Five Things in Fedora This Week (2014-06-03)
Reposted from http://fedoramagazine.org/five-things-in-fedora-this-week-2014-06-03/ Fedora is a big project, and it’s hard to follow it all. This series highlights interesting happenings in five different areas every week. It isn’t comprehensive news coverage — just quick summaries with links to each. Here are the five things for June 3rd, 2014: New Fedora Project Leader - So, there is a new Fedora Project Leader, and, despite inital rumors, it’s not an anthropomorphic hotdog. I'm excited to be able to say: it's me. I wrote a blog post about it: First Thoughts as Fedora Project Leader. Right now, the practical consequence is that this is going to be a more terse 5tFTW than usual. (I’m sure there will be more consequences later.) And, of course, thanks again to outgoing FPL Robyn Bergeron! Don't miss her "parting thoughts" blog post. * http://fedoramagazine.org/is-this-the-new-fedora-project-leader/ * http://fedoramagazine.org/first-thoughts-as-fedora-project-leader/ * http://robyn.io/2014/06/03/new-fpl/ Bodhi2 and Taskotron Activity Day - Bodhi is Fedora’s system for pushing out security and bugfix updates. Taskotron is our new system for QA automation. The former is getting a much-needed update and integration with the latter at the Bodhi2 and Taskotron Fedora Activity Days going on right now in Denver, Colorado. Fedora Infrastructure Lead Kevin Fenzi has reports from day 1 and day 2. * http://bodhi.fedoraproject.org * https://fedoraproject.org/wiki/Taskotron * http://fedoraproject.org/wiki/FAD_Bodhi2_Taskotron_2014 * http://www.scrye.com/wordpress/nirik/2014/06/01/bodhi2-taskotron-fad-day-1/ * http://www.scrye.com/wordpress/nirik/2014/06/03/bodhi2-taskotron-fad-day-2/ Fedora Server / CentOS SLS -- As part of the new community-based direction, the CentOS project has several new Special Interest Groups around Storage, Virtualization, and so on. There is a proposal to create a Simplified Linux Server (SLS) SIG. This has the mission to deliver > [...] turnkey CentOS-based solutions that are managed via a web and/or > REST-based interface. The focus is on taking the various application > silos and providing a cohesive solution to simplify deployment and > maintenance. This has a lot of overlap with the upcoming Fedora Server, and the groups working on each had a joint meeting to discuss common goals and sharing effort. It looks like this will be a productive collaboration for users and developers of both distros. * http://wiki.centos.org/SpecialInterestGroup * http://wiki.centos.org/SpecialInterestGroup/SLS]%20(not%20to%20be%20confused,%20of%20course,%20with%201992's%20Softlanding%20Linux%20System](http://en.wikipedia.org/wiki/Softlanding_Linux_System * http://fedoraproject.org/wiki/Server * https://lists.fedoraproject.org/pipermail/server/2014-May/001135.html Fedora Regional Community Index --- This one isn’t new, but it’s one of those things that’s been around for a while which many people may not be aware of: the Region-Specific Fedora Websites index, at http://fedoracommunity.org/. This site lists different domains and subdomains with local resources all around the world. Check it out to find groups in your area which you might not have been aware of, or just to see what Fedora looks like around the globe. * http://fedoracommunity.org/ FUDCon Beijing 2014 Reports --- FUDCon APAC (Asia-Pacific) was held last month in Beijing, China. Reports are in from Aditya Patawari, Ankur Sinha, Somvannda Kong, Nitesh Narayan Lal, Jiří Eischmann, and Robert Mayr. * http://devel.adityapatawari.com/2014/05/fudcon-beijing-day-1/ * http://ankursinha.in/blog/2014/05/29/fudcon-beijing-day-1-and-day-0/ * http://fedoracambodia.wordpress.com/2014/05/31/my-first-trip-of-fedora-project-to-fudcon-beijing-china/ * http://niteshnarayanlal.blogspot.com/2014/05/fudcon-beijing-2014-kick-off.html * http://eischmann.wordpress.com/2014/06/02/fudcon-apac-2014-in-beijing/ * http://morefedora.blogspot.com/2014/06/fudcon-apac-beijing-day-0-robert-mayr.html -- Matthew Miller Fedora Project Leader -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: Fwd: Ophaning lcms(1)
On 03.06.2014 23:20, Toshio Kuratomi wrote: https://apps.fedoraproject.org/packages/lcms/bugs/all lists a CVE. If lcms-11 is no longer going to be maintained in Fedora that (and any other) security flaws won't be addressed. It's therefore advisable for them to update to the new version of lcms if feasible. The affected packager would likely want to take ownership of lcms-1 and patch the security issues. -Toshio If it is a matter of patching security issues for the remaining lifetime of F19 and F20, I don't mind doing so if no-one of the current maintainers will. Sandro -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: F21 Self Contained Change: Docker Container Image
