Re: Modularity vs. libgit

2019-06-17 Thread Colin Walters
On Mon, Jun 17, 2019, at 2:51 PM, Neal Gompa wrote: > RPM-OSTree is functionally irrelevant in this discussion, Changing how we handle the kernel is certainly relevant. > since it has > its own behavior patterns and eschews compatibility with the greater > ecosystem anyway. I don't think

Re: Modularity vs. libgit

2019-06-17 Thread Colin Walters
On Mon, Jun 17, 2019, at 4:47 AM, Michael Schroeder wrote: > On Fri, Jun 14, 2019 at 12:12:01PM -0400, Neal Gompa wrote: > > I would actually really like to see rpm's multiversioning capabilities > > extended to support this. > > I'd actually prefer to drop the multiversion mode for the kernel

Re: Understanding Fedora's use of systemd presets and packaging requirements

2019-04-23 Thread Colin Walters
Here's a related discussion for CoreOS-style systems: https://github.com/coreos/fedora-coreos-config/pull/77 It's quite different from traditional since Ignition implies using ConditionFirstBoot which means systemd does a preset-all on firstboot; the PR is about the tension between what RPM is

Re: Fedora, Packaging, Java, and Shrooms

2019-04-12 Thread Colin Walters
On Thu, Apr 11, 2019, at 7:41 AM, Ty Young wrote: > Hi, > > I'm thinking of switching to Fedora 30 Silverblue(once it comes out of > beta anyway) from Arch linux. One of the requirements is to be able to > install, compile from source and easily switch between JDK builds. Bigger picture, as

Re: Can we maybe reduce the set of packages we install by default a bit?

2019-04-12 Thread Colin Walters
On Fri, Apr 12, 2019, at 7:13 AM, Lennart Poettering wrote: > On Fr, 12.04.19 11:35, Dominik 'Rathann' Mierzejewski > (domi...@greysector.net) wrote: > > > > Interestingly I think Google Chrome needs this when it installs, > > > though it seems nonsensical to me. (Chrome is installed by about

Re: Can we maybe reduce the set of packages we install by default a bit?

2019-04-11 Thread Colin Walters
On Tue, Apr 9, 2019, at 12:07 PM, Lennart Poettering wrote: > Heya, > > today I installed the current Fedora 30 Workstation beta on my new > laptop. It was a bumpy ride, I must say (the partitioner (blivet?) > crashed five times or so on me, always kicking me out of anaconda > again, just

Re: Updating Rawhide vs GPG keys

2019-03-13 Thread Colin Walters
On Tue, Mar 12, 2019, at 2:50 PM, Kevin Fenzi wrote: > https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/5UVGSBRLX352A4S2CBZ2CGBXPAGQTYKB/ > > How does this plan work with silverblue? Not sure... could use some > input from them. It's the same model for Fedora

Re: Updating Rawhide vs GPG keys

2019-03-12 Thread Colin Walters
On Mon, Mar 11, 2019, at 2:46 PM, Fabio Valentini wrote: > > I'm having a similar problem, but with Silverblue / rawhide. > > I installed the system when rawhide was still f30, but now I can't run > "rpm-ostree upgrade" anymore, due to this error: > > Enabled rpm-md repositories: rawhide >

Re: Downgrading glibc from Rawhide removed /bin/sh (!)

2019-03-08 Thread Colin Walters
On Thu, Mar 7, 2019, at 10:53 AM, Florian Weimer wrote: > > > The %transfiletriggerpostun would've probably fixed it if it used -p > > instead of shell. > > We switched to the shell for the benefit of rpm-ostree. Short answer:

Re: F30 change, bootloaderspec by default

2019-02-14 Thread Colin Walters
On Thu, Feb 14, 2019, at 6:05 AM, Javier Martinez Canillas wrote: > So our plan is to have a library + command > line tool for configuring everything related to the bootloader. FWIW, "rpm-ostree kargs" is already a CLI and DBus API to change the kernel arguments that we expect people to use on

Re: Fedora testing-20190116.0 compose check report

2019-01-16 Thread Colin Walters
On Wed, Jan 16, 2019, at 2:01 AM, Adam Williamson wrote: > It seems the Atomic installer images from the nightly 'updates' and > 'updates-testing' composes for F29 started failing as of 20190115.n.0 > and still failed in 20190116.n.0. Failure looks like: > >

Re: Proposal: Faster composes by eliminating deltarpms and using zchunked rpms instead

2018-11-21 Thread Colin Walters
On Sat, Nov 17, 2018, at 12:24 PM, Jonathan Dieter wrote: > Agreed, that this would be a massive format change and should therefore > be a major version bump for RPM. New versions of RPM should still be > able to read and install old-format rpms, but, as you point out, old > versions of RPM

