F22 System Wide Change: Bare Metal Installer for Fedora Atomic Host
by Jaroslav Reznik
= Proposed System Wide Change: Bare Metal Installer for Fedora Atomic Host =
https://fedoraproject.org/wiki/Changes/Bare_Metal_Atomic
Change owner(s): Joe Brockmeier <jzb(a)fedoraproject.org>, Ian McLeod
<imcleod(a)redhat.com>
To produce a bare metal installer suitable for installing Fedora Atomic Host
22 on "bare metal" (e.g., directly on a server rather than running on top of
some kind of cloud or virtualization).
== Detailed Description ==
In Fedora 21 we shipped Fedora Atomic Host as an AMI for use in Amazon EC2,
and as a qcow2 suitable for use with OpenStack, KVM, etc.
For Fedora 22 we wish to expand the coverage of Fedora Atomic Host to make it
installable on "bare metal" so users are able to run Atomic Host directly on a
server, workstation, etc. without the need for a cloud or virtualzation layer
underneath the host.
== Scope ==
* Proposal owners: Work with rel-eng to add bare metal support. The patches
should be in Anaconda already, it should mostly be a matter of producing the
builds via Koji.
* Other developers: May require some coordination with Anaconda folks.
* Release engineering: Work with Cloud Working Group to turn on support for
bare metal builds, add bare metal to regularly produced builds.
* Policies and guidelines: No obvious impact.
== Contingency Plan ==
* Contingency mechanism: If not ready, will not ship for Fedora 22.
* Contingency deadline: Beta freeze.
* Blocks release? No.
* Blocks product? No.
9 years, 3 months
F22 System Wide Change: GNOME 3.16
by Jaroslav Reznik
= Proposed System Wide Change: GNOME 3.16 =
https://fedoraproject.org/wiki/Changes/GNOME3.16
Change owner(s): Kalev Lember <kalevlember(a)gmail.com>
Update GNOME to the latest upstream release, 3.16.
== Detailed Description ==
The new features for 3.16 include:
* Notification redesign in gnome-shell [1]
* Improvements in nautilus UI [2]
* New games: gnome-2048 and gnome-taquin
* Improved GTK+ and gnome-shell themes
* The codec, font, mime handler installation support is moving from gnome-
packagekit to gnome-software, with a new UI
== Scope ==
* Proposal owners:
** Keep existing GNOME packages updated
** Follow upstream module changes
** Package new applications and new dependencies of existing GNOME packages
for GNOME 3.16:
*** gnome-taquin
*** gnome-2048
* Other developers: N/A
* Release engineering: N/A
* Policies and guidelines: N/A
== Contingency Plan ==
GNOME 3.16 will be released in March 2015 and fits well into Fedora 22
schedule. In case of issues with individual modules that aren't either
released in time or aren't deemed suitable for Fedora 22, we'll continue using
the GNOME 3.14 versions of these modules.
* Contingency mechanism: The Workstation WG evaluates the GNOME 3.16
prerelease before beta freeze and reverts individual changes as needed.
* Contingency deadline: beta freeze
* Blocks release? No
[1] https://fedoraproject.org/wiki/Changes/GnomeShell_NewNotifications
[2] https://fedoraproject.org/wiki/Changes/Nautilus_Improvements
9 years, 3 months
F22 System Wide Change: Systemd Package Split
by Jaroslav Reznik
= Proposed System Wide Change: Systemd Package Split =
https://fedoraproject.org/wiki/Changes/SystemdPackageSplit
Change owner(s): Zbigniew Jędrzejewski-Szmek <zbyszek(a)in.waw.pl>
Split systemd-units out of the main systemd package
== Detailed Description ==
Systemd contains many binaries and depends on a fairly large number of
libraries. Packages which carry systemd units currently have to depend on
systemd (through %post, %preun, %postun macros used to install and uninstall
systemd units), which grows the dependency tree and increases the size of
minimal installs.
With this proposal systemd-units subpackages will be split out again:
systemd-units
This subpackage will contain the directories and binaries necessary to satisfy
%post, %preun, %postun macros for packages containing systemd units
(systemctl, systemd-escape, systemd-sysusers, udevadm, journalctl), and config
information (pkg-config files).
