From Fedora Project Wiki

m (split unnecessarily long line, no more horizonral scrollbar)
Line 201: Line 201:

* Use the command <code>fedpkg mockbuild</code> to test a package build on your local mock system.  Then install and test the package.  If something doesn't work, fix it and repeat this step. You can also use the koji build system to do a scratch build perhaps for some arch you don't have locally. For example, to build just for x86_64:
* Use the command <code>fedpkg mockbuild</code> to test a package build on your local mock system.  Then install and test the package.  If something doesn't work, fix it and repeat this step. You can also use the koji build system to do a scratch build perhaps for some arch you don't have locally. For example, to build just for x86_64:
<pre>fedpkg srpm; koji build --scratch --arch-override x86_64 f17 packagename-version-release.src.rpm
<pre>fedpkg srpm
koji build --scratch --arch-override x86_64 f17 packagename-version-release.src.rpm

Revision as of 18:05, 25 April 2012

Run git config --global --add push.default tracking which instructs git to "push" to whatever branch you are tracking

This document shows how to update a package you maintain in Fedora. It assumes you already have a package in the Fedora repositories.

This document is divided in three sections to give Developers, Testers, and Mirror Admins some guidelines on how to submit packages for rawhide, development and pending.


Here you can find detailed information on process of Package Management in Fedora. If you want to know the difference between rawhide, development and pending , and which one is suitable for you, along with an overall understanding of the release naming and repos, visit our new and improved Fedora Development Process Overview page.

New contributors (mandatory reading), new Testers (highly suggested reading), new Consumers (useful reading), or anybody interested in how Fedora is developed would find this page useful.

In particular, these are the new paths on mirrors:

  • /pub/fedora/linux/development/rawhide/ will become the new path of Rawhide. It will continue to not have install images, and will be the place where builds from the "devel" branch in git go to. It'll be Fedora 39 intended content.
  • /pub/fedora/linux/development/38 will become the new path of the branched Fedora 38 content. This is where builds from the F-38/ branch in git will go after they pass through Bodhi as "stable".
  • /pub/fedora/linux/updates/testing/38/ will be where potential Fedora 38 builds go after passing through bodhi as "testing". This is where you'll find the latest stuff proposed for freeze break and where testing and peer review of these freeze breaks will happen. When a maintainer feels enough testing has happened, or enough karma triggers the Bodhi auto request, the build will be marked "stable" and show up in the development/38 tree at the next nightly compose.

(View NFR coming soon! New paths on mirrors!)

For Developers


If you want to build a new package, but you aren't sure if it should go to Rawhide or Fedora 39, then:

  1. New packages should always be built at least for Rawhide
  2. New packages can be built for Pending and existing Fedora Releases, however they should go through updates-testing first. If the new package is critical-path it will require net positive karma from Releng / QA and peers as outlined below.
Check out and build from the devel/branch No action required. Happens nightly automatically Check out and build from the F39/branch Request a testing update in Bodhi for F39. Bodhi admins push it. Peers test the update and provide karma feedback via Bodhi Request a push to stable within Bodhi. Bodhi admins push it.
Build for Rawhide X
Build for Rawhide + testing in other branches X
Build non-critical path package for F39 (branched) X
Build critical-path for F39 (branched) X
Push critical-path package waiting in "pending" updates-testing repo for a week without karma feedback X[1] X[1]
For a package, in critical path, in the "pending" updates-testing repo for a week that hasn't received karma feedback X[2]
To mark, built package for F39, available for testing X X
To mark stable and tagged for F39 tested update X[3]
To push a package built to handle an urgent issue (e.g. security problem, non-functioning system, etc.) to the F39 branch [4] X[5]


  1. 1.0 1.1 Mutually exclusive.
  2. Query QA/Release Engineering, too
  3. Provided the package has net positive Karma from QA or releng and at least one more net positive karma point. If karma autopush is checked submit to stable is done automatically
  4. In all cases, it's necessary to be very very very sure the update will not cause additional problems
  5. If the package is not in the critical path, nor addressing a security problem, then it can be requested a push to stable
    If the package addresses a security issue then it should be marked as security. Wait for the Security team to sign off on the update (not sure how this happens right now) before requesting the package be pushed to stable
    If the package is in the critical path, then wait for a QA/Release Engineering/Peer net positive karma vote in Bodhi before requesting the package be pushed to stable

File a buildroot override tag request as outlined in the Policy page, and proceed to build the package Issue the Bodhi request
To build a package for the Pending F39 which requires a package not yet pushed stable for F39 X X

To check and see if the build will be in the Fedora 39, as they will be tagged with "f1?", you can run koji latest-pkg f1? to see what the latest build of your package is for Fedora 39.

