upgrading RH 9 system->Fedora with iso files and apt only
by Didier Casse
I have the yarrow's iso files on my HD in a RH9 system. Let's say I want
to upgrade selected packages using an "apt-get install" pointing to my
iso-mounted files, how do I do it?
i.e I mount the iso into some /mnt/yarrow1, /mnt/yarrow 2 etc..
Then what is the complete procedure to make my apt look into my own HD to
upgrade packages. Can anybody redirect me to the correct
resource or some literature hanging on the web? Thanks.
Assume also that I do not wish to burn CDs! I do not want to use
apt-cdrom. Thanks.
With kind regards,
Didier.
---
PhD student
Singapore Synchrotron Light Source (SSLS)
5 Research Link,
Singapore 117603
Email: slsbdfc at nus dot edu dot sg \or\
didierbe at sps dot nus dot edu dot sg
Website: http://ssls.nus.edu.sg
1 year, 10 months
F21 Self Contained Change: Replace Bacula with Bareos
by Jaroslav Reznik
= Proposed Self Contained Change: Replace Bacula with Bareos =
https://fedoraproject.org/wiki/Changes/Bareos
Change Owner(s): Simone Caronni <negativo17 at gmail.com>
The powerful Bacula network backup solution has switched from being Open
Source friendly to being almost closed source. Originally the project was
conceived totally as Open Source, but since the creation of Bacula Systems and
its proprietary Bacula Enterprise Edition product, the Open Source (now called
"Community Edition") has received less and less updates and is mostly
abandoned.
== Detailed description ==
The most important points that are left "abandoned" are the following:
* Installation scripts and updates to makefiles are not updated anymore.
* New plugins and functionalities are not added anymore, except those in the
"core" daemons.
* Gaphical (and buggy) console has not received any update in almost two
years.
* Patches and bugs opened in the bug tracker are mostly left abandoned. Even
trivial fixes are not imported in the source.
* Windows binaries are no longer provided, nor the source for the clients has
been updated. Even if compiled with difficulties, there is no support for recent
Windows versions.
A former Bacula developer, frustrated by the situation created the fork Bareos
a long time ago from Bacula 5.2.x (the current Fedora and RHEL 7 version).
This version has now received '''a lot of bugfixes''' compared to the original
Bacula source. This makes compilation and installation a lot easier than it
was with Bacula.
On top of this, a '''lot of new features''' have been added; some unique to
Bareos but many available only in the closed source Bacula Enterprise.
Here is the list of new features compared to the current Bacula 5.2.13:
* http://www.bareos.org/en/whats_new.html
Some highlights include NDMP support for enterprise class storage (NetApp,
etc.), support for enterprise class tape libraries and Windows support
(including Windows Server 2012) with Bareos generated binaries.
For further details on why a Bacula fork was created please look at the
following links:
* http://www.bareos.org/en/faq/items/why_fork.html
Bareos can also be '''fully compatible with Bacula''' by setting a specific
configuration directive in the Daemon configuration files; thus providing the
option for RHEL 6/7 users to interoperate with Fedora systems.
* http://www.bareos.org/en/faq/items/bareos_bacula_compatibility.html
== Scope ==
To accomplish the goal, the following Bacula packages need to be replaced with
Bareos equivalents:
bacula
bacula-docs
Currently, the same Fedora packages can be rebuilt as they are, to work also
on CentOS/RHEL 5 and 6, upgrading the EPEL or official Bacula packages in the
distributions. This is to have a consistent backup infrastructure across all
the Fedora/CentOS/RHEL ecosystem.
To ease installation, a repository for installing those packages on a
CentOS/RHEL system do exist:
http://repos.fedorapeople.org/repos/slaanesh/bacula/README.txt
The idea is the same for Bareos: import into Fedora 21 packages that can be
rebuilt for all supported Fedora/RHEL/CentOS releases and provide a repository
that can upgrade any Bacula release currently installed in the system with the
new one. In detail; the upgrade scenarios supported when going from Bacula to
Bareos would be:
From Bacula 2.4:
* RHEL/CentOS 5 with EPEL repository
From Bacula 5.0:
* RHEL/CentOS 6
From Bacula 5.2.13:
* Fedora 18+
* RHEL/CentOS 5
* RHEL/CentOS 6
As written before, the change is impacting only Fedora 21, the list of
upgrades supported are only for users who want a consistent backup solution
across the enterprise.
=== External activities ===
Proposal owners: I'm the current Bacula mantainer in Fedora and will complete
the transition in time for the release.
Other developers: N/A (not a System Wide Change)
Release engineering: the release engineering team should make sure the new
Bareos packages are in place instead of the current Bacula packages for the
new release.
