Fedora Weekly News #170

Pascal Calarco pcalarco at nd.edu
Mon Apr 6 17:32:48 UTC 2009

Welcome to Fedora Weekly News Issue 170 for the week ending April 5, 2009.


In this week's issue, we're proud to include the Fedora Weekly webcomic 
by Nicu Buculei, who has been producing this regularly for some time. We 
think you will enjoy Nicu's art and humor. Other selected content includes:

     * Detailed coverage in the announcements and infrastructure 
sections on the August 2008 Fedora security intrusion, and updates on 
the upcoming FUDCon Berlin.
     * News from the Fedora Planet includes updates on the fourth grade 
math project for Sugar/OLPC, reviews of Songbird and Flock, amongst 
other birds of a feather.
     * In the Developments beat, the mysteries of Fedora & OpenSolaris 
dual-boot is revealed.
     * Translation: updates on F11 release note translations, and new 
members of the Fedora Localization Project
     * An interview with three members of the Art Team in this week's 
Art Beat
     * April Fools and the Conflicker worm, in this week's Security Week 
     * Security updates for Fedora 9 and 10 over the past week
     * Updates on the state of virtualization in Fedora, with a view 
towards F11 feature rollup

If you are interested in contributing to Fedora Weekly News, please see 
our 'join' page[1]. We welcome reader feedback: fedora-news-list at redhat.com

    1. ↑ http://fedoraproject.org/wiki/NewsProject/Join

FWN Editorial Team: Pascal Calarco, Oisin Feeley, Huzaifa Sidhpurwala

--  Announcements --

In this section, we cover announcements from the Fedora Project.




Contributing Writer: Max Spevack

---  Fedora Board ---

Paul Frields[1] reminded[2] the community that the Fedora Board will be 
"holding its monthly public meeting on Tuesday, 7 April 2009, at 1800 
UTC on IRC Freenode."

Join #fedora-board-meeting to see the Board's conversation.

Join #fedora-board-public to discuss topics and post questions. This 
channel is read/write for everyone.

Paul also mentioned a change in the procedure for the meeting. "We're 
trying something new (albeit in a minor way) in this meeting. The 
moderator will still be available to gather input from the 
#fedora-board-public channel, but will voice people, one at a time, in 
the queue in the #fedora-board-meeting channel."

---  Security ---

Paul Frields also issued[3] a detailed, and final report to the Fedora 
community regarding the August 2008 intrusion. Because of the detailed 
nature of the announcement, rather than summarize it here, your 
correspondent encourages people to read the full link.

    1. ↑ https://fedoraproject.org/wiki/User:Pfrields
    2. ↑ 
    3. ↑ 

---  Fedora 11 ---

Jesse Keating[1] announced[2] the release of Fedora 11 Beta on March 31. 
More details about this release will appear later in this week's FWN.

    1. ↑ https://fedoraproject.org/wiki/JesseKeating
    2. ↑ 

---  FUDCon Berlin 2009 ---

Max Spevack[1] reminded[2] the community about FUDCon Berlin 2009[3], 
including registration[4], lodging[5], and speaking[6] opportunities.

    1. ↑ https://fedoraproject.org/wiki/MaxSpevack
    2. ↑ 
    3. ↑ https://fedoraproject.org/wiki/FUDCon:Berlin_2009
    4. ↑ https://fedoraproject.org/wiki/FUDCon:Berlin_2009_attendees
    5. ↑ https://fedoraproject.org/wiki/FUDCon:Berlin_2009_lodging
    6. ↑ http://fedoraproject.org/wiki/FUDCon_Berlin_and_LinuxTag_2009_talks

---  Upcoming Events ---

April 15: NYLUG[1] in New York, New York, USA.

April 17-19: Summer Geek Camp 2[2] in Antipolo City, Phillipines.

April 18: BarCamp Rochester[3] in Rochester, New York, USA.

April 19-22: Red Hat EMEA Partner Summit[4] in Malta.

April 24-25: FLISOL, all over the LATAM region.

April 25: Trenton Computer Festival[5] in Trenton, New Jersey, USA.

