F39 proposal: BiggerESP (Self-Contained Change proposal)
by Ben Cotton
https://fedoraproject.org/wiki/Changes/BiggerESP
This document represents a proposed Change. As part of the Changes
process, proposals are publicly announced in order to receive
community feedback. This proposal will only be implemented if approved
by the Fedora Engineering Steering Committee.
== Summary ==
The Fedora installer includes an EFI System Partition of between 200MB
and 600MB by default, of which the lower size is much too small for
firmware updates on modern hardware and also for future bootloader
features like UKI.
This change will increase the minimum size of the ESP to be 500MB,
which is also the same value used by Microsoft for Windows 10 and
newer.
== Owner ==
* Name: [[User:rhughes| Richard Hughes]]
* Email: richard(a)hughsie.com
== Detailed Description ==
Modern hardware has UEFI firmware updates that are more than 64MB in
size. The OEMs recommend a ESP free space of double the flash size
plus 20MB and fwupd now enforces this requirement to ensure flash
success. As the ESP is often shared between Windows and Linux, and
also used for firmware updates, and soon to be used by UKIs it's not
enough to just allocate a few hundreds of megabytes. Windows 10 and 11
allocates an ESP of at least 500MiB. Arch also specifies a minimum of
512 MiB.
== Feedback ==
There is no alternative -- the ESP has to scale up if we want firmware
updates to continue to work and to support UKIs for next-generation
bootloaders.
== Benefit to Fedora ==
Firmware updates will work on future hardware, and we can boot the
kernel using UKIs using next-generation bootloaders.
== Scope ==
* Proposal owners:
We need to change a number in Anaconda:
https://github.com/rhinstaller/anaconda/pull/4711
== Upgrade/compatibility impact ==
We can't grow the ESP in size, and so this change will only affect new
installs. This is fine, as this will affect new hardware more than old
hardware.
== How To Test ==
Install Fedora and observe that /boot/efi has at least 276MB free
space, even when installed alongside Windows.
== Dependencies ==
Anaconda would need to be modified, and Fedora would have a / or /home
partition that's ~300MB smaller by default than it is now.
== Contingency Plan ==
* Contingency mechanism: (What to do? Who will do it?) N/A (not a
System Wide Change)
* Contingency deadline: N/A (not a System Wide Change)
* Blocks release? N/A (not a System Wide Change), No
== Documentation ==
N/A (not a System Wide Change)
== Release Notes ==
Fedora now defaults to a larger EFI System Partition which allows
firmware updates to work on newer hardware, and allows future
bootloader and kernel modernizations.
--
Ben Cotton
He / Him / His
Fedora Program Manager
Red Hat
TZ=America/Indiana/Indianapolis
1 day, 22 hours
F39 proposal: mkosi-initrd (Self-Contained Change proposal)
by Ben Cotton
https://fedoraproject.org/wiki/Changes/mkosi-initrd
This document represents a proposed Change. As part of the Changes
process, proposals are publicly announced in order to receive
community feedback. This proposal will only be implemented if approved
by the Fedora Engineering Steering Committee.
== Summary ==
`mkosi-initrd` is an alternative builder for initrds.
It will be packaged in Fedora, so that users can use it to build
initrds locally.
A `kernel-install` plugin will be provided to build the initrd when a
kernel package is installed.
As a stretch goal, initrds will be build in koji and delivered via rpm packages.
As a further stretch goal, pre-built initrds will be used in Unified
Kernel Images that can be delivered via rpm packages.
Only a subset of installation types will be supported.
== Owner ==
* Name: [[User:zbyszek| Zbigniew Jędrzejewski-Szmek]]
* Name: [[User:lnykryn| Lukáš Nykrýn ]]
* Name: [[User:Daandemeyer| Daan De Meyer]]
* Email: zbyszek - at - in.waw.pl, lnykryn - at - redhat.com,
daandemeyer - at - fb.com
== Detailed Description ==
The process by which we create initrds is complicated and inefficient.
Initrds contain duplicate functionality and require a lot of maintainer effort.
The aim of this proposal is to introduce a vastly simplified mechanism
of initrd creation and simplified initrd contents.
The `mkosi-initrd` project is a set of config files for `mkosi`.
`mkosi` is a program to build operating system images from system packages.
An initrd is built by invoking `mkosi` with the config provided by
`mkosi-initrd`.
