-----BEGIN PGP SIGNED MESSAGE-----
Fedora Weekly News Issue 138
Welcome to Fedora Weekly News Issue 138 for the week ending August 11, 2008.
Fedora Weekly News keeps you updated with the latest issues, events and
activities in the Fedora community.
If you are interested in contributing to Fedora Weekly News, please see
our 'join' page. Being a Fedora Weekly News beat writer gives you a
chance to work on one of our community's most important sources of news.
Ideas for new beats are always welcome -- let us know how you'd like to
We are still looking for a beat writer to summarize the Fedora Events
and Meetings that happened during each week.
== Developments ==
In this section the people, personalities and debates on the
@fedora-devel mailing list are summarized.
Contributing Writer: Oisin Feeley
=Solving the Unsynchronized Release of Package Dependencies=
A problem often experienced by users of "add-on" packages is that
dependency resolution will fail during a simple yum update when the
official Fedora repositories release an update to the base packages on
which these add-ons depend. ThorstenLeemhuis explained that as add-on
packages have a strict dependency on the base packages for which they
were built and updates are not available at exactly the same time on all
mirrors there is no ideal point in time for the add-on to be released.
Thorsten's RFC was careful to point out that the problem did not only
affect kmods, but also plugins for audacious, xine and k3b and that the
resulting dependency resolution failures occurred both when the add-on
was visible to yum before the base package and vice versa. The two
possible solutions envisioned by Thorsten included either yum being
modified "to be taught to do a second look at the right place to find
what's needed" or the third-party repositories to include the updated
base packages along with the updated add-on. Thorsten feared that this
latter option of "shipping non-free kernel modules and the GPLed kernels
in one repo might [make] some people yell license violation."
 Such packages are hosted by "third-party" repositories, which are
run independently of the Fedora Project. The packages, while highly
useful for many Fedora users, are deemed to be legally non-distributable
due to the laws of the U.S.A.
A report of daily failures of this type occurring for Rawhide without
any complicating third-party repository was posted by John Ellson. He
gave two examples from his current machine. The first was a missing
$ yum update phonon*
Error: Missing Dependency: phonon = 4.2.0-1.fc10 is needed by package
and the second was a file conflict error:
$ yum update digikam*
Transaction Check Error: file
/usr/share/icons/oxygen/128x128/apps/digikam.png from install of
digikam-0.10.0-0.1.beta2.fc10.x86.64 conflicts with file from package
John wished that yum would skip updating all rpms which produce
conflicts with currently installed rpms whether or not they are
third-party or otherwise, especially as neither of these issues had been
flagged in the appropriately dated "Rawhide report". A good deal of the
remainder of thread was devoted to replying to this post instead of to
Thorsten's RFC. The first response came from MichaelSchwendt and made
the point that the first error was probably due to an incorrect
"Obsoletes" tag in the !code?phonon-backend-gst!/code? that is supposed
to replace phonon-backend-gstreamer. The script which checks for broken
dependencies in Rawhide cannot detect this as the
phonon-backend-gstreamer is not visible to it. Michael addressed the
second error with the point that conflicts are entirely different from
dependency issues and are not checked. RexDieter, as package maintainer,
quickly fixed both of the problems and in doing so demonstrated that
users filing bug reports can be an effective part of the current
process. Thorsten also emphasized that the two errors posted by
JohnEllson were entirely different from each other and that the conflict
was a bug best dealt with by user reports. He further argued that it was
impossible for the Rawhide dependency checker script to examine the
contents of users' hard disks. All that the script can do is examine the
current contents of Rawhide and as the phonon-backend-gstreamer was long
gone it could not test a theoretical update from it. Michael Schwendt
later added that although his own "repoclosure" script developed for
the old "Extras" repository had been able to take account of "obsolete
binary [packages] from the previous compose [...] because in Extras
we've had up to two pkg releases in the repo[sitory ...] the Rawhide
report is like a fresh install of only the latest [package] releases,
and one can only hope that there are enough testers who find and report
the additional update/upgrade problems." Michael claimed that as the
FedoraProject policy on file conflicts was "half-hearted" he was
uninterested in shouldering the burden of running the script himself. He
also noted that Florian La Roche had a script for determining conflicts
between files and symlinks.
