July 2022 - server - Fedora Mailing-Lists

by Peter Boy

In Fedora 34 the default editor was nano, for Workstation and also for Server. In my latest default F35 Server installation I noticed vim-default-editor was installed. Did some good soul take pity and bring vim back to us or did something go wrong with my installation? Best Peter

6 months, 1 week

8
25
1 / 0

Technical Specification discussion

by Peter Boy

We decided to further discuss section 1.2 (File System and Storage Organization) on the mailing list to prepare a final decision next meeting. The text on hackmd is for an unknown reason broken. Instead to spend time to repair it I’ve transferred the text to our team page, a task we had to do anyway. You find the text at: https://docs.fedoraproject.org/en-US/server-working-group/docs/server-tec... Because it has not yet been finalized, it is not linked anywhere. I have made some modifications to section 1.2 and taken up suggestions from Chris. Some comments on our discussion and the draft. I am convinced that a technical specification has to include a description and explanation of the properties and also a rationale if they are not self-explanatory. And the storage organization is on the one hand not self-explanatory and on the other hand one of the distinguishing features of Fedora Server. A serious and genuine specification involves setting out goals and intentions and deriving technical properties from them (and justifying the effort involved). Otherwise, it would be a superfluous legitimization effort and a waste of time, which I would not be willing to do. The text also does not restrict future flexibility (see Chris 17:7:41 UTC). In any case, we need to periodically review the techn. spec. We really shouldn't leave it for another 8 years or so. And then Chris is welcome to propose BTRFS as default again and maybe the technical and organizational realities will be different than when we last discussed it. And we are free to decide on a different rationale and implementation. Or maybe we can keep the basic principle and only change the implementation.

1 year, 1 month

3
6
0 / 0

Short info about yesterday IRC meeting (2022-07-20)

by Peter Boy

For everyone's convenience, a brief summary of our IRC meeting right here. Topics discussed == Follow up actions == No outstanding action items == Review current Fedora Server Technical Specification == #link https://pagure.io/fedora-server/issue/58 We have agreed on the text with one exception. It is to be discussed further on the mailing list. A final decision will be made at the next meeting. For greater details see meetbot == Summary: == https://meetbot.fedoraproject.org/fedora-meeting/2022-07-20/fedora-server... == Full log: == https://meetbot.fedoraproject.org/fedora-meeting/2022-07-20/fedora-server... ==== Planned topics for the next meeting so far: ==== 1. Final decision about an updated Fedora Server Technical Specification #link https://pagure.io/fedora-server/issue/58 2. Using Ansible to install and configure Wildfly #link https://pagure.io/fedora-server/issue/60 For an overview about our meetings see https://docs.fedoraproject.org/en-US/server-working-group/wg-minutes-curr... For an overview about current and upcoming works see https://pagure.io/fedora-server/boards/Works%20in%20progress

1 year, 2 months

1
0
0 / 0

cockpit 273, cockpit-machines 272, cockpit-podman released

by Martin Pitt

Cockpit is the modern Linux admin interface. We release regularly. Here are the release notes: https://cockpit-project.org/blog/cockpit-273.html Summary: - Machines: Download RHEL images - Metrics: Display CPU temperature - Networking: Suggest netmask and gateway addresses - Software Updates: Optionally reboot after updating - cockpit/ws container: Support modern SSH keys You can get Cockpit here: http://cockpit-project.org/running.html The new releases are available in Fedora 35 and 36. Take care, Martin Pitt

1 year, 2 months

1
0
0 / 0

Software raid on UEFI systems

by Peter Boy

As discussed on our meeting I created an issue (https://pagure.io/fedora-server/issue/89) for this matter. According to my tests, software raid is working with uefi booting.

1 year, 2 months

3
5
0 / 0

Call for agenda Items on 2022-07-20 17:00 ==UTC== meeting

by Peter Boy

The meeting date ========================================================= Fedora Server IRC meeting Wednesday, July 20 17:00 ==UTC== irc.libera.chat #fedora-meeting ========================================================= Please, check your local time using date -d ‘2022-07-20 17:00UTC’ Sorry for the late agenda. It includes so far: == Agenda == https://pagure.io/fedora-server/report/Meeting 1. = Follow up actions = 2. = Review current Fedora Server Technical Specification = #link https://pagure.io/fedora-server/issue/58 Mailing list: #link https://lists.fedoraproject.org/archives/list/server@lists.fedoraproject.... #link https://hackmd.io/9or6pDs3Qq6DzzgVzXgmeQ?view Goal: Final discussion and preparation for voting if needed. Proposal: Step by step discussion of the comments. I have included a suggested solution for each comment. Finally, a discussion of remaining questions. 3. = Using Ansible to install and configure Wildfly = #link https://pagure.io/fedora-server/issue/60 Mailing List: https://lists.fedoraproject.org/archives/list/server@lists.fedoraproject.... Maybe, we need all our time for the previous topic. In this case we will start our next meeting with this topic. 4. = Open floor = For any additions or changes, please reply to this email. For an overview about current tasks look at: https://pagure.io/fedora-server/boards/Works%20in%20progress Vor an overview about previous meetings: https://docs.fedoraproject.org/en-US/server-working-group/wg-minutes-curr...