Re: Fedora Lifecycles: imagine longer-term possibilities

2018-11-15 Thread Colin Walters
On Thu, Nov 15, 2018, at 12:38 PM, Ken Dreyer wrote: > I am sorry to be such a noob, but I read the words on that page, they > sound exciting, but I am lost. What does "mirror git repositories like > rpmdistro-gitoverlay does" mean? I could use a really clear > step-by-step walkthrough of how I

Re: Fedora Lifecycles: imagine longer-term possibilities

2018-11-15 Thread Colin Walters
On Thu, Nov 15, 2018, at 10:57 AM, Matthew Miller wrote: > On Thu, Nov 15, 2018 at 07:57:54AM -0700, Ken Dreyer wrote: > > One of the problems I've encountered with this approach is that the > > upstream Git repo links to (a lot of) submodules. If you're lucky > > those submodules point at Git

rpm-ostree 2018.9 (and rollup of other releases)

2018-11-02 Thread Colin Walters
This is one of a semi-regular rollup/highlights post of what's happening in the rpm-ostree project, used by [Fedora Atomic Host](https://getfedora.org/atomic/) as well as [Fedora Silverblue](https://silverblue.fedoraproject.org/), and planned to be used by the converged [Fedora

Re: Installation image layout

2018-10-16 Thread Colin Walters
On Thu, Oct 11, 2018, at 8:37 PM, Marek Marczykowski-Górecki wrote: > Hi all! > > I'm new on this list. I work on Qubes OS, where Fedora is used as a base > distribution. Tangentially: Qubes is very cool and I'm glad you find Fedora useful as a base system. I work on Fedora CoreOS and have

Re: How should the nvme-cli package generate its host "NQN"?

2018-09-28 Thread Colin Walters
On Fri, Sep 28, 2018, at 2:42 PM, Andrew Lutomirski wrote: > There's a request for the nvme-cli package to generate a unique name > to use when connecting to NVMe-over-fabrics targets: > > https://bugzilla.redhat.com/show_bug.cgi?id=1633814 > > I'm wondering what the right approach is. For the

Re: Brainstorming about kernel updates with low disk space

2018-09-06 Thread Colin Walters
FWIW, rpm-ostree fixes all of this today - the entire update is really transactional, and fully handles hitting ENOSPC at any point. ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to

Re: [HEADS UP] Removal of GCC from the buildroot

2018-07-11 Thread Colin Walters
On Wed, Jul 11, 2018, at 12:37 PM, Andrew Lutomirski wrote: > > (Hmm. Some future version of rpm/dnf could get really fancy and > *reflink* > package contents into the build chroot rather than untarring them every > time.) Try `rpm-ostree ex container` today and see just how fast it is to

Re: F29 System Wide Change: Modules for Everyone

2018-07-05 Thread Colin Walters
On Wed, Jul 4, 2018, at 9:17 AM, Zbigniew Jędrzejewski-Szmek wrote: > > - something else ? The rpm-ostree tracking issue is here: https://github.com/projectatomic/rpm-ostree/issues/1435 ___ devel mailing list -- devel@lists.fedoraproject.org To

rpm-ostree 2018.6 (and updates since 2018.3)

2018-07-02 Thread Colin Walters
This is one of a semi-regular "rollup"/"highlights" post of what's happening in the rpm-ostree project, used by Fedora Atomic Host, as well as Silverblue[1], and planned to be used by the converged [Fedora CoreOS](https://coreos.fedoraproject.org/) We release approximately once a month. The last

Re: F29 System Wide Change: Make BootLoaderSpec the default

2018-06-26 Thread Colin Walters
On Tue, Jun 26, 2018, at 11:48 AM, Peter Robinson wrote: > There's a lot of clouds going to uEFI now [citation needed] In my brief google searches: AWS: https://forums.aws.amazon.com/thread.jspa?threadID=155626 GCE: https://groups.google.com/forum/#!topic/gce-discussion/OD_Zd_6YVbw DO:

Re: F29 System Wide Change: Make BootLoaderSpec the default

2018-06-21 Thread Colin Walters
On Thu, Jun 21, 2018, at 9:41 AM, Gerd Hoffmann wrote: > > Well, as *additional* variant it doesn't provide that much value. More > interesting would be to create all x86 cloud images that way, so they > boot just fine on both bios and efi, and we don't have to bother > creating two image

Re: F29 System Wide Change: Make BootLoaderSpec the default

2018-06-21 Thread Colin Walters
On Thu, Jun 21, 2018, at 3:30 AM, Gerd Hoffmann wrote: > Hi, > > > And in my opinion, it's not simple to say: OK if you have this size > > ESP to start, you get this layout, and if it's bigger you get this > > other layout, and if it's BIOS you have this 3rd layout. Chris, I have to say I'm

Re: Hiding the grub menu by default on single OS installs

2018-05-31 Thread Colin Walters
On Thu, May 31, 2018, at 6:23 AM, Hans de Goede wrote: > Hi All, > > I'm working on improving the Fedora boot experience, with the > end goal being a user pressing the on button and then going > to the graphical login manager without him seeing any > text messages / menus filled with technical

