This page documents common bugs in Fedora 23 and, if available, fixes or workarounds for these problems. If you find your problem in this page, please do not file a bug for it, unless otherwise instructed. Where appropriate, a reference to the current bug(s) in Bugzilla is included.
Read the Fedora 23 release announcement and the Fedora 23 release notes for specific information about changes in Fedora 23 and other general information.
My bug is not listed
Not every bug is listed in this page, but Bugzilla should be a comprehensive database of known bugs. This page is a sampling of the bugs most commonly discussed on our mailing lists and forums.
To see if your bug has already been reported, you can search Bugzilla. If it has not yet been reported, we encourage you to do so to help improve Fedora for yourself and others. A guide to Bugs and feature requests has been prepared to assist you.
If you believe an already-reported bug report should be added to this page because it is commonly encountered, you can:
- Add it yourself, if you have wiki access. Common bugs instructions provides guidance on how to add an entry to the page correctly, but the most important thing is to make sure that the bug is listed - don't worry if you don't get the format quite right, we can clean it up later.
- Or, add the CommonBugs keyword to the bug report. Someone from the QA team will then inspect the issue to determine whether the bug should be listed as a common bug. To expedite your request, please add a comment to the bug that includes
- a summary of the problem
- any known workarounds
- an assessment on the impact to Fedora users
For reference, you can query Bugzilla for bugs tagged CommonBugs:
- CommonBugs? (bugs with CommonBugs keyword, but do not yet have a link to this page)
- CommonBugs+(bugs with CommonBugs keyword and contain a link to this page)
Kickstarts listing default repos by name only are not properly handled
link to this item - Bugzilla: #1277638
When doing a kickstart install, you are supposed to be able to enable repositories that are present in
/etc/anaconda.repos.d but not enabled by default - e.g. updates-testing - by including a line which simply specifies the repo by name:
Unfortunately, this feature was inadvertently broken by an over-enthusiastic check in Fedora 23. If the installer is run in graphical mode, such a kickstart will cause it to stop at the hub screen, showing an error condition for the INSTALLATION SOURCE spoke; if the installer is run in text mode, such a kickstart will cause a crash.
We have provided an installer update image including the fix for this. If you need to use such a kickstart line, you can use the updates image by adding the kernel parameter inst.updates=https://fedorapeople.org/groups/qa/updates/1277638.img when booting the installer. Of course, you can also download the updates image and use any of the other available updates image delivery mechanisms.
Installer deletes EFI System Partition even in dual boot scenarios
link to this item - Bugzilla: #1183880
If you have several operating systems installed using UEFI boot (booting from EFI System Partition - ESP) and then go into the manual partitioning screen in the installer and select one of the operating systems to be deleted, the ESP will be deleted as well, even though it is required by the other operating systems.
If you need to perform such installation, don't delete the full partition tree under the to-be-deleted operating system, but delete all of its non-ESP partitions individually and leave ESP intact.
Installer does not always correctly compute the minimal required partition size
link to this item - Bugzilla: #1224048
The installer uses a set of heuristics to determine the minimal partition size to fit your installation in. Sometimes if you get very unlucky or you intentionally try to get the install partitions as small as possible, the installer might approve the partition size, but the installation fails at the beginning of the installation transaction (after your partitions have been created and formatted) due to insufficient disk size.
To be safe from this issue, please don't try to set an extremely small root partition (or any other system-critical partition, like /usr partition, if you decide to define one). Always plan for at least 500+MB of free disk space on such partitions (of course, in majority of cases you want much much more free space to have your system usable and useful).
Filesystems encrypted with passphrases using Cyrillic, Arabic or other switched keyboard layout characters cannot be decrypted at boot time
link to this item - Bugzilla: #681250
If the console keyboard layout for your language is 'switched' (you use a key combination to switch between typing Latin characters, and characters from your language), you will not be able to switch when entering encryption passphrases. Therefore, you will only be able to enter passphrases using whichever layout is the default. Usually, the Latin layout is the default. Therefore, if you are doing an encrypted installation using a language with a switched keyboard layout, we recommend you use only Latin characters in the passphrase.
System boots into an older kernel instead of the latest one
link to this item - Bugzilla: #1261569
This bug only affects systems installed from a pre-release version of Fedora 23 (before Fedora 23 RC2). If you have used the final release for installation (or upgraded from a previous Fedora), you're not affected.