The main systemd package would require this package so it will be pulled in on
all existing systems. All packages which have BuildRequires:systemd will also
pull it in transitively.
Systemd previously had a -units subpackage and ~150 packages still depend on
it. Those packages would start using the reduced subpackage immediately. Other
packages wishing to use the reduced dependency, would have to change the
BuildRequires and Requires to systemd-units.
== Scope ==
* Proposal owners: Create the subpackage, test that macros work as expected.
* Other developers: Change the BuildRequires and Requires to systemd-units if
wanted.
* Release engineering: None
* Policies and guidelines: s/systemd/systemd-units/ in the appropriate places.
== Contingency Plan ==
* Revert the packaging change and rebuild systemd. Main systemd package would
provide systemd-units, as it does now, so no other changes should be
necessary.
* Contingency deadline: should be possible at any time.
* Blocks release? No.
* Blocks product? No.
9 years, 3 months
libicu upgrade to 54.1 with soname bump in rawhide
by Eike Rathke
Hi,
I plan to upgrade libicu to 54.1 in rawhide end of this week or next
week, which as usual comes with a soname bump. David Tardon will help
with rebuilding the dependent packages.
Eike
--
LibreOffice Calc developer. Number formatter stricken i18n transpositionizer.
GPG key "ID" 0x65632D3A - 2265 D7F3 A7B0 95CC 3918 630B 6A6C D5B7 6563 2D3A
Better use 64-bit 0x6A6CD5B765632D3A here is why: https://evil32.com/
Care about Free Software, support the FSFE https://fsfe.org/support/?erack
9 years, 3 months
F22 System Wide Change: python-dateutil 2.x
by Jaroslav Reznik
= Proposed System Wide Change: python-dateutil 2.x =
https://fedoraproject.org/wiki/Changes/python-dateutil_2.x
Change owner(s): Pete Travis <immanetize AT fedoraproject.org>, Stephen
Gallagher <sgallagh(a)redhat.com>
The package providing `dateutil` python libraries is currently on version 1.5.
Early releases in the 2.x series of python-dateutil would work only for
python3, so the package was not updated in Fedora. Now, python-dateutil is at
version 2.4 and does work with python2. Fedora packages can be updated to use
the newer version.
== Detailed Description ==
Many newer python packages require the newer version of python-dateutil, but
some still need python-dateutil 1.5 to function properly. Maintainers will
assess affected packages, and can use the parallel installable python-
dateutil15 package, which already exists in the distribution, if they cannot
migrate.
== Scope ==
* Proposal owners:
Coordinate update efforts and assist maintainers in assessing, testing, and
updating their packages.
* Other developers:
Maintainers of packages that depend on python-dateutils should test with
version 2.4, or the current release at freeze. If their package is not
compatible with this version, they should change the packages Requires: to use
python-dateutil15 and ensure that it works with the parallel-installable egg
that it provides.
* Release engineering: As each package should be assessed individually, a mass
rebuild is not appropriate and release engineering has no requirements for
this change.
* Policies and guidelines:
https://fedoraproject.org/wiki/Packaging:Python_Eggs#Multiple_Versions is
relevant.
9 years, 3 months
F22 Self Contained Change: Ipsilon
by Jaroslav Reznik
= Proposed Self Contained Change: Ipsilon =
https://fedoraproject.org/wiki/Changes/Ipsilon
Change owner(s): Patrick Uiterwijk <puiterwijk(a)redhat.com>, Simo Sorce
<simo(a)redhat.com>
Inclusion of Ipsilon in the Fedora repositories.
== Detailed Description ==
The goal is to include the Ipsilon identity provider [1] into Fedora.
Ipsilon is a server and a toolkit to configure Apache-based Service Providers.
The server is a pluggable selfcontained mod_wsgi application that provides
federated SSO to web applications. User authentication is always performed
against a separate Identity Management system (for example a FreeIPA server),
and communication with application is done using a federation protocol like
SAML, OpenID, etc..
