Re: Is it time to allow Chromium in Fedora?
On Aug 11, 2015 10:38 PM, "Chris Murphy" wrote: > > On Tue, Aug 11, 2015 at 1:18 PM, Josh Stone wrote: > > On 08/11/2015 12:12 PM, Chris Murphy wrote: > >> Yet I see a Linux tar.bz2 for Firefox at downloads.mozilla.org so I > >> wonder why that binary doesn't just run unmodified anywhere and I'm > >> waiting for 40.0 to show up in Bodhi? > > > > If you don't see the value of distro integration and testing, then by > > all means, go use mozilla's binaries. > > I do not see the value in manually checking koji for Firefox updates > and then manually downloading and installing them. That's just not > going to happen by pretty much anybody. I have u-t enabled, I do > testing, this update is not in u-t yet. > > If I knew Mozilla's Linux binaries provided its own update mechanism > and notification, yes I would do exactly that. I am pretty sure they get updated just like Windows and OS X binaries, but the tar ball should be extracted in a user writable location. I sometimes extract it into .firefox (hidden) folder in my home and create a shortcut in KDE menu. Mustafa >And I'd still ask what > the benefit is of duplicating this effort? It sounds like it's not > actually a benefit, rather it's "because packaging". > > -- > Chris Murphy > -- > devel mailing list > devel@lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/devel > Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: Is it time to allow Chromium in Fedora?
On Aug 11, 2015 11:29 PM, "Reindl Harald" wrote: > > > > Am 11.08.2015 um 22:18 schrieb Mustafa Muhammad: >> >> > If I knew Mozilla's Linux binaries provided its own update mechanism >> > and notification, yes I would do exactly that. >> >> I am pretty sure they get updated just like Windows and OS X binaries, >> but the tar ball should be extracted in a user writable location > > > nonsense > > *if* you use binary tarballs they *should not* be extracted in a user writeable location as *no binary* whenever possible should have permissions allowing a ordinary user to change them > > they should be extracted to /usr/local/ with root-only write-permissions and you have to just start the application as root for updates - not only on Linux, on *any* operating system > > and since most users are not able to cope with this security principals package managers exists > _ > > http://www.tldp.org/HOWTO/Security-HOWTO/file-security.html > > World-writable files, particularly system files, can be a security hole if a cracker gains access to your system and modifies them. Additionally, world-writable directories are dangerous, since they allow a cracker to add or delete files as he wishes My home is not world writable. The way you pointed is the better way, of course, but I think even my simple way is better than waiting for package updates from the repos when an exploit is in the wild. > _ > > as long as you did not inherit that principles you have no clue about security and will be the first victim of exploits on non-windows systems > > > -- > devel mailing list > devel@lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/devel > Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: Is it time to allow Chromium in Fedora?
On Aug 12, 2015 12:00 AM, "Mustafa Muhammad" wrote: > > > On Aug 11, 2015 11:29 PM, "Reindl Harald" wrote: > > > > > > > > Am 11.08.2015 um 22:18 schrieb Mustafa Muhammad: > >> > >> > If I knew Mozilla's Linux binaries provided its own update mechanism > >> > and notification, yes I would do exactly that. > >> > >> I am pretty sure they get updated just like Windows and OS X binaries, > >> but the tar ball should be extracted in a user writable location > > > > > > nonsense > > > > *if* you use binary tarballs they *should not* be extracted in a user writeable location as *no binary* whenever possible should have permissions allowing a ordinary user to change them > > > > they should be extracted to /usr/local/ with root-only write-permissions and you have to just start the application as root for updates - not only on Linux, on *any* operating system > > > > and since most users are not able to cope with this security principals package managers exists > > _ > > > > http://www.tldp.org/HOWTO/Security-HOWTO/file-security.html > > > > World-writable files, particularly system files, can be a security hole if a cracker gains access to your system and modifies them. Additionally, world-writable directories are dangerous, since they allow a cracker to add or delete files as he wishes > > My home is not world writable. > The way you pointed is the better way, of course, but I think even my simple way is better than waiting for package updates from the repos when an exploit is in the wild. By the way, running an application as root, even fit just updating it is dangerous. > > > _ > > > > as long as you did not inherit that principles you have no clue about security and will be the first victim of exploits on non-windows systems > > > > > > -- > > devel mailing list > > devel@lists.fedoraproject.org > > https://admin.fedoraproject.org/mailman/listinfo/devel > > Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: No more deltarpms by default
