Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fedora 41 template #9244

Closed
7 of 8 tasks
marmarek opened this issue May 18, 2024 · 28 comments · Fixed by QubesOS/qubes-posts#140
Closed
7 of 8 tasks

Fedora 41 template #9244

marmarek opened this issue May 18, 2024 · 28 comments · Fixed by QubesOS/qubes-posts#140
Labels
C: Fedora P: default Priority: default. Default priority for new issues, to be replaced given sufficient information. T: enhancement Type: enhancement. A new feature that does not yet exist or improvement of existing functionality.

Comments

@marmarek
Copy link
Member

marmarek commented May 18, 2024
edited by andrewdavidwong
Loading

Fedora 41 (https://fedorapeople.org/groups/schedule/f-41/f-41-key-tasks.html) is planned for end of October 2024. Tasks below should start after mass rebuild (planned for July/August).

Tasks:

  • build all packages
  • fix: The current post-upgrade hook is not able to reset the updates-available feature after successful upgrades
  • update rpmfusion to final released version
  • build the template
  • document
  • upload to testing repo
  • migrate to stable repo
  • announce

If any issue affects Fedora 41 specifically (build failures, things that worked fine before etc.), please add reference to this issue too.
@marmarek marmarek added T: enhancement Type: enhancement. A new feature that does not yet exist or improvement of existing functionality. P: default Priority: default. Default priority for new issues, to be replaced given sufficient information. C: Fedora labels May 18, 2024
marmarek added a commit to QubesOS/qubes-builder-rpm that referenced this issue May 18, 2024
@marmarek
Add Fedora 41 key
4e44c5c 
QubesOS/qubes-issues#9244
fepitre added a commit to fepitre/qubes-builderv2 that referenced this issue May 18, 2024
@fepitre
chroot_rpm: support for Fedora 41
f56430e 
Fixes QubesOS/qubes-issues/issues/9244
fepitre added a commit to fepitre/qubes-builderv2 that referenced this issue May 18, 2024
@fepitre
chroot_rpm: support for Fedora 41
5ed1edb 
QubesOS/qubes-issues/issues/9244
This was referenced May 18, 2024
Merged
Merged
marmarek added a commit to QubesOS/qubes-app-linux-img-converter that referenced this issue Aug 9, 2024
@marmarek
rpm: mark packages as noarch
127e55d 
There is no compiled binaries here, only shell, python and a bunch of
config files.

QubesOS/qubes-issues#9244
marmarek added a commit to QubesOS/qubes-app-yubikey that referenced this issue Aug 9, 2024
@marmarek
rpm: mark packages as noarch
4ab76d9 
There is no compiled binaries here, only shell and a bunch of config
files.

QubesOS/qubes-issues#9244
marmarek added a commit to QubesOS/qubes-screenshot-helper that referenced this issue Aug 9, 2024
@marmarek
rpm: mark packages as noarch
06ab2ae 
There is no compiled binaries here, only shell and a bunch of config
files.

QubesOS/qubes-issues#9244
marmarek added a commit to QubesOS/qubes-screenshot-helper that referenced this issue Aug 9, 2024
@marmarek
rpm: mark packages as noarch
6cc795c 
There is no compiled binaries here, only shell and a bunch of config
files.

QubesOS/qubes-issues#9244
marmarek added a commit to QubesOS/qubes-desktop-linux-xfce4 that referenced this issue Aug 9, 2024
@marmarek
rpm: mark packages as noarch
bfd3739 
There is no compiled binaries here, only a bunch of config files.

QubesOS/qubes-issues#9244
marmarek added a commit to QubesOS/qubes-desktop-linux-i3-settings-qubes that referenced this issue Aug 9, 2024
@marmarek
rpm: mark packages as noarch
9b7001e 
There is no compiled binaries here, only shell, python and a bunch of
config files.