== Scope ==
* Proposal owners: work on Ipsilon inclusion into Fedora
* Other developers: N/A (not a System Wide Change)
* Release engineering: N/A (not a System Wide Change)
* Policies and guidelines: N/A (not a System Wide Change)
[1] https://fedorahosted.org/ipsilon
9 years, 3 months
F22 System Wide Change: Atomic Host
by Jaroslav Reznik
= Proposed System Wide Change: Atomic Host =
https://fedoraproject.org/wiki/Changes/AtomicHost
Change owner(s): Cloud SIG / Joe Brockmeier <jzb(a)fedoraproject.org> and Colin
Walters <walters(a)verbum.org>
New Fedora product: Fedora Atomic Host, an implementation of the Project
Atomic [1] pattern.
This is a continuation and expansion of Changes/Atomic_Cloud_Image [2].
== Detailed Description ==
The original Changes/Atomic_Cloud_Image was a host system delivered just as a
cloud image. This Change for Fedora 22 expands it to a multitude of delivery
vehicles:
* Bare metal support via Anaconda
* Cloud providers
** OpenStack/KVM qcow2
** EC2 AMI
** Google Compute Engine
* Vagrant boxes (OS X and vagrant-libvirt)
* Ultra-minimal LiveOS image designed for PXE booting diskless servers
== Scope ==
* Proposal owners: Maintain kickstart and tree configuration, integration with
Anaconda and other tools, maintain packages in Fedora
* Other developers: Unknown.
* Release engineering: Will need to generate trees during the general Fedora
compose process, and generate install media and cloud image based on trees.
* Policies and guidelines: May need updates for RpmOstree.
== Contingency Plan ==
* Blocks product? Yes, Atomic Host
If something fails and this product can't ship, some upgrade mechanism for
Fedora 21 Atomic Cloud Image users would need to be evaluated. The simplest
fallback is to tell those users to reinstall with a traditional Fedora 22
Cloud image.
[1] http://www.projectatomic.io/
[2] https://fedoraproject.org/wiki/Changes/Atomic_Cloud_Image
9 years, 3 months
F22 System Wide Change: Plasma 5
by Jaroslav Reznik
= Proposed System Wide Change: Plasma 5 =
https://fedoraproject.org/wiki/Changes/Plasma_5
Change owner(s): KDE SIG & Daniel Vrátil <dvratil(a)redhat.com>, Lukáš Tinkl
<ltinkl(a)redhat.com>, Jan Grulich <jgrulich(a)redhat.com>, Rex Dieter
<rdieter(a)fedoraproject.org>, Than Ngo <than(a)redhat.com>, Kevin Kofler
<kevin(a)tigcc.ticalc.org>
Plasma 5 is successor to KDE Plasma 4 created by the KDE Community. It is
based on Qt 5 and KDE Frameworks 5 and brings many changes and improvements
over previous versions, including new look & feel as well as important changes
under the hood.
== Detailed Description ==
Plasma 5 is a new major version of KDE's workspaces. It has a new theme called
Breeze, which has cleaner visuals and better readability, improves certain
work-flows and provides overall more consistent and polished interface.
Changes under the hood include switch to Qt 5 and KDE Frameworks 5 and
migration to fully hardware-accelerated graphics stack based on OpenGL(ES).
Note that Plasma 5 only includes the actual shell, decorations, icons and a
few applications coupled with workspace (e.g. KWin, System Settings,
KSysGuard). It does not include "regular" applications like Dolphin, Okular,
Konqueror, etc. which are part of KDE Applications product and released
independently of Plasma 5.
Plasma 5 gets a new feature release every three months, and each feature
release has monthly bugfix releases. Plasma 5.2 is scheduled to be released on
January 27. KDE SIG intends to ship Plasma 5.2.2 or Plasma 5.3, depending on
the final schedules.
== Scope ==
* Proposal owners:
** Submit, review and import new packages for Plasma 5 to rawhide/F22
** Modify existing KDE 4 packages to ensure smooth upgrade path to Plasma 5
** Retire KDE 4 packages not compatible with Plasma 5, or available in Plasma
5 under different names/components
* Other developers:
Optionally, maintainers of 3rd party KDE Workspace 4 packages such as Plasma
applets or KCMs may want to consult upstream regarding Qt 5/Frameworks
versions of their packages, and eventually update them to Frameworks version,
so that they are available in Plasma 5.