April 25-26: Linux Fest Northwest[6] in Bellingham, Wasthington, USA.

    1. ↑ http://nylug.org/
    2. ↑ http://fedora.bluepoint.com.ph/index.php?entry=20090204000843
    3. ↑ http://barcamprochester.org/
    4. ↑ https://fedoraproject.org/wiki/Red_Hat_EMEA_Partner_Summit_2009
    5. ↑ http://tcf-nj.org/
    6. ↑ https://fedoraproject.org/wiki/LinuxFest_Northwest_%28LFNW%29_2009

--  Planet Fedora --

In this section, we cover the highlights of Planet Fedora - an 
aggregation of blogs from Fedora contributors worldwide.


Contributing Writer: Adam Batkin

---  General ---

Silas Sewell wrote[1] a tutorial on using the Qpid implementation of The 
Advanced Message Queuing Protocol (AMQP) on Fedora using Python.

Greg DeKoenigsberg provided[2] an updated on the Fourth Grade Math 
project for the Sugar Project.

Ankur Sinha posted[3] a bunch of photos from a Linux Open Week event.

Joseph Smidt discussed[4] some thoughts on Intellectual Property in 
"Open Source Is The Pinnacle Of The Free Market".

Adam John Miller gave a talk about Fedora Infrastructure and posted[5] 
the key points as well as the slides.

John Poelstra announced[6] Fedora 12! Not really. But he did announce 
that the Features process for Fedora 12 has been started and a draft 
schedule posted.

Bryan Clark tested[7] Right-to-Left localization in Thunderbird, and now 
you can too!

Scott Williams reviewed[8] Songbird (media player using the Mozilla core 
technologies) and Flock, a socially-enabled web browser based on Firefox.

Eelko Berkenpies announced[9] that KDE 4.2.2 is now available in the 
Testing repository for Fedora 10, but also provided information on how 
to easily install it early if you like to live on the edge.

Paul W. Frields discussed[10] some of what the Fedora Infrastructure 
project does, and included a link to a presentation from PyCon 2009 on 
the topic.

James Antill posted[11] "Why trusted third party repos. will always be a 
bad idea".

    1. ↑ 
    2. ↑ http://gregdek.livejournal.com/49272.html
    3. ↑ 
    4. ↑ 
    5. ↑ 
    6. ↑ http://poelcat.wordpress.com/2009/04/02/fedora-12-is-next/
    7. ↑ http://clarkbw.net/blog/2009/04/02/testing-rtl-in-thunderbird/
    8. ↑ http://vwbusguy.wordpress.com/2009/04/02/review-songbird-and-flock/
    9. ↑ http://blog.berkenpies.nl/2009/04/03/fedora-10-and-kde-422/
   10. ↑ http://marilyn.frields.org:8080/~paul/wordpress/?p=1580
   11. ↑ http://illiterat.livejournal.com/6716.html

--  Developments --

In this section the people, personalities and debates on the 
@fedora-devel mailing list are summarized.

Contributing Writer: Oisin Feeley

---  Noarch with pkconfig Files ---

Peter Robinson asked[1] for help building his 
<package>gupnp-vala</package> package as noarch. The complication was 
that it contained a pkgconfig file.

Several helpful responses, such as Michael Schwendt's[2] suggested 
installing pkgconfig files into /usr/share/pkgconfig instead of one of 
the /usr/lib directories. Toshio Kuratomi thought[3] that the problem 
was that the package did not use the new noarch-subpackage feature but 
instead tried to be a regular noarch package.

Ville Skyttä ran[4] the rpmlint check and confirmed that it warned 
exactly of this misuse of a libdir macro.

In response to a subsidiary question Jesse Keating explained[5] that the 
noarch packages merely appeared to be present in each of the different 
architecture trees because they were hard-linked.

    1. ↑ 
    2. ↑ 
    3. ↑ 
    4. ↑ 
    5. ↑ 

---  Fedora and OpenSolaris Dualboot Issue Solved ---

After Ahmed Kamal reported[1] that a ZFS formatted partition seemed to 
be causing a Fedora 11 Beta installation failure there was a quick 
response. Eric Sandeen noted[2] that a patch had already been 
produced[3] by Dave Lehman to merely log the problem instead of raising 
an error. The bugzilla entry suggested[4] that the root problem was due 
to udev failing to recognize ZFS properly.