QubesOS/qubes-issues#9244
marmarek added a commit to QubesOS/qubes-dummy-backlight that referenced this issue Aug 9, 2024
@marmarek
rpm: mark packages as noarch
0fb3687 
There is no compiled binaries here, only DKMS module (source code).

QubesOS/qubes-issues#9244
marmarek added a commit to QubesOS/qubes-linux-pvgrub2 that referenced this issue Aug 9, 2024
@marmarek
rpm: drop obsolete magic for building on sparc
74a88d8 
We don't build for sparc, but even if we would, this part isn't in
upstream spec anymore. OTOH, this file-based dependency breaks on F41.

QubesOS/qubes-issues#9244
marmarek added a commit to QubesOS/qubes-trousers-changer that referenced this issue Aug 9, 2024
@marmarek
rpm: mark packages as noarch
32c9e5c 
There is no compiled binaries here, only shell and a bunch of config
files.

QubesOS/qubes-issues#9244
marmarek added a commit to QubesOS/qubes-antievilmaid that referenced this issue Aug 9, 2024
@marmarek
rpm: mark packages as noarch
d47795c 
There is no compiled binaries here, only shell and a bunch of config
files.

QubesOS/qubes-issues#9244
marmarek added a commit to marmarek/qubes-xscreensaver that referenced this issue Aug 9, 2024
@marmarek
Fix logo type declaration
c119687 
Make it match other images. This fixes building on F41.

QubesOS/qubes-issues#9244
@qubesos-bot qubesos-bot mentioned this issue Aug 11, 2024
Open
marmarek added a commit to QubesOS/qubes-release-configs that referenced this issue Aug 12, 2024
@marmarek
R4.3: enable building vm-fc41 packages
5baae64 
QubesOS/qubes-issues#9244
marmarek added a commit to QubesOS/qubes-release-configs that referenced this issue Aug 12, 2024
@marmarek
R4.2: add F41, remove F37 and F38
c402905 
QubesOS/qubes-issues#9244
This was referenced Aug 13, 2024
Closed
Open
marmarek added a commit to QubesOS/qubes-continuous-integration that referenced this issue Aug 13, 2024
@marmarek
R4.3: add vm-fc41 jobs
6c1b881 
QubesOS/qubes-issues#9244
This was referenced Aug 13, 2024
Open
Closed
marmarek added a commit to QubesOS/qubes-continuous-integration that referenced this issue Aug 14, 2024
@marmarek
Adjust install script for dnf5
c84e093 
QubesOS/qubes-issues#9244
marmarek added a commit to QubesOS/qubes-continuous-integration that referenced this issue Aug 15, 2024
@marmarek
Adjust install script for DNF5 once more
837b36c 
--allowerasing is supported, but it must be placed after the action
"install". Since old dnf doesn't care, move the option in any case.

QubesOS/qubes-issues#9244
@marmarek marmarek mentioned this issue Aug 17, 2024
Merged
@marmarek
Copy link
Member Author

Indeed, this looks to be included only in 3007.1 release, not any 3006.x

@marmarek
Copy link
Member Author

There is salt 3007.1 package for F42: https://src.fedoraproject.org/rpms/salt. I wonder if it will get published to F41 too.

@marmarek
Copy link
Member Author

https://bugzilla.redhat.com/show_bug.cgi?id=2279304 suggests it will be.

@marmarek
Copy link
Member Author

The qubes-app-shutdown-idle package is missing.

It's in current-testing now

@Minimalist73
Copy link

I'm not sure why I didn't see this before, but all my qubes running on Fedora 41 have memory issues. They are all stuck at the initial memory and won't bump to the maximum memory.