On Tue, Jun 03, 2014 at 12:35:00PM -0700, Adam Williamson wrote: > What "Fedora" exactly is the image going to contain? Fedora Server? > Fedora Cloud? Will it be a part of either of those products? If not, > what is its status, exactly? Who's responsible for it? Is it considered > a primary or frontline or whatever Fedora deliverable? Who's going to > test it? How's it going to be promoted in relation to all our other > deliverables? Those are some excellent questions. Tentative answers: - It will contain its own "spin" of Fedora. - The Fedora Cloud WG will be responsible initially, but long-term it might be better in Env & Stacks. - "Primary or frontline or whatever" -- um, we need to get back to you on that. - Cloud WG will test it; see above. - The intention is to > (I'm late on this, and I see the Change has been approved already, but > I'm not sure if any of the above questions were answered). Yeah, I don't think definitively. I made a ticket https://fedorahosted.org/cloud/ticket/65 and we'll talk about it Thursday. -- Matthew Miller-- Fedora Project-- "Tepid change for the somewhat better!" -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: Fwd: Ophaning lcms(1)
https://apps.fedoraproject.org/packages/lcms/bugs/all lists a CVE. If lcms-11 is no longer going to be maintained in Fedora that (and any other) security flaws won't be addressed. It's therefore advisable for them to update to the new version of lcms if feasible. The affected packager would likely want to take ownership of lcms-1 and patch the security issues. -Toshio -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: Current FTBFS packages (was Re: [ACTION REQUIRED] Retiring packages for Fedora 21)
On Tuesday, June 3, 2014, 2:37:49 AM, Dan Horák wrote: > On Mon, 2 Jun 2014 23:54:10 +0200 > Till Maas wrote: >> On Mon, Jun 02, 2014 at 04:36:28PM -0400, Al Dunsmuir wrote: >> >> > Please do not start deleting ppc32-only packages. >> > >> > A few of us would like to resurrect ppc32, likely initially >> > as a Fedora Remix. Deleting ppc32-only packages just adds >> > more work to that effort. >> >> ok, but I guess there is no package left that is not properly >> configured in primary koji. If you continue with this effort, please >> re-open the rel-eng ticket in my other e-mail regarding yaboot. > In the past it wasn't possible to block secondary arch only package in > primary koji after it was introduced there, because during some releng > action (branching, mass rebuild?) it affected also the secondary koji. > Or pkgdb, maybe both. The result was that secondary arch only package > was not accessible for commits and blocked in secondary koji and we > had to resolve it manually with dgilmore. So please be careful. I think > the problem was that pkgdb had no information about arches, it worked > globally. Thanks for the heads-up! -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: F21 System Wide Change: Workstation: Enable Software Collections
On Sun, 2014-04-20 at 18:56 +0200, Kevin Kofler wrote: > Jaroslav Reznik wrote, on behalf of Matthias Clasen: > > The Software Collections repositories will be enabled by default. > > So we now allow shipping the configuration for third-party repositories, > even enabled by default? Is April 1st still not over yet? > > If you want those packages in Fedora, they need to get into the Fedora > repository. THREAD NECRO ALERT I wouldn't put it as strongly as Kevin, but I do have some concerns about the implications here. Notably, https://www.softwarecollections.org/en/docs/licensing/ states: "We do not review source or packages for suitability of purpose, quality, or licensing" Fedora provides rather stronger guarantees on that front in our 'official' repositories. It seems like SCL has more or less the same policies and intents as Fedora, but is explicitly less proactive about 'policing' them. It therefore seems like this feature increases the risk to Fedora as a whole of 'blessing' badly broken or incorrectly licensed software. It would be nice to emphasize the distinction between software from the Fedora repositories and software from the SCL project, at least. yum and dnf do this to at least a limited extent already (you can see what repo a package is coming from, when you install it), but have we considered whether that's sufficient, and if it would be worthwhile to try and improve on it? -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net http://www.happyassassin.net -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: Current FTBFS packages (was Re: [ACTION REQUIRED] Retiring packages for Fedora 21)