For Testers

Read the Rawhide page and follow instructions Keep the rawhide repo enabled and fedora, updates, & updates-testing repos disabled. Consume the rawhide firehose and report issues as you find them. Install from Alpha, Beta, the Last Known Good Pending snapshot or a Pending nightly live image yum update to the latest pending content Update your Fedora 12 system by reading instructions at FIXME Check the QA/Join page that describes the different testable repos, skill level and investment involved. Read the Package Acceptance Test Plan and use it as a guideline
To install Rawhide on your system to test the latest packages X X X
To install and run Fedora 39 as your desktop and participate in test days X X
To update a Fedora 12 system to the Pending Fedora 13 for testing X
To provide test feedback for new packages X
To represent the QA team in providing feedback on critical path package updates X X

If you are a member of the QA FAS group, and provided positive feedback on a 'pending' or 'stable' package update. The package update is released and includes a major regression. What now?
  1. Review in weekly QA meeting. It's ok, mistakes happen.
  2. Accident/omission.
  3. Misuse

For Mirror Admins

  • If you are a mirror admin and want to prepare for additional repos coming to your mirror :
    • Read mirror-list(-d) and watch for announcements regarding new paths being added to the Master Mirror.
    • Check your sync exclusion settings to ensure you either get, or don't get the new path (depending on your needs).

Build a package for Rawhide

To build a package for Rawhide, check it out from the git devel/branch.

Install fedora-packager if not already installed.

Check out a local working copy of the git module you plan to edit, e.g. (for a description of the directory layout, see the Anatomy page:

fedpkg clone <package_name>
Note: If you are not a member of the fedora packager group, you will receive a "permission denied" error. Use the -a flag to clone anonymously.
  • If you update to a new upstream version, you have to upload the tarball to an external lookaside cache. Operations on the lookaside cache require a client-side certificate, to get one, run
fedora-cert -n

To upload a new source tarball and replace an older one, run

fedpkg new-sources /path/to/yournewtarball.tar.gz

You can omit the path if the source is the current directory.

In the branch directory (i.e. devel in this case) or for multiple files:

fedpkg new-sources yournewtarball.tar.gz yourdata.tar.gz

This also updates your local copy of the .gitignore and sources files. You will need to do this for each branch that you will be building the new version for. The new tarball will be uploaded only once and the rest will be md5sum checked and not uploaded, only the .gitignore and sources files will be updated.

If you just want to add another tarball (e.g. a big gzipped patch or a documentation tarball), use:

fedpkg upload somefile.tar.gz

Contrary to fedpkg new-sources, this does not purge old files from the .gitignore and sources files.

If you just have a small patch, initscript, or otherwise plain text file, you can commit those directly to git. This can be done with the git add command, e.g.:

git add packagename-fix-the-foobar.patch
  • Use the command fedpkg mockbuild to test a package build on your local mock system. Then install and test the package. If something doesn't work, fix it and repeat this step. You can also use the koji build system to do a scratch build perhaps for some arch you don't have locally. For example, to build just for x86_64:
fedpkg srpm
koji build --scratch --arch-override x86_64 f17 packagename-version-release.src.rpm
  • Check if everything that has changed is correct with
fedpkg diff
  • Commit the verified changes to the devel/ branch.
fedpkg commit
git push
  • Commit and push in one go
fedpkg commit -p

As a test whether the full commit was fine, you can check out a fresh working copy into a different directory. It should succeed in fetching the binaries from lookaside cache and also pass simple build tests such as make i686 or make srpm at least.