* Release engineering:
No, this change requires no coordination with rel-eng.
* Policies and guidelines:
No, this change requires no update to packaging guidelines or policies.
== Contingency Plan ==
* Contingency mechanism: Rolling back to KDE 4 and shipping KDE Workspace
4.11.X. As rawhide would already have packages with version 5.x.y, we would
have to increase the epoch number of all affected KDE 4 packages, and making
them Obsolete their Plasma 5 equivalents (since some Plasma 5 packages have
been renamed or split from larger KDE 4 packages)
* Contingency deadline: Before F22 beta freeze
* Blocks release? No
* Blocks product? No
9 years, 3 months
F22 Self Contained Change: Minglish - New input method for Marathi Language
by Jaroslav Reznik
= Proposed Self Contained Change: Minglish - New input method for Marathi
Language =
https://fedoraproject.org/wiki/Changes/minglish
Change owner(s): anish <apatil(a)redhat.com>
New input method for Marathi language users.
== Detailed Description ==
Minglish input method is to type Marathi using Latin alpha-bates.However there
are existing mim layouts are available though each layout has few problems.
e.g to type word "anish" in Marathi using phonetic input method one has to
type sequence as "FniS" while with itrans input method one has to type
"anisha". In given example user often expects "अनिश" to be appear with
keystrokes "anish". In India, people who have familiar with English language
tend to type Marathi letters upon English letter pronunciation, that is why we
have new term http://en.wikipedia.org/wiki/Hinglish.
== Scope ==
* Proposal owner: Initial plan is to send this patch to upstream and otherwise
patch it into Fedora
* Other developers: N/A (not a System Wide Change)
* Release engineering: N/A (not a System Wide Change)
* Policies and guidelines: N/A (not a System Wide Change)
9 years, 3 months
F22 System Wide Change: Enable Polyinstantiated /tmp and /var/tmp directories by default
by Jaroslav Reznik
= Proposed System Wide Change: Enable Polyinstantiated /tmp and /var/tmp
directories by default =
https://fedoraproject.org/wiki/Changes/Polyinstantiated_tmp_by_Default
Change owner(s): Huzaifa Sidhpurwala <huzaifas(a)redhat.com>
Polyinstantiation of temperary directories is a pro-active security measure,
which reduced chances of attacks caused due to the /tmp and /var/tmp
directories being world-writable. These include flaws caused by predictive
temp. file names, race conditions due to symbolic links etc.
== Detailed Description ==
The basic idea is to provide better security to Fedora installs. Though
Polyinstantiated /tmp has worked since Fedora 19, its not a single step
process to configure it. Secondly people don't really understand its benefits.
Because of this having it on by default makes more sense. It is completely
transparent to the user, they wont even realize that it has been enabled.
The Red Hat Product Security Team assigns CWE ids to severe flaws (CVSSv2 > 7).
Here is a list of severe flaws caused by insecure tmp files [1].
== Scope ==
* Proposal owners: No work required to be done by proposal owner.
* Other developers:
** Add /tmp-inst and /var/tmp/tmp-inst to filesystem. (packagename: filesystem)
** Enable namespaces in /etc/security/namespace.conf (packagename: PAM)
** Enable proper selinux context and polyinstantiation_enabled boolean to be
set (packagename: selinux-policy-targeted or selinux-policy)
* Release engineering: N/A
* Policies and guidelines: N/A
== Contingency Plan ==
* Contingency mechanism: Poly tmp can be rolled back quite easily, by using
the previous versions of packages which provides the old directory structures
and old versions of the configuration files (poly tmp is just configuration and a
few new directories). In releases earlier gnome-shell had issues with poly
tmp, which now seems to be resolved. In any case, by Beta deadline if any
blockers exists, we can easily remove this feature, by tagging previous
versions of the affected packages, before the final spin.
* Contingency deadline: Beta freeze
* Blocks release? No
[1] http://red.ht/1EkZ1gT
9 years, 3 months