Fedora-Rawhide-20210327.n.1 compose check report
No missing expected images. Compose PASSES proposed Rawhide gating check! All required tests passed Failed openQA tests: 13/189 (x86_64), 15/127 (aarch64) New failures (same test not failed in Fedora-Rawhide-20210326.n.0): ID: 832800 Test: x86_64 KDE-live-iso desktop_notifications_live URL: https://openqa.fedoraproject.org/tests/832800 ID: 832810 Test: x86_64 KDE-live-iso desktop_login URL: https://openqa.fedoraproject.org/tests/832810 ID: 832819 Test: x86_64 Silverblue-dvd_ostree-iso install_default_upload URL: https://openqa.fedoraproject.org/tests/832819 ID: 832837 Test: aarch64 Minimal-raw_xz-raw.xz base_update_cli@uefi URL: https://openqa.fedoraproject.org/tests/832837 ID: 832841 Test: aarch64 Minimal-raw_xz-raw.xz base_reboot_unmount@uefi URL: https://openqa.fedoraproject.org/tests/832841 ID: 832842 Test: aarch64 Minimal-raw_xz-raw.xz base_system_logging@uefi URL: https://openqa.fedoraproject.org/tests/832842 ID: 832854 Test: aarch64 Server-dvd-iso support_server@uefi URL: https://openqa.fedoraproject.org/tests/832854 ID: 832876 Test: aarch64 Server-dvd-iso install_updates_nfs@uefi URL: https://openqa.fedoraproject.org/tests/832876 ID: 832954 Test: x86_64 universal install_blivet_xfs URL: https://openqa.fedoraproject.org/tests/832954 Old failures (same test failed in Fedora-Rawhide-20210326.n.0): ID: 832757 Test: x86_64 Server-dvd-iso modularity_tests URL: https://openqa.fedoraproject.org/tests/832757 ID: 832774 Test: x86_64 Server-dvd-iso server_cockpit_updates URL: https://openqa.fedoraproject.org/tests/832774 ID: 832784 Test: x86_64 Workstation-live-iso apps_startstop URL: https://openqa.fedoraproject.org/tests/832784 ID: 832806 Test: x86_64 KDE-live-iso desktop_update_graphical URL: https://openqa.fedoraproject.org/tests/832806 ID: 832807 Test: x86_64 KDE-live-iso apps_startstop URL: https://openqa.fedoraproject.org/tests/832807 ID: 832812 Test: x86_64 KDE-live-iso desktop_notifications_postinstall URL: https://openqa.fedoraproject.org/tests/832812 ID: 832838 Test: aarch64 Minimal-raw_xz-raw.xz base_services_start@uefi URL: https://openqa.fedoraproject.org/tests/832838 ID: 832839 Test: aarch64 Minimal-raw_xz-raw.xz base_selinux@uefi URL: https://openqa.fedoraproject.org/tests/832839 ID: 832840 Test: aarch64 Minimal-raw_xz-raw.xz base_service_manipulation@uefi URL: https://openqa.fedoraproject.org/tests/832840 ID: 832843 Test: aarch64 Minimal-raw_xz-raw.xz release_identification@uefi URL: https://openqa.fedoraproject.org/tests/832843 ID: 832857 Test: aarch64 Server-dvd-iso modularity_tests@uefi URL: https://openqa.fedoraproject.org/tests/832857 ID: 832908 Test: aarch64 Workstation-raw_xz-raw.xz desktop_browser@uefi URL: https://openqa.fedoraproject.org/tests/832908 ID: 832923 Test: x86_64 universal install_cyrillic_language URL: https://openqa.fedoraproject.org/tests/832923 ID: 832946 Test: x86_64 universal install_asian_language URL: https://openqa.fedoraproject.org/tests/832946 ID: 832981 Test: x86_64 universal install_arabic_language URL: https://openqa.fedoraproject.org/tests/832981 ID: 832996 Test: aarch64 universal install_cyrillic_language@uefi URL: https://openqa.fedoraproject.org/tests/832996 ID: 833006 Test: aarch64 universal install_asian_language@uefi URL: https://openqa.fedoraproject.org/tests/833006 ID: 833012 Test: aarch64 universal upgrade_minimal_64bit@uefi URL: https://openqa.fedoraproject.org/tests/833012 ID: 833032 Test: aarch64 universal install_arabic_language@uefi URL: https://openqa.fedoraproject.org/tests/833032 Soft failed openQA tests: 68/189 (x86_64), 49/127 (aarch64) (Tests completed, but using a workaround for a known bug) Old soft failures (same test soft failed in Fedora-Rawhide-20210326.n.0): ID: 832724 Test: x86_64 Server-boot-iso install_default@uefi URL: https://openqa.fedoraproject.org/tests/832724 ID: 832725 Test: x86_64 Server-boot-iso install_default URL: https://openqa.fedoraproject.org/tests/832725 ID: 832727 Test: x86_64 Server-dvd-iso install_default@uefi URL: https://openqa.fedoraproject.org/tests/832727 ID: 832728 Test: x86_64 Server-dvd-iso install_vncconnect_client URL: https://openqa.fedoraproject.org/tests/832728 ID: 832736 Test: x86_64 Server-dvd-iso install_default_upload URL: https://openqa.fedoraproject.org/tests/832736 ID: 832751 Test: x86_64 Server-dvd-iso install_vnc_server URL: https://openqa.fedoraproject.org/tests/832751 ID: 832752 Test: x86_64 Server-dvd-iso install_vncconnect_server URL: https://openqa.fedoraproject.org/tests/832752 ID: 832758 Test: x86_64 Server-dvd-iso install_repository_hd_variation URL: https://openqa.fedoraproject.org/tests/832758 ID: 832764 Test: x86_64 Server-dvd-iso server_realmd_join_kickstart URL: https://openqa.fedoraproject.org/tests/832764 ID: 832767 Test: x86_64 Server-dvd-iso install_repository_nfs_graphical