On 06/01/2014 05:24 AM, Till Maas wrote: > R-bigmemory spot, spot RETIRED > log4net spot, cicku, spot Fixed and built in rawhide: log4net-1.2.13-1.fc21 > netgospot, spot RETIRED > rpc2 spot, nhorman, spot Fixed and built in rawhide: rpc2-2.10-9.fc21 > tkimgspot, spot Fixed and built in rawhide (I hate this package so much, it is the definition of crufty): tkimg-1.4-16.fc21 > xsupplicant spot, spot Fixed and built in rawhide: xsupplicant-2.2.0-8.fc21 ~tom == ¸.·´¯`·.´¯`·.¸¸.·´¯`·.¸><(((º> OSAS @ Red Hat University Outreach || Fedora Special Projects || Fedora Legal <>-- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: F21 Self Contained Change: Docker Container Image
On Fri, 2014-04-11 at 14:19 +0200, Jaroslav Reznik wrote: > = Proposed Self Contained Change: Docker Container Image = > https://fedoraproject.org/wiki/Changes/Docker_Container_Image > > Change owner(s): Lokesh Mandvekar , Dennis Gilmore > > > This is Fedora running inside Docker. Currently, there are non-official > images > in the docker index, but we'd like them to really come out of release > engineering. > > == Detailed Description == > The public docker registry [1] hosts many fedora images [2] including an > unprefixed (semi-official) image [3]. However, this image doesn't have > rel-eng > approval which would be required for a fully official image. > > == Scope == > * Proposal owners: The proposal owner needs to build the image tarballs with > the official kickstart scripts and make them available to docker's stackbrew > repo, which is used by the Docker maintainers to build unprefixed images. > > Release Engineering approval/intervention would be needed at some point > (details still TBD) > > * Other developers: N/A (not a System Wide Change) > * Release engineering: Official Release Engineering image approval. Process > still TBD. > * Policies and guidelines: N/A (not a System Wide Change) NECRO ALERT So, this adds yet another to our rather teetering pile of deliverables to consider the relative importance / status of, and for releng to generate zillions of times per cycle. What "Fedora" exactly is the image going to contain? Fedora Server? Fedora Cloud? Will it be a part of either of those products? If not, what is its status, exactly? Who's responsible for it? Is it considered a primary or frontline or whatever Fedora deliverable? Who's going to test it? How's it going to be promoted in relation to all our other deliverables? (I'm late on this, and I see the Change has been approved already, but I'm not sure if any of the above questions were answered). -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net http://www.happyassassin.net -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: retrace server broken?
On Tue, Jun 3, 2014 at 12:42 PM, Neal Becker wrote: > -- Running report_uReport --- > Server responded with an error: 'Validation failed: Element 'frames' is > missing' > reporter-ureport failed with exit code 1 > ('report_uReport' exited with 1) > I'm seeing the same, and have been for several days. Seems it's been reported at https://github.com/abrt/abrt/issues/817 -Jared -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
retrace server broken?
-- Running report_uReport --- Server responded with an error: 'Validation failed: Element 'frames' is missing' reporter-ureport failed with exit code 1 ('report_uReport' exited with 1) --- Running report_EmergencyAnalysis --- Compressing data Sending /var/tmp/oops-2014-06-03-13:41:11-7574-0.tar.gz to https://retrace.fedoraproject.org/faf/dumpdirs/new/ Successfully sent /var/tmp/oops-2014-06-03-13:41:11-7574-0.tar.gz to https://retrace.fedoraproject.org/faf/dumpdirs/new/ 500 Internal Server Error Internal Server Error The server encountered an internal error or misconfiguration and was unable to complete your request. Please contact the server administrator, webmas...@fedoraproject.org and inform them of the time the error occurred, and anything you might have done that may have caused the error. More information about this error may be available in the server error log. Apache/2.2.15 (Red Hat) Server at retrace.fedoraproject.org Port 443 -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
[Test-Announce] June 2014 Rawhide validation matrices are up!
