Fedora Workstation Technical Specification
This document aims to describe the technical characteristics Fedora Workstation product in detail. This includes provided services and APIs, installed software, etc. Some of the desired characteristics may not be entirely achievable in the first version of the Workstation product, and will be approximated.
The content of the spec unavoidably overlaps with the work of the Base Working Group, and needs to be aligned with their deliverables.
Core Services and Features
This section should describe the core services of the platform and their intended use. The items here should refer back to the PRD for a functional justification.
The default file system type for workstation installs should be btrfs. Until btrfs is considered ready for this role, we will stay with the current setup of the desktop spin.
Systemd provides ways to control and monitor the activity and status of system services, resources they require, etc. System services are expected to provide systemd units. See the systemd documentation.
The systemd journal will be used as the local storage backend for system logs. For 'managed' scenarios (e.g the 'developer in a large organization' use case of the PRD), it will be possible to collect the logs in a centralized location, off the local machine.
Applications and services can either use the syslog API or the journal APIs for their logging. See the journal API documentation.
Network devices and connections will be controlled by NetworkManager. This includes support for VPN, which is relevant for 'corporate' scenarios. Applications are advised to use higher-level APIs (such as GNetworkMonitor in GIO) to monitor online status.
A firewall in its default configuration may not interfere with the normal operation of programs installed by default.
We should detect when the system is on a public or untrusted network and prevent the user from unwanted sharing of e.g. music or other media in this situation. A firewall (and network zones as currently implemented by firewalld) may or may not be part of a solution to this.
SELinux will be enabled in enforcing mode, using the targeted policy.
Problems and error conditions (e.g. kernel oopses, Selinux AVCs, application crashes, OOM, disk errors) should all be reported in the systemd journal.
Sending this information to a central place (like abrt does for crashes today) should be possible, but not mandatory. Depending on the use case, it may be turned off, enabled manually on a case-by-case basis, or entirely automatic without user intervention.
Logind will be used as the session tracking facility.
SSSD is providing the backing storage for identity management. For 'managed' scenarios (e.g. the 'developer in a large organization' use case of the PRD), it will be possible to configure it to rely on a directory service for this information. The accountsservice is providing a D-Bus interface for user account information; this may be integrated into SSSD at some point.
Depending on their needs, application and services can either use the POSIX APIs (getpwent(), etc) or the accountsservice D-Bus interface to obtain user information.
gnome-software will use PackageKit with the hawkey backend to obtain and install software updates for packaged applications and the OS itself. The recommendation for applications is to use the PackageKit APIs to interact with the underlying packaging system.
Miscellaneous system information
libvirt-daemon will be used to manage virtualization capabilities.
gdm will be used as the display manager. It is responsible for showing a login screen on each seat. It will be able to launch both X-based sessions and Wayland sessions.
Desktop environments are expected to make themselves known as an available session option on the login screen by dropping a .desktop file into /usr/share/xsessions (or its wayland equivalent).
Other facilities provided by the display manager include screen unlock authentication and user switching.
The accessibility support in the workstation includes a screen reader, a high-contrast theme and a zoom capability, amongst others. The screen reading is provided through orca, which runs as a session service and requires the at-spi infrastructure. Applications are expected to provide suitable information to the screen reader via the toolkit's accessibility support. Applications are also expected to work acceptably in the high-contrast theme. The zoom is implemented in the desktop shell and does not need any application support.
The input method framework on the workstation is provided by ibus. Input methods and keyboard layouts can be configured in the control-center, and selected in shell keyboard menu. The supported application toolkits all support ibus.
The workstation session will switch to using a Wayland compositor as soon as feasible. Until then, it will be based on X11. Even after the switch, an X server will be included, so applications can either connect to Wayland natively, or run as an X client.
It shall be possible to calibrate the screen for accurate color reproduction.
Sound hardware and audio streams will be managed by pulseaudio. Applications are recommended to use the gstreamer framework for media playback.
The workstation will ship with a single theme, which will have support for the included toolkits: gtk3, qt and gtk2. Applications are expected to work well with this theme, as well as with the high-contrast theme that is used for accessibility. The theme will include a dark variant that applications can opt into using (this is most suitable for certain content-focused applications). The theme also includes an icon theme that provides named icons according to the icon-naming spec, plus symbolic variants.
