#313 Finished editing quick-docs
Closed a year ago by pboy. Opened 3 years ago by adcaelum.
fedora-docs/ adcaelum/quick-docs adcaelum/fix-upgrade-page  into  main

file modified
+4 -4
@@ -75,16 +75,16 @@ 

  

  * xref:autoupdates.adoc[AutoUpdates]

  * xref:debug-dracut-problems.adoc[How to debug Dracut problems]

- //FIXME * xref:debug-systemd-problems.adoc[How to debug systemd problems]

+ * xref:debug-systemd-problems.adoc[How to debug systemd problems]

  //FIXME * xref:debug-wayland-problems.adoc[How to debug Wayland problems] - note: maintained on wiki, does not fit quick-docs IMHO

  //FIXME * xref:fedora-life-cycle.adoc[Fedora Release Life Cycle] - note: maintained on wiki, does not fit quick-docs IMHO

- //FIXME * xref:enable-touchpad-click.adoc[How to enable touchpad click]

- //FIXME * xref:mirroring.adoc[Mirroring]

+ * xref:enable-touchpad-click.adoc[How to enable touchpad click]

+ * xref:mirroring.adoc[Mirroring]

  * xref:openh264.adoc[OpenH264]

  * xref:package-management.adoc[Package management system]

  * xref:packagekit-not-found.adoc[PackageKit Items Not Found]

  * xref:postgresql.adoc[PostgreSQL]

- //FIXME * xref:uefi-with-qemu.adoc[Using UEFI with QEMU]

+ * xref:uefi-with-qemu.adoc[Using UEFI with QEMU]

  * xref:upgrading-fedora-online.adoc[Upgrading Fedora using package manager]

  

  * xref:creating-rpm-packages.adoc[Creating RPM packages]

@@ -1,40 +1,8 @@ 

  = How to debug systemd problems

  

- '''

- 

- [IMPORTANT]

- ======

- 

- This page was automatically converted from https://fedoraproject.org/wiki/How_to_debug_systemd_problems

- 

- It is probably

- 

- * Badly formatted

- * Missing graphics and tables that do not convert well from mediawiki

- * Out-of-date

- * In need of other love

- 

- Pull requests accepted at https://pagure.io/fedora-docs/quick-docs

- 

- Once you've fixed this page, remove this notice, and update

- [filename]`modules/ROOT/nav.adoc`.

- 

- Once the document is live, go to the original wiki page and replace its text

- with the following macro:

- 

- ....

- {{#fedoradocs: https://docs.fedoraproject.org/whatever-the-of-this-new-page}}

- ....

- 

- ======

- 

- '''

- 

- include::{partialsdir}/unreviewed-message.adoc[]

- 

  *Foreword*

  

- If you are experiencing a problem with system boot up due to systemd,

+ If you are experiencing a problem with system boot-up due to link:https://docs.fedoraproject.org/en-US/quick-docs/understanding-and-administering-systemd/index.html[systemd],

This should be an xref. Replace the link: with xref:understanding-and-administering-systemd.adoc[systemd]

  please see the link:Bugs/Common[common bugs] document before filing a

  bug. Some easy configuration tweaks that fix a wide range of issues may

  be listed there. If the problem you are seeing is not listed there or
@@ -42,104 +10,116 @@ 

  help us make Fedora run better on your hardware.

  

  [[debugging-systemd-problems]]

- Debugging systemd problems

- --------------------------

+ == Debugging systemd problems

+ NOTE: *Follow the upstream wiki guide* +

+ To debug systemd problems, please follow the link:http://freedesktop.org/wiki/Software/systemd/Debugging[helpful upstream wiki page] on the topic.

  

  [[various-useful-systemd-related-commands]]

- Various useful systemd related commands

- ---------------------------------------

+ == Various useful systemd related commands

  

- * Run `systemctl list-jobs`

+ *`systemctl list-jobs`*

This markup is inconsistent with other command examples in our docs. Use a command block instead:

[source,bash]
----
systemctl list-jobs
----

This applies for all stand-alone command examples in the article (like the ones right below).

  

- To identify slow boot and look for the jobs that are "running" those

- jobs are the ones where boot waits for completion on and the ones that

- listed as "waiting" will be executed only after those which are

- "running" are completed.

+ Lists all jobs that are "running" or "waiting". This command can be used to identify causes of a slow boot. The boot process waits for "running" jobs to complete. Jobs listed as "waiting" will only be executed after "running" jobs have completed.

  

- * Run `systemctl list-units -t service --all`

+ *`systemctl list-units -t service --all`*

  

- To list all available services and their current status

+ Lists all available services and their current status.

  

- * Run `systemctl list-units -t service`

+ *`systemctl list-units -t service`*

  

- To show all active services

+ Shows all active services.

  

- * Run `systemctl status sshd.service`

+ *`systemctl status application.service`*

  

- To examine the current runtime status of a service. (In the above

- example the ssh service)

+ Examines the current runtime status of a service.

  

- * Run `systemctl list-units -t target --all`

+ *`systemctl list-units -t target --all`*

  

- To show all available targets.

+ Shows all available targets.

  

- * Run `systemctl list-units -t target`

+ *`systemctl list-units -t target`*

  

- To show all active targets.

+ Shows all active targets.

  

- * Run `systemctl show -p "Wants" multi-user.target`

+ *`systemctl show -p "Wants" multi-user.target`*

  

- To see which services a target pulls in. ( In the above example the

- multi-user.target )

+ Displays which services a target pulls in. The above example displays the

+ multi-user.target.

