18 Apr 2025 5:40pm GMT

This is a weekly report from the I&R (Infrastructure & Release Engineering) Team. We provide you both infographic and text version of the weekly report. If you just want to quickly look at what we did, just look at the infographic. If you are interested in more in depth details look below the infographic.

Week: 14 Apr - 18 Apr 2025

Infrastructure & Release Engineering

The purpose of this team is to take care of day to day business regarding CentOS and Fedora Infrastructure and Fedora release engineering work.
It's responsible for services running in Fedora and CentOS infrastructure and preparing things for the new Fedora release (mirrors, mass branching, new namespaces etc.).
List of planned/in-progress issues

Fedora Infra

• In progress:
  • FedoraQA - Testdays - OIDC setup
  • Create COPR group
  • Find old docs content on proxies and remove it
  • redeploy aws proxies
  • Disable self-serve project creation on pagure.io
  • Link in staging distgit instance leads to prod auth
  • re-add datagrepper nagios checks (and add to zabbix?)
  • Fix logrotate on kojipkgs01/02
  • 2025 datacenter move (IAD2->RDU3)
  • Broken link for STG IPA CA certificate, needed for staging CentOS Koji cert
  • [CommOps] Open Data Hub on Communishift
  • retire easyfix
  • Deploy Element Server Suite operator in staging
  • Pagure returns error 500 trying to open a PR on https://src.fedoraproject.org/rpms/python-setuptools-gettext
  • Create a POC integration in Konflux for fedora-infra/webhook-to-fedora-messaging
  • maubot-meetings bot multi line paste is cut
  • setup ipa02.stg and ipa03.stg again as replicas
  • Manage our new testing.farm domain via AWS Route53
  • Move OpenShift apps from deploymentconfig to deployment
  • The process to update the OpenH264 repos is broken
  • httpd 2.4.61 causing issue in fedora infrastructure
  • Support allocation dedicated hosts for Testing Farm
  • EPEL minor version archive repos in MirrorManager
  • Add fedora-l10n pagure group as an admin to the fedora-l10n-docs namespace projects
  • vmhost-x86-copr01.rdu-cc.fedoraproject.org DOWN
  • Add yselkowitz to list to notify when ELN builds fail
  • Cleaning script for communishift
  • Setup RISC-V builder(s) VM in Fedora Infrastructure
  • Move from iptables to firewalld
  • Port apps to OIDC
  • Help me move my discourse bots to production?
  • rhel9 adoption
  • Replace Nagios with Zabbix in Fedora Infrastructure
  • Migration of registry.fedoraproject.org to quay.io
• Done:
  • COPR not running building when Webhook in GitLab or GitHub is triggered by push events
  • RFE: improvement to blockerbugs app
  • [freeze break request] Reinstallation of AWS Proxies
  • https://src.fedoraproject.org/user/salimma gives "Gateway Timeout"
  • Koji builds are failing because of autospec
  • Still with OpenID
  • Add StartInstanceRefresh permission for fedora-ci-testing-farm user in AWS
  • Add support for creating RDS instances under testing-farm- prefix

CentOS Infra including CentOS CI

• In progress:
  • Release Improvements
  • Upgrade cbs.stg koji env to el9
  • Add proposed-updates c9s and c10s tags to hyperscale9s and hyperscale10s tags
  • Missing s390x extras/extras-common repo
  • Ensuring ansible automation in place can manage/control el10 nodes
  • [spike] : investigating ppc64le kvm host option with el9/el10 (for Power10)
  • (Cloud SIG) OKDerator CI/CD space
  • [spike] : investigating needed deps (poetry) for duffy on el9
  • [spike] : investigating options/alternatives for the upcoming DC move
• Done:
  • ppc64le needs more memory per CPU for CS Koji builds
  • Document - impact of datacentre move on Testing Jenkins
  • Add kiwi to CentOS Stream Koji
  • Replace some Infrastructure servers (out of warranty)
  • Access to mail server for cloud-softwarefactory application mails
  • mirror request : mirror.navercorp.com
  • Decommission old https://koji.mbox.centos.org/koji/ instance
  • Retire Public CI SIG
  • Onboarding new infra SIG member
  • Migrate main backup storage pool to different hardware

Release Engineering

• In progress:
  • Fix OpenH264 tagging issues
  • Unretire rpms/drawing
  • Turn EPEL minor branching scripts into playbooks
  • Accidentally created a branch in rust-tonic-types
  • Mass retirement of packages with uninitialized rawhide branch
  • Please send openh264-2.6.0 to Cisco
  • 300+ F42FTBFS bugzillas block the F41FTBFS tracker
  • Packages that have not been rebuilt in a while or ever
  • Send compose reports to a to-be-created separate ML
  • .sqlite metadata missing in f41-updates and f41-updates-testing repositories
  • Could we have fedoraproject-updates-archive.fedoraproject.org for Rawhide?
  • Investigate and untag packages that failed gating but were merged in via mass rebuild
  • a few mass rebuild bumps failed to git push - script should retry or error
  • Package retirements are broken in rawhide
  • Update pungi filters
  • Implement checks on package retirements
  • Untag containers-common-0.57.1-6.fc40
  • Provide stable names for images
  • Packages that fail to build SRPM are not reported during the mass rebuild bugzillas
  • When orphaning packages, keep the original owner as co-maintainer
  • Create an ansible playbook to do the mass-branching
  • RFE: Integration of Anitya to Packager Workflow
  • Fix tokens for ftbfs_weekly_reminder. script
  • Update bootloader components assignee to "Bootloader Engineering Team"for Improved collaboration
• Done:
  • KDE & Cosmic-Atomic variants are missing from the release
  • kdsingleapplication package missing in EPEL component lists?
  • Errors during downloading metadata for repository 'epel':
  • Create Fedora 42 Final candidates
  • inconsistent package list on epel10.1-openh264 tag
  • Adjust torrent SOP/process to use correct checksum for KDE edition
  • F42 stable push requests

If you have any questions or feedback, please respond to this report or contact us on #redhat-cpe channel on matrix.