Policies and guidelines: N/A (not a System Wide Change)
_______________________________________________
devel-announce mailing list
devel-announce(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce
8 years, 8 months
Expanding the list of "Hardened Packages"
by Dhiru Kholia
Hi,
This proposal was originally at https://fedorahosted.org/fesco/ticket/1104
(mitr asked me to move the discussion to fedora-devel to get more
attention and feedback)
...
http://fedoraproject.org/wiki/Hardened_Packages page mentions
that "FESCo requires some packages to use PIE and relro hardening by
default."
It would be great if this list could be expanded to include even more
packages which are at comparatively more risk of being exploited (locally
or remotely).
Such packages will typically include various system daemons, network
daemons and network enabled applications.
Lot of network daemons are already using PIE and RELRO (e.g. httpd,
MariaDB). So a natural question is why packages in same "network
daemons" class like PostgreSQL, Dovecot and MongoDB aren't being
hardened?
Some of the ways to implement this proposal are,
1. Hardening flags should be turned on (by default) for all packages
which are at comparatively more risk of being exploited or which meet
some well-defined criteria (suggestions welcome).
"Packaging Guidelines" say that "Other packages may enable the flags at
the maintainer's discretion."
Thinking from a security perspective, I find "Hardening flags can only
be disabled for other packages at the maintainer's discretion provided
enough justification is given to FESCo" to be more appropriate.
2. An alternate approach is to come up with an expanded list of packages
which should be hardened.
Any feedback is welcome!
--
Dhiru
9 years, 4 months
Package reviev : tayga
by William
Hi,
I am looking to have the following package reviewed for inclusion into
fedora.
Tayga is a NAT64 implementation in userland. With the help of DNS64
(BIND), it allows an ipv6 only client to communicate with the ipv4
internet. http://www.litech.org/tayga/
I have attached the SRPM of what I have created.
There are a few things that could change. First, I had thought that I
would need more selinux policy than I did. At the moment the policy just
provides a filecontext. Is there a better way to do this?
The ifup / ifdown script read their variables from the /etc/tayga
configuration file. In most scenarios, a system will run only one
instance of this. However I would like feedback on:
Should I enable it so that the ifup/down can accept a tayga.conf
parameter to read
OR
Should the ifup/ifdown script generate the tayga.conf on the fly to
say /var/run/tmp somewhere from values provided in the ifup / ifdown?
Additionally, what I have in these scripts should really be reviewed, as
I have never written them before.
Finally, tayga is a long running process, as such, I have enabled the
hardened build. It is possible to run as an alternate user and in a
chroot of it's DB dir. What is the best way to go about adding a user
for this package for the daemon to run as?
Looking forwards to comments and advice,
--
Sincerely,
William Brown
http://pgp.mit.edu:11371/pks/lookup?op=vindex&search=0xEFC416D781A8099A
9 years, 5 months
Removing python-setuptools-devel backwards compat
by Toshio Kuratomi
In November of 2009, in time for Fedora 13, we solved a packaging issue in
the main python package that allowed us to remove a split in our
python-setuptools package. Instead of needing a separate
python-setuptools-devel subpackage for easy_install the python-setuptools
package could now contain all of the functionality of python-setuptools.
To ease with package migration we added an Obsoletes and Provides tag to the
python-setuptools package at that time so that packages, kickstarts, etc
which required python-setuptools-devel would not break.
Fast forward to the present day:
It's November of 2013. Rawhide is Fedora 21. I'd like to drop the
backwards compatibility Provides (and Obsoletes) from the python-setuptools
package. However, there are currently 166 packages BuildRequire'ing
python-setuptools-devel. If owners would care to fix them before I remove
the backwards compatibility there shouldn't be any surprises in mass
rebuilds or late-night package updates later. The changes are easy enough
that provenpackagers could step in if owners don't update.
