Summary: Fedora 19 review presents a detailed review of the latest edition of Fedora, a Linux distribution sponsored by Red Hat, Inc. Out of the box, it ships with only Free Software applications.
Like previous releases before it, Fedora 19, code-named Schrodinger’s Cat, comes with many, many new features and feature enhancements, and, of course, its own share of bugs.
Installation images are available as Live CD/DVD ISO images. The main edition uses the GNOME 3 desktop environment, with an unmodified GNOME Shell. Installation images for other popular desktop environments are also available for download. These other flavors, known as Spins, run the KDE, LXDE, Xfce, and MATE Compiz desktops.
There are also specialty flavors designed for specific computing tasks (Design-suite, Electronic-Lab, Games, Jam-KDE – for the musician in you, Robotics, Security, and SoaS), and ready-to-run images for Cloud platforms. Installation images for ARM, PPC, and s390 architectures are also available.
This review is based on test installations of the main edition and the KDE Spin on real hardware and in a virtual environment powered by VirtualBox. I usually like to begin a review from the installer, but for Fedora 19, I’ll leave for somewhere towards the end. The following list shows the topics I’ll touch on in this review, starting with features common to the main edition and all the Spins.
Here are the list of features that interest me:
- Network upgrade of existing installations
- Automatic bug reporting tool
- Firewalld Rich Language
- 3D printing
- GNOME 3 Edition
- KDE Spin
- Graphical Package Manager(s)
1. Network upgrade of existing installations: Before Fedora 18, upgrading an existing installation of Fedora was not very user-friendly. That changed with the introduction of an upgrade tool called FedUp (FEDora UPgrader). In this latest release, another upgrade script called fedora-upgrade was stable enough to be included. So the first thing I did when Schrodinger’s Cat was released, was attempt an upgrade of two existing installations of Fedora 18 using both tools. Aside from a minor problem with the default GRUB theme files, both scripts worked as advertised, though my preference would be to use FedUp, as it can be run unattended.
I documented my experience with both scripts at Upgrade Fedora 18 to 19 using fedora-upgrade or FedUp. In the future, I think most distributions not using a rolling-release development model will be using upgrade tools similar to FedUp or fedora-upgrade.
2. Automatic bug reporting tool: Bugs happen and applications will crash. The question is, does your favorite distribution make it easy to file a bug report? For Fedora (19), the answer to that question is a yes. While attempting several test installations, Anaconda, the Fedora system installer, managed to crash on three separate occasions. Even at that stage, an automatic bug reporting tool was launched. This image shows one of the generated bug reports.
Two options for reporting/saving the bug report were presented – one to the Red Hat Bugzilla website, the other to another local or remote server.
Since I did not have a Red Hat Bugzilla account, I chose to upload the report via scp (secure copy client of OpenSSH server) to another computer on my network, where it currently sits as a compressed tar file. The automatic bug reporting tool, abrt, works just as well on a running system. Ubuntu Desktop also has a bug reporting tool, though I don’t think it works during the installation process. Linux Mint, a popular distribution based on Ubuntu Desktop, does not even have a bug reporting application installed.
3. Firewalld Rich Language: Firewalld is the new (starting with Fedora 18) firewall application for Fedora. It is made up of a daemon that goes by the same name, a graphical interface called firewall-config, and an applet called firewall-applet. Before this latest release, it had the same shortcoming as the previous firewall application – creating granular or complex firewall rules was not for newbies. With the introduction of Firewalld Rich Language, that process is a little bit less intimidating. It is an attempt to make creating granular firewall rules as user-friendly as OpenBSD’s pf (Packet Filter), which is about the best there is.
So now you can write firewall rules of this sort:
firewall-cmd --add-rich-rule='rule family="ipv4" source address="192.168.1.11" accept'. Before Firewalld Rich Language, rules like that could only be created using an IPTables syntax that could easily scare non-techies. By the time Fedora 20 is released, it should be possible to create such rules from a graphical interface, likely incorporated into firewall-config. This image shows the entries in the context menu of firewall-applet.
Firewalld and its graphical interface are installed by default in Fedora 19, but the applet is not. While I was able to install it (the applet) on test installations of both the main edition and the KDE Spin, it failed to launch on the main edition, from the menu or the command-line, without a feedback error message, and no clues in /var/log/messages or /var/log/firewalld. I had no problem starting it on the KDE Spin. I have to assume that the reason firewall-applet is not installed by default is because it has an unresolved bug.
Aside from being able to create rich-language or granular or complex rules from firewall-config, another feature I’ll love to see added to its main window is a statistics tab.
Firewalld introduced the concept of network zones, which define trust levels for network connections and interfaces. Several network zones are pre-configured out of the box. In the KDE Spin, you can change the firewall zone for an interface from the NetworkManager setting. That is not possible from the NetworkManager window of the GNOME Shell. In the Cinnamon Desktop Environment, it is also possible to assign a firewall zone to an interface from its network settings window. However, that is not possible when you install the Cinnamon desktop on an existing installation of Fedora 19 GNOME, because the network settings manager is the same as that of the GNOME Shell.
Firewalld has been ported to Ubuntu, though Ufw, the Uncomplicated FireWall, is still the default firewall application on that distribution. Like on the main edition of Fedora 19, I was able to install firewall-applet on Ubuntu 13.04, but it failed to start, though it worked just fine in Linux Mint 15 Cinnamon and Linux Deepin 12.12, two distributions based on Ubuntu. (See How to replace Ufw with Firewalld in Linux Mint 15 and How to customize Linux Deepin 12.12.)
Firewalld is the type of application that exposes and makes it easy to use the powerful features of Linux to all users. We need more applications like it.
4. SELinux: SELinux is one of three mandatory access control or application-level firewall tools available in Linux. The others are Tomoyo and AppArmor. On the desktop and even on server installations, SELinux used to be a royal pain, so much so that the most commonly recommended method of dealing with it, was disabling it. Starting from Fedora 18, it has become less of a headache to use. I’ve been using an installation of Fedora 18 KDE exclusively since it was released, and I’ve not had any problems with SELinux.
With the SELinux Policy Generation Tool, generating a policy for an application of user is a point and click affair, provided you understand the SELinux concept.
Like Firewalld, SELinux has a graphical management interface, so dropping to the command-line to use its dozen or more command-line clients should not be necessary. The main interface of the SELinux Administration tool is shown below. Even with a graphical management interface of this sort, you need to have a fundamental understanding of how SELinux works before you start messing with it. Visit the official SELinux project here for documentation and usage guides.
With its many modules, SELinux, even from the graphical interface, can be too much of a good thing for those new to Linux. But if you are willing to spend some time learning how it works, it can be an invaluable tool for boosting the overall security posture of your Fedora (19) installation.