A proposal for Fedora updates
by Bojan Smojver
Hi there,
I've been a bit perplexed by the Fedora updates recently (talking about
F-21 specifically). Many of them appear to be obsolete the moment they
hit stable, sometimes even testing.
Take the kernel, for instance. 3.19.2-201.fc21 replaced the previous
build in bodhi on the 24th. It is still not in testing as I'm writing
this (although the updates system says it is). Take Firefox. Submitted
on 23rd, took 3 days to appear anywhere where "regular" folks can test
it (which is actually stable). Then there are updates (e.g. dovecot)
that have been built in koji, but appear nowhere, probably because
person that built it forgot to submit it.
Can we create a fedora-updates-newbuild repo or something, which would
have a different key used for signing (i.e. not the one where a human
does the signing) and could be accessed using yum pretty much
immediately after the build has been created and flagged to go into this
repo if it succeeds?
So, something like:
fedpkg build --push-to-newbuild
Stoopid? Irrelevant? Exists but I'm not aware of it?
--
Bojan
8 years, 5 months
hardening breaks X.org
by David Airlie
So the rebuild to use hardened builds by default in rawhide, broke X.org.
Thanks guys, my system is more secure, but I can't run any apps.
Anyways enough snark from me, the problem seems to be that hardening
makes bind now override RTLD_LAZY options, and the X server relies
on the RTLD_LAZY on its drivers being lazy.
So should I
a) turn off hardened builds for all Xorg server/driver packages?
b) or is there a way to get partial relro back?
Dave.
8 years, 5 months
Texlive packaging (Was: A proposal for Fedora updates)
by Jindrich Novy
> On 03/27/2015 05:22 PM, Kevin Fenzi wrote:
> >* However, I'll note that the recent texlive updates were security as
*> >* well. ;)
*>
> If texlive packaging is causing issues with update pushes, could maybe
> ask the texlive maintainers to rework the packaging?
TeXLive packager says: No, sorry.
Kevin states that sigul lockups while running in batch mode so manual
action is needed for builds with many subpackages. This is the root cause.
Fixing sigul and releng tools sounds like much better way of dealing
with such issue than "Our broken tools don't scale so let's
repackage every bigger package to workaround it."
>
> Right now texlive has a 16 MB (!) spec file, producing a total of 5160
> binary rpms each build.
What's wrong with it? It is autogenerated, you are not supposed to touch
the spec file directly but edit texlive.spec.template and regenerate the
spec file by tl2rpm. All subpackages are generated with correct dependencies
(at least according to upstream metadata) and packages with wrong non-free
licences are excluded from build automatically.
Yes, all this is done automatically. Good luck doing that by hand for 5160
CTAN packages with every update from CTAN.
If YUM metadata size is in question then it might make sense to have a mechanism
of non-monolythic metadata in place, i.e. transactions not requiring TeX Live
shouldn't download TeX Live's metadata. I'm sorry, I'm not a releng person.
TeXLive itself has not been updated for quite long time because of compilation
error:
gcc -DHAVE_CONFIG_H -I. -I../../../texk/web2c -I./w2c
-I/home/jnovy/rpm/BUILD/texlive-2014/source/work/texk
-I/home/jnovy/rpm/BUILD/texlive-2014/sourc
../../../texk/web2c/luatexdir/lua/lepdflib.cc: In function 'int
l_new_Attribute(lua_State*)':
../../../texk/web2c/luatexdir/lua/lepdflib.cc:186:58: error: no
matching function for call to 'Attribute::Attribute(const char*&,
int&, Object*)'
uout->d = new Attribute(n, nlen, (Object *)uobj->d);
^
../../../texk/web2c/luatexdir/lua/lepdflib.cc:186:58: note: candidates are:
In file included from /usr/include/poppler/StructTreeRoot.h:20:0,
from ../../../texk/web2c/luatexdir/image/epdf.h:51,
from ../../../texk/web2c/luatexdir/lua/lepdflib.cc:22:
/usr/include/poppler/StructElement.h:77:3: note:
Attribute::Attribute(const char*, Object*)
Attribute(const char *name, Object *value);
which prevents me from building it properly for couple of months now.
