[uefi-secure-boot-guide] master: Updated guide's revision and version (a23a981)
by sparks@fedorahosted.org
Repository : http://git.fedorahosted.org/git/?p=docs/uefi-secure-boot-guide.git
On branch : master
>---------------------------------------------------------------
commit a23a981ad335b99c511a13f8d950036b0302baf5
Author: Eric Christensen <sparks(a)fedoraproject.org>
Date: Fri Jan 4 13:19:51 2013 -0500
Updated guide's revision and version
>---------------------------------------------------------------
en-US/Book_Info.xml | 6 +++---
en-US/Revision_History.xml | 17 +++++++++++++++++
en-US/UEFI_Secure_Boot_Guide.xml | 2 ++
3 files changed, 22 insertions(+), 3 deletions(-)
diff --git a/en-US/Book_Info.xml b/en-US/Book_Info.xml
index 110b16b..90eeffe 100644
--- a/en-US/Book_Info.xml
+++ b/en-US/Book_Info.xml
@@ -10,9 +10,9 @@
<productname>Fedora</productname>
<productnumber>18</productnumber>
-->
- <productname>Fedora Draft Documentation</productname>
- <productnumber></productnumber>
- <edition>18.0.1</edition>
+ <productname>Fedora</productname>
+ <productnumber>18</productnumber>
+ <edition>18.1</edition>
<pubsnumber>0</pubsnumber>
<abstract>
<para>
diff --git a/en-US/Revision_History.xml b/en-US/Revision_History.xml
index 44caa04..17400ce 100644
--- a/en-US/Revision_History.xml
+++ b/en-US/Revision_History.xml
@@ -7,6 +7,23 @@
<title>Revision History</title>
<simpara>
<revhistory>
+ <revision>
+ <revnumber>18-1</revnumber>
+ <date>Fri 04 January 2013</date>
+ <author>
+ <firstname>Eric</firstname>
+ <surname>Christensen</surname>
+ <email>sparks(a)fedoraproject.org</email>
+ </author>
+ <revdescription>
+ <simplelist>
+ <member>Updated 'What is Secure Boot' chapter. (BZ 891758)</member>
+ <member>Updated 'Implementation' chapter. (BZ 891924)</member>
+ <member>Updated Josh Boyer's email address. (BZ 891932)</member>
+ </simplelist>
+ </revdescription>
+ </revision>
+
<revision>
<revnumber>0-1</revnumber>
<date>Thu Jul 12 2012</date>
diff --git a/en-US/UEFI_Secure_Boot_Guide.xml b/en-US/UEFI_Secure_Boot_Guide.xml
index 0723e2a..3e43eaf 100644
--- a/en-US/UEFI_Secure_Boot_Guide.xml
+++ b/en-US/UEFI_Secure_Boot_Guide.xml
@@ -8,7 +8,9 @@
<xi:include href="Preface.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="What_is_Secure_Boot.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<xi:include href="Implementation_of_Secure_Boot.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+<!-- Do not include this chapter at this time.
<xi:include href="Using_your_own_keys.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+-->
<xi:include href="Revision_History.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<index />
</book>
11 years, 4 months
[uefi-secure-boot-guide] master: Changes made per BZ 891924 (6abdb39)
by sparks@fedorahosted.org
Repository : http://git.fedorahosted.org/git/?p=docs/uefi-secure-boot-guide.git
On branch : master
>---------------------------------------------------------------
commit 6abdb39f7dc7145062f732382b1967c45cc573be
Author: Eric Christensen <sparks(a)fedoraproject.org>
Date: Fri Jan 4 13:13:56 2013 -0500
Changes made per BZ 891924
>---------------------------------------------------------------
en-US/Implementation_of_Secure_Boot.xml | 24 ++++++++++++++++++++++--
1 files changed, 22 insertions(+), 2 deletions(-)
diff --git a/en-US/Implementation_of_Secure_Boot.xml b/en-US/Implementation_of_Secure_Boot.xml
index b60d1b8..024d4cf 100644
--- a/en-US/Implementation_of_Secure_Boot.xml
+++ b/en-US/Implementation_of_Secure_Boot.xml
@@ -6,10 +6,30 @@
<chapter id="chap-UEFI_Secure_Boot_Guide-Implementation_of_UEFI_Secure_Boot">
<title>&PRODUCT;'s Implementation of UEFI Secure Boot</title>
<para>
- Systems with UEFI Secure Boot enabled will ship with a set of vendor-determined keys installed in the firmware. These keys include the ability to boot from binaries signed by the signing service hosted by Microsoft. This feature includes simultaneous support for two methods of booting under this scheme. Under the first scheme, Fedora will utilize the signing service hosted by Microsoft. Under the second, a site will create their own keys and deploy them in system firmware, and will do their own signing of binaries with it. In both schemes, shim, grub2, and the kernel will detect that they are started in what UEFI describes as "User mode" with Secure Boot enabled, and upon detecting this they will validate the next stage with a Fedora-specific cryptographic public key before starting it. Additionally, grub2 will operate with similar restrictions as it would if you had set a supervisory password in your configuration. Once the kernel is booted, it will also detect that it is
in Secure Boot mode, which will cause several things to be true: it will validate the boot command line to only allow certain kernel settings, it will check loaded modules for signatures and refuse to load them if they are unsigned, and it will refuse any operations from userland which cause userland-defined DMA.