Re: I would like to propose that we turn on XFS Reflink in Fedora 29 by default

2018-04-29 Thread Colin Walters
On Sun, Apr 29, 2018, at 6:47 AM, Stephen Gallagher wrote: > XFS is the default filesystem on Fedora Server Edition, And we use Server partitioning now for Atomic Host. But for the vast majority of times people say "Fedora" they're talking about as a desktop. And Workstation uses the

Re: Fedora 28 Atoimic Host RC 1.1 available for testing

2018-04-25 Thread Colin Walters
On Wed, Apr 25, 2018, at 4:35 PM, Dusty Mabe wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > The Atomic Host compose based on RC 1.1 is available for testing now. > > The toplevel directory is: > https://kojipkgs.fedoraproject.org/compose/twoweek/Fedora-Atomic-28-20180425.0 >

Re: Announcing DNF 3 development

2018-03-26 Thread Colin Walters
On Mon, Mar 26, 2018, at 11:02 AM, Vít Ondruch wrote: > If DNF was just frontend for some service/daemon, that would be one > possibility. It would also help with other issues like updates of X > server crashing whole user session and therefore the update. FWIW rpm-ostree is always a daemon

Re: Gating packages in Rawhide

2018-03-12 Thread Colin Walters
On Mon, Mar 12, 2018, at 5:32 AM, Pierre-Yves Chibon wrote: > That would register in koji's DB the unique NEVRA which means, the PR can't be > updated without bumping the release field. Yep, that problem is exactly (along with the conflict-fest that is %changelog) what holds back any big steps

Re: Gating packages in Rawhide

2018-03-09 Thread Colin Walters
On Fri, Mar 9, 2018, at 9:23 AM, Colin Walters wrote: > A more modern architecture would be something closer to pull requests on > dist-git; > tests report into the PR the same way github works today. > > This would work *particularly* well if it was easy to make a pull re

Re: Gating packages in Rawhide

2018-03-09 Thread Colin Walters
A more modern architecture would be something closer to pull requests on dist-git; tests report into the PR the same way github works today. This would work *particularly* well if it was easy to make a pull request across multiple packages, which would be obvious and easy if we just one git repo

Re: Broken system upgrade due to rich dependencies

2018-03-07 Thread Colin Walters
On Wed, Mar 7, 2018, at 5:52 AM, Igor Gnatenko wrote: > > And you forgot: > 5. Teach DNF to use "target" DNF/RPM stack to perform upgrade (best and > proper way). If you're using yum/dnf inside a container, the natural way to major upgrades is to just pull the new base image and rebuild, rather

Re: Kernel marking files in /boot as %ghost

2018-03-06 Thread Colin Walters
On Tue, Mar 6, 2018, at 3:27 AM, Samuel Rakitničan wrote: > But what are the original reasons exactly? Seems like those files are > used by rpm-ostree. The `/usr` files are also copied by grubby. And while it's true *today* that rpm-ostree adapted to the /usr/lib/modules change, in fact the

Re: Why size of repositories metadata is too high in Fedora?

2018-03-02 Thread Colin Walters
On Fri, Mar 2, 2018, at 3:29 PM, Andrew Lutomirski wrote: > I feel like that discussion is ignoring a third option: keep file deps > built preprocess the repo metadata to turn each file dep that is > uniquely satisfied by a single package into a direct dependency on > that package. This

rpm-ostree v2018.3 and ostree v2018.2

2018-02-20 Thread Colin Walters
A new release of rpm-ostree, a hybrid transactional image/package system is now available: https://bodhi.fedoraproject.org/updates/ostree-2018.2-1.fc27%20rpm-ostree-2018.3-1.fc27 Direct link to main release notes: https://github.com/projectatomic/rpm-ostree/releases/tag/v2018.2 In this release

Re: Should we have a release manager for each release? (or, "who owns rawhide"?)

2018-02-16 Thread Colin Walters
On Thu, Feb 15, 2018, at 5:39 PM, Adam Williamson wrote: > In practice it tends to boil down to "me, nirik, and puiterwijk". Meanwhile, there are probably hundreds of people on this -devel list who are capable of debugging and fixing things - some very experienced engineers, yet some of them are

Re: -Werror (or any alternatives in different languages)

2018-02-10 Thread Colin Walters
On Sat, Feb 10, 2018, at 2:57 AM, Igor Gnatenko wrote: > I'm thinking about passing --cap-lints warnings to rustc to prevent erroring > on > this (and just show warning). Should we do same for C/C++? Or should I > reconsider decision in Rust land?

