From Fedora Project Wiki

Revision as of 12:54, 19 February 2010 by Lewis41 (talk | contribs)

This page is a draft only
It is still under construction and content may change. Do not rely on the information on this page. NFR only for developer Users. To complete for Tester, Mirror, & Other

Fedora NFR (No Frozen Rawhide) HOWTO

This document shows how to update a package you maintain in Fedora. It assumes you already have a package in the Fedora. This document is divided in tre sections to give you as a Developer, Tester, or Mirror Admin some guidelines on how to submit packages for rawhide, development or pending.


Here you can find some preliminary document about the new process of package management. If you want to know the difference between 'rawhide', 'development', or 'pending', you can figure out an overall understanding of the release naming and repos where you can find information on which one is suitable for you, going to our new and improved Fedora Development Process Overview page FIXME

New contributors (manditory reading), new testers (highly suggested reading), new consumers (useful reading), anybody interested in how Fedora is developed would find this page useful.

For Developer


If you want to build a new package, but you aren't sure if it should go to Rawhide or Fedora 35, then:

  1. New packages should always be built at least for Rawhide
  2. New packages can be built for Pending and existing Fedora Releases, however they should go through updates-testing first. If the new package is critical-path it will require net positive karma from releng/qa and peers as outlined above.
  • If you want build package for Rawhide available for testing:
    No action required. Happens nightly automatically.
  • If you want build critical & non-critical path package for Fedora 35:
    Check out and build from the F-13/ branch as indicated below.
  • Check out and build from the Fedora 35/ branch
  1. Request a testing update in Bodhi for Fedora 35. Bodhi admins "push" it.
  2. Peers and members from QA or Releng test the update and provide karma feedback via bodhi
  • If you want build your package for Fedora 35 available for testing:
  1. You can request a testing update in Bodhi for Fedora 35. Bodhi admins "push" it.
  2. You can peer test the update and provide karma feedback via bodhi
To check and see if the build will be in the Fedora 35, as they will be tagged with "dist-f1?", you can run koji latest-pkg dist-f1? to see what the latest build of your package is for Fedora 35.
  • You built a package to handle an urgent issue (e.g. security problem, non-functioning system, etc.) and want to push it to the Fedora 35 branch.
    You should build in the Fedora 35 branch and create a bodhi update and do one of the following:
  1. in all cases, you need to be very very very sure the update will not cause additional problems
  2. if the package is not in the critical path, nor addressing a security problem, then you request a push to stable.
  3. if the package addresses a security issue then you mark it as security and waits for the Security team to sign off on the update (not sure how this happens right now) before requesting the package be pushed to stable.
  4. if the package is in the critical path, then you also wait for a QA/releng/peer net positive karma vote in Bodhi before requesting the package be pushed to stable.
  • If you have a package in the "pending" updates-testing repo for a week that hasn't received karma feedback
  1. If the package is in the critical path...
    You need to query QA/releng and peers to recieve karma for your update before you can proceed
  2. If the package is not in the critical path...
    You can choose to push to stable, or request and wait for further testing
  • If you want to build a package for the Pending Fedora 35 but it requires package that is not yet pushed "stable" for Fedora 35.
  1. You would need to file a buildroot override tag request as outlined in the policy page Alpha_Freeze_Policy
  2. Once tagged, you can proceed to build your package and issue the Bodhi request
  • Make test update "stable" and tagged for Fedora 35
    Provided the package has net positive Karma from QA or releng and at least one more net positive karma point, you should request a push to "stable" within Bodhi (this could be automatically done if karma autopush is checked). Bodhi admins "push" it.

