Fedora Weekly News Issue 105
by Thomas Chung
= Fedora Weekly News Issue 105 =
Welcome to Fedora Weekly News Issue 105 for the week of October 8th.
http://fedoraproject.org/wiki/FWN/Issue105
In Announcements, we have "The Fedora Fonts SIG is open"
To join or give us your feedback, please visit
http://fedoraproject.org/wiki/NewsProject/Join.
1. Announcements
1. The Fedora Fonts SIG is open
2. Planet Fedora
1. Ontario Linux Fest
3. Marketing
1. Interested in a Fedora Marketing Meeting?
2. Fedora Interview 4
4. Developments
1. Killing Kittens With Yum-updatesd
2. Merging Totem And Totem-xine?
3. SAMBA: The GPLv3 License Dance Begins
4. OpenSceneGraph ExcludeArch Stimulates Koji Notification
Level Request
5. NTFS Resize During Install?
6. gethostby* Users
7. GDM User Creation
8. CDs, DVDs Or Netboot Oh My!
9. YUM Update Memory Issues
5. Fonts
1. New Fedora Fonts Initiative
6. Translation
1. Online Translation Tools
2. Release Notes for F8 Final
7. Infrastructure
1. publictest DNS Entries
2. Storage
3. Memory Upgrades
8. Security Week
1. OpenSSL Security Advisory
2. Air Force to get 'cyber sidearms'
9. Advisories and Updates
1. Fedora 7 Security Advisories
2. Fedora Core 6 Security Advisories
10. Events and Meetings
1. Fedora Board Meeting Minutes 2007-MM-DD
2. Fedora Ambassadors Meeting 2007-MM-DD
3. Fedora Documentation Steering Committee 2007-10-14
4. Fedora Engineering Steering Committee Meeting 2007-MM-DD
5. Fedora Extra Packages for Enterprise Linux Meeting 2007-10-10
6. Fedora Infrastructure Meeting (Log) 2007-10-10
7. Fedora Localization Meeting 2007-MM-DD
8. Fedora Marketing Meeting 2007-10-13
9. Fedora Packaging Committee Meeting 2007-MM-DD
10. Fedora Release Engineering Meeting 2007-MM-DD
[[Anchor(Announcements)]]
== Announcements ==
In this section, we cover announcements from Fedora Project.
https://www.redhat.com/mailman/listinfo/fedora-announce-list
Contributing Writer: ThomasChung
=== The Fedora Fonts SIG is open ===
NicolasMailhot announces in fedora-announce-list[1],
"Last month's consultation showed there was enough possible contributors
and needed work to justify creating a Fedora Fonts Special Interest
Group. To get the ball rolling I've started seeding a Fonts SIG space in the
Fedora wiki[2]."
[1] https://www.redhat.com/archives/fedora-announce-list/2007-October/msg0000...
[2] http://fedoraproject.org/wiki/SIGs/Fonts
[[Anchor(PlanetFedora)]]
== Planet Fedora ==
In this section, we cover a highlight of Planet Fedora - an
aggregation of blogs from world wide Fedora contributors.
http://fedoraproject.org/wiki/Planet
Contributing Writers: ThomasChung
=== Ontario Linux Fest ===
AndrewOverholt points out in his blog[1],
"Yesterday was the first Ontario Linux Fest[2] out by the airport. I
had met one of the organizers at the Red Hat Summit in 2006 and he
contacted me a while ago asking if I'd do a talk on Eclipse. I
accepted and after that things really got rolling; we ended up having
both Eclipse and Fedora booths in the .org pavillion."
[1] http://overholt.ca/wp/?p=88
[2] http://onlinux.ca/
[[Anchor(Marketing)]]
== Marketing ==
In this section, we cover Fedora Marketing Project.
http://fedoraproject.org/wiki/Marketing
Contributing Writer: ThomasChung
=== Interested in a Fedora Marketing Meeting? ===
RahulSundaram reports in fedora-marketing-list[1]
"Now that we have some good amount of interest in marketing Fedora, it
might be a good time to start those meetings again, plan, schedule and
DO important things. I was hoping we could do one coming Oct 13 Saturday
whatever time that is preferable to folks and see what pans out. The
agenda would be come up with a proper marketing plan ahead of the Fedora
8 release. Let me know who is interested and what time would be
appropriate for you."
[1] https://www.redhat.com/archives/fedora-marketing-list/2007-October/msg001...
=== Fedora Interview 4 ===
JonathanRoberts reports in fedora-marketing-list[1],
"Over the past few releases, Fedora has gained a reputation amongst
the various distributions for having some of the best artwork out
there. This time around, responsibility has been handed over entirely
to the community Art Team, and they've done themselves proud! Read on
to find an interview[2] with MairinDuffy. Fedora Art team lead and
previews of some of the key elements belonging to the infinity theme."
[1] https://www.redhat.com/archives/fedora-marketing-list/2007-October/msg001...
[2] http://fedoraproject.org/wiki/Interviews/MairinDuffy
[[Anchor(Developments)]]
== Developments ==
In this section, we cover the problems/solutions,
people/personalities, and ups/downs of the endless discussions on
Fedora Developments.
http://www.redhat.com/mailman/listinfo/fedora-devel-list
Contributing Writer: OisinFeeley
=== Killing Kittens With Yum-updatesd ===
A short, to the point, email from MikeCohler requested[1] information
about how well ''yumupdatesd'' worked and whether it would be in
Fedora 8. JamesAntill responded[2] with the information that the
Fedora 8 package of the same name was completely different one and
should have fixed many problems. He suggested installing it on Fedora
7 machines by using ''yum install yum-updatesd
--enablerepo=development''.
[1] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00497.html
[2] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00517.html
The point about many improvements was echoed[3] by LukeMacken, who
emphasized the improved memory usage. AlecHabig added[4] that the old
cron-based method was available as ''yum-cron'' which led JeremyKatz
to discuss[5] the performance problems caused by anacron on systems
which are not always on. VilleSkyttä was interested in whether
''yum-cron'' was capable of operating in a "download and notify only"
mode and it seemed after intervention[6] from SethVidal that this may
be possible.
[3] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00514.html
[4] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00548.html
[5] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00554.html
[6] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00994.html
Three questions were posed[7] by ArthurPemberton: 1)does
''yum-updatesd'' block ''yum'' and ''pirut''; 2) does the GUI work in
KDE; 3) is there a silent download, interactive-install mode?
JeremyKatz replied[8] that with regard to the first it was not
possible to guarantee correct behavior if multiple transactions
occurred simultaneously. Problems with ''yum-updatesd'' being
deadlocked due to threading had also been sorted out. The latter two
were answered affirmatively.
[7] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00558.html
[8] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00559.html
Arthur clarified[9] that what he had meant was to ask whether it was
possible to have Yum work in a read-only mode to check for updates and
not block other applications. RichardHughes replied[10] that this was
indeed possible with the latest PackageKit, while JeremyKatz
explained[11] that with the current tools it was not possible because
the repodata is changed in place and it could be made inconsistent.
[9] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00563.html
[10] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00571.html
[11] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00568.html
Adding to Jeremy's response to the three questions JoseMatos
confirmed[12] that yum-updatesd worked for him and that ''puplet''
worked fine in KDE. Further discussion with Arthur and LubomirKundrak
revealed[13] different levels of tolerance[14] for the mutual blocking
that each application establishes. Attempts to suggest alternatives by
Lubomir and Arthur[14a] were dissected[15] by SethVidal, with the
sticking point always being that the rpmdb needs to be kept in a
consistent state, which essentially means blocking anything else from
accessing or changing it until transactions are completed.
[12] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00612.html
[13] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00655.html
[14] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00662.html
[14a] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00669.html
[15] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00667.html
TimLauridsen could not see the advantage of gaining a few seconds at
the expense of consistency, and JefSpaleta suggested[16] a way of
killing time (and a kitten) while Yum does its work.
[16] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00849.html
=== Merging Totem And Totem-xine? ===
A proposal[1] from StewartAdam to allow users of the Totem video
player to choose either the GStreamer or Xine backends sought advice
on whether to use the alternatives system or to have the two engines
conflict.
