20220209_FCOS-Fedora-36-Changes-Discussion

This document seeded from the tracker issue to facilitate discussion and notekeeping.

Fedora 36 System-Wide Changes (wiki source)

✔️ OpenSSL3.0 👉 https://github.com/coreos/fedora-coreos-tracker/issues/876
- The OpenSSL package is rebased to version 3.0 and the dependent packages are rebuilt.
- Tracking bug: #1825937
- NOTES: Affects e.g. rpm-ostree and coreos-installer, https://gitlab.com/redhat/centos-stream/rpms/rpm-ostree/-/merge_requests/2
Introduce module Obsoletes and EOL
- Fix Fedora upgradability issues when upgrading systems with module streams enabled.
- Tracking bug: #1834844
DNS Over TLS
- Fedora will attempt to use DNS over TLS (DoT) if supported by configured DNS servers.
- Tracking bug: #1889901
✔️ DNF/RPM Copy on Write enablement for all variants
- RPM Copy on Write provides a better experience for Fedora Users as it reduces the amount of I/O and offsets CPU cost of package decompression. RPM Copy on Write uses reflinking capabilities in btrfs, which is the default filesystem starting from Fedora 33 for most variants. Note that this behavior is not being turned on by default for this Change.
- Tracking bug: #1915976
- JL: not relevant for OSTree-based variants, but definitely related to OSTree conceptually so worth keeping an eye on it at a high-level
- TR: Probably an RFE for rpm-ostree
✔️ Autoconf-2.71
- Autoconf upgrade from version 2.69 to the last upstream version 2.71 in Fedora.
- Tracking bug: #1936597
- LB: skip, not a runtime concern
✔️ Package information on ELF objects
- All binaries (executables and shared libraries) are annotated with an ELF note that identifies the rpm for which this file was built. This allows binaries to be identified when they are distributed without any of the rpm metadata. systemd-coredump uses this to log package versions when reporting crashes.
- Tracking bug: #1956946
- LB: skip, should be a transparent change
✔️ libffi 3.4
- Update libffi in Fedora 36 from libffi 3.1 to libffi 3.4 (released June 28 2021), and provide a libffi3.1 compatibility package to handle the library SONAME transition.
- Tracking bug: #1990553
- LB: skip, mass rebuild should take care of this
✔️ MinGW debug symbols location change
- Store debug files of mingw PE binaries below /usr/lib/debug.
- Tracking bug: #1997493
- LB: skip, should not concern FCOS
✔️ Install only newly recommended packages on upgrades with dnf/PackageKit/microdnf
- We would like to change a default behavior dnf/PackageKit/microdnf to install only newly recommended packages on upgrades. Internally we will change exclude_from_weak_autodetect configuration option to True. exclude_from_weak_autodetect enables autodetection of unmet weak dependencies (Recommends or Supplements) of installed packages and blocks installation of packages satisfying already unmet dependencies. In other words: When you don't have the recommended package installed, it won't be automatically installed with future upgrades of the recommending package.
- Tracking bug: #2013327
- JL: skip: we don't ship dnf, we don't turn on recommends, and "upgrades" work differently on FCOS anyway
✔️ Enforce Authselect Configuration Consistency
- This change wants to make authselect required to configure authentication and identity sources and forcefully update non-authselect configuration to the sssd authselect profile to eliminate any existing non-authselect setups.
- Tracking bug: #2019052
- JL: This has affected FCOS and we've already adapted to it by working with the maintainer. All issues should be resolved now.
Drop NIS(+) support from PAM
- This change is about dropping user-authentication using NIS(+) from PAM.
- Tracking bug: #2021660
- JL: may affect users who use NIS+? likely not though. If so, we should direct them to e.g. LDAP or FreeIPA as the Change proposal suggests. so overall, skip.
✔️ Openldap-2.5+
- OpenLDAP upgrade from version 2.4.59 to the latest upstream version 2.6.1 in Fedora.
- Tracking bug: #2021662
- JL: no immediate action, though may affect users using OpenLDAP: "Years of development differ between these two releases, so problems are expected."
✔️ Replace the fbdev drivers with simpledrm and the DRM fbdev emulation layer
- This change replaces the legacy Linux frame buffer device (fbdev) drivers that are still used in Fedora, with the latest simpledrm driver and the DRM fbdev emulation layer.
- Tracking bug: #2022385
- JL: this should be entirely transparent to us.
✔️ Retire the NIS(+) user-space utility programs
- This change is about retiring the ypbind, yp-tools, and ypserv packages, and removal of the {nis,yp}domainname user-space utility programs from the hostname package.