Instead of building initrds by scraping the file system and figuring
out dependencies again,
existing packages and normal package installation via `dnf`/`rpm` is
used to populate the initrd.
This also means that the package manager is responsible for satisfying
dependencies.
At runtime, `systemd` is responsible for setting up the execution
environment and invoking programs.
Currently, initrds built in this way are bigger than initrds built by dracut.
They also have limited functionality:
many common types of systems work just fine, but more exotic
configurations are not supported.
See [[#Scope|Scope]] below for a list of known good/bad features.
The goal of this change is to provide an ''alternative'' mechanism.
If the feedback is positive, we may consider using initrds built with
`mkosi-initrd` as default in certain scenarios.
There are no plans to remove `dracut` in the foreseeable future.
This means that for any case not supported or not working well,
`dracut` remains a natural fallback.
In this way this change is similar to
[[Changes/Unified_Kernel_Support_Phase_1]],
as it provides a preview of a new technology as an alternative to the
current established approach.
== Feedback ==
== Benefit to Fedora ==
Current initrd generation with `dracut` is showing its age.
As upstream packages evolve,
repeating the dependency resolution in `dracut` is a constant drain of
maintainer time.
Our `dracut` initrds are already using `systemd`.
But `systemd` is constantly evolving and adding new functionality
related to early boot:
decryption of disks, access to secrets, new configuration mechanisms,
state checks and boot counting.
More and more, `dracut` runtime scripting is a thin wrapper around `systemd`.
We have two job queues: the `dracut` initqueue, and the `systemd` job queue.
This duplication makes everything harder, both during preparation and
at runtime, for little benefit.
The design principle of the new approach is to remove duplicate functionality:
* package `Requires` replace dracut module dependency logic and
automatic installation of libraries based on `ldd` output
* `systemd` job management replaces the remainder of `dracut` runtime
* the environment in the initrd is just a normal linux system (albeit
on a temporary root fs)
* normal package contents replace special scripts crafted for the initrd
Generally, the new scheme requires very little new stuff.
We reuse things that are already available (and used):
`dnf` and `rpm`,
packages for all stuff that is used in the initrd,
`systemd`,
special systemd units for the initrd.
The new component is a mechanism that builds the initrd out of packages.
But it is a relatively simple step that requires very little maintenance.
The biggest part of the initial work is the creation of package lists
to install in the initrd,
and adjusting packages to to function correctly in the initrd and not
pull in unnecessary dependencies.
Afterwards, there might be occasional maintenance related to bugs or
package splits.
Initrds built with `mkosi-initrd` should be fully reproducible (in the
sense of reproducible builds).
The work done in packages has external benefits:
package minimization automatically benefits other "small" installations.
== Scope ==
* Proposal owners:
** package `mkosi-initrd`
([https://copr.fedorainfracloud.org/coprs/zbyszek/mkosi-initrd/builds/
copr], review-request
https://bugzilla.redhat.com/show_bug.cgi?id=2189633)
** verify (and fix if necessary) `mkosi-initrd`/`systemd`/other
packages to work with:
*** root on a plain partition
*** root on LVM2
*** root on LUKS
*** root on RAID
*** root on NFS
*** hibernation
** provide a `kernel-install` plugin that builds an initrd locally
** provide a `kernel-install` plugin that combines this initrd with a
kernel binary into a Unified Kernel Image locally
** make dracut not interfere with mkosi-initrd (merge
https://github.com/dracutdevs/dracut/pull/1825 or carry downstream
patch)
** work with koji developers to allow `mkosi-initrd` to run in koji
(stretch goal 1). This requires changing koji to allow access to
downloaded rpms during build.
** add a `mkosi-initrd-initrd` (name TBD) package that builds a set of
subpackages with initrds (stretch goal 2).
(Out of scope: support for root on iSCSI is not planned currently.
Our experiments with iSCSI show that the existing tooling is a bunch
of terrible scripts that don't work at all outside of dracut.)
More items may be added to Scope or listed as not planned based on feedback.
* Other developers: <!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
** koji developers: help with the rpms-in-buildroot functionality and
** koji maintainers and releng: deploy changes in koji in Fedora infra
** anyone: Install the new packages to opt-in into testing the new initrds.
* Release engineering:
* Policies and guidelines: N/A (not needed for this Change)
* Trademark approval: N/A (not needed for this Change)
* Alignment with Objectives:
== Upgrade/compatibility impact ==
This is new functionality that will only impact people who opt-in.