Now for something completely different. Why it is hard to reduce granularity
of TeX Live distribution. TeX Live consists of the following levels of packaging
abstractions:
Schemes consisting of Collections consisting of CTAN packages. Schemes
depend on Collections
and they depend of particular CTAN packages. Now, CTAN packages in
Collections do overlap as
well as Collections in Schemes do overlap so the only solution is to
have CTAN packages packaged
separately and define all dependencies via Scheme and Collection meta
packages. This is roughly
how it is done now.
Entropy never decreases and we need to deal with it.
Jindrich
8 years, 5 months
hibernation support - lack of distro-wide coordination between systemd, dracut, anaconda, pm-utils and maybe more?
by Till Maas
Hi,
it seems to be that me have a major problem of core package maintainers
coordinating features in Fedora.
See for example:
https://bugzilla.redhat.com/show_bug.cgi?id=1174945
There the problem is, that dracut runs a fsck check before deciding
whether to resume. This can result in a big file system corruption,
since the kernel had a different idea of the file system state after
resuming from hibernation that there really is. The problem has several
core players that do not seem to communicate:
- dracut which uses systemd and showed this problem in F21 (I did not
notice it in F20)
- systemd:
- might have changed things in F21 to break resuming
- Does only parse the kernel command line, does not parse the
options that dracut gathers from the system during initramfs
generation
- provides hibernation support via "systemctl hibernate", which is
also what pm-hibernate does (why do we have two tools for the same
core task?)
- anaconda, which does not add a resume= kernel command line option when
installing a system
Therefore please coordinate with others if you maintain a key component
for a core distribution feature and look for other items that need to be
adjusted.
Regards
Till
8 years, 5 months
F21 Self Contained Change: Replace Bacula with Bareos
by Jaroslav Reznik
= Proposed Self Contained Change: Replace Bacula with Bareos =
https://fedoraproject.org/wiki/Changes/Bareos
Change Owner(s): Simone Caronni <negativo17 at gmail.com>
The powerful Bacula network backup solution has switched from being Open
Source friendly to being almost closed source. Originally the project was
conceived totally as Open Source, but since the creation of Bacula Systems and
its proprietary Bacula Enterprise Edition product, the Open Source (now called
"Community Edition") has received less and less updates and is mostly
abandoned.
== Detailed description ==
The most important points that are left "abandoned" are the following:
* Installation scripts and updates to makefiles are not updated anymore.
* New plugins and functionalities are not added anymore, except those in the
"core" daemons.
* Gaphical (and buggy) console has not received any update in almost two
years.
* Patches and bugs opened in the bug tracker are mostly left abandoned. Even
trivial fixes are not imported in the source.
* Windows binaries are no longer provided, nor the source for the clients has
been updated. Even if compiled with difficulties, there is no support for recent
Windows versions.
A former Bacula developer, frustrated by the situation created the fork Bareos
a long time ago from Bacula 5.2.x (the current Fedora and RHEL 7 version).
This version has now received '''a lot of bugfixes''' compared to the original
Bacula source. This makes compilation and installation a lot easier than it
was with Bacula.
On top of this, a '''lot of new features''' have been added; some unique to
Bareos but many available only in the closed source Bacula Enterprise.
Here is the list of new features compared to the current Bacula 5.2.13:
* http://www.bareos.org/en/whats_new.html
Some highlights include NDMP support for enterprise class storage (NetApp,
etc.), support for enterprise class tape libraries and Windows support
(including Windows Server 2012) with Bareos generated binaries.
For further details on why a Bacula fork was created please look at the
following links:
* http://www.bareos.org/en/faq/items/why_fork.html
Bareos can also be '''fully compatible with Bacula''' by setting a specific
configuration directive in the Daemon configuration files; thus providing the
option for RHEL 6/7 users to interoperate with Fedora systems.
* http://www.bareos.org/en/faq/items/bareos_bacula_compatibility.html
== Scope ==
To accomplish the goal, the following Bacula packages need to be replaced with
Bareos equivalents:
bacula
bacula-docs
Currently, the same Fedora packages can be rebuilt as they are, to work also
on CentOS/RHEL 5 and 6, upgrading the EPEL or official Bacula packages in the
distributions. This is to have a consistent backup infrastructure across all
the Fedora/CentOS/RHEL ecosystem.
