From Fedora Project Wiki

(Created page)
 
Line 9: Line 9:




Please consider to improve the list below if worth to be mentioned:


== Fedora-Wide Changes and Improvements ==
== Fedora-Wide Changes and Improvements ==


*
===[[Changes/SSSDCacheForLocalUsers | SSSD fast cache for local users]]===
Enable resolving all users through the sss NSS modules for better performance.
===[[Changes/PythonClassroomLab | Python Classroom Lab]]===
A new Python Classroom Lab will be created in 3 variants: Workstation based, Docker based and Vagrant based. It's an important step for our Fedora Loves Python initiative. The main audience are Python teachers and workshop instructors.
===[[Changes/KerberosKCMCache | Kerberos KCM credential cache by default]]===
Default to a new Kerberos credential cache type called KCM which is better suited for containerized environments and provides a better user experience in the general case as well.
===[[Changes/GNOME3.24 | GNOME 3.24]]===
Update GNOME to the latest upstream release, 3.24
===[[Changes/EnableTrimOnDmCrypt | Enable TRIM pass down to encrypted disks]]===
Override kernel default for dm-crypt mappings of LUKS1 encrypted volumes via flag put in /etc/crypttab file. This change should affect only newly created encrypted storage based on LUKS1 format during installation.
===[[Changes/SubpackageAndSourceDebuginfo | Separate Subpackage and Source Debuginfo]]===
Allow to install just the debuginfo for a subpackage and/or without the source files. The debuginfo packages are huge because they contain debuginfo and all sources for all subpackages. Being able to install only the debuginfo for the subpackage that is installed reduces the size that needs to be downloaded to analyze, trace, profile or debug a program or core file. Some tracing and profiling tools don't need the actual source files to provide stack traces or insert probes. So installing the debugsources should be optional.
===[[Changes/Modular Server Preview | Modular Server Preview]]===
As we progress down the modularity path, we finally have enough content, architecture and understanding that we would like to release an edition of Fedora that is actually usable. However, as we aren't ready for production yet, we would like to do a "preview" release so that people can see it and try it but it doesn't actually take the place of a production edition. As such this Change Proposal requests that we set up a "Modular Server Edition" with some sort of flag that indicates that it is meant for experimentation and not real use. We plan to model the Server Edition in content and most use scenarios.
===[[Changes/GCC7 | GCC7]]===
Switch GCC in Fedora 26 to 7.x.y, rebuild all packages with it, or optionally rebuild just some packages with it and rebuild all packages only in Fedora 27.
===[[Changes/ParallelInstallableDebuginfo | Parallel Installable Debuginfo]]===
debuginfo packages can be installed in parallel to make it easier to trace, profile and observe what programs are doing or to debug when they have crashed. That way debugging, tracing or profiling programs can be done independent of whether they are 32bit, 64bit, a slightly newer or older version than currently installed or even from a different architecture.
===[[Changes/pkgconf as system pkg-config implementation | pkgconf as system pkg-config implementation]]===
This change switches Fedora's system-wide/default pkg-config implementation to pkgconf, a new implementation of pkg-config that provides better support for handling .pc files and a stable library ABI/API for integrating into applications.
===[[Changes/OpenLDAPwithOpenSSL | Switch OpenLDAP from NSS to OpenSSL]]===
Currently, OpenLDAP in Fedora is compiled with NSS (aka MozNSS) for cypto. OpenLDAP is going to be compiled with OpenSSL, instead.
===[[Changes/golang1.8 | Golang 1.8]]===
Rebase of Golang package to upcoming version 1.8 in Fedora 26, including rebuild of all dependent packages.
===[[Changes/Ruby 2.4 | Ruby 2.4]]===
Ruby 2.4 is the latest stable version of Ruby. Many new features and improvements are included for the increasingly diverse and expanding demands for Ruby. With this major update from Ruby 2.3 in Fedora 24 to Ruby 2.4 in Fedora 26, Fedora becomes the superior Ruby development platform.
===[[Changes/coredumpctl | Enable systemd-coredump by default]]===
Enable systemd-coredump by default. Core dumps will be accessible via the coredumpctl tool.
===[[Changes/GHC 8.0 | GHC 8.0]]===
Update the GHC Haskell compiler in Fedora from version 7.10 to the current stable version 8.0, with much improved support for aarch64, ppc64, and ppc64le.
===[[Changes/StaticLibraryDebuginfo | Debugging Information For Static Libraries]]===
This change proposes to ship debugging information in static libraries.
===[[Changes/F26Boost163 | Fedora 26 Boost 1.63 upgrade]]===
This change brings Boost 1.63.0 to Fedora 26. This will mean F26 ships with a recent upstream Boost release.
===[[Changes/Fedora26CFlags | Fedora 26 C/C++ Compilation Flags Updates]]===
This change updates the default C/C++ compilation flags, as determined by the redhat-rpm-config package.
===[[Changes/RetireSynapticsDriver | Retire Synaptics Driver]]===
Retire the xorg-x11-drv-synaptics driver and remove it from user's install.
===[[Changes/aarch64-48bitVA | AARCH64 - 48-bit VA]]===
Enable 48bit VA on AARCH64
===[[Changes/OpenSSL110 | OpenSSL 1.1.0]]===
Rebase of OpenSSL package to 1.1.0 version
===[[Changes/DNF-2.0 | DNF 2.0]]===
DNF rebase to version 2.0.
===[[Changes/Python3.6 | Python 3.6]]===
Update the Python 3 stack in Fedora from Python 3.5 to Python 3.6.
 
