Xfce 4.10 pre1 was released on 2012-04-01 (no joke! :) In the last week I have built and landed it in Fedora rawhide, including rebuilding all the plugins against the new libraries. The only application left I know of that has issues is xfburn. I'll be working on that in the next few days, in the mean time you will probibly want to remove it so you can update the rest of the stack. I've also setup a Fedora 17 side repo with all these packages built. You can find it at: http://repos.fedorapeople.org/repos/kevin/xfce-4.10/ I'm running it here and it seems to be pretty stable so far. Of course it's only a pre1, so there could well be problems. Save your work often. :) Please report bugs on these packages to the fedora-xfce list or directly to me, to avoid confusion with the normal 4.8 packages in Fedora 17. Comments and corrections and welcome for our Fedora 18 Feature page: Xfce-4.10

I got a little email note from the Red Hat HR folks today congratulating me on my 1 year anniversary with Red Hat. It really has gone by so quickly, so much to do, so much to learn, so much to work on. Hopefully I've made a difference and kept things running smoothly in Fedora Infrastructure for everyone. I hope it will continue to be a fun and satisfying trip in the years to come. ;)

A number of folks have asked about this in #fedora over the last few months, so I thought I would do a quick blog post about rc.local in the systemd world. /etc/rc.d/rc.local is no longer shipped, but it still works fine once you set it up correctly: Create /etc/rc.d/rc.local as root. Add a "#!/bin/sh" to the top of it. chmod 755 /etc/rc.d/rc.local Once you do those things, systemd will see the file exists, is executable, is a shell script and will run it. No further action needed. I do hope systemd maintainers keep this functionality around as it's sometimes handy to run things in a simple script rather than create a new unit file for it.

A week or two back we got a bug report from someone that they were downloading Fedora from download.fedora.redhat.com via https and the ssl cert didn't match up. Of course it wouldn't, as download.fedora.redhat.com has pointed to our dl.fedoraproject.org servers for at least 2.5 years now. Since no one should be using this old dns entry now, I asked for it to be removed. I probibly should have made more noise at the time, but didn't think too many people would still be using it. :( I did make a pass at fixing anything I could see still using it in the wiki. In any case, it's gone now. Please take a few minutes to go and look and see if you have any docs or wiki pages or notes or anything else that refers to this old entry, and update it. Please point them to 'dl.fedoraproject.org' (if you want to point directly to our master mirrors) or 'download.fedoraproject.org' (If you want it to point to a mirrormanager mirror that contains the content you seek). Sorry if this causes any issues for anyone, but after 2.5 years, we should really be able to move on.

After seeing Christoph's post fudcon 2012 todo list I thought that making a post fudcon TODO list was a great idea. Here's mine (help welcomed!):

• Need to drop our staging git branch in puppet and merge any staging machine changes into the master branch
• Need to work on making out applications more 'container' like. ie, reduce the things they depend on and make it easier to spin up an env they run in
• Check out cloud tech and filesystems to see if any will meet our needs
• See if we can automate spinning up a application env with all needed integration testing machines
• Get two factor auth working for sudo for sysadmin-main and deploy. Continue adding types of auth and services once it's solid
• Talk to the Board about our torrent seeder.
• Make sure the folks who want to work on reviving smolt have all the info and help they need
• Figure out how best to deploy the new community/tagger applications to production
• Find the time to add the nightly live compose to the rawhide/branched scripts so it happens in a totally automated way
• Finish migrating everything to RHEL6

If there's something I told you I would help you with/do at Fudcon and you don't see it above, please let me know and I will add it to the list. ;)

Day 3 started out over at Macbride hall again. Some of us Fedora Infrastructure folks got together to hash out any issues and projects we are concerned about in the coming weeks, months or year. We may have some big challenges ahead with ARM possibly coming in as a primary arch, which will stretch our storage and networks and building code. We are going to take a harder look at torrents and see if they are still worth providing to the community. The new community packages and tagging stuff needs to move into production. Lots of high bandwith talks with involved folks in all those areas. After a nice little lunch, and a few more discussions it was time to head out to the airport. Matt Domsch was able to take 3 of us to the airport, which was nice. At the airport, there was time to sign gpg keys and mail them out from the keysigning the other day as well as make another pass of the cacert.org assurances that I needed to enter into the system. Hopefully flights home will go smoothly. Overall it's been a great fudcon. Lots of things seemed to get discussed and worked out. I heard very little where people were asking for something that they were not willing to champion themselves, which I think is excellent. Thanks to all the folks who worked so hard to put on a great event and those who attended.