[1] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00476.html
A vote was cast[2] in favor of alternatives by HansdeGoede as it would
allow the mozilla plugin to switch betweent the two. ToshioKuratomi
suggested[3] that one should be picked as the default and a
shell-script and environment variables used to choose which should
run. BastienNocera also liked[4] this idea and mocked-up a sample
script which would allow changing the backend for all applications
simultaneously (instead of allowing each application to choose which
backend to run). He later mentioned[5] that BillNottingham had
suggested that GConf could be used for this purpose.
[2] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00486.html
[3] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00482.html
[4] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00520.html
[5] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00525.html
Although Bastien stated that he did not intend users to see the
feature at all Stewart wondered whether a simple example[6] dialogue
box would be useful. In response to JesseKeating he further
expanded[7] the text which would could be presented to the user. This
opened up the problem of trying to explain to a hypothetical
non-technical user what choices are being presented to them, as
pointed out by PeterGordon(who also corrected Stewart on the
availability of DVD-menu support with Fedora's Xine) and Bastien[8].
[6] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00567.html
[7] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00587.html
[8] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00724.html
=== SAMBA: The GPLv3 License Dance Begins ===
A little while ago the Samba Team announced[1] that all future
releases would occur under the (L)GPLv3 license. SimoSorce
explained[2] on October 3rd that this would affect versions 3.2.0
onwards and hence Fedora 9, but not Fedora 8. Not much was said about
this until six days later when a minor flamefest broke out.
[1] http://lists.samba.org/archive/samba-announce/2007/000122.html
[2] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00126.html
The majority of the ensuing discussion covered two topics. The first,
raised[3] by VilleSkyttä (and which apparently stimulated the other
topic) was that KDE would be seriously affected because ''kdebase''
and ''kdebase4'' were using GPLv2 only. The second was whether this
widely pre-signalled[4] move was something which the Samba Team should
reconsider because of the negative effect it would have other
projects.
[3] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00463.html
[4] http://www.linux-watch.com/news/NS7188736246.html
It appeared[5] that KDE is affected because of its use of
''libsmbclient'' which is linked[6] with the ''kio_smb'' process as
identified by KevinKofler and also that both Nautilus and Konqueror
use libsmbclient. VilleSkyttä noted that gnome-vfs uses libsmbclient
as a module [7] but the licensing is better (LGPLv2, LGPL+, GPL+).
AlexanderLarsson argued[8] that as the smb module runs in a daemon the
module's license does not affect other applications linking to
gnome-vfs. Further discussion with SimoSorce suggested[9] that the
gnome-vfs situation is actually improved vis-a-vis GPLv3 because it
details the use of a generic "Standard Interface". BillNottingham was
still worried, but HansdeGoede pointed out[10] that the daemon license
was LGPLv2 which is GPLv3 compatible. In response to a query from
JefSpaleta it was suggested[10a] by SimoSorce that Evolution may also
be affected by this problem.
[5] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00508.html
[6] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00633.html
[7] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00536.html
[8] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00613.html
[9] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00951.html
[10] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00643.html
[10a] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00595.html
RexDieter confirmed[11] that because of KDE's use of Qt they needed to
wait while Trolltech decided what to do about becoming compatible with
GPLv3. He suggested that SMB support would have to be dropped
temporarily. DanielBerrange suggested[12] that a compat-libsmbclient
could be kept so that KDE3 (which is GPLv2 only), and other potential
software, could link against it while GPLv3 compatible software could
link against the new, relicensed GPLv3 libsmbclient.so. An
alternative is to keep the old GPLv2 libsmbclient.so in a private lib
directory inside the KDE package. LaurentRineau begged for the
retention of SMB functionality and also thought that not changing the
soname could make Daniel's scheme unworkable. However SimoSorce
stated[13] very clearly that the soname would not be changing.
[11] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00512.html
[12] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00516.html
[13] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00539.html
ChrisAdams thought that the soname should change for any incompatible
change and while JefSpaleta agreed[14] because it would help the
Fedora Project contributors to avoid licensing violations. Jef was
careful to recognize the right of Samba to choose whatever license
they saw fit. BillNottingham and "Dragoran" also seemed to advocate
that Samba, as the upstream, should change the soname but
SimoSorce[15] disagreed , pointing out that binary compatibility would
be broken thus complicating upgrades. Simo laid out what he saw as
the likely paths towards resolving the problem and the inutility of
changing the soname.
[14] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00542.html
[15] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00546.html
AndrewBartlett suggested that a depsolver examining License tags would
help but ToshioKuratomi[16] thought this was a separate issue and
restated the problem and its possible solutions, namely: 1) a soname
bump; 2) a static library or private directory for a GPLv2 version; 3)
a rename of the soname. Andrew responded[17] that the maintenance of a
potential compatibility package produced by option #1 was likely to be
a problem. He added that it was disturbing that these problems were
only being raised at this late stage. RahulSundaram responded[18] that
presumably those affected by the licensing had the motivation to
maintain the package and admonished Andrew to the effect that Samba
did not exist in a vacuum and it would take months to transition for
both GNOME and KDE. SimoSorce wasn't impressed with the suggestion
that Samba had acted in a cavalier manner[19] and made a strong case
for the current problem being due to the conscious choice of GPLv2
only by projects who now are not moving quickly enough to fix the
problem.
[16] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00585.html
[17] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00590.html
[18] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00591.html
[19] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00594.html
Rahul introduced another more optimistic scenario[20] which suggested
that some projects are willing to change and just need a bit more
time. The introduction of a compatibility package would, he argued,
ease their transition period. AndrewBartlett characterized this as
"sweeping the issue under the carpet"[21] and suggested that given the
long lead-up to this problem any supposedly temporary measure would
turn into a long maintenance period instead of "[the issue being]
magically resolved later". Rahul wanted to know what was supposed to
happen if Andrew were correct and NicolasMailhot argued[22] that
because Samba users really, really needed the very latest versions
(due to deliberately introduced Microsoft incompatibilities) there was
a strong incentive for dependent projects to get their act together.
He likened the situation to out-of-tree drivers. ChrisAdams
replied[23] to Simo that the MySQL client library provided a precedent
for dealing with the problem in the way which Rahul had suggested.
[20] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00598.html
[21] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00602.html
[22] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00620.html
[23] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00644.html
Frustration was expressed several times throughout the debate with the
Samba Team. MatthiasClasen opined[24] "samba just ignores the problems
that it causes for its dependencies" and RalfCorsepius extended[25]
the discussion to include what he saw as reasons for not choosing
GPLv3 and the "fundamentalism"[26] of the FSF. In turn he was
asked[27] by SimoSorce not to troll and AlanCox cast doubt[28] on his
worries about a German legal interpretation of the "GPLv2 or any
later" licenses. NicolasMailhot simply responded[29] several times
that any project was free to choose any license for their own work,
but when using others' work you had to abide by their license. This
point was later conceded by Ralf.
[24] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00513.html
[25] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00593.html
[26] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00599.html
[27] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00636.html
[28] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00656.html
[29] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00622.html
The wider problem for the Fedora project was outlined[30] by
JefSpaleta, namely that all KDE package maintenance might have to stop
in the lead up to Fedora 9. Andrew replied that building the optional
libsmbclient parts of the KDE4 packages could just be eschewed and
Jeff decided[31] to refer this option to the KDE maintainers.
[30] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00604.html
[31] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00608.html
AndyGreen suggested[32] that perhaps the gstreamer plugins situation
provided a model for a way around the impasse. NicuBuculei
disagreed[33] pointing out that gstreamer concerned patents, not
licenses, and attempting to defer combination of the problematic
software to the end-user would result in a willful violation of the
GPL. KevinKofler saw[34] a similarity to the distribution of
proprietary Nvidia kmods linked against the kernel by third-party
repositories. AndyGreen agreed and detailed[35] how it would work,
and asserted that it "does not violate any terms or intention of the
terms and is nice and clean." This did not appeal to DavidNielsen who
explained[36] the possible dangers inherent in not doing the work to
keep Fedora in possession of a current samba which tracks upstream
closely.