To ease installation, a repository for installing those packages on a
CentOS/RHEL system do exist:
http://repos.fedorapeople.org/repos/slaanesh/bacula/README.txt
The idea is the same for Bareos: import into Fedora 21 packages that can be
rebuilt for all supported Fedora/RHEL/CentOS releases and provide a repository
that can upgrade any Bacula release currently installed in the system with the
new one. In detail; the upgrade scenarios supported when going from Bacula to
Bareos would be:
From Bacula 2.4:
* RHEL/CentOS 5 with EPEL repository
From Bacula 5.0:
* RHEL/CentOS 6
From Bacula 5.2.13:
* Fedora 18+
* RHEL/CentOS 5
* RHEL/CentOS 6
As written before, the change is impacting only Fedora 21, the list of
upgrades supported are only for users who want a consistent backup solution
across the enterprise.
=== External activities ===
Proposal owners: I'm the current Bacula mantainer in Fedora and will complete
the transition in time for the release.
Other developers: N/A (not a System Wide Change)
Release engineering: the release engineering team should make sure the new
Bareos packages are in place instead of the current Bacula packages for the
new release.
Policies and guidelines: N/A (not a System Wide Change)
_______________________________________________
devel-announce mailing list
devel-announce(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce
8 years, 5 months
Quick C++ question for C++ experts :)
by Paulo César Pereira de Andrade
Is this expected to not compile with -fno-implicit-templates?
---%<---
$ cat test.cc
#include <string>
std::string test(int i)
{
std::string t;
std::string s = "(";
t = "";
for (int r = i; r; r>>=1) {
if (r & 1)
t = "1" + t;
else
t = "0" + t;
}
s += t;
s += ")";
return s;
}
int
main(int argc, char *argv[])
{
std::string s = test(16);
return 0;
}
$ g++ -fno-implicit-templates test.cc
/tmp/ccai7t5T.o: In function `test(int)':
test.cc:(.text+0x9d): undefined reference to
`std::__cxx11::basic_string<char, std::char_traits<char>,
std::allocator<char> > std::operator+<char, std::char_traits<char>,
std::allocator<char> >(char const*, std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&)'
test.cc:(.text+0xd9): undefined reference to
`std::__cxx11::basic_string<char, std::char_traits<char>,
std::allocator<char> > std::operator+<char, std::char_traits<char>,
std::allocator<char> >(char const*, std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&)'
collect2: error: ld returned 1 exit status
---%<---
I am trying to fix a package, but it is documented to
require -fno-implicit-templates and instantiate templates
in one of the sources, but it instantiates templates for
its own types.
Thanks,
Paulo
8 years, 5 months
Time sync
by Colin Walters
Hi,
Since http://lists.freedesktop.org/archives/systemd-devel/2015-March/029482.html
systemd-timesyncd can be enabled in more places. (That change isn't in F22 now
but could be backported easily). Looking at the state
of things here, there was a previous discussion on the desktop list:
https://lists.fedoraproject.org/pipermail/desktop/2014-September/010751.html
>From an Atomic Host perspective,
systemd-timesyncd now looks fairly equivalent to chrony, and is 140k
that's already shipped. (Though if systemd didn't do internal static
linking that'd likely be noticeably smaller...anyways, the packaging of
systemd is a separate discussion).
Anaconda looks like it only supports chrony. Although,
it seems weird that Anaconda itself is doing the bridging of DHCP
NTP servers to chrony config - seems like something to fix in
NetworkManager itself so that it knows how to copy configuration
acquired at install time to the target.
And even then, it seems like we could get away with not setting
the NTP servers persistently from the DHCP lease acquired at
install time, and instead just rely on NM/systemd-networkd to
set them when the system boots again, right?
This however would require NetworkManager -> timesyncd
integration. Filed that as
https://bugzilla.gnome.org/show_bug.cgi?id=746911
It appears to me that at least Fedora Server has ntp installed
but not running, which (looks) is due to freeipa-client having
a Requires: on ntp. Which came from
https://fedorahosted.org/freeipa/ticket/2974
Besides gnome-control-center then, I guess the switch of
systemd-timedated to only supporting systemd-timesyncd
impacts FreeIPA too.
But it wouldn't seem that hard for gnome-control-center and
freeipa-client to grow minimal awareness of how to use
systemd-timesyncd's dbus api to set the server.
Currently I'm leaning towards enabling systemd-timesyncd by default
for Atomic Host at least, but sending this mail to get a discussion
across the products.
8 years, 5 months