Fedora rawhide compose report: 20210327.n.1 changes
OLD: Fedora-Rawhide-20210326.n.0 NEW: Fedora-Rawhide-20210327.n.1 = SUMMARY = Added images:0 Dropped images: 0 Added packages: 29 Dropped packages:10 Upgraded packages: 126 Downgraded packages: 0 Size of added packages: 33.64 MiB Size of dropped packages:48.16 MiB Size of upgraded packages: 2.49 GiB Size of downgraded packages: 0 B Size change of upgraded packages: 5.03 MiB Size change of downgraded packages: 0 B = ADDED IMAGES = = DROPPED IMAGES = = ADDED PACKAGES = Package: centpkg-0.5.1-2.fc35 Summary: CentOS utility for working with dist-git RPMs:centpkg centpkg-sig Size:36.75 KiB Package: gr-funcube-1.0.0-1.fc35 Summary: GNURadio support for FUNcube Dongle Pro and FUNcube Dongle Pro+ RPMs:gr-funcube gr-funcube-devel gr-funcube-doc Size:3.02 MiB Package: guestfs-tools-1.45.2-5.fc35 Summary: Tools to access and modify virtual machine disk images RPMs:guestfs-tools guestfs-tools-bash-completion guestfs-tools-man-pages-ja guestfs-tools-man-pages-uk virt-dib virt-win-reg Size:22.42 MiB Package: kirigami-gallery-20.12.3-1.fc35 Summary: Gallery application built using Kirigami RPMs:kirigami-gallery Size:1.35 MiB Package: mcrouter-0.41.0-3.20210322git254a127.fc35 Summary: Memcached protocol router for scaling memcached deployments RPMs:mcrouter Size:5.14 MiB Package: ocaml-caml-mode-4.06-1.fc35 Summary: Opam file for caml-mode RPMs:emacs-caml-mode ocaml-caml-mode Size:128.05 KiB Package: perl-Clone-0.45-4.module_f35+11392+696a0b49 Summary: Recursively copy perl data types RPMs:perl-Clone Size:110.86 KiB Package: perl-Data-Dump-1.23-16.module_f35+11392+696a0b49 Summary: Pretty printing of data structures RPMs:perl-Data-Dump Size:33.23 KiB Package: perl-Digest-HMAC-1.03-27.module_f35+11392+696a0b49 Summary: Keyed-Hashing for Message Authentication RPMs:perl-Digest-HMAC Size:16.30 KiB Package: perl-Encode-Locale-1.05-19.module_f35+11392+696a0b49 Summary: Determine the locale encoding RPMs:perl-Encode-Locale Size:19.06 KiB Package: perl-File-Listing-6.14-2.module_f35+11392+696a0b49 Summary: Parse directory listing RPMs:perl-File-Listing Size:25.12 KiB Package: perl-HTML-Parser-3.76-1.module_f35+11675+faf9b34e Summary: Perl module for parsing HTML RPMs:perl-HTML-Parser Size:604.49 KiB Package: perl-HTML-Tagset-3.20-45.module_f35+11392+696a0b49 Summary: HTML::Tagset - data tables useful in parsing HTML RPMs:perl-HTML-Tagset Size:18.72 KiB Package: perl-HTTP-Cookies-6.10-2.module_f35+11392+696a0b49 Summary: HTTP cookie jars RPMs:perl-HTTP-Cookies Size:38.60 KiB Package: perl-HTTP-Date-6.05-5.module_f35+11392+696a0b49 Summary: Date conversion routines RPMs:perl-HTTP-Date Size:24.41 KiB Package: perl-HTTP-Message-6.29-1.module_f35+11675+faf9b34e Summary: HTTP style message RPMs:perl-HTTP-Message Size:97.05 KiB Package: perl-HTTP-Negotiate-6.01-28.module_f35+11392+696a0b49 Summary: Choose a variant to serve RPMs:perl-HTTP-Negotiate Size:19.98 KiB Package: perl-IO-HTML-1.004-2.module_f35+11392+696a0b49 Summary: Open an HTML file with automatic character set detection RPMs:perl-IO-HTML Size:28.30 KiB Package: perl-LWP-MediaTypes-6.04-7.module_f35+11392+696a0b49 Summary: Guess media type for a file or a URL RPMs:perl-LWP-MediaTypes Size:33.83 KiB Package: perl-LWP-Protocol-https-6.10-2.module_f35+11392+696a0b49 Summary: Provide HTTPS support for LWP::UserAgent RPMs:perl-LWP-Protocol-https Size:21.70 KiB Package: perl-Mozilla-CA-20200520-4.module_f35+11392+696a0b49 Summary: Mozilla's CA certificate bundle in PEM format RPMs:perl-Mozilla-CA Size:12.38 KiB Package: perl-NTLM-1.09-28.module_f35+11392+696a0b49 Summary: NTLM Perl module RPMs:perl-NTLM Size:22.17 KiB Package: perl-Net-HTTP-6.21-1.module_f35+11675+faf9b34e Summary: Low-level HTTP connection (client) RPMs:perl-Net-HTTP Size:40.63 KiB Package: perl-TimeDate-1:2.33-4.module_f35+11392+696a0b49 