Fedora @ Red Hat Summit, testing Rawhide, Heartbleed followup, Fedocal, and upcoming conferences….
Fedora is a big project, and it’s hard to follow it all. This series highlights interesting happenings in five different areas every week. It isn’t comprehensive news coverage — just quick summaries with links to each. Here are the five things for April 15th, 2014:
Live from Red Hat Summit
I’m posting this from the Fedora booth at Red Hat Summit in San Francisco. The Summit is Red Hat’s annual showcase conference, and of course we have a good Fedora presence. Fedora Project Leader Robyn Bergeron is on the scene, Ruth Suehle is setting up a demo on the big TV behind us, and Tom Callaway has the Lulzbot up and making 3D prints. If you’re at Summit, come by and say hello, ask questions, tell us answers, and so on.
Rawhide is Fedora’s continuously updated development tree. Long ago, it came with the scary warning that it would “eat babies” and other horrible things, but that’s been gone from the official line for about five years now. In fact, if you’re up for a little adventure (and have a second computer to get work done if it goes wrong), we’d love you to help test.
Fedora QA Community Monkey¹ Adam Williamson recently revamped the Rawhide wiki page to be more useful and clear, and launched an initiative for quality assurance volunteers to do ongoing validation testing so any problems are caught long before release. If this sounds interesting, join the Fedora QA team and help out.
I run Rawhide on my main desktop system but not my travel laptop; that way, I can always get some work done even when there’s a problem. But, really, it’s been mostly painless. I recommend keeping active on the mailing lists and checking the Rawhide Watch and This Week in Rawhide blogs daily.
1. That’s Adam’s semi-official title.
Fedora Heartbleed Followup
Last week’s main excitement — not just in Fedora! — was the “Heartbleed” vulnerability in OpenSSL, referred to by the industry-standard Common Vulnerabilities and Exposures identifier CVE-2014-0160. (If you missed the official Fedora updates, see Update on CVE-2014-0160, aka “Heartbleed” and Fedora Infrastructure information on Openssl vulnerability.)
I think our response to this went fairly well overall, but there’s always something to be learned from these incidents and things we could do better. There are two specific areas where I think we could improve. First, our normal process of releasing updates requires a lot of data crunching. I think it’d be useful to have a separate “urgent updates” repository that would enable us to get updates to users more quickly once they are ready to go. Second, it would be nice to have a standard process for getting packagers, a communications team, security experts, quality assurance, release engineers, and other responders “on the scene” quickly — a sort of “Fedora bat-signal“. Both of these ideas need some development, of course.
Another important thing we can do in advance is develop more test cases for key software. These can be followed as part of making sure updates are good to be pushed to users, rather than relying on ad hoc assessments (“works for me!”). This is an area where anyone can contribute — you don’t have to be a coder or a package maintainer. Pick a package that’s interesting to you and take a look at the instructions for creating a test case.
Fedocal — the Fedora Project calendar
A couple of weeks ago, I mentioned that the Fedora wiki is weighed down by too many different uses. One of those uses is scheduling: wiki pages and wiki tables are used as editable calendars. If you’ve ever tried to update one of these, you know that it can be painful. But we have a better tool: Fedocal. Read more about it, or see it live.
Fedora hackers Pierre-Yves Chibon (a.k.a. pingou) and Ralph Bean (threebean) recently added location support, which means that IRC-based meetings can use that for scheduling. In general, if you’re scheduling something in Fedora, this is the tool to use. Let’s avoid further wiki abuse!
Although the North American and European events are replaced by Flock to Fedora, our Fedora User and Developer Conferences are going strong worldwide. Upcoming events include FUDCon Beijing 2014 and FUDCon Managua 2014 in Nicaragua.
Also, speaking of Flock, don’t forget to vote on session proposals.
Thanks to Ankur Sinha for feeding me notes from Fedora Ambassadors meetings!