Re: [Fedora-packaging] Re: Proposed Fedora packaging guideline: More Go packaging

2018-02-01 Thread Colin Walters
On Thu, Feb 1, 2018, at 10:24 AM, nicolas.mail...@laposte.net wrote: > > Not directly. It does provide the means to easily rev a spec to a new > code state (version tag or commit), and it makes deps systematic (so > Fedora tooling can accurately detect what is likely to be impacted by a >

Re: F28 Self Contained Change: Atomic, Cloud and Docker images for s390x

2018-02-01 Thread Colin Walters
On Thu, Feb 1, 2018, at 10:44 AM, Josh Boyer wrote: > On Thu, Feb 1, 2018 at 12:29 AM, Sinny Kumari wrote: > > So Dan... OCI images for sure but in the context of Fedora users and > other deliverables, Docker images isn't really wrong. Plus, I just > like giving you crap ;)

rpm-ostree v2018.1

2018-01-15 Thread Colin Walters
Hi, a quick thing I want to highlight about this release here: https://github.com/projectatomic/rpm-ostree/releases/tag/v2018.1 " On the flip side, we have made a mostly-compatible change to drop most Linux "capabilities" during RPM script invocation. For example, it is no longer supported to

Re: Security updates and batched pushes

2018-01-11 Thread Colin Walters
One followup that should help people understand things: When someone pushes an update to a package that isn't in Atomic Host (or Workstation), *and* one is using rpm-ostree in "pure ostree" mode (i.e. you never ran `rpm-ostree install`), then checking for updates just uses libostree, which like

Re: Security updates and batched pushes

2018-01-11 Thread Colin Walters
On Wed, Jan 10, 2018, at 2:38 PM, Stephen John Smoogen wrote: > > This sounds a lot like the Atomic project and how it does things... Atomic could mean either (rpm)-ostree or Docker/OCI. In the Docker/OCI world search isn't standardized yet AIUI but there's progress on that upstream. I am

Re: F28 Self Contained Change: Anaconda modularization

2018-01-06 Thread Colin Walters
On Fri, Jan 5, 2018, at 7:28 AM, Jan Kurik wrote: > Anaconda installer will be split into several modules that will > communicate over DBus using stable API. For the curious this blog entry is useful: http://blog-jkonecny.rhcloud.com/2017/06/16/shining-new-anaconda-modularisation/ I also

Re: /bin/sh and lua; was: Re: common location of spec files in upstream sources

2017-10-29 Thread Colin Walters
On Fri, Oct 27, 2017, at 09:58 PM, Adam Williamson wrote: > On Fri, 2017-10-27 at 20:49 -0500, Chris Adams wrote: > > Once upon a time, Adam Williamson said: > > > FWIW, ISTR being told at some point that it's a good idea to write > > > scriptlets in lua because RPM

Re: /bin/sh and lua; was: Re: common location of spec files in upstream sources

2017-10-27 Thread Colin Walters
On Fri, Oct 27, 2017, at 03:27 PM, Jason L Tibbitts III wrote: > FW> However, this use is controversial because some > FW> RPM lookalikes do not implement Lua scriptlets. > > For Fedora that certainly isn't a concern. For the editions that use rpm-ostree, such as Fedora Atomic Host, it is:

Re: Giving us the ability to go backwards [was Re: plan to update F27 to systemd-235]

2017-10-09 Thread Colin Walters
On Sat, Oct 7, 2017, at 01:26 PM, Stephen John Smoogen wrote: > At a certain point, if you want/need to do these things, it is better > to burn it from the ground and come up with a new packaging system > (and relearn all the second system problems involved with that). I actually put code behind

Re: plan to update F27 to systemd-235

2017-10-07 Thread Colin Walters
On Sat, Oct 7, 2017, at 08:14 AM, Zbigniew Jędrzejewski-Szmek wrote: > Well, my point is that in this case there aren't any big changes, only> some > relatively minor feature additions. According to the policy, > "minor" upgrades are OK after beta. The only difference for critical > path

Re: OpenVPN and its user/group

2017-10-02 Thread Colin Walters
On Mon, Oct 2, 2017, at 10:56 AM, David Sommerseth wrote: >"diag" : "Invocation of useradd without specifying a > UID; this may be OK, because /usr/share/doc/setup/uidgid defines no UID for > openvpn" https://github.com/default-to-open/rpmgrill/pull/22

Re: removable setup rpm?!