On Mon, Oct 6, 2014 at 9:55 PM, Jonathan Dieter wrote: > On 10/06/2014 08:57 PM, Reindl Harald wrote: >> >> Am 06.10.2014 um 19:45 schrieb Florian Festi: >>> >>> The way of getting around all this unnecessary computation is >>> establishing trust via the deltarpm itself and giving up the idea of >>> reconstructing the originally rpm as a prove of everything worked out >>> just fine. >>> >>> To save even more time the delta would need to be applied directly on >>> disk without creating an package at all. This would require a deeper >>> integration with rpm and requires some tricky algorithms to make sure >>> everything is ok in advance and won't blow up during the rpm >>> transaction. So if anyone needs a hobby... >> >> >> oh no - don't tie all together for reasons which did not destory the >> world over years - it is a damned good design that the part dealing with >> rpm packages don't need to know anything aboutt delta rpms because the >> normal packages are created before that step >> >> don't break the unix-way of work the current behavior follows for no >> good reason and there is none - otherwise deltarpm would not have been >> default over years the way it works now > > > Ok, granted, this sounds pretty scary. But if we give rpm the ability to > upgrade an installed package with a deltarpm, it wouldn't take away > deltarpm's ability to generate a full rpm from a deltarpm. And it does have > the advantage of cutting right through the knot. We already store checksums > of the deltarpms in prestodelta.xml, as well as in the deltarpm itself. > > Probably the biggest weakness would be the chance that something would > change on-disk between the check stage and actual install stage. We'd have > to evaluate whether it's worth making a temporary copy of the old data > during the check stage and then applying the deltarpm to that. > > All of this would require a lot of buy-in from the rpm guys, though > (Florian, you're one of them, right?). If I recall correctly, when we first > looked at deltarpms, one of the selling points was that rpm didn't have to > change at all. > > Jonathan > > -- > devel mailing list > devel@lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/devel > Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Hi, I live in a country where 1 Mbps (128 KB/s) is more than the average (and considered GOOD), we really need deltarpm, it saves huge amounts of data and time. I think the problem is in compressing then decompressing the file, why we don't take checksum of the tar file before compression? (of course this must be done on the server too), this way we can use deltarpm without much CPU, this should provide the best of the two worlds. Mustafa Muhammad -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: Updates (was Fedora 23 Final RC10 status is GO !)
Hi, I think the better approach is to allow more updates, as Kevin suggested, usually they fix more than they break. I also think shorter freezes with unfreeze on slip are better than the current approach of accumulated updates on release day. >From my point of view, the best approach is rolling release, if the manpower allows for it, openSUSE and Arch do it well, and for the more conservative people, there is the "Security Updates Only" way of dnf-automatic that Johnny mentioned. Regards Mustafa -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: no systemd in containers: Requires -> Recommends
On Thu, Dec 17, 2015 at 6:24 PM, Lennart Poettering wrote: > On Thu, 17.12.15 10:02, Colin Walters (walt...@verbum.org) wrote: > > > On Thu, Dec 17, 2015, at 08:28 AM, Neil Horman wrote: > > > > > > I would question why its necessecary to keep systemd out so ardently. > If you > > > build your container layers properly, you can effectively put systemd > in a base > > > container and layer other applications in child containers that > inherit from it. > > > > If one is doing "micro" containers that only have typically one process > in them, > > having systemd managing it is unnecessary overhead. > > Can you give realistic examples for these? Can you explain what you > are intend to run as PID 1 in them instead? What is cleaning up /tmp > for those things? What is setting up the tmpfiles bits in /run for > them, and so on? > The recommendation for docker containers is to only have one process, when it dies, the whole container stops, this is how to manage a cluster and know when something die. Mustafa > Lennart > > -- > Lennart Poettering, Red Hat > -- > devel mailing list > devel@lists.fedoraproject.org > http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org > -- devel mailing list devel@lists.fedoraproject.org http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org
Re: Mozilla enabled ads in Firefox and they're active in Fedora