    1. ↑ 
    2. ↑ 
    3. ↑ 
    4. ↑ https://bugzilla.redhat.com/show_bug.cgi?id=494070

---  fallocate(2) Preferred Glibc Interface for Preallocation ? ---

James Ralston noted[1] the adoption of the ext4 filesystem in Fedora 11 
and suggested that in order to use its preallocation features more 
efficiently it would be useful to patch applications. This could help 
avoid the current "double write" penalty currently incurred[2] by 
preallocation in which the reserved space is first filled with nulls. 
James wondered whether there was a better interface to do this than 
glibc's posix_fallocate() which first attempts the allocation and then 
falls "[...] back to writing nulls to fill up the requested range if 
fallocate() fails."

Eric Sandeen suggested[3] using fallocate(2) which is present in the 
glibc version in rawhide and provided a test program to investigate how 
well this would work.

    1. ↑ 
    2. ↑ 
    3. ↑ 

---  Rawhide Report Glitches Resolved ---

After a few "Rawhide Reports" were missed Alex Lancaster asked[1] what 
was going on. Josh Boyer answered[2] that pungi for i386 was failing.

Rawhide Reports resumed[3] on 2009-04-04.

    1. ↑ 
    2. ↑ 
    3. ↑ 

---  XULRunner Committable by non-Provenpackagers ---

The summary of the 2009-04-03 FESCo meeting indicated[1] that 
"Firefox/Thunderbird/XULRunner" are open for commits by those who do not 
have "provenpackager" status. Also discussed and declined for such 
changes were: popt; initscripts; ethtool; lvm-related packages; and hwdata.

Jon Stanley also noted[2] that he was going to shoulder the burden of 
providing his excellent summaries of FESCo meetings.

    1. ↑ 
    2. ↑ 

---  Provenpackager Policies ---

Also discussed in the 2009-04-04 FESCo meeting were several requests for 
"provenpackager" and "sponsor" status. This followed[1] on the heels of 
work done by Patrice Dumas to codify some meanings and processes around 

A general concern was expressed[2] in the IRC meeting that the ability 
of a provenpackager to modify others' packages should not be used 
lightly. David Woodhouse warned that "provenpackagers who commit to 
other packages without even _trying_ to coordinate with the owner should 
expect censure" and Jon Stanley posted a helpful link[3] to a wiki entry 
on "Who is allowed to modify which packages".

    1. ↑ 
    2. ↑ http://bpepple.fedorapeople.org/fesco/FESCo-2009-04-03.html
    3. ↑ 

---  Python3K Planning ---

Toshio Kuratomi reported[1] on a PyCon[2] talk on Python 3 
incompatibility which he had attended. LennartRegebro's "Python 3 
Compatibility"[3] talk stimulated Toshio to consider how to port older 
python code to python-2.6's py3 compatiblity layer.

When Jochen Schmitt suggested a compatibility package Tom Callaway 
replied[4] that this would just be a crutch that perpetuated upstream 
projects unwillingness to move to Python 3. Tom preferred that Fedora 
developers would "[...] help port such applications to Python 3, and do 
so in a way that they detect the version of python at runtime and set 
defines appropriately. That way, we can have applications ready for 
Python3 before we actually make the switch."

There seemed[5] to be rough agreement between Toshio Kuratomi and James 
Antill that some way of allowing python3 modules and an interpreter in 
parallel to python-2 would be necessary.

Ignacio Vazquez-Abrams linked[6] to video of all the PyCon 2009 sessions.

    1. ↑ 
    2. ↑ http://us.pycon.org/
    3. ↑ 
    4. ↑ 
    5. ↑ 
    6. ↑ 

--  Translation --

This section covers the news surrounding the Fedora Translation (L10n) 


Contributing Writer: Runa Bhattacharjee

---  Transifex version updated ---

The transifex instance for translate.fedoraproject.org has been updated 
to v 0.5.2[1] to resolve problems related to the submission of a few 
files. Earlier during the week, transifex was updated to v 0.5.1[2] and 
the submission problems were promptly reported by NorikoMizumoto[3]. The 
issues were resolved in the newer 0.5.2 release.

