Fedora Leadership nominations open
Jan Kirik, the Fedora Program Manager as of this week, announced the call for nominations for positions on FESCo, the Fedora Engineering Steering Committee and for one of the elected postions on the Fedora Council, our top-level leadership and governance body. If you’re interested in helping lead Fedora’s technical and/or strategic direction, add your self-nomination.
Change submission deadline for F23
Fedora uses a Change Process to coordinate and communicate about big changes, both to keep everyone aligned internally and to help inform the rest of the world about what we’re doing. Fedora 23 is scheduled to ship to users somewhere around Halloween, and working back from that, change submissions should be submitted by June 23rd — about two weeks from now. If you’re interesting in working on something which has broad impact in Fedora, now’s the time to tell us about it.
Incidentally, see already-approved changes for F23 here. These have been okayed by FESCo — but please remember that at this early point, they’re mostly plans, not promises.
FedUp no more!
FedUp is the cleverly-named Fedora Updater, created as part of the Anaconda rewrite for Fedora 17. Anaconda is the system installer, and it was intentionally decided that it’s complicated enough without throwing upgrade into the mix. So: FedUp, instead.
Last week (but after I’d written 5tFTW), FedUp developer Will Woods announced that it’s time to retire it. Instead, the systemd offline updates process will be used, and that will be integrated into our standard update tools, so doing an upgrade from Fedora Workstation will be just like any other update in GNOME Software (except, of course, bigger).
Details need to be worked out, of course, including a command-line solution (possibly eventually still named
), and what exactly the Software UI will look like.
Why isn’t My Favorite Thing in the Software center?
Speaking of Software… developer Richard Hughes recently posted a technical note explaining why not all of the universe of software packaged for Fedora shows up there. The quick answer is that Software is meant to showcase a polished selection of desktop applications, and that includes making sure everything has complete AppData. If you maintain a package in Fedora that’s missing, look at adding this (ideally, upstream — in the project which makes the software itself). If you’re not a Fedora package maintainer but miss something, this might be a way to contribute so your favorite app or game shows up for everyone.
Or, if you just want all the desktop software packaged for Fedora to show, run:
gsettings set org.gnome.software require-appdata false
from the command line. (Or, just use
to install it.)
SELinux is good anti-venom!
In May, there was another highly-publicized software flaw, and since it’s the fashion to give these things catchy names, this one is “Venom”. This one was even hyped as “Bigger than Heartbleed“. And, hype or not, this is an example of a particularly scary class of exploits. Normally we assume virtual machines keep whatever’s in them from affecting the host — but this one attacks the hypervisor — in our case, KVM with QEMU.
SELinux, as found in Fedora, provides an extra layer of protection even against these kind of attacks, and SELinux guru Dan Walsh did a little analysis on his blog, concluding in understated form that there is a decent chance that these would have blocked the attack. Of course, we do urge everyone to make sure that they’re running the latest versions with all security updates applied.
Instead, the systemd offline updates process will be used instead
I’m not native but isn’t that something like saying buttery butter?
Yes, it’s got too many “insteads”. I’ll fix. 🙂
The systemd offline updates sounds very interesting. It will effectively make Fedora a rolling distribution if it works properly and a lot less trouble to upgrade. Will BTRFS partitioning be a requirement to use it though or will it function with EXT4 for example?
Upgrades of Linux Distros, including Fedora has never worked too well !
If it was possible, I would favor a simple script to create a “kickstart” file, in order to re-install most of what is already installed.
This would at least allow to install a fresh version of the latest version, and mostly painlessly re-install currently installed apps, assuming repositories have been updated.
I had a peak, and found lack or shortage of documentation (I may not have looked in the right place, I admit) made creating such a script not so easy.
The somewhat obscure syntax of “kickstart” files does not help: looks like a quick hack which perhaps (like most successful hacks !) had a too long life?