We will be using the Adwaita theme, with a yet-to-be-written qt variant.
Installed applications are expected to install a desktop file in /usr/share/applications and an application icon in the hicolor icon theme.
Packaged applications are also expected to provide appdata for use in the application installer.
The desired installation experience for the workstation product is to limit the pre-installation user interaction to the minimum. The storage configuration UI should be focused on the classes of hardware that are expected in workstation-class machines. Package selection is not necessary: the installer will install the workstation product as defined. Tweaks, customizations and software additions should be performed after the installation.
One aspect of storage configuration that will be needed is support for dual-boot setups (preserving preexisting Windows or OS X installations), since e.g. students may be required to run software on those platforms for their coursework.
gnome-initial-setup already provides support for post-install user creation, language selection, timezone configuration, etc. If necessary, it should be extended to cover all required setup tasks.
cups will be available to support local and network printers.
TBD: containers, supported languages
Core applications are part of the Workstation product and can not be removed.
Applications can depend on any services that are listed above, and can assume that all of the packages listed below are present on the system. They can not require other applications to be installed.
gnome-software will serve as graphical application installer, offering to install and remove applications, system extensions and add-ons (such as fonts, or codecs) and other optional software. To be presented in the application installer, applications need to provide appdata.
firefox will be used as the web browser.
gnome-terminal will be installed as a terminal emulator. More powerful options, such as terminator, can be investigated.
gedit will be installed as a simple text editor.
nautilus will be installed as a file manager.
gnome-boxes will be available for the creation and use of vms, as well as for connecting to remote systems, e.g. ovirt.
- non-core, default applications ?
- other developer-focused software
Core Package list
List the core packages of the product. This list includes all packages that will be shipping on the core media. This is the mandatory minimal list of packages that needs to be installed on a system at all times for it to qualify as a Fedora workstation install. This package list will be the priority focus for QA and bug fixing.
Here is the full list of packages that are installed as dependencies of the various aforementioned packages, in particular systemd, sssd, selinux-policy-targeted, gdm, gnome-shell, gtk2, gtk3, orca, control-center, ibus, qt4 (qt), qt5 (qt5-qtbase and qt5-qtdeclarative), libvirt-daemon, gnome-boxes, gnome-terminal, firefox, gedit, gnome-software, devassistant, pulseaudio, gstreamer1, gstreamer1-plugins-good.
abattis-cantarell-fonts accountsservice accountsservice-libs acl adwaita-cursor-theme adwaita-gtk2-theme adwaita-gtk3-theme alsa-firmware alsa-lib alsa-tools-firmware argyllcms atk at-spi2-atk at-spi2-core audit-libs augeas-libs authconfig autogen-libopts avahi avahi-autoipd avahi-glib avahi-gobject avahi-libs b43-fwcutter b43-openfwwf basesystem bash bash-completion bc bind-libs bind-libs-lite bind-license bind-utils binutils bluez bluez-libs boost-system boost-thread brlapi brltty bzip2 bzip2-libs ca-certificates cairo cairo-gobject c-ares caribou caribou-gtk2-module caribou-gtk3-module cdparanoia-libs celt051 ceph-libs cheese-libs chkconfig clutter clutter-gst2 clutter-gtk cogl colord colord-gtk colord-libs color-filesystem comps-extras control-center control-center-filesystem coreutils corosync corosynclib cpio cracklib cracklib-dicts cronie cronie-anacron