Summary: A Perl module for time and date manipulation RPMs:perl-TimeDate Size:51.71 KiB Package: perl-Try-Tiny-0.30-11.module_f35+11392+696a0b49 Summary: Minimal try/catch with proper localization of $@ RPMs:perl-Try-Tiny Size:37.42 KiB Package: perl-WWW-RobotRules-6.02-28.module_f35+11392+696a0b49 Summary: Database of robots.txt-derived permissions RPMs:perl-WWW-RobotRules Size:20.27 KiB Package: perl-libwww-perl-6.53-2.module_f35+11675+faf9b34e Summary: A Perl interface to the World-Wide Web RPMs:perl-libwww-perl Size:202.84 KiB Package: python-pyvirtualdisplay-2.1-1.fc35 Summary: Python wrapper for Xvfb, Xephyr and Xvnc RPMs:python3-pyvirtualdisplay Size:35.14 KiB Package: python-s-tui-1.1.1-3.fc35 Summary: Terminal-based CPU stress and monitoring utility RPMs:python3-s-tui Size:77.76 KiB = DROPPED PACKAGES = Package: glom-1.30
Re: Fedora Account Migration & Production Deployment Update: COMPLETE!
Kevin Fenzi wrote: > I'd like us to add security query/respond pairs. Those can very easily weaken security, as the answers are often public and easy for an attacker to look up, especially when there are only a few predefined questions to choose from. If I can enter my own question, then I can come up with some things that only I and my family know. That requires careful and security- conscious consideration. Many people would come up with insecure questions. There's a limited supply of such personal secrets that I can be sure I'll remember, so I can't do that for too many sites. It also requires a not too public life. People who publish their entire lives on Facebook will have trouble coming up with a question that an attacker can't find the answer to. Otherwise I'll make up a nonsensical phrase to enter as the answer, and store it securely. That turns the "security question" into a backup passphrase. If you want people to do this, then it's better to ask them to make up a passphrase. Björn Persson pgpE8zuWQSxko.pgp Description: OpenPGP digital signatur ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Fedora Account Migration & Production Deployment Update: COMPLETE!
Tomasz Torcz wrote: > I meant push notification, when the message is sent through secure channel > to your smart phone and you get popup asking for authorization. The Swedish BankID cartel did that in their proprietary app, and thus enabled an outbreak of fraud. Here's how it works: 1: The fraudster calls the victim, posing as the bank or some authority figure, and tells some confidence-inspiring lies. Then the fraudster says that they need to ascertain the victim's identity. 2: The fraudster initiates a login to the victim's bank account. 3: The bank sends an authentication request to the victim's BankID app. A popup is displayed on the victim's smartphone. 4: The victim is expecting an authentication request from the person they're talking to, and sees a request that seems to match, so they grant the request. 5: The bank receives a correct authentication response. The fraudster is now logged in to the victim's account. The design flaw is that the authentication happens in a side channel, separate from the login session. The bank doesn't know whether the remote ends of the two channels are in the same place. Correct design is to do the authentication in the login session itself. For a workaround one can tie the two channels together somehow, and that's how the Swedish banks patched the flaw. They now display a QR code on the login page that the user must photograph with their smartphone, thereby tying the authentication channel to the login session. I hear the QR code is optional for websites, so anything that uses BankID authentication and doesn't use the QR code is still vulnerable. Now, if the side channel is only used as a second authentication, and the first authentication, with the passphrase, is done in the login session, then successful attacks will be less frequent, because then the attacker first needs the victim's passphrase. Side-channel authentication is a design flaw none the less. There's no point to having a second factor if it's so weak that the security depends mostly on the first factor. Björn Persson pgpdjMBn7aR77.pgp Description: OpenPGP digital signatur ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Fedora Account Migration & Production Deployment Update: COMPLETE!
