recent rawhide/branched compose issues
by Kevin Fenzi
Greetings.
Astute followers of rawhide/branched composes will note that we haven't
had to many of them recently that finished successfully. ;(
As of this email the last rawhide one was 2016-08-12 (7 days ago) and
the last branched one was 2016-08-16 ( 3 days ago).
This has various anoying and ill effects:
* The next branched that actually finishes will be 100% signed, but the
one thats on mirrors now from the 16th is not.
* The failing composes still always send the broken deps emails, which
means when we run several composes a day to try and fix things people
will get a bunch of duplicate emails. There's a proposed fix for
this, hopefully landing after alpha so only successfull composes will
send emails.
* Testing out proposed fixes takes a really long time. ;(
The causes for this are several. ;(
* pungi now has the ability to tell when release blocking artifacts are
not successfully composed and fail the entire compose. This means
that in the past we would have had a partial mostly compose, now we
would not get anything.
* The bug where sometimes, seemingly randomly live composes fail has
become more common, and when it hits KDE or Workstation the compose
fails (see above). https://bugzilla.redhat.com/show_bug.cgi?id=1315541
* There is some issue with the arm composers or rawhide that causes
them to get stuck in I/O wait and never finish composing images. We
have been trying to isolate if this is a kernel issue, userspace on
the builders or rawhide in the chroot. (no bug yet as we aren't sure
where to file it yet).
* On branched the cloud images are/were failing to compose with little
in the way of logs. Since they are release blocking, see first point.
https://bugzilla.redhat.com/show_bug.cgi?id=1365661
Anyhow, thats where we are... we are working on all these issues and
hopefully we can get things rolling again.
kevin
7 years, 9 months
Fedora 24: Call for testing: ca-legacy disable
by Kai Engert
Hello, I'm the maintainer of the ca-certificates package.
Could you please help to confirm that the following system configuration change
doesn't cause any regressions for your use of the Internet?
ca-legacy disable
# (needs to be executed with root permission)
If you see any issues with SSL/TLS connections after this change, please try to
go back to the default configuration, by executing
ca-legacy default
then restart the software you were using, and try your connection again.
If "ca-legacy default" makes it work again, then please let me how I can
reproduce the connection that fails for you in "ca-legacy disabled" mode.
(... either by sending an email, or by commenting in the following tracker bug:
https://bugzilla.redhat.com/show_bug.cgi?id=1368522 )
Background: I'd like to disable the legacy CAs by default in Fedora 25, which I
believe is safe. Your testing will help to confirm that. In the past, the
special configuration was introduced because of limitations in older software
versions. In the meantime, all known limitations have already been fixed in the
software we ship with Fedora 24. The change will increase security, because it
will allow us to remove trust for older root CA certificates with weaker key
sizes.
If you'd like to know more what the ca-legacy tool does:
- man ca-legacy
- https://fedoraproject.org/wiki/CA-Certificates
Thanks for your help!
Kai
7 years, 9 months
Fedora 25 Alpha Release Readiness Meeting, Thursday, August 18 @
19:00 UTC
by Jan Kurik
Join us on irc.freenode.net in #fedora-meeting for the Fedora 25 Alpha
Release Readiness Meeting meeting.
The meeting is going to be held on Thursday, August 18, 2016 19:00
UTC. Please check the [FedoCal] link for your time zone.
We will meet to make sure we are coordinated and ready for the Alpha
release of Fedora 25 on Tuesday, August 23nd, 2016. Please note that
this meeting is going to be held even if the release is delayed at the
Go/No-Go meeting on the same day two hours earlier.
You may received this message several times, but it is by purpose to
open this meeting to the teams and to raise awareness, so hopefully
more team representatives will come to this meeting. This meeting
works best when we have representatives from all of the teams.
[FedoCal] https://apps.fedoraproject.org/calendar/meeting/4486/
More information available at:
https://fedoraproject.org/wiki/Release_Readiness_Meetings
Thank you for your support and Regards, Jan
--
Jan Kuřík
Platform & Fedora Program Manager
Red Hat Czech s.r.o., Purkynova 99/71, 612 45 Brno, Czech Republic
_______________________________________________
devel-announce mailing list
devel-announce(a)lists.fedoraproject.org
https://lists.fedoraproject.org/admin/lists/devel-announce@lists.fedorapr...
7 years, 9 months
Re: Testing request: AMD chipset kernel issue
by Adam Williamson
On Thu, 2016-08-18 at 17:13 -0300, Fernando Cassia wrote:
> On 8/18/16, Adam Williamson <adamwill(a)fedoraproject.org> wrote:
>
> >
> > There is a bug nominated as a Fedora 25 Alpha blocker:
> >
> > https://bugzilla.redhat.com/show_bug.cgi?id=1367321
> >
> > on affected systems, it prevents boot entirely, which is obviously
> > pretty bad. But we're not sure yet how many systems would be affected
> > by the bug. So we're looking for more feedback.
> >
> > If you have a system with an AMD processor which you are OK with doing
> > an install to, can you please download any recent Fedora 25 image -
> > e.g.
> >
> > https://kojipkgs.fedoraproject.org/compose/branched/Fedora-25-20160816.n....
>
> It's depressing to hear that devs are using Intel-only systems and not
> a single AMD one.
> Really.
I suppose it would be, but I didn't say that, so I'm confused as to
where you think you're hearing it.
> I thought Linux supporters were among the most conscious wrt diversity
> and competition ...
>
> https://www.ftc.gov/news-events/press-releases/2009/12/ftc-challenges-int...