- Tracking bug: #2022386
- JL: may affect users who use NIS+? likely not though. If so, we should direct them to e.g. LDAP or FreeIPA as the Change proposal suggests. so overall, skip.
✔️ java-17-openjdk as system JDK in F36
- Update the system JDK in Fedora from java-11-openjdk to java-17-openjdk.
- Tracking bug: #2024265
- JL: skip; we don't ship Java
✔️ ~~ELN-Extras~~
- ELN-extras will be a new build target and compose similar in behavior to ELN, but closer to EPEL in function. It will be a place to prepare and maintain packages that may be desired for EPEL N+1 while RHEL N+1 is still being incubated in ELN.
- ~~Tracking bug: #2028161~~
- JL: skip; we don't ship or consume or monitor anything from EPEL/ELN currently AFAIK
✔️ ostree native containers / CoreOS layering
- Enhance the (rpm-)ostree stack to natively support OCI/Docker containers as a transport and delivery mechanism for operating system content.
- Tracking bug: #2030707
- JL: this is from us :) we are already tracking and working on it.
✔️ Switch GnuTLS to allowlisting
- Presently, crypto-policies controls GnuTLS in a way that "hard-disables" select algorithms, leaving no option for the applications using GnuTLS to reenable said algorithms back. We propose switching to more future-proof allowlisting-based configuration method and offering API within GnuTLS to loosen the system defaults for specific processes.
- Tracking bug: #2034631
- JL: no immediate action, but we should keep an eye out on any possible fallout from some OS components
✔️ Wayland By Default with NVIDIA proprietary Driver
- Enable Wayland sessions by default in GDM even with the NVIDIA proprietary driver.
- Tracking bug: #2037387
- JL: skip; we don't ship a GUI
Golang 1.18
- Rebase of Golang package to upcoming version 1.18 in Fedora 36, including the rebuild of all dependent packages(the pre-release version of Go will be used for the rebuild if released version will not be available at the time of the mass rebuild).
- Tracking bug: #2037868
- JL: no immediate action needed from us, but we should keep an eye on Golang-related fallout in our Go-based tooling and OS components. should add 1.18 to upstream CIs once it's out.
✔️ LLVM 14
- Update all llvm sub-projects in Fedora Linux to version 14.
- Tracking bug: #2040428
- JL: skip; AFAIK none of our projects use LLVM directly (and AFAIK Rust has its own vendored LLVM)
✔️ Ruby 3.1
- Ruby 3.1 is the latest stable version of Ruby. Many new features and improvements are included for the increasingly diverse and expanding demands for Ruby. With this major update from Ruby 3.0 in Fedora 35 to Ruby 3.1 in Fedora 36, Fedora becomes the superior Ruby development platform.
- Tracking bug: #2040429
- JL: skip; we don't ship Ruby
✔️ %set_build_flags for %build, %check, and %install phases
- Call %set_build_flags macro automatically at the beginning of the %build, %check, and %install phases of RPM builds in Fedora Linux. This will ensure that the compiler flag environment variables are set for every RPM build.
- Tracking bug: #2040430
- JL: skip; should mostly be transparent to us. At least rpm-ostree and ostree use the %configure macro so already get those flags.
✔️ Default To Noto Fonts
- Changing the default fonts for various languages to Noto Fonts as much as possible, to make consistency on the text rendering.
- Tracking bug: #2041929
- JL: skip; we don't ship fonts
✔️ Hunspell Dictionary dir change
- Update Hunspell Dictionary system directory from /usr/share/myspell/ to /usr/share/hunspell/
- Tracking bug: #2041930
- LB+JL: skip, this regressed in rpm-ostree and is tracked at https://github.com/coreos/rpm-ostree/issues/3418 (affects FSB, but not FCOS where we don't ship this)
✔️ Relocate RPM database to /usr
- Currently, the RPM databases is located in /var. Let's move it to /usr. The move is already under way in rpm-ostree-based installations, and in (open)SUSE.
- Tracking bug: #2042099
- JL: skip; already tracked in rpm-ostree:
  - rpm-ostree tracker: https://github.com/coreos/rpm-ostree/issues/3397
  - temporary workaround: https://github.com/coreos/rpm-ostree/issues/3397

Fedora 36 Accepted Self-Contained Changes (wiki source)

✔️ glibc 32 Build Adjustments
- The glibc32 package is a special package used by gcc and a few other packages to work around the lack of RPM multilib repository support in Koji. It is difficult to maintain, and the current approach raises questions regarding (L)GPL compliance.
- Tracking bug: #1598524
- NOTES: We don't ship this in FCOS
✔️ Ship BerkleyDB backend as a module
- Change the openldap-servers package so that BDB and HDB backends are required to be dynamically loaded.