[32] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00615.html
[33] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00619.html
[34] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00871.html
[35] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00937.html
[36] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00972.html
HansdeGoede weighed in[37] to suggest that this was all very
reminiscent of the old issues with QT licensing which had led to the
need for GNOME He suggested that concerned parties should apply
pressure on Trolltech instead of on the Samba Team. OlivierGalibert
helped rake over[38] the cooling, but still warm, embers of distant
GNOME vs. KDE flamefests and AlanCox responded[39] with a mild defence
of the genesis of GNOME.
[37] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00631.html
[38] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00665.html
[39] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00672.html
DavidNielsen's thoughtful response[40] to the problem attributed the
blame squarly to Trolltech and mentioned several undesirable scenarios
ranging from the Fedora Project maintaining a GPLv2-only fork of Samba
to KDE users missing out on the latest Samba features. ToshioKuratomi
responded[41] that while largely in agreement with the possible
solutions he would prefer to see the actual KDE maintainers make any
decisions on the topic as they would be the ones responsible for the
work. Toshio introduced the amusing extra option of porting kio_smb
to gnome-vfs.
[40] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00672.html
[41] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00993.html
=== OpenSceneGraph ExcludeArch Stimulates Koji Notification Level Request ===
An upset ChristopherStone complained[1] that package maintainers
dependent on OpenSceneGraph had not been informed by its maintainer
(RalfCorsepius) when he used an ExcludeArch: ppc64. Christopher asked
whether there was a requirement when using ExcludeArch to file a
blocking bug. (See FWN#104[2], FWN#103[3], FWN#90[4] for earlier
discussions.)
[1] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00437.html
[2] "ExcludeArch Packaging Bug Resolved For 'gnome-python2-extras'"
http://fedoraproject.org/wiki/FWN/Issue104#head-3b9b839930664f057d317b6fb...
[3] "Xulrunner"
http://fedoraproject.org/wiki/FWN/Issue103#head-2fff99f986572a5fb6ab8af50...
[4] "Fedora Secondary Architectures Proposal"
http://fedoraproject.org/wiki/FWN/Issue90#head-271f52b8e5603cd40d00d7c44e...
MichaelSchwendt replied with evidence[5] that Ralf had indeed followed
the mandated procedure of placing the bug number in the spec file as a
comment next to the ExcludeArch line. Ralf wondered[6] what all the
fuss was about anyway because OSG had never been supported on Fedora 7
ppc64, and Fedora Core 6 had never had any ppc64 support at all. Chris
replied[7] that Ralf should not worry about it and he had merely been
surprised when his builds failed. JesseKeating added the correction[8]
that there had been a mass rebuild by release engineering for ppc64
and apologized for not communicating this.
[5] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00444.html
[6] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00462.html
[7] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00464.html
[8] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00472.html
While admitting[9] that he had missed the notification Christopher
reiterated that there should be a better way of doing this. He
suggested that there should be some way for a maintainer to email
notifications to each package maintainer who BuildRequires their devel
package. ToddZulinger replied[10] that there were a very limited
number of people with the knowledge of the infrastructure tools
(bodhi, koji, etc) and spare time. He suggested[11] that Christopher
could add a notification in Koji so that he would be alerted each time
a package he depended on was changed. Christopher liked[12] the idea
of a checkbox in Bodhi to do this and wondered if it was just a matter
of a simple SQL query. ToshiKuratomi replied[13] that the PackageDB
does not currently track the information but that Koji might and it
was confirmed[14] by JesseKeating that some of the information is in
Koji but that it is ambiguous.
[9] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00445.html
[10] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00450.html
[11] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00453.html
[12] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00453.html
[13] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00457.html
[14] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00471.html
Christopher decided[15] that the current notification system held the
most promise and filed[16] an RFE for levels of notification.
[15] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00527.html
[16] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00653.html
=== NTFS Resize During Install? ===
NealBecker reminded[1] the list that the ability to resize NTFS
partitions during install would be nice. He wondered if there were
any chance this functionality could be included in anaconda.
PaulWouters wondered[2] whether there was a patent issue and Tom
responded[3] that there was none of which he was aware.
[1] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00693.html
[2] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00695.html
[3] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00697.html
ThorstenLeemhuis asked[4] Tom why the in-kernel NTFS support was still
disabled and later supplied evidence[5] that the kmod was downloaded
by significant numbers of people from a third-party repository. A
slightly tense exchange developed when Tom replied[6] with a list of
reasons to prefer using the FUSE-based NTFS-3G including assertions
about a lack of maintenance of the NTFS kmod upstream. These
allegations were vigorously disputed by Thorsten[7] and
ChristopherBrown[8]. It seemed from later links posted that the hiring
of one of the original ntfsmount developers by Apple and the
subsequent substantial delays of promised code releases are one of the
issues. ChristopherBrown posted[9] evidence which he claimed showed
that the kmod had superior performance to NTFS-3G, but JefSpaleta
challenged this claiming instead that the data was for WinXP's native
NTFS performance.
[4] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00701.html
[5] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00754.html
[6] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00702.html
[7] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00707.html
[8] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00713.html
[9] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00717.html
RahulSundaram said[10] that the third-party repo (the name LIVNA was
coyly avoided) should stop providing the kmod because it mislead
people into believing that Fedora does not have native NTFS support.
Thorsten bridled[11] at the suggestion and satirically suggested
removing more choice by dropping KDE.
[10] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00753.html
[11] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00758.html
JeremyKatz asked[12] whether Neal was volunteering to help, because
while he recognized the value of the idea it was a large task which
needed volunteer assistance. He drew attention to the presence of
''gparted'' on the Fedora 7 (and up) LiveCDs which can resize ntfs
partitions. Neal declined[13] to volunteer and asked whether there was
somewhere useful for ideas to be recorded instead of lost on the list.
Rahul responded[14] with links to how to file an RFE and write a
feature proposal.
[12] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00698.html
[13] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00728.html
[14] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00755.html
The primary developer behind NTFS-3G (SzabolcsSzakacsits)
responded[15] to ChristopherBrown detailing why it might be fair to
call the kernel NTFS driver "old, crufted, and poorly maintained".
Szabolcs cited the responsiveness of the FUSE kmod maintainer
(MiklosSzeredi of Novell) as one of the reasons why it could be seen
as better maintained. Christopher asked[16] for some evidence that
enterprises were running the NTFS-3G (e.g. NTFS over FUSE) code and
also downplayed an instance of a patch to fix serious corruption which
had apparently languished for some time. In closing he argued
(similarly to Thorsten) that Fedora should ship both solutions (but
with ''mount.ntfs'' renamed to ''mount.ntfs-3g'' to remove confusion).
Szaka responded in detail[16] with information on the "partial fork"
of libntfs and ntfsmount, now followed by the utilities being forked
and suggesting that FUSE is becoming more important.
[15] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00789.html
[16] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00811.html
[17] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00865.html
=== gethostby* Users ===
A list of packages which are still using ''gethostby*'' functions
instead of ''getaddrinfo'' was posted[1] by UlrichDrepper. His list
totted up the number of programs with this problem per package.
''Samba'' came out far in the lead, followed by ''sendmail''.
PádraigBrady suggested[2] that Ulrich's own explanation of the problem
would be useful reading. In a nutshell the old gethostby* functions
are marked as obsolete by POSIX 1003.1-2001 and have problems
especially on machines with more than one interface.
[1] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00925.html
[2] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00935.html
AndrewBartlett responded[3] for the Samba Team with praise of
DavidHolder's work to fix Samba in this regard, but that there were
situations where IPv4 had to be used for the CIFS protocol. Ulrich
thought[4] that the message still had not penetrated that
''getaddrinfo'' should be used for both IPv4 and IPv6. SimoSorce also
answered[5] that Samba-3.2.0 (likely to land in Fedora 9) should be
better about this issue.
[3] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00938.html
[4] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00966.html
[5] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00943.html
An addition to the list was made[6] by DanielBerrange when he noted
that as QEMU was there then Xen could be added too. He identified it
as a hard problem, but essential and one which he would tackle in
order to get QEMU's VNC server fully IPv6 to complete the work on the
rest of the stack.