== Fedora 26 Accepted Self Contained Changes Proposals ==
These changes have been accepted by the [[Fedora_Engineering_Steering_Committee |Fedora Engineering Steering Committee]] for the Fedora 26 Release as Self Contained Changes.
 
===[[Changes/Making sudo pip safe | Making sudo pip Safe (Again)]]===
At the present time, running sudo pip3 in Fedora is not safe. Pip shares its installation directory with dnf, can remove dnf-managed files and generally break the Python 3 interpreter. We propose a series of measures that will make it safe to use.
===[[Changes/Replace Coolkey with OpenSC | Replace Coolkey with OpenSC]]===
There are more PKCS#11 libraries supporting the same smart cards in the system. For the next releases, we would like to promote OpenSC as a default PKCS#11 provided in place where Coolkey driver is used these days, which will
===[[Changes/LDC1.1.0 | LDC 1.1.0]]===
Update LDC to 1.1.0 in Fedora 26.
===[[Changes/ContainerMinimalImage | Container Minimal Image]]===
Produce a new container image that contains as little as possible, but also still provides the ability to install packages from dnf repositories.
===[[Changes/DockerOverlay2 | Docker Overlay 2]]===
Change the default Docker Storage to use OverlayFS via the overlay2 driver, for better performance.
===[[Changes/LXQt Spin | LXQt Spin]]===
A Fedora Spin providing the LXQt desktop environment.
===[[Changes/NetworkManager18 | NetworkManager 1.8]]===
Update to NetworkManager to version 1.8.
===[[Changes/Automated AMI test and release | Automated AMI test and release]]===
We will test the AMI image we build on one single region using the same tests used in Vagrant/local Autocloud testing, and if the tests pass, then only the AMI will be uploaded to all the regions and released.
===[[Changes/FontconfigCacheDirChange | Fontconfig cache directory change]]===
The fontconfig cache files are placed onto /var/cache/fontconfig now. this seems incompatible with the ostree model. so this is a proposal to move it to /usr/lib/fontconfig/cache.
===[[Changes/BaseRuntime | Base Runtime]]===
We will deliver the first release of Base Runtime, a module providing base operating system features that application level modules can build and depend on. This module will be the foundation of the new modular Fedora 26 Server release.
===[[Changes/golang-buildmode-pie | Golang buildmode PIE]]===
Change default build mode of golang in Fedora packaging macros to buildmode=pie, which results in packages using them to produce Position Independent Executables. Another part of the change is to pass the Fedora hardened linker flags to the external linker(regular system linker). In result reducing exploit-ability of binaries.
===[[Changes/AuthconfigCleanup | Authconfig Cleanup]]===
Removal of obsolete and unmaintainable code from Authconfig such as the support for configuring Hesiod and the authconfig GTK2 based GUI and TUI.
===[[Changes/JavaCryptoPolicies | Java/OpenJDK enforces the system-wide crypto policy]]===
As it is now, the System-wide crypto policy in F25 is enforced by the OpenSSL, GnuTLS and NSS TLS libraries. To harmonize crypto across all applications in Fedora, including the Java ones, OpenJDK is enhanced to respect the settings of the system-wide crypto policy as well.
===[[Changes/ZF3 | Zend Framework 3]]===
Update Zend Framework to latest version 3.
===[[Changes/ModularCompose | Modular Compose]]===
For Fedora 26, we would like to modify the compose tools (pungi) to produce an additional experimental variant, derived from modules built in the  Module Build Service.
===[[Changes/ModuleBuildService | Module Build Service]]===
We will deploy an instance of the Module Build Service to production in Fedora Infrastructure.  Other teams will use this service to produce some "modular" content for the Fedora 26 release.
===[[Changes/AnacondaBlivetGUI | Blivet-GUI in Anaconda]]===
Add  blivet-gui as an alternative option for storage configuration in  Anaconda Installer.
===[[Changes/php71 | PHP 7.1]]===
Update the PHP stack in Fedora to latest version 7.1.x
===[[Changes/BIND 9.11 | BIND version 9.11]]===
BIND (Berkeley Internet Name Domain) version 9.11 is the latest stable major update of the widely used DNS server. Besides new features, some settings defaults have changed since the previous major version (9.10).
===[[Changes/OpenSSH Crypto Policy | OpenSSH Crypto Policy (Client)]]===
OpenSSH client will follow system-wide crypto policies already followed by other cryptographic libraries and tools. It will allow to use different security levels defined system-wide.