Changes are simply:
-BuildRequires: python-setuptools-devel
+BuildRequires: python-setuptools
(Same for Requires: lines but AFAICT I fixed the last of those today)
Here's the list:
Listing by package:
| PyOpenGL | fcami, cicku
| TurboGears2 | toshio, lmacken, ralph, vicodan
| antlr | mizdebsk, mjakubicek
| babel | fschwarz, jcollie, nphilipp
| bodhi | lmacken
| bzr-fastimport | dcallagh
| catkin | rmattes
| certmaster | ssalevan, alikins, wakko666
| cloud-init | mattdm, apevec, pbrady, gholms
| clusterPy | volter
| cobbler | jimi, shenson
| django-typepad | lbazan
| euca2ools | gholms
| fedmsg | lmacken, ralph
| fedmsg-notify | lmacken, ralph
| firstaidkit | msivak
| func | gnat, ssalevan, alikins, wakko666
| fuse-python | peter
| gaupol | lucilanga
| geome | pwouters
| gflags | peter
| glances | madko
| gnome-shell-search-fedora-packages | ralph
| gnome-shell-search-github-repositories | ralph
| gnome-shell-search-pinboard | ralph
| grin | terjeros
| hgsvn | terjeros
| libconcord | swt2c, silfreed
| libpfm | wcohen
| nml | heffer
| nwsclient | spot
| openerp | leamas
| ovirt-engine-cli | oschreib, jhernand
| phatch | jcapik
| planet | limb
| protobuf | mizdebsk, jlaska, abbot, konradm
| pss | kushal
| pssh | terjeros
| pycolumnize | kushal
| pykickstart | bcl, clumens
| pymodbus | chkr
| pymol | timfenn
| pyrasite | lmacken
| python-Coherence | hadess, thias
| python-Levenshtein | dwayne
| python-PSI | topdog
| python-TurboMail | fschwarz, toshio, lmacken
| python-altgraph | fab
| python-amara | jamatos
| python-atfork | jlaska
| python-batchhttp | puiterwijk
| python-blivet | bcl, dlehman
| python-boto | robert, gholms
| python-bugzilla | dzickus, crobinso, wwoods
| python-clientform | lmacken
| python-confparser | dougsland, aquini
| python-ctags | kushal
| python-daap | jcollie
| python-decoratortools | toshio, lmacken
| python-demjson | thm
| python-di | msivak
| python-dictclient | ricky
| python-django-ajax-selects | lbazan
| python-django-threadedcomments | lbazan
| python-dotconf | mjakubicek
| python-dtopt | ralph, ricky
| python-editdist | pwouters
| python-elfdata | kushal
| python-enum | maxamillion
| python-fastimport | dcallagh
| python-feedcache | lmacken
| python-flup | till
| python-futures | terjeros
| python-gnutls | gnat, peter
| python-googlevoice | jcollie
| python-guppy | peter
| python-html2text | mschwendt, thl
| python-httplib2 | awjb, dchen
| python-iniparse | timlau
| python-isodate | jmatthews, jlaska
| python-jinja | toshio, thm
| python-kid | toshio, till, lmacken
| python-louie | thias
| python-markupsafe | kylev, lmacken
| python-mechanize | lmacken
| python-meh | clumens, vpodzime
| python-mpd | hguemar
| python-musicbrainz2 | jcollie, alexlan
| python-netifaces | rrix
| python-nss | jdennis
| python-numeric | rstrode, rhughes, alexlan, johnp, alexl, caolanm, ssp,
mbarnes, hadess, mclasen, caillon
| python-oauth | sdz
| python-openid | jcollie
| python-pandas | kushal
| python-peak-rules | kylev, lmacken
| python-peak-util-symbols | lmacken
| python-pmw | timfenn
| python-ptrace | terjeros
| python-pyramid | lmacken, ralph, rossdylan
| python-pysctp | nhorman
| python-rdfextras | pingou
| python-rdflib | dmalcolm, pingou
| python-remoteobjects | bkabrda
| python-repoze-lru | lmacken, ralph
| python-repoze-tm2 | lmacken
| python-repoze-what | lmacken
| python-repoze-what-plugins-sql | lmacken
| python-repoze-what-pylons | spot
| python-repoze-what-quickstart | spot
| python-repoze-who-friendlyform | spot
| python-repoze-who-plugins-sa | lmacken
| python-repoze-who-testutil | spot
| python-rosdep | rmattes
| python-rosinstall | rmattes
| python-rospkg | rmattes
| python-rpmfluff | jhutar
| python-ruledispatch | toshio, lmacken
| python-scripttest | mbacovsk
| python-shapely | volter
| python-shove | lmacken
| python-signalfd | jlaska
| python-simpy | sarantis
| python-sippy | peter
| python-spiffgtkwidgets | leamas
| python-sqlamp | mbacovsk
| python-suds | jortel
| python-sudsds | jskarvad
| python-sybase | yaneti
| python-tag | thias
| python-textile | thm
