For those who aren't familiar, QEMU actually provides two completely
different sets of emulators
- system emulators - they emulate a full virtual machine and thus run
a full guest OS.
- user emulators - they emulate the Linux userspace ABI letting you
run non-native arch executables directly.
The user emulators are what I'm concerned with in this mail, so ignore
the system emulators.
Currently all the user emulators are provided in the "qemu-user" RPM
which also includes files in /usr/lib/binfmt.d to register each emulator
binary as a binary format handler for its respective architecture.
This is ok if you have a non-native arch binary that's statically linked
and you just want to run it from context of your main OS root filesystem.
Running dynamic linked binaries won't fly because if say running an arm
binary on x86_64 host, it'll look for /lib/libc.so and find the i386 one,
instead of the arm one. You can't set LD_LIBRARY_PATH to override this
as the env var will apply to both qemu-arm (an x86_64 binary) and the
binary it is trying to run (an arm binary).
More typical though is that you have a directory containing an fullish
install tree of a non-native architecture and you just want to chroot
into that. When doing such a chroot, the qemu-$ARCH emulator must be
present inside the chroot too. ie the x86_64 build of /usr/bin/qemu-arm
must be present inside at /my/chroot/for/fedora-arm/usr/bin/qemu-arm.
So again you have the potential problem of clashing libc.so in /usr/lib
It is a shame Fedora doesn't have full multi-arch support, instead of
merely multi-lib to avoid these clashing lib dirs across architecture
The recommended way to deal with this for the qemu user emulator binaries
to be statically linked, so when copied inside the non-native arch chroot,
they never need to resolve any native arch libraries. Fedora's qemu user
binaries are all dynamic linked right now.
Debian handles this by having several packages 
- qemu-user - the dynamic linked qemu user binaries
- qemu-binfmt - binfmt rules registering the dynamic linked binaries
- qemu-user-static - the static linked qemu user binaries *and* binfmt
rules to register them. The static binaries all
have -static suffix on their name
NB, this means qemu-binfmt and qemu-user-static are mutually exclusive
since they both provide the same binfmt files. You can however have both
qemu-user and qemu-user-static installed as their binary names won't
clash, and in this case the static ones will be registered as binfmts
This nice thing about this multiple package approach is that when you
copied the x86_64 build of the "qemu-arm-static" binary into your arm
chroot, you still then have the possibility of installing the arm build
of the "qemu-arm" binary inside that chroot without filename clash.
An alternative simpler approach would be to just have one package,
qemu-user, which contains the static binaries and never ship any
dynamic linked qemu user binaries. This is slightly more restrictive
though, as explained in the previous paragraph, so I'd like to avoid
I'd like to make using non-native arch chroots simple with Fedora without
people needing to manually build their own static QEMU binaries, or download
static binaries provided by another distro. So I'm suggesting to make a
change to Fedora qemu packages to essentially copy the way Debian has done
things. Specifically I will
- Pull the binfmt registration files out of qemu-user and into a
new qemu-binfmt package which depends on qemu-user.
- Add static builds of qemu user emulators to a new qemu-user-static
package, along with binfmt registration files
The static build of QEMU user emulators is moderately light on
dependancies, only requiring glib2-static, pcre-static, zlib-static
and glibc-static packages.
The change to introduce a qemu-binfmt package has small upgrade
implications since anyone with qemu-user installed today, will loose
the binary format rules unless they manually install qemu-binfmt. I
think the number of people affected is probably quite small, and some
of them may well wish to use qemu-user-static instead anyway.
Obviously this would only be done in rawhide, not any existing stable
releases of Fedora.
Nothing will change about the rest of QEMU packaging - ie all system
emulators will continue to use dynamic linking
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
Kernel 4.9 was officially released yesterday, December 11. This kernel is
being built for rawhide today. The plan for bringing this kernel into
F24/F25 is going to follow roughly the same schedule as in the past.
This means pushing the new rebase when we think it's stable enough.
In the past, this has happened around the .2 stable release (so 4.9.2
in this case). Given the holidays, this won't be happening until 2017
but we'll be monitoring closely. I'll update with more information
once it gets closer. As always, please let us know if you have any
On Wed, Dec 21, 2016 at 12:18 AM, Miro Hrončok <mhroncok(a)redhat.com> wrote:
> Hi all,
> We've recently tried to rebuild all Python packages with Python 3.6.
> However, we currently have bunch of packages that simply fail to build.
> As the list contains >200 packages, it would be very helpful, if you
> (package maintainers) could help us solve the issues, as we cannot go one by
> one to investigate the issue.
