Red Hat has an immediate opening for a full-time engineer to join the kernel team in Fedora Engineering. This job will work with Josh Boyer and Justin Forbes to maintain and improve the kernel in Fedora, and participate and contribute to upstream development and testing. This job interacts with the Fedora team and community, the RHEL kernel engineering groups, and the upstream kernel community.
Ideally we’re looking for someone with significant kernel experience. We want someone who can help manage our own kernel releases. But also we want to get patches and code upstream where it can benefit the entire community, for example to improve hardware support. Red Hat’s a challenging and exciting place to work, and the Fedora team is a great bunch of people to work with. A talented, motivated kernel hacker will find plenty of opportunity here for growth and collaboration.
Applications are being accepted now. You can find more information about the job, and apply online, via the posting here on our Red Hat Jobs site.
I’m here in Westford over the weekend with other members of the Fedora Design Team for their Fedora activity day. I traveled up to chilly Boston on Thursday midday, so I could assist by transporting people from the airport to our hotel in Westford.
On Friday, we convened in the Red Hat office in Westford. As is usual for my Westford visits, I pretty much spent the day running from place to place taking care of things unrelated to the Design team, but which needed to be done in my role as a manager. Fortunately most of the day was spent by the team figuring out policy and processes. I don’t feel like my input was needed there, or even appropriate since I’m not a frequent contributor to design tasks — as much as I love the team! So it all worked out for the best, I think.
Today, though, I was able to contribute. One of the major task areas was to do issue triage and fix up the team’s Trac instance. That was something I was (somewhat) qualified to do. I helped the team go through all the pending tickets, closing stale tickets (no response, unclear goals, redundant, etc.).
Then, using the categories developed by the team on Friday, I helped update the parameters on the Trac instance to match. I also set up a bunch of reports on Trac to match relevant agenda items for the reboot of the Design team meetings. This way, they can call up a set of reports to follow up on tickets methodically.
I even learned some good SQL-fu thanks to my buddy Langdon White. I finally got a start shedding my misunderstanding of joins, so I can do more complicated queries. One of the results was this report, which tells the team when an issue reporter is not responsive to questions, in line with the processes the team worked up on Friday.
People tried hard to make sure the FAD was remote accessible, so if you couldn’t be here, you could still monitor or participate. It was difficult to keep some of the facilities working. For instance, this afternoon I discovered that someone had bounced us from our own room on OpenTokRTC. That made it, well, rather difficult for us to broadcast there. I hope remote attendees will understand the difficulties and be confident we tried to make this a decent remote event.
Tonight I’ll probably think about some additional reports, and then do a little personal work. Tomorrow will be some more work sprints until I start chauffeuring people to the airport after lunch. I was happy to be part of the group and to help the participants have an effective FAD.
Each summer, Red Hat’s intern program brings in highly motivated and qualified students for a unique, enriching experience. Red Hat internships are demanding, challenging, and fun, just like our full-time jobs. They’re highly selective and (hopefully) highly rewarding for the participants. In the best cases, we find interns who are right for Red Hat, and we may look to hire them permanently after they leave school.
This year, the Fedora Engineering team has two summer intern positions open, and I wanted to make sure people in the community have seen them:
These internships expose students to Red Hat culture and give them opportunities to interact in person with other interns and Red Hat associates. For that reason, both internships are in the Westford, MA (USA) office. Being with other Red Hatters daily will help interns learn more about Red Hat as a company while they work on Fedora. (We may be flexible for a truly exceptional candidate.)
We’re still accepting applications, but we need to talk to specific candidates and make selections soon. So if one of these opportunities sounds like the perfect challenge, use the links above to get your application in before next week!
Like many people who celebrate holidays around this time of year, I’m taking some vacation time to spend with family and friends. This time helps me relax and recharge for the next year, which promises to be full of energy and new challenges. That’s especially important in a fast paced environment like working at Red Hat.