The post Infra and RelEng Update - Week 16 2025 appeared first on Fedora Community Blog.

18 Apr 2025 10:00am GMT

The Fedora RISC-V SIG is excited to share that our RISC-V images for Fedora Linux 42 have landed on-time and without delay! If you've been watching our progress over the past few releases, you know that staying on schedule is a big deal, especially given our goals of eventually gaining "primary" status for RISC-V as an available Fedora Linux architecture. Previous RISC-V builds of Fedora Linux were released with a small delay compared to the other architectures, but with Fedora Linux 42, we're right on track.

Today, we're announcing the general availability of pre-built Fedora Linux 42 images for all our supported boards, QEMU, and container images. You can read more about these images in our previous post and under the Hardware section of the RISC-V team's wiki. These non-official images are brought to you by the Fedora RISC-V Community.

Big Improvements, Smaller Numbers

Behind the scenes, the data tells an even more exciting story.

One way to measure and compare our efforts over time is by analyzing the number of "unresolved dependencies" in the build root. When a package is built, it typically has access to a repository containing every package built for that Fedora release-we call this the build root. Running the dnf repoclosure procedure against this buildroot by itself allows us to quantify the number of dependencies that are being fulfilled for a given build using a package built for a previous Fedora release.

• In Fedora Linux 40, the RISC-V buildroot had over 6,900 unresolved dependencies.

• Fedora Linux 41 slashed that nearly in half to around 3,800.

• Now, with Fedora Linux 42, we're down to just 357 unresolved dependencies across 126 packages.

In other words, there are now only 357 subpackages from 126 packages in the RISC-V Koji which were not built directly for Fedora Linux 42 - a nearly 95% decrease in just one year.

That's not just progress - it's momentum.

These numbers represent the steady roll toward a complete and clean buildroot for RISC-V in Fedora. Every fix, every patch, and every accepted change brings us closer.

Upstream, Together

Our upstreaming work continues apace, and we want to acknowledge that none of this progress would be possible without the incredible collaboration from maintainers across the Fedora Project and beyond. Thank you to everyone who reviewed, accepted, merged, and built our patches. Your support makes this architecture possible.

We're also excited about just how many packages build cleanly without special treatment or overlay repositories that need to be cared for. RISC-V is becoming just another architecture, and that's exactly how it should be.

Get Involved

If you've got RISC-V hardware (or want to try it out via QEMU), there's never been a better time to jump aboard the RISC-V train. Install the image, test your favorite packages, file bugs, and drop by the RISC-V Matrix channel to help us keep this locomotive rolling down the tracks.

Check out the RISC-V wiki page for more information, and we hope to see you on Matrix and helping us shape the future of Fedora Linux on open hardware.

18 Apr 2025 8:00am GMT

Hello friends, I hope you are enjoying the latest release of Fedora Linux - 42, the answer to life, the universe and everything! Before I log off for a long weekend, I wanted to give a quick report on all the happenings around the Fedora Project in the last few weeks. Read on!

Fedora Linux 42 is Released!

If you have not already heard, we released F42 on Tuesday, April 16. Read about our latest release, plus a special note from the Fedora Project Leader, Matthew Miller in the release article. You can get your new version directly from our webpage, or by upgrading from an existing version. There is lots of great features and updates in our latest release, and for specific newness, check out some of the specialized articles on Fedora Magazine:

• Fedora Workstation
• Fedora KDE Plasma Desktop
• Fedora Atomic Desktops
• Fedora Asahi Remix

A huge thank you to everyone who contributed to this release!

Fedora Linux 43 Development

Fedora Linux 43

When one release is a GO, another is in development F43 is well underway with some changes proposed, and some accepted already. Below are the changes currently up for discussion in our community:

• Announced Change Proposals
  • CMake drop install vars
  • CMake ninja default
  • CMake4.0
  • ConfidentialVirtHostIntelTDX
  • CoreOSStopPublishingOSTree
  • FlatpaksNoPpc64le
  • Use COLR for Noto Color Emoji

Our Change Set page has a list of the currently accepted changes, and below are a list of some key date from the F43 schedule:

• June 26 - Changes requiring infrastructure changes
• July 1 - Changes requiring mass rebuild
• July 1 - System Wide changes
• July 22 - Self Contained changes
• July 23 - Mass rebuild
• August 12 - Changes need to be Testable
• August 12 - Branching
• August 26 - Changes need to be Complete

Our Fedora Linux 44 schedule is now live also for all you very early planners, and F45 & F46 schedules will be available by the end of this month.