| python-tgext-admin | lmacken
| python-tgext-crud | lmacken
| python-translationstring | lmacken, ralph
| python-turbocheetah | toshio, lmacken
| python-tw-jquery | lmacken
| python-twill | thias
| python-typepad | lbazan
| python-unipath | terjeros
| python-urllib2_kerberos | tdabasin
| python-urwid | lmacken, fabiand, dcantrel
| python-vcstools | rmattes
| python-venusian | lmacken, ralph, rossdylan
| python-weberror | lmacken, ricky
| python-webflash | lmacken
| python-webhelpers | kylev
| python-webob1.1 | lmacken
| python-wsgiproxy | ricky
| python-wsgiref | lmacken
| python-xappy | lmacken
| python-xmpp | jcollie, peter
| python-yenc | konradm
| python-zope-deprecation | lmacken, ralph
| pywbem | miminar, ke4qqq, jsafrane
| pywebdav | sharkcz
| rednotebook | fab, cwickert
| sendKindle | kparal
| snake | jlaska, wwoods
| spambayes | pghmcfc
| squeal | dmalcolm
| supybot | ricky
| trac | limb, fschwarz, lmacken
| trac-tracnav-plugin | thm
| trash-cli | sundaram, ankursinha
| veusz | jsanders
| vhybridize | fab
| zapplet | ke4qqq
Listing by maintainer:
| abbot | protobuf
| alexl | python-numeric
| alexlan | python-numeric, python-musicbrainz2
| alikins | certmaster, func
| ankursinha | trash-cli
| apevec | cloud-init
| aquini | python-confparser
| awjb | python-httplib2
| bcl | pykickstart, python-blivet
| bkabrda | python-remoteobjects
| caillon | python-numeric
| caolanm | python-numeric
| chkr | pymodbus
| cicku | PyOpenGL
| clumens | pykickstart, python-meh
| crobinso | python-bugzilla
| cwickert | rednotebook
| dcallagh | python-fastimport, bzr-fastimport
| dcantrel | python-urwid
| dchen | python-httplib2
| dlehman | python-blivet
| dmalcolm | squeal, python-rdflib
| dougsland | python-confparser
| dwayne | python-Levenshtein
| dzickus | python-bugzilla
| fab | vhybridize, rednotebook, python-altgraph
| fabiand | python-urwid
| fcami | PyOpenGL
| fschwarz | babel, python-TurboMail, trac
| gholms | cloud-init, python-boto, euca2ools
| gnat | python-gnutls, func
| hadess | python-numeric, python-Coherence
| heffer | nml
| hguemar | python-mpd
| jamatos | python-amara
| jcapik | phatch
| jcollie | babel, python-googlevoice, python-xmpp, python-openid,
python-daap, python-musicbrainz2
| jdennis | python-nss
| jhernand | ovirt-engine-cli
| jhutar | python-rpmfluff
| jimi | cobbler
| jlaska | python-isodate, python-atfork, protobuf, python-signalfd, snake
| jmatthews | python-isodate
| johnp | python-numeric
| jortel | python-suds
| jsafrane | pywbem
| jsanders | veusz
| jskarvad | python-sudsds
| ke4qqq | zapplet, pywbem
| konradm | protobuf, python-yenc
| kparal | sendKindle
| kushal | pycolumnize, pss, python-elfdata, python-ctags, python-pandas
| kylev | python-markupsafe, python-webhelpers, python-peak-rules
| lbazan | python-typepad, python-django-ajax-selects,
python-django-threadedcomments, django-typepad
| leamas | openerp, python-spiffgtkwidgets
| limb | planet, trac
| lmacken | python-repoze-what-plugins-sql, python-peak-rules,
python-translationstring, python-ruledispatch, python-pyramid,
python-shove, python-kid, TurboGears2, python-wsgiref,
python-peak-util-symbols, python-weberror,
python-repoze-who-plugins-sa, python-repoze-lru,
python-decoratortools, python-repoze-tm2, python-webflash,
python-webob1.1, pyrasite, python-clientform, python-tgext-crud,
bodhi, python-xappy, python-repoze-what, python-markupsafe,
python-tw-jquery, trac, python-zope-deprecation, fedmsg,
python-tgext-admin, python-TurboMail, fedmsg-notify,
python-mechanize, python-urwid, python-venusian,
python-turbocheetah, python-feedcache
| lucilanga | gaupol
| madko | glances
| mattdm | cloud-init
| maxamillion | python-enum
| mbacovsk | python-sqlamp, python-scripttest
| mbarnes | python-numeric
| mclasen | python-numeric
| miminar | pywbem
| mizdebsk | antlr, protobuf
| mjakubicek | antlr, python-dotconf
| mschwendt | python-html2text
| msivak | python-di, firstaidkit
| nhorman | python-pysctp
| nphilipp | babel
| oschreib | ovirt-engine-cli
| pbrady | cloud-init
| peter | gflags, python-guppy, python-xmpp, python-sippy, python-gnutls,