+ The Fedora Secure Boot implementation includes support for two methods of booting under the Secure Boot mechanism. The first method utilizes the signing service hosted by Microsoft to provide a copy of the shim bootloader signed with the Microsoft keys. The second method is a more general form of the first, wherein a site or user can create their own keys, deploy them in system firmware, and sign their own binaries.
</para>
<para>
- Under this scheme, the signing service will be used to sign a first-stage bootloader, <ulink url="https://github.com/mjg59/shim">shim</ulink>, which holds a Fedora-specific public key. shim will then validate against the Fedora-defined key referenced above.
+ In both methods, shim, grub2, and the kernel will detect that they are started in what UEFI describes as "User mode" with Secure Boot enabled, and upon detecting this they will validate the next stage with a Fedora-specific cryptographic public key before starting it. The validation is done via shim for grub2, and grub2 calls back to shim to validate the kernel as well. Once the kernel is booted, it will also detect that it is in Secure Boot mode, which will cause several things to be true:
+ <simplelist>
+ <member>it will validate the boot command line to only allow certain kernel settings</member>
+ <member>it will check modules at load time for signatures and refuse to load them if they are unsigned or signed with a signature not found in the UEFI key store variables (see note)</member>
+ <member>it will refuse any operations from userland which cause userland-defined DMA.</member>
</para>
+ <para>
+ These restrictions are in place to be fully compliant with Secure Boot. This requires us to prevent any execution of unverified code at the supervisor level. Most users won't notice these restrictions as most of the userspace packages that required such access have been fixed to work without it. However, there are a few services or features that will not work in a Secure Boot enabled machine at this time. They include:
+ <simplelist>
+ <member>kexec/kdump</member>
+ <member>hibernate (suspend to disk)</member>
+ <member>third party modules that are unsigned, or signed with an unknown key</member>
+ <member>systemtap kernel probing (and kprobes)</member>
+ </para>
+ <para>
+ In future iterations of Secure Boot support the above may also be possible, however secure implementations were not feasible in the Fedora 18 timeframe.
+ </para>
+ <note>
+ <title>Note</title>
+ <para>Other distributions have chosen to not require signed kernel modules in their Secure Boot implementation. Fedora believes that to fully support Secure Boot this is required. We are working to limit the impacts of this while ensuring that untrusted module code is not allowed to execute.
+ </para>
+ </note>
</chapter>
11 years, 4 months
[uefi-secure-boot-guide] master: Updated content per BZ 891758 (33f500e)
by sparks@fedorahosted.org
Repository : http://git.fedorahosted.org/git/?p=docs/uefi-secure-boot-guide.git
On branch : master
>---------------------------------------------------------------
commit 33f500e08a776d3a1bc1cb506f8b2132a036c84d
Author: Eric Christensen <sparks(a)fedoraproject.org>
Date: Fri Jan 4 12:58:15 2013 -0500
Updated content per BZ 891758
>---------------------------------------------------------------
en-US/What_is_Secure_Boot.xml | 14 ++++++++++----
1 files changed, 10 insertions(+), 4 deletions(-)
diff --git a/en-US/What_is_Secure_Boot.xml b/en-US/What_is_Secure_Boot.xml
index c53c405..85b7037 100644
--- a/en-US/What_is_Secure_Boot.xml
+++ b/en-US/What_is_Secure_Boot.xml
@@ -6,17 +6,23 @@
<chapter id="chap-UEFI_Secure_Boot_Guide-What_is_Secure_Boot">
<title>What is UEFI Secure Boot?</title>
<para>
- Secure boot is a setup using UEFI firmware to check cryptographic signatures on the bootloader and associated OS kernel to ensure they have not been tampered with or bypassed in the boot process. With the planned release of Windows 8, Microsoft has decided that all hardware that is marked "Windows 8 client ready" should:
+ Secure Boot is a setup using UEFI firmware to check cryptographic signatures on the bootloader and associated OS kernel to ensure that only trusted OS binaries are loaded during the boot process. These signatures are verified against keys stored in UEFI variables. If a binary contains a valid signature, it is allowed to execute. If it does not, the binary is not allowed to execute.