Hey folks! Just a note that I've put up the validation matrices for June 2014 (thanks pwhalen and satellit for the reminders): https://fedoraproject.org/wiki/Test_Results:Fedora_21_Rawhide_2014_06_Install https://fedoraproject.org/wiki/Test_Results:Fedora_21_Rawhide_2014_06_Base please enter results from Rawhide testing during May in these pages, not the 2014_05 ones. Those are archived for posterity now. :) In case anyone needs a refresher on this testing - https://lists.fedoraproject.org/pipermail/test/2014-April/120792.html , https://lists.fedoraproject.org/pipermail/test/2014-April/120931.html . I've transferred the 201406 results folks had put in the 201405 pages across. of course, anyone can create these pages, not just me! Here's a pseudo-SOP. There's no template - go into the edit history of the current month's page and find the 'clean' version of the page - the last edit before any actual results are added. Copy and paste that as the basis of the new page. Change all occurrences of the month's name and search/replace occurrences of '2014xx' (e.g. I replaced '201405' with '201406' this time). That should do it. -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net http://www.happyassassin.net ___ test-announce mailing list test-annou...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/test-announce -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: Fwd: Ophaning lcms(1)
On Mon, Jun 2, 2014 at 5:23 PM, Till Maas wrote: > On Mon, Jun 02, 2014 at 10:39:56PM +0200, Nicolas Chauvet wrote: > > > # repoquery --whatrequires liblcms.so.1 --source > > cinepaint-1.4-5.fc20.src.rpm > > cmyktool-0.1.6-0.6.pre1.fc20.src.rpm > > DevIL-1.7.8-16.fc20.src.rpm > > entangle-0.5.3-2.fc20.src.rpm > > f-spot-0.8.2-11.fc20.src.rpm > > geeqie-1.1-13.fc20.src.rpm > > gimp-separate+-0.5.8-10.fc20.src.rpm > > hylafax+-5.5.4-1.fc20.src.rpm > > libmng-1.0.10-12.fc20.src.rpm > > mate-image-viewer-1.6.2-2.fc20.src.rpm > > oyranos-0.4.0-12.fc20.src.rpm > > photoprint-0.4.2-0.12.pre2.fc20.src.rpm > > python-pillow-2.2.1-4.fc20.src.rpm > > rawstudio-2.0-12.fc20.src.rpm > > rawstudio-2.0-12.fc20.src.rpm > > sK1-0.9.1-0.8.pre_rev730.fc20.src.rpm > > Ther > inkscape (maintained by: limb, duffy, lkundrak) > inkscape-0.48.4-16.fc21.src requires lcms-devel = > 1.19-11.fc21 > > rawstudio (maintained by: giallu) > > > Regards > Till > -- > devel mailing list > devel@lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/devel > Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct libmng uses lcms2 in rawhide, and I just updated inkscape to do the same. -- http://cecinestpasunefromage.wordpress.com/ in your fear, seek only peace in your fear, seek only love -d. bowie -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: Build lua libraries also for compat-lua?
On 05/29/2014 06:31 PM, Tomasz Torcz wrote: On Tue, May 13, 2014 at 11:17:39AM +0200, Jan Kaluža wrote: Hi, I'm playing with an idea of building lua libraries against compat-lua to allow luajit working with them. My initial motivation for this is that there are projects which don't work with Lua-5.2 and developers for various reasons don't want to port it to lua-5.2 yet (for example Prosody package). I'm OK with creating bugs and patches against some basic lua modules (basically the ones I need myself for Prosody :) ), but at first I wanted to ask Lua people here what do they think about it? Hi, Was there any progress with this? I'd love to see working Prosody package in F20. I have persuaded one proven packager to do this change in Fedora Rawhide and it looks there is no problem with it and Prosody is working in Rawhide now. I think I will ask him to backport this into F20, so I can rebuild Prosody in F20 too. Regards, Jan Kaluza -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Env and Stack WG meeting (2014-06-03)
No agenda, meeting cancelled. Marcela -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: Fwd: Ophaning lcms(1)
On 02.06.2014 23:07, Toshio Kuratomi wrote: On Mon, Jun 02, 2014 at 10:39:56PM +0200, Nicolas Chauvet wrote: python-pillow-2.2.1-4.fc20.src.rpm This one can be fixed by upgrading to 2.3.0 (or greater. 2.4.0 is current). 2.4.0 is what's in rawhide. Not sure if that's safe to push back to f20 and earlier. (Although I see that there's an insecure use of tempfile CVE that was ficed in 2.3.1 so maybe it makes sense to update even if there is API breakage.) @smani: Do you have more information here? -Toshio The API has never been broken as far as I can tell. I guess we could update to 2.4.0 (although given the number of packages which depend on pillow I wasn't planning to do so in a stable release), or otherwise we could backport [1]. But, more generally, why introduce such a change in a stable release? Can't lcms just be removed for F21+? Sandro [1] https://github.com/python-pillow/Pillow/pull/380 -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: Fwd: Ophaning lcms(1)
On Mon, Jun 02, 2014 at 10:39:56PM +0200, Nicolas Chauvet wrote: > Hello, > > I'm orphaning lcms, this package has seen few security issue and upstream > claim it's deprecated over lcms2 > > # repoquery --whatrequires liblcms.so.1 --source > entangle-0.5.3-2.fc20.src.rpm FYI the repo you're pointing to is outdated - current Fedora 20 updates is on version 0.6.0, which uses lcms2 instead. Regards, Daniel -- |: http://berrange.com -o-http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: Fwd: Ophaning lcms(1)
Hi, On 06/02/2014 10:39 PM, Nicolas Chauvet wrote: > Hello, > > I'm orphaning lcms, this package has seen few security issue and upstream > claim it's deprecated over lcms2 > > rhel 7 doesn't depends on it for the few package, so it might be an option > not to build lcms support for certain package > > > # repoquery --whatrequires liblcms.so.1 --source > DevIL-1.7.8-16.fc20.src.rpm I've just kicked of a build of DevIL which drops the use of lcms, so DevIL can be taken of the list. Regards, Hans -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct