently-maintained stable, or branched Fedora release. To make it available to F-11 or F-12 users, or testers of the branched F-13 for example, use the procedure outlined in the next chapter.

An alternative may be used, the import of a complete src.rpm.

More in-depth information on the build system is at UsingKoji.

Removing a package build from the devel branch

From time to time you may want to remove a package build you pushed to the devel branch (rawhide). This could happen in a situation where a bug or issue is found in your package that will be resolved upstream in the next release. You may want to wait for this release instead of back-porting a fix yourself, so pulling the broken package from rawhide makes sense.

Stop (medium size).png
Use this carefully!
This should only be done on the same day of the build. If your build has already been published in rawhide you must not untag it!

You can remove the package from rawhide by using koji as follows:

koji untag-pkg dist-f13 foo-1.1.3-1.fc13

Where foo-1.1.3-1.fc13 is replaced with the name of your package build. See koji help or UsingKoji for more information.

Build package for Rawhide available for testing

No action required. Happens nightly automatically.

Build critical & non-critical path package for Fedora 33

To build critical & non-critical path package for Fedora 33 (branched content that is Fedora 13 in development) check out and build from the F-13/ branch as indicated below.

Check out and build from the Fedora 33/ branch

  1. Request a testing update in Bodhi for Fedora 33. Bodhi admins "push" it.
  2. Peers and members from QA or Releng test the update and provide karma feedback via bodhi

Build package for Fedora 33 available for testing

  1. You can request a testing update in Bodhi for Fedora 33. Bodhi admins "push" it.
  2. You can peer test the update and provide karma feedback via bodhi

Where it goes to Rawhide or Fedora 33?

If you want to build a new package, but you aren't sure if it should go to Rawhide or Fedora 33, then:

  1. New packages should always be built at least for Rawhide
  2. New packages can be built for Pending and existing Fedora Releases, however they should go through updates-testing first. If the new package is critical-path it will require net positive karma from releng/qa and peers as outlined above.

Builds that will be in Fedora 33 will be tagged with "dist-f1?".
You can run "koji latest-pkg dist-f1?" to see what the latest build of his package is for Fedora 33.

Submit an emergency package

You built a package to handle an urgent issue (e.g. security problem, non-functioning system, etc.) and want to push it to the Fedora 33 branch.
You should build in the Fedora 33 branch and create a bodhi update and do one of the following:

  1. in all cases, you need to be very very very sure the update will not cause additional problems
  2. if the package is not in the critical path, nor addressing a security problem, then you request a push to stable.
  3. if the package addresses a security issue then you mark it as security and waits for the Security team to sign off on the update (not sure how this happens right now) before requesting the package be pushed to stable.
  4. if the package is in the critical path, then you also wait for a QA/releng/peer net positive karma vote in Bodhi before requesting the package be pushed to stable.

Pending package whitout karma feedback

If your package in the "pending" updates-testing repo for a week hasn't received karma feedback

  1. If the package is in the critical path...
    You need to query QA/releng and peers to recieve karma for your update before you can proceed
  2. If the package is not in the critical path...
    You can choose to push to stable, or request and wait for further testing

Make test update "stable" and tagged for Fedora 33

Provided the package has net positive Karma from QA or releng and at least one more net positive karma point, you should request a push to "stable" within Bodhi (this could be automatically done if karma autopush is checked). Bodhi admins "push" it.

Working with packages in the stable branches

Stable branches are branches within CVS for either released Fedoras, or a branched Fedora that is still in bugfix/polish mode but has not yet been released.

  1. Make any required changes in the F-11, F-12 or F-13, etc.. directory. In many cases, you can apply the same changes from the devel/ branch to the other branches. Use the diff and patch utilities for this purpose.
  2. Use the command make i686 or make x86_64 to test a package build on your local system. Then install and test the package. If something doesn't work, fix it and repeat this step.
  3. Commit the verified changes to the branch you are working on:
    cvs commit
  4. Tag your package:
    make tag
  5. Instruct the builders to build your package:
    make build
  6. Check the koji build page at for the build process.

Build a packgage depending on un-stable

If you want to build a package for the Pending Fedora 33 but it requires package that is not yet pushed "stable" for Fedora 13.

  1. You would need to file a buildroot override tag request as outlined in the policy page Alpha_Freeze_Policy
  2. Once tagged, you can proceed to build her package and issue the Bodhi request

Submit your update to Bodhi

  1. This can be accomplished in a few different ways. The easiest being:
    make update
    If your local username differs from that of your Fedora account, you will need to specify it with the following command:
    make update BODHI_USER=foo
    Or you add BODHI_USER=foo to the file ~/.cvspkgsrc.
    1. Alternatively, you can also submit your update using the bodhi-client
    2. or the web interface .
  2. Once submitted, bodhi will automatically request that your update be pushed to updates-testing. If you feel that community testing is unnecessary for your update, you can choose to push it straight to the stable fedora-updates repository instead. Pushing directly to stable skips peer review and is strongly discouraged!! Note that security updates follow a slightly different process .
  3. A Release Engineer then signs and pushes out your updates. The signing step is currently a manual process, so your updates will not be instantly released once submitted to bodhi.
  4. Once pushed to testing, people are able to +1/-1 the updates "karma", based on whether or not it seems to be functional for them. If your update reaches a karma of 3, it will automatically be pushed to stable. Likewise, if it reaches -3, it will be automatically unpushed. If your update does not receive enough feedback to automatically push it to stable, you will have to submit it as a final update yourself. This can easily be done with the command-line tool, or with the web interface.
  5. You will then be notified when your update has been pushed to stable. Bodhi will close all associated bugs and send an announcement to fedora-package-announce. At this point, your update has been officially released!