[user@disp2462 ~]$ free -mh
               total        used        free      shared  buff/cache   available
Mem:           445Mi       272Mi        18Mi       268Ki       165Mi       172Mi
Swap:          1.0Gi        39Mi       984Mi

I see that in the logs:

disp2462 audit[684]: AVC avc:  denied  { read } for  pid=684 comm="qrexec-agent" name="meminfo-writer.pid" dev="tmpfs" ino=791 scontext=system_u:system_r:local_login_t:s0-s0:c0.c1023 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=0
disp2462 audit[684]: AVC avc:  denied  { read } for  pid=684 comm="qrexec-agent" name="meminfo-writer.pid" dev="tmpfs" ino=791 scontext=system_u:system_r:local_login_t:s0-s0:c0.c1023 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=0
disp2462 audit[684]: AVC avc:  denied  { read } for  pid=684 comm="qrexec-agent" name="meminfo-writer.pid" dev="tmpfs" ino=791 scontext=system_u:system_r:local_login_t:s0-s0:c0.c1023 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=0
disp2462 kernel: audit: type=1400 audit(1732034995.035:110): avc:  denied  { read } for  pid=684 comm="qrexec-agent" name="meminfo-writer.pid" dev="tmpfs" ino=791 scontext=system_u:system_r:local_login_t:s0-s0:c0.c1023 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=0
disp2462 audit[684]: AVC avc:  denied  { read } for  pid=684 comm="qrexec-agent" name="meminfo-writer.pid" dev="tmpfs" ino=791 scontext=system_u:system_r:local_login_t:s0-s0:c0.c1023 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=0
disp2462 kernel: audit: type=1400 audit(1732035025.188:113): avc:  denied  { read } for  pid=684 comm="qrexec-agent" name="meminfo-writer.pid" dev="tmpfs" ino=791 scontext=system_u:system_r:local_login_t:s0-s0:c0.c1023 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=0
disp2462 audit[684]: AVC avc:  denied  { read } for  pid=684 comm="qrexec-agent" name="meminfo-writer.pid" dev="tmpfs" ino=791 scontext=system_u:system_r:local_login_t:s0-s0:c0.c1023 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=0
disp2462 kernel: audit: type=1400 audit(1732035301.880:126): avc:  denied  { read } for  pid=684 comm="qrexec-agent" name="meminfo-writer.pid" dev="tmpfs" ino=791 scontext=system_u:system_r:local_login_t:s0-s0:c0.c1023 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=0

Setting SELinux globally to permissive seems to bring all my qubes back to maximum memory, so I guess that's related to those denied selinux rules.

Closed
@marmarek
Copy link
Member Author

I see that in the logs:

The issue is fixed in QubesOS/updates-status#5240. I'll rebuild remaining templates once QubesOS/qubes-builder-rpm#139 is done.

@Minimalist73
Copy link

I see that in the logs:

The issue is fixed in QubesOS/updates-status#5240. I'll rebuild remaining templates once QubesOS/qubes-builder-rpm#139 is done.

Is there any manual action we can do to fix an already installed template, or do we need to reinstall from this new template?

@marmarek
Copy link
Member Author

Is there any manual action we can do to fix an already installed template, or do we need to reinstall from this new template?

Try removing /.qubes-relabeled in the template and restarting it - it should fix labels on startup; it may take some time, might require increasing qrexec_timeout property.

@Minimalist73
Copy link

Is there any manual action we can do to fix an already installed template, or do we need to reinstall from this new template?

Try removing /.qubes-relabeled in the template and restarting it - it should fix labels on startup; it may take some time, might require increasing qrexec_timeout property.

I tried it a few times at first, but it didn't work for any of my templates. It seems I had to reinstall all the selinux related packages first and then proceed with relabeling for it to work. Probably some of them were half installed, no idea. Anyway, thanks!

marmarek added a commit to marmarek/qubes-builderv2 that referenced this issue Nov 26, 2024
@marmarek
template: consider also no-flavor dir when looking for appmenus
06cbff6 
When building a template, look for appmenus under the following names:
- appmenus_(dist-codename)_(flavor)
- appmenus_(dist-codename)
- appmenus_(dist-name)_(dist-ver)_(flavor)
- appmenus_(dist-name)_(flavor)
- appmenus_(dist-name)_(dist-ver) <- added in this commit
- appmenus_(dist-name)
- appmenus

Where `(dist-codename)` is for example `fc41`, `(dist-name)` is for
example `fedora` and `(dist-ver)` is for example `41`.