On Sat, Mar 27, 2021 at 11:08:19AM +0100, Tomasz Torcz wrote: > > > > Notification via sms is... not too secure. ;( > > https://www.vice.com/en/article/y3g8wb/hacker-got-my-texts-16-dollars-sakari-netnumber > > I didn't write SMS. SMS is terrible, it's the worst 2F channel nowadays. > I meant push notification, when the message is sent through secure channel > to your smart phone and you get popup asking for authorization. > At least: > > - Google does that: > https://s3.amazonaws.com/neowin/news/images/uploaded/2017/07/1500141361_google_mobile_prompt.jpg > > - Microsoft Suite (Teams, Outlook) on my corporate accounts: > https://techcommunity.microsoft.com/t5/image/serverpage/image-id/46536iDD69C684B52CC495 > > - My banking app (for login and transfer authorizations) > https://android.com.pl/apps/wp-content/uploads/2020/03/alior.jpg.webp > > This seem to be easiest and most secure 2FA, but requires cooperation > with Android framework. Next in line are FIDO/Yubikeys, and OTP codes. Ah, ok. Well, not everyone has access to them. I have a android based phone, but it's de-googled, so I can't get any google push notifications. Others may have i-phones or... perhaps even no smart phone at all. ;) But I suppose it could be possible to implement something like this for those that do. kevin signature.asc Description: PGP signature ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Fedora Account Migration & Production Deployment Update: COMPLETE!
On Sat, Mar 27, 2021 at 12:38:45AM +0100, Björn Persson wrote: > Christopher wrote: > > * Unlike many other implementations, there is no backup code option > > (GitHub, Google, others, provide 10 one-time use backup codes you can > > use in case you don't have access to your authenticator app; these can > > be regenerated after a successful login). > > It seems that the backup is to send an OpenPGP-signed email to an admin > address. That's acceptable as long as the admins take care to properly > verify the OpenPGP key – but since Noggin stores only key IDs (and > truncates them incorrectly), I'm left wondering what methods they'll try > if they need to look up my key. Will they try WKD? DNS? Is there a > specific key server that must have my key for me to be able to recover > my Fedora account if I lose my second factor? Well, the backup is actually: "verify you are who you say you are to the satisfaction of account admins" (which has been the case with fas as well for many years. This could be a gpg signed email and key from a good site, or other means. I agree this is not well defined. I'd like us to add security query/respond pairs. Other suggestions welcome (please file them as noggin issues?) > > * In many places, including accounts.fedoraproject.org, in order to > > log in, you have to append the OTP to your password, so it doesn't > > really play nice with password managers. > > Such kludges shouldn't be exposed in user interfaces if it can be > avoided. A web interface should be able to receive two strings in two > separate fields, and concatenate them if the backend requires that. I'm not sure what the constraint was here. I'd let the noggin team answer this one... kevin signature.asc Description: PGP signature ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Fedora-34-20210327.n.0 compose check report
No missing expected images. Failed openQA tests: 10/189 (x86_64), 14/119 (aarch64) New failures (same test not failed in Fedora-34-20210326.n.0): ID: 831856 Test: x86_64 Workstation-live-iso apps_startstop URL: https://openqa.fedoraproject.org/tests/831856 ID: 831909 Test: aarch64 Minimal-raw_xz-raw.xz base_update_cli@uefi URL: https://openqa.fedoraproject.org/tests/831909 ID: 831913 Test: aarch64 Minimal-raw_xz-raw.xz base_reboot_unmount@uefi URL: https://openqa.fedoraproject.org/tests/831913 ID: 831914 Test: aarch64 Minimal-raw_xz-raw.xz base_system_logging@uefi URL: https://openqa.fedoraproject.org/tests/831914 ID: 831926 Test: aarch64 Server-dvd-iso support_server@uefi URL: https://openqa.fedoraproject.org/tests/831926 ID: 831944 Test: aarch64 Server-dvd-iso install_repository_nfs_graphical@uefi URL: https://openqa.fedoraproject.org/tests/831944 ID: 831994 Test: x86_64 universal install_blivet_resize_lvm URL: https://openqa.fedoraproject.org/tests/831994 ID: 832014 Test: x86_64 universal upgrade_server_domain_controller URL: https://openqa.fedoraproject.org/tests/832014 ID: 832053 Test: x86_64 universal upgrade_realmd_client URL: https://openqa.fedoraproject.org/tests/832053 ID: 832081 Test: aarch64 universal install_blivet_resize_lvm@uefi URL: https://openqa.fedoraproject.org/tests/832081 ID: 832084 Test: aarch64 universal install_btrfs@uefi URL: https://openqa.fedoraproject.org/tests/832084 Old failures (same test failed in Fedora-34-20210326.n.0): ID: 