Build Failure regarding Boost
by Tim Niemueller
Hi all.
I'm trying to build the newest version 3.0.0 of the Player package. It
builds just fine on F11/F12, but it fails with an error that
"-lboost_thread" cannot be found on rawhide. boost-devel is in the BR,
boost-thread is being installed according to root.log.
The package uses cmake for building, where I suspect the problem. On my
(F-11) machine it links with -lboost_thread-mt). But on rawhide it uses
the non-mt version (well, a non-multithreaded threading library is kind
of an issue). On my system I have cmake 2.6.3, while rawhide has 2.8.0.
Is there a known problem? Does anyone else maintain a project build with
cmake and using Boost and can give a hint how to solve?
The failed build is at
http://koji.fedoraproject.org/koji/taskinfo?taskID=1840649
Any ideas to get this fixed are welcome,
Tim
--
Tim Niemueller <tim(a)niemueller.de> www.niemueller.de
=================================================================
Imagination is more important than knowledge. (Albert Einstein)
14 years, 4 months
Re: Upcoming multi-day outage
by Kevin Kofler
Mike McGrath wrote:
> Starting on December 12th The Fedora Project will start to move several
> servers, disk trays and related hardware from our current hosting location
> to another. This move is planned to be completed on December 15th and
> will ultimately provide better hosting facilities and room for growth.
Hmmm, how does this affect F10's EOL? Josh Boyer previously announced that
the last day to file F10 updates in Bodhi will be December 14, that's now
right within the outage window.
Kevin Kofler
14 years, 4 months
Odd partition error in F12, but not in F11
by Brent Norris
I have a friend that doesn't read the list that has been fighting a very
odd issue with F12, which does not surface in F11.
On a clean install from the F12 DVD with the updates repo enabled, he
created a RAID 5 setup across 6 drives. Each drive has only one
partition on it. When the machine reboots it cannot rebuild the raid
because it cannot find 4 of the 6 partitions. It drops to the root
prompt and from there if you do an ls /dev/sd?* four of the drives show
no entries for the partitions while the other two show the normal one
partition. If you open one of the incorrect drives with fdisk it shows
the correct partition table and if you write it out from fdisk it then
shows correctly in /dev
If you do this to each of the drives they all show up and then mdadm can
assemble the raid correctly. Reboot the machine and you are right back
to where you started.
dmesg seems to show the kernel correctly listing each drive and
correctly listing them with each one partition, but the entries are not
in /dev for the partitions.
We rolled back to F11 and performed the same process and it worked fine.
I am really at a loss for what to look at or what to test against. We
currently have the machine up and working with F11, so I can get any
information about hardware that might help.
I posted it here rather than the users list, because I don't really
think this is a configuration problem. It seems like a bug in F12, but
I don't know what to check it against.
Brent
14 years, 4 months
Security testing: need for a security policy, and a security-critical package process
by Adam Williamson
Hi, everyone. I'm sending this email as a result of a discussion in the
Fedora QA meeting this morning. You can find a log of the meeting here:
http://meetbot.fedoraproject.org/fedora-meeting/2009-11-23/fedora-meeting...
the discussion takes place from 16:14:09 onwards.
We discussed the recent PackageKit kerfuffle from a QA perspective,
which means we talked about how we could have meaningful security
testing. We came to some basic conclusions about this which require
co-ordination with the security and development groups.
We can't do any meaningful security testing without knowing exactly what
we should be testing for, in which packages. I believe Seth Vidal's
upcoming proposal for covering 'major changes' may touch on this, but I
doubt they'll cover exactly the same ground.
So, if we are to have meaningful security testing in future releases -
which QA believes would be a good thing - we need the project to define
a security policy. We believe there's a genuine need for this anyway, as
the introduction and widespread adoption of PolicyKit will likely lead
to much more complex and significant potential changes in security
posture than any previous change.
It's not QA's role to define exactly what the security policy should
look like or what it should cover, but from the point of view of
testing, what we really need are concrete requirements. The policy does
not have to be immediately comprehensive - try and cover every possible
security-related issue - to be valuable. Something as simple as spot's
proposed list of things an unprivileged user must not be able to do -
http://spot.livejournal.com/312216.html - would serve a valuable purpose
here.
The second thing QA would require, aside from a policy with concrete and
testable requirements, is a list of security-sensitive components to
test. Obviously we couldn't test every package in the entire
distribution for compliance with even such a simple list as spot's, and
it would be a waste of time to try.