  

- * Run

-   `/usr/lib/systemd/systemd --test --system --unit=multi-user.target`

+ *`/usr/lib/systemd/systemd --test --system --unit=multi-user.target`*

  

- To examine what gets started when when booted into a specific target. (

- In the above example the multi-user.target )

+ Examines what gets started when booted into a specific target. The above example examines the multi-user.target.

  

  [[systemd-boot-parameters]]

- systemd boot parameters

- -----------------------

+ == Systemd boot parameters

  

  The following boot parameters are also available to further assist with

  debugging boot issues.

  

- systemd.unit= : Overrides the unit to activate on boot. This may be used

+ *`systemd.unit=`*

+ 

+ Overrides the unit to activate on boot. This may be used

  to temporarily boot into a different boot unit, for example

- rescue.target or emergency.target. ( Defaults to default.target. )::

+ `rescue.target` or `emergency.target`. Defaults to `default.target`.

+ 

+ *`systemd.dump_core=`*

  

- systemd.dump_core= : Takes a boolean argument. If true systemd dumps

- core when it crashes. Otherwise no core dump is created. ( Defaults to

- true )::

+ Takes a boolean argument. If true, systemd dumps the

+ core when it crashes. Otherwise no core dump is created. Defaults to

+ true.

  

- systemd.crash_shell= : Takes a boolean argument. If true systemd spawns

+ *`systemd.crash_shell=`*

+ 

+ Takes a boolean argument. If true, systemd spawns

  a shell when it crashes. Otherwise no core dump is created. Defaults to

  false, for security reasons, as the shell is not protected by any

- password authentication.::

+ password authentication.

+ 

+ *`systemd.crash_chvt=`*

+ 

+ Takes an integer argument. If positive, systemd

+ activates the specified virtual terminal when it crashes. Defaults to

+ -1.

  

- systemd.crash_chvt= :Takes an integer argument. If positive systemd

- activates the specified virtual terminal when it crashes. ( Defaults to

- -1 )::

+ *`systemd.confirm_spawn=`*

  

- systemd.confirm_spawn= : Takes a boolean argument. If true asks for

- confirmation when spawning processes. ( Defaults to false )::

+ Takes a boolean argument. If true, asks for

+ confirmation when spawning processes. Defaults to false.

  

- systemd.show_status= : Takes a boolean argument. If true shows terse

- service status updates on the console during bootup. ( Defaults to true

- )::

+ *`systemd.show_status=`*

  

- systemd.sysv_console= : Takes a boolean argument. If true output of SysV

- init scripts will be directed to the console. ( Defaults to true, unless

+ Takes a boolean argument. If true, shows terse

+ service status updates on the console during bootup. Defaults to true.

+ 

+ *`systemd.sysv_console=`*

+ 

+ Takes a boolean argument. If true, output of SysV

+ init scripts will be directed to the console. Defaults to true, unless

  quiet is passed as kernel command line option in which case it defaults

- to false. )::

+ to false.

+ 

+ *`systemd.log_target=`*

  

- systemd.log_target= : Set log target. Argument must be one of console,

- syslog, kmsg, syslog-or-kmsg, null.::

+ Sets the log target. Argument must be console, syslog, kmsg,  yslog-or-kmsg, or null.

  

- systemd.log_level= : Set log level. As argument this accepts a numerical

+ *`systemd.log_level=`*

+ 

+ Sets the log level. This command accepts a numerical

  log level or the well-known syslog symbolic names (lowercase): emerg,

- alert, crit, err, warning, notice, info, debug.::

+ alert, crit, err, warning, notice, info, debug as an argument.

+ 

+ *`systemd.log_color=`*

+ 

+ Highlights important log messages. Argument is a

+ boolean value. If the argument is omitted, it defaults to true.

  

- systemd.log_color= : Highlight important log messages. Argument is a

- boolean value. If the argument is omitted it defaults to true.::

+ *`systemd.log_location=`*

  

- systemd.log_location= : Include code location in log messages. This is

+ Includes code location in log messages. This is

  mostly relevant for debugging purposes. Argument is a boolean value. If

- the argument is omitted it defaults to true.::

+ the argument is omitted it defaults to true.

  

- Category:Debugging[D] Category:How_to[Category:How to]

  '''

  

  See a typo, something missing or out of date, or anything else which can be

- improved? Edit this document at https://pagure.io/fedora-docs/quick-docs.

+ improved? Edit this document at https://pagure.io/fedora-docs/quick-docs. 

\ No newline at end of file

@@ -1,38 +1,5 @@ 

  = How to enable touchpad click

  

- '''

- 

- [IMPORTANT]

- ======

- 

- This page was automatically converted from https://fedoraproject.org/wiki/How_to_enable_touchpad_click

- 

- It is probably

- 

- * Badly formatted

- * Missing graphics and tables that do not convert well from mediawiki

- * Out-of-date

- * In need of other love

- 

- 

- Pull requests accepted at https://pagure.io/fedora-docs/quick-docs

- 

- Once you've fixed this page, remove this notice, and update

- [filename]`modules/ROOT/nav.adoc`.

- 

- Once the document is live, go to the original wiki page and replace its text

- with the following macro:

- 

- ....

- {{#fedoradocs: https://docs.fedoraproject.org/whatever-the-of-this-new-page}}

- ....

- 

- ======

- 

- '''

- 

- include::{partialsdir}/unreviewed-message.adoc[]

- 

  [[scope]]

  == Scope

  
@@ -53,8 +20,8 @@ 

  

  This wiki page has more information about

  link:Input_device_configuration[Input Device configuration]. An example

- xorg.conf.d snippet to enable tapping is given

- Input_device_configuration#Example:_Tap-to-click[here].

+ `xorg.conf.d` snippet to enable tapping is given

+ link:https://fedoraproject.org/wiki/Input_device_configuration#Example:_Tap-to-click[here].

  

  [[gnome]]

  === GNOME
@@ -62,23 +29,20 @@ 

  The "*mouse and touchpad*" utility can be used to enable tapping and set

  scrolling options in GNOME.

  

- http://library.gnome.org/users/gnome-help/stable/mouse-touchpad-click.html.en[Official

- GNOME documentation]

+ link:http://library.gnome.org/users/gnome-help/stable/mouse-touchpad-click.html.en[Official GNOME documentation]

  

  [[kde-plasma-workspaces]]

  === KDE Plasma Workspaces

  

- 1.  enter KDE System Settings

- 2.  choose Hardware / Input Devices / Touchpad (If it's not there,

-     install kcm_touchpad first, then restart System Settings. It's installed

-     by default.)

- 3.  select the Tapping tab

- 4.  check the "Enable tapping" checkbox

- 5.  set some tapping actions under "Buttons" below, the default is to do

+ 1.  Enter KDE System Settings

+ 2.  Choose Hardware > Input Devices > Touchpad (If the "Touchpad" setting is not there, install kcm_touchpad first, then restart System Settings. It is installed by default.)

+ 3.  Select the Tapping tab

+ 4.  Check the "Enable tapping" checkbox

+ 5.  Set some tapping actions under "Buttons" below, the default is to do

      nothing

  

  Alternatively, the systemwide method described under

- link:#Other_window_managers[Other window managers] can also be used.

+ link:https://fedoraproject.org/wiki/How_to_enable_touchpad_click#Other_window_managers[Other window managers] can also be used.

  

  [[xfce]]

  === XFCE
@@ -92,7 +56,7 @@ 

  === Other window managers

  

  Create a new file named

- /etc/X11/xorg.conf.d/99-synaptics-overrides.conf.

+ `/etc/X11/xorg.conf.d/99-synaptics-overrides.conf`.

  

  Then, in your favourite text editor, modify this file as such:

  
@@ -116,7 +80,7 @@ 

  EndSection

  ....

  

- For more information on tweaking xorg.conf.d files, please read the man

+ For more information on tweaking `xorg.conf.d` files, please read the man

  page:

  

  ....

@@ -1,38 +1,244 @@ 

- = Mirroring

+ = Infrastructure/Mirroring

Please add a :toc: below the heading to include a table of contents for easier navigation

  

- '''

+ Fedora is fortunate to have over 200 volunteers link:https://admin.fedoraproject.org/mirrormanager/mirrors[1] globally, which helps distribute the Fedora software to end users. We greatly appreciate our mirror sites and their system administrators.

+ 

+ == Fedora Export Compliance/Customs Information

+ By downloading Fedora software, you acknowledge that you understand all of the following: Fedora software and technical information may be subject to the U.S. Export Administration Regulations (the “EAR”) and other U.S. and foreign laws and may not be exported, re-exported or transferred (a) to a prohibited destination country under the EAR or U.S. sanctions regulations (currently Cuba, Iran, North Korea, Sudan, Syria, and the Crimea Region of Ukraine, subject to change as posted by the United States government); (b) to any prohibited destination or to any end user who has been prohibited from participating in U.S. export transactions by any federal agency of the U.S. government; or (c) for use in connection with the design, development or production of nuclear, chemical or biological weapons, or rocket systems, space launch vehicles, or sounding rockets, or unmanned air vehicle systems. You may not download Fedora software or technical information if you are located in one of these countries or otherwise subject to these restrictions. You may not provide Fedora software or technical information to individuals or entities located in one of these countries or otherwise subject to these restrictions. You are also responsible for compliance with foreign law requirements applicable to the import, export and use of Fedora software and technical information.

+ 

+ Fedora software in source code and binary code form are publicly available and are not subject to the EAR in accordance with §742.15(b).

+ 

+ == Communicating

+ * Mailing lists: link:https://lists.fedoraproject.org/admin/lists/mirror-admin.lists.fedoraproject.org/[mirror-admins] ** NOTE 2017-03-21 New list location **

+ * IRC: link:https://webchat.freenode.net/?channels=#fedora-admin[#fedora-admin] link:https://fedoraproject.org/wiki/Communicating_and_getting_help?rd=IRC[(more info)] on Freenode

+ * Administrative changes: send email to `mirror-admin@lists.fedoraproject.org`

+ 

+ == Before you decide to become a mirror

+ === What are the size estimates?

+ Please read the link:https://dl.fedoraproject.org/pub/DIRECTORY_SIZES.txt[DIRECTORY_SIZES.txt] text file carefully. If you can allocate the required amount of space for mirroring Fedora, read on.

  

- [IMPORTANT]

- ======

+ === How can someone become a public mirror?

+ Becoming an official public mirror is easy, and getting easier. All we request is that your site have sufficient bandwidth and disk space to handle the load.