    1. ↑ 
    2. ↑ 
    3. ↑ 

---  Translation submission for yum, ibus and Virtuzalization modules ---

Translations for yum, ibus[1] and the virtualization-modules[2] would 
not be possible via the submission interface at 
translate.fedoraproject.org at present. Individual bugs have been filed 
to collect the translations for all languages for ibus and 
virtualization-modules[3][4]. For yum, at present there is no central 
bug to collect the translations, however the main module page[5] has the 
notification and template link[6] to allow translators to file a bug for 
their language.

    1. ↑ 
    2. ↑ 
    3. ↑ 
    4. ↑ 
    5. ↑ https://translate.fedoraproject.org/tx/projects/yum/
    6. ↑ 

---  Fedora 11 Preview Release Notes Translation ---

KarstenWade announced the availability of the Fedora 11 Preview Release 
Notes for translation[1]. The last date to send translations for Fedora 
11 Preview Release Notes in April 14th 2009. However, translations can 
be continued until May 8th 2009 for the Final version of the Fedora 11 
Release Notes.

    1. ↑ 

---  Fedora Module Categorization for Translation ---

As part of re-organization of translation module categories, a help 
page[1] is being put up[2] by Piotr Drąg to categorize the various 
modules available for translation via translate.fedoraproject.org.

    1. ↑ http://fedoraproject.org/wiki/L10N/GUI
    2. ↑ 

---  New Members/Co-ordinators in FLP ---

Mohsen Saeedi takes over co-ordinatorship of the Persian Team from Ali 
Majdzadeh[1]. Tamas Szots (Hungarian)[2], João Diogo Ferreira 
(Portuguese)[3], Behdad Pournader (Persian)[4] joined the Fedora 
Localization Project last week.

    1. ↑ 
    2. ↑ 
    3. ↑ 
    4. ↑ 

--  Infrastructure --

This section contains the discussion happening on the 


Contributing Writer: Huzaifa Sidhpurwala

---  Intrusion update ---

Mike McGrath sent a link [1] to the list about the intrusion which was 
sent to the fedora-announce-list earlier.[2]

Mike said that he was waiting to discuss authentication mechanisms for 
the fedora-servers, Since passwords+ssh keys are not the most secure 
authentication mechanism. Also it seems that fedora does not have the 
budget for any RSA token like system for authentication.

There was a lot of discussion on this thread, with various people 
proposing different authentication mechanisms which could be used.

DennisGilmore started a similar thread about Auth Mechanims[3] on which 
he discussed using etoken or Yubikey for authentication. It was a two 
factor authentication and therefore was more secure than passphrase or 
ssh keys.

    1. ↑ 
    2. ↑ 
    3. ↑ 

--  Artwork --

In this section, we cover the Fedora Artwork Project.


Contributing Writer: Nicu Buculei

---  Meet the Lion ---

After the first reactions following the inclusion of a new wallpaper 
concept in Rawhide for the Beta release, more members of @fedora-art 
endorsed the proposal made last week by Samuele Storari for a new 
concept and Máirí­n Duffy concluded[1]: "I have to agree with this.Would 
anyone be especially opposed to going with Samuele's Lion idea, seeing 
that both Samuele and Charlie have committed to helping out with it?".

The work on the new concept advanced with a few Plymouth proposals[2] 
from Charles Brej and an anaconda splash [3] Samuele Storari.