2017-08-18 Thread Colin Walters
On Fri, Aug 18, 2017, at 07:43 AM, Petr Stodulka wrote: > Hi folks, > > I found now that the setup rpm is removable from the system, > which leads to unusable system, because of missing important files, > like /etc/shadow, Sounds like you're using dnf for a host system? The Fedora editions

Why Atomic Host should be built using Modularity

2017-08-02 Thread Colin Walters
There was a discussion today in the Atomic WG about using Modules. Meeting log: https://lists.projectatomic.io/projectatomic-archives/atomic-devel/2017-August/msg4.html Agenda discussion: https://lists.projectatomic.io/projectatomic-archives/atomic-devel/2017-August/msg2.html (Side note;

Re: Finalizing Fedora's Switch to Python 3

2017-07-28 Thread Colin Walters
On Fri, Jul 28, 2017, at 01:53 PM, Randy Barlow wrote: > On Fri, 2017-07-28 at 12:41 -0400, Colin Walters wrote: > > I'm opposed to switching the meaning of `/usr/bin/python` for AH > > anytime soon.  It's just going to break stuff, and to me the gain is > > quite > >

Re: Finalizing Fedora's Switch to Python 3

2017-07-28 Thread Colin Walters
On Fri, Jul 28, 2017, at 12:16 PM, Miro Hrončok wrote: > It's up to the maintainers of Atomic Host to decide what's there. I > don't see how that relates to this thread. We have never said anything > about what is supposed to be or not to be in the Atomic Host. I'm opposed to switching the

Re: Finalizing Fedora's Switch to Python 3

2017-07-28 Thread Colin Walters
On Fri, Jul 28, 2017, at 11:34 AM, Miro Hrončok wrote: > The change has to > start somewhere and even though I cannot really speak about RHEL, > I would think that changing it in Fedora first makes more sense. There hasn't been a single "Fedora" since we landed the editions, although that's

Re: Finalizing Fedora's Switch to Python 3

2017-07-28 Thread Colin Walters
On Fri, Jul 28, 2017, at 07:47 AM, Peter Robinson wrote: > On Fri, Jul 28, 2017 at 11:48 AM, Colin Walters <walt...@verbum.org> wrote: > > On Thu, Jul 27, 2017, at 12:07 PM, Miro Hrončok wrote: > > > >> * Switch /usr/bin/python to Python 3 in co

Re: Finalizing Fedora's Switch to Python 3

2017-07-28 Thread Colin Walters
On Thu, Jul 27, 2017, at 12:07 PM, Miro Hrončok wrote: > * Switch /usr/bin/python to Python 3 in cooperation with Python upstream. That again? That really seems like a nonstarter; previous discussion specifically around Atomic Host + Ansible:

Re: F27 System Wide Change: Graphical Applications as Flatpaks

2017-07-20 Thread Colin Walters
On Thu, Jul 20, 2017, at 08:49 AM, Hedayat Vatankhah wrote: > As Fedora is going to use (IIRC) Flatpack's in OCI format rather than > ostree, does it also work with OCI images? Both deduplication on disk, > and also delta-downloads? dedup is a tricky topic since we use SELinux;

Re: F27 System Wide Change: Graphical Applications as Flatpaks

2017-07-18 Thread Colin Walters
On Tue, Jul 18, 2017, at 02:58 PM, Chris Murphy wrote: > > But if I've understood correctly, any changes to the base will be discarded > > when you update the base image. right? No; `rpm-ostree install` is persistent, and so are other changes like `rpm-ostree initramfs --enable` and so is the

Re: F27 System Wide Change: Graphical Applications as Flatpaks

2017-07-16 Thread Colin Walters
Hi, On Fri, Jul 14, 2017, at 05:52 PM, Andrew Lutomirski wrote: > I don't see the problem. The runtime could be all of /use and the app > could be a symlink living in /app that points at /usr. The latter > could be created on the fly in a tmpfs. You're right; however, there are two other

Re: F27 System Wide Change: Graphical Applications as Flatpaks

2017-07-14 Thread Colin Walters
On Wed, Jul 12, 2017, at 07:53 AM, Kevin Kofler wrote: > > When I see the plans that are floated around, the other stuff might also end > up being containerized in a similar way, just using other technologies > (e.g., Docker). There are definitely apps today that are designed to run in

Re: super-drafty F28 and F29 schedules

2017-07-11 Thread Colin Walters
On Tue, Jul 11, 2017, at 03:49 PM, Jean-Baptiste Holcroft wrote: > Le 11/07/2017 à 19:30, Colin Walters a écrit : > > specific ones. And we get into a lot of interesting questions around > > the intersection > > of the languages and Workstation, depending on what gets inst

Re: super-drafty F28 and F29 schedules

2017-07-11 Thread Colin Walters
On Thu, Jul 6, 2017, at 09:15 PM, Matthew Miller wrote: > Hopefully, by the time we are at F28, Modularity will provide a way for > us to offer faster streams for people who want them -- but let's also > focus on stable releases. But with Modularity, how much does it even make sense to talk

Re: Rawhide: where for art thou? (why no rawhide composes recently)

2017-06-13 Thread Colin Walters
On Tue, Jun 13, 2017, at 10:43 AM, Matthew Miller wrote: > I know we're already at new-deliverable explosion, but this seems like > a place where it'd be nice to have Rawhide and Bikeshed (or whatever we > want to call "tested and believed-to-be basically functional Rawhide"). > That doesn't

Re: Reminder: GitHub etc. auto-generated archives are not stable in time

2017-05-24 Thread Colin Walters
On Wed, May 24, 2017, at 11:22 AM, Jan Pokorný wrote: > Nope, the point is that nothing has changed in the codebase or, for > that matter, tags. It must have been GitHub that changed how its > equivalent of "git archive" behaves. Yep, that's happened in the past, obviously just happened

Re: What is your opinion on "sudo pip" fix for Fedora 27?