  

- This page was automatically converted from https://fedoraproject.org/wiki/Infrastructure/Mirroring

+ ==== Storage Space

+ Each Fedora release can consume upwards of 250GB of disk space. As of the Fedora 26 release, the total space consumed on the master server, thus what a mirror could consume, is 1.5TB and growing. Older releases are periodically archived, so a 3-4TB volume would be most appropriate for a long-term mirror. This content is hardlinked; if you can't hardlink (e.g. you're on AFS), you'll need much more disk space. Actual space consumed is noted in link:https://dl.fedoraproject.org/pub/DIRECTORY_SIZES.txt[DIRECTORY_SIZES.txt].

  

- It is probably

+ ==== Bandwidth

+ Downloaders can consume as much bandwidth as you've got. Mirror sites have at least a 100Mbit/sec connection to the Internet, many have Gigabit/sec, 10 Gigabit/sec, or larger pipes. 100Mbit/sec is the minimum required for new mirrors in countries with adequate mirror coverage already. We can make exceptions for new mirrors in countries that have few mirrors. Connections to Internet2, National Lambda Rail, GEANET2, RedIRIS, or other such high speed research and educational networks are always appreciated.

  

- * Badly formatted

- * Missing graphics and tables that do not convert well from mediawiki

- * Out-of-date

- * In need of other love

+ ==== How can someone make a private mirror?

+ Private mirrors are mirrors that reside entirely within an organization (company, school, etc.) and can only be accessed by members of that organization. They exist to speed up distributing Fedora within an organization, where local bandwidth costs are far less than going across the Internet.

  

+ Private mirrors behave similarly to public mirrors, with a few exceptions:

  

- Pull requests accepted at https://pagure.io/fedora-docs/quick-docs

+ * Private mirrors are never listed in the MirrorManager publiclist pages.

+ * Private mirrors cannot pull from the master Fedora download servers. They must pull from another listed public mirror.

+ * Private mirrors must include IP netblocks in their MirrorManager configuration. This allows your network-local users to be automatically redirected to your mirror. You may list IP netblocks (e.g. 18.0.0.0/8), or if your network is NAT'd, the hostname of your NAT gateway.

+ * Private mirrors are not crawled by the MirrorManager web crawler. Therefore:

+ ** Private mirrors must run `report_mirror` to inform the MirrorManager database of their content. If you don't run report_mirror, your clients will not be automatically redirected.

  

- Once you've fixed this page, remove this notice, and update

- [filename]`modules/ROOT/nav.adoc`.

+ == MirrorManager: the Fedora Mirror Management System

+ The link:https://github.com/fedora-infra/mirrormanager2/[MirrorManager2] software keeps track of all the mirrors without requiring a lot of manual text file editing. Fedora's instance of this application is at https://admin.fedoraproject.org/mirrormanager

  

- Once the document is live, go to the original wiki page and replace its text

- with the following macro:

+ === Mirror Status

+ MirrorManager keeps track of all the mirrors with regular scans of the content of all mirrors. The content of the mirrors is scanned by the crawler which either scans/crawls the mirrors using HTTP or RSYNC. We strongly recommend providing a RSYNC URL (at least for our crawler) as crawling via RSYNC is much faster as it only requires a single network connection for each mirrored category. If only HTTP access for Fedora's mirror crawler is possible it is important to enable link:https://fedoraproject.org/wiki/Infrastructure/Mirroring#Keepalives[HTTP Keepalives] to reduce the number of required network connections.

+ 

+ The crawler does not scan private mirrors and private mirrors have to run `report_mirror` to tell MirrorManager that they are up to date.

+ 

+ === Signing Up

+ ==== Fedora Account System

+ * You must have an account in the link:https://admin.fedoraproject.org/accounts/[Fedora Account System] (more info also at link:https://fedoraproject.org/wiki/Account_System?rd=AccountSystem[Account System]). You are not required to sign the Contributors License Agreement to merely mirror Fedora content, but you must do so if you wish to contribute to other aspects of Fedora.

+ * If a public mirror, you must send an email to `mirror-admin@lists.fedoraproject.org` introducing yourself, stating you would like to become a mirror, your IP address, your location (country), and your outbound bandwidth available for the mirror. Private mirrors are encouraged to send a similar note.

+ * You must subscribe to link:https://lists.fedoraproject.org/admin/lists/mirror-admin.lists.fedoraproject.org/[mirror-admin] to be notified of new releases.

+ 

+ ==== Registering in MirrorManager

+ * Log into MirrorManager using your FAS account.

+ * Create a new Site (a site is a group of Hosts belonging to the same organization) by clicking on your user profile.

+ * Create a new Host, and sign up that host for the Categories of content you'll carry (under the formally optional section *Categories Carried*), any other site administrators you want, your site's IP addresses used for our Access Control List, list of countries that are allowed to access your mirror, and the other details listed there if applicable to you.

+ ** You may list your site's IP address ranges (Netblocks). Clients coming from an IP address within your netblock will be automatically redirected to your mirror for any content you carry.

+ ** You may list your site's BGP Autonomous System Number (ASN). Clients on your ASN will be automatically redirected to your mirror for any content you carry. One way to lookup up your ASN is to query it from the routeviews.org DNS servers. It is like a PTR record lookup, but at a specific server. For example, to look up 143.166.1.1, type:

  

  ....

- {{#fedoradocs: https://docs.fedoraproject.org/whatever-the-of-this-new-page}}

+ $ dig txt 1.1.166.143.asn.routeviews.org @archive.routeviews.org

+  ;; ANSWER SECTION:

+ 

+ 1.1.166.143.asn.routeviews.org.	86400 IN TXT	"3614" "143.166.0.0" "16"

  ....