Hot Topics

Flock to Fedora

Flock to Fedora is just under 7 weeks, or 180-odd sleeps away! This year Flock is being held from June 5 - 8 at Vienna House by Wyndham Andel's Prague. You can register for your ticket now through Eventbrite, and also avail of a self-paid add on ticket for our organized social activity day on June 9. More details about the social day will be released soon once details have been finalized. Our schedule is now live too, with some changes expected to be made over the next few weeks as we confirm our speakers and content. The link to the schedule will be updated soon. If you are looking for a place to stay close to the event hotel, other hotels within walking distance that may be of interest are the Ibis Praha Mala Strana, Orea Hotel Angelo Praha or the NH Prague City. Currently our room block at the event hotel is full. Speakers were given the booking link for priority bookings. Should any more rooms become available to book on the room block, we will update you all with a booking link. We also have a pretty active matrix room, #flock-to-fedora, where most of the news is announced in real time, so come join the conversation there too!

Elections

The Mindshare Committee has undergone a little revamp lately. You can read the updated scope of the committee in their docs page, and keep an eye out on more communication about this from our FCA, Justin Wheeler in the next few days ahead of the elections cycle for more context on the changes. An important thing to take note of is that there is a change to the seat structure of the committee, and are four seats opening for nominations in the F42 elections from April 24. If you would like to be part of this reformation, or know someone who would be a great fit, please nominate yourself or that person (with their express permission) when the nominations period opens.

Speaking of elections, there is also seats opening in Fedora Council (x2), FESCo (x4) and the EPEL Steering Committee (x3). Nominations for these seats will also open on April 24.

Other Important News

We have RISc-V images for Fedora! Check out this post by Kashyap Chamarthy for more details of the work.

Will you be at Flock? Would you like to take part in a Mentor/Mentee lunch? If so, please engage with Akashdeep Dhar on his recent post about organizing this great event during Flock to Fedora.

If you haven't already heard, we are getting a new FPL! Read about Jef Spaleta, our incoming Fedora Project Leader in this post.

Final call for our F42 Release Party Feedback Poll! Please have your say about what kind of event you would like us to have to celebrate the release of Fedora Linux 42 by voting in this poll. It closes April 18, and please be aware that the dates specified are likely to change based on speaker availability, but we will try keep it as close to Towel day as possible

As always, help is wanted and appreciated to find owners for orphaned packages. Take a read of this report by gotmax23 and if you can, take a package (or few!).

That's all for now folks. I wish you a lovely weekend and see you all around the project soon!

The post Fedora Ops Architect Report appeared first on Fedora Community Blog.

17 Apr 2025 8:52pm GMT

In first of a kind movement to develop free and open source fonts for traditional Malayalam scripts, the Rachana Institute of Technology, KaChaTaThaPa Foundation and Sayahna Foundation had previously announced font design competition in May 2024.

Many participants registered from all over India and shared their initial design of a few selected characters. Ten submissions were shortlisted, and the selected participants were invited for a two-day in person workshop conducted at River Valley campus, Trivandrum. The workshop was lead by the jury members - Dr. KH Hussain who designed notably Rachana and Meera fonts (among many other); eminent calligrapher and designer of Sundar, Ezhuthu, Karuna & Chingam fonts, Narayana Bhattathiri; type designer and multi-scripts expert Vaishnavi Murthy; and yours truly. High quality sessions & feedback from the speakers and lively interactive sessions enlightened both experienced and non-technical designers about the intricacies of typeface design.

Refinement

To manage the glyph submissions for collaborative font projects, a friend of mine and I built a web service. The designers just need to create each character in SVG format and upload into their font project. This helped to abstract away from the designers all the technical complexities, such as assigning correct Unicode codepoint, correct naming convention, OpenType layout & shaping etc.

There was mid-term evaluation of the completed glyph set in October 2024; and a couple of online sessions where the jury pointed out necessary corrections and improvements required for each font.

The final submissions were done near the end of December 2024; and further refinements ensued. All the participants were very receptive to the constructive feedback and enthusiastic to improve the fonts. The technical work for final font production was handled by your humble correspondent.

Results

In March 2024, the jury made a final evaluation and adjudged the winners of the competition. All the six fonts completed are published as open source, and they can be downloaded from Rachana website. See the report for the winning entries, font specimens & posters, prize money, and all other details.

RIT Thaara (താര), calligraphic style, named after Sabdatharavali.

RIT Lekha (ലേഖ), body text font.

RIT Lasya (ലാസ്യ). The Latin glyphs were drawn independently based on Akaya Kannada font, as suggested by a jury member.

RIT Ala (അല).

RIT Keram Bold (കേരം).

RIT Indira Bold (ഇന്ദിര).

I am very happy to have the chance to collaborate over the course of a year with designers from various backgrounds to develop beautiful traditional Malayalam orthography fonts and make them all available under free license. I would like to thank the jury members who did exemplary work in evaluating the designs and providing constructive feedback & guidance multiple times that helped to refine the fonts; CVR for the work to create web pages on Rachana website; and the three Foundations for the initiative and funding to make this all possible. Full disclosure: all the jury members worked in volunteer capacity.

Next competition

RIT-KaChaTaThaPa-Sayahna foundations have already announced plans for next open font design competition! This time the focus is on body text fonts.

• Competition details in English (or https://rachana.org.in/fcomp-2026-ann.html)
• Competition details in Malayalam
• Register here.

16 Apr 2025 9:14am GMT

16 Apr 2025 7:15am GMT

16 Apr 2025 7:15am GMT

I don't normally blog about particular CVEs, but Yelp CVE-2025-3155 is noteworthy because it is quite severe, public for several weeks now, and not yet fixed upstream. In short, help files can read your filesystem and execute arbitrary JavaScript code, allowing an attacker to exfiltrate any files your Unix user has access to. Thank you to parrot409 for responsibly disclosing this issue and going above and beyond to provide patches.