Focussing on the relatively simple issues for now, we believe it would
be reasonably simple to generate a list of all packages in the
distribution that attempt privilege escalation. We believe this would be
a list of packages that contain suid binaries, that invoke su, sudo or
consolehelper, or that contain PolicyKit policies. This list of packages
would be what the QA team would test with regard to the security policy.
We also believe there ought to be a process for maintaining this list,
and additions to the packaging guidelines for any new package which
would be on this list or any existing package for which a proposed
change would add it to this list. We could also hook AutoQA into this
process, to run additional tests on security-sensitive packages or alert
us when a package change was submitted which added security-sensitive
elements to an existing package.
Will Woods has indicated he is prepared to help work on the tools
necessary to generate the security-sensitive package list. The QA group
as a whole is happy to contribute what input we can to any discussion of
a general security policy. Mostly, we wanted to make it clear that we
believe security testing would be of benefit to the distribution, but
these things need to be in place before any meaningful such testing
could be done.
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org
http://www.happyassassin.net
14 years, 4 months
Upcoming multi-day outage
by Mike McGrath
Starting on December 12th The Fedora Project will start to move several
servers, disk trays and related hardware from our current hosting location
to another. This move is planned to be completed on December 15th and
will ultimately provide better hosting facilities and room for growth.
Since the servers will physically be loaded onto a truck and moved, this
means lots of services people rely on will be down. We'll be working hard
and using whatever tricks we have at our disposal to keep things as normal
as possible, for example http://mirrors.fedoraproject.org/ will remain up
(which includes the mechanism yum uses to get its mirror list).
Some critical services like the buildsystem will be completely unavailable
for 48 hours or longer. I'll be sending another update out as the day
gets closer to remind everyone. Also this is the official ticket we're
tracking with for those who care to watch it:
https://fedorahosted.org/fedora-infrastructure/ticket/1845
Please do stop by #fedora-admin on irc.freenode.net or comment in the
ticket with any questions or concerns you have.
-Mike
_______________________________________________
Fedora-devel-announce mailing list
Fedora-devel-announce(a)redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-announce
14 years, 4 months
Re: Security testing: need for a security policy, and a security-critical package process
by Eric Christensen
On Mon, Nov 30, 2009 at 22:40, Hal Murray <hmurray(a)megapathdsl.net> wrote:
>
> gene(a)czarc.net said:
> ...
> > A written description of the security policy is a must!
> ...
>
> Is the idea of a single one-size-fits-all security policy reasonable? I
> think Fedora has a broad range of users.
>
Probably not but there are some basics that should be implemented for
everyone.
>
> Security is a tradeoff. If you make it impossible for the bad guys to get
> in, the good guys probably can't get any work done. How secure do you need
> to be? How much are you willing to pay for it?
>
How much are you willing to pay to clean up the aftermath?
>
> I'd much rather have an overview document that explains the likely attacks
> and potential solutions, and their costs and benefits. Additionally, I
> think
> it's much easier to follow a policy if I understand the reasonaing behind
> it.
>
The Fedora Security Guide (found at docs.fedoraproject.org and in a friendly
repo near you) started out that way and has blossomed into that and a whole
lot more. As always suggestions and patches are welcome.
> I think sample policy documents with descriptions of their target audience
> and checklists for how to implement them would be helpful.
>
+1
--Eric
14 years, 4 months
Re: Security testing: need for a security policy, and a security-critical package process
by Gene Czarcinski
On Monday 30 November 2009 22:40:07 Hal Murray wrote:
> gene(a)czarc.net said:
> ...
>
> > A written description of the security policy is a must!
>
> ...
>
> Is the idea of a single one-size-fits-all security policy reasonable? I
> think Fedora has a broad range of users.
>
No. Initially, I recommend one security policy and one reference
implementation to test against. Each variation needs its own security policy
and reference implementation definition. Later ones are easier to create
because they can use the early ones as "guidance".
So, why go through all of this paperwork and bureaucratic bullshit? Well,
those of us who have done this before believe that it is necessary. I do not
like the bureaucratic BS any more than anyone else but, if you do not do it,
then you are not quite sure what you have when you say that something meets
security requirements.
Gene
14 years, 4 months
KDE-SIG weekly report (49/2009)
by Sebastian Vahl
This is a report of the weekly KDE-SIG-Meeting with a summary of the
topics that were discussed. If you want to add a comment please reply
to this email or add it to the related meeting page.
