On Thursday, March 3, 2022 10:49:07 PM CET Richard W.M. Jones wrote:
> (1) I don't deny that curl-minimal will reduce the size of some niche
> containers, my point is this is not a worthwhile goal to pursue given
> the costs.
I am pretty sure there are Fedora installations not based on containers
...snip...
>
> If this is just s390x builders, I'd prefer to see if we cannot rebalance
> them to just pass your builds. So, looking at it, we have 20 buildvm's
> on a host with 256gb mem. I could bump them all from 10 to 12 without
> overcommiting. I don't know if 2gb would help enough tho? Is th
On Thu, Mar 3, 2022 at 8:01 PM Rahul Sundaram wrote:
> Hi
>
> On Wed, Mar 2, 2022 at 11:40 AM Matthew Miller wrote:
>
>> On Thu, Feb 24, 2022 at 08:13:15PM +0100, Zbigniew Jędrzejewski-Szmek
>> wrote:
>> > It would probably be good to use more of those features, but you need
>> > to understand th
Hi
On Wed, Mar 2, 2022 at 11:40 AM Matthew Miller wrote:
> On Thu, Feb 24, 2022 at 08:13:15PM +0100, Zbigniew Jędrzejewski-Szmek
> wrote:
> > It would probably be good to use more of those features, but you need
> > to understand the service very well to know what systemd security
> > features ca
On 03. 03. 22 19:21, Miro Hrončok wrote:
Hello.
pypy 2.7 fails to build with GCC 12 on 32 bit arches.
https://bugzilla.redhat.com/show_bug.cgi?id=2046857
Instead of investigating this and trying to fix this, I wonder if I can just
excludearch %ix86 and %arm32. No other Fedora package really r
Hi
On Thu, Mar 3, 2022 at 5:07 PM Lennart Poettering wrote:
>
> There have been various requests of generalizing this, and making it
> available for any kind of service, not just portable services. I'd be
> onboard with that actually, but there are some unanswered questions
> regarding how distr
On Thu, Mar 3, 2022, 1:21 PM Miro Hrončok wrote:
> Hello.
>
> pypy 2.7 fails to build with GCC 12 on 32 bit arches.
>
> https://bugzilla.redhat.com/show_bug.cgi?id=2046857
>
> Instead of investigating this and trying to fix this, I wonder if I can
> just
> excludearch %ix86 and %arm32. No other F
On 3/3/22 16:49, Richard W.M. Jones wrote:
> On Thu, Mar 03, 2022 at 08:14:20PM +0100, Kamil Dudka wrote:
>> On Thursday, March 3, 2022 3:24:38 PM CET Richard W.M. Jones wrote:
>>> On Thu, Mar 03, 2022 at 09:04:10AM +0100, Kamil Dudka wrote:
The FTP protocol is still included in libcurl-minima
On Do, 03.03.22 10:04, Rahul Sundaram (methe...@gmail.com) wrote:
> > ProtectHome= for example implies that a separate mount namespace is
> > allocated for each service. if you enable that for *all* services at
> > once, then this means all services will suddenly live in their own
> > mount namesp
On Thu, Mar 03, 2022 at 08:14:20PM +0100, Kamil Dudka wrote:
> On Thursday, March 3, 2022 3:24:38 PM CET Richard W.M. Jones wrote:
> > On Thu, Mar 03, 2022 at 09:04:10AM +0100, Kamil Dudka wrote:
> > > The FTP protocol is still included in libcurl-minimal, so the protocol is
> > > not going to disa
On Wed, Mar 2, 2022, at 7:04 PM, Kevin Fenzi wrote:
> * OOm killer looks and says... oh hey, I need to kill something. This
> kojid process/slice is taking up all the memory.
> * kojid is killed.
If we replaced Koji's backend with Kubernetes (at least my employer's
production way to run Linux co
On Thursday, March 3, 2022 3:24:38 PM CET Richard W.M. Jones wrote:
> On Thu, Mar 03, 2022 at 09:04:10AM +0100, Kamil Dudka wrote:
> > The FTP protocol is still included in libcurl-minimal, so the protocol is
> > not going to disappear with the proposed F37 change. On the other
> > hand, it may ha
On Thu, Mar 03, 2022 at 02:32:50AM +0100, Michal Schorm wrote:
> In many cases, the build is killed during compilation itself.
> I'd understand the situation, if it would consistently fail somewhere
> during the testsuite on OOM errors, but it's weirder than that.
>
> Until now, I didn't have this
Hello.
pypy 2.7 fails to build with GCC 12 on 32 bit arches.
https://bugzilla.redhat.com/show_bug.cgi?id=2046857
Instead of investigating this and trying to fix this, I wonder if I can just
excludearch %ix86 and %arm32. No other Fedora package really requires pypy,
(asv uses it in %check but
On 2022-03-03 15:47, Sandro Mani wrote:
>
> On 03.03.22 15:30, Michael J Gruber wrote:
> > So, I explicitely asked what your plan was and got no response.