• By default, all major browsers allow websites to download files automatically, without user interaction, so installing a malicious help file into your Downloads directory is simple. (If you ever find an unexpected file in your Downloads directory, be careful and maybe don't open it. Cautious users may wish to configure their browsers to prompt before saving a download.)
• The malicious website would next attempt to open the special URL ghelp:///proc/self/cwd/Downloads. This relies on the assumption that the web browser runs with your home directory as current working directory, which in practice will generally be true when launched from your desktop environment.
• Chrome and Firefox prompt the user for permission before launching Yelp. If you grant permission, then Yelp launches and you lose. Don't grant permission. Beware: both browsers have an "always allow" checkbox, and you won't be prompted for permission if you've ever checked it when opening a ghelp URL in the past.
• Epiphany does not prompt the user for permission before opening the URL. Minimal user interaction is required for the attacker to win. If you use Epiphany or any other browser that opens links in external programs without user confirmation, you should immediately uninstall Yelp, or at least change your Downloads directory to something nonstandard.

Timeline:

• December 25: Bug is reported to GNOME Security.
• February 24: The reporter proposes these patches to fix the issue.
• March 26: The 90 day disclosure deadline is reached, so I make the issue report public even though it is not yet fixed. At this point, due to insufficient creativity, I incorrectly assume the issue is likely to be used only in targeted attacks, because it seems to require the attacker to know the path to your downloads directory, which will normally include your Unix username.
• April 5: The bug reporter posts a detailed write-up including a nice GIF to demonstrate the attack exfiltrating ~/.ssh/id_rsa in Chrome. This attack uses /proc/self/cwd/Downloads, bypassing the requirement to know your Unix username.
• April 13: GNOME Security is notified of the write-up.

If you are a Linux operating system vendor, please consider applying the provided patches even though they have not yet been accepted upstream. They're probably not worse than the status quo!

15 Apr 2025 11:08pm GMT

Fedora Silverblue is an operating system for your desktop built on Fedora Linux. It's excellent for daily use, development, and container-based workflows. It offers numerous advantages such as being able to roll back in case of any problems. If you want to rebase to Fedora Linux 42 on your Fedora Silverblue system, this article tells you how. It not only shows you what to do, but also how to revert things if something unforeseen happens.

Update your existing system

Prior to actually doing the rebase to Fedora Linux 42, you should apply any pending updates. Enter the following in the terminal:

$ rpm-ostree update

or install updates through GNOME Software and reboot.

Note

rpm-ostree is the underlying atomic technology that all the Fedora Atomic Desktops use. The techniques described here for Silverblue will apply to all of them with proper modifications for the appropriate desktop.

Rebasing using GNOME Software

GNOME Software shows you that there is new version of Fedora Linux available on the Updates screen.

First thing to do is download the new image, so select the Download button. This will take some time. When it is done you will see that the update is ready to install.

Select the Restart & Upgrade button. This step will take only a few moments and the computer will restart when the update is completed. After the restart you will end up in a new and shiny release of Fedora Linux 42. Easy, isn't it?

Rebasing using terminal

If you prefer to do everything in a terminal, then this part of the guide is for you.

Rebasing to Fedora Linux 42 using the terminal is easy. First, check if the 42 branch is available:

$ ostree remote refs fedora

You should see the following in the output:

fedora:fedora/42/x86_64/silverblue

If you want to pin the current deployment (meaning that this deployment will stay as an option in GRUB until you remove it), you can do this by running this command:

# 0 is entry position in rpm-ostree status
$ sudo ostree admin pin 0

To remove the pinned deployment use the following command:

# 2 is entry position in rpm-ostree status 
$ sudo ostree admin pin --unpin 2

Next, rebase your system to the Fedora Linux 42 branch.

$ rpm-ostree rebase fedora:fedora/42/x86_64/silverblue

Finally, the last thing to do is restart your computer and boot to Fedora Linux 42.

How to roll back

If anything bad happens (for instance, if you can't boot to Fedora Linux 42 at all) it's easy to go back. At boot time, pick the entry in the GRUB menu for the version prior to Fedora Linux 42 and your system will start in that previous version rather than Fedora Linux 42. If you don't see the GRUB menu, try to press ESC during boot. To make the change to the previous version permanent, use the following command:

$ rpm-ostree rollback

That's it. Now you know how to rebase Fedora Silverblue to Fedora Linux 42 and roll back. So why not do it today?

Known Issues

• systemd-remount-fs.service fails to start (root mount options from /etc/fstab are not taken into account anymore with composefs): https://gitlab.com/fedora/ostree/sig/-/issues/72

FAQ

Because there are similar questions in comments for each blog about rebasing to newer version of Silverblue I will try to answer them in this section.

Question: Can I skip versions during rebase of Fedora? For example from Fedora 39 Silverblue to Fedora 42 Silverblue?

Answer: Although it could be sometimes possible to skip versions during rebase, it is not recommended. You should always update to one version above (39->40->41->42 for example) to avoid unnecessary errors.

Question: I have rpm-fusion layered and I get errors during rebase. How should I do the rebase?

Answer: If you have rpm-fusion layered on your Silverblue installation, you should do the following before rebase:

$ rpm-ostree update --uninstall rpmfusion-free-release --uninstall rpmfusion-nonfree-release --install rpmfusion-free-release --install rpmfusion-nonfree-release

After doing this you can follow the guide in this blog post.

Question: Could this guide be used for other ostree editions (Fedora Atomic Desktops) as well like Kinoite, Sericea (Sway Atomic), Onyx (Budgie Atomic),…?

Yes, you can follow the Rebasing using the terminal part of this guide for every Fedora Atomic Desktop. Just use the corresponding branch. For example, for Kinoite use fedora:fedora/42/x86_64/kinoite

15 Apr 2025 9:46pm GMT

The newly released Fedora KDE Plasma Desktop 42 introduces out-of-box support for running x86 and x86-64 programs on ARM systems. This is accomplished by leveraging the emulation stack originally developed for Fedora Asahi Remix. This work is now integrated into Fedora Linux proper. This makes it available for all ARM systems running Fedora Linux, not just Apple Silicon Macs.

How Is This Accomplished

To make it possible to run x86 programs via emulation, we leverage several tools, each solving a specific problem:

• FEX, a fast emulator that can run x86 and x86-64 programs on ARM Linux hosts
• muvm, a tool that can run another program inside a microVM
• binfmt-dispatcher, a simple dispatcher that can dynamically pick the best emulator to use when an x86 or x86-64 program is started

With this setup, when a non-native program is run, the kernel invokes binfmt-dispatcher via the binfmt_misc interface. The dispatcher picks the best emulator to use. This is based on the program, the system it's running on, and its own configuration. By default, we use the FEX emulator, which provides the best compromise between performance and compatibility for most programs. FEX only support host systems running a 4k page-size kernel. Thus, when running on a system with different page-size (such as Apple Silicon Macs running Fedora Asahi Remix 42, which use a 16k page-size), the dispatcher will automatically run FEX inside muvm. This will spin up a microVM with a 4k page-size kernel for compatibility.

If the user prefers to use a different emulator (such as box64 or QEMU), that can be configured globally, or on a per-program basis. The dispatcher automatically installs any missing dependencies via DNF whenever a non-native program is run for the first time that requires them. This installation requires confirmation by the user.

Library Availablity

FEX relies on an immutable filesystem containing a large set of commonly used x86-64 and x86 libraries. However, it cannot contain every library, so it is possible that a program could fail to start due to missing dependencies. Should that happen, consider submitting a pull request to the Kiwi description to get it added. It is also possible to overlay locally additional dependencies, though you should consider this as experimental at this stage. In general, this feature will work best with programs that have reduced or minimal dependencies. This is common with a lot of commercial software. While it is possible to run complex FLOSS applications with a wide dependency web, we recommend just using the native ARM version whenever that's an option. That will always provide the best performance.

Feature Availability

This new feature is available out of the box on Fedora KDE Plasma Desktop 42. It is also available on Fedora Asahi Remix, in both the KDE Plasma and the GNOME editions. Additionally, Fedora Asahi Remix includes a gaming emulation stack based on Steam, and has dedicated documentation for this feature. On other Fedora editions, you can run $ sudo dnf install @x86-emulation to make this feature available.

It's also worth noting that while we have specifically targeting x86 emulation on ARM hosts, the same approach could be used for other hosts and targets in the future.

15 Apr 2025 2:41pm GMT

Fedora 42 has been released! So let's see what arrives with the new releases for the Fedora Atomic Desktops variants (Silverblue, Kinoite, Sway Atomic and Budgie Atomic).

New COSMIC Atomic variant

The new COSMIC desktop has been packaged for Fedora and a new Atomic variant created for it thanks to Ryan Brue. It is not yet available on the website but should be soon. See fedora-websites#351.

See the Fedora change request.

Changes for all variants

composefs enabled by default

Following Fedora CoreOS in Fedora 41, Fedora Atomic Desktops are now using composefs by default. This is an important first step towards better integrity for the system content.

Note: As a side effect of this change, the systemd-remount-fs.service unit may fail to start on your system. Until we find a good way to fix this, a workaround is available in the atomic-desktops-sig#72 issue or in the common issue thread on the forum.

See the Fedora change request and the tracking issue atomic-desktops-sig#35.

Migration to a static GRUB config

As part of the move to composefs, we had to migrate systems to use a static GRUB config.

This also removes the duplicate entries in the boot menu for installations that pre-dates Fedora 41.

The transition will happen automatically during the first boot on Fedora 42. You can verify that it worked by looking at the status of the bootloader-update service:

$ sudo systemctl status bootloader-update.service

We are still missing documentation on how to change some GRUB settings now that the configuration is static. See the tracking issue atomic-desktops-sig#73.

Custom keyboard layout set on installation (for LUKS unlock)

This fix is important for setups where the root disk is encrypted with LUKS and the user is asked for a passphrase on boot. The keyboard layout is now set by Anaconda as a kernel argument during installation. If you want to later change the keyboard layout used for the LUKS password prompt, you will have to update the kernel argument.

Example to set the keyboard layout to the french keyboard:

$ sudo rpm-ostree kargs --append=vconsole.keymap=fr

Example to replace an existing layout by another:

$ sudo rpm-ostree kargs --replace=vconsole.keymap=de

See atomic-desktops-sig#6.

No longer building for PPC64LE

According to the countme statistics, we did not have users on PPC64LE so we decided to stop building the Fedora Atomic Desktops for that architecture.

If you relied on those images, you can migrate to Fedora Bootc images (which are available for PPC64LE) or use a conventional Fedora package based installation.

See the Fedora change request.

What's new in Silverblue

GNOME 48

Fedora Silverblue comes with the latest GNOME 48 release.

For more details about the changes that alongside GNOME 48, see What's new in Fedora Workstation 42 on the Fedora Magazine and Looking ahead at 2025 and Fedora Workstation and jobs on offer! from Christian F.K. Schaller.

