[releng] Issue #6770: ABRT back in Fedora 26
by Matej Habrnal
mhabrnal reported a new issue against the project: `releng` that you are following:
``
You've temporarily removed ABRT from Fedora 26 Alfa release because of hawkey dependency and service migration from abrt-ccpp.service to abrt-journal-core.service (see https://bugzilla.redhat.com/show_bug.cgi?id=1436941)
ABRT package is now ready (abrt-2.10.2-2.fc26) to be returned back to Fedora release. It has no dependency to hawkey and also spec files contains scriplets which do the migration from abrt-ccpp.service to abrt-journal-core.service.
Making the ticket just for sure :)
``
To reply, visit the link below or just reply to this email
https://pagure.io/releng/issue/6770
6 years, 10 months
[releng] Issue #5886: need method for distributing urgent fixes... urgently
by Matthew Miller
mattdm added a new comment to an issue you are following:
``
@alsadi Well, there's always a balance. We wouldn't want to make things _worse_ by pushing out a bad fix too quickly. The sudo update is an interesting example here. It's obviously a security fix, but the issue it corrects is an escalation from limited sudo privileges to full-root equivalent. In the default configuration in Fedora, we give full-root equivalent to members of the `wheel` group, and nothing else — in other words, unless you've got a special configuration, the issue doesn't matter.
Meanwhile, it turns out that the initial fix was incomplete — see https://bugzilla.redhat.com/show_bug.cgi?id=1459152. It isn't in this case, but _could_ have been that the quick fix makes things worse. A bad update to sudo could even lock legitimate users out of their systems.
Yes, we need to get updates out quickly... but we also need to make sure that they're _good_ updates. I don't think loosening the amount of required QA is the answer.
``
To reply, visit the link below or just reply to this email
https://pagure.io/releng/issue/5886
6 years, 10 months
using include statements in pungi-fedora
by Dusty Mabe
I've been told recently that we can use include statements within pungi to
include variables/definitions in other files into our current configuration
file we are working on.
Can we start to use this model for our pungi-fedora repo? One example is that
the fedora-atomic.conf file has a bunch of configuration at the top of it that
is very cryptic to know what's relevant to atomic host image/iso creation and what
is not. It would be much better if, for a particular branch, we can have a file
that has most common definitions in it for all pungi configs for that branch. Then
we can make the individual pungi configs much more lightweight and less confusing.
If this is acceptable we can start with the Rawhide branch and when we branch for
future releases this will propagate.
Thoughts?
Dusty
6 years, 10 months