<simplelist>
<member>Have secure boot enabled by default.</member>
<member>Allow a physically present user to disable secure boot in the firmware interface.</member>
- <member>Ship the Microsoft keys in firmware.</member>
+ <member>Ship the Microsoft key in firmware.</member>
<member>Allow a physically present user to enroll their own keys in the firmware interface.</member>
</simplelist>
- This means that Fedora as it stands booted on such hardware will refuse to boot until the user disables secure boot in the firmware.
+ This means that Fedora versions before Fedora 18 booted on such hardware will refuse to boot until the user disables Secure Boot in the firmware. While disabling Secure Boot is a viable option that some users may wish to choose, it is not an optimal solution.
</para>
<para>
- Maintainers of the grub2, kernel and associated packages have proposed a plan where by Fedora will have Verisign (via Microsoft) sign a bootloader shim that will in turn boot grub2 (signed by a Fedora key) and the Fedora kernel (signed by a Fedora key) to allow out of the box booting on secure boot enabled hardware. Additionally, they will provide tools and information for users to create their own keys and sign their own copy of boot shim and grub2 and kernel (and whatever else they wish to sign). This plan has been approved by the Fedora Engineering Steering Committee as of 23-Jul-2012.
+ To facilitate out of the box functionality on new hardware, the maintainers of the grub2, kernel and associated packages have implemented Secure Boot support in Fedora 18. On UEFI machines, Fedora 18 uses a small bootloader called "shim" that has been signed by the Microsoft signing service (via Verisign). This allows UEFI to load shim on Windows 8 client ready machines and continue the boot process for Linux. Shim in turn boots grub2, which is signed by a Fedora key. Grub2 then boots a similarly signed Linux kernel provided by Fedora which loads the rest of the OS as per the usual boot process. The machine remains in Secure Boot mode.
+ </para>
+ <para>
+ Additional tools and information will provided for users to create their own keys and sign their own copy of shim and grub2 and kernel.
+ </para>
+ <para>
+ This plan was approved by the Fedora Engineering Steering Committee on 23-Jul-2012.
</para>
</chapter>
11 years, 4 months
[uefi-secure-boot-guide] master: Changed Josh's email address. BZ 891932 (42e7e8e)
by sparks@fedorahosted.org
Repository : http://git.fedorahosted.org/git/?p=docs/uefi-secure-boot-guide.git
On branch : master
>---------------------------------------------------------------
commit 42e7e8e8a22dbde02c1eaeb20cdfe054057d560f
Author: Eric Christensen <sparks(a)fedoraproject.org>
Date: Fri Jan 4 12:15:41 2013 -0500
Changed Josh's email address. BZ 891932
>---------------------------------------------------------------
en-US/Author_Group.xml | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/en-US/Author_Group.xml b/en-US/Author_Group.xml
index c318a02..a645c55 100644
--- a/en-US/Author_Group.xml
+++ b/en-US/Author_Group.xml
@@ -11,7 +11,7 @@
<orgname>Fedora Project</orgname>
<orgdiv></orgdiv>
</affiliation>
- <email>jwboyer(a)gmail.com</email>
+ <email>jwboyer(a)redhat.com</email>
</author>
<author>
<firstname>Kevin</firstname>
11 years, 4 months
[install-guide] Added IPv6 configuration to EFI PXE boot config section
by Jack Reed
commit 4e36aa4ea4b356899051da13349f6c72573fd3b3
Author: Jack Reed <jreed(a)redhat.com>
Date: Fri Jan 4 11:46:58 2013 +1000
Added IPv6 configuration to EFI PXE boot config section
en-US/pxe-server-config-efi.xml | 28 ++++++++++++++++++++++++++++
1 files changed, 28 insertions(+), 0 deletions(-)
---
diff --git a/en-US/pxe-server-config-efi.xml b/en-US/pxe-server-config-efi.xml
index fe3b643..0c464c9 100644
--- a/en-US/pxe-server-config-efi.xml
+++ b/en-US/pxe-server-config-efi.xml
@@ -68,6 +68,34 @@
}
}
</screen>
+
+ <para>
+ Configuring a DHCP server for IPv6 differs slightly. Crucially, the <filename>filename</filename> option must be replaced with a <filename>bootfile-url</filename> string. Both identify the boot file that the PXE <command>tftp</command> process should download, but each is specific to the version of the IP protocol being used. <filename>bootfile-url</filename> specifies an IPv6 network location for the boot file.