What's new in Kinoite

KDE Plasma 6.3

Fedora Kinoite ships with Plasma 6.3, Frameworks 6.11 and Gear 24.12. See also
What's New in Fedora KDE 42? on the Fedora Magazine.

What's new in Sway Atomic

Nothing specific this release.

What's new in Budgie Atomic

The default software center for Budgie Atomic is now Plasma Discover. To rebase from Fedora 41 to 42, you will have to use the command line as rebasing via GNOME Software will move your system to Fedora Silverblue.

See: fedora-budgie/project/issue/5.

Changes in unofficial images

Until we complete the work needed in the Fedora infrastructure to build and push official container images for the Atomic Desktops (see releng#12142 and cloud-image-uploader#37), I am providing unofficial builds of those. They are built on GitLab.com CI runners, using the official Fedora packages and the same sources as the official images.

You can find the configuration and list on gitlab.com/fedora/ostree/ci-test and the container images at quay.io/organization/fedora-ostree-desktops.

Container images signed with cosign (sigstore)

The unofficial container images are now signed with cosign. You can configure your system to verify the signature of the images using the instructions from the project README.

Container images available for aarch64

We are now building all our variants for the aarch64 architecture as well.

Goodbye to Sericea and Onyx (now Sway Atomic & Budgie Atomic)

We have now removed all container images under these names. Use the new names:

• Sericea: sway-atomic
• Onyx: budgie-atomic

Unofficial, experimental Fedora Asahi Remix Atomic Desktops

We are now producing unofficial, experimental bootable container images targeting Apple Silicon, using the packages from the Fedora Asahi Remix project.

The images are in a working state, but the installation procedure is not ready for general use. We thus only recommend that you give this a try if you are ready to help with the development or are ready to re-install you system and lose data.

See: fedora-asahi-remix-atomic-desktops project on GitHub

Universal Blue, Bluefin, Bazzite and Aurora

Our friends in the Universal Blue project (Bazzite, Bluefin, Aurora) have prepared the update to Fedora 42. Look for upcoming announcements in their Discourse.

I heavily recommend checking them out, especially if you feel like some things are missing from the Fedora Atomic Desktops and you depend on them (NVIDIA proprietary drivers, extra media codec, out of tree kernel drivers, etc.).

What's next

Roadmap to Bootable Containers

The next major evolution for the Atomic Desktops will be to transition to Bootable Containers. See also the Fedora bootc documentation.

We have established a roadmap (atomic-desktops-sig#26) and we need your help to make this a smooth transition for all of our existing users.

Turning the sysext experiment into a good experience

Systemd system extensions (sysexts) are a new option when you need some applications available on your system and can not run them in containers or as Flatpaks for various reasons. They offer an alternative approach to package layering as they do not increase update time and can be enabled or disabled as needed.

Support for sysexts is still in development for the Atomic Desktops but they already provide advantages over package layering for some use cases. See the currently experimental project: github.com/travier/fedora-sysexts.

Unifying the Atomic Desktops documentation

We would like to unify the documentation for the Fedora Atomic Desktops into a single one instead of having per desktop environment docs which are mostly duplicate of one another and need to be constantly synced.

See the tracking issue atomic-desktops-sig#10 if you want to help us do that.

Where to reach us

We are looking for contributors to help us make the Fedora Atomic Desktops the best experience for Fedora users.

• Atomic Desktops SIG: Issue tracker (gitlab.com/fedora/ostree/sig), #atomic-desktops:fedoraproject.org
• Silverblue: Workstation Working Group, #silverblue:fedoraproject.org
• Kinoite: KDE SIG, #kinoite:fedoraproject.org
• Sway Atomic: Sway SIG, #sway:fedoraproject.org
• Budgie Atomic: Budgie SIG, #budgie:fedoraproject.org
• COSMIC Atomic: COSMIC SIG, #cosmic:fedoraproject.org

15 Apr 2025 2:32pm GMT

We are happy to announce the general availability of Fedora Asahi Remix 42. This release brings the newly released Fedora Linux 42 to Apple Silicon Macs, following our Beta release last month.

Fedora Asahi Remix is developed in close collaboration with the Fedora Asahi SIG and the Asahi Linux project. This release incorporates all the exciting improvements brought by Fedora Linux 42. Notably, the new FEX integration provides an easier way to run x86 and x86-64 binaries out of the box via emulation. It also continues to provide extensive device support, including the recently added microphone support for MacBook laptops.

Fedora Asahi Remix offers KDE Plasma 6.3 as our flagship desktop experience, with all of the new and exciting features brought by Fedora KDE Plasma Desktop 42. It also features a custom Calamares-based initial setup wizard. A GNOME variant is also available, featuring GNOME 48, with both desktop variants matching what Fedora Linux offers. Fedora Asahi Remix also provides a Fedora Server variant for server workloads and other types of headless deployments. Finally, we offer a Minimal image for users that wish to build their own experience from the ground up.

You can install Fedora Asahi Remix today by following our installation guide. Existing systems, running Fedora Asahi Remix 40 or 41, can be updated following the usual Fedora upgrade process. Upgrades via Fedora Workstation's Software application are unfortunately not supported and DNF's System Upgrade plugin has to be used.

Please report any Remix-specific issues in our tracker, or reach out in our Discourse forum or our Matrix room for user support.