> >
> > I suggested to fix the problem at the root package and you went ahead
> rebuilding depending packages.
> >
> > I asked you to use prope
No missing expected images.
Failed openQA tests: 19/229 (x86_64), 13/161 (aarch64)
New failures (same test not failed in Fedora-36-20220302.n.0):
ID: 1158343 Test: x86_64 Server-dvd-iso install_default_upload
URL: https://openqa.fedoraproject.org/tests/1158343
ID: 1158375 Test: x86_64 Ev
On Thu, Mar 03, 2022 at 03:51:19PM +0100, Lennart Poettering wrote:
> Adding security into a system that didn't have it but is widely
> deployed and developed for is *hard*. It makes opt-out security really
> hard to do, which is why we went for opt-in. Tools like
> "systemd-analyze security" exist
Hi
On Thu, Mar 3, 2022 at 9:51 AM Lennart Poettering wrote:
>
> Yes, opt-out would be better than opt-in, but it would be a major
> compat break, UNIX software doesn't expect to be sandboxed, so if you
> sandbox everything out-of-the-box you'll be drowning in bugs, and the
> failure modes are not
On Do, 03.03.22 09:25, Rahul Sundaram (methe...@gmail.com) wrote:
> Hi
>
> On Thu, Mar 3, 2022 at 8:18 AM Zbigniew Jędrzejewski-Szmek wrote
>
> >
> > What do you mean by "global service overrides"?
>
> Currently security hardening features are opt-in. You will have to set it
> on a per service le
On 03.03.22 15:30, Michael J Gruber wrote:
So, I explicitely asked what your plan was and got no response.
I suggested to fix the problem at the root package and you went ahead
rebuilding depending packages.
I asked you to use proper commit messages/changelog if you do and got a series of "R
Petr said pretty much the same thing I was about to say.
As others have noted, the “indirect sub-type change” seems to be an
awkward way of saying the function prototype has changed, which is
certainly an ABI change for the mbest_search function. The only question
is, is mbest_search really pa
So, I explicitely asked what your plan was and got no response.
I suggested to fix the problem at the root package and you went ahead
rebuilding depending packages.
I asked you to use proper commit messages/changelog if you do and got a series
of "Rebuild (leptonica)", "Bump as F36 needs anoth
Hi
On Thu, Mar 3, 2022 at 8:18 AM Zbigniew Jędrzejewski-Szmek wrote
>
> What do you mean by "global service overrides"?
Currently security hardening features are opt-in. You will have to set it
on a per service level. What I would prefer to see is the ability to have
an opt out of hardening
On Thu, Mar 03, 2022 at 09:04:10AM +0100, Kamil Dudka wrote:
> On Thursday, March 3, 2022 7:07:34 AM CET Ralf Corsépius wrote:
> > Am 24.02.22 um 19:35 schrieb Daniel P. Berrangé:
> >
> > > On Thu, Feb 24, 2022 at 07:16:26PM +0100, Ralf Corsépius wrote:
> >
> >
> >
> > > If someone is setting u
Following is the list of topics that will be discussed in the FPC
meeting Thursday at 2022-03-03 17:00 UTC in #fedora-meeting-1 on
irc.libera.chat.
Local time information (via. uitime):
= Day: Thursday ==
2022-03-03 09:00 PST US/Pacific
2022-03-03 12
V Thu, Mar 03, 2022 at 07:44:45AM -0600, Richard Shaw napsal(a):
> In this instance, it's not clear to me whether sub-type changes are ABI
> breaking or not...
>
> $ fedabipkgdiff --from fc37 codec2-1.0.3-1.fc37.x86_64.rpm
> Comparing the ABI of binaries between codec2-1.0.1-2.fc36.x86_64.rpm and
On Thu, Mar 3, 2022 at 1:45 PM Richard Shaw wrote:
> In this instance, it's not clear to me whether sub-type changes are ABI
> breaking or not...
Looking only at the output of the compare, those are
ABI breaking changes, and you will need to rebuild
deps, but if those deps are actually using th
$ fedabipkgdiff --from fc37 codec2-1.0.3-1.fc37.x86_64.rpm
[[snip]]
1 function with some indirect sub-type change:
[C] 'function void mbest_search(const float*, float*, float*, int, int,
MBEST*, int*)' at mbest.c:123:1 has some indirect sub-type changes:
parameter 3 of type '
OLD: Fedora-36-20220302.n.0
NEW: Fedora-36-20220303.n.0
= SUMMARY =
Added images:1
Dropped images: 0
Added packages: 1
Dropped packages:34
Upgraded packages: 7
Downgraded packages: 0
Size of added packages: 7.10 MiB
Size of dropped packages:201.38 MiB
In this instance, it's not clear to me whether sub-type changes are ABI
breaking or not...