1 year, 2 months

1
0
0 / 0

Difficulty trying to add letsencrypt certificate for ssl usage in wildfly

by John W. Himpel

I am trying to follow Farah Juma's Blog entry found at https://developer.jboss.org/people/fjuma/blog/2018/08/31/obtaining-certif... to configure wildfly to obtain a "Let's Encrypt" certificate for use by wildfly (Version 26). I have installed a new wildfly instance in /opt/wildfly/wf26. It starts successfully using systemd. I execute the jboss-cli command shown under the heading "Prerequisite configuration" using the following command: /opt/wildfly/wf26/bin/jboss-cli.sh --connect batch --file=/home/jwhimpel/prerequisite.cli run-batch jboss-cli.sh responds with "The batch executed successfully". In /opt/wildfly/wf26/standalone/log/server.log, I see: 2022-07-13 20:06:30,849 WARN [org.wildfly.extension.elytron] (MSC service thread 1-2) WFLYELY00023: KeyStore file '/opt/wildfly/wf26/standalone/configuration/server.keystore.jks' does not exist. Used blank. I'm assuming this is a harmless warning. I execute the jboss-cli command shown under the heading "One-time configuration" using the following command: /opt/wildfly/wf26/bin/jboss-cli.sh --connect batch --file=/home/jwhimpel/configure_account.cli run-batch jboss-cli.sh responds with "The batch executed successfully" In /opt/wildfly/wf26/standalone/log/server.log, I see: 2022-07-13 20:07:12,878 WARN [org.wildfly.extension.elytron] (MSC service thread 1-3) WFLYELY00023: KeyStore file '/opt/wildfly/wf26/standalone/configuration/accounts.keystore.jks' does not exist. Used blank. Again, I'm assuming this is a harmless warning. However, an accounts.keystore.jks file now appears under /opt/wildfly/wf26/standalone/configuration/. I execute the jboss-cli command shown under the heading "Obtain a certificate from Let's Encrypt using the following command: /opt/wildfly/wf26/bin/jblss-cli.sh --connect batch --file=/home/jwhimpel/obtain_certificate.cli run-batch jboss-cli.sh responds with: The batch failed with the following error (you are remaining in the b atch editing mode to have a chance to correct the error): WFLYCTL0062: Composite operation failed and was rolled back. Steps that failed: Step: step-1 Operation: /subsystem=elytron/key-store=serverKS:obtain-certificate(alias=server ,domain-names=[testWildfly.jlhimpel.net],certificate-authority-account=myLetsEnc ryptAccount,agree-to-terms-of-service) Failure: ELY10048: Challenge response failed validation by the ACME server In /opt/wildfly/wf26/standalone/log/server.log, I see: 2022-07-13 20:25:48,624 ERROR [org.jboss.as.controller.management-operation] (management-handler-thread - 2) WFLYCTL0013: Operation ("obtain-certificate") failed - address: ([ ("subsystem" => "elytron"), ("key-store" => "serverKS") ]) - failure description: "ELY10048: Challenge response failed validation by the ACME server" File prerequisite.cli: /subsystem=elytron/key-store=serverKS:add(path=server.keystore.jks, relative-to=jboss.server.config.dir, credential- reference={clear-text=secret}, type=JKS) File configure_account.cli: /subsystem=elytron/key-store=accountsKS:add(path=accounts.keystore.jks,relative-to=jboss.server.config.dir,credential- reference={clear-text=secret},type=JKS) /subsystem=elytron/certificate-authority-account=myLetsEncryptAccount:add(alias=letsEncrypt,key- store=accountsKS,contact-urls=[mailto:john@jlhimpel.net]) File obtain_certificate.cli: /subsystem=elytron/key-store=serverKS:obtain-certificate(alias=server,domain- names=[testWildfly.jlhimpel.net],certificate-authority-account=myLetsEncryptAccount,agree-to-terms-of-service) firewall-cmd --list-all shows: Server (active) target: default icmp-block-inversion: no interfaces: enp1s0 localhost sources: services: cockpit http https mountd nfs rpc-bind ssh ports: 9990/tcp 9993/tcp 8080/tcp 8443/tcp 19990/tcp 19993/tcp protocols: forward: no masquerade: no forward-ports: source-ports: icmp-blocks: rich rules: At this point, I am stumped as to what I might have done wrong. Any suggestions would be greatly appreciated. John

1 year, 2 months

1
2
0 / 0

Re: F37 proposal: BIND 9.18 (Self-Contained Change proposal)

by Adam Williamson

On Fri, 2022-07-15 at 17:30 -0400, Ben Cotton wrote: > > == Scope == > * Proposal owners: The update required update of bind-dyndb-ldap > package (part of Freeipa suite), but otherwise it is isolated change. That's a big 'but'. FreeIPA is a release-blocking part of Server, one of our Editions. We've seen issues before between bind upgrades and FreeIPA. I would like to see assurances that this is being planned together with FreeIPA folks and resources will be in place to ensure FreeIPA is fully tested and working when this is deployed. -- Adam Williamson Fedora QA IRC: adamw | Twitter: adamw_ha https://www.happyassassin.net

1 year, 2 months

2
2
0 / 0

Re: Software raid on UEFI systems

by Peter Boy

Let’s discuss at our meeting, which options we have and which options we want to take. Possible options may be: * just stay with the Anaconda provided way * advise the admin to manually create ESPs on all other disks and copy the content, and how to do it (dd, cp -a, something else) * Start a discussion / bug report with Anaconda about the proper way to support SWraid * Advise not to use SWraid on UEFI systems at all * ????

1 year, 2 months

1
0
0 / 0

Review Fedora Server Technical Specifications

by Peter Boy

I completed draft 3 of a Technical Specification update on hackmd: https://hackmd.io/9or6pDs3Qq6DzzgVzXgmeQ?view Please, either use the hackmd comment function or reply here for discussion. I hope, we can finally discuss it and make a decision next meeting.

1 year, 2 months

1
1
0 / 0

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

server July 2022