  

- ======

+ Here, the answer is in the TXT record, the first value, 3614.

+ ** For a mirror to get listed in the MirrorManager for the category of content you have selected to carry, you must add at least one URL via which the category of content on your mirror can be accessed (under *Categories Carried*). The URLs you add can be of type HTTP, HTTPS, and rsync. Fedora's MirrorManager instance does not support FTP URLs and therefore it is not possible to add a FTP URL anymore.

  

- '''

  

- include::{partialsdir}/unreviewed-message.adoc[]

+ === Mirroring

+ * Please use the link:https://pagure.io/quick-fedora-mirror[quick-fedora-mirror] zsh script if at all possible. This script uses rsync and some informational files on the mirrors to allow you to only sync those files you need and saves lots of time and file seeking. *Note*: make sure that the mirror you intend to use provides the fedora-buffet rsync module, as otherwise the script will not work.

+ * Please pull from one of the link:https://fedoraproject.org/wiki/Infrastructure/Mirroring/Tiering#Tier_1_Mirrors[Tier 1 mirrors]. Instead of using one of the Tier 1 servers, you may wish to pull from another fast mirror that's closer to you. Contact the respective mirror admins to be added to their ACL.

+ * You may exclude any content you desire, such as architectures or releases, using an EXCLUDES file or `--exclude` parameter.

+ 

+ ==== Tools to avoid

+ Please don't use tools like 'lftp mirror' to mirror content from the master mirrors. It's places a heavy load on our master mirrors and is slow for both you and us. Please use link:https://pagure.io/quick-fedora-mirror[quick-fedora-mirror] instead.

+ 

+ ==== Mirror Frequency

+ * If you are using quick-fedora-mirror you can sync as often as every 10 minutes in a loop. If there is no new content the script should return almost immediately. Make sure to use locking so you are only running one instance at a time.

+ * If you are not using quick-fedora-mirror you should sync a few times a day and consider switching.

+ 

+ ==== Running report_mirror (private mirrors only)

+ *Note*: quick-fedora-mirror can also check in for you and has no need of the `report_mirror` package/conf. To enable it, set the correct values for `CHECKIN_SITE` and `CHECKIN_PASSWORD` variables. In most cases, setting `CHECKIN_HOST` is not necessary. The following applies only if you are not using quick-fedora-mirror, and, as said above, you should consider switching.

+ 

+ MirrorManager includes a tool, `report_mirror` which uploads to the mirror database for private mirrors that you completed a run and what content you've got. This is required for private mirrors. Private mirrors have to run `report_mirror` after every rsync job completes.

+ 

+ ....

+ dnf install mirrormanager2-client

+ ....

+ 

+ or yum (in RHEL and CentOS):

+ 

+ ....

+ yum install mirrormanager2-client

+ ....

+ 

+ or get the files directly from the link:https://github.com/fedora-infra/mirrormanager2[official Git repository]:

+ 

+ ....

+ git clone https://github.com/fedora-infra/mirrormanager2.git

+ ....

+ 

+ You need both report_mirror and report_mirror.conf, and must edit report_mirror.conf to include the content you're carrying and the path to that content on your disk. Only private mirrors can use report_mirror.

+ 

+ ==== Available content

+ The available content modules by rsync, and their point in the directory tree are:

+ 

+ ===== Suggested rsync modules

+ |=====================================================================

+ | *rsync module* | *Description* | *path on master server* | *Comments* 

+ | fedora-buffet | Fedora -- the whole buffet (all you can eat) | /pub | Please use this if you can. It provides all the current Fedora content, including pre-bitflip content. This is open to specific mirrors by request. Mirrors participating in our tiering should use this. Mirrors syncing both fedora-enchilada and fedora-archive should use this, as we can now hardlink both of those trees under fedora-buffet.

+ | fedora-enchilada | Fedora -- the whole enchilada | /pub/fedora | Please use this if you can. It provides all current Fedora content, including pre-bitflip content. This is open to specific mirrors by request. Mirrors participating in our tiering should use this.

+ | fedora-epel | Extra packages for Enterprise Linux | /pub/epel | Please use this to mirror EPEL

+ | fedora-archive | Historical Fedora releases | /pub/archive | Fedora Core 1-6 and Extras 3-6, and obsolete releases 7 and higher

+ | fedora-secondary | Fedora Secondary Arches | /pub/fedora-secondary |

+ | fedora-alt | Fedora Other | /pub/alt | 

+ |=====================================================================

+ 

+ These other modules exist for legacy purposes, and should be avoided by current mirrors.

+ 

+ |=====================================================================

+ | *rsync module* | *Description* | *path on master server* 

+ | fedora-linux releases | Fedora Linux Releases | /pub/fedora/linux/releases

+ | fedora-linux-development | Fedora Linux Development (Rawhide) | /pub/fedora/linux/development

+ | fedora-linux-updates | Fedora Linux Updates | /pub/fedora/linux/updates

+ |=====================================================================

+ 

+ ===== Rsync Configuration (sample)

+ Larger mirrors, like kernel.org, have slightly custom front-ends to rsync (mainly so that they can have a single rsync instance and have multiple ip based vhost configuration files) That said what follows is a sample rsync configuration file for public syncing (this is not intended for private pre-bitflip mirroring)

+ 

+ ....