crontabs cryptopp cryptsetup cryptsetup-libs cups cups-filesystem cups-filters cups-filters-libs cups-libs cups-pk-helper curl cyrus-sasl cyrus-sasl-gssapi cyrus-sasl-lib cyrus-sasl-md5 dbus dbus-glib dbus-libs dbus-python dbus-x11 dconf deltarpm desktop-backgrounds-gnome desktop-file-utils devassistant device-mapper device-mapper-event device-mapper-event-libs device-mapper-libs device-mapper-persistent-data dhclient dhcp-common dhcp-libs diffutils dmidecode dnf dnsmasq dosfstools dotconf dracut e2fsprogs e2fsprogs-libs ebtables elfutils elfutils-libelf elfutils-libs emacs-filesystem enca enchant epiphany-runtime espeak evolution-data-server exempi exiv2-libs expat fedora-bookmarks fedora-logos fedora-release fedora-release-rawhide festival festival-freebsoft-utils festival-lib festival-speechtools-libs festvox-slt-arctic-hts file file-libs filesystem findutils fipscheck fipscheck-lib firefox firewalld flac-libs flite fontconfig fontpackages-filesystem fpaste fprintd freerdp freerdp-libs freerdp-libwinpr freetype fuse fuseiso fuse-libs fxload gawk GConf2 gcr gd gdbm gdisk gdk-pixbuf2 gdm gdm-libs gedit genisoimage geoclue geoclue2 geocode-glib gettext gettext-libs ghostscript ghostscript-fonts giflib git gjs glib2 glibc glibc-common glib-networking glusterfs glusterfs-api glusterfs-devel glusterfs-fuse glusterfs-libs glx-utils gmime gmp gnome-backgrounds gnome-bluetooth gnome-bluetooth-libs gnome-boxes gnome-classic-session gnome-color-manager gnome-desktop3 gnome-getting-started-docs gnome-icon-theme gnome-icon-theme-extras gnome-icon-theme-symbolic gnome-initial-setup gnome-js-common gnome-keyring gnome-keyring-pam gnome-menus gnome-online-accounts gnome-session gnome-session-xsession gnome-settings-daemon gnome-shell gnome-shell-extension-alternate-tab gnome-shell-extension-apps-menu gnome-shell-extension-common gnome-shell-extension-launch-new-instance gnome-shell-extension-places-menu gnome-shell-extension-window-list gnome-software gnome-terminal gnome-themes-standard gnome-user-docs gnupg2 gnutls gnutls-dane gnutls-utils gobject-introspection gpgme graphite2 grep grilo groff-base grub2 grub2-tools gsettings-desktop-schemas gsm gssdp gstreamer1 gstreamer1-plugins-base gstreamer1-plugins-good gtk2 gtk3 gtksourceview3 gtk-vnc2 gupnp gupnp-av gupnp-dlna gutenprint gutenprint-cups gvfs gvfs-afc gvfs-afp gvfs-archive gvfs-devel gvfs-fuse gvfs-goa gvfs-gphoto2 gvfs-mtp gvfs-smb gvnc gzip hardlink harfbuzz harfbuzz-icu hawkey heisenbug-backgrounds-base heisenbug-backgrounds-gnome hicolor-icon-theme hostname hunspell hunspell-en hunspell-en-GB hunspell-en-US hwdata ibus ibus-chewing ibus-gtk2 ibus-gtk3 ibus-hangul ibus-kkc ibus-libpinyin ibus-libs ibus-qt ibus-setup ibus-wayland info initscripts iproute iptables iptables-services iputils ipxe-roms-qemu iscsi-initiator-utils iso-codes iwl1000-firmware iwl100-firmware iwl105-firmware iwl135-firmware iwl2000-firmware iwl2030-firmware iwl3160-firmware iwl3945-firmware iwl4965-firmware iwl5000-firmware iwl5150-firmware iwl6000-firmware iwl6000g2a-firmware iwl6000g2b-firmware iwl6050-firmware iwl7260-firmware jansson jasper-libs jbigkit-libs json-c json-glib kbd kbd-legacy kbd-misc kernel keyutils keyutils-libs kmod kmod-libs kpartx krb5-libs lcms2 ldns less leveldb libacl libaio libao libarchive libassuan libasyncns libatasmart libattr libavc1394 libbasicobjects libblkid libbluray libcacard libcanberra libcanberra-gtk3 libcap libcap-ng libcdio libcdio-paranoia libcgroup libchewing libcollection libcom_err libcomps libcroco libcue libcurl libdaemon libdb libdb-utils libdhash libdmx libdrm libdv libedit libee libestr libevdev libevent libexif libfdt libffi libfontenc libfprint libgcc libgcrypt libgdata libgee libgee06 libgnomekbd libgnome-keyring libgomp libgovirt libgpg-error libgphoto2 libgsf libgtop2 libgudev1 libgusb libgweather libgxps libhangul libibverbs libical libICE libicu libidn libiec61883 libimobiledevice libini_config libipa_hbac libiptcdata libiscsi libjpeg-turbo libkkc libkkc-common libkkc-data libldb liblouis liblouis-python3 libmbim libmcpp libmediaart libmetalink libmng libmnl libmodman libmount libmtp libndp libnetfilter_conntrack libnfnetlink libnfsidmap libnl3 libnl3-cli libnm-gtk libnotify liboauth libogg libosinfo libpath_utils libpcap libpciaccess libpeas libpinyin libpinyin-data libplist libpng libproxy libpwquality libqb libqmi libquvi libquvi-scripts libraw1394 librdmacm libref_array librepo libreport-filesystem librsvg2 libsamplerate libseccomp libsecret libselinux libselinux-python libselinux-utils libsemanage libsepol libshout libSM libsmbclient libsndfile libsolv libsoup libss libssh2 libsss_idmap libsss_nss_idmap libstdc++ libtalloc libtasn1 libtdb libteam libtevent libthai libtheora libtiff libtirpc libtool-ltdl libudisks2 libunistring libunwind libusal libusbx libuser libutempter libuuid libv4l libverto libvirt-client libvirt-daemon libvirt-daemon-driver-interface libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-kvm libvirt-gconfig libvirt-glib libvirt-gobject libvisual libvorbis libvpx libwacom libwacom-data libwayland-client libwayland-cursor libwayland-server libwbclient libwebkit2gtk libwebp libwnck3 libwsman1 libX11 libX11-common libXau libxcb libXcomposite libXcursor libXdamage libXdmcp libXevie libXext libXfixes libXfont libXft libXi libXinerama libxkbcommon libxkbfile libxklavier libxml2 libXmu libXpm libXrandr libXrender libXres libxshmfence libxslt libXt libXtst libXv libXvMC libXxf86dga libXxf86misc libXxf86vm libyaml linux-atm-libs linuxconsoletools linux-firmware llvm-libs lockdev logrotate lua lua-expat lua-json lua-lpeg lua-socket lvm2 lvm2-libs lyx-fonts lzo lzop make marisa mcpp mdadm mesa-libEGL mesa-libgbm mesa-libGL mesa-libglapi mesa-libGLES mesa-libwayland-egl mesa-libxatracker mobile-broadband-provider-info ModemManager ModemManager-glib mokutil mousetweaks mozilla-filesystem mozjs17 mozjs24 mpfr mtdev mtools mutter mutter-wayland nautilus nautilus-extensions ncurses ncurses-base ncurses-libs netcf-libs net-snmp-libs nettle NetworkManager NetworkManager-glib NetworkManager-openvpn NetworkManager-vpnc newt newt-python nfs-utils nmap-ncat nm-connection-editor nspr nss nss-softokn nss-softokn-freebl nss-sysinit nss-tools nss-util ntfs-3g ntfsprogs numactl-libs numad opencc openjpeg-libs openldap openssh openssh-clients openssl openssl-libs openvpn opus orc orca os-prober p11-kit p11-kit-trust PackageKit PackageKit-glib PackageKit-gtk3-module pam pango parted pciutils pciutils-libs pcre pcsc-lite-libs perl perl-Carp perl-constant perl-Encode perl-Error perl-Exporter perl-File-Path perl-File-Temp perl-Filter perl-Getopt-Long perl-Git perl-HTTP-Tiny perl-libs perl-macros perl-Module-CoreList perl-parent perl-PathTools perl-Pod-Escapes perl-podlators perl-Pod-Perldoc perl-Pod-Simple perl-Pod-Usage perl-Scalar-List-Utils perl-Socket perl-Storable perl-TermReadKey perl-Text-ParseWords perl-threads perl-threads-shared perl-Time-HiRes perl-Time-Local perl-version pinentry pixman pkcs11-helper pkgconfig plymouth plymouth-core-libs plymouth-graphics-libs plymouth-plugin-label plymouth-plugin-two-step plymouth-scripts plymouth-theme-charge pm-utils policycoreutils polkit polkit-pkla-compat poppler poppler-data poppler-glib poppler-utils popt ppp procps-ng psmisc pth pulseaudio pulseaudio-gdm-hooks pulseaudio-libs pulseaudio-libs-glib2 pulseaudio-module-bluetooth pyatspi pycairo pygobject3 pygobject3-base pytalloc python python3 python3-brlapi python3-cairo python3-gobject python3-libs python3-pyatspi python3-speechd python-babel python-backports python-backports-ssl_match_hostname python-caribou python-decorator python-hawkey python-iniparse python-jinja2 python-libcomps python-librepo python-libs python-markupsafe python-PyGithub python-setuptools python-six python-slip