On Sat, Nov 15, 2014 at 4:25 PM, Lars Seipel wrote: > So Mozilla has recently gone live with its advertisement tiles on the > "New Tab" page. Only newly created profiles get to see this stuff. > > On a pristine F21 install using Gnome, when first launching Firefox, > users are presented with a number of tiles, depending on screen size. > One of those is a so-called "sponsored" tile chosen from a range of > available advertisements (e.g. for booking.com, there's also one for the > Snowden movie), apparently depending on geographical location. > > When this "feature" got originally announced[1], there was a discussion > on -devel if this kind of stuff is really appropriate for Fedora. > > Some time later Mozilla seemed to have canceled the feature, quoting > "That’s not going to happen. That’s not who we are at Mozilla." as one > of the reasons[2]. > > Apparently, they (again) reconsidered, pushing the feature to nightlies > a few months ago. Well, it now hit the stable branch and, therefore, > Fedora. > > This is how Mozilla pitches the feature to advertisers[3]: > >> To support ad personalization, Mozilla created an internal data system >> that aggregates user information while stripping out personally >> identifiable information. Mozilla can track impressions, clicks, and the >> number of ads a user hides or pins. Its advertising partners are also >> privy to that data. > > Personally, I don't think that showing advertisements on the free > software desktop is appropriate. Our users are supposed to be able to > fully trust our software. That's one of our most-often touted strenghts. > I don't think the ability to "track impressions, clicks, and the number > of ads a user hides or pins" is something that is compatible with that, > regardless of this data being tied to "personally identifiable > information" or not. > > Firefox's behaviour is probably nothing extraordinary on the other > platforms Mozilla is targeting. Compared to the prevalent attitude of > proprietary vendors, especially on mobile, it doesn't sound that bad > anymore. I don't think that's a suitable scale for Fedora, though. > > From a user perspective, it's not that hard to disable the feature. Upon > first seeing that page a tooltip is shown to hint at the possibility. > Users can choose between three modes, "Enhanced", "Classic" and "Blank". > Contrary to what is stated in the Mozilla kb[4], the only one that > actually disables the ads is "Blank", which is equal to setting the new > tab page to about:blank. > > What does the community think of it? Is it okay for our flagship > applications to carry ads and report tracking data? > > [1] > https://blog.mozilla.org/advancingcontent/2014/02/11/publisher-transformation-with-users-at-the-center/ > [2] > https://blog.mozilla.org/futurereleases/2014/05/09/new-tab-experiments/ > [3] > http://www.adexchanger.com/online-advertising/mozilla-finally-releases-its-browser-ad-product-hints-at-programmatic-in-2015/ > [4] > https://support.mozilla.org/de/kb/how-do-tiles-work-firefox#w_enhanced-tiles > -- > devel mailing list > devel@lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/devel > Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct The "ads" are not intrusive, they don't collect personally identifiable data, and can be disabled with a selection from a button on the start page! See: http://www.pcworld.com/article/2848017/how-to-get-rid-of-firefoxs-new-ads-on-the-new-tab-page.html I think the best way is to ship Firefox as is, if somebody doesn't want to help the open source project generating some revenue using these ads, he can disable them. When you use Google search engine in any browser, it is collecting more data than this feature in Firefox. If you want to disable them, disable them in the default configuration we ship, nothing more is needed. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Enable tapping by default
Hi, I am testing Fedora 21 beta and -like all previous versions- click by tapping is off by default. Several bug reports concerning this were closed as NOTABUG, but tapping is useful for us (people who use it), I don't think it bothers the others that much, and is on by default in most operating systems and Linux distributions. What can we do to make this happen? Regards Mustafa Muhammad -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: Enable tapping by default
On Mon, Nov 17, 2014 at 2:49 PM, Björn Persson wrote: > Mustafa Muhammad wrote: >> Hi, I am testing Fedora 21 beta and -like all previous versions- click >> by tapping is off by default. >> Several bug reports concerning this were closed as NOTABUG, but >> tapping is useful for us (people who use it), I don't think it bothers >> the others that much, and is on by default in most operating systems >> and Linux distributions. >> >> What can we do to make this happen? > > Perhaps demonstrate that it won't cause the rest of us to click on > random things by accident, instead of just thinking so? I didn't say that, I said, "I don't think it bothers the others that much". It can be disabled, but we are talking about the what the default behavior should be. > > Björn Persson > > -- > devel mailing list > devel@lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/devel > Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: Enable tapping by default