+ </para>
+ <para>
+ A sample configuration in <filename>/etc/dhcp/dhcpd6.conf</filename> might look like:
+ </para>
+
+<screen>
+ default-lease-time 2592000;
+ preferred-lifetime 604800;
+ option dhcp-renewal-time 3600;
+ option dhcp-rebinding-time 7200;
+ option dhcp6.name-servers 3ffe:501:ffff:100:200:ff:fe00:3f3e;
+ option dhcp6.domain-search "test.example.com","example.com";
+ option dhcp6.info-refresh-time 21600;
+ dhcpv6-lease-file-name "/var/lib/dhcpd/dhcpd6.leases";
+
+ subnet6 3ffe:501:ffff:100::/64 {
+ range6 3ffe:501:ffff:100::10 3ffe:501:ffff:100::;
+ range6 3ffe:501:ffff:100:: temporary;
+ prefix6 3ffe:501:ffff:100:: 3ffe:501:ffff:111:: /64;
+
+ option dhcp6.bootfile-url "tftp://[3ffe:501:ffff:100::1]/bootia32.efi";
+ option dhcp6.name-servers 3ffe:501:ffff:100::1;
+
+ }
+</screen>
</step>
<step>
11 years, 4 months
[install-guide] Adding note about setting wireless password
by Jack Reed
commit 30ba18da0a5f6be9fb56d05199be5684c2d2f14c
Author: Jack Reed <jreed(a)redhat.com>
Date: Fri Jan 4 11:09:41 2013 +1000
Adding note about setting wireless password
en-US/Netconfig-x86.xml | 3 +++
en-US/Netconfig_common-note-3.xml | 11 +++++++++++
2 files changed, 14 insertions(+), 0 deletions(-)
---
diff --git a/en-US/Netconfig-x86.xml b/en-US/Netconfig-x86.xml
index cbd5b9a..a37ec32 100644
--- a/en-US/Netconfig-x86.xml
+++ b/en-US/Netconfig-x86.xml
@@ -57,6 +57,9 @@
When you have finished editing network settings, click <guibutton>Save</guibutton> to save the new configuration. If you reconfigured a device that was already active during installation, you must restart the device in order to use the new configuration in the installer environment. Use the <guibutton>ON/OFF</guibutton> switch on the <guilabel>Network Configuration</guilabel> screen to restart the device.
</para>
+ <xi:include href="Netconfig_common-note-3.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <!-- When configuring a wireless connection -->
+
<xi:include href="Netconfig_common-section-1.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<!-- Common options -->
diff --git a/en-US/Netconfig_common-note-3.xml b/en-US/Netconfig_common-note-3.xml
new file mode 100644
index 0000000..457fc86
--- /dev/null
+++ b/en-US/Netconfig_common-note-3.xml
@@ -0,0 +1,11 @@
+<?xml version='1.0' encoding='utf-8' ?>
+<!DOCTYPE note PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY % BOOK_ENTITIES SYSTEM "Installation_Guide.ent">
+%BOOK_ENTITIES;
+]>
+<note>
+ <para>
+ When configuring a wireless connection that you also intend to use during the installation, you will not be prompted for a password as you would on an installed system. You must specify a password in the <guilabel>Wireless Security</guilabel> tab in <application>NetworkManager</application>. Once you have saved the configuration, the installer will establish the wireless connection.
