Fedora Leadership nominations open

Jan Kirik, the Fedora Program Manager as of this week, announced the call for nominations for positions on FESCo, the Fedora Engineering Steering Committee and for one of the elected postions on the Fedora Council, our top-level leadership and governance body. If you’re interested in helping lead Fedora’s technical and/or strategic direction, add your self-nomination.

Change submission deadline for F23

Fedora uses a Change Process to coordinate and communicate about big changes, both to keep everyone aligned internally and to help inform the rest of the world about what we’re doing. Fedora 23 is scheduled to ship to users somewhere around Halloween, and working back from that, change submissions should be submitted by June 23rd — about two weeks from now. If you’re interesting in working on something which has broad impact in Fedora, now’s the time to tell us about it.

Incidentally, see already-approved changes for F23 here. These have been okayed by FESCo — but please remember that at this early point, they’re mostly plans, not promises.

FedUp no more!

FedUp is the cleverly-named Fedora Updater, created as part of the Anaconda rewrite for Fedora 17. Anaconda is the system installer, and it was intentionally decided that it’s complicated enough without throwing upgrade into the mix. So: FedUp, instead.

Last week (but after I’d written 5tFTW), FedUp developer Will Woods announced that it’s time to retire it. Instead, the systemd offline updates process will be used, and that will be integrated into our standard update tools, so doing an upgrade from Fedora Workstation will be just like any other update in GNOME Software (except, of course, bigger).

Details need to be worked out, of course, including a command-line solution (possibly eventually still named fedup), and what exactly the Software UI will look like.

Why isn’t My Favorite Thing in the Software center?

Speaking of Software… developer Richard Hughes recently posted a technical note explaining why not all of the universe of software packaged for Fedora shows up there. The quick answer is that Software is meant to showcase a polished selection of desktop applications, and that includes making sure everything has complete AppData. If you maintain a package in Fedora that’s missing, look at adding this (ideally, upstream — in the project which makes the software itself). If you’re not a Fedora package maintainer but miss something, this might be a way to contribute so your favorite app or game shows up for everyone.

Or, if you just want all the desktop software packaged for Fedora to show, run:

gsettings set org.gnome.software require-appdata false

from the command line. (Or, just use dnf to install it.)

SELinux is good anti-venom!

In May, there was another highly-publicized software flaw, and since it’s the fashion to give these things catchy names, this one is “Venom”. This one was even hyped as “Bigger than Heartbleed“. And, hype or not, this is an example of a particularly scary class of exploits. Normally we assume virtual machines keep whatever’s in them from affecting the host — but this one attacks the hypervisor — in our case, KVM with QEMU.

SELinux, as found in Fedora, provides an extra layer of protection even against these kind of attacks, and SELinux guru Dan Walsh did a little analysis on his blog, concluding in understated form that there is a decent chance that these would have blocked the attack. Of course, we do urge everyone to make sure that they’re running the latest versions with all security updates applied.