During this discussion JohnEllson was unimpressed with the
theoretical reasons as to why he was seeing these problems and requested
that even if it were not possible to do such checks on the server
"[j]ust have yum on the client recover gracefully from these and skip
Similarly David Timms wondered if the original problem stated in the
RFC could be solved by using the yum option --skip-broken if it were
made to select only those packages which were: available,
non-conflicting, non-dependency-breaking and actually
downloadable.Thorsten restated his belief that this was effectively
hiding the problem instead of fixing it and would result in users being
unaware that important updates were blocked solely due to a manually
installed problem RPM. Instead he suggested setting a window of time
during which updates with broken dependencies would be ignored and then
finally reported as errors. Seth Vidal corrected the impression that
"skip broken" was a plugin to yum (it is now a core option) and while
agreeing that "a tool to detect all these issues is worth discussing,
not sure how we catch all possible conflicts, though" seemed to confuse
Thorsten's window of time with checking the actual package creation
filestamp. JesseKeating also appeared to fall prey to this confusion
and like Seth pointed out the problem of queued packages sitting in
repositories before being released. To clear this confusion up Thorsten
posted a more detailed explanation which emphasized that the times
being examined were relative to the client-side's first encountering of
the problem and made no reference to the build-date or publication date
of the package itself. The advantage of Thorsten's seventy-two hour
window scheme is that it gives packagers a grace period in which to
correct the problem and at the end of that the same situation prevails
as now, namely that the update will fail and users will notice and
report the errors.
=Firefox Mouse Woes=
MarkG reported that Firefox did not respond to the scroll wheel on
GNU/Linux in the same way in which it did on Microsoft Windows. He had
intended to file a bugzilla report, but due to the outage (see this same
FWN#138 "Bugzilla Overhauled") was merely posting to @fedora-devel. The
basic point made in what MarkG chose to frame as an RFC was that he
expected the middle mouse button when clicked to allow him to scroll the
page but that "[w]hen you press it on linux in firefox you get ...
nothing[.]" He suggested that a simple change of
thefirefox-fedora-default-prefs.js to pref("general.autoScroll", true);
by the Fedora maintainer would achieve this goal and noted that
currently it is possible for a user to achieve the same end by
navigating to the URI about: config and filtering general.autoScroll and
changing its boolean to "true". MarkG also noted in support of his
argument that "Ubuntu" had made such a change.
A correction was made by IgnacioVazquezAbrams--Ignacio Vazquez-Abrams
to the effect that clicking the middle mouse button brought one to the
"URL stored in the clipboard." He also pointed out that the environment
in which the middle-click was made was important and that Firefox was
doing the correct thing by following the Windows' environment preference
of autoscrolling and the *nix environment preference of pasting from the
clipboard. At this point the thread should probably have stopped but
instead descended into a morass of personal preferences and insults.
Nevertheless there were a couple of points worth noting.
NaheemZaffar--Naheem Zaffar thought that while pasting was well and
good it was not so nice to have the pasted URL automatically replacing
the current page. Rui Miguel Silva Seabra provided a fix for this with
about:config -> browser.tabs.opentabfor.middleClick.
A type of closure to the thread was obtained when Todd Zullinger
posted that a likely result of making such changes would merely be to
"get the opposite RFC from anyone who is used to the *nix behavior and
wonders why Firefox is scrolling instead of pasting the clipboard
contents as we'd expect. :)" and he speculated that "Ubuntu" had
diverged from upstream.
As commented in several threads this week (e.g. this FWN#138 "Firefox
Mouse Woes") Bugzilla was down for maintenance. This was due to upgrades
of the OS on the servers and a move from the venerable bugzilla-2.18 to
bugzilla-3.2. The original announcement was posted on several lists
and detailed the planned outage and the changes to bugzilla which
included user-interface enhancements, AJAX optimizations for searching
and displaying bugs and an XMLRPC API.
The announcement and the reminder that this would all happen on 2nd
August requested that those using the API pointed their scripts to the
test server https://partner-bugzilla.redhat.com
to ensure that the new
system was indeed backwards compatible.
A brief thread on @fedora-devel was started when Gilboa Davara
and Firefox offering to retry or stop the script. This experience was
confirmed by several other posters who noted that hitting "Continue" and
waiting seemed to work. PaulFrields--Paul Frields speculated that it
was the population of the component list which was slow.
=Feature Proposal: Provers=
An interesting proposal to include a bunch of tools for automated
theorem proving was mooted by David A. Wheeler. The bundle of tools,
listed in David's post, would ease the task of increasing the
reliability of software in some specific cases and are often used (see
paper by David) to perform assurance for safety and security on other
programs. David argued that these tools, which are variously Formal
Methods Tools, Key Provers and Solvers should be considered as a
"Feature" for Fedora 10 as they needed some integration and had not
previously been packaged for Fedora. Some of the methods enabled by
these tools are being used by the OpenSuSE distribution to speed up
dependency solving of RPM packages.
Jarod Wilson was uncertain that the case for calling "just a
collection of new packages" a Feature had been made. After further
support from Patrice Dumas, Casey Dahlin and Paul Frields an explanation
was posted by Toshio Kuratomi that the determination is made in part
by the presentation of why and how some packages are useful to a
hypothetical end user: "just saying Fedora has a collection of provers
isn't a Feature. But saying, in Fedora 10 we've made an effort to
include foo, bar, baz important provers for Target Audience so they can
find all the tools they need to do X Type of Work. Similarly, `We've
done work so that foo and bar can import and export the same file
format', or other work to show how we're making the user experience
better would make a stronger case for a feature." Similarly Jarod
provided links to the Fedora Project wiki to support his case that
not enough had been done to explain why the programs were a cohesive
collection dedicated to a particular end use case although he admitted
"I suppose perhaps this falls under "noteworthy enough to call out in
the release notes", depending on who you ask. I'm still not sold yet."
RahulSundaram wanted a classification of packaging difficulty added
as he had examined several on the package wishlist and found them "a
large amount of pain to package." Vasile Gaburici suggested calling the
packages "Theorem Proving Tools" in order to broaden the category a bit.
He also suggested including gap and twelf. Suggestions to include
other packages were forthcoming from Miles Savin for Agda2 and Richard
Jones for CIL, a C-parser and static-analysis tool. Richard included a
link to a nice analysis of libvirt performed with CIL. Andrew
Overholt noted that sat4j was already packaged in Fedora.
Red Hat's David Malcolm announced rpmgrok, a web-based tool to allow
users to track program information across an entire distribution, yet
without having a complete install tree. The tracked information includes
all symbols in binaries, RPM manifests, shared objects, meta-information
about rpms and more. He pointed interested parties to his test prototype.
All this information is obtained by analyzing the actually built rpms
and storing the results in a database. David requested that anyone
interested in coding, sysadmin and UI design get involved and provided a
link to the git repository and the information that it was built upon
TurboGears and SQLAlchemy.
Enthusiasm for the "Errors and warnings from rpmlint" was expressed
by Axel Thimm because he could imagine that someone that's say an expert
on "invalid-desktopfile" issues could now dig into this much easier.
Very nice!", but upon further feedback from Mamoru Tasaka and Ville
Skyttä it appeared that some work needed to be done to ensure that
rpmlint was being used correctly. In any case this looks like a very
promising and useful tool.
This section contains the discussion happening on the
Contributing Writer: HuzaifaSidhpurwala
=static F10 Alpha relnotes page=
Karsten Wade writes for fedora-infrastructure-list 
Karsten proposed that we turn  static. People should also be able to
edit that page. Perhaps as part of making it static we can tell people
to post changes to the talk page, then we'll do irregular updates of the
Nicu Buculei writes for fedora-infrastructure-list 
The Art team decided to start collecting photos which can be used as
desktop wallpapers, make a best-of-breed selection and create one or
more packages. The easiest way is to add all of them to the wiki.
However Nicu proposed that we use a better solution, either a gallery
plug-in for trac or a stand alone gallery or something like that.
=FAS authentication for Red Hat bugzilla=
Rahul Sundaram writes for fedora-infrastructure-list 
Rahul asked if configuring FAS Auth for Red Hat bugzilla was possible.
At which Mike replies saying that it was not our call, and Red Hat will
need to decide that.
=RFC: script to run sqlalchemy migrations on the db=
Toshio Kuratomi writes for fedora-infrastructure-list 
FAS started using the python-migrate package to update its db. This is a
good thing for third-parties that want to install their own FAS server
as it lets us ship the database changes in a way that is easy for those
users to apply to their own production databases.
However, it doesn't work very well in our particular environment because
we're a bit more strict about our permissions than the migrate authors
envision. In order to perform migrations, you need to have a user that
can modify the schema for the db. This is either the owner of the db or
the superuser. In our setup, we create the db with the superuser and
then run our web apps with another user. This prevents the normal web
app from modifying the db schema. Toshio proposed a couple of solutions
In this section, we cover the Fedora Artwork Project.
Contributing Writer: Nicu Buculei
=Web banner for FUDCon Brno=
[PaulFrields] asked on the Fedora Art list for a web banner "Red Hat
Europe has agreed to put up a banner for Fedora, advertising the
upcoming FUDCon Brno", request which is followed by two proposals, one
 by NicuBuculei and another  from VaraPrasadPepakayala. One design
is choosen and its quicly featured on the Red Hat Europe website.
An interesting question and offer from BobPeterson about using photos
as background images: "I like the 'blue' themes that Fedora has
traditionally chosen, but I was wondering if Fedora could have a photo
for its main background screen. As an amateur photographer, I have
several 'scenery' photos I've taken that may be suitable, and I'm
willing to donate".