The affected systems do not boot with an updated kernel, but to the old kernel version. This can be fixed by manually changing a line in /etc/sysconfig/kernel from:
Software RAID (mdraid) from existing Fedora installations not recognized by Workstation/Live installs
link to this item - Bugzilla: #1225184
Installation from Workstation/Live image does not properly recognize software RAID (mdraid) devices from existing (e.g. previous) Fedora installations. Those devices are listed as "Unknown" (0 bytes size) and cannot be used in the device selection dialog which makes it basically impossible to install Fedora 23 or keep existing data.
This bug exists since Fedora 22 (several Bugzilla reports has been filed for this issue). The Server image does not have this problem and can be used as a workaround to install the Workstation spin from network remotely. Fedora Workstation may no longer be the proper distribution for systems with Software RAID devices.
Upgrade from Fedora 23 fails if
dnf-plugin-system-upgrade is not installed
link to this item - Bugzilla: #1395686
When upgrading from Fedora 23, it is possible to be in a situation where upgrade preparation - the
dnf system-upgrade download step - works, but the actual upgrade - the
dnf system-upgrade reboot step - does not. This occurs if you have the
python3-dnf-plugin-system-upgrade package installed, but not the
If you encounter this issue, when you try the upgrade step, the system will start booting, but then appear to stall. If you hit Esc, you may see a message Reached target System Update. No progress information on the upgrade will appear.
To be absolutely sure this is the issue you are encountering, please leave the system for a long time - say, two or three hours - to ensure it is not just upgrading silently, as rebooting in the middle of an upgrade can cause the system to be entirely unusable.
But if there definitely appears to be no activity after several hours, shut the system down. Now either boot up and add rd.break to the boot parameters, boot the 'Rescue mode' from a Fedora install image, or boot from a live image. From the installed system root, remove the file
/system-update. Now you should be able to boot the system normally again. Now install the package
dnf-plugin-system-upgrade and retry the upgrade process.
Upgrade path for Vagrant broken (rubygem-celluloid retired)
link to this item - Bugzilla: #1275030
rubygem-celluloid was retired between Fedora 22 and Fedora 23, but no package was set to obsolete it. If you have the package installed when you try to upgrade to Fedora 23, and you do not use the --allowerasing option, the upgrade will fail to resolve dependencies. We recommend using --allowerasing to enable DNF to remove the rubygem-celluloid package and allow the upgrade to proceed, but please check the list of packages to be removed carefully and make sure the upgrade will not remove anything vital to you.
Core software issues
Initial setup sometimes starts in text mode instead of in graphics mode
link to this item - Bugzilla: #1185447
Sometimes, the initial setup utility that runs on first boot when a user account is not created in the installer starts in text mode instead of graphical mode. This looks a little surprising, but the text mode utility will work correctly and allow you to create a user account if desired, and the login screen should be shown correctly after it is complete.
Initial user creation hands off to login screen (not desktop) and first attempt to log out fails
link to this item - Bugzilla: #1273112 - Bugzilla: #1272706
GNOME includes its own 'first boot' utility,
gnome-initial-setup. If you install Workstation and do not create a user during the installation process, it will appear the first time you boot the installed system and require you to create a user account. When you complete the utility, it is intended to transfer you directly to the desktop logged in as the newly created user. However, sometimes, this does not work as intended and instead you see the GNOME login screen after creating the user account. When this happens, and you log in as the user you just created, your first attempt to log out will not work correctly, but instead will return you to a fresh logged in desktop session.
It appears that there is a timing problem, where gnome-initial-setup creates the logged in desktop session but does not successfully hand off to it, and when you then log in normally and log out, you are sent to the session created by gnome-initial-session.
This problem is a one-time issue and has no further effects. Once you log out a second time, everything will work normally from then on.
Plasma (KDE) issues
No network connection in VM when both host and guest installed from a live image
link to this item - Bugzilla: #1146232
If you install Fedora from a live image, and then create a virtual machine on it and install another Fedora from a live image as a guest, your networking in guest will probably not work. The reason is that libvirt virtual network address ranges are the same both in the host and the guest and clash. This does not happen if you install the libvirt packages in the guest manually at some point later (it is detected during package installation), only when you install from a live image.