2017-04-26 Thread Colin Walters
> Our first attempt to make sudo pip safe on Fedora [0] was This seems to be using "Fedora" to mean a *host* system, and I'd agree there. I'll note as an aside that the other host system management tool we use in Fedora is rpm-ostree, part of Atomic Host:

Re: switching libcurl back to OpenSSL and providing the libcurl-minimal subpackage

2017-04-05 Thread Colin Walters
On Wed, Apr 5, 2017, at 11:28 AM, Kamil Dudka wrote: > Anyway, do not overestimate the power of HTTP/2. It will not transparently > bring you better transfers for free. You can speak HTTP/2 even while using > the curl tool but it is mainly useful for testing. If you want to take the >

Re: switching libcurl back to OpenSSL and providing the libcurl-minimal subpackage

2017-04-05 Thread Colin Walters
On Wed, Apr 5, 2017, at 09:52 AM, Kamil Dudka wrote: > In order to make even smaller Fedora base images, it was proposed to switch > libcurl back to OpenSSL. The Fedora Crypto Consolidation project, which > motivated the switch of libcurl from OpenSSL to NSS ten years ago, is now > deprecated

Re: automated packaging

2017-03-22 Thread Colin Walters
On Wed, Mar 22, 2017, at 06:00 AM, Nikos Mavrogiannopoulos wrote: > Hi, > For several packages it is possible to automate build, test and > package updating on multiple fedora releases (+epel) in a single > keypress using the cockpituous (sic) tools [0]. These tools hide quirks > and

Re: Please test Vagrant 1.9.1

2017-02-15 Thread Colin Walters
On Wed, Feb 15, 2017, at 10:07 AM, Vít Ondruch wrote: > First of all, I am still not fond of moving the plugins.json into /usr. Why is that? It's like the fontconfig one, which was discussed in FESCo: https://pagure.io/fesco/issue/1635#comment-51133 and approved:

Re: Please test Vagrant 1.9.1

2017-02-14 Thread Colin Walters
On Tue, Feb 14, 2017, at 08:14 AM, Vít Ondruch wrote: > 3) The downside of (1) is that the plugin registration scripts are baked > into vagrant plugins, I had to apply some hacks to keep the backward > compatibility with Vagrant plugins currently in Fedora. While you're working on this, can

Re: Increasing compatibility with rpm-ostree for host packages

2017-01-23 Thread Colin Walters
On Mon, Jan 23, 2017, at 02:03 PM, Tom Hughes wrote: > How about you just explain here what it is you want rather than making > everybody go and read some bug? OK, here's a copy of the text: rpm-ostree is a new model for rpm packages on using ostree[0]. In order to implement atomic upgrades

Increasing compatibility with rpm-ostree for host packages

2017-01-23 Thread Colin Walters
Hi, rpm-ostree is the underlying hybrid image/package system for the Fedora Atomic Host edition. The layering functionality however requires some potential changes in your packages. https://bugzilla.redhat.com/show_bug.cgi?id=1415451 is a recent bug that shows one example. You can find more

Re: F26 Self Contained Change: Fontconfig cache directory change

2016-12-21 Thread Colin Walters
On Wed, Dec 21, 2016, at 07:19 AM, Björn Persson wrote: > > The fontconfig cache files are placed onto /var/cache/fontconfig now. > > this seems incompatible with the ostree model. so this is a proposal > > to move it to /usr/lib/fontconfig/cache. > > Is OStree calling for the entire /var/cache

Re: Two more concrete ideas for what a once-yearly+update schedule would look like

2016-12-09 Thread Colin Walters
On Thu, Dec 8, 2016, at 09:26 PM, Colin Walters wrote: > Anyways, in the big picture, while I don't speak for everyone on the Project > Atomic side, > I personally point users at CentOS first, unless I have some reason to think > they want Fedora. > Something like 80% of Fedor

Re: Two more concrete ideas for what a once-yearly+update schedule would look like

2016-12-08 Thread Colin Walters
On Thu, Dec 8, 2016, at 01:26 PM, Dennis Gilmore wrote: > > I would like to see us stop pushing non security updates to updates from > updates-testing entirely and do it in monthly batches instead. we would push > daily security fixes and updates-testing. However this would make atomic >

Re: Dealing with the toolchain detection issue breaking Rawhide (#1401231)

2016-12-06 Thread Colin Walters
On Tue, Dec 6, 2016, at 08:26 PM, Zbigniew Jędrzejewski-Szmek wrote: > An alternative proposal: add a opt-out/opt-in flag (similar to > _hardened_build) > %global _strict_c_flags 0/1 What I've been doing for years now is to carry a baseline set of "warnings that must be errors" in my projects,

Re: F25 Server cloud image

2016-11-23 Thread Colin Walters
On Wed, Nov 23, 2016, at 08:49 AM, Miroslav Suchý wrote: > I just wanted to download F25 Cloud image for OpenStack and was surprised > that there is none. There is just Atomic image. > But Atomic use rpm-ostree for installing packages. There is no DNF. On the host, yes. But the intent is to

Re: Modifying container storage for Fedora 26.