831878 Test: x86_64 KDE-live-iso desktop_update_graphical URL: https://openqa.fedoraproject.org/tests/831878 ID: 831879 Test: x86_64 KDE-live-iso apps_startstop URL: https://openqa.fedoraproject.org/tests/831879 ID: 831884 Test: x86_64 KDE-live-iso desktop_notifications_postinstall URL: https://openqa.fedoraproject.org/tests/831884 ID: 831910 Test: aarch64 Minimal-raw_xz-raw.xz base_services_start@uefi URL: https://openqa.fedoraproject.org/tests/831910 ID: 831911 Test: aarch64 Minimal-raw_xz-raw.xz base_selinux@uefi URL: https://openqa.fedoraproject.org/tests/831911 ID: 831912 Test: aarch64 Minimal-raw_xz-raw.xz base_service_manipulation@uefi URL: https://openqa.fedoraproject.org/tests/831912 ID: 831915 Test: aarch64 Minimal-raw_xz-raw.xz release_identification@uefi URL: https://openqa.fedoraproject.org/tests/831915 ID: 831987 Test: x86_64 universal install_cyrillic_language URL: https://openqa.fedoraproject.org/tests/831987 ID: 832010 Test: x86_64 universal install_asian_language URL: https://openqa.fedoraproject.org/tests/832010 ID: 832045 Test: x86_64 universal install_arabic_language URL: https://openqa.fedoraproject.org/tests/832045 ID: 832060 Test: aarch64 universal install_cyrillic_language@uefi URL: https://openqa.fedoraproject.org/tests/832060 ID: 832070 Test: aarch64 universal install_asian_language@uefi URL: https://openqa.fedoraproject.org/tests/832070 ID: 832096 Test: aarch64 universal install_arabic_language@uefi URL: https://openqa.fedoraproject.org/tests/832096 Soft failed openQA tests: 4/189 (x86_64), 5/119 (aarch64) (Tests completed, but using a workaround for a known bug) Old soft failures (same test soft failed in Fedora-34-20210326.n.0): ID: 831800 Test: x86_64 Server-dvd-iso install_vncconnect_client URL: https://openqa.fedoraproject.org/tests/831800 ID: 831844 Test: x86_64 Server-dvd-iso install_vnc_client URL: https://openqa.fedoraproject.org/tests/831844 ID: 831907 Test: x86_64 Cloud_Base-qcow2-qcow2 cloud_autocloud URL: https://openqa.fedoraproject.org/tests/831907 ID: 831908 Test: aarch64 Minimal-raw_xz-raw.xz install_arm_image_deployment_upload@uefi URL: https://openqa.fedoraproject.org/tests/831908 ID: 831936 Test: aarch64 Server-dvd-iso install_vncconnect_client@uefi URL: https://openqa.fedoraproject.org/tests/831936 ID: 831955 Test: aarch64 Server-dvd-iso install_vnc_client@uefi URL: https://openqa.fedoraproject.org/tests/831955 ID: 831980 Test: aarch64 Cloud_Base-qcow2-qcow2 cloud_autocloud@uefi URL: https://openqa.fedoraproject.org/tests/831980 ID: 832005 Test: x86_64 universal upgrade_2_server_domain_controller URL: https://openqa.fedoraproject.org/tests/832005 ID: 832074 Test: aarch64 universal upgrade_2_server_domain_controller@uefi URL: https://openqa.fedoraproject.org/tests/832074 Passed openQA tests: 100/119 (aarch64), 175/189 (x86_64) New passes (same test not passed in Fedora-34-20210326.n.0): ID: 831968 Test: aarch64 Workstation-raw_xz-raw.xz desktop_update_graphical@uefi URL: https://openqa.fedoraproject.org/tests/831968 ID: 831976 Test: aarch64 Cloud_Base-qcow2-qcow2 base_update_cli@uefi URL: https://openqa.fedoraproject.org/tests/831976 ID: 831977 Test: aarch64 Cloud_Base-qcow2-qcow2 base_services_start@uefi URL: https://openqa.fedoraproject.org/tests/831977 ID: 832064 Test: aarch64 universal install_european_la
Fedora-IoT-34-20210327.0 compose check report
No missing expected images. Failed openQA tests: 1/16 (x86_64), 2/15 (aarch64) Old failures (same test failed in Fedora-IoT-34-20210326.0): ID: 832320 Test: x86_64 IoT-dvd_ostree-iso base_services_start URL: https://openqa.fedoraproject.org/tests/832320 ID: 832335 Test: aarch64 IoT-dvd_ostree-iso base_services_start@uefi URL: https://openqa.fedoraproject.org/tests/832335 ID: 832344 Test: aarch64 IoT-dvd_ostree-iso iot_clevis@uefi URL: https://openqa.fedoraproject.org/tests/832344 Soft failed openQA tests: 1/16 (x86_64) (Tests completed, but using a workaround for a known bug) Old soft failures (same test soft failed in Fedora-IoT-34-20210326.0): ID: 832319 Test: x86_64 IoT-dvd_ostree-iso iot_clevis URL: https://openqa.fedoraproject.org/tests/832319 Passed openQA tests: 14/16 (x86_64), 13/15 (aarch64) -- Mail generated by check-compose: https://pagure.io/fedora-qa/check-compose ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Fedora 34 compose report: 20210327.n.0 changes