As the general opinion converged over the idea that probably abstract
images work better as a default but a collection of additional
photographic wallpapers is useful, MartinSourada stepped-up and
created a preliminary gallery inside the wiki, which was quickly
populated with a few images by [[NicuBuculei] "to break the ice,
start the ball rolling, provide an incentive and show how to use the
The discussion covered licensing aspects, good practices about
preparing wallpaper images and also spawned a follow-up on the
infrastructure list about the best way of implementing the gallery,
with a Gallery2 instance, proposed by JeffreyOllie looking as the most
=First Nodoka 0.8 screenshots=
MartinSourada posted a status update of the development for the
Nodoka theme, including a number of screenshots illustrating its current
In this section, we cover Security Advisories from fedora-package-announce.
Contributing Writer: David Nalley
==Fedora 9 Security Advisories==
* thunderbird-18.104.22.168-1.fc9 -
* libxslt-1.1.24-2.fc9 -
* pdns-22.214.171.124-1.fc9 -
* httpd-2.2.9-1.fc9 -
Fedora 8 Security Advisories
* poppler-0.6.2-2.fc8 -
* httpd-2.2.9-1.fc8 -
* libxslt-1.1.24-2.fc8 -
* pdns-126.96.36.199-1.fc8 -
* thunderbird-188.8.131.52-1.fc8 -
In this section, we cover discussion on the @et-mgmnt-tools-list,
@fedora-xen-list, @libvirt-list and @ovirt-devel-list of Fedora
Contributing Writer: Dale Bewley
=Enterprise Management Tools List=
This section contains the discussion happening on the et-mgmt-tools list
Virt-manager Support for Storage Pool API
Cole Robinson posted three patches (not to mention screen shots)
which add support for the storage pool API to the virt-manager GUI.
=Virt-mem Tools 0.2.8 Released=
Richard W.M. Jones announced the release of virt-mem 0.2.8. Virt-mem
provides a set of dom0 or host tools which leverage libvirt to
facilitate the inspection of domU or guest kernel information. Commands
include 'virt-uname', 'virt-ps', and 'virt-dmesg' for example.
This latest version has been reworked to have direct access to basically
any kernel structure. This will allow a more rapid fullfillment of
outstanding feature requests such as memory usage information, network
interface listings, etc.
Fedora Xen List
This section contains the discussion happening on the fedora-xen list.
=Installing Fedora 9 Guest on Centos 5 Fails=
Kenneth Tanzer had trouble installing a Fedora 9 paravirtualized
guest on a CentOs 5 host. Eventually the install hung on installing
openoffice.org-writer2latex. David Hláčik reported a kernel panic
during the same scenario. He stated it was due to the Fedora 9
kernel-xen having newer features which the CentOs dom0 did not support.
However, Mark McLoughlin said RHEL5/CentOS Xen is expected to be able
to run pv_ops kernels, and a bug should be filed if this isn't the case.
This section contains the discussion happening on the libvir-list.
sVirt project to Integrate SELinux and Linux-based Virtualization
James Morris announced the formation of the sVirt project with the
goal to be able to apply distinct security labels to individual VM
instances and their resources, so that they can be isolated from each
other via MAC policy.
Libvirt and Persistent Iptables Rules
Daniel Berrange responded to a networking problem by pointing out
that libvirt will automatically setup the correct iptables rules to
allow outbound NAT based connectivity for guest VMs and that restarting
the iptables service will erase these rules.
David Lutterkort hoped this was a temporary situation due to the
confusion it can cause. Mark McLoughlin confirmed there is a RFE (bug
227011) to enable libvirt to persistently register iptables rules, but
was depressed that a resulting fix would be Fedora specific.
=Network XML Configuration Options=
To support a complex virtual network with 3 DMZs, Didier Ayllon asked
if it is possible to specify options such as default gateway, static
routes, DNS options in the network config.
Daniel Berrange pointed out libvirt networking "is designed
specifically to only provide 3 types of networking, an isolated network,
a NAT based network, and a routed network" and the format is documented
oVirt Devel List
This section contains the discussion happening on the ovirt-devel list.
=Lighter-weight "Developer" Setup=
Chris Lalancette proposed some steps toward lowering the barrier to
entry for oVirt users with limited hardware resources and growing the
community. The proposal would remove the "fake managed nodes" concept
and allow oVirt to manage the hardware on the host machine and enable
installation of guests along side the oVirt appliance, and eventually
remove the appliance completely and facilitate installing from a set of
=Beginnings of an oVirt API=
David Lutterkort posted an RFC for implementing an oVirt API and 5
patches to begin the discussion. The patches covered handling hosts,
storage pools, and hardware pools. The fifth patch provided sample
code for using the API. The exercise revealed some changes that could be
made to the server code to to accomodate such an API.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Red Hat - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----