----------------------------------------------------------------------------------
= Weekly KDE Summary =
Week: 49/2009
Time: 2009-12-01 14:00 UTC
Meeting page: https://fedoraproject.org/wiki/SIGs/KDE/Meetings/2009-12-01
Meeting minutes: http://meetbot.fedoraproject.org/fedora-
meeting/2009-12-01/kde-sig.2009-12-01-14.13.html
Meeting log: http://meetbot.fedoraproject.org/fedora-meeting/2009-12-01/kde-
sig.2009-12-01-14.13.log.html
----------------------------------------------------------------------------------
= Participants =
* BenBoeckel
* JaroslavReznik
* KevinKofler
* LukasTinkl
* MaryEllenFoster
* SebastianVahl
* StevenParrish
* ThanNgo
* ThomasJanssen
----------------------------------------------------------------------------------
= Agenda =
* Qt 4.6
* KDE 4.4 Beta 1
* KDE 4.3.4
* Phonon/PulseAudio issues due to the F12 Live CD missing xine-lib-pulseaudio
= Summary =
Qt 4.6:
* Qt 4.6 is now available in rawhide.
* In the next build a regression causing trouble in KMail will be fixed.
* Qt 4.6 builds for F12 will probably not be build before KDE 4.4.0.
KDE 4.4 Beta 1:
* LukasTinkl is working on KDE 4.4 Beta 1 in rawhide.
* WebKit support (which is currently disabled) needs to be reenabled.
KDE 4.3.4:
* ThanNgo started work on KDE 4.3.4.
* There will likely be no update for F-10 (at least there was no clear
decision because the EOL is quite near).
Phonon/PulseAudio issues due to the F12 Live CD missing xine-lib-pulseaudio:
* Missing xine-lib-pulseaudio on Fedora 12 Live images causes Phonon not to
use Pulseaudio.
* There seems to be no easy solution (or hacks) for enabling Pulseaudio again
on an already installed system without overwriting settings that intentionally
disabled Pulseaudio.
* An updated Phonon from trunk with a supplied device-manager-module in
Pulseaudio (#541419) could help in this issue by disabling Phonon's device
management. [1]
* KevinKofler is going to discuss shipping the device-manager module and
Phonon PA integration with lennart.
----------------------------------------------------------------------------------
= Next Meeting =
http://fedoraproject.org/wiki/SIGs/KDE/Meetings/2009-12-08
----------------------------------------------------------------------------------
= Links =
[1] https://bugzilla.redhat.com/show_bug.cgi?id=541419
14 years, 4 months
gnucash updated to development branch in rawhide
by Bill Nottingham
As a consequence of the goffice update, I've updated gnucash
to the 2.3.x development branch in rawhide. (Backporting the fixes
for newer goffice-0.7.x series to the stable branch was looking
a bit ugly, and 2.4.0 should be out well before F13 is frozen.)
Of note is that this release includes the rewritten SQL backend
for storage, and uses webkit for HTML rendering instead of gtkhtml.
Please file bugs in bugzilla, etc.
Bill
14 years, 4 months
What questions would you like to ask the Candidates for the Fedora Board, FESCo, and FAMSCO?
by Thorsten Leemhuis
Hi!
As you may have heard already, several seats of the Fedora Board, FESCo,
and FAMSCO are up for election soon(¹). Right now we are in the
nomination period, which will be followed by a "Candidate
Questionnaire." That means we'll give candidates a list of questions to
answer by private mail within one week after the nomination period
closed; the results will be publish soon after that to make sure they
are available to the public before the Town Hall meetings on IRC happen.
Candidates may choose to answer (or not) those questions as they see
fit. Voters can use the answers to get an impression of what the
candidate think or plan to do while serving for the committees they are
nominated for. That should help to get a interesting discussion running
during the IRC Town Hall meetings; furthermore, those people that can't
or don't want to participate in the IRC meetings can use the answers to
make a more informed vote.
Hence we need to prepare a few good questions that we can send to the
candidates once the nomination period ends. And that's where I need
*your help* now:
If you have one or more questions you'd like to send to the candidates
simply go and add them to:
https://fedoraproject.org/wiki/Elections/F13_Questionnaire
It just takes a minute or two, so best to do it right now -- otherwise
you might get distracted and forget about it. ;-)
I'll take care of the remaining work to review, sort, and clean up the
questions(²); after that I'll send them to the candidates soon after the
nomination period ended. Hence, I need your question suggestions by
around the 15th November 17:00 UTC latest to get a chance to prepare
everything in time.
So please go to the wiki now and add at least one hard question! The
answers will help Fedora contributors to chose whom to vote for! Thanks
in advance for your help .
CU
knurd
(¹) If you haven't read about it yet see
https://fedoraproject.org/wiki/Elections for details.
(²) If you want to get involved or review the questions before I send
them please drop me a line and I'll try to get that arranged; maybe we
can arrange a quick, informal IRC meeting on Sunday evening if there is
interest
14 years, 4 months