15 Apr 2025 2:12pm GMT

Fedora Linux provides a wide variety of users with leading edge open source technology in a community developed and maintained operating system. Fedora KDE releases combine the reliable and trusted Fedora Linux base with the KDE Plasma desktop environment. It provides a selection of KDE applications - simple by default, yet powerful when needed.

New with this release cycle, the KDE Plasma Desktop is now a full-fledged Edition. It is maintained by the KDE Special Interest Group through the Personal Systems Working Group. As an Edition, it is now one of the flagship experiences for Fedora Linux. This recognizes the mutual successes and commitments of the Fedora and KDE communities.

The Fedora KDE Plasma Desktop Edition is well-suited for many needs, including those of creators, scientists, developers and gamers. Check out the brand new website to learn more!

KDE Plasma 6.3

KDE developers continue to release new features, fix bugs and fine-tune the desktop experience to improve on the now well-established foundation of Plasma 6. Fedora KDE 42 ships with Plasma 6.3.4 featuring:

• Robust drawing tablet configuration, including better screen area mapping, calibration, pressure curve and range setting, and button mapping
• Display improvements. This includes overhauled fractional scaling that produces sharper images even at high zoom levels. More accurate color management is provided - even with Night Light enabled
• Easier monitoring of your device, including accuracy and efficiency improvements to System Monitor, greater GPU and battery detail in Info Center, and direct access to individual print queues from the widget

Fedora KDE across devices

Power (ppc64le) systems

Fedora KDE now supports Power Systems (ppc64le architecture). Thanks to Dan Horák, we now have the full KDE stack - including PIM tools like KMail and Kontact - available on Power. Installable live images are also available for OpenPOWER-based systems, like the Talos Workstation from Raptor Systems.

Note that Fedora KDE for ppc64le is available on a best-effort basis, and is not "release-blocking". This means Fedora Linux releases will not be stopped by bugs impacting that architecture). Community assistance to support this new platform is welcome!

x86_64 emulation on ARM-based devices (AArch64)

Fedora KDE now has significantly expanded usability on ARM-based (AArch64) devices. This is the result of contributors Alyssa Rosenzweig, Davide Cavalca, and Neal Gompa integrating support for x86 emulation powered by FEX. This allows x86_64 applications to work on ARM using a Fedora FEX rootfs image, and is particularly optimized for running Windows or Steam applications.

Read more about this new feature here: New in Fedora: Running x86 programs on ARM systems

Fedora Linux 42 general updates

Some of the key updates occurring in the core components of Fedora Linux 42, which directly impact the KDE Plasma Desktop Edition, include:

• Fedora default wallpapers are now delivered in the JXL format instead of PNG, reducing file sizes while maintaining quality
• More laptop cameras used in recent models will work out-of-the-box, following up on work done in Fedora Linux 41
• System boot times should be faster, as the plymouth system component will no longer load the full graphics driver before showing the system splash screen
• With the Anaconda installer running as a native Wayland application, language selections now sync between the live environment and installed system
• Executable file placement is simpler, as anything previously in /usr/sbin is now merged into /usr/bin

Wrap-up

The Fedora Project and the KDE Community hope that you'll find the Fedora KDE Plasma Desktop 42 to be a trustworthy, powerful and easy-to-use desktop operating system. When you're ready to check it out, click here for download links and verification instructions.

If you use and enjoy Fedora KDE, consider contributing in the Fedora Project, the KDE Community, the Fedora KDE Special Interest Group, or all of the above!

15 Apr 2025 2:08pm GMT

Fedora Linux 42 is the answer to life, the universe and everything! It's also the latest release of one of the leading providers of free, open source software, The Fedora Project. We've selected a few notable changes in the newest version of Fedora Workstation 42 that we think you will love. Upgrade today from the official website, or upgrade your existing install using GNOME Software or through the terminal with dnf system-upgrade.

GNOME 48

In Fedora Workstation 42, you can enjoy the latest features the GNOME software release has to offer, plus benefit from an array of system enhancements! These are only a few of the many great features in GNOME 48, so do check out their release notes to read about all of the goodness in this release.

Well-Being Feature

A great new addition in this latest release is GNOME's well being feature. This includes a screen time tracking function, break reminders, and the ability to set your movement break schedule times. Thank you to the good folks at Endless for supporting the GNOME foundation with a grant that has helped them work on this new feature.

Wayland Accessibility Improvements

Orca screen reader capabilities are now available on Wayland. The Orca shortcuts now function correctly. This is another great step towards having assistive technologies as part of the default for the GNOME display manager.

Triple Buffering for Enhanced Performance

GNOME 48 introduces a dynamic triple buffering feature in this latest release, and Fedora Workstation users can enjoy this too! This change is the culmination of over five years of reviews and testing, giving users more fluid animations and fewer skipped screens. Well done everyone! This was a testament to patience and commitment to a great user experience.

Notifications Stacking

In Fedora Workstation 42, there is a neat new feature that allows notifications to be stacked in a list. Notifications from the same app are grouped together. These improvements will stop your notification list from growing too large and gives a much better user experience overall.

Additional Fedora Linux 42 Features to Enjoy!

IBus Speech-to-Text

In Fedora Linux 42, ibus-speech-to-text provides a new input method that enables voice dictation in any application supporting IBus. It offers offline voice recognition, preserving user privacy, supports multiple languages through downloadable models, and integrates seamlessly with existing IBus infrastructure.