2016-11-16 Thread Colin Walters
On Wed, Nov 16, 2016, at 02:49 PM, Stephen Gallagher wrote: > Today, Fedora Server relies on whatever is the default for > docker-storage-setup. > We just tell Anaconda to reserve up to 15GiB by default for the / partition > and > then it puts all remaining free space (on drives selected to be

Switching to NetworkManager dhcp=internal

2016-10-12 Thread Colin Walters
Hey, so as part of the discussion about NetworkManager vs systemd-networkd, one thing that happened is networkd started exposing its DHCP code as a shared library, and NetworkManager learned to use it if one specifies ``` [main] dhcp=internal ``` in /etc/NetworkManager/NetworkManager.conf. I

[Base] adopting the Docker base image into Atomic WG

2016-10-05 Thread Colin Walters
Now that Cloud -> Atomic and will be focusing on Project Atomic, can we move the Docker base image into this group from the "Fedora Base" group? It never really made sense to me in Base; in: $ git log --format='%ae' fedora-docker-base.ks | sort -u admil...@redhat.com den...@ausil.us

Re: notion of base or minimal image

2016-07-19 Thread Colin Walters
On Tue, Jul 19, 2016, at 07:32 AM, Nikos Mavrogiannopoulos wrote: > Hi, >  Is there some notion or definition of a Fedora minimal or base image? A lot depends on whether "image" is a container or OS, which mostly boils down to "contains a kernel". For containers I would look at: `docker run

Re: F25 System Wide Change: KillUserProcesses=yes by default

2016-07-14 Thread Colin Walters
On Wed, Jul 13, 2016, at 03:04 PM, Andrew Lutomirski wrote: > I want to add a couple more to the scope: dnf and PackageKit. I don't > care *how* dnf and PackageKit get started. If they're making changes, > systemd should *not* zap them on logout. PackageKit has been a daemon from the start

Re: rpm-ostree 2016.4 now with package layering

2016-07-14 Thread Colin Walters
On Thu, Jul 14, 2016, at 08:33 AM, Colin Walters wrote: > > Another thing I think is cool is that we use bubblewrap[3] to > run %post scripts, which greatly helps avoid system damage from badly written > scripts, and helps ensure that system changes are under control of rpm-ost

rpm-ostree 2016.4 now with package layering

2016-07-14 Thread Colin Walters
rpm-ostree 2016.4: https://github.com/projectatomic/rpm-ostree/releases/tag/v2016.4 is now in Bodhi: https://bodhi.fedoraproject.org/updates/FEDORA-2016-2b9342c5cc https://bodhi.fedoraproject.org/updates/FEDORA-2016-bfecf6abed Remember, to try it, you can rebase an existing Atomic Host system

Re: Fedora development of Snap packages

2016-06-15 Thread Colin Walters
Hi, On Tue, Jun 14, 2016, at 09:18 PM, Michael Catanzaro wrote: > Also, keep in mind that Flatpaks are not the only new type of software > we intend to support in Fedora. I know other folks are looking into > supporting Docker containers; I believe that's a Server WG initiative? One of the

Re: F25 System Wide Change: Use /etc/distro.repos.d as default reposdir

2016-05-18 Thread Colin Walters
On Wed, May 18, 2016, at 03:06 PM, Subhendu Ghosh wrote: > Is ostree  remotes in scope? ostree has /etc/ostree/remotes.d today...the only thing I can think of here is that there are certainly use cases for having some common configuration between yum repos and ostree remotes - things like TLS

Re: RFC: Fedora Docker Layered Image Guidelines

2016-04-29 Thread Colin Walters
On Thu, Apr 28, 2016, at 06:52 PM, Adam Miller wrote: > Docker Layered Image "packaging" Guidelines [1] This current design means Dockerfiles are always secondary shims. I think the most interesting case is for new services which are Docker/container only at least upstream. Do we e.g.