>
> (btw: AMD E2 APU here, also an old Opteron, but both systems have
> their own OSs and I'm not sure I have space or extra HDDs to attempt a
> fresh install ATM. I will however attempt to test, is it required to
> install? or just booting from LiveCD would trigger it?)
The reporter says that just booting the live CD doesn't trigger the
bug, it only happens on boot of the installed system.
7 years, 9 months
Re: RFC: Round 2 review of Fedora Docker Layered Image Guidelines
by Tomas Tomecek
Quoting Adam Miller (2016-05-31 19:12:47)
> Hello all,
> I had previously sent out a RFC email about a month ago asking for
> feedback on the Fedora Docker Layered Image Guidelines[0].
>
> I was asked by FESCo to start a new thread so that this can be
> discussed further on the devel mailing list before we discuss it in
> FESCo. Therefore if there are any requested items from the original
> email thread that would like to be revisited, please bring them up
> here.
>
> Beyond that, my main question to everyone beyond the discussions we
> had previously is: Is there any interest in forming a Fedora Container
> Packaging Committee (I'm not married to the name, apply whatever color
> of paint to that bikeshed) just as we have the Fedora Packaging
> Committee?
>
> Links of interest also in the first thread[1][2][3][4]
>
> [0] - https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.o...
> [0] - https://fedoraproject.org/wiki/Changes/Layered_Docker_Image_Build_Service
> [1] - https://fedoraproject.org/wiki/PackagingDrafts/Containers
> [2] - https://fedoraproject.org/wiki/PackagingDrafts/Package_Review_Process_wit...
> [3] - https://fedoraproject.org/wiki/Draft/Packaging:DockerLayeredImageNamingGu...
> [4] - https://fedorahosted.org/fesco/ticket/1573
> --
> devel mailing list
> devel(a)lists.fedoraproject.org
> https://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org
Glad you mentioned this on your Flock talk.
# My feedback
* "FIXME Naming guidelines for containers?"
* It would be nice if Fedora followed definition in [1].
* "Wait for someone to review your Dockerfile!"
* I would say that the whole submission should be reviewed: Dockerfile,
configuration files and scripts.
* Guidelines suggest to use "BZComponent" but upstream label guidelines mention
"com.redhat.component"; I would suggest using the latter one (disclaimer: I
participated actively in the early history of changes in the label name, am
quite surprised it's still not sorted out -- not blaming anyone)
* "Content"
* "Dockerfiles in Fedora should not contain net new code"
* Are scripts, used as "CMD", new code? I'm asking because these could be
pretty complex
* Is the sample Dockerfile what every container image maintainer should start
with? (my point is "FROM" and "MAINTAINER" instructions since these are not
precisely described)
* How about `dnf update -y`, is this best practise? Container best practises
somewhat imply it shouldn't be used.
I gotta say I like the guidelines. They are short, straightforward, they mention
important sources: container best practises, project atomic label guidelines,
upstream documentation, etc. I'm pretty sure they will evolve over the time --
it's not possible to figure everything out in the beginning. Especially when the
ecosystem is changing so frequently.
One follow up question to your talk:
You mentioned that it's planned to migrate Fedora-Dockerfiles [2] from github to
dist-git. Will all of these go through review process? I would like to
participate.
[1] https://github.com/projectatomic/ContainerApplicationGenericLabels/blob/m...
[2] https://github.com/fedora-cloud/Fedora-Dockerfiles
Well done Adam! Can't wait to have official fedora-based docker images!
(I'm sending this second time b/c it looks like that the first e-mail
haven't arrived to fedora-devel)
~~
Tomáš Tomeček
Engineer @ RHEL Next Generation
UTC+2 (CEST)
7 years, 9 months
Schedule for Thursday's FPC Meeting (2016-08-19 16:00 UTC)
by James Antill
Following is the list of topics that will be discussed in the FPC
meeting Thursday at 2016-08-19 16:00 UTC in #fedora-meeting-1 on
irc.freenode.net.
Local time information (via. rktime):
2016-08-19 09:00 Fri US/Pacific PDT
2016-08-19 12:00 Fri US/Eastern EDT
2016-08-19 16:00 Fri UTC <-
2016-08-19 17:00 Fri Europe/London BST
2016-08-19 18:00 Fri Europe/Paris CEST
2016-08-19 18:00 Fri Europe/Berlin CEST
2016-08-19 21:30 Fri Asia/Calcutta IST
------------------new day----------------------
2016-08-20 00:00 Sat Asia/Singapore SGT
2016-08-20 00:00 Sat Asia/Hong_Kong HKT
2016-08-20 01:00 Sat Asia/Tokyo JST
2016-08-20 02:00 Sat Australia/Brisbane AEST
Links to all tickets below can be found at:
https://fedorahosted.org/fpc/report/13
= Followups =
#topic #558 Application/Library distinction and package splitting
.fpc 558
https://fedorahosted.org/fpc/ticket/558
#topic #566 RPM file triggers
.fpc 566
https://fedorahosted.org/fpc/ticket/566
#topic #610 Packaging guidelines: Check upstream tarball signatures
.fpc 610
https://fedorahosted.org/fpc/ticket/610
= New business =
#topic #645 Clarify policy on obsoleting non-directly-replaced packages
.fpc 645
https://fedorahosted.org/fpc/ticket/645
= Open Floor =
For more complete details, please visit each individual ticket. The
report of the agenda items can be found at:
https://fedorahosted.org/fpc/report/13
If you would like to add something to this agenda, you can reply to
this e-mail, file a new ticket at https://fedorahosted.org/fpc,
e-mail me directly, or bring it up at the end of the meeting, during
the open floor topic. Note that added topics may be deferred until
the following meeting.
7 years, 9 months