+ </para>
+</note>
+
11 years, 4 months
[install-guide] Clarified purpose of checkbox in Editing IPv4 Routes dialog
by Jack Reed
commit 14edf7fcbe6d520d4aa332f1b48f67ddd451dd49
Author: Jack Reed <jreed(a)redhat.com>
Date: Thu Jan 3 14:59:02 2013 +1000
Clarified purpose of checkbox in Editing IPv4 Routes dialog
en-US/Netconfig_common-section-4.xml | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
---
diff --git a/en-US/Netconfig_common-section-4.xml b/en-US/Netconfig_common-section-4.xml
index f19149d..8c5d2e3 100644
--- a/en-US/Netconfig_common-section-4.xml
+++ b/en-US/Netconfig_common-section-4.xml
@@ -31,7 +31,7 @@
Select <guibutton>Ignore automatically obtained routes</guibutton> to make the interface use only the routes specified for it here.
</para>
<para>
- Select <guibutton>Use this connection only for resources on its network</guibutton> to restrict connections only to the local network.
+ Select <guibutton>Use this connection only for resources on its network</guibutton> to restrict connections only to the local network. Unlike additional routes added in this dialog, this setting will be transferred to the installed system and applies to the entire connection. It can be selected even if no additional routes have been configured.
</para>
</section>
11 years, 4 months
[install-guide] Removed section on Restarting Network Device, and added replacement instruction
by Jack Reed
commit 77aabe19926f3e4a35f88641b7cc2aefc8a11d0c
Author: Jack Reed <jreed(a)redhat.com>
Date: Thu Jan 3 14:13:09 2013 +1000
Removed section on Restarting Network Device, and added replacement instruction
en-US/Netconfig-x86.xml | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
---
diff --git a/en-US/Netconfig-x86.xml b/en-US/Netconfig-x86.xml
index 695ab30..cbd5b9a 100644
--- a/en-US/Netconfig-x86.xml
+++ b/en-US/Netconfig-x86.xml
@@ -54,7 +54,7 @@
To add a new connection, click -->
<para>
- When you have finished editing network settings, click <guibutton>Save</guibutton> to save the new configuration. If you reconfigured a device that was already active during installation, you must restart the device to use the new configuration — refer to <xref linkend="restart-network-device-x86"/>.
+ When you have finished editing network settings, click <guibutton>Save</guibutton> to save the new configuration. If you reconfigured a device that was already active during installation, you must restart the device in order to use the new configuration in the installer environment. Use the <guibutton>ON/OFF</guibutton> switch on the <guilabel>Network Configuration</guilabel> screen to restart the device.
</para>
<xi:include href="Netconfig_common-section-1.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
@@ -98,7 +98,7 @@
<xi:include href="Netconfig_common-section-5.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
<!-- The IPv6 settings tab -->
- <xi:include href="Netconfig_restart_network_device-x86.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <!-- <xi:include href="Netconfig_restart_network_device-x86.xml" xmlns:xi="http://www.w3.org/2001/XInclude" /> -->
<!-- Restart a network device -->
</section>
11 years, 4 months
[install-guide] Admonition about RAID level 10 with only two devices
by Jack Reed
commit 5f83409a37698c62e3ef9ac0d9b6450fe1c5ea94
Author: Jack Reed <jreed(a)redhat.com>
Date: Thu Jan 3 10:04:14 2013 +1000
Admonition about RAID level 10 with only two devices
en-US/Create_Software_RAID-common-note-1.xml | 11 +++++++++++
en-US/Create_Software_RAID-common-procedure.xml | 4 ++--
2 files changed, 13 insertions(+), 2 deletions(-)
---
diff --git a/en-US/Create_Software_RAID-common-note-1.xml b/en-US/Create_Software_RAID-common-note-1.xml
new file mode 100644
index 0000000..345ce94
--- /dev/null
+++ b/en-US/Create_Software_RAID-common-note-1.xml
@@ -0,0 +1,11 @@
+<?xml version='1.0' encoding='utf-8' ?>
+<!DOCTYPE para PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY % BOOK_ENTITIES SYSTEM "Installation_Guide.ent">
+%BOOK_ENTITIES;
+]>
+<important>
+ <para>
+ If both <guilabel>Redundancy (mirror)</guilabel> and <guilabel>Optimized performance (stripe)</guilabel> are checked but only two disks are included in the RAID device (refer to step 4), the device level will be RAID 0+1 rather than RAID 10. RAID 0+1 creates and stripes between two partitions on the first disk and mirrors the first disk to the second. A genuine RAID 10 device will only be created if four disks are included.