    1. ↑ 
    2. ↑ 
    3. ↑ 

---  Interview with the Art Team ---

The Fedora Art Team reveived[1] the request to participate in an 
interview for the Linux Graphics Users forum[2] and a few members of the 
team replied: Nicu Buculei[3], Luya Tshimbalanga[4] and Maria Leandro[5]

    1. ↑ 
    2. ↑ http://linuxgraphicsusers.com/
    3. ↑ 
    4. ↑ 
    5. ↑ 

---  A Mascot for Fedora? Better Not! ---

Ashiqur Rahman Angel asked[1] on @fedora-art about a mascot "Is there 
any possibility of a new mascot based on recent versions of Fedora?". 
Wile some tried to design a cute character[2], Nicu Buculei noted[3] the 
past abandon of such an initiative "The general opinion of the larger 
community was that we don't need a mascot, so we didn't pursue the 
effort" and [[User:pfrields|Paul W. Frields] went further[4], arguing 
strongly against "A mascot would be brand diluting at this point, so my 
inclination is against having one."

    1. ↑ 
    2. ↑ 
    3. ↑ 
    4. ↑ 

--  Fedora Weekly Comic --

Many of you may already follow the regular weekly Fedora comic that Nicu 
Buculei produces. Starting this issue, we will begin including Nicu's 
comic in FWN. Please give Nicu and your editors some feedback on the 
comic. Enjoy!

This week's installment: Ctrl + Alt + Backspace[1]


    1. ↑ 

--  Security Week --

In this section, we highlight the security stories from the week in Fedora.

Contributing Writer: JoshBressers

---  April Fools! ---

Probably the biggest not story this week was the Conficker Worm not 
ending the world on April 1. From a security perspective, designing the 
worm to activate on April 1 was brilliant. The Internet is probably 90% 
nonsense on any given day, but April 1 pushes that dial to an 11. If you 
want to do something and not get the word out, do it on April 1. Had the 
worm actually done something interesting, would anyone believe the story?

---  April Fools? ---

The other biggest non April Fools story is probably OpenSSL 1.0.0 Beta 1 
[1] being released on April 1. Openssl has been at version 0.9 for as 
long as most people can remember. It's great to see it nearing version 1.0.0

    1. ↑ http://www.openssl.org/source/

--  Security Advisories --

In this section, we cover Security Advisories from fedora-package-announce.


Contributing Writer: David Nalley

---  Fedora 10 Security Advisories ---

     * seamonkey-1.1.15-3.fc10 - 
     * moodle-1.9.4-6.fc10 - 

---  Fedora 9 Security Advisories ---

     * seamonkey-1.1.15-3.fc9 - 
     * glib2-2.16.6-3.fc9 - 
     * moodle-1.9.4-6.fc9 - 

--  Virtualization --

In this section, we cover discussion on the @et-mgmnt-tools-list, 
@fedora-xen-list, @libvirt-list and @ovirt-devel-list of Fedora 
virtualization technologies.

Contributing Writer: Dale Bewley

---  Fedora Virtualization List ---

This section contains the discussion happening on the fedora-virt list.

----  Fedora Virtualization Status Report ----

Mark McLoughlin's status report[1] this week reminds us that the final 
development freeze[2] for Fedora 11 is coming up on April 14, 2009, and 
"there's a huge pile of bug-fixing and polish work to do".

"If you're looking to help out, there's no better place to start than 
the F11VirtBlocker[3] and F11VirtTarget[4] tracker bugs."

Read on for more coverage of virtualization developments in the past week.

    1. ↑ http://www.redhat.com/archives/fedora-virt/2009-April/msg00006.html
    2. ↑ http://fedoraproject.org/wiki/ReleaseEngineering/DevelFreezePolicy
    3. ↑ 
    4. ↑ 

----  Using kvm-autotest to test Fedora KVM ----

Mark McLoughlin explained[1] "upstream KVM developers are working hard 
on a suite of regression tests for KVM. It would be hugely helpful if 
people could run kvm-autotest[2] on their own machines to try and catch 
as many KVM issues as possible." Mark also provided a howto[3].

    1. ↑ http://www.redhat.com/archives/fedora-virt/2009-April/msg00007.html
    2. ↑ http://www.linux-kvm.org/page/KVM-Autotest
    3. ↑ http://fedoraproject.org/wiki/Testing_KVM_with_kvm_autotest

---  Fedora Xen List ---

This section contains the discussion happening on the fedora-xen list.