+ [fedora]

+         comment         = Fedora - RedHat community project

+         path            = <path to your fedora directory>

+         exclude         = lost+found/

+         read only       = true

+         max connections = 100

+         lock file       = /var/run/rsyncd-mirrors.lock

+         uid             = <user id (numeric, or textual) of an anonymous style user who should have read access>

+         gid             = <group id (numeric, or textual) of an anonymous style user who should have read access>

+         transfer logging = yes

+         timeout         = 900

+         ignore nonreadable = yes

+         dont compress   = *.gz *.tgz *.zip *.z *.Z *.rpm *.deb *.bz2

+         refuse options = checksum

+ ....

+ 

+ Things to explicitly note:

+ 

+ * The path above should be a full path to your fedora directory

+ * You should **really** want to leave this read-only

+ * Make sure your uid/gid are set to public users, not to the user that you run as your sync agent. If you set this to the user who does your syncs you will be inadvertently giving the public full pre-bitflip access.

+ * Make sure you have the 'refuse options' set to checksum, your server will be **much** happier with this set, as it will prevent public users from performing a checksum run against you. This can be incredibly I/O abusive, so should not be available to the general public.

+ 

+ ==== HTTP Configuration

+ ===== Keepalives

+ HTTP Keepalives should be enabled on your mirror server to speed up client downloads. By default, Fedora's Apache httpd package has keepalives disabled. They should be enabled, with a timeout of at least 2 seconds (the default of 15 seconds might be too high for a heavily loaded mirror server, but 2 seconds is sufficient and appropriate for yum).

+ 

+ ....

+ KeepAlive On

+ KeepAliveTimeout 2

+ MaxKeepAliveRequests 100

+ Other http servers such as lighttpd have keepalives enabled by default.

+ ....

+ 

+ ===== Caching of metadata

+ We don't want caching proxy servers between our mirrors and our end user systems to cache our yum repository metadata. So, add explicit metadata handling. (Suggested by the OpenSUSE download redirector.)

+ ....

+    <LocationMatch "\.(xml|xml\.gz|xml\.asc|sqlite)$">

+        Header set Cache-Control "must-revalidate"

+        ExpiresActive On

+        ExpiresDefault "now"

+    </LocationMatch>

+ ....

+ 

+ ===== Content Types

+ ISO and RPM files should be served using MIME Content-Type: application/octet-stream. In Apache, this can be done inside a VirtualHost or similar section:

+ 

+ ....

+ <VirtualHost *:80>

+ AddType application/octet-stream .iso

+ AddType application/octet-stream .rpm

+ </VirtualHost>

+ ....

+ 

+ ===== Limiting Download Accelerators

+ Download accelerators will try to open the same file many times, and request chunks, hoping to download them in parallel. This can overload heavily loaded mirror servers, especially on release day. Here are some tricks to thwart such activities.

+ 

+ To limit connections to ISO dirs by some amount per IP:

+ 

+ ....

+ <IfModule mod_limitipconn.c>

+ MaxConnPerIP 6

+ </IfModule>

+ ....

+ 

+ To block ranged requests as this is what download accelerators do indeed:

+ 

+ ....

+ RewriteEngine on

+ RewriteCond %{HTTP:Range} [0-9] $

+ RewriteRule \.iso$ / [F,L] 

+ ....

+ 

+ Similar things can be done with iptables and the recent module, which might give you a little more ability to control what is being done, either by limiting new connections or by dropping 50% of a users packets.

+ 

+ ==== Pre-bitflip mirroring

+ Several days before each public release, the content will be staged to the master mirror servers, but with restricted permissions on the directories (generally mode 0750), specifically, not world readable.

+ 

+ Mirror servers should have several different user/group accounts on their server, for running the different public services. Typically you find:

+ 

+ * HTTP server runs as user apache, group apache

+ * FTP server runs as user ftp, group ftp

+ * RSYNC server runs as user rsync, group rsync

+ * A user account for downloading content from the masters (e.g. user mirror, group mirror).

+ 

+ The user account used to download content from the masters must be not be the same as the HTTP, FTP, or RSYNC server accounts. This guarantees that content downloaded with permissions 0750 will not be made available via your public servers yet.

+ 

+ On the morning of the public release, the permissions on the directories on the master servers will change to 0755 - world readable. This is called the *bitflip*.

+ 

+ Mirrors may either rsync one more time to pick up these new permissions (but won't have to download all the data again), or preferably, can schedule a batch job to bitflip:

+ 

+ ....

+ $ echo "chmod a+rx /pub/fedora/linux/releases/9" | at '14:45 UTC May 13 2008'

+ ....

+ 

+ ===== Serving content to other mirrors

+ Tier 1 mirrors will necessarily need to share content to Tier 2 mirrors before the bitflip. This is done by running another instance of the rsync daemon, on a different port (e.g. 874), with an Access Control List to prevent public downloads, running as a user in the same group as downloaded the content (e.g. group mirror). This could be user mirror, group mirror, who has group read/execute permissions on the still-private content.

+ 

+ Tier 1 mirrors have a tendency to use different authentication methods for granting access to these non-public downloads, they vary from maintaining IP based ACL's to assigning username/password combinations to mirrors wishing to sync from them. Each method has advantages / disadvantages, the IP list is 'simpler' from a mirrormanager perspective as mirrormanager can give you the list of IP's but from an automation standpoint can be more difficult (as rsync's configuration file does not allow that ACL list to be stored in a separate file). Username / passwords can be more versatile as sites mirroring can change IPs without notifying you, but it's easier for those credentials to leak out and get misused.