For fedora-41 template (empty flavor) it means appmenus can be placed in
`appmenus_fedora_41` directory, instead of `appmenus_fedora_41_`. And
that `appmenus_fedora_41` (instead of `appmenus_fedora`) will be used
also for Fedora 41 flavors that don't have have its own flavor-specific
directory.

Keeing `appmenus_(dist-name)_(flavor)` above version specific dir allows
keeping common `appmenus_fedora_minimal`, instead of needing to
duplicate it for each version (which would be the case if
`appmenus_(dist-name)_(dist-ver)` would be above
`appmenus_(dist-name)_(flavor)`). In other words, only-flavor-specific
dir have priority over only-version-specific dir.

QubesOS/qubes-issues#9244
@marmarek marmarek mentioned this issue Nov 26, 2024
Merged
@marmarek
Copy link
Member Author

All template flavors are rebuilt now and should have the SELinux issue fixed.

marmarek added a commit to QubesOS/qubes-builder-rpm that referenced this issue Nov 30, 2024
@marmarek
Adjust default menu entries for fedora-41-xfce flavor too
94ec6f9 
Use org.mozilla.firefox.desktop name instead of firefox.desktop.

QubesOS/qubes-issues#9244
marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Nov 30, 2024
@marmarek
tests: test ptyxis on newer fedora template instead of gnome-terminal
39cb173 
QubesOS/qubes-issues#9244
marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Nov 30, 2024
@marmarek
tests: test ptyxis on newer fedora template instead of gnome-terminal
f741107 
QubesOS/qubes-issues#9244
marmarek added a commit to marmarek/qubes-core-admin that referenced this issue Nov 30, 2024
@marmarek
tests: test ptyxis on newer fedora template instead of gnome-terminal
1266acb 
QubesOS/qubes-issues#9244
Open
@marmarek
Copy link
Member Author

marmarek commented Dec 6, 2024

@andrewdavidwong no new issues are found, I think it's stable enough to announce it. Can you prepare the announcement?

@andrewdavidwong andrewdavidwong mentioned this issue Dec 6, 2024
Merged
andrewdavidwong added a commit to QubesOS/qubes-doc that referenced this issue Dec 7, 2024
@andrewdavidwong
Update supported Fedora templates
01165e5 
- Remove Fedora 39 (EOL)
- Add Fedora 41 (QubesOS/qubes-issues#9244)
marmarek added a commit to QubesOS/qubes-core-admin that referenced this issue Dec 8, 2024
@marmarek
tests: adjust clicking on Thunderbird for Fedora 41
0ae9993 
Thunderbird 128 on Fedora 41 presents buttons as 'button' role instead
of 'push button'. Adjust test accordingly.

QubesOS/qubes-issues#9244

(cherry picked from commit 985bcce)
marmarek added a commit to QubesOS/qubes-qubes-release that referenced this issue Dec 8, 2024
@marmarek
Update Fedora template to F41 on installation image
fc128d7 
QubesOS/qubes-issues#9244
@qubesos-bot qubesos-bot mentioned this issue Dec 8, 2024
Open
marmarek added a commit to QubesOS/qubes-qubes-release that referenced this issue Dec 8, 2024
@marmarek
Update Fedora template to F41 on installation image
c6f3f9e 
QubesOS/qubes-issues#9244

(cherry picked from commit fc128d7)
This was referenced Dec 8, 2024
Open
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
C: Fedora P: default Priority: default. Default priority for new issues, to be replaced given sufficient information. T: enhancement Type: enhancement. A new feature that does not yet exist or improvement of existing functionality.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Announcement: Fedora 41 templates available QubesOS/qubes-posts
7 participants
@rapenne-s @marmarek @alimirjamali @rustybird @Minimalist73 @lubellier @aronowski