> I've attached the list of failed packages (failed.txt). You can search Koji
> to find out, what went wrong. Sometimes, it's just missing dependency. That
> dependency should be on this list as well. If it is not, maybe we lost it,
> please tell us if that's the case. Maybe the dependency is circular and
> something needs to be bootstrapped. If you need provenpackager powers, let
> me know.
I've fixed python-smartcols and python-behave..
Attaching current rawhide/koji packages which depend on python 3.5
instead of 3.6 still.
Now that Fedora 25 is out of the door, I'd like to start a discussion about the future of officially-supported (meaning rigorously tested) optical media for future Fedora releases. Since I'm QA, I'm mainly interested in changes to our release criteria .
Let's start by saying I'm not asking for completely dropping optical media support. Even though hardware incapable of booting from USB is getting increasingly rare, I understand that there are still valid use cases from optical media, like pressing a bulk of DVDs for a very small price and handing it out at events or sending them into developing countries (that's how I started with Linux, after all, ~15 years ago). However, the world has moved on since then, I wonder whether some changes in decreasing the importance of optical media could be appropriate. All of that is, of course, motivated by trying to spend QA time more effectively. You can see the current coverage e.g. in this table , overall we burn 6 DVDs and perform 12 optical installation (BIOS + UEFI) for every release candidate published. We allow non-complete (yet still substantial) coverage for Alpha and Beta, but 100% coverage for Final for each candidate compose. That is quite time consuming, both burning and installation from optical media take a long time, it requires bare metal testing, and we can't use the machines for anything else during that time.
So, I wonder whether Fedora as a project thinks about de-emphasizing optical media a bit, and if it does, I'd make appropriate changes even in our QA processes. Here are a couple of ideas that I consider could be likely to happen in future Fedora releases.
Idea #1: Do not block on optical media issues for Alpha and Beta releases
In my guesstimation, the intersection between people able and willing to test pre-releases and people not able to boot from USB or PXE is getting very small. My reasoning for this is:
a) PCs unable to boot from USB are becoming rare. They are probably only (or mostly) very old i386 machines.
b) Users testing pre-releases usually have above-average technical skills and/or are technical enthusiasts, who tend to own newer hardware.
c) We now have Fedora Media Writer for all major operating systems, which can burn the image onto a flash drive with a nice simple user interface, so even people who can boot from both optical drive and USB and used to prefer optical drive (because it was simpler for them) should be covered now with our super-easy USB writing tool.
Implementing this idea doesn't mean optical media would immediately get broken for Alphas and Betas. We would still care about such issues (it would be needed for Final, if nothing else) and we would still test it from time to time during the whole cycle (even though not that frequently - we would rely more on community involvement, e.g. similar to alternative architectures). But we wouldn't block the Alpha/Beta release on these issues, just the Final release.
Idea #2: Do not block on optical media issues for Final release for certain flavors/image types (Server, netinst)
This is a bolder variant of the previous idea and can be done separately or combined with it. It makes optical media functionality not guaranteed even for Final release, but just for certain Fedora flavors or image types for which it makes sense (not all of them). Which images to cover, that's the heart of the discussion. If you look into our test matrix again, we currently block on 6 of them:
* Workstation Live + netinst
* KDE Live
* Server DVD + netinst
* Everything netinst
What comes first to my mind is Server (DVD + netinst). My guess is that people don't install Server from optical media, but rather from PXE or USB. I can't imagine installing Server boxes from DVDs. But I'd really like to hear from Server users how this is likely or not. Also, Server is most probably not given away at events. I don't know about sending Server DVDs to the developing world, we can make an inquiry about that.
Second idea would be netinst media. They require good network access, so there's no point in shipping them to developing countries, and I can hardly imagine giving them away at events. They are targeted at more professional audience, which is likely to use more modern hardware. We could make an exception of Everything netinst, which is universal and could be used for cases where Live images don't work (netinst can use text mode in case of severe graphical issues even with safe graphics mode on, or perhaps on ultra-low memory configurations).
What do you think? Does it make sense, or is it too early for such a change?
(CCing test list, but let's keep the discussion in a single list only, i.e. devel)
While checking out the SPEC file of python, it seems there were some packages that, while separate at some point, they got included in python's stdlib and then obsoleted as standalone packages (thus to cope with the change, python was obsoleting these packages and providing them as well in the SPEC). So every package that currently (Build)Requires any of these packages will essentially drag python with it.
I will remove these provides soon, since the packages were orphaned long time ago, but the packages that still require them, will need to be fixed and (Build)Require python instead.