+ 

+ === Other MirrorManger features

+ ==== Statistics

+ MirrorManager tracks the link:https://admin.fedoraproject.org/mirrormanager/statistics[number of accesses to the mirror list] and breaks it down by country, architecture, and repository.

+ 

+ ==== Mirror Maps

+ link:https://admin.fedoraproject.org/mirrormanager/maps[The map of all public mirrors] is updated daily; if it doesn't display the correct data, please try again later.

  

+ ===== Recognition

+ This product includes link:https://dev.maxmind.com/geoip/legacy/geolite/[GeoLite] data created by link:https://www.maxmind.com/[MaxMind].

  '''

  

  See a typo, something missing or out of date, or anything else which can be

@@ -1,74 +1,39 @@ 

  = Using UEFI with QEMU

  

This doc is fairly long; please add :toc: to this line to automatically include a table of contents generated from headings, it'll help with navigation.

- '''

- 

- [IMPORTANT]

- ======

- 

- This page was automatically converted from https://fedoraproject.org/wiki/Using_UEFI_with_QEMU

- 

- It is probably

- 

- * Badly formatted

- * Missing graphics and tables that do not convert well from mediawiki

- * Out-of-date

- * In need of other love

- 

- 

- Pull requests accepted at https://pagure.io/fedora-docs/quick-docs

- 

- Once you've fixed this page, remove this notice, and update

- [filename]`modules/ROOT/nav.adoc`.

- 

- Once the document is live, go to the original wiki page and replace its text

- with the following macro:

- 

- ....

- {{#fedoradocs: https://docs.fedoraproject.org/whatever-the-of-this-new-page}}

- ....

- 

- ======

- 

- '''

- 

- include::{partialsdir}/unreviewed-message.adoc[]

- 

  [[firmware-installation]]

- Firmware installation

- ---------------------

+ == Firmware installation

  

  UEFI for x86 QEMU/KVM VMs is called OVMF (Open Virtual Machine

  Firmware). It comes from EDK2 (EFI Development Kit), which is the UEFI

  reference implementation.

  

  [[installing-uefi-for-qemu-from-fedora-repos]]

- Installing 'UEFI for QEMU' from Fedora repos

- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+ == Installing 'UEFI for QEMU' from Fedora repos

There's an issue with headings in this doc and it causes Antora to display a bunch of warnings. Basically, every heading starting from this line until the end of the doc should be one level lower (one more =). sign).

  

  Since June 2016, OVMF is available in Fedora repositories. All you need

- to have installed is `edk2-ovmf` RPM. Furthermore, it should be now a

+ to have installed is `edk2-ovmf` RPM. Furthermore, it should now be a

  dependency of the package, so you probably have it installed already.

  This includes firmware for secureboot (`OVMF_CODE.secboot.fd`)

  

  [[installing-uefi-for-qemu-nightly-builds]]

- Installing 'UEFI for QEMU' nightly builds

- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+ == Installing 'UEFI for QEMU' nightly builds

  

- Gerd Hoffmann, Red Hatter and QEMU developer, has a dnf repo on his

+ Gerd Hoffmann, Red Hatter and QEMU developer, has a link:https://fedoraproject.org/wiki/DNF?rd=Dnf[dnf] repo on his

  personal site that provides nightly builds of a whole bunch of QEMU/KVM

  firmware, including EDK2/OVMF.

  

  Here's how to pull down the nightly builds for x86:

  

- ` sudo dnf install dnf-plugins-core` +

- ` sudo dnf config-manager --add-repo `http://www.kraxel.org/repos/firmware.repo[`http://www.kraxel.org/repos/firmware.repo`] +

- ` sudo dnf install edk2.git-ovmf-x64`

+ ....

+ sudo dnf install dnf-plugins-core

+ sudo dnf config-manager --add-repo http://www.kraxel.org/repos/firmware.repo

+ sudo dnf install edk2.git-ovmf-x64

+ ....

  

  Note, these are nightly builds, and may occasionally be broken.

  

  [[optionally-configure-libvirtd-to-advertise-uefi-support]]

- Optionally Configure libvirtd to advertise UEFI support

- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+ == Optionally Configure libvirtd to advertise UEFI support

  

  Libvirt needs to know about UEFI->NVRAM config file mapping, so it can

  advertise it to tools like virt-manager/virt-install. On Fedora 22 and
@@ -76,41 +41,39 @@ 

  paths, so this will work out of the box.

  

  However, if you want to use custom binaries, you will need to edit the

- nvram variable in /etc/libvirt/qemu.conf and restart libvirtd.

+ `nvram` variable in `/etc/libvirt/qemu.conf` and restart libvirtd.

  

  [[creating-a-vm]]

- Creating a VM

- -------------

+ = Creating a VM

  

  [[virt-manager]]

- virt-manager

- ~~~~~~~~~~~~

+ == virt-manager

  

  Create a new VM in virt-manager. When you get to the final page of the

  'New VM' wizard, do the following:

  

- * Click 'Customize before install', then select 'Finish'

- * On the 'Overview' screen, Change the 'Firmware' field to select the

-   'UEFI x86_64' option.

- * Click 'Begin Installation'

+ * Click "Customize before install", then select "Finish"

+ * On the "Overview" screen, change the "Firmware" field to select the

+   "UEFI x86_64" option.

+ * Click "Begin Installation"

  * The boot screen you'll see should use `linuxefi` commands to boot the

    installer, and you should be able to run `efibootmgr` inside that

    system, to verify that you're running an UEFI OS.

  

  [[virt-install]]

- virt-install

- ~~~~~~~~~~~~

+ == virt-install

  

  Add `--boot uefi` to your `virt-install` command. Example:

  

- ` sudo virt-install --name f20-uefi \` +

- `   --ram 2048 --disk size=20 \` +

- `   --boot uefi \` +

- `   --location `https://dl.fedoraproject.org/pub/fedora/linux/releases/22/Workstation/x86_64/os/[`https://dl.fedoraproject.org/pub/fedora/linux/releases/22/Workstation/x86_64/os/`]

+ ....