Fedora WSL

Recent versions of Windows support running Linux guests via Windows Subsystem for Linux (WSL). These can be distributed via tarballs, Appx packages, or via the Windows Store. Starting with this Fedora Linux 42 release, we now produce Fedora Linux images for WSL users. A dedicated image with documentation allows people to easily try out a Fedora Linux environment on their Windows installations, so when it comes time to install a Linux distribution on their computer, they can be more confident when choosing Fedora Linux.

DNF5

There has also been some work done with DNF5 which now includes new logic that will remove expired and obsolete repository keys from the system. This means users can enjoy the automatic management of repository keys during software installation or upgrades.

Anaconda Web UI Installer

By no means lastly, we have a brand new installer option for Fedora Workstation 42 - Anaconda's Web UI installer. With this new feature, the biggest benefit to Fedora Linux users is the new guided partitioning function. This provides more powerful automatic partitioning, where the user will select a goal and have additional customization possible. This change also comes with a new "Reinstall Fedora" which allows users to easily reinstall their system if something goes wrong. Another new feature is improved support for dual-boot configurations. This new web-based UI is the default for the OS installer only on the Fedora Workstation edition right now.

While this is the end of this short snapshot of some of the newness in Fedora Linux 42, don't panic! You can check out our Fedora Linux 42 Change Set page for even more details about all the features and changes that went into Fedora Linux 42. We hope you enjoy this latest release of Fedora Linux. So long, and thanks for all the fish!

15 Apr 2025 2:01pm GMT

Seventy-five thousand generations ago, our ancestors set a vast computer in motion, asking it to produce the ultimate Linux distribution…

No, wait. It wasn't quite that long ago. That was a different thing. But in both, the answer to life, the universe, and everything turns out to be: forty-two. In our case, Fedora Linux 42, which is now officially released.

Every Fedora Linux release is a gigantic community effort - it does almost seem infinitely improbable that all of this software made by a whole planet of open source developers could come together so nicely. Yet, here we are again! Thank you so much to everyone who works so hard on Fedora and in all of our upstream projects.

Upgrade in place

If you have an existing system, Upgrading Fedora Linux to a New Release is easy. In most cases, it's not very different from just rebooting for regular updates, except you'll have a little more time to get a hot beverage from the machine. Perhaps something almost, but not quite, entirely unlike tea.

Or, start fresh

If this is your first time in space running Fedora Linux, or if you just want to start fresh on an uninhabited system, download the install media for our flagship Editions (Workstation, KDE Plasma Desktop, Cloud, Server, CoreOS, IoT), for one of our Atomic Desktops (including Silverblue and Kinoite), or for alternate desktop options (like Cinnamon, Xfce, or the new and appropriately-thematic Cosmic Desktop spin).

What's new?

We've promoted our KDE Plasma Desktop offering to "Edition" status. The Fedora KDE team has been hard at work making sure bugs get fixed and everything is polished just so. We're confident that this can stand along our other amazing flagship offerings.

I know the naming is a bit confusing, with GNOME-powered "Workstation" using a generic label while KDE Plasma Desktop has the tech right in the name. We'll get that figured out eventually. If you don't know where to start, don't panic. Pick one and see how it goes. They're both excellent desktop environments with great upstream communities, and the same Fedora system underneath it all.

We also have a new alternative desktop choice: COSMIC. This is a modern, written-all-in-Rust desktop environment from our friends over at System76.

Perhaps most excitingly, we have a new installation interface! The previous UI was designed to manage a lot of before-you-even-start configuration choices. Over the past decade, though, we've gone to "get the full system installed with no fuss, then set up what you need from a complete environment". That made the "hub and spoke" model more confusing than helpful. The new UI is streamlined and sleek, just like the Heart of Gold.

Of course, there are other big changes, as well as the usual updates to thousands of packages. See the Fedora Linux 42 Release Notes for all of the details, and don't miss the "What's New?" posts here on Fedora Magazine.

Last minute warning!

No, it's not the Vogons, but it is ugly. We discovered a problem with the Live boot media at the last minute, and since the release was already out of the airlock, we can't do much about it. It doesn't damage anything, but is annoying: just booting the Live media adds an unexpected entry to the UEFI boot loader even when Fedora Linux 42 is not installed to the local system.

This is primarily a concern when you are dual-booting with a different operating system, or if you're just running the Live image and not intending to actually install.

The problem is mostly harmless cosmetic, but still, we should have caught it sooner. Apparently this was posted in our local planning office, but we didn't go down to the basement past the "Beware of the Leopard" sign to find it.

You can read more about this in the Common Bugs entry for this issue, including how to remove the unwanted entry (and how to avoid the problem altogether).

What else could go wrong?

We hope nothing will, but if you run into a problem, visit our Ask Fedora user support forum. This includes a category where we collect common issues and solutions or work-arounds.

A last note

As you may already know, this is my last release as Fedora Project Leader. We're welcoming Jef Spaleta into the role, with a handover at Flock to Fedora in June. It's tempting to sign off with "so long, and thanks for all the fish" - but I'm not planning on going far. I'll be around Fedora stuff until the (restaurant at the) end of the universe.

A good hitchhiker always knows where their towel is. If you've lost track of yours, don't worry. We've got you covered. In collaboration with the Fedora Design Team, our friends at Hello Tux are offering what I think you'll agree is the most hoopy distro swag ever made. We'll be handing them out at Flock in Prague. I hope to see you there, but if you can't make it, you can order one at a discount with the code FEDORA5.

Comments, congratulations, and so forth

Let's talk over at Fedora Discussion. See you there!

15 Apr 2025 2:00pm GMT

15 Apr 2025 12:00pm GMT