For Tester

  • If you are o want to be a tester and want to install rwahide on your system to test the latest and greatest packages at all times than:
  1. Read the wiki page and follow the instructions to get rawhide installed.
  2. Leave the rawhide yum repo enabled and keep fedora, updates, and updates-testing repos disabled.
  3. Consume the rawhide firehose and report issues as you find them.
  • If you want to install and run the 'pending' Fedora release (aka Fedora 13) as your desktop and to participate in test days
  1. Install from Alpha, Beta, the Last Known Good Pending snapshot or from a Pending nightly live image
  2. yum update to the latest pending content
  • If you want to update your Fedora 12 system to the Pending Fedora 13 and start testing Fedora 13
    Update your existing Fedora 12 system by reading instructions at FIXME
  • If you want to pitch in and provide test feedback for new packages ... where do you go? ('Rawhide', 'pending' updates-testing, 'stable' updates-testing)
    You would check the QA/Join page that describes the different testable repos and skill level and investment involved. You would make a decision and follow documentation on how to test.
  • If you want to impress your friends by becoming a member of the QA team so that you can represent QA in providing positive feedback on critical path package updates on the 'stable' and 'pending' fedora releases
  1. You read the QA/Join page and demonstrate an ability and desire to do the testing and provide useful feedback and applie for the official QA group
  2. You read the QA:Package Acceptance Test Plan and use it as a guideline to test things.
  3. Tangent - We have a completely unused 'qa' FAS group ... do we wipe the list and start over? (It's possible to do that, but before you do, you can email 'qa-members@fp.o' to take care of advance notice... i.e. give people a heads-up, make sure everyone understands why, and what they should do next, whether it's join another group, speak up to keep membership, or what have you)
  • If you are a member of the QA FAS group. You provided positive feedback on a 'pending' or 'stable' package update. The package update is released and includes a major regression. What now?
  1. Would review in weekly QA meeting. It's ok, mistakes happen
  2. Accident/omission
  3. Misuse

For Mirror Admin

  • If you are a mirror admin and want to prepare for additional repos coming to his mirror
    • Read mirror-list(-d) and watche for announcements regarding new paths being added to the master mirror
    • Check his sync exclusion settings to ensure you either get, or don't get the new path depending on your desires.

Build a package for Rawhide

To build a package for Rawhide, check it out from the CVS devel/branch.

Install fedora-packager if not already installed.

Check out a local working copy of the CVS module you plan to edit, e.g. (for a description of the directory layout, see the Anatomy page:

fedora-cvs <package_name>
  • If you update to a new upstream version, you have to upload the tarball to an external lookaside cache. Operations on the lookaside cache require a client-side certificate, to get one, run
fedora-cert -n

To upload a new source tarball and replace an older one, run

make new-sources FILES="/path/to/yournewtarball.tar.gz"

You can omit the path if the source is the current directory.

In the branch directory (i.e. devel in this case) or for multiple files:

make new-sources FILES="yournewtarball.tar.gz yourdata.tar.gz"

This also updates your local copy of the .cvsignore and sources files. You will need to do this for each branch that you will be building the new version for. The new tarball will be uploaded only once and the rest will be md5sum checked and not uploaded, only the .cvsignore and sources files will be updated.

If you just want to add another tarball (e.g. a big gzipped patch or a documentation tarball), use:

make upload FILES="somefile.tar.gz"

Contrary to make new-sources, this does not purge old files from the .cvsignore and sources files.

If you just have a small patch, initscript, or otherwise plain text file, you can commit those directly to CVS. This can be done with the cvs add command, e.g.:

cvs add packagename-fix-the-foobar.patch
  • Use the command make i686 or make x86_64 to test a package build on your local system. Then install and test the package. If something doesn't work, fix it and repeat this step. You can also use the koji build system to do a scratch build perhaps for some arch you don't have locally. For example, to build just for x86_64:
make srpm; koji build --scratch --arch-override x86_64 dist-f14 packagename-version-release.src.rpm
  • Check if everything that has changed is correct with
cvs diff -u
  • Commit the verified changes to the devel/ branch.
cvs commit

As a test whether the full commit was fine, you can check out a fresh working copy into a different directory. It should succeed in fetching the binaries from lookaside cache and also pass simple build tests such as make i686 or make srpm at least.