[6] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00955.html
RichiPlana seemed[7] eager to help out with making patches to Fedora
packages and then submitting them to their upstream maintainers. He
worried that the diversity of platforms would mean that messy
preprocessor directives would be needed. Ulrich suggested[8]
autoconf, and argued that because use of gethostby* functions was so
obviously wrong that Fedora should carry these patches until their
upstreams inevitably accept them. KevinKofler agreed[9] with Ulrich
and pointed out that XP-era ''winsock'' even supports getaddrinfo().
[7] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00988.html
[8] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00996.html
[9] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00997.html
Some disagreement was expressed[10] when ChrisAdams disputed that the
RFC on Ulrich's livejournal page was relevant and also characterized
the situation described there as "contrived". His statement that he
had not seen any deprecation or obsoletion of gethostby* functions was
responded[11] to very shortly by Ulrich.
[10] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00999.html
[11] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg01000.html
Deeper queries[12] by SimoSorce concerning the breaking of IPv4 DNS
round robin assignment by glibc's getaddrinfo() seemed to reveal[13] a
potential problem and led ChrisAdams to wonder[14] whether Ulrich had
read RFC 3484 as it was irrelevant IPv4.
[12] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg01017.html
[13] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg01020.html
[14] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg01040.html
=== GDM User Creation ===
The prolific RichiPlana made another suggestion to improve the Fedora
user experience. This time he envisioned[1] the ability to create
user accounts at the GDM greeter.
[1] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00351.html
DouglasMcClendon was keen on the idea and added[2] that it would be
nice if the entry of an unknown username would create a new account
and later prompt for an administrative password to confirm whether
this was allowed. MatthiasClasen posted[3] a link to a prototype for
this type of guest account creation. Richi liked the sound of
Douglas's suggestions and alluded[4] to what was to become a major
stumbling block in the discussion: the assumption that revealing the
validity of account names is not a security lapse.
[2] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00353.html
[3] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00359.html
[4] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00356.html
The security issue was tackled[5] by SimoSorce who added that as GDM
could be reached using XDMCP the proposal could expose the existence
of valid user names over the network. SteveGrubb agreed and added[6]
that it would complicate the construction of a proper audit trail by
hiding the real UID of the account creator. MattMiller objected[7]
that GDM could behave differently locally or via XDMCP but agreed with
Douglas and Steve that the feature should be easy to de-activate due
to its undesirability in many security settings.
[5] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00363.html
[6] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00373.html
[7] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00374.html
LubomirKundrak was unconvinced[8] that leaking username existence was
a threat. Although SteveGrubb provided[9] an example of a timing-based
attack on PAM thing were complicated when he specified that a tuple of
(machinename, username, password) was necessary for a successful
account breach. Lubomir clung to the point[10] that the password was
the only reasonable secret. AlanCox pointed to Cisco VPN attacks as
another example[11] and also separately highlighted[12] how the the
search space for the attack increases dramatically when using two
items to be guessed. NicolasMailhot[12] and SimoSorce[13] thought that
finding usernames via other vectors was usually so easy as to
invalidate this point.
[8] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00377.html
[9] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00388.html
[10] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00392.html
[11] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00397.html
[12] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00390.html
[13] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00391.html
=== CDs, DVDs Or Netboot Oh My! ===
The list was asked[1] by MikeMcGrath to choose which of the many
possible install methods should be the default in the future. Mike
presented the problem from the historical perspective of Fedora 7
introducing install methods (such as the LiveCD) which remove the
ability to select packages and upgrade during installation.
[1] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00730.html
It turned out that this wasn't strictly accurate, or at least was
worded a bit confusingly. In an interesting and detailed email
JohnPoelstra asked[2] why a system installed from a LiveCD could not
be upgraded. He also suggested that boxes without DVD burners and
readers would also tend to have poor network connectivity and
personally favored a network install from the ''rescuecd'' image. His
post brought quite a few reactions. MikeMcGrath explained[3] that the
LiveCD install was a copy of an image (that is, there are no rpms
installed) and ''anaconda'' differs in how it handles the LiveCD or a
normal install. SethVidal corrected[4] that it was perfectly possible
to upgrade after this live image was booted. It just was not possible
to upgrade from the live image.
[2] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00733.html
[3] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00739.html
This point was brought up again when AlanCox and LubomirKundrak
expressed the need for a simple CD set (Alan citing loss of users to
Ubuntu over this issue). RahulSundaram in response suggested the
LiveCD and was asked about the upgrading issue to which he answered
that running ''yum upgrade'' after installation worked for him. Rahul
also linked[4] to an interesting "preupgrade" proposal to simplify the
live updating of a user's machine. JesseKeating and MikeMcGrath read
the question a little differently and pointed out[5] that even with
full CD and DVD sets it wasn't always possible to upgrade all packages
without network connectivity.
[4] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00804.html
[5] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00835.html
DougWarner expressed an interest in helping out with the upgrade
situation, especially for "online" upgrades and MattMiller
suggested[6] that the first step would be to hunt through anaconda to
collect the "crufty special-case upgrade code" into a
"yum-upgradecruft" plugin, which could eventually be shared with
anaconda.
[6] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00860.html
AlanCox exclaimed "oh god, not this again!" and explained[7] that many
laptops came with good network connectivity, the ability to burn/read
CDs but without the ability to burn/read DVDs. JohnCiesla built on
this to argue[8] that without a DVD drive it appeared that upgrading
could only be done via Yum, but that this was not a supported path.
This was roundly rebutted by many people anxious to quell this
misconception. JesseKeating suggested the use of the rescue and boot
isos with network or harddrive caches of the packages. KevinKoffler
expanded[9] on this in a particularly good post which explained how to
use the harddrive and GRUB to upgrade. RahulSundaram pointed[10] to
the Fedora 7 FAQ and PaulFrields also mentioned the installation
guide. Elsewhere Paul asked[11] for people to take a look at the
Fedora 8 installation guide and to contribute their corrections and
additions.
[7] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00767.html
[8] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00808.html
[9] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00888.html
[10] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00847.html
[11] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00953.html
A suggestion[12] from ChrisAdams that the LiveCD package set might fit
onto a single CD was dismissed as unlikely by BillNottingham, but
DavidZeuthen was more optimistic, and compared[13] the compressed RPM
payloads to the compressed LiveCD contents.
[12] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00785.html
[13] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00904.html
DouglasMcClendon was very interested in the topic. He had previously
done some work[14] on . Douglas provided[15] a link explaining how to
use a large USB key for an install in response to BennyAmorsen's
request.
[14] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00864.html
[15] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg01029.html
The current situation of being able to do package selection after
installing the LiveCD was discussed in depth in a longish thread.
NicolasMailhot was deeply unimpressed[16] with this option, comparing
it unfavorably to Windows' irritating rebooting during installation.
LubmoirKundrak wondered[17] what was so wrong with that and noted some
anecdoates about SuSE and Caldera having the ability to switch to
running the installed system without a reboot. MattMiller agreed[18]
that he had done this on Fedora using ''kexec''.
[16] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00751.html
[17] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00764.html
[18] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00861.html
=== YUM Update Memory Issues ===
An attempt to update Fedora7-test2 (64 bit) to rawhide by PaulWouters
was reported[1] by him as failing due to memory issues. His 1GB RAM
had 406MB used for a reasonably standard workload and Yum had
completed all the presumably memory-using dependency checks before
crashing. Paul wondered what was sucking up the approximately 300MB
of RAM.
[1] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00872.html
PeterArreman tried[2] to help out by suggesting that maybe the problem
was due to the ''nv'' driver while running dualhead and provided some
handy tips about using xrestop to see X memory hogs. Unfortunately it
wasn't this easy as Paul was running a single screen.
[2] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00905.html
A thorough diagnosis was provided[3] by JamesAntill who suggested that
the problem was due to a lack of swap and originated in possible dead
memory due to updated files. James also wondered why Paul considered a
memory requirement of 300MB to update nearly 1GB of files was
unreasonable. He attached a script to show where and how much dead
memory Paul had.
[3] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00875.html
JohnReiser explained[4] that the implementation of Yum in Python led
to some potential problems with freeing up memory and suggested some
ways in which this might be solved.