$ fedabipkgdiff --from fc37 codec2-1.0.3-1.fc37.x86_64.rpm
Comparing the ABI of binaries between codec2-1.0.1-2.fc36.x86_64.rpm and
codec2-1.0.3-1.fc37.x86_64.rpm:
changes of 'libcodec2.so.
With the obvious understanding that all work is done by people who are
willing to pitch in... who's domain does this fall under? Would this be
something that the Fedora Security Team would focus on? Would this be done
by the maintainers of the individual 'services'. I realize a lot of what
peop
On Thu, Mar 3, 2022 at 8:24 AM Lennart Poettering
wrote:
>
> badly. One good example for that is crond: you never know what cron
> jobs intend to do, hence you cannot sandbox crond as a whole
> reasonably. Moreover, runtime matters: short-lived stuff is much less
>
>
I've also run into another co
On Do, 24.02.22 16:29, Marius Schwarz (fedora...@cloud-foo.de) wrote:
> Do those "insecure" units come from upstream projects, or is Fedora lagging
> behind some patches?
"insecure" is misleading. We call it "exposed", which is a different
thing.
> Is there a way to find out, if missing restrict
On Wed, Mar 02, 2022 at 04:23:00PM -0500, Rahul Sundaram wrote:
> Hi
>
> On Wed, Mar 2, 2022 at 12:31 PM Zbigniew Jędrzejewski-Szmek wrote:
>
> > On Thu, Feb 24, 2022 at 02:28:56PM -0500, Rahul Sundaram wrote:
> > > Ability to modify these policies via configuration (the above one looks
> > > lik
Missing expected images:
Minimal raw-xz armhfp
Compose PASSES proposed Rawhide gating check!
All required tests passed
Failed openQA tests: 16/231 (x86_64), 18/161 (aarch64)
New failures (same test not failed in Fedora-Rawhide-20220302.n.0):
ID: 1157844 Test: x86_64 Workstation-live-iso de
No missing expected images.
Failed openQA tests: 1/8 (aarch64)
New failures (same test not failed in Fedora-Cloud-34-20220302.0):
ID: 1158178 Test: aarch64 Cloud_Base-qcow2-qcow2
base_service_manipulation@uefi
URL: https://openqa.fedoraproject.org/tests/1158178
Soft failed openQA tests: 1/
Kevin Kofler via devel kirjoitti 3.3.2022 klo 0.48:
Matthew Miller wrote:
I put #introductions in the default for "watching first post" because ...
I think seeing and welcoming new people joining our community is a good
default.
Frankly, I think most existing maintainers will not be interest
OLD: Fedora-Rawhide-20220302.n.0
NEW: Fedora-Rawhide-20220303.n.0
= SUMMARY =
Added images:0
Dropped images: 0
Added packages: 18
Dropped packages:0
Upgraded packages: 96
Downgraded packages: 0
Size of added packages: 18.18 MiB
Size of dropped packages:0
Hi
I'm planing on landing tesseract-5.1.0 and proj-9.0.0 in rawhide and F36
in the coming days. I'm doing a test run in these COPR repos:
tesseract: https://copr.fedorainfracloud.org/coprs/smani/tesseract5/
(all builds already complete)
proj: https://copr.fedorainfracloud.org/coprs/smani/pro
* Kevin Fenzi:
> Perhaps there's some way to adjust the oom killer to kill the build
> instead of kojid?
There is /proc/PID/oom_score_adj. I don't know how to use it, sorry.
Thanks,
Florian
___
devel mailing list -- devel@lists.fedoraproject.org
To un
It would be nice to announce something like this. I am really not into
discourse and I don't plan to spend any time configuring it, so it would
at least spare me from wondering what is this about.
BTW this kind of nontransparency without logging into UI to have at
least chance to understand wh
No missing expected images.
Soft failed openQA tests: 1/8 (x86_64), 1/8 (aarch64)
(Tests completed, but using a workaround for a known bug)
Old soft failures (same test soft failed in Fedora-Cloud-35-20220302.0):
ID: 1157583 Test: x86_64 Cloud_Base-qcow2-qcow2 cloud_autocloud
URL: https://op
On Thursday, March 3, 2022 7:07:34 AM CET Ralf Corsépius wrote:
> Am 24.02.22 um 19:35 schrieb Daniel P. Berrangé:
>
> > On Thu, Feb 24, 2022 at 07:16:26PM +0100, Ralf Corsépius wrote:
>
>
>
> > If someone is setting up a personal private mirror, I struggle
> > to understand a reason why they w
43 matches
Mail list logo