OLD: Fedora-34-20210326.n.0 NEW: Fedora-34-20210327.n.0 = SUMMARY = Added images:0 Dropped images: 2 Added packages: 4 Dropped packages:1 Upgraded packages: 86 Downgraded packages: 0 Size of added packages: 2.83 MiB Size of dropped packages:29.49 KiB Size of upgraded packages: 3.66 GiB Size of downgraded packages: 0 B Size change of upgraded packages: -83.68 MiB Size change of downgraded packages: 0 B = ADDED IMAGES = = DROPPED IMAGES = Image: Security live x86_64 Path: Labs/x86_64/iso/Fedora-Security-Live-x86_64-34-20210326.n.0.iso Image: Server raw-xz aarch64 Path: Server/aarch64/images/Fedora-Server-34-20210326.n.0.aarch64.raw.xz = ADDED PACKAGES = Package: disk-utilities-0-0.1.20210319git2ec77a4.fc34 Summary: Utilities for ripping, dumping, analysing, and modifying disk images RPMs:disk-utilities libdisk libdisk-devel Size:1.14 MiB Package: fcitx5-anthy-5.0.4-1.fc34 Summary: Anthy Wrapper for Fcitx5 RPMs:fcitx5-anthy Size:994.56 KiB Package: python-pyswarms-1.3.0-1.fc34 Summary: A Python-based Particle Swarm Optimization (PSO) library RPMs:python-pyswarms-doc python3-pyswarms Size:534.81 KiB Package: python-usort-0.6.3-2.fc34 Summary: A small, safe import sorter RPMs:python-usort-doc python3-usort Size:194.39 KiB = DROPPED PACKAGES = Package: regindexer-0.6.2-4.fc34 Summary: Tool for creating an index of a container registry RPMs:regindexer Size:29.49 KiB = UPGRADED PACKAGES = Package: annobin-9.65-2.fc34 Old package: annobin-9.64-1.fc34 Summary: Annotate and examine compiled binary files RPMs: annobin annobin-annocheck Size: 1.18 MiB Size change: 1.50 KiB Changelog: * Tue Mar 09 2021 Nick Clifton - 9.65-1 - gcc-plugin: Use a fixed filename when running in LTO mode. * Thu Mar 25 2021 Nick Clifton - 9.65-2 - NVR bump to allow rebuild. Package: audacity-3.0.0-1.fc34 Old package: audacity-2.4.2-4.fc34 Summary: Multitrack audio editor RPMs: audacity audacity-manual Size: 44.16 MiB Size change: 8.24 MiB Changelog: * Wed Mar 17 2021 Gwyn Ciesla - 3.0.0-1 - 3.0.0 Package: autofs-1:5.1.7-10.fc34 Old package: autofs-1:5.1.7-2.fc34 Summary: A tool for automatically mounting and unmounting filesystems RPMs: autofs Size: 1.86 MiB Size change: -1.17 KiB Changelog: * Tue Mar 16 2021 Ian Kent - 1:5.1.7-10 - add xdr_exports(). - remove mount.x and rpcgen dependencies. - dont use realloc in host exports list processing. - use sprintf() when constructing hosts mapent. - fix mnts_remove_amdmount() uses wrong list. - Fix option for master read wait. - eliminate cache_lookup_offset() usage. - fix is mounted check on non existent path. - simplify cache_get_parent(). - set offset parent in update_offset_entry(). - remove redundant variables from mount_autofs_offset(). - remove unused parameter form do_mount_autofs_offset(). - refactor umount_multi_triggers(). - eliminate clean_stale_multi_triggers(). - simplify mount_subtree() mount check. - fix mnts_get_expire_list() expire list construction. - fix inconsistent locking in umount_subtree_mounts(). - fix return from umount_subtree_mounts() on offset list delete. - pass mapent_cache to update_offset_entry(). - fix inconsistent locking in parse_mount(). - remove unused mount offset list lock functions. - eliminate count_mounts() from expire_proc_indirect(). - eliminate some strlen calls in offset handling. - don't add offset mounts to mounted mounts table. - reduce umount EBUSY check delay. - cleanup cache_delete() a little. - rename path to m_offset in update_offset_entry(). - don't pass root to do_mount_autofs_offset(). - rename tree implementation functions. - add some multi-mount macros. - remove unused functions cache_dump_multi() and cache_dump_cache(). - add a len field to struct autofs_point. - make tree implementation data independent. - add mapent tree implementation. - add tree_mapent_add_node(). - add tree_mapent_delete_offsets(). - add tree_mapent_traverse_subtree(). - fix mount_fullpath(). - add tree_mapent_cleanup_offsets(). - add set_offset_tree_catatonic(). - add mount and umount offsets functions. - switch to use tree implementation for offsets. - remove obsolete functions. - remove redundant local var from sun_mount(). - use mount_fullpath() in one spot in parse_mount(). - pass root length to mount_fullpath(). - remove unused function master_submount_li.st_empty(). - move amd mounts removal into lib/mounts.c. - check for offset with no mount location. - remove mounts_mutex. - remove unused variable from get_exports(). Package: binutils-2.35.1-41.fc34 Old package: binutils-2.35.1-38.fc34 Summary:
attempt to contact Pavel Alexeev a.k.a. hubbitus
A typical epel8 build request for one of mythtv's (RPMFusion) runtime requirements, pmount, has been filed: https://bugzilla.redhat.com/show_bug.cgi?id=1941159 The previous epel maintainer responded quickly, gave me collaborator status, and then promptly removed himself from the package. That's when I learned the hard way that a collaborator cannot push builds to Bodhi. Lovely. I've tried to reach out to the package admin, hubbitus, via the bug report and email. So far no response. Does anyone know how to reach this guy? ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Fedora Account Migration & Production Deployment Update: COMPLETE!