If you don't need libvirt to work in the VM, you can remove libvirt networking there by running
sudo virsh net-destroy default && sudo virsh net-undefine default, and then renewing the network connection in NetworkManager. If you need libvirt to work in VM, you need to edit its configuration files and assign a different IP range to it.
Fedora Server issues
FreeIPA fails to start after upgrade if initially installed with Fedora 21 or earlier
link to this item - Bugzilla: #1323400
Between Fedora 21 and Fedora 22, FreeIPA was changed from using a file-based store for certificate profiles to a database store. Any FreeIPA server initially deployed under Fedora 21 or earlier would have had the file store, and would need to be migrated to the database store on upgrade to Fedora 22 or later.
Testing indicates that this migration was often not correctly performed on upgrade. With versions of
pki-core after 10.2.6-12.fc22 (Fedora 22), 10.2.6-16.fc23 (Fedora 23), or 10.3.0.a1-2 (Fedora 24+), this prevents FreeIPA from starting successfully. With earlier versions, FreeIPA would start successfully, but some certificate operations would fail.
An update that fixes the upgrade migration process is available. If you have a server which was initially deployed with Fedora 21 or earlier and you have not yet upgraded to Fedora 22 or later, please either wait for the update to be released, or ensure it is included in the upgrade by enabling the updates-testing repository during upgrade or in some other way, to ensure the migration works correctly.
If you already hit this bug during upgrade, just updating the package will not fix it. The symptom of this bug is that the email@example.com service fails to start during FreeIPA initialization. If you run
ipactl -d, you will see it repeatedly attempt to connect to https://(serverhostname):8443/ca/admin/ca/getStatus for some time, failing each time, then eventually time out.
If you are affected by the bug, first apply the update: run
sudo dnf install yum, then
sudo yum-deprecated --enablerepo=updates-testing update --advisory=FEDORA-2016-188c172b10. Then, edit the file
/etc/pki/pki-tomcat/ca/CS.cfg and replace the text subsystem.1.class=com.netscape.cmscore.profile.LDAPProfileSubsystem with subsystem.1.class=com.netscape.cmscore.profile.ProfileSubsystem. Finally, run
sudo ipa-server-upgrade. This should correctly perform the migration, and FreeIPA should subsequently start correctly.
Fedora Cloud issues
FreeIPA fails to upgrade properly
link to this item - Bugzilla: #1274905
If you upgrade a system running FreeIPA to Fedora 23, FreeIPA will not start on the upgraded system. The logs will instruct you to run FreeIPA's upgrade process: Upgrade required: please run ipa-server-upgrade command. However, if you ran the upgrade script with the original FreeIPA packages released with Fedora 23, it would fail, and FreeIPA would still not work.
We strongly advise you ensure the updates repository is enabled when upgrading FreeIPA servers to Fedora 23 and ensure the updates listed above are included.
If you ran the upgrade script before the updates were released and encountered the bugs, you may be able to recover and get FreeIPA working by doing the following:
- Find the entry (split across three lines) that starts attributeTypes: ( 2.16.840.1.1137188.8.131.52.2.3 NAME 'ipaVaultPublicKey'
- Replace it with:
attributeTypes: ( 2.16.840.1.1137184.108.40.206.2.3 NAME 'ipaVaultPublicKey' DESC ' IPA vault public key' EQUALITY octetStringMatch SYNTAX 220.127.116.11.4.1.1466.115.1 21.1.40 X-ORIGIN ( 'IPA v4.2' 'user defined' ) )
pki-server migrate --tomcat 8
systemctl start firstname.lastname@example.org
- Re-run the upgrade script:
However, results may vary.
Certain plymouth themes are problematic during system upgrade
link to this item - Bugzilla: #1267949
Certain plymouth (boot screen) themes were buggy inside the system upgrade environment. The known issues are with script and spinner themes - for the first one, the progress information scrolled off the screen soon, for the second one the screen stayed black during the whole upgrade. The upgrade itself would execute just fine, but you wouldn't see the progress properly (if this happened to you, do not force-reboot the computer in the middle of the operation, wait for it to finish, it will automatically reboot once the upgrade is done).
After installing the update, you can execute sudo dracut -f manually to regenerate the ramdisk for your current kernel. Otherwise the fix will only kick in with the first kernel update after the plymouth update.