----  Experimental Dom0 Kernel Update ----

Michael Young announced[1] his repository[2] "is up to kernel 
2.6.29-1.2.18.fc11. This one is based on push2/xen/dom0/master[3] rather 
than xen/dom0/hackery which should be closer to what is proposed for the 
2.6.30 merge. It also has CONFIG_HIGHPTE=n (for x86), but my attempts to 
add squashfs 3 in addition to squashfs 4 didn't work as it seems you 
can't build both."

    1. ↑ http://www.redhat.com/archives/fedora-xen/2009-March/msg00084.html
    2. ↑ http://fedorapeople.org/~myoung/dom0/
    3. ↑ http://git.kernel.org/?p=linux/kernel/git/jeremy/xen.git;a=summary

---  Libvirt List ---

This section contains the discussion happening on the libvir-list.
--  New Release libvirt 0.6.2

Daniel Veillard announced[1] a new image:Echo-package-16px.pnglibvirt 
release, version 0.6.2.

"This is mostly a bug fix release, though it also includes a few new 
features and some improvements:"

New features:

     * support SASL auth for VNC server (Daniel Berrange)
     * memory ballooning in QEMU (Daniel Berrange)
     * SCSI HBA storage pool support (Dave Allan)
     * PCI passthrough in Xen driver (Daniel Berrange)


     * get CPU usage info for LXC (Ryota Ozaki)
     * fix domain RNG to add ac97 and tests (Pritesh Kothari)
     * OpenVZ support for non-template filesystem root (Florian Vichot)
     * improve arch capabilities generation (Daniel Berrange)
     * modularization of spec file (Ryota Ozaki)
     * better error reports in SEXPR generation (Daniel Berrange)
     * support for vifname parameter in VIF config (Daniel Berrange)
     * localtime handling for new xen (Daniel Berrange)
     * error reporting/ verification of security labels (Dan Walsh)
     * add --console arg for create and start virsh commands (Daniel 
     * refresh volume alloc/capacity when dumping XML (Cole Robinson)

This release comes one month after the release of 0.6.1[2].

Daniel Veillard referred[3] to the scheduling conversation last week 
(FWN#169[4]) when reitterating the plan for a feature freeze around 
April 17th and a release of 0.6.3 around April 24th.

"Plannned so far for 0.6.3 are:

     * API for physical host interface
     * the VirtualBox driver if in shape and in time

but that's not an exhaustive list and there is a couple of drivers 
submitted I need to look at (OpenNebula for example)."

    1. ↑ http://www.redhat.com/archives/libvir-list/2009-April/msg00084.html
    2. ↑ 
    3. ↑ http://www.redhat.com/archives/libvir-list/2009-April/msg00085.html
    4. ↑ 

----  First Release netcf 0.0.1 ----

Less that 3 months since compsing the RFC(FWN#159[1]) David Lutterkort 
announced[2], the release of image:Echo-package-16px.pngnetcf[3] 0.0.1. 
This is "the initial release of a library for managing network 
configuration in a platform agnostic manner. If I were into code names, 
this would be the 'what have you been waiting for' release."

"Netcf does its work by directly modifying the 'native' configuration 
files of the host it is running on; this avoids a whole class of 
problems caused by similar approaches that do network configuration 
behind the back of the native mechanisms. The API allows listing of 
configured interfaces, defining the configuration of an interface, 
retrieving the same (regardless of whether the interface was initially 
configured with netcf or not), and bringing interfaces up and down. This 
functionality is needed both by image:Echo-package-16px.pnglibvirt and 
image:Echo-package-16px.pngNetworkManager, so it seemed only logical to 
move their common needs into a separate library."

Laine Stump is already working on patches[4] to add the netcf calls in 
the libvirt API.

Read the announcement for more information such as the new mailing list 
for netcf development discussion and where to find the test builds for 
Fedora 10.

    1. ↑ 
    2. ↑ http://www.redhat.com/archives/libvir-list/2009-April/msg00068.html
    3. ↑ http://fedorahosted.org/netcf/
    4. ↑ http://www.redhat.com/archives/libvir-list/2009-April/msg00050.html

=== end FWN 170 ===

Pascal Calarco, Fedora Ambassador, Indiana, USA

More information about the announce mailing list