  • Instruct the builders to build your package:
fedpkg build


fedpkg clone foo
cd foo
wget -N
fedpkg new-sources foo-0.0.2.tar.bz2
gedit foo.spec
# change the required things in the specfile
fedpkg mockbuild
# check that the changes you made are correct
fedpkg diff
# commit and push
fedpkg commit -m "Update to 0.0.2" -p
Note: Be careful that requesting a build on Rawhide is enough, when that build is successful, for that build to reach the Rawhide repository/build-root after a few hours. Before pressing the Enter key after the following command, it is not a bad idea to think again at the potential consequences on the other packages.
# request build
fedpkg build

The package builders publish your package in the development tree, also called "Rawhide." If the package is a stable update, you may also provide it to users of the currently-maintained stable, or branched Fedora release. To make it available to F-11 or F-12 users, or testers of the branched F-13 for example, use the procedure outlined in the next chapter.

An alternative may be used, the import of a complete src.rpm.

More in-depth information on the build system is at UsingKoji.

Removing a package build from the devel branch

From time to time you may want to remove a package build you pushed to the devel branch (rawhide). This could happen in a situation where a bug or issue is found in your package that will be resolved upstream in the next release. You may want to wait for this release instead of back-porting a fix yourself, so pulling the broken package from rawhide makes sense.

Stop (medium size).png
Use this carefully!
This should only be done on the same day of the build. If your build has already been published in rawhide you must not untag it!

You can remove the package from rawhide by using koji as follows:

koji untag-pkg f17 foo-1.1.3-1.fc17

Where foo-1.1.3-1.fc17 is replaced with the name of your package build. See koji help or UsingKoji for more information.

Requesting special dist tags

When updating a package affects a large number of dependencies (e.g. all perl, python or ghc packages) it may be better to initially do the builds in another repo, so that there is less disruption in rawhide.

If you think you have an update that falls under this case you can request a special dist tag by filing a release engineering ticket. Someone from release engineering will likely want to discuss your needs to make sure this is really an appropriate case (it's OK ask if you aren't sure) and that you get what you need.

Working with packages in the stable branches

Stable branches are branches within git for either released Fedoras, or a branched Fedora that is still in bugfix/polish mode but has not yet been released.

  1. Switch to the branch which you would like to update with the fedpkg switch-branch command. Here is an example of an update for Fedora 16:
    fedpkg switch-branch f16
  2. Make any required changes. In many cases, you can apply the same changes from the devel/ branch to the other branches. Use the diff and patch utilities for this purpose.
  3. Use the command fedpkg local to test a package build on your local system. Then install and test the package. If something doesn't work, fix it and repeat this step.
  4. Commit the verified changes to the branch you are working on:
    git commit and git push
    Example of git push:
    git push origin f16:refs/heads/f16/master
    See also Fedora branch names.
  5. Instruct the builders to build your package:
    fedpkg build
  6. Check the koji build page at for the build process.
  • If you want to build a package for the Pending Fedora 39 but it requires package that is not yet pushed "stable" for Fedora 16.
  1. You would need to file a buildroot override tag request as outlined in the policy page Alpha_Freeze_Policy
  2. Once tagged, you can proceed to build her package and issue the Bodhi request

Submit your update to Bodhi

  1. This can be accomplished in a few different ways. The easiest being:
    fedpkg update
    If your local username differs from that of your Fedora account, you will need to specify it with the following command:
    BODHI_USER=foo fedpkg update
    Or you add BODHI_USER=foo to the file ~/.cvspkgsrc. FIXME: what's the git equivalent?
    1. Alternatively, you can also submit your update using the bodhi-client
    2. or the web interface .
  2. Once submitted, bodhi will automatically request that your update be pushed to updates-testing. If you feel that community testing is unnecessary for your update, you can choose to push it straight to the stable fedora-updates repository instead. Pushing directly to stable skips peer review and is strongly discouraged!! Note that security updates follow a slightly different process .
  3. A Release Engineer then signs and pushes out your updates. The signing step is currently a manual process, so your updates will not be instantly released once submitted to bodhi.
  4. Once pushed to testing, people are able to +1/-1 the updates "karma", based on whether or not it seems to be functional for them. If your update reaches a karma of 3, it will automatically be pushed to stable. Likewise, if it reaches -3, it will be automatically unpushed. If your update does not receive enough feedback to automatically push it to stable, you will have to submit it as a final update yourself. This can easily be done with the command-line tool, or with the web interface.
  5. You will then be notified when your update has been pushed to stable. Bodhi will close all associated bugs and send an announcement to fedora-package-announce. At this point, your update has been officially released!

Get Automatically Notified on New Upstream Releases

To automatically get notifications via bugzilla whenever upstream has a new release, refer to upstream release monitoring page.