Re: [Modularity] Module metadata proposal

2016-04-15 Thread Colin Walters
On Thu, Apr 14, 2016, at 12:35 PM, Petr Šabata wrote: > Good news, everyone, > > the first draft of the module metadata format is now available > for you to comment on. We've decided to go with YAML so it > should be fairly readable. You can view the latest version here: > >

Re: TPMs, measured boot and remote attestation in Fedora

2016-04-08 Thread Colin Walters
On Fri, Apr 8, 2016, at 05:36 AM, Florian Weimer wrote: > Remote attestation only works with a trusted counterpart who rejects > access once a breach is detected. Who do you expect to be the > counterpart for Fedora users? Is there anyone who offers such a service > without also requiring to

Re: TPMs, measured boot and remote attestation in Fedora

2016-04-08 Thread Colin Walters
On Fri, Apr 8, 2016, at 05:23 AM, Petr Pisar wrote: > I'm curious how you would predict hash of initramfs because it is > generated on the host and depends on dracut configuration and presence > of various optionally installed packages. That's true for a system managed by yum/dnf, but

Re: F24 broken dependencies

2016-03-22 Thread Colin Walters
On Tue, Mar 22, 2016, at 08:27 AM, Stephen Gallagher wrote: > I'd also point out that the supported mechanism for upgrading from F23 to F24 > is: That's one of them - there are two. I have extended: https://fedoraproject.org/wiki/Upgrading to also cover rpm-ostree managed systems such as the

Re: Proposal: spins-kickstarts workflow changes

2016-02-20 Thread Colin Walters
On Fri, Feb 19, 2016, at 02:37 PM, Kevin Fenzi wrote: > * Setup tags for all the various groups that have kickstarts. ie, > 'xfce' 'docker' 'cloud' 'atomic' 'workstation' etc. And get someone > from each of those groups to actually watch the tags or someone to CC > on who will actually

Re: F24 Self Contained Change: System Python

2016-02-10 Thread Colin Walters
The OpenEmbedded project has been doing this for quite a while: http://cgit.openembedded.org/openembedded-core/tree/meta/recipes-devtools/python/python-2.7-manifest.inc -- devel mailing list devel@lists.fedoraproject.org http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org

Re: DNF pains

2016-02-03 Thread Colin Walters
On Wed, Feb 3, 2016, at 05:54 PM, Chris Murphy wrote: > > > NAICT, DNF, like Yum before it, offers no option I can recognize from its > > man > > page to download less than all the to-be-updated/installed packages before > > proceeding to install any packages. Thus it downloads (typically

Re: Orphaned packages looking for new point of contact

2016-01-27 Thread Colin Walters
On Wed, Jan 27, 2016, at 12:45 PM, Kevin Fenzi wrote: > pygobject3 -- Python 2 bindings for GObject Introspection ( master f23 f22 ) In practice this is mostly a mirror of upstream that has automatic commits from kalev, but I'll take it as primary point of contact for any downstream issues. If

Re: COPR repo in mock?

2016-01-20 Thread Colin Walters
On Tue, Jan 19, 2016, at 08:05 AM, Nico Kadel-Garcia wrote: > There are actually some very real security reasons not to let mock > pull arbitrary configuration files from local directories. It would > provide way, way too much power to the local developer to build > arbitrary chroot cages on the

Re: seccomp support [was: Testing chrony seccomp support]

2016-01-19 Thread Colin Walters
On Tue, Jan 19, 2016, at 04:16 AM, Nikos Mavrogiannopoulos wrote: > The issue is that blacklists are terrible from a security standpoint. > That means that every new obscure system call added to the kernel will > be available by default in your program.

Re: seccomp support [was: Testing chrony seccomp support]

2016-01-19 Thread Colin Walters
On Tue, Jan 19, 2016, at 11:08 AM, Andrew Lutomirski wrote: > > On Jan 19, 2016 7:41 AM, "Colin Walters" <walt...@verbum.org> wrote: > > > > > > > > On Tue, Jan 19, 2016, at 04:16 AM, Nikos Mavrogiannopoulos wrote: > > > > > The issue i

Re: F24 System Wide Change: Change Proposal Name NewRpmDBFormat

2016-01-11 Thread Colin Walters
On Mon, Jan 11, 2016, at 09:46 AM, Jan Kurik wrote: > = Proposed System Wide Change: Change Proposal Name NewRpmDBFormat = > https://fedoraproject.org/wiki/Changes/NewRpmDBFormat It'd be interesting to know the technical details, worth reposting once there's a design document or prototype PR.

Re: no systemd in containers: Requires -> Recommends

2015-12-17 Thread Colin Walters
On Thu, Dec 17, 2015, at 08:28 AM, Neil Horman wrote: > > I would question why its necessecary to keep systemd out so ardently. If you > build your container layers properly, you can effectively put systemd in a > base > container and layer other applications in child containers that inherit

Re: no systemd in containers: Requires -> Recommends

2015-12-17 Thread Colin Walters
On Thu, Dec 17, 2015, at 10:24 AM, Lennart Poettering wrote: > Can you give realistic examples for these? Can you explain what you > are intend to run as PID 1 in them instead? Nothing, if the pid namespace did zombie collection in the kernel, you don't need a separate init. > What is cleaning

  1   2   3   4   >