Quite a few of the Fedora Engineering team members, like me, are taking vacation time. They’ll be at varying levels of connection, so don’t be surprised if it takes longer to reach someone than usual. For example, I’ll be mostly away from the keyboard, visiting family or picking up some musical pursuits. I’ve encouraged our team to use the Fedora vacation calendar, so you know who might not be around. I’m starting my time off after today, and will return to duty Monday, January 5, 2015. (Wow, 2015 still sounds weird to me.)
I hope everyone in the Fedora community has a peaceful and joyous holiday season, and a happy and successful New Year!
This release has been a long time coming. It has been about a year since F20 release, and the pause we took as a community to embark upon the first steps of Fedora.next. I know many people have been anxious for the pause to be over. Finally the day has come and gone, and the release seems to be hitting on all cylinders!
I wanted to say thanks to the whole community that contributed to Fedora 21 release. It’s impossible to name everyone who helped, and if I leave someone out it might disappoint someone. So let me just say to everyone:
David Gay pointed me to an interesting project called Git by a Bus. Git by a Bus analyzes your git repository and attempts to quantify risk of having lots of code knowledge tied up in only a few people. Git by a Bus does its analysis by going through the repo history and making an estimate of what it calls unique knowledge.
This project blog page describes the analysis and metrics used. Perhaps this is a useful way to show how Fedora is doing as a project, across repositories like our web applications and infrastructure. It might show where we need to encourage further community development and participation so we avoid the “eaten by raptors” problem.
You might recall that “eaten by raptors” is Fedora shorthand for “hit by a bus” (violent idiom) or “going to work for another company” (not always applicable to Fedora, although certainly to Red Hat as a major contributor). We try to solve this problem by spreading project knowledge and documenting our processes. That way, if someone was eaten by velociraptors, the project can keep going without too much of a disturbance. This problem is common to any team or enterprise, not just open source. But I like to think our velociraptor spin is unique.
Here’s an example output I prepared for the MirrorManager project, which we use to provide content to Fedora mirrors worldwide. This is a potential example of high risk. One developer (the inimitable and awesome Matt Domsch) has unique knowledge of this project that is at risk if velociraptors manage to track and eat him. No doubt Matt would put up a good fight, but as you probably know they are clever girls.
Thankfully, there is a MirrorManager related Fedora Activity Day happening later this year. During that time the Fedora infrastructure, release engineering, and applications teams hope to accumulate and document more MM-related knowledge. At the same time they’ll be using this knowledge to architect, plan, and further develop the next revision of MirrorManager.
If you’re a principal in an FOSS project using git for your code, you might find Git by a Bus useful.
Today I received my brand new laptop, a Samsung ATIV 9+ (model 940X3G-K04), and of course my first exercise was to boot it on Fedora 21 Alpha. This model has the QHD+ 3200×1800 text display with a touchscreen, and a solid state 256 GB storage device.
First steps with Samsung ATIV 9+
I downloaded the manual on another system, which I read to discover I should hold down the F2 key at power-up to get into the BIOS setup.
I inserted a USB stick with Fedora 21 Alpha installed, before starting the laptop. By the way, I published a screencast on how to make that Live stick. Then I got into BIOS setup, and used the Boot options to enable booting from the USB stick.
I decide to make a full disk image of the pristine hard disk, compress it, and send it to backup just in case. I don’t feel like keeping 20 GB of the disk reserved for a Windows operating system I’m unlikely to use. So:
dd if=/dev/sda bs=1M | gzip -c | ssh firstname.lastname@example.org.X 'cat - > samsung-ativ-full-disk.img.gz'
I’m pretty sure this is going to tie up the laptop for longer than I’d like. On the plus side, it will give the CPU a bit of a burn-in as well. I ran through an installation after the disk copy was finished.
Booting after installation
The first hurdle was that the GRUB text screen is so small as to make it almost impossible to see for anyone over the age of 18. With the aid of a microscope I was able to find the right option to boot without testing.
Note #1: If the screen is also very dim, you can visit the BIOS setting to turn off the automatic screen dimming at boot time.
The actual boot from the Live USB stick was completely uneventful. Of course systemd was super-fast. In no time at all I was in the Live session.