Saturday started off super early: Scheduled for a 8:30 start (although we didn't actually start until 9am). We had some intro and then pitching of barcamp sessions. Lots of nice sounding sessions. Then a short State of Fedora talk from our fearless Fedora Project leader. There were tons of sessions (as you can see from looking at the wiki: Fudcon wiki page for saturday. I went to the session on making Fedora packaging easier. This was a talk to unveil a few new cool applications that can help folks with maintaining packages. Pretty slick stuff: Community development packages and community dev tagger. It's fast and could be very very handy for users. Lunch was a delightful burger and beefy miracle. Good stuff. After lunch I met up with some IRC folks to discuss some issues and ideas for improvements there. We also did some cacert.org assurances with a few folks (there's another session just for that at 4pm, but since we had a few minutes we went ahead and did it to save time later). Then on to the session on redoing comps and package organization given by Bill Notthingham. There are still lots of details to work out, but comps will split into distro groups (xfce, kde, base, webserver, etc) and categories (web browsers, editors, etc). distro groups will stay in the same place, but categories still need to be hashed out. Some info can come from the package tagging application I saw this morning and some from package maintainers. More info to come, but overall a good plan. Next was the talk and show and tell on the rasberry pi arm box. It's a pretty cute little device. I might have to pick up one after they are available. Then, a lovely cacert event. I assured about 7 people and was in turn assured by 5 more. Then a gpg keysigning which had quite a few folks at it, but we managed to organize and run through checking fingerprints and id's in short order. Only a few minutes to drop things off at the hotel and then it was time for FUDPub over at the student center. Lots of food and fun. Finally some more talk back in the hotel where amusingly a wedding party was gathered. tomorrow will be the last day and travel back home.

Fudcon day 1 started with having to get up at 7:30am to get ready for the 9am starting time. Thats 5:30am my time, so that's an excuse for me being groggy this morning. ;) Had no problem getting to the venue and getting my badge and t-shirt. Then, after some logistics we started in on the first session of the day: Fixing Staging in Fedora Infrastructure. Some background: Currently we have a some 'staging' machines that are supposed to be copies of production instances that we can use to test and integrate new things with. We have a seperate git branch in puppet that handles the staging instances, which seems neat, but turns out to be an annoyance in several ways. There was a lot of information and debate on what production, dev, staging, integration, or the meant. How we could setup puppet. If we could on demand make a staging instance or a subset of those. How process should work. How we could go from here. We came up with a plan of attack and some things to consider:

• Drop the 'staging' git branch. Everything is in the same git repo. ie, all machines are production.
• Try and make our apps more able to be 'containers'. Ie, reduce dependence on other parts of Infrastructure so things can be tested in containers easier.
• Look at ways to build containers or integration staging machines on the fly as needed.

After a quick lunch (man the wind was nasty to/from lunch), it was time for a 2 factor auth session. We've been talking about finishing off yubikey as a true two factor authentication method in fedora infrastructure. We had a lot of good input here and hashed out a plan here too: Short term:

• Fork linotp's pam module to a new project. This would be just the pam module, and we would enhance it to require a valid ssl cert from the server it's talking to before sending it anything, prompting for pin and pass and other enhancements.
• First target is going to be sudo for all sysadmin-main users.
• Create a CGI that the pam module can talk to and send auth info to and return ok, bad, broken
• CGI will likely run on fas servers so it can talk to fas and yubikey
• Some quick and dirty way to query pin

Longer term:

• FAS changes to store and set/reset pin
• ADD google auth or OATH to the CGI
• Increase parts thats are covered/where 2 factor is required

All in all some great sessions today. I think we have some lovely plans in fedora infrastructure, ready to dig in and get working in the coming days and weeks.

Thursday (Fudcon Blacksburg 2012 day 0) was a travel day for me. Had to get up at the unreasonable hour of 4:45 to catch the shuttle to the airport, then to my first flight to chicago. That went off fine, but unfortunately my plane from Chicago to Roanoke was delayed quite a while. ;( On the plus side I got to hang out with 3 other fudcon bound folks and we did some chatting there in the airport. Finally we got a plane and got to Blacksburg, where the magic Spot van picked up about 15 of us and took us to the hotel. The hallway track was well in progress there, and I ended up staying up later than I had thought I could talking to people I usually only see on IRC. Finally got to bed around midnight after catching up on some emails. Looking forward to a great fudcon!

Next weekend is Fudcon Blacksberg 2012 and a number of Fedora Infrastructure folks should be there (Including me). I've signed up to give/facilitate 3 workshops/hackfest sessions:

• Fedora Infrastructure: Revamping our staging server setup, then implemeting it. This will be hopefully friday and sunday. We can try and hash out a plan on friday and look at starting implementation or at least timeline for implementing things on sunday.
• Fedora Infrastructure: 2 factor authentication brainstorming. This will hopefully be saturday. I'd like to try and get full 2 factor auth setup for yubikeys and/or a clear plan to do so. Ideally we will setup a framework where we can also optionally use other 2factor setups (google authenticator, etc). I will also have some yubikeys with me to distribute
• Fedora Infrastructure: Getting started/apprentices/Getting involved. This will be a intro session for folks that would like to get involved with infrastructure. We can answer questions, try and find out what would be a good fit for people starting out and work on our apprentice program to try and make it easier for people to join us.

In addition to those, Toshio is going to be running some sessions on Python programming and software releases using our infrastructure as the example. Should be great stuff. Of course as always in addition to the talks and hackfests, there's a lively "hallway" track: A chance to meet up with folks and discuss things in a high bandwidth way. I hope to see lots of folks I know, and lots of new faces as well. Happy to discuss any fedora related issues or items there. If you're unable to attend this Fudcon, do follow along in #fedora-fudcon on irc.freenode.net. There should be pointers there to whats happening, whats being discussed and allow for remote input. Hopefully we will have irc transcribers in various rooms as well.