+ </para>
+</important>
+
diff --git a/en-US/Create_Software_RAID-common-procedure.xml b/en-US/Create_Software_RAID-common-procedure.xml
index acbd18f..1950a41 100644
--- a/en-US/Create_Software_RAID-common-procedure.xml
+++ b/en-US/Create_Software_RAID-common-procedure.xml
@@ -28,8 +28,8 @@
</para>
<xi:include href="Create_Software_RAID-common-variablelist-1.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
- <!-- Optimized performance (stripe) -->
-
+ <!-- Optimized performance (stripe) --> <xi:include href="Create_Software_RAID-common-note-1.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <!-- If both Redundancy (mirror) and Optimized performance (stripe) are checked -->
</step>
<step>
<para>
11 years, 4 months
[install-guide] Restructured layout and XML for Installation Source section
by Jack Reed
commit 141d548ee9043285f2414afff9539e61061044c1
Author: Jack Reed <jreed(a)redhat.com>
Date: Wed Jan 2 15:10:20 2013 +1000
Restructured layout and XML for Installation Source section
en-US/Installation_Source-common-para-1.xml | 11 +++
en-US/Installation_Source-common-para-2.xml | 11 +++
en-US/Installation_Source-common-para-3.xml | 9 ++
en-US/Installation_Source-common-para-4.xml | 8 ++
en-US/Installation_Source-common-variable-list.xml | 12 +++
.../Installation_Source-common-varlistentry-1.xml | 13 +++
.../Installation_Source-common-varlistentry-2.xml | 13 +++
.../Installation_Source-common-varlistentry-3.xml | 55 ++++++++++++
en-US/Installation_Source-x86.xml | 93 +++----------------
.../installationsource/installationsource.png | Bin 28908 -> 30754 bytes
10 files changed, 147 insertions(+), 78 deletions(-)
---
diff --git a/en-US/Installation_Source-common-para-1.xml b/en-US/Installation_Source-common-para-1.xml
new file mode 100644
index 0000000..f4d3815
--- /dev/null
+++ b/en-US/Installation_Source-common-para-1.xml
@@ -0,0 +1,11 @@
+<?xml version='1.0' encoding='utf-8' ?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY % BOOK_ENTITIES SYSTEM "Installation_Guide.ent">
+%BOOK_ENTITIES;
+]>
+<para>
+ Select <guilabel>Installation Source</guilabel> from the Installation Summary Menu.
+</para>
+
+
+
diff --git a/en-US/Installation_Source-common-para-2.xml b/en-US/Installation_Source-common-para-2.xml
new file mode 100644
index 0000000..e544656
--- /dev/null
+++ b/en-US/Installation_Source-common-para-2.xml
@@ -0,0 +1,11 @@
+<?xml version='1.0' encoding='utf-8' ?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY % BOOK_ENTITIES SYSTEM "Installation_Guide.ent">
+%BOOK_ENTITIES;
+]>
+<para>
+ In this section you can specify the location you would like to install Fedora from. Choose between locally available installation media (such as a DVD or an ISO file) or a network location.
+</para>
+
+
+
diff --git a/en-US/Installation_Source-common-para-3.xml b/en-US/Installation_Source-common-para-3.xml
new file mode 100644
index 0000000..592426f
--- /dev/null
+++ b/en-US/Installation_Source-common-para-3.xml
@@ -0,0 +1,9 @@
+<?xml version='1.0' encoding='utf-8' ?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY % BOOK_ENTITIES SYSTEM "Installation_Guide.ent">
+%BOOK_ENTITIES;
+]>
+<para>
+ Select one of the following options:
+</para>
+
diff --git a/en-US/Installation_Source-common-para-4.xml b/en-US/Installation_Source-common-para-4.xml
new file mode 100644
index 0000000..4bd6532
--- /dev/null
+++ b/en-US/Installation_Source-common-para-4.xml
@@ -0,0 +1,8 @@
+<?xml version='1.0' encoding='utf-8' ?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY % BOOK_ENTITIES SYSTEM "Installation_Guide.ent">
+%BOOK_ENTITIES;
+]>
+<para>
+ Once you have selected your installation source, click <guibutton>Done</guibutton> to return to the Installation Summary Menu.