== Fedora Cloud ==
== Fedora Cloud ==

Revision as of 18:43, 13 February 2017

DISCUSSION DRAFT
This is a draft only for discussion. This is not a final set of talking points, nor are all of the features listed here complete at the time of this draft. Please do a reality check before using these talking points as anything other than a discussion draft!

These are the Talking Points for the Fedora 26 release. For information on how these talking points were chosen, see Talking Points SOP. They are intended to help Ambassadors quickly present an overview of highlighted features when talking about the release, and to help drive content for the release, etc.

The talking points are based in part on the Change Set for this release.


Overall Release Story

Please consider to improve the list below if worth to be mentioned:

Fedora-Wide Changes and Improvements

SSSD fast cache for local users

Enable resolving all users through the sss NSS modules for better performance.

Python Classroom Lab

A new Python Classroom Lab will be created in 3 variants: Workstation based, Docker based and Vagrant based. It's an important step for our Fedora Loves Python initiative. The main audience are Python teachers and workshop instructors.

Kerberos KCM credential cache by default

Default to a new Kerberos credential cache type called KCM which is better suited for containerized environments and provides a better user experience in the general case as well.

GNOME 3.24

Update GNOME to the latest upstream release, 3.24

Enable TRIM pass down to encrypted disks

Override kernel default for dm-crypt mappings of LUKS1 encrypted volumes via flag put in /etc/crypttab file. This change should affect only newly created encrypted storage based on LUKS1 format during installation.

Separate Subpackage and Source Debuginfo

Allow to install just the debuginfo for a subpackage and/or without the source files. The debuginfo packages are huge because they contain debuginfo and all sources for all subpackages. Being able to install only the debuginfo for the subpackage that is installed reduces the size that needs to be downloaded to analyze, trace, profile or debug a program or core file. Some tracing and profiling tools don't need the actual source files to provide stack traces or insert probes. So installing the debugsources should be optional.

Modular Server Preview

As we progress down the modularity path, we finally have enough content, architecture and understanding that we would like to release an edition of Fedora that is actually usable. However, as we aren't ready for production yet, we would like to do a "preview" release so that people can see it and try it but it doesn't actually take the place of a production edition. As such this Change Proposal requests that we set up a "Modular Server Edition" with some sort of flag that indicates that it is meant for experimentation and not real use. We plan to model the Server Edition in content and most use scenarios.

GCC7

Switch GCC in Fedora 26 to 7.x.y, rebuild all packages with it, or optionally rebuild just some packages with it and rebuild all packages only in Fedora 27.

Parallel Installable Debuginfo

debuginfo packages can be installed in parallel to make it easier to trace, profile and observe what programs are doing or to debug when they have crashed. That way debugging, tracing or profiling programs can be done independent of whether they are 32bit, 64bit, a slightly newer or older version than currently installed or even from a different architecture.

pkgconf as system pkg-config implementation

This change switches Fedora's system-wide/default pkg-config implementation to pkgconf, a new implementation of pkg-config that provides better support for handling .pc files and a stable library ABI/API for integrating into applications.

Switch OpenLDAP from NSS to OpenSSL

Currently, OpenLDAP in Fedora is compiled with NSS (aka MozNSS) for cypto. OpenLDAP is going to be compiled with OpenSSL, instead.

Golang 1.8

Rebase of Golang package to upcoming version 1.8 in Fedora 26, including rebuild of all dependent packages.

Ruby 2.4

Ruby 2.4 is the latest stable version of Ruby. Many new features and improvements are included for the increasingly diverse and expanding demands for Ruby. With this major update from Ruby 2.3 in Fedora 24 to Ruby 2.4 in Fedora 26, Fedora becomes the superior Ruby development platform.

Enable systemd-coredump by default

Enable systemd-coredump by default. Core dumps will be accessible via the coredumpctl tool.

GHC 8.0

Update the GHC Haskell compiler in Fedora from version 7.10 to the current stable version 8.0, with much improved support for aarch64, ppc64, and ppc64le.