[4] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00885.html
In response to SeanDarcy it was further explained[5] by James that
applications needed to be restarted so that old shared libraries left
by prelink could be cleaned from memory. This stimulated MattMiller to
ask for some figures on the benefits of prelink on modern hardware, to
which James outlined[6] some things to think about and suggested that
users updating frequently without rebooting the machine were most
likely to suffer this memory rot.
[5] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00889.html
[6] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00920.html
CurtisDoty was inspired[7] to add a patch to the script to reveal
which processes were responsible for the deleted libs.
[7] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00965.html
[[Anchor(Fonts)]]
== Fonts ==
In this section, we cover discussion in Fedora Fonts.
https://www.redhat.com/mailman/listinfo/fedora-fonts-list
Contributing Writer: MichaelLarabel
=== New Fedora Fonts Initiative ===
With the poor but improving state of fonts in Linux, the
fedora-fonts-list has been established[1] as a special interest group
for Fedora, EPEL, and the OLPC. It will not be strictly fonts, but
also text rendering/layouting will be discussed. Among the
objectives[2] for this new group is to find the best fonts for
internalizational and localization reasons, packaging new fonts and
new font tools, FLOSS font evangelism, font creation and design,
identifying font or text problems, and choosing the Fedora font
defaults. If you are interested, be sure to sign up for the
fedora-fonts-list mailing list[3].
[1] https://www.redhat.com/archives/fedora-fonts-list/2007-October/msg00000.html
[2] http://fedoraproject.org/wiki/SIGs/Fonts
[3] https://www.redhat.com/mailman/listinfo/fedora-fonts-list
[[Anchor(Translation)]]
== Translation ==
This section, we cover the news surrounding the Fedora Translation
(L10n) Project.
http://fedoraproject.org/wiki/L10N
Contributing Writer: JasonMatthewTaylor
=== Online Translation Tools ===
This week more discussion[1] was had, the group consensus was to try
and start using Pootle[2] and work with the Pootle team to extend it
as needed. If you are interested in helping with the project feel free
to drop them a line.
[1] https://www.redhat.com/archives/fedora-trans-list/2007-October/msg00023.html
[2] http://www.wordforge.org/drupal/projects/wordforge/tools/pootle
=== Release Notes for F8 Final ===
PaulFrields let it be known that the release notes have been
completed[1] and are ready for the translators to begin working on
them. As with the F7 release any translation 90% complete with be
included and the team is also doing a zero-day update so last minute
changes can be added.
[1] https://www.redhat.com/archives/fedora-trans-list/2007-October/msg00028.html
[[Anchor(Infrastructure)]]
== Infrastructure ==
In this section, we cover the Fedora Infrastructure Project.
http://fedoraproject.org/wiki/Infrastructure
Contributing Writer: JasonMatthewTaylor
=== publictest DNS Entries ===
MikeMcGrath sent a note[1] to the list this week mentioning that Jima
added DNS entries for publictest(1-9).fedoraproject.org and requested
that those with reference to publictest(1-9).fedora.redhat.com begin
transitioning to the new DNS.
[1] https://www.redhat.com/archives/fedora-infrastructure-list/2007-October/m...
=== Storage ===
This week saw some discussion[1] about routes to take for additional
storage as the Fedora Project has grown and packages among other
things are taking additional space. Koji (the buid system) currently
uses some netapps for storage via NFS which is fairly expensive,
MikeMcGrath was looking for some additional ideas from the community
so if you have ideas feel free to voice them.
[1] https://www.redhat.com/archives/fedora-infrastructure-list/2007-October/m...
=== Memory Upgrades ===
MikeMcGrath posted here[1] about memory upgrades to multiple servers
this week (14-Oct-07) and listed the effected servers/services among
them is releng1. If you use the any of the servers stay tuned for
outage information!
[1] https://www.redhat.com/archives/fedora-infrastructure-list/2007-October/m...
[[Anchor(SecurityWeek)]]
== Security Week ==
In this section, we highlight the security stories from the week in Fedora.
Contributing Writer: JoshBressers
=== OpenSSL Security Advisory ===
A very scary OpenSSL flaw went public last week:
http://www.openssl.org/news/secadv_20071012.txt
On the surface this looks like a horrible flaw, which it is. The
redeeming factor is that very little uses DTLS in OpenSSL. After an
audit of Red Hat Enterprise Linux, we determined that nothing is
shipped that actually uses DTLS.
=== Air Force to get 'cyber sidearms' ===
http://www.fcw.com/online/news/150483-1.html
This is a rather odd idea the US Air Force seems to be planning to
use. It seems the idea is that if a user thinks their computer has
been compromised, they can somehow alert someone who can verify this.
I'm going to guess this isn't going to work. It can probably be
suggested that most of the machines in the 50 million computers that
are part of the Storm Botnet do not have users that know they're a
part of the network. No doubt some portion of Air Force personnel will
be able to tell if their computer is hacked, but most probably can't.
[[Anchor(AdvisoriesUpdates)]]
== Advisories and Updates ==
In this section, we cover Security Advisories and Package Updates from
fedora-package-announce.
http://fedoraproject.org/wiki/FSA
Contributing Writer: ThomasChung
=== Fedora 7 Security Advisories ===
* ruby-1.8.6.110-1.fc7 -
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg0...
* util-linux-2.13-0.54.1.fc7 -
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg0...
* wesnoth-1.2.7-1.fc7 -
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg0...
* hplip-1.7.4a-6.fc7 -
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg0...
=== Fedora Core 6 Security Advisories ===
* elinks-0.11.3-1.fc6 -
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg0...
* xen-3.0.3-12.fc6 -
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg0...
* kernel-2.6.22.9-61.fc6 -
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg0...
* kdebase-3.5.7-1.fc6 -
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg0...
* kdelibs-3.5.7-1.fc6 -
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg0...
* ruby-1.8.5.113-1.fc6 -
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg0...
[[Anchor(EventsMeetings)]]
== Events and Meetings ==
In this section, we cover event reports and meeting summaries from
various projects.
Contributing Writer: ThomasChung
=== Fedora Board Meeting Minutes 2007-MM-DD ===
* No Report
=== Fedora Ambassadors Meeting 2007-MM-DD ===
* No Report
=== Fedora Documentation Steering Committee 2007-10-14 ===
* https://www.redhat.com/archives/fedora-docs-list/2007-October/msg00064.html
=== Fedora Engineering Steering Committee Meeting 2007-MM-DD ===
* No Report
=== Fedora Extra Packages for Enterprise Linux Meeting 2007-10-10 ===
* https://www.redhat.com/archives/epel-devel-list/2007-October/msg00013.html
=== Fedora Infrastructure Meeting (Log) 2007-10-10 ===
* https://www.redhat.com/archives/fedora-infrastructure-list/2007-October/m...
=== Fedora Localization Meeting 2007-MM-DD ===
* No Report
=== Fedora Marketing Meeting 2007-10-13 ===
* https://www.redhat.com/archives/fedora-marketing-list/2007-October/msg001...
=== Fedora Packaging Committee Meeting 2007-MM-DD ===
* No Report
=== Fedora Release Engineering Meeting 2007-MM-DD ===
* No Report
--
Thomas Chung
http://fedoraproject.org/wiki/ThomasChung
16 years, 6 months
fedora-maintainers
by Michael Larabel
With the fedora-maintainers list having shut down on September 10, is
there a new list that needs to be covered for FWN?
Michael
16 years, 6 months
Fedora Weekly News Issue 104
by Thomas Chung
= Fedora Weekly News Issue 104 =
Welcome to Fedora Weekly News Issue 104 for the week of October 1st.
http://fedoraproject.org/wiki/FWN/Issue104
In Announcements, we have "Announcing Fedora 8 Test 3 (7.92)!"
To join or give us your feedback, please visit
http://fedoraproject.org/wiki/NewsProject/Join.