+</para>
diff --git a/en-US/Installation_Source-common-variable-list.xml b/en-US/Installation_Source-common-variable-list.xml
new file mode 100644
index 0000000..9acbd8d
--- /dev/null
+++ b/en-US/Installation_Source-common-variable-list.xml
@@ -0,0 +1,12 @@
+<?xml version='1.0' encoding='utf-8' ?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY % BOOK_ENTITIES SYSTEM "Installation_Guide.ent">
+%BOOK_ENTITIES;
+]>
+<variablelist>
+<xi:include href="Installation_Source-common-varlistentry-1.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+<!-- Auto-detected install media --> <xi:include href="Installation_Source-common-varlistentry-2.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+<!-- ISO file --> <xi:include href="Installation_Source-common-varlistentry-3.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+<!-- On the network -->
+</variablelist>
+
diff --git a/en-US/Installation_Source-common-varlistentry-1.xml b/en-US/Installation_Source-common-varlistentry-1.xml
new file mode 100644
index 0000000..18dfed1
--- /dev/null
+++ b/en-US/Installation_Source-common-varlistentry-1.xml
@@ -0,0 +1,13 @@
+<?xml version='1.0' encoding='utf-8' ?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY % BOOK_ENTITIES SYSTEM "Installation_Guide.ent">
+%BOOK_ENTITIES;
+]>
+<varlistentry>
+ <term>Auto-detected install media</term>
+ <listitem>
+ <para>
+ If you initiated the installation using locally available media, the installer will detect it and display it graphically under this option. Select the media to use it as the installation source, and click <guibutton>Verify</guibutton> to check that the file is suitable for installation.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/en-US/Installation_Source-common-varlistentry-2.xml b/en-US/Installation_Source-common-varlistentry-2.xml
new file mode 100644
index 0000000..bf94852
--- /dev/null
+++ b/en-US/Installation_Source-common-varlistentry-2.xml
@@ -0,0 +1,13 @@
+<?xml version='1.0' encoding='utf-8' ?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY % BOOK_ENTITIES SYSTEM "Installation_Guide.ent">
+%BOOK_ENTITIES;
+]>
+<varlistentry>
+ <term>ISO file</term>
+ <listitem>
+ <para>
+ If installation media has not been detected automatically or you want to use a different file as the installation media, specify a locally-stored ISO file. Select this option and browse to the file's location on your system. Click <guibutton>Verify</guibutton> to check that the file is suitable for installation.
+ </para>
+ </listitem>
+</varlistentry>
diff --git a/en-US/Installation_Source-common-varlistentry-3.xml b/en-US/Installation_Source-common-varlistentry-3.xml
new file mode 100644
index 0000000..1bc7730
--- /dev/null
+++ b/en-US/Installation_Source-common-varlistentry-3.xml
@@ -0,0 +1,55 @@
+<?xml version='1.0' encoding='utf-8' ?>
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!ENTITY % BOOK_ENTITIES SYSTEM "Installation_Guide.ent">
+%BOOK_ENTITIES;
+]>
+<varlistentry>
+ <term>On the network</term>
+ <listitem>
+ <para>
+ To specify a network location, select this option and choose from the following options in the drop-down menu:
+ </para>
+
+ <itemizedlist>
+ <listitem>
+ <para>
+ <guilabel>Closest mirror</guilabel>
+ </para>
+ </listitem>
+
+ <listitem>
+ <para>
+ <guilabel>http://</guilabel>
+ </para>
+ </listitem>
+
+ <listitem>
+ <para>
+ <guilabel>https://</guilabel>
+ </para>
+ </listitem>
+
+ <listitem>
+ <para>
+ <guilabel>ftp://</guilabel>
+ </para>
+ </listitem>
+
+ <listitem>
+ <para>
+ <guilabel>nfs</guilabel>
+ </para>
+ </listitem>
+ </itemizedlist>
+
+
+ <para>
+ Using your selection as the start of the location URL, type the rest into the address box. (If you selected <guilabel>Closest mirror</guilabel>, an address is not required.) If you choose NFS, the address box will be grayed out and another box will appear for you to specify any NFS mount options.
+ </para>
+
+ <para>
+ To configure a proxy, click <guibutton>Proxy setup</guibutton> unless you are installing via FTP and NFS (proxies are unavailable for these methods). Check <guilabel>Enable HTTP proxy</guilabel> and type the URL into the <guilabel>Proxy URL</guilabel> box. If your proxy requires authentication, check <guilabel>Use Authentication</guilabel> and enter a username and password. Click <guibutton>Add</guibutton>.