Dnia Fri, Mar 26, 2021 at 01:47:08PM -0700, Kevin Fenzi napisał(a): > On Fri, Mar 26, 2021 at 09:34:49PM +0100, Tomasz Torcz wrote: > > Dnia Fri, Mar 26, 2021 at 03:26:53PM -0500, Brandon Nielsen napisał(a): > > > On 3/26/21 3:24 PM, Matthew Miller wrote: > > > > On Fri, Mar 26, 2021 at 02:48:39PM -0400, Christopher wrote: > > > [Snip] > > > > > * In many places, including accounts.fedoraproject.org, in order to > > > > > log in, you have to append the OTP to your password, so it doesn't > > > > > really play nice with password managers. > > > > > > > > This is pretty common in my experience; it seems like password managers > > > > should support this pattern. > > > > > > > > > > I can't say I have ever appended an OTP to a regular password, and I use > > > 2FA > > > everywhere I can. > > > > I second that. I've only seen OTP appending on FreeIPA's > > implementation of 2FA. Everywhere else it's first a normal password > > prompt, then second for 2FA code (or push notification to phone, which > > is way easier for user). > > Notification via sms is... not too secure. ;( > https://www.vice.com/en/article/y3g8wb/hacker-got-my-texts-16-dollars-sakari-netnumber I didn't write SMS. SMS is terrible, it's the worst 2F channel nowadays. I meant push notification, when the message is sent through secure channel to your smart phone and you get popup asking for authorization. At least: - Google does that: https://s3.amazonaws.com/neowin/news/images/uploaded/2017/07/1500141361_google_mobile_prompt.jpg - Microsoft Suite (Teams, Outlook) on my corporate accounts: https://techcommunity.microsoft.com/t5/image/serverpage/image-id/46536iDD69C684B52CC495 - My banking app (for login and transfer authorizations) https://android.com.pl/apps/wp-content/uploads/2020/03/alior.jpg.webp This seem to be easiest and most secure 2FA, but requires cooperation with Android framework. Next in line are FIDO/Yubikeys, and OTP codes. -- Tomasz TorczOnly gods can safely risk perfection, to...@pipebreaker.pl it's a dangerous thing for a man. — Alia ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: RFC: declaring estimated per-builder RAM usage in spec file
On Fri, 26 Mar 2021 17:29:27 -0700 Michel Alexandre Salim wrote: > Hi all, > > This idea came about when I'm debugging build issues with mcrouter, > which turns out to be due to build jobs failing to allocate memory and > getting terminated without aborting the entire compilation, causing > link issues when empty or corrupted objects are encountered: > > https://src.fedoraproject.org/rpms/mcrouter/blob/rawhide/f/mcrouter.spec#_4-8 > > As a rough estimate it seems like each of the CPU core passed with > %{_smp_build_ncpus} ended up consuming close to 8 GB of RAM. And that's > with LTO disabled (yeah, it's not a good situation to be in). > > Right now I'm just overriding _smp_build_ncpus to 1, but there is a > more elegant solution I'd like to propose: > > What if one can declaratively set the required RAM per build job -- > either with a single macro, or maybe two if the LTO usecase requires > even more RAM. e.g. to declare each core might take up to 8 GB: > > %global _smp_build_ram_per_cpu 8192 > > then in case this is run on our aarch64 builder with 40GB RAM, > dynamically take the minimum of the existing _smp_build_ncpus (which > AIUI is determined by the number of cores on the machine) and (amount > of RAM / _smp_build_ram_per_cpu), in this case capping the actual > number passed to -j to 5. > > Is there interest in having this be available? I could imagine it might > be useful for other resource-intensive package builds e.g. for > Chromium. there was an attempt to come up with a system-wide solution, see https://github.com/rpm-software-management/rpm/pull/821 Dan ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: fedpkg update => Error returned from our POST to ipsilon (was: Re: Is Pagure openid login broken?)