Here is a github commit with these changes from a testing repo:
And a list of the provided packages and the affected ones
Depending on feedback here I will follow (or not) the mass bug filling procedure so maintainer fix their packages.
The reasoning behind this change, at the current time, is that I intent to rename python to python2 soon, which will lead to a re-review of python, so at the moment trying to have things as clear and consistent as possible. Plans for that change is only for rawhide (although it would be nice for f25 as well).
Associate Software Engineer
Python Maintenance Team, Red Hat
As previously announced, releng has made a number of changes as part of
it's 2016 "flag day".
All package maintainers will want to make sure they have updated to
following package versions (some may be in testing as of this email):
Please also see the following links for up to date information:
The following changes were made:
* koji and the source lookaside were changed to use kerberos
instead of ssl certificates. All maintainers will need to:
to get a valid kerberos TGT and be able to authenticate to koji and
the lookaside upload cgi.
See the general kerberos information at:
for more details.
Additionally, via GSSAPI many browsers allow you to seamlessly login
to any of our ipsilon using applications simply by clicking on the
button ( bodhi, fedorahosted trac, elections, fedocal, mailman3, etc)
* koji now uses a well known cert for https.
* pkgs.fedoraproject.org now redirects to https://src.fedoraproject.org
that uses a well known cert. Please correct any links you use to use
https://src.fedoraproject.org for packages spec and patch files.
* rawhide builds now land in the f26-pending tag, where they are signed
added to the f26 tag for compose in the next rawhide compose. This
rawhide packages to be fully signed as well as a point where automated
can take place in the future.
* packages "sources" files now use sha512 by default instead of md5.
You will need the fedpkg update in order to create and use these new
Questions or concerns as always welcome at #fedora-admin on
or tickets at https://pagure.io/fedora-infrastructure.
devel-announce mailing list -- devel-announce(a)lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave(a)lists.fedoraproject.org
= Proposed System Wide Change: Golang 1.8 =
* Jakub Čajka <jcajka AT redhat DOT com>
Rebase of Golang package to upcoming version 1.8 in Fedora 26,
including rebuild of all dependent packages.
== Detailed Description ==
Rebase of Golang package to upcoming version 1.8 in Fedora 26. Golang
1.8 is schedule to be released in Feb. Due to current nature of Go
packages, rebuild of dependent package will be required to pick up the
== Scope ==
* Proposal owners:
Rebase golang package in f26, help with resolving possible issues
found during package rebuilds.
* Other developers:
fix possible issues
* Release engineering:
As there is scheduled mass-rebuild, nothing should be required.
* List of deliverables: N/A
* Policies and guidelines: N/A
* Trademark approval: N/A
Platform & Fedora Program Manager
Red Hat Czech s.r.o., Purkynova 99/71, 612 45 Brno, Czech Republic
Any idea what this is about?
To me that looks like a combination of several factors. First of all,
the backtrace generation likely used incorrect debuginfo data because
the backtrace is impossible. Stack corruption is unlikely to yield a
relatively consistent backtrace—iconv and gconv match up, only the nscd
and sunrpc functions in the middle do not make sense.
I got lucky and build ID 25ea1fd961cb2f5a38172614365bd4c1aacb01a6 refers
to the current version of /usr/lib64/gconv/ISO8859-1.so, so I could do
the disassembly manually.
The crash is in the gconv function, at address 0xb50:
b44: 49 39 d5 cmp %rdx,%r13
b47: 72 2a jb b73 <gconv+0x3e3>
b49: 48 89 d3 mov %rdx,%rbx
b4c: 48 83 c0 01 add $0x1,%rax
b50: 0f b6 50 ff movzbl -0x1(%rax),%edx
b54: 48 39 c5 cmp %rax,%rbp
b57: 89 53 fc mov %edx,-0x4(%rbx)
b5a: 75 e4 jne b40 <gconv+0x3b0>
b5c: 41 bb 04 00 00 00 mov $0x4,%r11d
b62: e9 1a ff ff ff jmpq a81 <gconv+0x2f1>
b67: 66 0f 1f 84 00 00 00 nopw 0x0(%rax,%rax,1)
Experimentation with GDB shows that this is in the part which converts
from ISO-8859-1, and it is the load from the input buffer. A crash at
this point is impossible because we have a bounds check in the gconv
implementation framework before this load.
However, iconv (the command) maps the input file, and something is
truncating that file, causing the SIGBUS error. This is just how mmap
works in POSIX, unfortunately.
Is there a way to discover who is submitting these crash reports and
what they are trying to do? I wonder if we should remove the mmap from
the iconv command, so that we would not crash in this case.