+ </para>
+
+ </listitem>
+</varlistentry>
diff --git a/en-US/Installation_Source-x86.xml b/en-US/Installation_Source-x86.xml
index a43212e..ebb98c5 100644
--- a/en-US/Installation_Source-x86.xml
+++ b/en-US/Installation_Source-x86.xml
@@ -5,90 +5,27 @@
]>
<section id="installation-source-x86">
<title>Installation Source</title>
- <para>
- Select <guilabel>Installation Source</guilabel> from the Installation Summary Menu.
- </para>
-
- <para>
- Specify the location you would like to install Fedora from. Choose between an ISO file or a network location.
- </para>
-
-<xi:include href="Installation_Source-figure-1.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
-
- <para>
- If you initiated the installation using a full DVD ISO, the installer will detect the ISO and display it under <guilabel>Auto-detected install media</guilabel>. Select the ISO to use it as the installation source.
- </para>
-
- <para>
- If an ISO has not been detected automatically, specify a locally-stored ISO file. Click <guibutton>Choose an ISO</guibutton> and browse to the file's location on your system. After selecting an ISO, click <guibutton>Verify</guibutton> to check that the file is suitable for installation.
- </para>
-
- <para>
- To specify a network location, choose from the following options in the drop-down menu:
- </para>
-
- <itemizedlist>
- <listitem>
- <para>
- <guilabel>Closest mirror</guilabel>
- </para>
- </listitem>
-
- <listitem>
- <para>
- <guilabel>http://</guilabel>
- </para>
- </listitem>
-
- <listitem>
- <para>
- <guilabel>https://</guilabel>
- </para>
- </listitem>
-
- <listitem>
- <para>
- <guilabel>ftp://</guilabel>
- </para>
- </listitem>
-
- <listitem>
- <para>
- <guilabel>nfs</guilabel>
- </para>
- </listitem>
- </itemizedlist>
-
-
- <para>
- Using your selection as the start of the location URL, type the rest into the address box. (If you selected <guilabel>Closest mirror</guilabel>, an address is not required.)
- </para>
-
- <para>
- If you choose NFS, the address box will be grayed out. Another box will appear for you to specify any NFS mount options.
- </para>
-
- <para>
- To configure a proxy, click <guibutton>Proxy setup</guibutton> unless you are installing via FTP and NFS. Proxies are unavailable for these methods.
- </para>
-
- <para>
- Check <guilabel>Enable HTTP proxy</guilabel> and type the URL into the <guilabel>Proxy URL</guilabel> box. If your proxy requires authentication, check <guilabel>Use Authentication</guilabel> and enter a username and password. Click <guibutton>Add</guibutton>.
- </para>
-
- <para>
+
+<xi:include href="Installation_Source-common-para-1.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+<!-- Select Installation Source from the Installation Summary Menu. --> <xi:include href="Installation_Source-common-para-2.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+<!-- In this section you can specify the location you would like to install Fedora from. --> <xi:include href="Installation_Source-figure-1.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+<xi:include href="Installation_Source-common-para-3.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+<!-- Select one of the following options: --> <xi:include href="Installation_Source-common-variable-list.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+<!-- Auto-detected install media -->
+
+ <!-- <para>
Any Fedora updates available on the network will be automatically installed unless you check the <guilabel>Updates</guilabel> option in this section. This ensures that only the software versions available on the installation media are installed.
- </para>
+ </para>
<important>
<para>
- Choosing not to install available updates may pose a security risk to your system.
+ Choosing not to install available updates may pose a security risk to your system.
</para>
- </important>
+ </important> -->
- <para>
- Once you have selected your installation source, click <guibutton>Done</guibutton> to return to the Installation Summary Menu.
- </para>
+ <xi:include href="Installation_Source-common-para-4.xml" xmlns:xi="http://www.w3.org/2001/XInclude" />
+<!-- Once you have selected your installation source -->
+
<!-- <figure float="0">
<title>Language Configuration</title>
diff --git a/en-US/images/installationsource/installationsource.png b/en-US/images/installationsource/installationsource.png
index 68dc7aa..52f2ab0 100644
Binary files a/en-US/images/installationsource/installationsource.png and b/en-US/images/installationsource/installationsource.png differ
11 years, 4 months