1. Announcements
1. Announcing Fedora 8 Test 3 (7.92)!
2. Ask Fedora
1. How can I be a part of Fedora?
3. Planet Fedora
1. Release Notes freeze
2. Summit Happenings
4. Marketing
1. Fedora 7: A Solid Core Distribution
2. Interview with Fedora's Max Spevack
5. Developments
1. Pungi Error Corrected
2. GPLv2 Obligations To Maintain Sources
3. Co-maintainers Without Sponsorship?
4. Orinoco Driver And Scanning Problems With NetworkManager
5. /etc/hosts Discussion Yields libICE Fix
6. Speeding Up Firefox?
7. Bodhi To Allow "cvsextras" To Push To Testing
8. ExcludeArch Packaging Bug Resolved For 'gnome-python2-extras'
9. Mono Packages Lagging, New Co-maintainer Added
10. Mixing Macros And Native Commands In Specfiles
11. Fedora 8 Test 3 Announced
6. Translation
1. Online Translation
2. Pirut
7. Infrastructure
1. MirrorManager Patch
2. CVSExtras
8. Security Week
1. VM-Based Rootkits Proved Easily Detectable
2. Linux phishing botnet statistics can be deceptive
3. "you security people are insane."
9. Advisories and Updates
1. Fedora 7 Security Advisories
2. Fedora Core 6 Security Advisories
10. Events and Meetings
1. Fedora Board Meeting Minutes 2007-MM-DD
2. Fedora Ambassadors Meeting 2007-MM-DD
3. Fedora Documentation Steering Committee 2007-10-07
4. Fedora Engineering Steering Committee Meeting 2007-10-04
5. Fedora Extra Packages for Enterprise Linux Meeting (Log) 2007-MM-DD
6. Fedora Infrastructure Meeting (Log) 2007-10-04
7. Fedora Localization Project Meeting 2007-MM-DD
8. Fedora Packaging Committee Meeting 2007-10-02
9. Fedora Release Engineering Meeting 2007-10-01
[[Anchor(Announcements)]]
== Announcements ==
In this section, we cover announcements from various projects.
Contributing Writer: ThomasChung
=== Announcing Fedora 8 Test 3 (7.92)! ===
JeremyKatz announces in fedora-announce-list[1],
"Fedora 8 Test 3 is here! This is the last test release before the
development freeze and a great time to test all those packages that you
know and love. Test 3 is for beta users. This is the time when we must
have full community participation. Without this participation both
hardware and software functionality suffers."
[1] https://www.redhat.com/archives/fedora-announce-list/2007-October/msg0000...
[[Anchor(AskFedora)]]
== Ask Fedora ==
In this section, we answer general questions from Fedora community.
Send your questions to askfedora AT fedoraproject.org and Fedora News
Team will bring you answers from the Fedora Developers and
Contributors to selected number of questions every week as part of our
weekly news report. Please indicate if you do not wish your name
and/or email address to be published.
http://fedoraproject.org/wiki/AskFedora
Contributing Writer: RahulSundaram
=== How can I be a part of Fedora? ===
''Mark McLaughlin: How can I be a part of the Fedora project and be
able to cast a vote for the codename for the next Fedora Releases? I
want to contribute with ideas and distribute Live CDs in New England
USA ''
You can be part of Fedora by joining one of the sub projects available
at http://fedoraproject.org/join-fedora.html. Any Fedora contributor
would be able to vote for a codename for the upcoming releases of
Fedora. Ideas are worth it's weight in gold but the key factor in
realizing those ideas in many instances is to step up and do the work
involved. With Free software, you don't have to be contend with merely
being a consumer and you have the nice opportunity to go beyond it and
drive the changes you desire. Go for it.
If you are interested in distributing media freely to more end users,
join the Free Media project at
http://fedoraproject.org/wiki/Distribution/FreeMedia where hundreds of
copies of Fedora is being distributed every month all over the world
by volunteers in the Fedora community. Give everyone you can, the
gift of Fedora!
[[Anchor(PlanetFedora)]]
== Planet Fedora ==
In this section, we cover a highlight of Planet Fedora - an
aggregation of blogs from world wide Fedora contributors.
http://fedoraproject.org/wiki/Planet
Contributing Writers: ThomasChung
=== Release Notes freeze ===
PaulFrields points out in his blog[1],
"Tomorrow night at 2359 UTC the wiki beats, where we collect the
release notes for F8, will be "frozen" for the final release. From
there, we produce DocBook XML sources which go to the L10N folks for
translation for the F8 general release."
[1] http://marilyn.frields.org:8080/~paul/wordpress/?p=852
=== Summit Happenings ===
ColinWalters points out in his blog[1],
"Online Desktop - Owen, Bryan, Marina and I gave a talk on the Online
Desktop effort that went pretty well, lots of stuff was demoed and
there were some good questions."
"Summit[2] General - So far it's fun, a lot of people hacking on
things here. Gave a short talk about the current state of Hotwire
which went well. I think there's a lot of interest but probably most
people are waiting for bugs to be fixed; if you've tried it and found
some, please file them!
[1] http://cgwalters.livejournal.com/8194.html
[2] http://live.gnome.org/Boston2007
[[Anchor(Marketing)]]
== Marketing ==
In this section, we cover Fedora Marketing Project.
http://fedoraproject.org/wiki/Marketing
Contributing Writer: ThomasChung
=== Fedora 7: A Solid Core Distribution ===
RahulSundaram reports in fedora-marketing-list[1],
"Overall, Fedora is a good distribution to consider both for an
easy-to-use desktop and for a basic home or small-office server. The
user interface and security features are first-class, and the rest of
the environment is straightforward, particularly if you are used to
Red Hat. When deciding between Linux distributions to try out, Fedora
should certainly be on the list."
[1] https://www.redhat.com/archives/fedora-marketing-list/2007-October/msg000...
=== Interview with Fedora's Max Spevack ===
RahulSundaram reports in fedora-marketing-list[1],
"Fedora is a distribution that we try to release twice a year, and we
try to always focus on the things that are important to the larger
Fedora community, while at the same time allowing Fedora to be a place
where things that Red Hat engineering groups are working on can also
make their way into the distribution."
[1] https://www.redhat.com/archives/fedora-marketing-list/2007-October/msg001...
[[Anchor(Developments)]]
== Developments ==
In this section, we cover the problems/solutions,
people/personalities, and ups/downs of the endless discussions on
Fedora Developments.
http://www.redhat.com/mailman/listinfo/fedora-devel-list
Contributing Writer: OisinFeeley
=== Pungi Error Corrected ===
The continued activity of the Alphacore[1] project was revealed when
OliverFalk asked[2] for some Python gurus to help him in creating
non-DVD ISOs using Pungi. Oliver provided a patch to the
ConfigParser.py module to allow it to accept either ints or strings.
He wondered whether no one else was generating non-DVD ISOs.
[1] Alphacore are a volunteer port of Fedora to the AlphaServer
architecture and have integrated their work as a Secondary
Architecture for Fedora 8.
[http://alphacore.info/archives/13-No-News-Is-....html
http://alphacore.info/archives/13-No-News-Is-....html]
[2] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00060.html
JesseKeating responded[3] that this code path had been left out of the
validation tests and that Oliver's diagnosis of a Pungi bug in
ConfigParser was correct. A patched version was produced.
[3] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00066.html
Oliver was impressed[4] with Jesse's usual quick response and
explained that he would be testing out this code path fairly regularly
because Alphas tend not to have DVD-ROMs.
[4] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00067.html
Further discussion focused[5] on why ConfigParser only accepted
strings. Jesse speculated that it was because it would be hard to
mark an element of a plaintext file as an integer rather than a
string.
[5] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00069.html
A related, but distinct question asked[6] by Oliver was why Koji did
not create an sqlite database with ''createrepo -d''. Oliver noted
that for slower architectures there would be a speeding up of the init
phase of the build-root. It turned out that the reason was that Koji
had been developed on machines which lacked the ability to run
"createrepo -d" and Oliver kindly provided[7] a patch for when they
became capable.
[6] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00159.html
[7] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00200.html
MikeBonnet added[8] the information that the ''createrepo'' in
''koji'' used the ''-update'' flag to parse pre-existing repodata
resulting in a huge speed boost. Mike wondered whether ''--update''
would work with an sqlite database. Oliver responded[9] that it did
not, but explained the speed trade offs faced in his situation and
promised to post a request for the sqlite support with ''--update'' in
the right place.
