A trojan horse perhaps?

It's come to light that Fedora 12's default behaviour include allowing non-root users to install rpms. A decision that was apparently taken and implemented without any community discussion and only came to light when it was mentioned in the comments of a bug report. Unsurprisingly it's proving very controversial.

https://bugzilla.redhat.com/show_bug.cgi?id=534047

https://www.redhat.com/archives/fedora-devel-list/2009-November/msg00926.html

WTF? Icon for obvious reasons.

Torrenting now

...that is all

Re: a trojan horse perhaps?

To call it a trojan would suggest that there's some malice involved. It looks more to me as though the security considerations were carefully considered (as they generally are for this kind of thing) but someone who should have known better overlooked what with hindsight might be blindingly obvious issues. On the other hand, the blindingly obvious might be misunderstandings as well (though I'm less convinced of that just at the moment).

In case anyone is missing it, the one-line command in the bug report that can be used to turn the feature off is

pklalockdown --lockdown org.freedesktop.packagekit.package-install

It'll prompt you for the root password :-) but it works for me.

It's not a good reason to avoid F12 either -- F11 was good, but this is better.

Yeah, but...

...does it come with an installer that works? Because the last one just crashed all the time when I tried to install it. I gave up after a day and put Ubuntu on the machine instead. Ok, so that's a piece of garbage too, but at least it installed.

A good thing to check....

....is the Fedora Common Bugs page, linked from the F12 release notes page.

What it shows is that the list of things people generally have trouble with when installing and running F12 is pretty small, and that's a pretty good indication of the quality of the OS.

I've been running Fedora since it first appeared, and with few exceptions it's proved to work well on desktop and laptop machines. Even when upgrading...

Perfect it isn't, but excellent it is.

@Brian Morrison

Well, um, it sorta shows that, but you also have to factor in the equally important contributory factors of how much work has been put into the Common Bugs page so far. :) I'm the major contributor to that page, as I was to the Mandriva Errata pages when I worked there, and I generally tell people to try and avoid using Errata / Common Bugs pages as a metric for how broken a distro is because it essentially penalizes us for doing good work (documenting issues). The Fedora 11 Common Bugs page is longer than Fedora 10's not because 11 is more broken than 10 but because we put more work into the 11 page. Mandriva's situation around the 2007-2007 Spring releases was the same. So, please be careful when doing that :)

in practice though, yes, F12 should be somewhat more robust than F11 in installation. F11 was the first release with the rewritten storage handling code; F12 is the second, so obviously there's been more time to polish it and fix bugs. There will _always_ be some corner-case system out there where the installer won't boot, but it should be good on most.

@Bug, ACs re PackageKit policy issue

That issue is currently under heavy discussion. An official announcement about it should be forthcoming some time today, and it will be discussed at tomorrow's Fedora engineering steering committee meeting, which is where changes (if any) will be decided on. That meeting takes place in #fedora-meeting on Freenode IRC at 17:00 UTC.

I expect some people will come here looking for answers

After all, The Register is known to be the Source of All Wisdom so in keeping with that:

http://www.redhat.com/archives/fedora-devel-list/2009-November/msg01445.html

or

http://tinyurl.com/y9jvjgd

A bad smell

> So what does the Fedora 12 release have to offer? The answer is quite a bit, particularly

> with respect to virtualization tools - an area in which Fedora has long been ahead of

> the crowd

Not quite. Fedora seem to have gone out of their way to ensure that there is no Xen Dom0 support in any of F9, F10, F11, or F12. I run my Dom0 on F8, and will be changing to SLES when I need to upgrade.

You don't have to be a master of conspiracy theorism to see what's going on here: RedHat paid $107M for Qumranet last year, and acquired KVM in the process. The future of virtualisation on RH is therefore KVM.

Curiously:

> Frields says that Fedora is intended "first and foremost for users interested in

> and capable of contributing to open source."

Am I the only one to detect the stink of hypocrisy here?

Xen? Oh please

You can't really blame Red Hat for getting rid of Xen. Xen was a mess to maintain. Try patching your kernel manually and you'll find that running Xen means that you have to stick with specific kernels and is a pain. Xen also never made it to the kernel for this reason. KVM is a lot more agile + development is progressing a lot faster. KVM, VMware and possibly Microsoft's virtualization solutions are the future.

Deleting it now

Installed, 4 hours of ext4/grub hows-yer-father, then 14 hour nvidia driver nightmare. 18 hours of life wasted, rm -r running now. A bag of unstable wank. And I have been doing unix for 20 years, wonder how the newbies got on.