== How To Test ==
* Right now:
** enable the copr and install `mkosi-initrd` (see
[https://github.com/systemd/mkosi-initrd/#mkosi-initrd--build-initrd-image...
instructions])
** adjust configuration:<pre>echo 'initrd_generator=mkosi-initrd'
>>/etc/kernel/install.conf # Until
https://github.com/dracutdevs/dracut/pull/1825 is merged mkdir -p
/etc/kernel/install.d ln -s /dev/null
/etc/kernel/install.d/50-dracut.install</pre>
** Upgrade or reinstall kernel package and reboot
* After `mkosi-initrd` has an official build:
** disable the copr and update to the distro package
** Upgrade or reinstall kernel package and reboot
* After stretch goal 2:
** Install `mkosi-initrd-initrd-<variant>`
** Upgrade or reinstall kernel package and reboot
== User Experience ==
Ideally, there should be no visible change for users.
Obviously, when text logs are shown the console, the output is a bit different.
After stretch goals 2, installation will be quicker.
== Dependencies ==
Support for UKIs in grub2 was implemented in
[[Changes/Unified_Kernel_Support_Phase_1]],
but the support for UKIs in grub2 was not merged.
This support is a requirement for people who want to use mkosi-initrd
UKIs with grub2.
== Contingency Plan ==
* Contingency mechanism: Postpone introduction of features to a later
release. If it turns out that initrds are faulty, users who installed
them will need to manually switch back to dracut initrds.
* Contingency deadline: Any time.
* Blocks release? No.
== Documentation ==
https://github.com/systemd/mkosi-initrd/blob/main/docs/fedora.md
== Release Notes ==
Simplified initrds built with `mkosi-initrd` are available for testing.
--
Ben Cotton
He / Him / His
Fedora Program Manager
Red Hat
TZ=America/Indiana/Indianapolis
4 days, 20 hours
F39 proposal: Fedora Images on Azure (Self-Contained Change proposal)
by Ben Cotton
https://fedoraproject.org/wiki/Changes/Fedora_Images_On_Azure
This document represents a proposed Change. As part of the Changes
process, proposals are publicly announced in order to receive
community feedback. This proposal will only be implemented if approved
by the Fedora Engineering Steering Committee.
== Summary ==
Azure is a massive public cloud and offering an official Fedora Cloud
image there would expand Fedora's user base. It also gives Fedora
Cloud users more options when selecting public clouds.
== Owner ==
* Name: [[User:mhayden| Major Hayden]], [[User:davdunc| David Duncan]]
* Email: major(a)redhat.com, davdunc(a)amazon.com
== Detailed Description ==
We want to:
* Get Azure images built via the existing Pungi processes
* Publish Azure images via Azure's image gallery
* Test these images during regularly scheduled Fedora Cloud test days
before final release
* Ensure that the Azure URN is linked on the Fedora website in the
cloud downloads section (similar to how AWS images are listed today)
== Feedback ==
Another alternative would be to offer a VHD download option from a
mirror, but that
would require users to download the image and upload it to Azure on
their own. This
could be challenging for users without technical skills to complete
these steps or for
users with slow network connectivity.
== Benefit to Fedora ==
* Expands Fedora's official image public cloud footprint to Azure
(currently just AWS and GCP)
* Allows Azure customers to launch official Fedora images which were
tested before launch
* Raises awareness around Fedora Cloud images
== Scope ==
* Proposal owners: Isolated change that does not affect the OS itself
but does improve its availability in public clouds.
* Other developers: Does not affect other developers or features in Fedora.
* Release engineering: [https://pagure.io/releng/issue/11398 #11398]
* Policies and guidelines: N/A (not needed for this Change)
* Trademark approval: N/A (not needed for this Change)
* Alignment with Community Initiatives: N/A
== Upgrade/compatibility impact ==
This is a net new offering in a cloud where Fedora was not previously offered.
== How To Test ==
* Verify that the Fedora image appears in Azure's image gallery
* Launch an Azure VM with the new Fedora image
* Complete the usual verification that is done on other clouds during
[https://fedoraproject.org/wiki/Test_Results:Fedora_39_Rawhide_20230418.n....
test days]
== User Experience ==
Customers on Azure will notice that a new Fedora official images is
available to them.
Users of other platforms, such as workstation and server, will not see a change.
Customers of other clouds, such as AWS, will not see a change either.