- Tracking bug: #1740811
- NOTES: We don't ship this in FCOS
✔️ Modular GNOME Keyring services
- The monolithic daemon provided by GNOME Keyring will be split into dedicated sub-daemons, so that they can be consistently managed by systemd.
- Tracking bug: #1899998
- NOTES: We don't ship this in FCOS
✔️ Remove nscd
- This proposal intends to remove the nscd cache for named services in Fedora 35. nscd is already planned for deprecation in Fedora 34. The functionality it currently provides can be achieved by using systemd-resolved for DNS caching and the sssd daemon for everything else.
- Tracking bug: #1905142
- NOTES: We don't ship this in FCOS
- NOTES: We should be good on this one because we're fully enabling systemd-resolved in F35+ (See https://github.com/coreos/fedora-coreos-tracker/issues/879#issuecomment-880353004)
✔️ SOF as default audio driver for Intel LPE hardware
- Intel LPE audio hardware has 2 drivers in the mainline kernel the SST driver and the SOF driver, switch the default driver from SST to SOF.
- Tracking bug: #1924101
- NOTES: This concerns only audio devices users. This should not impact FCOS
✔️ PHP 8.1
- Update the PHP stack in Fedora to latest version 8.1.x
- Tracking bug: #2014559
- NOTES: We don't ship this in FCOS
✔️ Setuptools 58+
- Update to a new upstream release of python-setuptools that is not completely compatible with previous releases. Since version 58+ upstream removed support for 2to3 during builds. This is a breaking change and projects are encouraged to port to a unified codebase.
- Tracking bug: #2016051
- NOTES: We don't ship this in FCOS
Retired Packages
- Ease the task of removing packages, which were retired and no longer receives updates.
- Tracking bug: #2018192
- NOTES: We should check that don't ship retired packages in FCOS
✔️ Ansible 5
- The ansible project has re-organized how they release and distribute ansible. This change moves Fedora to be in sync with those changes and retires the old 'ansible classic/2.9.x' package in favor of a 'ansible' package that pulls in ansible-core (the engine) and includes all the collections in upstream ansible releases.
- Tracking bug: #2019517
- NOTES: We don't ship this in FCOS
✔️ Rubygem Cucumber 7.1.0
- Rubygem-cucumber 7.1.0 is the latest version of the popular integration BDD testing framework for Ruby.
- Tracking bug: #2022392
- NOTES: We don't ship this in FCOS
✔️ Stratis 3.0.0
- Stratis 3.0.0 includes many internal improvements, bug fixes, and user-visible changes.
- Tracking bug: #2023360
- NOTES: We don't ship this in FCOS today. Tracking issue for Stratis support in FCOS is https://github.com/coreos/fedora-coreos-tracker/issues/722
✔️ Remove .la files from buildroot
- Autools/libtool-based projects frequently install files ending in .la in their make install. These files are usually unwanted. Many projects therefore end up with a variation of find $RPM_BUILD_ROOT -name "*.la" -delete in their %install section.
- Tracking bug: #2024312
- NOTES: This is for packaging only. Should not impact FCOS directly
✔️ Remove Wire Extensions Support
- The legacy wireless extensions interface was replaced by the new mac80211/cfg80211 interface in 2007. The legacy Wireless Extensions support has been long deprecated and only supports long EOL WiFi encryption like WEP so it's time to disable it and remove it.
- Tracking bug: #2028168
- DWM: No action needed. This is removing very old wireless encryption (WEP) support. By default we don't use WiFi in FCOS. There is no reason for us to differ from the rest of Fedora here.
✔️ Unit Names in Systemd Messages
- The default format of messages printed by systemd to the console and the journal is changed from "Starting Frobnicating Daemon…" / "Started Frobnicating Daemon" to "Starting frobnicator.service — Frobnicating Daemon…" / "Started frobnicator.service — Frobnicating Daemon".
- Tracking bug: #2028169
- LB: skip, no action needed for FCOS
✔️ Plocate as the default locate implementation
- The venerable mlocate program is replaced by plocate — a compatible reimplementation that is faster and uses less disk space.
- Tracking bug: #2030710
- DWM: No action needed. We don't ship mlocate so we won't ship plocate.
✔️ PostgreSQL 14
- Update of PostgreSQL (postgresql and libpq components) in Fedora from version 13 to version 14 in the non-modular (main) builds.
- Tracking bug: #2032030
- DWM: No action needed. We don't ship PostgreSQL.
✔️ LXQt 1.0.0
- Update LXQt to 1.0.0 in Fedora.
- Tracking bug: #2032951
- DWM: No action needed. We don't use the LXQt Desktop Environment in FCOS.