On Mon, Nov 17, 2014 at 5:50 PM, Björn Persson wrote: > drago01 wrote: >> Things are not black and white there is a "disable touchpad while typing" >> option which would solve your problem while not making the impression that >> something is broken like it is now. > > Possibly, but there is also the risk of accidentally tapping when you > only want to move the pointer but your finger happens to tremble a > little. (That's not about Parkinson's disease. Even to perfectly healthy > people it's difficult to hold absolutely still.) > > Does anyone care to present some evidence showing that this works well > for people in general? Note that I'm not against changing this default. > I'm against changing it based on nothing but a baseless belief that it > won't bother people. I don't want to change this because I believe it doesn't bother people, but because almost every other OS and Linux distribution have it enabled by default, and when people try to use Fedora and they can't tap to click, they have the impression that this is broken, Linux is bad, can't handle a touchpad right. By the way, "Disable touchpad when writing" is enabled by default, so this should not affect typing. Regards Mustafa > > Björn Persson > > -- > devel mailing list > devel@lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/devel > Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: Join to Mozilla Location Service in Fedora
On Mon, Nov 17, 2014 at 11:12 PM, Kevin Kofler wrote: > Martin Stransky wrote: >> as you may know [0] Firefox in Fedora [1] is using Mozilla Location >> service [2] as a location provider instead of the Google one. >> >> I'd like to ask you to join the project, install the Mozilla Stumbler >> application [3] and help to improve the location accuracy. > > The Mozilla Location database is proprietary, and thus we should neither > contribute nor encourage contributing to it, but instead support one or both > of the following projects: > http://www.openwlanmap.org/ > http://www.openbmap.org/ > > Kevin Kofler From their FAQ [1] "While we try to make the service as open as possible, the underlying data contains personally identifiable information from both the users uploading data to us and from the owners of WiFi devices." They care about their clients' privacy, just like we do. [1] https://wiki.mozilla.org/CloudServices/Location/FAQ#Can_I_download_the_entire_raw_database.3F > > -- > devel mailing list > devel@lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/devel > Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: Enable tapping by default
On Tue, Nov 18, 2014 at 1:59 PM, Bastien Nocera wrote: > > > - Original Message - >> On Mon, Nov 17, 2014 at 5:50 PM, Björn Persson wrote: >> > drago01 wrote: >> >> Things are not black and white there is a "disable touchpad while typing" >> >> option which would solve your problem while not making the impression that >> >> something is broken like it is now. >> > >> > Possibly, but there is also the risk of accidentally tapping when you >> > only want to move the pointer but your finger happens to tremble a >> > little. (That's not about Parkinson's disease. Even to perfectly healthy >> > people it's difficult to hold absolutely still.) >> > >> > Does anyone care to present some evidence showing that this works well >> > for people in general? Note that I'm not against changing this default. >> > I'm against changing it based on nothing but a baseless belief that it >> > won't bother people. >> >> I don't want to change this because I believe it doesn't bother >> people, but because almost every other OS and Linux distribution have >> it enabled by default, > > No they don't. Specific drivers for specific touchpads for specific hardware > will have tap-to-click enabled. This is usually because an engineer made the > decision. They do, I've used openSUSE, Mageia, Ubuntu, Mint, Windows, Mac OS X, etc. They all enable it by default, and for a good reason, most users I worked with ask about this, most people use my laptop ask about it. > >> and when people try to use Fedora and they >> can't tap to click, they have the impression that this is broken, >> Linux is bad, can't handle a touchpad right. > > No, they usually figure out that they need to enable tapping. > >> By the way, "Disable touchpad when writing" is enabled by default, so >> this should not affect typing. > > No, it's not enabled by default. It is enabled here, I am using F21 KDE beta and "Disable touchpad when writing" is enabled by default. > > Tap-to-click is disabled because: > 1) it confuses users who aren't used to tap-to-click, or don't use > tap-to-click > 2) it's especially bad on awful touchpads > 3) most PC touchpads are awful (or awfully configured) > > Search for "tap-to-click" in the gnome-settings-daemon bugzilla product at > https://bugzilla.gnome.org for more thorough explanations. > > In short, the default has already been decided upon. > > Cheers > -- > devel mailing list > devel@lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/devel > Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: Call for zchunk repodata testers
I've been testing this for several days, everything seems normal. After 2 days without updates, I checked ifconfig before and after metadata update, and update is only 3.8 MB. Seems great to me, thank you for working on this :) ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