Applications and interface
GNOME 3.14 did an excellent job detecting the HiDPI type display. The GNOME top bar and dock were sharp and readable. The display is gorgeous, quite comparable to a Retina-model MacBook Pro.
Some apps are still suffering a bit on HiDPI, though. LibreOffice and Firefox UI elements are far too small by default. Epiphany a.k.a. GNOME Web, on the other hand, works great. This is probably because GNOME Web responds to the overall GNOME display settings for HiDPI.
Note #2: To make the Firefox interface more HiDPI-friendly, visit the about:config URL page, and change the setting for layout.css.devPixelsPerPx to 2.
The Ctrl and Fn keys are reversed from my Lenovo x220 I’ve used for the last 3.5 years. Sigh, muscle memory. But the function keys mostly seem to work (other than the Windows specific ones).
Samsung ATIV 9+ touchpad issues
After hitting Fn+F5 to test the touchpad enable/disable function on the keyboard, I found the touchpad worked erratically. It sometimes didn’t work at all, even after a cold restart of the laptop. The pointer would disappear when the Terminal application or other text entries came to the foreground. The GNOME on-screen keyboard would emerge at these times, even if I didn’t need it and wasn’t touching the screen.
GNOME hacker and Fedora buddy Ray Strode, in his usual generous style, kindly entertained my questions and found some help for me. This seemed to do the trick:
sudo modprobe -r samsung_laptop gsettings set org.gnome.settings-daemon.plugins.peripherals.touchpad touchpad-enabled true
Ray opined that the routine that was catching the function key to disable touchpad was, for some reason, no longer catching it to re-enable. This might have something to do with the kernel module. I plan to investigate further next time I reboot the system.
This is where the enabling work in GNOME shines. A lot more systems these days have touch screens available. I love the fact that I can drag my apps around the screen with a finger as opposed to the touchpad. The standard auto-sizing targets at top, left and right all work well, so I can quickly maximize or half-size windows.
Unfortunately, the resizing handles on window sides and corners are difficult to grab accurately, which is frustrating. On HiDPI touchscreens, perhaps there’s a way to increase the size of these targets. Overall though, far more goodness than badness.
The keyboard backlight does not work if you install in EFI mode. Presumably, I should be able to reinstall the system after turning off Secure Boot in the BIOS, and then regain this capability. I’ll probably try that over the weekend so I don’t take more time away from productive work during the week.
The laptop itself seems to have sturdy build quality. It’s an attractive slate/charcoal color. The shell definitely shows oil from even clean, dry hands. The glossy touchscreen of course shows even more smudging. It would be nice if Samsung included a cleaning cloth.
I already love the touchscreen and find myself using it to quickly select the Activities overview, the GNOME settings at the upper right, and to swipe the notifications area into or out of view. The display is gorgeous and very bright even at half brightness.
One of the Samsung’s primary draws is its very slim profile. Besides the power adapter port and one USB 3.0 port on each side and the ubiquitous Kensington port, there is a mini-DisplayPort, a small port for the included gig-Ethernet dongle, a mini-HDMI port, and a TRRS-compatible 3.5mm headset port.
I wish the power adapter, whose jack is very slim and concerns me as potentially fragile, was something more like Apple’s “MagSafe” power connector. I’m sure that’s patented up and down to prevent anyone having such a feature. But for klutzes like me it’s definitely a huge help.
The 8GB of RAM seem well-suited, even generous, for a productivity user like myself who occasionally dabbles in virtual machine guests or other memory-intensive applications. It might be sub par for someone who has to run a lot of such apps often. But the ATIV 9+ seems weird to buy an ultralight laptop if that’s your use case, so I think 8GB is about right.
The 256GB solid state drive is incredibly fast. It’s my first SSD and I was shocked at the difference for doing not just the installation, but post-installation updates and software additions, as well as migrating my data over GbE from my older Lenovo x220 to the Samsung. It remains to be seen how the SSD stamina works out based on my routine style of use. However, I suspect if SSD is moving into the general marketplace it’s a good match for me since I’m usually more like a general productivity or creative content user.