Alternatively, you can revert to the default theme before performing the upgrade:
sudo dnf install plymouth-theme-charge sudo plymouth-set-default-theme charge sudo dracut -f
SELinux denial appears on application crash
link to this item - Bugzilla: #1276305
There was a known issue in Fedora 23's SELinux policy which caused a denial to occur often when an application crashed. SELinux was forbidding the ABRT crash reporting tool from doing something it wants to do to analyze the crash. The denial was SELinux is preventing abrt-hook-ccpp from using the 'sigchld' accesses on a process.
The system reboots instead of shutting down
link to this item - Bugzilla: #1257131
On some specific Intel boards the system would reboot after a few seconds instead of shutting down.
System-upgrade does not work under Chinese and Japanese (and probably some other) locales
link to this item - Bugzilla: #1278031
Before this issue was fixed, system upgrade would fail with some languages, at least Chinese and Japanese. A workaround was to switch to English locale solely to run the upgrade, but as the bugs have now been fixed, this should no longer be necessary.
FreeIPA web UI (and potentially other webapps) does not work, SELinux denies 'execmem' access
link to this item - Bugzilla: #1277224
There was a complex bug in Fedora 23 which was known to affect the FreeIPA web UI and may have affected other webapps written in Python. In Fedora, SELinux is configured by default to prevent web server processes from executing writeable memory - referred to as 'execmem' access. We have determined that use of the original
python-cryptography module version in Fedora 23 commonly triggered such 'execmem' accesses. Notably, using the widely used
python-requests module loads the python-cryptography module if the
python-ndg_httpsclient package is installed. This package was a dependency of
python-urllib3 in Fedora 21, so it is fairly common to have it installed.
The result of this was that, if you have
python-ndg_httpsclient installed, any Python webapp that uses the requests module was likely to crash. In the system logs you saw an SELinux denial of the 'execmem' access, and in the web server logs you likely saw a note that the affected process crashed. This was known to affect at least the FreeIPA web UI - the web server would continually try to launch child processes, and each one would crash - and may possibly have affected other webapps.
This issue was resolved with updates to the
python-cryptography packages. As long as you have installed the latest versions of those packages, the issue should no longer affect you.
Atomic images have incorrect permissions on the /tmp directory
link to this item - Bugzilla: #1276775
The permissions of the
/tmp dir on early Fedora 23 Atomic host images were 755 when they should have been 777. This broke things that wanted to write to
/tmp but didn't have permissions to. This issue was resolved with an update to the
ostree package which both ensured later Fedora 23 Atomic images were correct out of the box, and fixes the permissions on existing Fedora 23 Atomic deployments when they are updated.
Packages downloaded for system upgrade are removed if you perform a package transaction before starting the upgrade
link to this item - Bugzilla: #1276886
If you want to upgrade your system, you first need to download all necessary packages, and then trigger the upgrade process. However, with DNF versions before 1.0.2, if you do any package transaction between these two actions, e.g. because there is some dependency issue between your currently installed packages and the downloaded packages, or because you decide to install/remove something before starting the upgrade process, the whole package cache (including all of your downloaded packages) are cleaned. If you try to start the upgrade process, you'll receive unhelpful Error: system is not ready for upgrade error message. You'll need to download all the packages again (using
dnf system-upgrade download ... command).
This issue was resolved in DNF 1.0.2, which was in Fedora 23 at release time, and was released for Fedora 22 as an update. Therefore, when upgrading from Fedora 22 to Fedora 23 you should not encounter this issue so long as Fedora 22 is updated first, and you should never encounter this issue when upgrading from Fedora 23 to a later release.
If you still need to work around this issue, use
--setopt=keepcache=True DNF option for transactions you perform between the upgrade download and the reboot. That will make sure your package cache is not cleaned and you will not need to re-download everything again.
Three monitors with an Intel GPU results in instability and display issues
link to this item - Bugzilla: #1275770
Since kernel 4.2, some people with Intel graphics cards had reported issues when they have three (or possibly more) monitors attached. The issues can range from desktop environment crashing, to monitor layout being reset from time to time, or certain monitors not waking up from sleep/locked desktop mode.
The initial reporter of this bug reported on 2016-05-09 that "The issue I originally reported is now fixed as of at least: xorg-x11-server-Xorg-1.18.3-2.fc23.x86_64 xorg-x11-drv-intel-2.99.917-19.20151206.fc23.x86_64". We have not received further reports since.