python-slip-dbus python-sssdconfig PyYAML qemu-common qemu-img qemu-kvm qemu-system-x86 qpdf-libs qrencode-libs qt qt5-qtbase qt5-qtbase-gui qt5-qtdeclarative qt5-qtxmlpatterns qt-settings qt-x11 quota quota-nls radvd readline realmd redhat-menus rest rpcbind rpm rpm-build-libs rpm-libs rpm-python rsync rsyslog rsyslog-mmjsonparse rtkit rygel samba-common samba-libs sbc SDL seabios-bin seavgabios-bin sed seed selinux-policy selinux-policy-targeted setup sgabios-bin shadow-utils shared-mime-info sheepdog shim shim-unsigned skkdic slang snappy sound-theme-freedesktop sox speech-dispatcher speex spice-glib spice-gtk3 spice-server sqlite sssd sssd-ad sssd-client sssd-common sssd-common-pac sssd-ipa sssd-krb5 sssd-krb5-common sssd-ldap sssd-proxy startup-notification sudo systemd systemd-libs taglib tar tcp_wrappers tcp_wrappers-libs teamd telepathy-filesystem telepathy-glib telepathy-logger totem-pl-parser tracker trousers ttmkfdir tzdata udisks2 unbound-libs unzip upower urw-fonts usbmuxd usbredir ustr util-linux vim-minimal vino vpnc vpnc-script vte3 wavpack webkitgtk3 webrtc-audio-processing which wpa_supplicant xcb-util xcb-util-image xcb-util-keysyms xcb-util-renderutil xcb-util-wm xdg-user-dirs xdg-user-dirs-gtk xfsprogs xkeyboard-config xml-common xorg-x11-drv-ati xorg-x11-drv-evdev xorg-x11-drv-fbdev xorg-x11-drv-intel xorg-x11-drv-mga xorg-x11-drv-modesetting xorg-x11-drv-nouveau xorg-x11-drv-openchrome xorg-x11-drv-qxl xorg-x11-drv-synaptics xorg-x11-drv-vesa xorg-x11-drv-vmmouse xorg-x11-drv-vmware xorg-x11-drv-wacom xorg-x11-fonts-Type1 xorg-x11-font-utils xorg-x11-glamor xorg-x11-server-common xorg-x11-server-utils xorg-x11-server-Xorg xorg-x11-utils xorg-x11-xauth xorg-x11-xinit xorg-x11-xkb-utils xz xz-libs yajl zenity zlib
- Add fonts, non-core applicatoins
- Do we need to pin down versions ?
Policies for software add-ons
General rules and policies for how extra software is installed and what requirements are put on that software.
- Optional software must not interfere with the regular functionality of mandatory components. E.g. installing optional audio software must not prevent other applications from using pulseaudio and gstreamer for media playback.
- Optional software should integrate properly into the defined extension points of the OS:
- Applications should provide desktop files and icons
- Applications should provide appdata (link?) for the software installer
- System services should provide systemd units
- Desktop environments should provide a desktop file in /usr/share/xsessions
- It must be possible to remove optional software from the system again
Installation methods and media
We will produce a live .iso image. The primary target for this image will be USB sticks, but the ability to burn the image to a DVD should be preserved (since we are still getting regular requests for such media). There is no pressing reason to restrict the image to the current 1GB size target. Persistence is not an important feature of the live media, whose primary focus should be to install the system.
gnome-disks can create USB sticks on Fedora, and liveusb-creator is the tool we have to let people create USB sticks on Windows or Linux. Both of these tools may need to be extended with support for EFI (whatever that means in detail).
We expect to support 64bit machines with suitable graphics and display resolutions. High-resolution displays, touchscreens and wacom tablets are interesting hardware for some workstation use cases and should be supported in the future.
These hardware requirements are not meant to prevent the workstation product from running on other systems, but rather to determine the range of hardware that we will focus on with QA, and when it comes to determining release blockers.
Not sure if we want this section here or if we should just make this a pure description document and put the implementation roadmap in a separate document.