+ sudo virt-install --name f20-uefi \

+   --ram 2048 --disk size=20 \

+   --boot uefi \

+   --location https://dl.fedoraproject.org/pub/fedora/linux/releases/22/Workstation/x86_64/os/

+ ....

  

  [[testing-secureboot-in-a-vm]]

- Testing Secureboot in a VM

- --------------------------

+ = Testing Secureboot in a VM

  

  These steps describe how to test Fedora Secureboot support inside a KVM

  VM. The audience here is QA folks that want to test secureboot, and any
@@ -118,8 +81,7 @@ 

  it builds upon the previous UEFI steps.

  

  [[run-enrolldefaultkeys.efi]]

- Run EnrollDefaultKeys.efi

- ~~~~~~~~~~~~~~~~~~~~~~~~~

+ == Run EnrollDefaultKeys.efi

  

  (Formerly this article recommended the independent utility

  "LockDown_ms.efi".)
@@ -139,8 +101,7 @@ 

    is now enabled for every subsequent boot.

  

  [[testing-fedora-cddvd-secure-boot-in-a-vm]]

- Testing Fedora CD/DVD Secure Boot in a VM

- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+ == Testing Fedora CD/DVD Secure Boot in a VM

  

  Once you have a secureboot configured VM as described above, it's easy

  to use this to test ISO media secureboot support.
@@ -152,12 +113,10 @@ 

    checking dmesg

  

  [[notes]]

- Notes

- -----

+ = Notes

  

  [[using-uefi-with-aarch64-vms]]

- Using UEFI with AArch64 VMs

- ~~~~~~~~~~~~~~~~~~~~~~~~~~~

+ == Using UEFI with AArch64 VMs

  

  link:Architectures/ARM/AArch64[Fedora's AArch64 releases] will only run

  on UEFI, so require UEFI inside the VM. However the steps are slightly
@@ -165,8 +124,7 @@ 

  https://fedoraproject.org/wiki/Architectures/AArch64/Install_with_QEMU

  

  [[extra-links]]

- Extra links

- -----------

+ = Extra links

  

  * QA:Testcase_Virtualization_UEFI[QA:Testcase Virtualization UEFI]

This should either be a link or deleted

  * http://www.linux-kvm.org/page/OVMF[KVM wiki OVMF page]
@@ -177,8 +135,5 @@ 

  * http://www.labbott.name/blog/2016/09/15/secure-ish-boot-with-qemu/[Using

    SecureBoot with QEMU]

  

- Category:Virtualization Category:QA

- '''

- 

  See a typo, something missing or out of date, or anything else which can be

  improved? Edit this document at https://pagure.io/fedora-docs/quick-docs.

Finalized all the edits for quick-docs that aren't maintained on the wiki. Edited for spelling, grammar, tone, consistency in content, clarity, etc. Mirroring.adoc was the biggest workload of them all since none of the content carried over.

Metadata Update from @pbokoc:
- Request assigned

3 years ago

This doc is fairly long; please add :toc: to this line to automatically include a table of contents generated from headings, it'll help with navigation.

There's an issue with headings in this doc and it causes Antora to display a bunch of warnings. Basically, every heading starting from this line until the end of the doc should be one level lower (one more =). sign).

This should either be a link or deleted

Please add a :toc: below the heading to include a table of contents for easier navigation

This should be an xref. Replace the link: with xref:understanding-and-administering-systemd.adoc[systemd]

This markup is inconsistent with other command examples in our docs. Use a command block instead:

[source,bash]
----
systemctl list-jobs
----

This applies for all stand-alone command examples in the article (like the ones right below).

Metadata Update from @pbokoc:
- Pull-request tagged with: needs changes

3 years ago

@adcaelum Hi, thank you for the PR! See the feedback above, that should be all from me.

@adcaelum are you able to address the feedback on this pull request?

@bcotton

At the risk of sounding dim, every time I attempt to edit this commit, I get thrown an error. I click to the file in the commit, then click the "Edit" button. Every time I do so, I'm met with an error that says:

"Bad Request - Invalid branch specified"

I'd like to know how to edit this commits directly as I don't want to duplicate work by opening another PR.

@adcaelum you'll probably need to do it in your checked out copy. You can make additional commits and push them to your forked branch.

(In order to be able to merge it, you'll probably also need to rebase your fork. I'm not sure how familiar you are with git, so if that seems like more than you want to tackle, you can just push your new edits and I'll make it work)

Pulled in the files separately:
part1: debug systemd f184735
part2: enable touchpad 403a6e5
part 3: mirror - skipped, wiki page actively updated by infra
part 4: uefi qemu b7fcdc1

Installed redirect on old wiki pages:
https://fedoraproject.org/wiki/How_to_enable_touchpad_click
https://fedoraproject.org/wiki/Using_UEFI_with_QEMU

Pull-Request has been closed by pboy

a year ago