  • Tag your package:
make tag
  • Instruct the builders to build your package:
make build


fedora-cvs foo
cd foo/devel
wget -N
make new-sources FILES="foo-0.0.2.tar.bz2"
gedit foo.spec
# change the required things in the specfile
make i686
# check that the changes you made are correct
cvs diff -u
# commit
cvs commit -m "Update to 0.0.2"
# request build
make tag build

The package builders publish your package in the development tree, also called "Rawhide." If the package is a stable update, you may also provide it to users of the currently-maintained stable, or branched Fedora release. To make it available to F-11 or F-12 users, or testers of the branched F-13 for example, use the procedure outlined in the next chapter.

An alternative may be used, the import of a complete src.rpm.

More in-depth information on the build system is at UsingKoji.

Removing a package build from the devel branch

From time to time you may want to remove a package build you pushed to the devel branch (rawhide). This could happen in a situation where a bug or issue is found in your package that will be resolved upstream in the next release. You may want to wait for this release instead of back-porting a fix yourself, so pulling the broken package from rawhide makes sense.

Stop (medium size).png
Use this carefully!
This should only be done on the same day of the build. If your build has already been published in rawhide you must not untag it!

You can remove the package from rawhide by using koji as follows:

koji untag-pkg dist-f13 foo-1.1.3-1.fc13

Where foo-1.1.3-1.fc13 is replaced with the name of your package build. See koji help or UsingKoji for more information.

Working with packages in the stable branches

Stable branches are branches within CVS for either released Fedoras, or a branched Fedora that is still in bugfix/polish mode but has not yet been released.

  1. Make any required changes in the F-11, F-12 or F-13, etc.. directory. In many cases, you can apply the same changes from the devel/ branch to the other branches. Use the diff and patch utilities for this purpose.
  2. Use the command make i686 or make x86_64 to test a package build on your local system. Then install and test the package. If something doesn't work, fix it and repeat this step.
  3. Commit the verified changes to the branch you are working on:
    cvs commit
  4. Tag your package:
    make tag
  5. Instruct the builders to build your package:
    make build
  6. Check the koji build page at for the build process.
  • If you want to build a package for the Pending Fedora 35 but it requires package that is not yet pushed "stable" for Fedora 13.
  1. You would need to file a buildroot override tag request as outlined in the policy page Alpha_Freeze_Policy
  2. Once tagged, you can proceed to build her package and issue the Bodhi request

Submit your update to Bodhi

  1. This can be accomplished in a few different ways. The easiest being:
    make update
    If your local username differs from that of your Fedora account, you will need to specify it with the following command:
    make update BODHI_USER=foo
    Or you add BODHI_USER=foo to the file ~/.cvspkgsrc.
    1. Alternatively, you can also submit your update using the bodhi-client
    2. or the web interface .
  2. Once submitted, bodhi will automatically request that your update be pushed to updates-testing. If you feel that community testing is unnecessary for your update, you can choose to push it straight to the stable fedora-updates repository instead. Pushing directly to stable skips peer review and is strongly discouraged!! Note that security updates follow a slightly different process .
  3. A Release Engineer then signs and pushes out your updates. The signing step is currently a manual process, so your updates will not be instantly released once submitted to bodhi.
  4. Once pushed to testing, people are able to +1/-1 the updates "karma", based on whether or not it seems to be functional for them. If your update reaches a karma of 3, it will automatically be pushed to stable. Likewise, if it reaches -3, it will be automatically unpushed. If your update does not receive enough feedback to automatically push it to stable, you will have to submit it as a final update yourself. This can easily be done with the command-line tool, or with the web interface.
  5. You will then be notified when your update has been pushed to stable. Bodhi will close all associated bugs and send an announcement to fedora-package-announce. At this point, your update has been officially released!

Get Automatically Notified on New Upstream Releases

To automatically get notifications via bugzilla whenever upstream has a new release, refer to upstream release monitoring page.