✔️ Users are administrators by default in the installer GUI
- The Anaconda installer GUI will have the administrative rights checkbox on the User screen ticked by default.
- Tracking bug: #2032952
- DWM: No action needed. We don't use the Anaconda Installer.
✔️ GHC compiler parallel version installs
- Introduce ghcX.Y packages to Fedora which can be parallel installed, in addition to the main ghc package.
- Tracking bug: #2037390
- LB: skip, should not concern FCOS
✔️ Django 4.0
- Update Django to version 4.0.
- Tracking bug: #2043667
- DWM: No action needed. We don't ship Django in FCOS.
Keylime subpackaging and agent alternatives
- The keylime package will be split into subpackages per role (agent, registrar, verifier, and admin components), while allowing the alternative agent implementation in Rust.
- Tracking bug: #2045874
- TR: Tracked in https://github.com/coreos/fedora-coreos-tracker/issues/982
✔️ No ifcfg by default
- Do not include NetworkManager support for legacy network configuration files by in new installations.
- Tracking bug: #2045875
- DWM: No action needed. We haven't supported ifcfh style networking configuration files from the beginning.
✔️ New requirements for akmods binary kernel modules for Silverblue / Kinoite support
- In order to improve the current support for akmods based binary kernel modules in Silverblue/Kinoite, this change introduces a new dependency in akmods to a meta package that strongly links the version of a kernel package with its -devel sub-package.
- Tracking bug: #2046331
- DWM: No action needed. We don't support akmods based binary kernel modules.
✔️ Ibus-table cangjie default for zh_HK
- Make ibus-table cangjie the default input method for zh_HK (Hongkong) locale.
- Tracking bug: #2046333
- DWM: No action needed. We don't ship any ibus packages in FCOS.
✔️ Malayalam Default Fonts Update
- This change will update existing default Malayalam fonts and also rename to new upstream source, which brings improved text shaping, better glyphs for readability, Unicode 13 support, Appstream data amongst other improvements.
- Tracking bug: #2046425
- DWM: No action needed. We don't ship these fonts in FCOS
✔️ MLT-7
- Update MLT to version 7.4 (latest version)
- Tracking bug: #2050376
- DWM: No action needed. We don't ship the MLT multimedia framework in FCOS.
✔️ Ruby on Rails 7.0
- Ruby on Rails 7.0 is the latest version of well known web framework written in Ruby.
- Tracking bug: #2050377
- DWM: No action needed. We don't ship Ruby in FCOS.
✔️ Wayland by Default for SDDM
- Change the default display server mode for SDDM to use a Wayland-based greeter rather than an X11-based one.
- Tracking bug: #2050378
- DWM: No action needed. FCOS doesn't use the SDDM graphical display manager.
✔️ Cockpit File Sharing
- A cockpit module to make file sharing with Samba and NFS easier.
- Tracking bug: #2050752
- DWM: No changes for us. FCOS doesn't use cockpit directly.
✔️ Authselect: Require explicit opt-out
- Any user changes to a configuration generated by authselect will be overwritten by subsequent call to authselect. Users that do not want to use authselect to manage their nsswitch and PAM configuration can opt-out by calling authselect opt-out or removing /etc/authselect/authselect.conf. It will also make authselect work on CoreOS and other rpm-ostree systems.
- Tracking bug: #2051545
- DWM: No action for us is needed. This change was essentially requested by us to workaround issues with writing to /var/ during RPM Scriptlets.
  - https://github.com/coreos/fedora-coreos-tracker/issues/1051
✔️ Silverblue and Kinoite will have /var on its own Btrfs subvolume
- Silverblue and Kinoite: For new clean automatic (guided) installations, create a "var" subvolume to be mounted at /var.
- Tracking bug: #2051550
- DWM: Fedora CoreOS is not Silverblue or Kinoite

Syntax	Example	Reference
# Header	Header	基本排版
- Unordered List	Unordered List
1. Ordered List	Ordered List
- [ ] Todo List	Todo List
> Blockquote	Blockquote
Bold font	Bold font
Italics font	Italics font
~~Strikethrough~~	~~Strikethrough~~
19^th^	19^th
H~2~O	H₂O
++Inserted text++	Inserted text
==Marked text==	Marked text
[link text](https:// "title")	Link
![image alt](https:// "title")	Image
`Code`	`Code`	在筆記中貼入程式碼
```javascript var i = 0; ```	`var i = 0;`	在筆記中貼入程式碼
:smile:		Emoji list
{%youtube youtube_id %}	Externals
$L^aT_eX$	L^aT_eX
:::info This is a alert area. :::	This is a alert area.