== Dependencies ==
All dependencies are already packaged and tested. One of the biggest
is the Azure Linux
agent ({{package|WALinuxAgent}}), but it has been packaged in Fedora
for multiple releases and is
verified to work on Azure.
== Contingency Plan ==
* Contingency mechanism: N/A (not a System Wide Change)
* Contingency deadline: N/A (not a System Wide Change)
* Blocks release? No
== Documentation ==
N/A (not a System Wide Change)
== Release Notes ==
Fedora Cloud Edition is now available for use in Microsoft Azure.
--
Ben Cotton
He / Him / His
Fedora Program Manager
Red Hat
TZ=America/Indiana/Indianapolis
2 weeks, 2 days
memtest86plus v6.00
by Richard W.M. Jones
Earlier discussion:
https://www.mail-archive.com/devel@lists.fedoraproject.org/msg169800.html
Current memtest86+ 5.x requires non-UEFI, which makes it increasingly
irrelevant to modern hardware. memtest86 forked into a proprietary
product some time ago. However there is hope because upstream
memtest86+ 6.00 is (a) open source and (b) seems to work despite the
large warnings on the website:
https://memtest.org/
Note this new version is derived from pcmemtest mentioned in the
thread above which is only indirectly derived from memtest86+ 5.x and
removes some features.
So my question is are we planning to move to v6.00 in future?
I did attempt to build a Fedora RPM, but it basically involves
removing large sections of the existing RPM (eg. the downstream script
we add seems unnecessary now and the downstream README would need to
be completely rewritten). It's probably only necessary to have
memtest.efi be installed as /boot/memtest.efi and although it won't
appear automatically in the grub menu, it can be accessed by a trivial
two line command.
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-p2v converts physical machines to virtual machines. Boot with a
live CD or over the network (PXE) and turn machines into KVM guests.
http://libguestfs.org/virt-v2v
2 weeks, 3 days
soname bump: libtraceevent and libtracefs
by Zamir SUN
Hi,
I'm working on libtraceevent and libtracefs update. There will be soname
bump happening to them. Namely,
libtraceevent.so 1.6.3 -> 1.7.2
libtracefs.so 1.5.0 -> 1.6.4
IIRC only kernel-tools (for perf and rtla) and trace-cmd depends on
them. So I'm also copying their corresponding contacts.
As for libtraceevent, I've tried running trace-cmd/perf/rtla with the
new version and they still works. So I've updated it in Rawhide, Fedora
38 and Fedora 37. They are now in Bodhi.
As for libtracefs I've built it in side tag f39-build-side-65890. I plan
to update it in both Rawhide and Fedora 38 this week.
HTH.
--
Zamir SUN
GPG : 1D86 6D4A 49CE 4BBD 72CF FCF5 D856 6E11 F2A0 525E
Want to know more about Fedora?
Visit https://fedoraproject.org/wiki/
Ready to contribute? See https://whatcanidoforfedora.org/
想了解更多中文资讯,访问 https://zh.fedoracommunity.org/
2 weeks, 3 days
Fun with GRUB2, BLS and Multiboot USB
by Philip Rhoades
People,
LILO and SysLinux were simple and GRUB1 was straightforward - but by the
time GRUB2 came around I was long past configuring my own kernels and
hacking around at a lower level . . now I think, finally, I need to know
more about how GRUB2 - works specifically with Fedoras 38+.
This current interest was prompted when I upgraded my WS from F37
KDE(->Sway) via a beta F38 LiveSway and found that /boot/grub2/grub.cfg
did not contain a menuentry for the latest F38!? - much hacking and
experimenting followed . .
Now I have a WS with two USB sticks (8G and 32G) and have booted the
latest F38 Live Sway (on the 8G) and successfully installed it to the
32G and now my mild OCD is less offended when I boot on the 32G USB I
see ALL the old Fedora systems on drives /dev/sd[a-d] ! - I am happy!
So, I have git cloned the grub2 stuff and had a look at it but I am too
old now to be digging around in that stuff just at the moment - so, has
any Fedora Guru produced a diagram or at least a point list, of what
Grub does from turning on the power to the display of the Grub menu on a
Fedora machine? - that would be nice as a more-detailed overview than I
have been able to find so far - but not so low-down I am amongst the
weeds . . that might come later . .
Thanks,
Phil.
--
Philip Rhoades
PO Box 896
Cowra NSW 2794
Australia
E-mail: phil(a)pricom.com.au
2 weeks, 4 days