[8] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00211.html
[9] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00218.html
TimLauridsen and SethVidal weighed in[10] on the problem of using
ConfigParser by suggesting that a look at ''config.py'' (written by
MennoSmits and de-yummified by Seth) might be useful.
[10] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00112.html
=== GPLv2 Obligations To Maintain Sources ===
An interesting question was raised[1] by MattDomsch about how the
Fedora Project could help derivative spins to meet their obligation
under the GPLv2 to make source-code available. There are several
methods mentioned in GPLv2 by which this can be achieved depending
upon the distribution method used for the object-code/binaries. Matt
wanted to make sure that the producers of a spin would be able to rely
upon the Fedora Project to maintain sources under provision 3(b) and
suggested that JefSpaleta's method for generating specific versioned
SRPMS from CVS on demand would be useful.
[1] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00307.html
One of the obligations attendant upon using provision 3(b) is to make
the source available for three years. NicolasMailhot thought that the
easiest thing would be to never purge the SRPMS generated by Koji.
While Jef agreed[2] that if this were possible it would make things
simple he doubted that it was possible. MattDomsch agreed and
estimated[3] that keeping four, or more, years of source-code in an
SCCM[4] would take less space than the equivalent Koji archive for the
same time period. JesseKeating shared[3] Matt's concerns and added
that it was uncertain as to when the three year period started.
[2] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00310.html
[3] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00316.html
[4] Source Code Configuration Management:
http://en.wikipedia.org/wiki/List_of_revision_control_software
AlexanderBoström suggested[5] that ensuring that the Fedora Project's
written promise which is passed on under 3(b) to re-spinners (who in
turn distribute under 3(c)) had a specific time-limitation written in
could solve the problem. Such a method ensures that the re-spinners
are responsible for providing source if they continue distributing the
software past the time at which the Fedora Project stops distributing
it. SimoSorce[6] made largely similar points to Alexander, echoing
the idea that it would be easier to provide binary and source CDs when
distributing them at events, with a smaller number of source CDs being
needed to be produced. JesseKeating responded[7] to MattMiller that
this would not achieve the goal of helping the re-spinners.
[5] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00328.html
[6] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00345.html
[7] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00337.html
=== Co-maintainers Without Sponsorship? ===
A request for comments from ToshioKuratomi(abadger) floated[1] a
method for enabling upstream maintainers who to co-operate in a
non-onerous way with the Fedora Project without getting a sponsor.
Toshio outlined how pairing of a FedoraProject package owner with an
outside upstream maintainer could proceed through three phases. The
initial phases would require the sponsor to police the actions of the
upstream co-maintainer. In later phases sponsors would not be
required, but this requires changes to the PackageDB, Bodhi and Koji
and the CVS repository.
[1] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00306.html
Jima wanted[2] to enable the upstream co-maintainers to start scratch
builds, but recognized that Koji administrators would be affected and
sought feedback from them.
[2] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00314.html
=== Orinoco Driver And Scanning Problems With NetworkManager ===
A continuation of last week's[1] thread about all the changes in
NetworkManager delved into some scanning problems experienced by
MattMiller. Initial speculation[2] from DanWilliams that Matt's
driver was based on mac80211 was followed up with some extensive
debugging help. Dan concluded[3] that it looked as though there were
some problems both with the ''orinoco'' driver and also with
''wpa_supplicant'' itself.
[1] http://fedoraproject.org/wiki/FWN/Issue103#head-55328f04f90bf89fe031f8996...
[2] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00019.html
[3] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00065.html
Matt confirmed[4] that back-to-back ''iwlist ethX scan'' commands
produced ''resource temporarily unavailable'' messages and the need to
reboot!
[4] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00068.html
The essential problem seemed to be[] that the driver incorrectly
refused to return older scan results while currently scanning.
Matt filed[5] a bug report and Dan estimated[6] that a few days to
copy similar improvements from the ''airo'' driver would hopefully see
this problem resolved.
[5] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00171.html
[6] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00163.html
=== /etc/hosts Discussion Yields libICE Fix ===
Another thread from last week(FWN#103 "System Entries In
/etc/hosts"[1]) which yielded more fruit concerned the setting of
hostnames by NetworkManager. BillCrawford had noticed that when
running X from a console login the desktop could crash if the hostname
was changed. AdamJackson(ajax) did not think[2] that the problem was
a simple mismatch between the magic cookies stored in ''.Xauthority''
for the client and the server.
[1] http://fedoraproject.org/wiki/FWN/Issue103#head-fc00b9d8ef6c1ab2beb7d7d28...
[2] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00013.html
Bill reported[3] a specific error logged when he tried to switch VTs.
This stimulated[4] Adam to patch libICE so that the path to the ICE[5]
socket (which is bound at session start up) uses "unix" as the
hostname part of the tuple instead of relying on ''gethostbyname()''.
The advantage of this is that although ''dhclient'' changes the system
hostname, ''NetworkManager'' will not. Adam recommended that anyone
experiencing delays, stalls or crashes of applications after or during
changing network information should try to update libICE and reproduce
the problem. He provided updated packages for Fedora 7[6] as well as
rawhide.
[3] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00017.html
[4] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00034.html
[5] http://en.wikipedia.org/wiki/X_Window_System_protocols_and_architecture#I...
[6] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00074.html
=== Speeding Up Firefox? ===
ArthurPemberton was dissatisfied[1] with the speed of Firefox on
Fedora 7 and noted that changing the default Firefox
''network.dns.disableIPv6 false'' to ''true'' and some other changes
seemed to result in an improvement. JeroenVanMeeuwen(kanarip) said[2]
that such changes to the defaults should only be made if upstream
approved.
[1] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00141.html
[2] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00149.html
The reasons for why the defaults should stay as they are were detailed
by the knowledgeable ChristopherAillon (who had blogged on this topic
several years ago). Christopher specifically noted[3] that pipelining
would break (in the sense of causing browser hangs and refusing to
load) for websites served by unpatched Apache-1.3. In response to
DennisJacobfeuerborn's request for some numbers, Ajax posted links to
a blog entry[4] and a bugzilla[5].
[3] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00153.html
[4] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00201.html
[5] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00203.html
ChuckAnderson addressed the IPv6 point by providing[6] contradictory
testimony which showed that slowdowns might not be due to it.
[6] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00158.html
Some more anecdotal experience came[7] from DarrellPfeifer who thought
that the problem was due to ''auto detect proxy settings'' instead of
''direct connection to internet''. NicolasMailhot agreed[8] that there
was a problem which needed to be reported upstream, and in response to
a useful suggestion from MattMiller explained[9] that the whole UI
could freeze while one tab blocked on content. BernardoInnocenti had
some potential Javascript culprits in mind[10].
[7] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00166.html
[8] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00187.html
[9] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00204.html
[10] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00188.html
=== Bodhi To Allow "cvsextras" To Push To Testing ===
An attempt by ToddZullinger to push an updated ''vorbis-tools''
package to testing to fix a bug failed[1] due to the restrictions on
members of ''cvsextras''. Todd laid out the case for easing the burden
on primary maintainers by getting pkgdb to allow members of cvsextras
to undertake such tasks.
[1] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00293.html
LukeMacken responded[2] that ''bodhi'' currently authenticates only
those with commit access in pkgdb, but thought that it should also
check the group ACL. He noted that Toshio was trying to patch bodhi
to do this right now (see also this same FWN#104 "Unsponsored
Co-maintainers").
[2] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00297.html
Toshio produced a patch and Luke applied[3] it, and a short delay[4]
intervened until the production bodhi was patched after some minor[4a]
adjustments. Unfortunately it seemed that Todd was still being
denied[5].
[3] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00324.html
[4] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00335.html
[4a] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00342.html
[5] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00350.html
=== ExcludeArch Packaging Bug Resolved For 'gnome-python2-extras' ===
A query[1] from MichałBentkowski about the absence of a PPC64 build of
''gnome-python2-libegg'' causing ''sonata'' to fail to build revealed
that ''gnome-python2-extras'' was using an ''ExcludeArch: ppc64''.
PaulFrields reported[2] a related error.