Debugging Information For Static Libraries

This change proposes to ship debugging information in static libraries.

Fedora 26 Boost 1.63 upgrade

This change brings Boost 1.63.0 to Fedora 26. This will mean F26 ships with a recent upstream Boost release.

Fedora 26 C/C++ Compilation Flags Updates

This change updates the default C/C++ compilation flags, as determined by the redhat-rpm-config package.

Retire Synaptics Driver

Retire the xorg-x11-drv-synaptics driver and remove it from user's install.

AARCH64 - 48-bit VA

Enable 48bit VA on AARCH64

OpenSSL 1.1.0

Rebase of OpenSSL package to 1.1.0 version

DNF 2.0

DNF rebase to version 2.0.

Python 3.6

Update the Python 3 stack in Fedora from Python 3.5 to Python 3.6.

Fedora 26 Accepted Self Contained Changes Proposals

These changes have been accepted by the Fedora Engineering Steering Committee for the Fedora 26 Release as Self Contained Changes.

Making sudo pip Safe (Again)

At the present time, running sudo pip3 in Fedora is not safe. Pip shares its installation directory with dnf, can remove dnf-managed files and generally break the Python 3 interpreter. We propose a series of measures that will make it safe to use.

Replace Coolkey with OpenSC

There are more PKCS#11 libraries supporting the same smart cards in the system. For the next releases, we would like to promote OpenSC as a default PKCS#11 provided in place where Coolkey driver is used these days, which will

LDC 1.1.0

Update LDC to 1.1.0 in Fedora 26.

Container Minimal Image

Produce a new container image that contains as little as possible, but also still provides the ability to install packages from dnf repositories.

Docker Overlay 2

Change the default Docker Storage to use OverlayFS via the overlay2 driver, for better performance.

LXQt Spin

A Fedora Spin providing the LXQt desktop environment.

NetworkManager 1.8

Update to NetworkManager to version 1.8.

Automated AMI test and release

We will test the AMI image we build on one single region using the same tests used in Vagrant/local Autocloud testing, and if the tests pass, then only the AMI will be uploaded to all the regions and released.

Fontconfig cache directory change

The fontconfig cache files are placed onto /var/cache/fontconfig now. this seems incompatible with the ostree model. so this is a proposal to move it to /usr/lib/fontconfig/cache.

Base Runtime

We will deliver the first release of Base Runtime, a module providing base operating system features that application level modules can build and depend on. This module will be the foundation of the new modular Fedora 26 Server release.

Golang buildmode PIE

Change default build mode of golang in Fedora packaging macros to buildmode=pie, which results in packages using them to produce Position Independent Executables. Another part of the change is to pass the Fedora hardened linker flags to the external linker(regular system linker). In result reducing exploit-ability of binaries.

Authconfig Cleanup

Removal of obsolete and unmaintainable code from Authconfig such as the support for configuring Hesiod and the authconfig GTK2 based GUI and TUI.

Java/OpenJDK enforces the system-wide crypto policy

As it is now, the System-wide crypto policy in F25 is enforced by the OpenSSL, GnuTLS and NSS TLS libraries. To harmonize crypto across all applications in Fedora, including the Java ones, OpenJDK is enhanced to respect the settings of the system-wide crypto policy as well.

Zend Framework 3

Update Zend Framework to latest version 3.

Modular Compose

For Fedora 26, we would like to modify the compose tools (pungi) to produce an additional experimental variant, derived from modules built in the Module Build Service.

Module Build Service

We will deploy an instance of the Module Build Service to production in Fedora Infrastructure. Other teams will use this service to produce some "modular" content for the Fedora 26 release.

Blivet-GUI in Anaconda

Add blivet-gui as an alternative option for storage configuration in Anaconda Installer.

PHP 7.1

Update the PHP stack in Fedora to latest version 7.1.x

BIND version 9.11

BIND (Berkeley Internet Name Domain) version 9.11 is the latest stable major update of the widely used DNS server. Besides new features, some settings defaults have changed since the previous major version (9.10).

OpenSSH Crypto Policy (Client)

OpenSSH client will follow system-wide crypto policies already followed by other cryptographic libraries and tools. It will allow to use different security levels defined system-wide.

Fedora Cloud

Fedora Server

Cockpit

Fedora Workstation

Spins

KDE Desktop

New packages

Improvements

Usage instructions

To try out KDE instead of the default GNOME desktop environment, see the KDE wiki page. More information is on the KDE announcements page.

Xfce

Mate-Compiz

Labs

Design Suite

Upgrading to the Latest Release

To learn how to upgrade to the latest release from a recent Fedora release using DNF, see here.