I would say the ATIV 9+ is the best rival for the MacBook Air or Pro that I’ve seen.
CVE-2014-7169 is an additional security issue in the GNU bash shell that emerged after researchers discovered the fixes for CVE-2014-6271 did not completely solve the vulnerabilities they had identified. Fedora Magazine has a very useful story that tells you why these issues are important.
Since I already published a story on how to deal with CVE-2014-6271, I might as well do a quick followup here for my readers on how to deal with the additional vulnerability.
These instructions will allow you to quickly get packages from the Fedora Koji package build system to address both CVEs, without having to wait for them to propagate to Fedora’s worldwide mirror system.
Fedora 21 Alpha
Run these commands:
su -c "yum -y install koji" # provide root password... koji download-build --arch=$(uname -m) bash-4.3.25-2.fc21 su -c "yum localinstall bash-4.3.25-2.fc21.$(uname -m).rpm" # provide root password again...
Run these commands:
su -c "yum -y install koji" # provide root password... koji download-build --arch=$(uname -m) bash-4.2.48-2.fc20 su -c "yum localinstall bash-4.2.48-2.fc20.$(uname -m).rpm" # provide root password again...
Run these commands:
su -c "yum -y install koji" # provide root password... koji download-build --arch=$(uname -m) bash-4.2.48-2.fc19 su -c "yum localinstall bash-4.2.48-2.fc19.$(uname -m).rpm" # provide root password again...
Hope this helps!
IMPORTANT: Refer to this update for revised instructions.
What is CVE-2014-6271?
CVE-2014-6271 is a GNU bash vulnerability that permits specially-crafted environment variables to inject shell commands. This is a fairly serious issue. If you don’t want to wait out the hours until stable updates are issued to fix your Fedora system, here’s what you can do. (The Fedora Project may choose to issue some official guidance, this is just my own helpful hint.)
Fedora 21 Alpha
Run these commands:
su -c "yum -y install koji" # provide root password... koji download-build --arch=$(uname -m) bash-4.3.22-3.fc21 su -c "yum localinstall bash-4.3.22-3.fc21.$(uname -m).rpm" # provide root password again...
Run these commands:
su -c "yum -y install koji" # provide root password... koji download-build --arch=$(uname -m) bash-4.2.47-4.fc20 su -c "yum localinstall bash-4.2.47-4.fc20.$(uname -m).rpm" # provide root password again...
Run these commands:
su -c "yum -y install koji" # provide root password... koji download-build --arch=$(uname -m) bash-4.2.47-2.fc19 su -c "yum localinstall bash-4.2.47-2.fc19.$(uname -m).rpm" # provide root password again...
Hope this helps!
I know there are a ton of posts about Fedora 21 Alpha hitting the Fedora Planet, and hopefully elsewhere on the web. But I couldn’t resist saying congratulations to the Fedora community on getting this release out.
We’ve had a long release cycle for Fedora 20 to accommodate a lot of thought and planning. How do we get three products out in place of one? How will we build them? What needs to change? How do we get the bits into place for releases? It’s a lot of work, and we’re not done yet. I suspect that we’ll see further change in the Fedora 22 cycle — although I’d also bet we won’t want to extend another cycle for it.
For my part as manager of the Fedora Engineering team, I am proud of the work all the folks on the team have done to support Fedora 21 Alpha. From changes to infrastructure, to work on new web applications to support multiple products, to notifying Fedora Project members of activity and contribution, to making things generally more beautiful, the team is tireless in their effort to serve the community. As always, my hat is off to them with awe and inspiration.
And of course it’s also off to you, the many, many members of the Fedora Project overall. From Ambassadors to Marketing to Docs to Translation to Websites to… whew. I ran out of breath there. But all of you folks rock!
If you want to pick a copy of any of the new Fedora products — Fedora Server, Fedora Cloud, or Fedora Workstation — just visit the prerelease download page featuring Fedora 21 Alpha, and take your pick.