[1] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00279.html
[2] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00282.html
JeremyKatz responded[3] that the problem was in
''gnome-python2-extras'', specifically that it should use ''ifarch''
for the gdl subpackage and not ''ExcludeArch'' (see last paragraph of
FWN#103 "Xulrunner"[4] and links therein to earlier discussions on
this topic).
[3] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00284.html
[4] http://fedoraproject.org/wiki/FWN/Issue103#head-2fff99f986572a5fb6ab8af50...
The issue was quickly resolved[5] by a fix from MatthewBarnes.
[5] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00300.html
=== Mono Packages Lagging, New Co-maintainer Added ===
An observation[1] that ''mono'' packages in rawhide were lagging
behind the actual releases was posted by "Paul". Apparently this was
affecting his work and he volunteered to co-maintain the packages if
that would help.
[1] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00261.html
AlexanderLarsson was happy[2] to have an offer of more help and after
some trials and tribulations with adding the new co-maintainer Paul
was approved and added[3].
[2] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00272.html
[3] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00276.html
=== Mixing Macros And Native Commands In Specfiles ===
PeterLemenkov wanted to know[1] whether it was possible to mix rpm
macros and native commands in specfiles. Peter provided an example to
demonstrate his meaning.
[1] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00252.html
HansdeGoede replied[2] that the RPM would certainly build, but that
the Fedora Project guidelines would disallow this in favor of using
either macros exclusively or native commands. MatthiasClasen
disagreed, arguing[3] instead that the guidelines only distinguish
between two types of macro styles, but are silent on the issue of
native commands versus macros.
[2] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00254.html
[3] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00289.html
RahulSundaram provided[4] a link to the specific place where this is
discussed in the wiki.
[4] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00270.html
JesseKeating attempted[5] to disambiguate Peter's example, noting that
it lacked clarity due to mixing two macro styles and native commands.
[5] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00269.html
=== Fedora 8 Test 3 Announced ===
The final test release prior to development freeze was announced[1] by
JeremyKatz on October 4th. The extensive notes ask for full community
participation in testing and detail some known issues.
[1] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00205.html
Initial response involved some dismay[2] at the replacement of
''pam_console'' for desktop access control with HAL, and concern that
the KDE-LiveCD was only available by torrent. JesseKeating
responded[3] to the latter issue, explaining that this was just for
the test release and that the live images would be back to normal for
the actual final release.
[2] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00208.html
[3] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00229.html
Separately WarrenTogami[4] noted apparently untested breakage of the
iwl3945 wireless chipsets in kernels and asked for help testing
kernels before they hit the nightly build. DaveJones added[5] that it
was possible to install the latest builds directly from his repo using
"sudo bash; cd /etc/yum.repos.d; wget
http://people.redhat.com/davej/kernels/Fedora/f7.92/kernel.repo"
within one hour of koji building them.
[4] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00249.html
[5] https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00303.html
[[Anchor(Translation)]]
== Translation ==
This section, we cover the news surrounding the Fedora Translation
(L10n) Project.
http://fedoraproject.org/wiki/L10N
Contributing Writer: JasonMatthewTaylor
=== Online Translation ===
There was more discussion[1] this week about the possibility of
setting up an online translation tool. The team has been hashing out
some details about how commits would happen and how to scale access.
We will definately be keeping tabs on this discussion as it would be a
definate help to the team and project as a whole.
[1] https://www.redhat.com/archives/fedora-trans-list/2007-October/msg00003.html
=== Pirut ===
Pirut[1] was moved this week to git.fedoraproject.org, JeremyKatz[2]
mentioned that any pirut translation commits need to go through
transifex. No problems were reported after the change.
[1] http://fedoraproject.org/wiki/pirut
[2] https://www.redhat.com/archives/fedora-trans-list/2007-October/msg00011.html
[[Anchor(Infrastructure)]]
== Infrastructure ==
In this section, we cover the Fedora Infrastructure Project.
http://fedoraproject.org/wiki/Infrastructure
Contributing Writer: JasonMatthewTaylor
=== MirrorManager Patch ===
WarrenTogami and LukeMacken worked on a validator patch[1] for mirror
manager[2] so that it would work properly with the new turbogears. It
was apparently a trivial patch so users should see no changes other
than mirror manager now working flawlessly.
[1] https://www.redhat.com/archives/fedora-infrastructure-list/2007-October/m...
[2] http://fedoraproject.org/wiki/Infrastructure/MirrorManager
=== CVSExtras ===
There was some discussion[1] this week about renaming cvsextras to
packager. The change will likely happen, though it has not been
decided when. The idea behind the change is that it will be clearer
what tree is for and when CVS is no longer the tracking mechanism the
name is generic enough so no changes will likely need ot be made.
[1] https://www.redhat.com/archives/fedora-infrastructure-list/2007-October/m...
[[Anchor(SecurityWeek)]]
== Security Week ==
In this section, we highlight the security stories from the week in Fedora.
Contributing Writer: JoshBressers
=== VM-Based Rootkits Proved Easily Detectable ===
http://it.slashdot.org/article.pl?sid=07/10/02/0323237&from=rss
Some time ago it a number of researchers claimed that it would be
possible for a virtual machine based rootkit to evade security
software. It seems that's not quite the case.
=== Linux phishing botnet statistics can be deceptive ===
http://blogs.techrepublic.com.com/security/?p=296"
eBay's chief information security officer made a comment last week
that most botnets are hosted off of compromised Linux machines. The
above article refutes some of these claims.
=== "you security people are insane." ===
http://kerneltrap.org/Linux/Pluggable_Security
Linus makes some interesting points about various security systems in
the Linux kernel. While his colorful comments are humorous, this
makes a rather powerful statement. Linus says:
{{{
Schedulers can be objectively tested. There's this thing called
"performance", that can generally be quantified on a load basis.
Yes, you can have crazy ideas in both schedulers and security. Yes, you
can simplify both for a particular load. Yes, you can make mistakes in
both. But the *discussion* on security seems to never get down to real
numbers.
So the difference between them is simple: one is "hard science". The other
one is "people wanking around with their opinions".
}}}
This is a big problem. Security is hard to understand, so you end up
with two different types of people causing trouble. There are people
who don't really understand what they're doing. These are the people
that say incorrect things and just make up what they don't know.
There are also the people who will blatantly lie to further their own
agenda. The hope is that the right solution will eventually win out,
but that's not always the case.
[[Anchor(AdvisoriesUpdates)]]
== Advisories and Updates ==
In this section, we cover Security Advisories and Package Updates from
fedora-package-announce.
http://fedoraproject.org/wiki/FSA
Contributing Writer: ThomasChung
=== Fedora 7 Security Advisories ===
* kdebase-3.5.7-13.1.fc7 -
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg0...
* xen-3.1.0-6.fc7 -
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg0...
* pidgin-2.2.1-1.fc7 -
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg0...
* openoffice.org-2.2.1-18.2.fc7 -
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg0...
=== Fedora Core 6 Security Advisories ===
* None reported
[[Anchor(EventsMeetings)]]
== Events and Meetings ==
In this section, we cover event reports and meeting summaries from
various projects.
Contributing Writer: ThomasChung
=== Fedora Board Meeting Minutes 2007-MM-DD ===
* No Report
=== Fedora Ambassadors Meeting 2007-MM-DD ===
* No Report
=== Fedora Documentation Steering Committee 2007-10-07 ===
* https://www.redhat.com/archives/fedora-docs-list/2007-October/msg00035.html
=== Fedora Engineering Steering Committee Meeting 2007-10-04 ===
* https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00239.html
=== Fedora Extra Packages for Enterprise Linux Meeting (Log) 2007-MM-DD ===
* No Report
=== Fedora Infrastructure Meeting (Log) 2007-10-04 ===
* https://www.redhat.com/archives/fedora-infrastructure-list/2007-October/m...
=== Fedora Localization Project Meeting 2007-MM-DD ===
* No Report
=== Fedora Packaging Committee Meeting 2007-10-02 ===
* https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00081.html
=== Fedora Release Engineering Meeting 2007-10-01 ===
* https://www.redhat.com/archives/fedora-devel-list/2007-October/msg00170.html
--
Thomas Chung
http://fedoraproject.org/wiki/ThomasChung
16 years, 7 months