fuse-python
| pghmcfc | spambayes
| pingou | python-rdfextras, python-rdflib
| puiterwijk | python-batchhttp
| pwouters | geome, python-editdist
| ralph | python-dtopt, python-zope-deprecation,
gnome-shell-search-fedora-packages, fedmsg,
gnome-shell-search-github-repositories, fedmsg-notify,
python-pyramid, python-venusian, python-translationstring,
TurboGears2, python-repoze-lru, gnome-shell-search-pinboard
| rhughes | python-numeric
| ricky | python-weberror, python-dtopt, python-wsgiproxy, supybot,
python-dictclient
| rmattes | python-rospkg, python-rosdep, python-rosinstall, catkin,
python-vcstools
| robert | python-boto
| rossdylan | python-pyramid, python-venusian
| rrix | python-netifaces
| rstrode | python-numeric
| sarantis | python-simpy
| sdz | python-oauth
| sharkcz | pywebdav
| shenson | cobbler
| silfreed | libconcord
| spot | nwsclient, python-repoze-who-friendlyform,
python-repoze-what-pylons, python-repoze-who-testutil,
python-repoze-what-quickstart
| ssalevan | certmaster, func
| ssp | python-numeric
| sundaram | trash-cli
| swt2c | libconcord
| tdabasin | python-urllib2_kerberos
| terjeros | pssh, python-futures, python-unipath, python-ptrace, grin,
hgsvn
| thias | python-tag, python-louie, python-twill, python-Coherence
| thl | python-html2text
| thm | python-textile, python-jinja, trac-tracnav-plugin, python-demjson
| till | python-flup, python-kid
| timfenn | python-pmw, pymol
| timlau | python-iniparse
| topdog | python-PSI
| toshio | python-TurboMail, python-ruledispatch, python-turbocheetah,
python-kid, python-jinja, TurboGears2, python-decoratortools
| vicodan | TurboGears2
| volter | python-shapely, clusterPy
| vpodzime | python-meh
| wakko666 | certmaster, func
| wcohen | libpfm
| wwoods | python-bugzilla, snake
| yaneti | python-sybase
-Toshio
9 years, 7 months
python-django update to Django-1.6
by Matthias Runge
Hey,
recently, I saw a few requests to update python-django to Django-1.6,
the corresponding bug is [1].
As there are quite a few changes, I'd expect this update to be harmful,
at least
- python-django-openstack-auth
- openstack-dashboard
will break, and won't even build any more (because they also execute
sanity checks during build).
So, the current plan is, to fix both packages upstream and then to
update python-django to Django 1.6 in rawhide. I'd expect this to happen
within the next two weeks and I'd update python-django to Django-1.6
around Dec 16th.
Because of bad timing, we won't have Django-1.6 in f20.
Matthias
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1027766
9 years, 8 months
Strange ssh / openldap linking problem
by Richard W.M. Jones
I'm not sure whether or not this is a bug, but it sure looks strange.
$ rpm -qf /usr/bin/ssh
openssh-clients-6.1p1-6.fc18.x86_64
$ ldd /usr/bin/ssh|grep ldap
libldap-2.4.so.2 => /lib64/libldap-2.4.so.2 (0x00007fad274fc000)
/usr/lib64/libldap-2.4.so.2 is a symbolic link to a symbolic link
which passes through a -devel package.
/usr/lib64/libldap-2.4.so.2 -> libldap.so # openldap-2.4.34-1.fc18
/usr/lib64/libldap.so -> libldap-2.4.so.2.9.0 # openldap-devel-2.4.34-1.fc18
/usr/lib64/libldap-2.4.so.2.9.0 is a real file # openldap-2.4.34-1.fc18
To cut a long story short, I fixed this by uninstalling openldap-devel
and reinstalling it. Now there is no -devel package in the chain:
$ ldd /usr/bin/ssh | grep ldap
libldap-2.4.so.2 => /lib64/libldap-2.4.so.2 (0x00007fe8caf69000)
/lib64/libldap-2.4.so.2 -> libldap-2.4.so.2.9.0
I'd like to understand how the original situation happened, because it
broke a supermin-built appliance (RHBZ#954185). I assume ldconfig
must have something to do with it. There is nothing unusual in the
%scripts of openldap (it just runs ldconfig as you'd expect), nor is
there any special openssh/openldap config file in /etc/ld.so.conf.d.
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
virt-df lists disk usage of guests without needing to install any
software inside the virtual machine. Supports Linux and Windows.
http://people.redhat.com/~rjones/virt-df/
9 years, 8 months