On Fri, Mar 26, 2021 at 09:05:38AM -0700, Kevin Fenzi wrote: > On Thu, Mar 25, 2021 at 09:40:24PM +, Richard W.M. Jones wrote: > > > > fedpkg updates are also failing now: > > > > $ fedpkg update > > Could not execute update: Could not generate update request: > > ServerError(https://id.fedoraproject.org/api/v1/, 500, Error returned from > > our POST to ipsilon.) > > https://pagure.io/fedora-infrastructure/issue/9773 > > Should be fixed now, please retry. Yes it's all working now, thanks again. Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming and virtualization blog: http://rwmj.wordpress.com Fedora Windows cross-compiler. Compile Windows programs, test, and build Windows installers. Over 100 libraries supported. http://fedoraproject.org/wiki/MinGW ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Fedora-Cloud-32-20210327.0 compose check report
No missing expected images. Soft failed openQA tests: 1/7 (x86_64), 1/7 (aarch64) (Tests completed, but using a workaround for a known bug) Old soft failures (same test soft failed in Fedora-Cloud-32-20210326.0): ID: 831788 Test: x86_64 Cloud_Base-qcow2-qcow2 cloud_autocloud URL: https://openqa.fedoraproject.org/tests/831788 ID: 831795 Test: aarch64 Cloud_Base-qcow2-qcow2 cloud_autocloud@uefi URL: https://openqa.fedoraproject.org/tests/831795 Passed openQA tests: 6/7 (x86_64), 6/7 (aarch64) -- Mail generated by check-compose: https://pagure.io/fedora-qa/check-compose ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: ask to test latest systemd build for systemd-resolved problems
On Fri, Mar 26, 2021 at 09:06:14PM -0700, Adam Williamson wrote: > On Fri, 2021-03-26 at 17:39 +, Zbigniew Jędrzejewski-Szmek wrote: > > On Fri, Mar 26, 2021 at 08:42:51AM -0700, Adam Williamson wrote: > > > Can you do a Koji scratch build? This is easier for me to test in > > > openQA (I already have the tooling set up to schedule tests on scratch > > > builds, it cannot do it for COPR builds). Thanks! > > > > https://koji.fedoraproject.org/koji/taskinfo?taskID=64648010 > > Should be done in about half an hour. > > D'oh, sorry, should've been more specific - a scratch build for F34 (or > F33) would be better. I can't easily run tests on a Rawhide scratch > build (as we don't run the update tests on Rawhide). https://koji.fedoraproject.org/koji/taskinfo?taskID=64671982 (f34) https://koji.fedoraproject.org/koji/taskinfo?taskID=64672016 (f33) Zbyszek ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: ask to test latest systemd build for systemd-resolved problems
On Sat, Mar 27, 2021 at 01:19:01AM +, Gerard Ryan wrote: > On Fri, 2021-03-26 at 08:42 -0700, Adam Williamson wrote: > > On Fri, 2021-03-26 at 09:16 +, Zbigniew Jędrzejewski-Szmek wrote: > > > Hi, > > > > > > we have been trying to figure out the issue where resolved > > > sometimes > > > does not resolve certain names [1], e.g. 'google.com'. > > > Unfortunately, > > > the issue is only reproducible for some people (most likely it > > > depends > > > on the dns server or other network topology details…). > > > > > > One of the patches that seem problematic [2] was included in F33 > > > and > > > then reverted. But it is still present in the systemd main branch. > > > Before tagging the next release and pushing it to F34 and rawhide, > > > we > > > would like to solve this issue (or verify that it does not occur > > > anymore). > > > > > > I prepared a copr build of latest system git [3,4] to make this > > > easy > > > to test. > > > > > > The ask: if you could reproduce the issue before, please test if it > > > still occurs with the copr build. Just "yes"/"no" is already > > > useful. > > I was one of the people who experienced the problem with 246.12-1.fc33 > on F33. With that version, I was able to resolve google.com and > fedoraproject.org just fine, but it seemed I wasn't able to resolve > most other domains that I tried (including duckduckgo.com and > redhat.com). Just highlighting that as it sounds like other folks had > issues with google.com but not other domains. > > With 248~rc4.git20210326.b240c08-1.fc33 from your copr build on F33, my > wired ethernet (eno1) doesn't work, so it seems I've got other issues > with that one. That's probably unrelated. This shouldn't happen, so maybe file a bug. Maybe it's something about systemd-networkd or NetworkManager not starting (whatever you use)? > With 248~rc4.git20210326.b240c08-1.fc34 from your copr build on F34 on > that same machine (different ostree), I don't appear to have any > networking issues -- I'm able to connect to the network and resolve all > of the domains that I tried. > > Let me know if you'd like me to try anything in particular in either of > those scenarios: I've got each one available as a pinned ostree > deployment in silverblue, so it's easy to get back to them. When sending out the email yesterday morning, I was trying to pin down the versions where this happens. There has been at least one report that this also happens with v246-stable and v247-stable, but no clear confirmation that it happens with v248-rc tip. Second goal is to find a reproducer and get a backtrace from when the issue occurs. Zbyszek ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Fedora-Cloud-33-20210327.0 compose check report
No missing expected images. Soft failed openQA tests: 1/7 (x86_64), 1/7 (aarch64) (Tests completed, but using a workaround for a known bug) Old soft failures (same test soft failed in Fedora-Cloud-33-20210326.0): ID: 831774 Test: x86_64 Cloud_Base-qcow2-qcow2 cloud_autocloud URL: https://openqa.fedoraproject.org/tests/831774 ID: 831781 Test: aarch64 Cloud_Base-qcow2-qcow2 cloud_autocloud@uefi URL: https://openqa.fedoraproject.org/tests/831781 Passed openQA tests: 6/7 (x86_64), 6/7 (aarch64) -- Mail generated by check-compose: https://pagure.io/fedora-qa/check-compose ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure