![[Valid RSS]](images/valid-rss-rogers.png "Valid RSS")
This is a valid RSS feed.
This feed is valid, but interoperability with the widest range of feed readers could be improved by implementing the following recommendations.
line 22, column 0: (11 occurrences) [help]
<site xmlns="com-wordpress:feed-additions:1">58617187</site> <item>
line 57, column 0: (16 occurrences) [help]
line 57, column 0: (16 occurrences) [help]
line 660, column 0: (4 occurrences) [help]
line 1111, column 0: (13 occurrences) [help]
<?xml version="1.0" encoding="UTF-8"?><rss version="2.0" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:wfw="http://wellformedweb.org/CommentAPI/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:sy="http://purl.org/rss/1.0/modules/syndication/" xmlns:slash="http://purl.org/rss/1.0/modules/slash/" > <channel> <title>Fedora Magazine</title> <atom:link href="https://fedoramagazine.org/feed/" rel="self" type="application/rss+xml" /> <link>https://fedoramagazine.org/</link> <description>Guides, information, and news about the Fedora operating system for users, developers, system administrators, and community members.</description> <lastBuildDate>Tue, 23 Sep 2025 17:23:57 +0000</lastBuildDate> <language>en-US</language> <sy:updatePeriod> hourly </sy:updatePeriod> <sy:updateFrequency> 1 </sy:updateFrequency> <generator>https://wordpress.org/?v=6.8.2</generator><site xmlns="com-wordpress:feed-additions:1">58617187</site> <item> <title>From Zero to Web Server: Building with Image mode for Fedora Linux & Caddy</title> <link>https://fedoramagazine.org/from-zero-to-web-server-building-with-image-mode-for-fedora-linux-caddy/</link> <comments>https://fedoramagazine.org/from-zero-to-web-server-building-with-image-mode-for-fedora-linux-caddy/#respond</comments> <dc:creator><![CDATA[Clément Verna]]></dc:creator> <pubDate>Wed, 24 Sep 2025 08:00:00 +0000</pubDate> <category><![CDATA[Fedora Project community]]></category> <guid isPermaLink="false">https://fedoramagazine.org/?p=42570</guid> <description><![CDATA[Image mode for Fedora Linux leverages bootable containers. This technology enables OCI containers to serve as a transport and delivery mechanism for operating system content. This article will guide you through how to use that technology to quickly create a Web Server using Caddy Introduction Bootable containers leverage existing OCI container tools (like Podman and […]]]></description> <content:encoded><![CDATA[<p>Image mode for Fedora Linux leverages <a href="https://containers.github.io/bootable/" target="_blank" rel="noreferrer noopener">bootable containers</a>. This technology enables<a href="https://containers.github.io/bootable/" target="_blank" rel="noreferrer noopener"> OCI containers to serve as a transport and delivery mechanism for operating system content</a>. This article will guide you through how to use that technology to quickly create a Web Server using <a href="http://caddyserver.com" target="_blank" rel="noreferrer noopener">Caddy</a></p> <span id="more-42570"></span> <h2 class="wp-block-heading has-large-font-size">Introduction</h2> <p>Bootable containers leverage existing OCI container tools (like Podman and Docker) and transport protocols for operating system management. This streamlines the configuration and distribution of operating systems through Containerfiles and container registries. The <a href="https://github.com/ublue-os" target="_blank" rel="noreferrer noopener">Universal Blue (ublue) community</a> has embraced this technology, offering diverse operating systems. They also provide a <a href="https://github.com/ublue-os/image-template" target="_blank" rel="noreferrer noopener">project template</a> to simplify the creation of custom operating systems.</p> <h2 class="wp-block-heading has-large-font-size">Using the image-template repository</h2> <p>We will begin by using the image-template GitHub repository to create our own repository. For this guide I have named it <em>fedora-web-server.</em><br /></p> <figure class="wp-block-image size-large"><a href="https://fedoramagazine.org/wp-content/uploads/2025/09/image.png"><img fetchpriority="high" decoding="async" width="1024" height="115" src="https://fedoramagazine.org/wp-content/uploads/2025/09/image-1024x115.png" alt="" class="wp-image-42571" srcset="https://fedoramagazine.org/wp-content/uploads/2025/09/image-1024x115.png 1024w, https://fedoramagazine.org/wp-content/uploads/2025/09/image-300x34.png 300w, https://fedoramagazine.org/wp-content/uploads/2025/09/image-768x86.png 768w, https://fedoramagazine.org/wp-content/uploads/2025/09/image-1536x172.png 1536w, https://fedoramagazine.org/wp-content/uploads/2025/09/image-816x91.png 816w, https://fedoramagazine.org/wp-content/uploads/2025/09/image.png 1600w" sizes="(max-width: 1024px) 100vw, 1024px" /></a></figure> <p>If you don’t have a GitHub account, you can simply clone the repository to your local machine and rename it to reflect your project’s name.</p> <pre class="wp-block-preformatted">$ git clone git@github.com:<username>/fedora-web-server.git<br />$ cd fedora-web-server</pre> <h2 class="wp-block-heading has-large-font-size">Using Fedora Bootc 42 as base image</h2> <p>Image-template simplifies custom OS creation by providing a pre-built structure and essential files. To begin building our web server, we need to choose a base image. While image-template defaults to the ublue Bazzite image, we’ll switch to <em>quay.io/fedora/fedora-bootc:42</em>. Make this change by editing the Containerfile (see immediately below) and replacing the default <em>Base Image</em>.</p> <pre class="wp-block-preformatted"># Allow build scripts to be referenced without being copied into the final image<br />FROM scratch AS ctx<br />COPY build_files /<br /><br /># Base Image<br />FROM quay.io/fedora/fedora-bootc:42<br /><br />RUN --mount=type=bind,from=ctx,source=/,target=/ctx \<br /> --mount=type=cache,dst=/var/cache \<br /> --mount=type=cache,dst=/var/log \<br /> --mount=type=tmpfs,dst=/tmp \<br /> /ctx/build.sh<br /> <br />### LINTING<br />## Verify final image and contents are correct.<br />RUN bootc container lint</pre> <p><em>fedora-bootc</em> is a minimal image designed for customized installations. For this project, I’ll install <em>cloud-init</em> to facilitate deployment and testing both in the cloud and locally. I’ll modify the <em>build_files/build.sh</em> script, which is executed from within the <em>Containerfile</em>, to incorporate <em>cloud-init</em> into our customized OS.</p> <p>The <em>build.sh </em>file will appear as follow:</p> <pre class="wp-block-preformatted">#!/bin/bash<br /><br />set -ouex pipefail<br /><br />### Install packages<br />dnf5 install -y --setopt=install_weak_deps=0 cloud-init<br /></pre> <p>Since I want to keep my OS minimal I am not installing weak dependencies.</p> <h2 class="wp-block-heading has-large-font-size">Installing Caddy</h2> <p>Caddy is an open-source, modern web server known for its simplicity, security, and automatic configuration—it “just works.” For our Fedora Bootc server, we’ll run Caddy using its container image, <em>docker.io/caddy</em>. We’ll leverage quadlet for seamless integration with systemd, allowing our Caddy container to operate like any other systemd service. Create the following file:</p> <pre class="wp-block-preformatted">$ cd build_files$ touch caddy.container</pre> <p>and enter the following text into <em>caddy.contatiner</em> :</p> <pre class="wp-block-preformatted">[Unit]Description=Caddy Web ServerAfter=network-online.target [Container]Image=docker.io/caddy:2-alpinePublishPort=80:80PublishPort=443:443Memory=512mVolume=/var/caddy-data/:/data:ZVolume=/var/caddy-config/:/config:ZVolume=/var/log/caddy/:/var/log/caddy:ZVolume=/etc/caddy:/etc/caddy:ZVolume=/var/www/:/var/www:Z [Service]Restart=always [Install]# Start by default on bootWantedBy=multi-user.target</pre> <p>For those familiar with systemd services, the syntax and directives will be recognizable. The [Container] section declares the image to be used, the ports to be published, and the volumes to be shared between the host and the container.<br /><br />We can now modify the <em>build.sh</em> to copy that file in our custom OS, as shown here:</p> <pre class="wp-block-preformatted">#!/bin/bash set -ouex pipefail ### Install packagesdnf5 install -y --setopt=install_weak_deps=0 cloud-init # Copy caddy.container to /etc/containers/systemd/caddy.containercp /ctx/caddy.container /etc/containers/systemd/caddy.container</pre> <h2 class="wp-block-heading has-large-font-size">Configuring Caddy</h2> <p>The final step to create a working Caddy server is to add the configuration file. Let’s create a Caddyfile: </p> <pre class="wp-block-preformatted">$ touch Caddyfile</pre> <p>and enter the text shown below: </p> <pre class="wp-block-preformatted"># Caddy configuration with automatic Let's Encrypt certificates<br /># Replace 'your-domain.com' with your actual domain name<br /><br /># For automatic HTTPS with Let's Encrypt, use your domain name instead of :80<br /># your-domain.com {<br /># root * /var/www<br /># file_server<br /># log {<br /># output file /var/log/caddy/access.log<br /># }<br /># }<br /><br /># For local development (HTTP only)<br />:80 {<br /> root * /var/www<br /> file_server<br /> log {<br /> output file /var/log/caddy/access.log<br /> }<br />}</pre> <p>We can now copy that file in our OS, by editing <em>build.sh</em></p> <pre class="wp-block-preformatted">#!/bin/bash set -ouex pipefail ### Install packagesdnf5 install -y --setopt=install_weak_deps=0 cloud-init # Copy caddy.container to /etc/containers/systemd/caddy.containercp /ctx/caddy.container /etc/containers/systemd/caddy.container # Create /etc/caddy directory and copy Caddyfilemkdir -p /etc/caddycp /ctx/Caddyfile /etc/caddy/Caddyfile</pre> <p>To complete the setup, we’ll use systemd.tmpfiles to create Caddy’s necessary internal directories. This approach is essential because /var in bootable containers is mutable through overlayfs, meaning it’s only created at runtime and isn’t part of the container build process. Systemd.tmpfiles provides a straightforward solution to this limitation. Modify your <em>build.sh</em> file as follow:</p> <pre class="wp-block-preformatted">#!/bin/bashset -ouex pipefail ### Install packagesdnf5 install -y --setopt=install_weak_deps=0 cloud-init # Copy caddy.container to /etc/containers/systemd/caddy.containercp /ctx/caddy.container /etc/containers/systemd/caddy.container # Create /etc/caddy directory and copy Caddyfilemkdir -p /etc/caddycp /ctx/Caddyfile /etc/caddy/Caddyfile # Create tmpfiles.d configuration to set up /var directories at runtimecat > /usr/lib/tmpfiles.d/caddy.conf << 'EOF'# Create Caddy directories at runtimed /var/log/caddy 0755 root root -d /var/caddy-data 0755 root root -d /var/caddy-config 0755 root root -EOF</pre> <p>That’s it. We now have a <em>Containerfile</em> using fedora-bootc:42 as base image, a build script installing cloud-init and installing Caddy via quadlet and copying the Caddy configuration as well as setting up Caddy’s internal directories.</p> <p>We can now build our custom operating system. The process involved a <em>Containerfile</em> based on fedora-bootc:42, a build script that installed cloud-init and Caddy (configured via quadlet), and the necessary Caddy configuration and directory setup.<br />If you want your Caddy web server to serve a custom html page, you can copy the following files <a href="https://github.com/cverna/fedora-web-server/tree/main/build_files/web" target="_blank" rel="noreferrer noopener">https://github.com/cverna/fedora-web-server/tree/main/build_files/web</a> and edit the build.sh script as follows:</p> <pre class="wp-block-preformatted">#!/bin/bash set -ouex pipefail ### Install packagesdnf5 install -y --setopt=install_weak_deps=0 cloud-init # Copy caddy.container to /etc/containers/systemd/caddy.containercp /ctx/caddy.container /etc/containers/systemd/caddy.container # Create /etc/caddy directory and copy Caddyfilemkdir -p /etc/caddycp /ctx/Caddyfile /etc/caddy/Caddyfile # Copy web content to /usr/share for the base imagemkdir -p /usr/share/caddy/webcp -r /ctx/web/* /usr/share/caddy/web/ # Create tmpfiles.d configuration to set up /var directories at runtimecat > /usr/lib/tmpfiles.d/caddy.conf << 'EOF'# Create Caddy directories at runtimed /var/log/caddy 0755 root root -d /var/caddy-data 0755 root root -d /var/caddy-config 0755 root root - # Copy web content from /usr/share to /var at runtimed /var/www 0755 root root -C /var/www/index.html 0644 root root - /usr/share/caddy/web/index.htmlC /var/www/fedora-logo.png 0644 root root - /usr/share/caddy/web/fedora-logo.pngC /var/www/caddy-logo.svg 0644 root root - /usr/share/caddy/web/caddy-logo.svgEOF</pre> <h2 class="wp-block-heading has-large-font-size">Building the bootable container</h2> <p>The image-template repositories equip you with the necessary tools for local image construction. Let’s begin by verifying that all dependencies are in place.</p> <pre class="wp-block-preformatted">$ sudo dnf install just git jq podman</pre> <p>Then we can run <em>just</em> to build the container. The following shows the just command and subsequent output:</p> <pre class="wp-block-preformatted">$ just build fedora-web-server latest[1/2] STEP 1/2: FROM scratch AS ctx[1/2] STEP 2/2: COPY build_files /--> Using cache 94ec17d1689b09a362814ab08530966be4aced972050fedcd582b65f174af3a3--> 94ec17d1689b[2/2] STEP 1/3: FROM quay.io/fedora/fedora-bootc:42[2/2] STEP 2/3: RUN --mount=type=bind,from=ctx,source=/,target=/ctx --mount=type=cache,dst=/var/cache --mount=type=cache,dst=/var/log --mount=type=tmpfs,dst=/tmp /ctx/build.sh && ostree container commit--> Using cache 8cac20d690bda884b91ae2a555c4239a71f162fbd4ff36a1e2ed5f35f5dfb05a--> 8cac20d690bd[2/2] STEP 3/3: RUN bootc container lint--> Using cache 5cb978e3db5a2bcd437018a6e97e1029d694180002f5fa098aaf540952941dd4[2/2] COMMIT fedora-web-server:latest--> 5cb978e3db5aSuccessfully tagged localhost/fedora-web-server:latest</pre> <p><a href="https://github.com/casey/just" target="_blank" rel="noreferrer noopener">Just</a> is a useful tool for running project-specific commands, similar to Makefiles, and uses a ‘justfile’. As the image functions like any other container image, we can inspect it using Podman.</p> <pre class="wp-block-preformatted">$ podman imagesREPOSITORY TAG IMAGE ID CREATED SIZElocalhost/fedora-web-server latest 5cb978e3db5a 4 hours ago 1.95 GBquay.io/fedora/fedora-bootc 42 586b146c456e 2 days ago 1.88 GB</pre> <h2 class="wp-block-heading has-large-font-size">Building a Disk Image</h2> <p>The disk image for our server is built using <em>just</em> as follows:</p> <pre class="wp-block-preformatted">$ just build-vm localhost/fedora-web-server latest</pre> <p>This will use the <a href="https://github.com/osbuild/bootc-image-builder" target="_blank" rel="noreferrer noopener">bootc-image-builder</a> project to build a disk image of our bootable container. Once the command has finished, we have a qcow2 image in the output directory</p> <pre class="wp-block-preformatted">$ ls output/qcow2 disk.qcow2</pre> <p>We can now use that qcow2 image to start a Virtual Machine and run our webserver.</p> <h2 class="wp-block-heading has-large-font-size">Running the Web Server</h2> <p>To run the server we can use any virtualization software. In this case I am using virt-install:</p> <pre class="wp-block-preformatted">$ sudo dnf install virt-install libvirt$ virt-install --cloud-init root-ssh-key=/path/to/ssh/public.key --connect qemu:///system --import --name fedora-web-server --memory 2048 --disk output/qcow2/disk.qcow2 --os-variant fedora41Starting install...Creating domain......Fedora Linux 42 (Adams)Kernel 6.16.5-200.fc42.x86_64 on x86_64 (ttyS0) enp1s0: 192.168.100.199fedora login:</pre> <p>Once the virtual machine is up and running, you can use ssh to login as root, using the local IP address of the virtual machine.</p> <pre class="wp-block-preformatted">$ ssh root@192.168.100.199$ bootc status ● Booted image: localhost/fedora-web-server:latest Digest: sha256:a813a8da85f48d8e6609289dde87e1d45ff70a713d1a9ec3e4e667d01cb470f2 (amd64) Version: 42.20250911.0 (2025-09-12T07:36:05Z) </pre> <p>Currently, the server’s update capability is limited because the images point to the localhost/fedora-web-server:latest container image. This can be resolved by building and pushing these container images to a container registry such as <a href="http://quay.io" target="_blank" rel="noreferrer noopener">quay.io</a> or<a href="http://ghcr.io" target="_blank" rel="noreferrer noopener"> ghcr.io</a>. Detailed instructions for these steps are available in the README file of the<a href="https://github.com/ublue-os/image-template?tab=readme-ov-file#step-2-initial-setup" target="_blank" rel="noreferrer noopener"> ublue-os/image-template repository</a>.</p> <p>To verify that the web server is running successfully, access that same ip address from your web browser and you should get the following web page.</p> <figure class="wp-block-image size-large"><a href="https://fedoramagazine.org/wp-content/uploads/2025/09/image-1.png"><img decoding="async" width="1024" height="698" src="https://fedoramagazine.org/wp-content/uploads/2025/09/image-1-1024x698.png" alt="" class="wp-image-42572" srcset="https://fedoramagazine.org/wp-content/uploads/2025/09/image-1-1024x698.png 1024w, https://fedoramagazine.org/wp-content/uploads/2025/09/image-1-300x204.png 300w, https://fedoramagazine.org/wp-content/uploads/2025/09/image-1-768x523.png 768w, https://fedoramagazine.org/wp-content/uploads/2025/09/image-1-816x556.png 816w, https://fedoramagazine.org/wp-content/uploads/2025/09/image-1.png 1476w" sizes="(max-width: 1024px) 100vw, 1024px" /></a></figure> <h2 class="wp-block-heading">Summary</h2> <p>This guide demonstrates the power of image mode for Fedora Linux using bootc and Caddy to build a lightweight, custom web server. By leveraging container technologies for OS delivery and Caddy for simplified web serving, users can efficiently deploy and manage web applications, setting a strong foundation for future customization. Make sure to check the library of <a href="https://gitlab.com/fedora/bootc/examples/" target="_blank" rel="noreferrer noopener">examples</a> to get ideas on how to use bootc.</p> <p></p>]]></content:encoded> <wfw:commentRss>https://fedoramagazine.org/from-zero-to-web-server-building-with-image-mode-for-fedora-linux-caddy/feed/</wfw:commentRss> <slash:comments>0</slash:comments> <post-id xmlns="com-wordpress:feed-additions:1">42570</post-id><enclosure url="https://fedoramagazine.org/wp-content/uploads/2025/09/Image_mode_n_Caddy-300x127.jpg" length="21621" type="image/jpg" /> </item> <item> <title>How to rebase to Fedora Silverblue 43 Beta</title> <link>https://fedoramagazine.org/how-to-rebase-to-fedora-silverblue-43-beta/</link> <comments>https://fedoramagazine.org/how-to-rebase-to-fedora-silverblue-43-beta/#comments</comments> <dc:creator><![CDATA[Michal Konečný]]></dc:creator> <pubDate>Mon, 22 Sep 2025 08:00:00 +0000</pubDate> <category><![CDATA[Fedora Project community]]></category> <guid isPermaLink="false">https://fedoramagazine.org/?p=42605</guid> <description><![CDATA[Silverblue is an operating system for your desktop built on Fedora Linux. It’s excellent for daily use, development, and container-based workflows. It offers numerous advantages such as being able to roll back in case of any problems. This article provides the steps to rebase to the newly released Fedora Linux 43 Beta, and how to revert if anything unforeseen […]]]></description> <content:encoded><![CDATA[<p><a href="https://docs.fedoraproject.org/en-US/fedora-silverblue/" target="_blank" rel="noreferrer noopener">Silverblue</a> is an operating system for your desktop built on Fedora Linux. It’s excellent for daily use, development, and container-based workflows. It offers <a href="https://fedoramagazine.org/give-fedora-silverblue-a-test-drive/" target="_blank" rel="noreferrer noopener">numerous advantages</a> such as being able to roll back in case of any problems. This article provides the steps to rebase to the newly released Fedora Linux 43 Beta, and how to revert if anything unforeseen happens.</p> <span id="more-42605"></span> <p>NOTE: Before attempting an upgrade to the Fedora Linux 43 Beta, apply any pending upgrades.</p> <h2 class="wp-block-heading">Updating using the terminal</h2> <p>Because Fedora LInux 43 Beta is not available in GNOME Software, the whole process must be done through a terminal.</p> <p>First, check if the 43 branch is available, which should be true now:</p> <pre class="wp-block-preformatted">$ ostree remote refs fedora</pre> <p>You should see the following line in the output:</p> <pre class="wp-block-preformatted">fedora:fedora/43/x86_64/silverblue</pre> <p>If you want to pin the current deployment (this deployment will stay as an option in GRUB until you remove it), you can do it by running:</p> <pre class="wp-block-preformatted"># 0 is entry position in rpm-ostree status<br />$ sudo ostree admin pin 0</pre> <p>To remove the pinned deployment use following command ( “2” corresponds to the entry position in the output from <kbd>rpm-ostree status</kbd> ):</p> <pre class="wp-block-preformatted">$ sudo ostree admin pin --unpin 2</pre> <p>Next, rebase your system to the Fedora 43 branch.</p> <pre class="wp-block-preformatted">$ rpm-ostree rebase fedora:fedora/43/x86_64/silverblue</pre> <p>Finally, the last thing to do is restart your computer and boot to Fedora Silverblue 43 Beta.</p> <h2 class="wp-block-heading">How to revert</h2> <p>If anything bad happens — for instance, if you can’t boot to Fedora Silverblue 43 Beta at all — it’s easy to go back. Pick the previous entry in the GRUB boot menu (you need to press ESC during boot sequence to see the GRUB menu in newer versions of Fedora Silverblue), and your system will start in its previous state. To make this change permanent, use the following command:</p> <pre class="wp-block-preformatted">$ rpm-ostree rollback</pre> <p>That’s it. Now you know how to rebase to Fedora Silverblue 43 Beta and fall back. So why not do it today?</p> <h2 class="wp-block-heading">Known issues</h2> <ul class="wp-block-list"><li><a href="https://discussion.fedoraproject.org/t/pam-lastlog-change-crashing-gdm/164467" target="_blank" rel="noreferrer noopener">PAM Lastlog change crashing gdm</a></li></ul> <h2 class="wp-block-heading">FAQ</h2> <p>Because there are similar questions in comments for each blog about rebasing to newer version of Silverblue I will try to answer them in this section.</p> <p><strong>Question: Can I skip versions during rebase of Fedora Linux? For example from Fedora Silverblue 41 to Fedora Silverblue 43?</strong></p> <p>Answer: Although it could be sometimes possible to skip versions during rebase, it is not recommended. You should always update to one version above (41->42 for example) to avoid unnecessary errors.</p> <p><strong>Question: I have <a href="https://rpmfusion.org/" target="_blank" rel="noreferrer noopener">rpm-fusion</a> layered and I got errors during rebase. How should I do the rebase?</strong></p> <p>Answer: If you have <a href="https://rpmfusion.org/" target="_blank" rel="noreferrer noopener">rpm-fusion</a> layered on your Silverblue installation, you should do the following before rebase:</p> <pre class="wp-block-preformatted">rpm-ostree update --uninstall rpmfusion-free-release --uninstall rpmfusion-nonfree-release --install rpmfusion-free-release --install rpmfusion-nonfree-release</pre> <p>After doing this you can follow the guide in this article.</p> <p><strong>Question: Could this guide be used for other ostree editions (Fedora Atomic Desktops) as well like Kinoite, Sericea (Sway Atomic), Onyx (Budgie Atomic),…?</strong></p> <p>Yes, you can follow the <em>Updating using the terminal</em> part of this guide for every ostree edition of Fedora. Just use the corresponding branch. For example for Kinoite use <kbd>fedora:fedora/43/x86_64/kinoite</kbd></p> <p></p>]]></content:encoded> <wfw:commentRss>https://fedoramagazine.org/how-to-rebase-to-fedora-silverblue-43-beta/feed/</wfw:commentRss> <slash:comments>9</slash:comments> <post-id xmlns="com-wordpress:feed-additions:1">42605</post-id><enclosure url="https://fedoramagazine.org/wp-content/uploads/2025/09/silverblue-F43-Beta-rebase-300x127.jpg" length="8501" type="image/jpg" /> </item> <item> <title>Integrating a uTrust FIDO2 Security Key for Full Disk Encryption, Login, and Sudo Access on Fedora 42</title> <link>https://fedoramagazine.org/integrating-utrust-fido2-security-key-for-disk-encryption-login-and-sudo-access-for-fedora-42/</link> <comments>https://fedoramagazine.org/integrating-utrust-fido2-security-key-for-disk-encryption-login-and-sudo-access-for-fedora-42/#comments</comments> <dc:creator><![CDATA[Joe Murphy]]></dc:creator> <pubDate>Fri, 19 Sep 2025 08:00:00 +0000</pubDate> <category><![CDATA[Fedora Project community]]></category> <guid isPermaLink="false">https://fedoramagazine.org/?p=42404</guid> <description><![CDATA[This guide provides a step-by-step walk-through for integrating a uTrust FIDO2 security key (Identiv uTrust) with Fedora 42 to secure: Audience for this article The guide is intended for instructional cybersecurity labs and intermediate Fedora users. It prioritizes PIN + Touch verification for strong security. NOTE: Since misconfiguration can result in system lockout, readers should […]]]></description> <content:encoded><![CDATA[<p>This guide provides a step-by-step walk-through for integrating a uTrust FIDO2 security key (Identiv uTrust) with Fedora 42 to secure:</p> <ul class="wp-block-list"><li>LUKS2 full disk encryption (FDE)</li> <li>Graphical login (LightDM + Cinnamon)</li> <li>Sudo elevation</li></ul> <span id="more-42404"></span> <h2 class="wp-block-heading">Audience for this article</h2> <p>The guide is intended for instructional cybersecurity labs and intermediate Fedora users. It prioritizes <strong>PIN + Touch</strong> verification for strong security. </p> <p>NOTE: Since misconfiguration can result in system lockout, readers should work only on non-production systems, maintain a fallback password, and back up all critical data before making changes.</p> <h2 class="wp-block-heading">Background</h2> <p>The following technology is used in this walk-through:</p> <p><strong>FIDO2</strong> (Fast Identity Online 2) is a standard for passwordless or multi-factor authentication using hardware tokens. It relies on public key cryptography and supports PIN or biometric verification. In this setup, FIDO2 provides secure, hardware-backed authentication using a PIN and a required physical touch on the key.</p> <p><strong>LUKS2</strong> (Linux Unified Key Setup 2) is the full-disk encryption format used in modern Linux systems.</p> <p><strong>PAM</strong> (Pluggable Authentication Modules) and <strong>Polkit </strong>(PolicyKit) control authentication for logins and privilege escalation across both GUI and CLI actions.</p> <p>This guide combines these technologies to deliver end-to-end security — from full-disk decryption at boot, to graphical login, to administrative elevation with sudo.</p> <h2 class="wp-block-heading">System Overview</h2> <p>The following hardware/software is used in this implementation:</p> <p><strong>Hardware and Software:</strong></p> <ul class="wp-block-list"><li><strong>Architecture:</strong> x86_64</li> <li><strong>CPU:</strong> Intel Core i7</li> <li><strong>Kernel:</strong> 6.14.9-300.fc42.x86_64</li> <li><strong>Fedora Version:</strong> Fedora 42 (Adams)</li> <li><strong>Desktop Environment:</strong> Cinnamon with LightDM</li></ul> <p><strong>FIDO2 Key:</strong> Identiv uTrust FIDO2</p> <ul class="wp-block-list"><li>Vendor/Product: <div class="codecolorer-container text default" style="overflow:auto;white-space:nowrap;border:1px solid #9F9F9F;width:435px;"><div class="text codecolorer" style="padding:5px;font:normal 12px/1.4em Monaco, Lucida Console, monospace;white-space:nowrap;">0x04e6:0x5a11</div></div> </li> <li>Protocol: CTAP2 / FIDO_2_0</li> <li>PIN: Required</li> <li>User Presence: Touch required</li> <li>User Verification: PIN only (no biometrics)</li> <li>Device Path: <div class="codecolorer-container text default" style="overflow:auto;white-space:nowrap;border:1px solid #9F9F9F;width:435px;"><div class="text codecolorer" style="padding:5px;font:normal 12px/1.4em Monaco, Lucida Console, monospace;white-space:nowrap;">/dev/hidraw0</div></div> </li></ul> <p><strong>Disk Setup</strong></p> <ul class="wp-block-list"><li>Btrfs on LUKS2 FDE ( <div class="codecolorer-container text default" style="overflow:auto;white-space:nowrap;border:1px solid #9F9F9F;width:435px;"><div class="text codecolorer" style="padding:5px;font:normal 12px/1.4em Monaco, Lucida Console, monospace;white-space:nowrap;">/dev/sda3</div></div> )</li> <li>LUKS UUID: <div class="codecolorer-container text default" style="overflow:auto;white-space:nowrap;border:1px solid #9F9F9F;width:435px;"><div class="text codecolorer" style="padding:5px;font:normal 12px/1.4em Monaco, Lucida Console, monospace;white-space:nowrap;">8b2f0322-f508-4bed-8b1e-8f05cc784d60</div></div> <em>(this will differ on each machine)</em></li> <li>Keyslots:</li> <li>0: Passphrase (argon2id)</li> <li>1: FIDO2 credential <em>(note: in testing, only one FIDO2 key could be used at a time)</em></li></ul> <hr class="wp-block-separator has-alpha-channel-opacity"/> <h2 class="wp-block-heading">Process Flow Overview</h2> <p>The following phases occur during implementation:</p> <ol start="1" class="wp-block-list"><li><strong>System preparation</strong> — Install Fedora 42 with LUKS2 full-disk encryption and update packages.</li> <li><strong>Package installation</strong> — Add the development, PAM, and FIDO2 tools required for integration.</li> <li><strong>FIDO2 key enrollment</strong> — Register the key with LUKS2 for disk unlock.</li> <li><strong>PAM configuration</strong> — Enable FIDO2 authentication for login and sudo.</li> <li><strong>Polkit configuration (optional)</strong> — Extend FIDO2 support to graphical privilege prompts.</li> <li><strong>Testing and verification</strong> — Confirm PIN + Touch authentication at boot, login, and sudo elevation.</li></ol> <h2 class="wp-block-heading">Implementation Guide</h2> <h3 class="wp-block-heading">Phase 1: System Preparation</h3> <ol start="1" class="wp-block-list"><li>Create a clean install of Fedora 42 with Cinnamon + LightDM</li> <li>During installation/partitioning configure the following:<ul class="wp-block-list"><li>LUKS2 Full Disk Encryption (Btrfs or ext4)</li> <li>No separate /home</li> <li>No auto-login</li> <li>Create an admin user</li></ul></li> <li>Update the system: <br /><kbd>sudo dnf upgrade --refresh -y</kbd></li></ol> <h3 class="wp-block-heading">Phase 2: Required Package Installation</h3> <p>Install required development and security packages:</p> <p><kbd>sudo dnf install -y <br /> gcc make cmake git autoconf automake libtool <br /> pam-devel systemd-devel glibc-devel openssl-devel <br /> libfido2 libfido2-devel fido2-tools u2f-host pam-u2f <br /> pcsc-lite pcsc-lite-ccid pcsc-tools ccid opensc <br /> authselect cryptsetup pam_passwdqc fprintd-pam gnome-keyring-pam</kbd></p> <p>Enable and start the PC/SC daemon for smartcard support:</p> <p><kbd>sudo systemctl enable --now pcscd</kbd></p> <h3 class="wp-block-heading">Phase 3: FIDO2 Key Setup</h3> <ol start="1" class="wp-block-list"><li>Insert the FIDO2 key and verify it is detected: <br /><kbd>lsusb</kbd><br /><kbd>fido2-token -L</kbd><br /><kbd>fido2-token -I /dev/hidraw0</kbd><br />Expected output is:<br /><kbd>Identiv uTrust FIDO2 (0x04e6:0x5a11) with options rk, clientPin.</kbd><br /></li> <li>Troubleshooting considerations if the key isn’t recognized:<ul class="wp-block-list"><li>Ensure <kbd>/dev/hidraw0 </kbd>exists</li> <li>Run the following to load kernel modules: <br /><kbd>sudo modprobe hid </kbd><br /><kbd>sudo modprobe hid_generic</kbd></li> <li>Replug the key<br /></li></ul></li> <li>If FIDO_ERR_INTERNAL (-9) occurs: <ul class="wp-block-list"><li>Create the plugdev group:<br /><kbd>sudo groupadd plugdev</kbd><br /><kbd>sudo usermod -aG plugdev $USER </kbd></li> <li>Apply a udev rule: <br /><kbd>echo 'KERNEL=="hidraw*", ATTRS{idVendor}=="04e6", ATTRS{idProduct}=="5a11", TAG+="uaccess", GROUP="plugdev"' | sudo tee /etc/udev/rules.d/70-u2f.rules sudo udevadm control --reload-rules && sudo udevadm trigger </kbd></li> <li>Reboot: <br /><kbd>sudo reboot</kbd><br /></li></ul></li> <li>Enroll the FIDO key for LUKS2: <br /><kbd>sudo systemd-cryptenroll --fido2-device=/dev/hidraw0 --fido2-with-client-pin=yes /dev/sda3 </kbd><br /></li> <li>Validate enrollment:<br /><kbd>sudo cryptsetup luksDump /dev/sda3</kbd><br /></li> <li>Update <kbd>/etc/crypttab</kbd>:<br /><kbd>sudo nano /etc/crypttab</kbd><br />Add or modify:<br /><kbd>luks-... UUID UUID=... none fido2-device=auto fido2-with-client-pin=yes discard</kbd></li></ol> <h3 class="wp-block-heading">Phase 4: PAM Configuration</h3> <ol start="1" class="wp-block-list"><li>Fedora’s pam-u2f package lacks pamu2fcfg. Build pamu2fcfg from source: <ul class="wp-block-list"><li>git clone https://github.com/Yubico/pam-u2f</li> <li>cd pam-u2f</li> <li>mkdir build && cd build</li> <li>cmake -DBUILD_MANPAGES=OFF ..</li> <li>make</li> <li>sudo cp ./pamu2fcfg/pamu2fcfg /usr/local/bin/</li> <li>sudo chmod +x /usr/local/bin/pamu2fcfg<br /><br /></li></ul></li> <li>Generate U2F mapping: <br /><kbd>pamu2fcfg -n -u $(whoami) -o pam://fedora | sudo tee /etc/u2f_mappings</kbd><br />Verify output includes +presence+pin (e.g., <kbd>yourusername:3aaOH5…Base64…,M9hAf2…==,es256,+presence+pin)</kbd><br /></li> <li>Set permissions:<br /><kbd>sudo chmod 600 /etc/u2f_mappings <br />sudo chown root:root /etc/u2f_mappings</kbd><br /></li> <li>Backup PAM files: <br /><kbd>mkdir -p ~/fido2-audit/pam </kbd><br /><kbd>sudo cp /etc/pam.d/{sudo,lightdm,cinnamon-screensaver,system-auth,password-auth,polkit-1} ~/fido2-audit/pam/ </kbd><br /></li> <li>Update PAM files to include FIDO2 authentication. On this system, the working configuration is:<ul class="wp-block-list"><li>/etc/pam.d/sudo<ul class="wp-block-list"><li>auth sufficient pam_u2f.so authfile=/etc/u2f_mappings cue pinverification=always origin=pam://fedora appid=pam://fedora</li> <li>auth required pam_unix.so</li> <li>account include system-auth</li> <li>password include system-auth</li> <li>session optional pam_keyinit.so revoke</li> <li>session required pam_limits.so</li> <li>session include system-auth</li></ul></li> <li>/etc/pam.d/lightdm<ul class="wp-block-list"><li>auth sufficient pam_u2f.so authfile=/etc/u2f_mappings cue pinverification=always origin=pam://fedora appid=pam://fedora</li> <li>auth [success=done ignore=ignore default=bad] pam_selinux_permit.so</li> <li>auth required pam_env.so</li> <li>auth substack system-auth</li> <li>auth include postlogin</li> <li>account required pam_nologin.so</li> <li>account include system-auth</li> <li>password include system-auth</li> <li>session required pam_selinux.so close</li> <li>session required pam_loginuid.so</li> <li>session required pam_selinux.so open</li> <li>session optional pam_keyinit.so force revoke</li> <li>session required pam_namespace.so</li> <li>session include system-auth</li> <li>session optional pam_lastlog.so silent</li> <li>session include postlogin</li></ul></li> <li>/etc/pam.d/cinnamon-screensaver<ul class="wp-block-list"><li>auth sufficient pam_u2f.so authfile=/etc/u2f_mappings cue pinverification=always origin=pam://fedora appid=pam://fedora</li> <li>auth include system-auth</li> <li>account include system-auth</li> <li>password include system-auth</li> <li>session include system-auth</li></ul></li></ul></li></ol> <pre class="wp-block-preformatted"></pre> <h3 class="wp-block-heading">Phase 5: Polkit Configuration (Optional)</h3> <p>Polkit GUI prompts were <strong>not enabled</strong> on my test system (no <kbd>/etc/pam.d/polkit-1</kbd> and no running user agent). If you want FIDO2 for Polkit dialogs, ensure a compatible agent is running (for Cinnamon: <kbd>polkit-gnome-authentication-agent-1</kbd>). In testing, GUI prompts were not enabled by default and required additional configuration.”<br /></p> <p><strong>Screensaver unlock:</strong> When the screen is locked, Fedora may default to the password prompt. Click the small <strong>two-person icon</strong> to switch to the FIDO2 method. Keep a fall-back password available. In various tests some desktop prompts did not always default to FIDO2.</p> <h3 class="wp-block-heading">Phase 6: Testing</h3> <h4 class="wp-block-heading">Reboot the system</h4> <figure class="wp-block-image size-large"><a href="https://fedoramagazine.org/wp-content/uploads/2025/09/one.jpeg"><img decoding="async" width="970" height="1024" src="https://fedoramagazine.org/wp-content/uploads/2025/09/one-970x1024.jpeg" alt="" class="wp-image-42547" srcset="https://fedoramagazine.org/wp-content/uploads/2025/09/one-970x1024.jpeg 970w, https://fedoramagazine.org/wp-content/uploads/2025/09/one-284x300.jpeg 284w, https://fedoramagazine.org/wp-content/uploads/2025/09/one-768x810.jpeg 768w, https://fedoramagazine.org/wp-content/uploads/2025/09/one-1456x1536.jpeg 1456w, https://fedoramagazine.org/wp-content/uploads/2025/09/one-816x861.jpeg 816w, https://fedoramagazine.org/wp-content/uploads/2025/09/one.jpeg 1849w" sizes="(max-width: 970px) 100vw, 970px" /></a><figcaption class="wp-element-caption">Boot screen asking for LUKS2 token PIN.</figcaption></figure> <h4 class="wp-block-heading">Confirm functionality</h4> <p>The following sequence of images shows the following:</p> <ul class="wp-block-list"><li>FDE (LUKS Unlock): PIN + Touch prompt appears at boot</li> <li>GUI Login (LightDM): PIN + Touch required</li> <li>Sudo: <kbd>sudo echo test</kbd> should prompt for PIN + Touch</li> <li>Cinnamon lock screen: PIN + Touch (switch input method)</li> <li>Polkit: GUI software install or <kbd>pkexec</kbd> prompts for PIN + Touch</li></ul> <figure class="wp-block-image size-large"><a href="https://fedoramagazine.org/wp-content/uploads/2025/09/two.jpeg"><img loading="lazy" decoding="async" width="1024" height="768" src="https://fedoramagazine.org/wp-content/uploads/2025/09/two-1024x768.jpeg" alt="" class="wp-image-42546" srcset="https://fedoramagazine.org/wp-content/uploads/2025/09/two-1024x768.jpeg 1024w, https://fedoramagazine.org/wp-content/uploads/2025/09/two-300x225.jpeg 300w, https://fedoramagazine.org/wp-content/uploads/2025/09/two-768x576.jpeg 768w, https://fedoramagazine.org/wp-content/uploads/2025/09/two-1536x1152.jpeg 1536w, https://fedoramagazine.org/wp-content/uploads/2025/09/two-2048x1536.jpeg 2048w, https://fedoramagazine.org/wp-content/uploads/2025/09/two-816x612.jpeg 816w" sizes="auto, (max-width: 1024px) 100vw, 1024px" /></a><figcaption class="wp-element-caption">FDE (LUKS Unlock): PIN + Touch prompt appears at boot<br />FIDO2 key lit up, waiting for touch to complete full-disk unlock.</figcaption></figure> <figure class="wp-block-image size-large"><a href="https://fedoramagazine.org/wp-content/uploads/2025/09/three.jpeg"><img loading="lazy" decoding="async" width="1024" height="768" src="https://fedoramagazine.org/wp-content/uploads/2025/09/three-1024x768.jpeg" alt="" class="wp-image-42545" srcset="https://fedoramagazine.org/wp-content/uploads/2025/09/three-1024x768.jpeg 1024w, https://fedoramagazine.org/wp-content/uploads/2025/09/three-300x225.jpeg 300w, https://fedoramagazine.org/wp-content/uploads/2025/09/three-768x576.jpeg 768w, https://fedoramagazine.org/wp-content/uploads/2025/09/three-1536x1152.jpeg 1536w, https://fedoramagazine.org/wp-content/uploads/2025/09/three-2048x1536.jpeg 2048w, https://fedoramagazine.org/wp-content/uploads/2025/09/three-816x612.jpeg 816w" sizes="auto, (max-width: 1024px) 100vw, 1024px" /></a><figcaption class="wp-element-caption">GUI login PIN<br />Fedora LightDM login screen prompting for FIDO2 key PIN.</figcaption></figure> <figure class="wp-block-image size-large"><a href="https://fedoramagazine.org/wp-content/uploads/2025/09/four.jpeg"><img loading="lazy" decoding="async" width="1024" height="768" src="https://fedoramagazine.org/wp-content/uploads/2025/09/four-1024x768.jpeg" alt="" class="wp-image-42544" srcset="https://fedoramagazine.org/wp-content/uploads/2025/09/four-1024x768.jpeg 1024w, https://fedoramagazine.org/wp-content/uploads/2025/09/four-300x225.jpeg 300w, https://fedoramagazine.org/wp-content/uploads/2025/09/four-768x576.jpeg 768w, https://fedoramagazine.org/wp-content/uploads/2025/09/four-1536x1152.jpeg 1536w, https://fedoramagazine.org/wp-content/uploads/2025/09/four-2048x1536.jpeg 2048w, https://fedoramagazine.org/wp-content/uploads/2025/09/four-816x612.jpeg 816w" sizes="auto, (max-width: 1024px) 100vw, 1024px" /></a><figcaption class="wp-element-caption">GUI login key touch<br />Login process with FIDO2 key lit up, requiring touch to proceed.</figcaption></figure> <figure class="wp-block-image size-large"><a href="https://fedoramagazine.org/wp-content/uploads/2025/09/five.jpeg"><img loading="lazy" decoding="async" width="1024" height="768" src="https://fedoramagazine.org/wp-content/uploads/2025/09/five-1024x768.jpeg" alt="" class="wp-image-42543" srcset="https://fedoramagazine.org/wp-content/uploads/2025/09/five-1024x768.jpeg 1024w, https://fedoramagazine.org/wp-content/uploads/2025/09/five-300x225.jpeg 300w, https://fedoramagazine.org/wp-content/uploads/2025/09/five-768x576.jpeg 768w, https://fedoramagazine.org/wp-content/uploads/2025/09/five-1536x1152.jpeg 1536w, https://fedoramagazine.org/wp-content/uploads/2025/09/five-2048x1536.jpeg 2048w, https://fedoramagazine.org/wp-content/uploads/2025/09/five-816x612.jpeg 816w" sizes="auto, (max-width: 1024px) 100vw, 1024px" /></a><figcaption class="wp-element-caption">GUI login completion<br />Login screen showing successful authentication, ready to “Log In.”</figcaption></figure> <figure class="wp-block-image size-large"><a href="https://fedoramagazine.org/wp-content/uploads/2025/09/six.jpeg"><img loading="lazy" decoding="async" width="1024" height="768" src="https://fedoramagazine.org/wp-content/uploads/2025/09/six-1024x768.jpeg" alt="" class="wp-image-42542" srcset="https://fedoramagazine.org/wp-content/uploads/2025/09/six-1024x768.jpeg 1024w, https://fedoramagazine.org/wp-content/uploads/2025/09/six-300x225.jpeg 300w, https://fedoramagazine.org/wp-content/uploads/2025/09/six-768x576.jpeg 768w, https://fedoramagazine.org/wp-content/uploads/2025/09/six-1536x1152.jpeg 1536w, https://fedoramagazine.org/wp-content/uploads/2025/09/six-2048x1536.jpeg 2048w, https://fedoramagazine.org/wp-content/uploads/2025/09/six-816x612.jpeg 816w" sizes="auto, (max-width: 1024px) 100vw, 1024px" /></a><figcaption class="wp-element-caption">Sudo escalation (terminal)<br />Example of sudo test requiring PIN + touch in terminal.</figcaption></figure> <figure class="wp-block-image size-large"><a href="https://fedoramagazine.org/wp-content/uploads/2025/09/seven.jpeg"><img loading="lazy" decoding="async" width="1024" height="768" src="https://fedoramagazine.org/wp-content/uploads/2025/09/seven-1024x768.jpeg" alt="" class="wp-image-42541" srcset="https://fedoramagazine.org/wp-content/uploads/2025/09/seven-1024x768.jpeg 1024w, https://fedoramagazine.org/wp-content/uploads/2025/09/seven-300x225.jpeg 300w, https://fedoramagazine.org/wp-content/uploads/2025/09/seven-768x576.jpeg 768w, https://fedoramagazine.org/wp-content/uploads/2025/09/seven-1536x1152.jpeg 1536w, https://fedoramagazine.org/wp-content/uploads/2025/09/seven-2048x1536.jpeg 2048w, https://fedoramagazine.org/wp-content/uploads/2025/09/seven-816x612.jpeg 816w" sizes="auto, (max-width: 1024px) 100vw, 1024px" /></a><figcaption class="wp-element-caption">Locked screen where the user may need to click the person icon to switch back to FIDO2 login.</figcaption></figure> <h4 class="wp-block-heading">Confirm the fallback password login remains functional</h4> <figure class="wp-block-image size-large"><a href="https://fedoramagazine.org/wp-content/uploads/2025/09/eight.jpeg"><img loading="lazy" decoding="async" width="1024" height="768" src="https://fedoramagazine.org/wp-content/uploads/2025/09/eight-1024x768.jpeg" alt="" class="wp-image-42540" srcset="https://fedoramagazine.org/wp-content/uploads/2025/09/eight-1024x768.jpeg 1024w, https://fedoramagazine.org/wp-content/uploads/2025/09/eight-300x225.jpeg 300w, https://fedoramagazine.org/wp-content/uploads/2025/09/eight-768x576.jpeg 768w, https://fedoramagazine.org/wp-content/uploads/2025/09/eight-1536x1152.jpeg 1536w, https://fedoramagazine.org/wp-content/uploads/2025/09/eight-2048x1536.jpeg 2048w, https://fedoramagazine.org/wp-content/uploads/2025/09/eight-816x612.jpeg 816w" sizes="auto, (max-width: 1024px) 100vw, 1024px" /></a><figcaption class="wp-element-caption">Locked screen PIN entry<br />Re-login screen asking for FIDO2 key PIN to unlock session.</figcaption></figure> <h2 class="wp-block-heading">Recovery and Backup</h2> <p><strong>Backup:</strong></p> <pre class="wp-block-preformatted"><kbd>mkdir -p ~/fido2-audit/pam_restore<br />for file in sudo lightdm cinnamon-screensaver system-auth password-auth polkit-1; <br />do<br /> sudo cp ~/fido2-audit/pam/$file ~/fido2-audit/pam_restore/$file<br />done</kbd></pre> <p><strong>Restore if needed</strong> using TTY or Live USB.</p> <p><strong>Emergency Login:</strong></p> <ul class="wp-block-list"><li>Use a high-entropy admin password</li> <li>Store the password securely off-line or in encrypted container</li></ul> <h2 class="wp-block-heading">Troubleshooting</h2> <p><strong>Multiple FIDO2 Keys:</strong></p> <pre class="wp-block-preformatted">lsusbsudo usbreset /dev/bus/usb/001/003</pre> <h2 class="wp-block-heading">Warnings</h2> <ul class="wp-block-list"><li>Never test on production systems</li> <li>Back up <kbd>/etc/crypttab</kbd> and <kbd>/etc/pam.d/*</kbd></li> <li>Avoid running <kbd>dracut --force</kbd> unless ready</li></ul> <h2 class="wp-block-heading">Security Notes</h2> <p><strong>Strengths:</strong></p> <ul class="wp-block-list"><li>Hardware-backed auth</li> <li>PIN + Touch = Strong 2FA</li></ul> <p><strong>Risks:</strong></p> <ul class="wp-block-list"><li>Loss of key</li> <li>System updates may break compatibility</li></ul> <p><strong>Recommendations:</strong></p> <ul class="wp-block-list"><li>Always keep a fall-back passphrase</li> <li>Register a backup FIDO2 key</li> <li>Back up <kbd>/etc/u2f_mappings</kbd> and test after upgrades</li></ul> <h2 class="wp-block-heading">Performance Considerations</h2> <figure class="wp-block-table"><table class="has-fixed-layout"><tbody><tr><th>Component</th><th>Delay Added</th></tr><tr><td>Boot (FDE)</td><td>~5–10 seconds</td></tr><tr><td>GUI Login</td><td>~2–3 seconds</td></tr><tr><td>Sudo/Polkit</td><td>~1–2 seconds</td></tr></tbody></table></figure> <h2 class="wp-block-heading">Conclusion</h2> <p>This guide demonstrates the successful integration of a uTrust FIDO2 security key with Fedora 42 for secure authentication across <strong>LUKS2 full-disk encryption, LightDM login, </strong>and<strong> sudo elevation</strong>. The setup is stable, reproducible, and well-suited for labs or intermediate Fedora users.</p> <p>Polkit integration is optional and may vary by desktop environment. In testing, GUI prompts were not enabled by default and required additional configuration.</p> <p><br /><br /><br /><br /><br /></p>]]></content:encoded> <wfw:commentRss>https://fedoramagazine.org/integrating-utrust-fido2-security-key-for-disk-encryption-login-and-sudo-access-for-fedora-42/feed/</wfw:commentRss> <slash:comments>8</slash:comments> <post-id xmlns="com-wordpress:feed-additions:1">42404</post-id><enclosure url="https://fedoramagazine.org/wp-content/uploads/2025/07/FIDO_LUKS_sudo-300x127.jpg" length="9947" type="image/jpg" /> </item> <item> <title>Introducing complyctl for Effortless Compliance in Fedora</title> <link>https://fedoramagazine.org/effortless-flexible-scalable-and-standardized-compliance-checks-for-fedora-using-complyctl/</link> <comments>https://fedoramagazine.org/effortless-flexible-scalable-and-standardized-compliance-checks-for-fedora-using-complyctl/#comments</comments> <dc:creator><![CDATA[Marcus Burghardt]]></dc:creator> <pubDate>Wed, 17 Sep 2025 08:00:00 +0000</pubDate> <category><![CDATA[Fedora Project community]]></category> <category><![CDATA[For System Administrators]]></category> <category><![CDATA[CompliancAsCode]]></category> <category><![CDATA[complyctl]]></category> <category><![CDATA[ComplyTime]]></category> <guid isPermaLink="false">https://fedoramagazine.org/?p=42553</guid> <description><![CDATA[complyctl is a powerful command-line utility implementing the principles of “ComplianceAsCode” (CaC) with high scalability and adaptability for security compliance. In today’s rapidly evolving digital landscape, maintaining a robust security posture isn’t just a best practice – it is a necessity. For Fedora users, system administrators, and developers, ensuring that your systems meet various security […]]]></description> <content:encoded><![CDATA[<p><em>complyctl</em> is a powerful command-line utility implementing the principles of “ComplianceAsCode” (CaC) with high scalability and adaptability for security compliance.</p> <span id="more-42553"></span> <p>In today’s rapidly evolving digital landscape, maintaining a robust security posture isn’t just a best practice – it is a necessity. For Fedora users, system administrators, and developers, ensuring that your systems meet various security and regulatory requirements can often feel like a daunting, manual task. But what if you could standardize and automate much of this process, making compliance checks faster, easier to audit, and seamlessly integrated into your workflows?</p> <p>This is now a reality enabled with multiple <a href="https://github.com/complytime" target="_blank" rel="noreferrer noopener">ComplyTime</a> projects. These focus on specific tasks designed to be easily integrated. They allow a robust, flexible, and scalable combination of microservices communicating with standardized formats that ultimately allow a powerful capability to much more easily adapt to the compliance demands. This also allow faster adoption of new technologies. There are multiple exciting projects actively and quickly evolving under the umbrella of <a href="https://github.com/complytime" target="_blank" rel="noreferrer noopener">ComplyTime</a> organization. In this article I would like to highlight <a href="https://github.com/complytime/complyctl" target="_blank" rel="noreferrer noopener">complyctl</a>, the ComplyTime CLI for Fedora, and its main features that make it an excellent option to easily maintain a robust security posture in your Fedora systems.</p> <p><em>complyctl</em> is a powerful command-line utility available since Fedora 42. It’s design uses the principles of “ComplianceAsCode” (CaC) with high scalability and adaptability. It contains a technology agnostic core and is easily extended with plugins. This allows users to use the best of every available underlying technology with a simple and standardized user interface.</p> <h3 class="wp-block-heading">The Power of ComplianceAsCode with complyctl</h3> <p>At its heart, <em>complyctl</em> is a tool for performing compliance assessment activities, scaled by a flexible plugin system that allows users to perform compliance check activities with a flexible combination of the best available assessment technologies.</p> <p>The <em>complyclt</em> plugin architecture allows quick adoption and combination of different scanner technologies. The core design is technology agnostic with standardizing inputs and outputs using machine readable formats that allow high reusability and shareability of compliance artifacts. Currently it leverages the <a href="https://pages.nist.gov/OSCAL/" target="_blank" rel="noreferrer noopener">Open Security Controls Assessment Language (OSCAL)</a> and its anti-fragile architecture also allows a smooth adoption of future standards, making it a reliable and continuous modern solution for the long-term.</p> <p> This might sound technical, but the benefits are simple:</p> <ol class="wp-block-list"><li><strong>Automation and Speed:</strong> Traditional compliance audits can be slow, manual, complex and prone to human error. <em>complyctl</em> relies on standardized machine readable formats, allowing automation without technology or vendor lock-in.</li> <li><strong>Accuracy and Consistency:</strong> Machines are inherently more consistent than human reviewers. <em>complyctl’s</em> reliance on OSCAL provides a standardized format for expressing security controls, assessment plans, and results. This standardization is crucial for interoperability. It allows consistent processing and understanding of compliance data across different tools and systems.</li> <li><strong>Scalability and Integration:</strong> <em>complyctl</em> simplifies compliance checks integration in your development and deployment pipelines. An <a href="https://pages.nist.gov/OSCAL/learn/concepts/layer/assessment/" target="_blank" rel="noreferrer noopener">OSCAL Assessment Plan</a> can be created and customized once and reused across multiple systems. Ultimately compliance checks can be implemented faster and compliance gaps are caught earlier. This prevents non-compliant configurations from reaching production environments.</li> <li><strong>Extensibility with Plugins (including OpenSCAP):</strong> The plugin-based architecture of <em>complyctl</em> makes it incredibly versatile. An example is the <em>complyctl-openscap-plugin</em>, which extends <em>complyctl’s</em> capabilities to use OpenSCAP Scanner and the rich content provided by <a href="https://src.fedoraproject.org/rpms/scap-security-guide" target="_blank" rel="noreferrer noopener">scap-security-guide</a> package. This allows an immediate and smooth adoption of <em>complyctl</em> using a well-established assessment engine while providing a modern, OSCAL-driven workflow for managing and executing security compliance checks. It also allows a smooth and gradual transition to other scanner technologies.</li></ol> <p>By embracing <em>complyctl</em>, Fedora users can more easily maintain a strong security posture.</p> <h3 class="wp-block-heading">Getting Started with complyctl: A Practical Tutorial</h3> <p>Ready to put <em>complyctl</em> to work? It is likely simpler than you expect. The following is a step-by-step guide to start using <em>complyctl</em> on your Fedora system.</p> <h4 class="wp-block-heading">1. Installation</h4> <p>First, install <em>complyctl</em>, if necessary. It is <a href="https://src.fedoraproject.org/rpms/complyctl" target="_blank" rel="noreferrer noopener">available as an RPM package</a> in official repositories:</p> <pre class="wp-block-preformatted">sudo dnf install complyctl</pre> <h4 class="wp-block-heading">2. Understanding the Workflow</h4> <p><em>complyctl</em> follows a logical, sequential workflow:</p> <ul class="wp-block-list"><li><strong>list</strong>: Discover available compliance frameworks.</li> <li><strong>plan</strong>: Create an OSCAL <a href="https://pages.nist.gov/OSCAL/learn/concepts/layer/assessment/assessment-plan/" target="_blank" rel="noreferrer noopener">Assessment Plan</a> based on a chosen framework. This plan acts as your assessment configuration.</li> <li><strong>generate</strong>: Generate executable policy artifacts for each installed plugin based on the OSCAL Assessment Plan.</li> <li><strong>scan</strong>: Call the installed plugins to scan the system using their respective policies and finally aggregate the results in a single OSCAL <a href="https://pages.nist.gov/OSCAL/learn/concepts/layer/assessment/assessment-results/" target="_blank" rel="noreferrer noopener">Assessment Results</a> file.</li></ul> <p>Let’s walk through these commands.</p> <h4 class="wp-block-heading">3. Step-by-Step Tutorial</h4> <p><strong>Step 1: List Available Frameworks</strong></p> <p>To begin, you need to know which compliance frameworks <em>complyctl</em> can assess your system against. Currently the <em>complyctl</em> package includes the <a href="https://github.com/ComplianceAsCode/content/blob/master/controls/cusp_fedora.yml" target="_blank" rel="noreferrer noopener">CUSP Profile</a> out-of-the-box.</p> <p>Use the <em>list</em> command to show the available frameworks:</p> <pre class="wp-block-preformatted">complyctl list</pre> <p>This command will output a table, showing the available frameworks. Look for the <em>Framework ID</em> column, as you’ll need this for the next step.</p> <p>Example:</p> <figure class="wp-block-image size-large"><a href="https://fedoramagazine.org/wp-content/uploads/2025/09/complyctl_list.png"><img loading="lazy" decoding="async" width="1024" height="299" src="https://fedoramagazine.org/wp-content/uploads/2025/09/complyctl_list-1024x299.png" alt="" class="wp-image-42574" srcset="https://fedoramagazine.org/wp-content/uploads/2025/09/complyctl_list-1024x299.png 1024w, https://fedoramagazine.org/wp-content/uploads/2025/09/complyctl_list-300x88.png 300w, https://fedoramagazine.org/wp-content/uploads/2025/09/complyctl_list-768x225.png 768w, https://fedoramagazine.org/wp-content/uploads/2025/09/complyctl_list-816x239.png 816w, https://fedoramagazine.org/wp-content/uploads/2025/09/complyctl_list.png 1149w" sizes="auto, (max-width: 1024px) 100vw, 1024px" /></a></figure> <p>Optionally, you can also include the <kbd>--plain</kbd> option for simplified output.</p> <p><strong>Step 2: Create an Assessment Plan</strong></p> <p>Once you’ve identified a <em>Framework ID</em>, you can create an OSCAL Assessment Plan. This plan defines what will be assessed. The <em>plan</em> command will generate an <em>assessment-plan.json</em> file in the complytime directory.</p> <pre class="wp-block-preformatted">complyctl plan cusp_fedora</pre> <p>This command creates the user workspace in the “complytime” directory:</p> <pre class="wp-block-preformatted">tree complytimecomplytime/└── assessment-plan.json</pre> <p>The JSON file is a machine-readable representation of your chosen compliance policy.</p> <p><strong>Step 3: Install a plugin</strong></p> <p>In this tutorial we will use OpenSCAP Scanner as the underlying technology for compliance checks. So, we also want to install the OpenSCAP plugin for <em>complyctl</em> as well the OpenSCAP content delivered by <em>scap-security-guide</em> package:</p> <pre class="wp-block-preformatted">sudo dnf install complyctl-openscap-plugin scap-security-guide</pre> <p><strong>Step 4: Generate Policy Artifacts</strong></p> <p>With your <em>assessment-plan.json</em> in place, and the desired plugins installed, the <em>generate</em> command translates this declarative plan into policy artifacts for the installed plugins. These are the actual plugin specific instructions <em>complyctl</em> plugins will use to perform the checks.</p> <pre class="wp-block-preformatted">complyctl generate</pre> <p>This command prepares the assessment for execution.</p> <pre class="wp-block-preformatted">tree complytime/ complytime/├── assessment-plan.json└── openscap ├── policy │ └── tailoring_policy.xml ├── remediations │ ├── remediation-blueprint.toml │ ├── remediation-playbook.yml │ └── remediation-script.sh └── results</pre> <p><strong>Step 5: Execute the Compliance Scan</strong></p> <p>Finally, the <em>scan</em> command runs the assessment using the installed plugins. The results will appear in the <em>assessment-results.json</em>, file by default.</p> <pre class="wp-block-preformatted">complyctl scan</pre> <p>For human-readable output, which is useful for review and reporting, you can add the <kbd>--with-md</kbd> option. This will generate both <em>assessment-results.json</em> and <em>assessment-results.md</em> files.</p> <pre class="wp-block-preformatted">complyctl scan --with-md</pre> <p>This Markdown file provides a clear, digestible summary of your system’s compliance status, making it easy to share with auditors or other stakeholders.</p> <pre class="wp-block-preformatted">tree complytime/complytime/├── assessment-plan.json├── assessment-results.json├── assessment-results.md└── openscap ├── policy │ └── tailoring_policy.xml ├── remediations │ ├── remediation-blueprint.toml │ ├── remediation-playbook.yml │ └── remediation-script.sh └── results ├── arf.xml └── results.xml</pre> <h3 class="wp-block-heading"><strong>Final thoughts</strong></h3> <p><em>complyctl</em> is an open-source tool built for and by the community. We encourage you to give it a try.</p> <ul class="wp-block-list"><li>Find us on GitHub at <a href="https://github.com/complytime/complyctl" target="_blank" rel="noreferrer noopener">complyctl repository</a>.</li> <li>If you find an issue or have a feature request, please open an issue, propose a PR, or contact the maintainers. Your feedback will help shape the future of this tool.</li> <li>Collaboration on <a href="https://github.com/ComplianceAsCode/content" target="_blank" rel="noreferrer noopener">ComplianceAsCode/content</a> community is also welcome to help us shaping <a href="https://github.com/ComplianceAsCode/oscal-content/tree/main" target="_blank" rel="noreferrer noopener">Compliance profiles</a> for Fedora.</li></ul> <p></p>]]></content:encoded> <wfw:commentRss>https://fedoramagazine.org/effortless-flexible-scalable-and-standardized-compliance-checks-for-fedora-using-complyctl/feed/</wfw:commentRss> <slash:comments>6</slash:comments> <post-id xmlns="com-wordpress:feed-additions:1">42553</post-id><enclosure url="https://fedoramagazine.org/wp-content/uploads/2025/09/intro_2_complyctl-300x127.jpg" length="7400" type="image/jpg" /> </item> <item> <title>Announcing Fedora Linux 43 Beta</title> <link>https://fedoramagazine.org/announcing-fedora-linux-43-beta/</link> <dc:creator><![CDATA[Aoife Moloney]]></dc:creator> <pubDate>Tue, 16 Sep 2025 14:05:00 +0000</pubDate> <category><![CDATA[Fedora Project community]]></category> <category><![CDATA[Beta]]></category> <category><![CDATA[F43]]></category> <category><![CDATA[Fedora Linux 43]]></category> <guid isPermaLink="false">https://fedoramagazine.org/?p=42576</guid> <description><![CDATA[On Tuesday, 16 September 2025, it is our pleasure to announce the availability of Fedora Linux 43 Beta! This release comes packed with the latest version upgrades of existing features, plus a few new ones too. As with every beta release, this is your opportunity to test out the upcoming Fedora Linux release and give […]]]></description> <content:encoded><![CDATA[<p>On Tuesday, 16 September 2025, it is our pleasure to announce the availability of Fedora Linux 43 Beta! This release comes packed with the latest version upgrades of existing features, plus a few new ones too. As with every beta release, this is your opportunity to test out the upcoming Fedora Linux release and give some feedback to help us fine tune F43 final. We hope you enjoy this latest version of Fedora!</p> <span id="more-42576"></span> <h2 class="wp-block-heading">How to get the beta release</h2> <p>You can download F43 Beta, or our pre-release edition versions, from any of the following places:</p> <ul class="wp-block-list"><li><a href="https://fedoraproject.org/workstation/download/?beta" target="_blank" rel="noreferrer noopener">Fedora Workstation 43 Beta</a></li> <li><a href="https://fedoraproject.org/kde/download/?beta" target="_blank" rel="noreferrer noopener">Fedora KDE Plasma Desktop 43 Beta</a></li> <li><a href="https://fedoraproject.org/server/download/?beta" target="_blank" rel="noreferrer noopener">Fedora Server 43 Beta</a></li> <li><a href="https://fedoraproject.org/iot/download/?beta" target="_blank" rel="noreferrer noopener">Fedora IoT 43 Beta</a></li> <li><a href="https://fedoraproject.org/cloud/download/?beta" target="_blank" rel="noreferrer noopener">Fedora Cloud 43 Beta</a></li></ul> <p>The Fedora CoreOS “next” stream moves to the beta release one week later, but content for F43 is still available from their current <a href="https://builds.coreos.fedoraproject.org/browser?stream=branched&arch=x86_64" target="_blank" rel="noreferrer noopener">branched</a> stream to enjoy now.</p> <p>You can also update an existing system to the beta using <a href="https://docs.fedoraproject.org/en-US/quick-docs/upgrading-fedora-offline/" target="_blank" rel="noreferrer noopener">DNF system-upgrade</a>.</p> <p>The F43 Beta release content is also available for Fedora <a href="https://fedoraproject.org/spins?beta" target="_blank" rel="noreferrer noopener">Spins</a> and <a href="https://fedoraproject.org/labs?beta" target="_blank" rel="noreferrer noopener">Labs</a>, with the exception of the following:</p> <ul class="wp-block-list"><li>Mate – not currently available on any architectures with F43 content</li> <li>i3 – not currently available on aarch64 only with F43 content</li></ul> <h2 class="wp-block-heading">F43 Beta highlights</h2> <h3 class="wp-block-heading"><strong>Installer and desktop Improvements</strong></h3> <p><strong>Anaconda WebUI for Fedora Spins by default:</strong> This creates a consistent and modern installation experience across all Fedora desktop variants. It brings us closer to eventually replacing the older GTK installer. This ensures all Fedora users can benefit from the same polished and user-friendly interface.</p> <p><strong>Switch Anaconda installer to DNF5:</strong> This change provides better support and debugging for package-based applications within Anaconda. It is a bigger step towards the eventual deprecation or removal of DNF4, which is now in maintenance mode.</p> <p><strong>Enable auto-updates by default in Fedora Kinoite:</strong> This change ensures that users are consistently running a system with the latest bug fixes and features after a simple reboot. Updates are applied automatically in the background.</p> <p><strong>Set Default Monospace Fallback Font: </strong> This change ensures that when a specified monospace font is missing, a consistent fallback font is used. Font selection also remains stable and predictable, even when the user installs new font packages. No jarring font changes should occur as appeared in previous versions.</p> <h3 class="wp-block-heading"><strong>System enhancements</strong></h3> <p><strong>GNU Toolchain Update:</strong> The updates to the GNU Toolchain ensures Fedora stays current with the latest features, improvements, and bug and security fixes from the upstream gcc, glibc, binutils, and gdb projects. They guarantees a working system compiler, assembler, static and dynamic linker, core language runtimes, and debugger.</p> <p><strong>Package-specific RPM Macros For Build Flags:</strong> This change provides a consistent and standard way for packages to add to the default list of compiler flags. It also offers a cleaner and simpler method for package maintainers to make per-package adjustments to build flags. This avoids the need to manually edit and re-export environmental variables, and prevents potential issues that could arise from the old manual method. It ensures the consistent applications of flag adjustments.</p> <p><strong>Build Fedora CoreOS using Containerfile:</strong> This change brings the FCOS build process under a standard container image build, moving away from the custom tool, CoreOS Assembler. It also means that anyone with Podman installed can build FCOS. This simplifies the process for both individual users and automated pipelines.</p> <h3 class="wp-block-heading"><strong>Upgrades and removals</strong></h3> <p><strong>Deprecate The Gold Linker:</strong> Deprecate the binutils-gold subpackage. This change simplifies the developer experience by reducing the number of available linkers from four to three. It streamlines choices for projects, and moves towards safeguarding the project against potential issues from “bitrot” where a package’s quality can decline and become unbuildable or insecure over time.</p> <p><strong>Retire python-nose:</strong> The python-nose package will be removed in F43. This prevents the creation of new packages with a dependency on an unmaintained test runner. Developers are encouraged to migrate to actively maintained testing frameworks such as python3-pytest or python3-nose2.</p> <p><strong>Retire gtk3-rs, gtk-rs-core v0.18, and gtk4-rs v0.7:</strong> This change prevents Fedora from continuing to depend on old, unmaintained versions of these bindings. It also prevents shipping obsolete software and fewer unmaintained versions of packages.</p> <p><strong>Python 3.14:</strong> Updating the Python stack in F43. This means that by building Fedora packages against an in-development version, critical bugs can be identified and reported before the final 3.14.0 release. This helps the entire Python ecosystem. Developers also gain access to the latest features in this release. More information is available at https://docs.python.org/3.14/whatsnew/3.14.html.</p> <p><strong>Golang 1.25:</strong> This change provides Fedora Linux 43 Beta with the latest new features in Go. These include that <kbd>go build -asan </kbd>now defaults to leak detection at program exit, the <kbd>go doc -http </kbd>option starts a documentation server, and subdirectories of a repository can now be used as a module root. Since Fedora will keep as close to upstream as possible, this means we will continue to provide a reliable development platform for the Go language and projects written in it. </p> <p><strong>Idris 2:</strong> Users gain access to new features in Idris 2. These include Quantitative Type Theory (QTT), which enables type-safe concurrent programming and fine-grained control over resource usage. It also has a new core language, a more minimal prelude library, and a new target to compile to, Chez Scheme.<br /></p> <h2 class="wp-block-heading">More information</h2> <p>Details and more information on the many great changes landing in Fedora Linux 43 are available on the <a href="https://fedoraproject.org/wiki/Releases/43/ChangeSet" target="_blank" rel="noreferrer noopener">Change Set</a> page.</p>]]></content:encoded> <post-id xmlns="com-wordpress:feed-additions:1">42576</post-id><enclosure url="https://fedoramagazine.org/wp-content/uploads/2025/09/fl43b-300x127.jpg" length="10721" type="image/jpg" /> </item> <item> <title>Contribute at the Fedora Linux 43 i18n Test Week</title> <link>https://fedoramagazine.org/contribute-at-the-fedora-linux-43-i18n-test-week/</link> <comments>https://fedoramagazine.org/contribute-at-the-fedora-linux-43-i18n-test-week/#comments</comments> <dc:creator><![CDATA[Sumantro Mukherjee]]></dc:creator> <pubDate>Sun, 07 Sep 2025 21:45:27 +0000</pubDate> <category><![CDATA[Fedora Project community]]></category> <category><![CDATA[testing]]></category> <guid isPermaLink="false">https://fedoramagazine.org/?p=42536</guid> <description><![CDATA[The i18n team is testing changes for Fedora Linux 43 (Use COLR for Noto Color Emoji, Set Default Monospace Fallback Font , and many more). As a result, the i18n and QA teams organized a test week to run from Tuesday, September 09, 2025, to Monday, September 15, 2025. The wiki page in this article […]]]></description> <content:encoded><![CDATA[<p>The i18n team is testing changes for Fedora Linux 43 (<a href="https://fedoraproject.org/wiki/Changes/Use_COLR_for_Noto_Color_Emoji" target="_blank" rel="noreferrer noopener">Use COLR for Noto Color Emoji</a>,<a href="https://fedoraproject.org/wiki/Changes/SetDefaultMonospaceFallbackFont" target="_blank" rel="noreferrer noopener"> Set Default Monospace Fallback Font </a>, and many more). As a result, the i18n and QA teams organized a test week to run from <strong>Tuesday, September 09, 2025, </strong>to<strong> Monday, September 15, 2025</strong>. The wiki page in this article contains links to the test images you’ll need to participate. Please continue reading for details.</p> <span id="more-42536"></span> <h2 class="wp-block-heading"><strong>How does a test week work?</strong></h2> <p>A test week is an event where anyone can help ensure changes in Fedora Linux work well in an upcoming release. Fedora community members often participate, and the public is welcome at these events. If you’ve never contributed before, this is a perfect way to get started.</p> <p>To contribute, you only need to be able to do the following things:</p> <ul class="wp-block-list"><li>Download test materials, which include some large files</li> <li>Read and follow directions step by step</li></ul> <p>The <a href="https://fedoraproject.org/wiki/Test_Day:2025-09-09_I18N_Test_Day" target="_blank" rel="noreferrer noopener">wiki page</a> for the i18n test week is your source of information on what and how to test. After you’ve done some testing, you can log your results in the test week <a href="https://testdays.fedoraproject.org/testday/5" target="_blank" rel="noreferrer noopener">web application</a>. If you’re available on or around the days of the event, please do some testing and report your results.</p> <p>Happy testing, and we hope to see you on one of the test days.</p> <p></p>]]></content:encoded> <wfw:commentRss>https://fedoramagazine.org/contribute-at-the-fedora-linux-43-i18n-test-week/feed/</wfw:commentRss> <slash:comments>3</slash:comments> <post-id xmlns="com-wordpress:feed-additions:1">42536</post-id><enclosure url="https://fedoramagazine.org/wp-content/uploads/2022/06/test-days-300x127.jpg" length="8214" type="image/jpg" /> </item> <item> <title>Tips and Tricks: man Command</title> <link>https://fedoramagazine.org/tips-and-tricks-man-command/</link> <comments>https://fedoramagazine.org/tips-and-tricks-man-command/#comments</comments> <dc:creator><![CDATA[abdulrahman mubarak]]></dc:creator> <pubDate>Mon, 11 Aug 2025 08:00:00 +0000</pubDate> <category><![CDATA[Fedora Project community]]></category> <guid isPermaLink="false">https://fedoramagazine.org/?p=42484</guid> <description><![CDATA[The man command, is short for manual. It provides access to the various up-to-date on-board documentation pages. This helps users utilize the Linux/Unix operating systems in a better manner. What is man ? The man command is a manual pager which provides the user with documentation about specific functions, system calls, and commands. The man […]]]></description> <content:encoded><![CDATA[<p>The <strong>man</strong> command, is short for <strong>manual</strong>. It provides access to the various up-to-date on-board documentation pages. This helps users utilize the Linux/Unix operating systems in a better manner.</p> <span id="more-42484"></span> <h2 class="wp-block-heading">What is man ?</h2> <p>The <em>man</em> command is a manual pager which provides the user with documentation about specific functions, system calls, and commands. The <em>man</em> command uses the <em>less</em> pager by default. (See <em>man less</em> for more information.) </p> <p>Note that a <strong>man</strong> page is likely to contain better up-to-date information compared to what can be found on the internet. It is wise to compare the <em>man</em> page usage and options with that found on the web.</p> <h2 class="wp-block-heading">How to use man ?</h2> <p>To use the <em>man</em> command effectively we have to know the <strong>manual pages system</strong>. The manual pages are distributed in 8 sections. Each provides documentation on particular topics.</p> <h3 class="wp-block-heading">What are the manual page sections ?</h3> <ol class="wp-block-list"><li>Programs, shell commands and daemons.</li> <li>System calls.</li> <li>Library calls.</li> <li>Special files, drivers, and hardware.</li> <li>Configuration files.</li> <li>Games.</li> <li>Miscellaneous commands.</li> <li>System administration commands and daemons.</li></ol> <h2 class="wp-block-heading">Examples</h2> <p>To get the printf library function documentation (section 3):</p> <pre class="wp-block-preformatted"># man 3 printf</pre> <p>To get the printf shell builtin documentation (section 1):</p> <pre class="wp-block-preformatted"># man 1 printf</pre> <p>You can learn more about the man command and its options:</p> <pre class="wp-block-preformatted"># man man</pre> <h2 class="wp-block-heading">How to manage the index caches database </h2> <p>To update the existing database, or to create it, use the <strong>-c</strong> or <strong>–create</strong> flag with the <em>mandb</em> command:</p> <pre class="wp-block-preformatted"># mandb --create</pre> <p>To do a correctness check on the documentation database use the <strong>-t</strong> or <strong>–test</strong> flag:</p> <pre class="wp-block-preformatted"># mandb --test</pre> <h2 class="wp-block-heading">How to export manual pages</h2> <p>To export a man page, use the <strong>-t </strong>flag with the <em>man</em> command:</p> <pre class="wp-block-preformatted">man -t 5 dnf.conf > manual.ps </pre> <p>This will create a PostScript file with the contents of the dnf.conf man page from section 5.</p> <p>Alternatively, if you want to output a PDF file, use something like this instead:</p> <pre class="wp-block-preformatted">man -Tpdf 5 dnf.conf > dnf.conf.pdf </pre> <p>You will need the <kbd>groff-perl</kbd> package installed for this command to work.</p> <h2 class="wp-block-heading">Summary</h2> <p>The need to get information about <strong>commands</strong>, <strong>daemon</strong>s, <strong>shell builtins</strong>, etc. to make them do what they are intended to do correctly, motivates us to use the system manual to learn not everything but the required knowledge to reach our goal.</p> <p></p> <p></p>]]></content:encoded> <wfw:commentRss>https://fedoramagazine.org/tips-and-tricks-man-command/feed/</wfw:commentRss> <slash:comments>17</slash:comments> <post-id xmlns="com-wordpress:feed-additions:1">42484</post-id><enclosure url="https://fedoramagazine.org/wp-content/uploads/2025/08/man_tips_tricks-300x127.jpg" length="15544" type="image/jpg" /> </item> <item> <title>Kernel 6.16 Test Week: August 10 – 16</title> <link>https://fedoramagazine.org/kernel-6-16-test-week-august-10-16/</link> <dc:creator><![CDATA[Aoife Moloney]]></dc:creator> <pubDate>Fri, 08 Aug 2025 08:00:00 +0000</pubDate> <category><![CDATA[Fedora Project community]]></category> <guid isPermaLink="false">https://fedoramagazine.org/?p=42407</guid> <description><![CDATA[Join us to test the 6.16 kernel for Fedora Linux 43 during August 10 – 16! What is a test week? Test weeks are organised by the Fedora QA team per release cycle and are a great way to get involved in developing the upcoming Fedora Linux release. Instructions and test cases are provided for […]]]></description> <content:encoded><![CDATA[<p>Join us to test the 6.16 kernel for Fedora Linux 43 during August 10 – 16!</p> <h2 class="wp-block-heading">What is a test week?</h2> <p>Test weeks are organised by the Fedora QA team per release cycle and are a great way to get involved in developing the upcoming Fedora Linux release. Instructions and test cases are provided for you, plus you will also be mentioned and thanked in the ‘<a href="https://communityblog.fedoraproject.org/heroes-of-fedora-fedora-40-contributions/" target="_blank" rel="noreferrer noopener">Heroes of Fedora</a>‘ blog at the end of the release. For more information on how to get involved, check out the <a href="https://fedoraproject.org/wiki/QA/Test_Days" target="_blank" rel="noreferrer noopener">Fedora Test Days wiki</a>, and to participate in the upcoming Kernel 6.16 test week, read on!</p> <span id="more-42407"></span> <h2 class="wp-block-heading">Kernel 6.16 Test Week</h2> <p>The kernel team is working on final integration for Linux kernel 6.16. This recently released kernel version will arrive soon in Fedora Linux. As a result, the Fedora Linux kernel and QA teams have organized a test week from <strong>Sunday, August 10, 2025 </strong>to<strong> Saturday, August 16, 2025</strong>.</p> <p>The <a href="https://fedoraproject.org/wiki/Test_Day:2025-08-10_Kernel_6.16_Test_Week">wiki page</a> contains links to the test images you’ll need to participate. The results can be submitted in the <a href="https://testdays.fedoraproject.org/testday/1" target="_blank" rel="noreferrer noopener">test day app</a>.</p> <p>What are we looking for?</p> <ul class="wp-block-list"><li>Regressions when rebasing</li> <li>Issues when installing from USB on VM and/or bare metal systems (file under ‘exploratory)</li></ul> <h2 class="wp-block-heading">What do I need to do?</h2> <p>To contribute, you only need to be able to do the following things:</p> <ul class="wp-block-list"><li>Make sure you have a <a href="https://accounts.fedoraproject.org/" target="_blank" rel="noreferrer noopener">Fedora Account</a> (FAS)</li> <li>Download test materials in advance where applicable, which may include some large files</li> <li>Read and follow directions step by step in the <a href="https://fedoraproject.org/wiki/Test_Day:2025-08-10_Kernel_6.16_Test_Week" target="_blank" rel="noreferrer noopener">wiki test page</a></li> <li>Report your findings in the <a href="https://testdays.fedoraproject.org/testday/1" target="_blank" rel="noreferrer noopener">app</a></li></ul>]]></content:encoded> <post-id xmlns="com-wordpress:feed-additions:1">42407</post-id><enclosure url="https://fedoramagazine.org/wp-content/uploads/2022/08/test-days-kernel-5.19-300x127.jpg" length="8214" type="image/jpg" /> </item> <item> <title>Anaconda Web UI Installer for Spins and Editions Test Days: August 4 – 8 2025</title> <link>https://fedoramagazine.org/anaconda-web-ui-installer-for-spins-and-editions-test-days-august-4-8-2025/</link> <comments>https://fedoramagazine.org/anaconda-web-ui-installer-for-spins-and-editions-test-days-august-4-8-2025/#comments</comments> <dc:creator><![CDATA[Aoife Moloney]]></dc:creator> <pubDate>Tue, 05 Aug 2025 15:07:55 +0000</pubDate> <category><![CDATA[Fedora Project community]]></category> <guid isPermaLink="false">https://fedoramagazine.org/?p=42450</guid> <description><![CDATA[Join us this week for the Anaconda Web UI Installer test week where we are focusing testing on Anacondas brand new WebUI for KDE and Spins live images. What is a test week? Test weeks are organised by the Fedora QA team per release cycle and are a great way to get involved in developing […]]]></description> <content:encoded><![CDATA[<p>Join us this week for the Anaconda Web UI Installer test week where we are focusing testing on Anacondas brand new WebUI for KDE and Spins live images. </p> <h2 class="wp-block-heading">What is a test week?</h2> <p>Test weeks are organised by the Fedora QA team per release cycle and are a great way to get involved in developing the upcoming Fedora Linux release. Instructions and test cases are provided for you, plus you will be mentioned and thanked in the ‘<a href="https://communityblog.fedoraproject.org/heroes-of-fedora-fedora-40-contributions/" target="_blank" rel="noreferrer noopener">Heroes of Fedora</a>‘ blog at the end of the release. More information on how to get involved is located on the <a href="https://fedoraproject.org/wiki/QA/Test_Days" target="_blank" rel="noreferrer noopener">Fedora Test Days wiki</a>. To participate in the upcoming Kernel 6.16 test week, read on!</p> <h2 class="wp-block-heading">Anaconda Web UI Installer Test Week</h2> <p>The Anaconda WebUI became the default installer interface in the previous Fedora release for Fedora Workstation. This Test Day extends that effort to ensure the WebUI works smoothly across the broader Fedora ecosystem, especially in various Spin environments and Fedora KDE. As a result, the Anaconda and QA teams have organized a test week from <strong>Monday August 4, 2025 </strong>to<strong> Friday August 8, 2025</strong>.</p> <p>The <a href="https://fedoraproject.org/wiki/Test_Day:2025-08-04_Anaconda_WebUI_for_Fedora_Spins_and_KDE" target="_blank" rel="noreferrer noopener">wiki page</a> contains links to the test images you’ll need to participate. The results can be submitted in the <a href="https://testdays.fedoraproject.org/testday/4" target="_blank" rel="noreferrer noopener">test day app</a>.</p> <h2 class="wp-block-heading">What are we looking for?</h2> <ul class="wp-block-list"><li>How partitioning is working</li> <li>Cockpit Storage Editor performance</li> <li>Internalisation</li> <li>Issues not mentioned in the test cases – file those findings under ‘exploratory’.</li></ul> <h2 class="wp-block-heading">What do I need to do?</h2> <p>To contribute, you only need to be able to do the following things:</p> <ul class="wp-block-list"><li>Make sure you have a <a href="https://accounts.fedoraproject.org/" target="_blank" rel="noreferrer noopener">Fedora Account</a> (FAS)</li> <li>Download test materials in advance where applicable, which may include some large files</li> <li>Read and follow directions step by step in the <a href="https://fedoraproject.org/wiki/Test_Day:2025-08-04_Anaconda_WebUI_for_Fedora_Spins_and_KDE" target="_blank" rel="noreferrer noopener">wiki test page</a></li> <li>Report your findings in the <a href="https://testdays.fedoraproject.org/testday/4">app</a></li></ul> <p>The Anaconda team are available in their matrix room <a href="https://matrix.to/#/#anaconda:fedora.im" target="_blank" rel="noreferrer noopener">https://matrix.to/#/#anaconda:fedora.im</a> to provide support to participating users.</p> <p>Thank you for taking part in the testing of Fedora Linux 43!</p>]]></content:encoded> <wfw:commentRss>https://fedoramagazine.org/anaconda-web-ui-installer-for-spins-and-editions-test-days-august-4-8-2025/feed/</wfw:commentRss> <slash:comments>3</slash:comments> <post-id xmlns="com-wordpress:feed-additions:1">42450</post-id><enclosure url="https://fedoramagazine.org/wp-content/uploads/2022/06/test-days-300x127.jpg" length="8214" type="image/jpg" /> </item> <item> <title>Fedora for Architects: Open Source Tools for Architectural Design</title> <link>https://fedoramagazine.org/fedora-for-architects-open-source-tools-for-architectural-design/</link> <comments>https://fedoramagazine.org/fedora-for-architects-open-source-tools-for-architectural-design/#comments</comments> <dc:creator><![CDATA[Arman Arisman]]></dc:creator> <pubDate>Mon, 04 Aug 2025 08:00:00 +0000</pubDate> <category><![CDATA[Fedora Project community]]></category> <guid isPermaLink="false">https://fedoramagazine.org/?p=42396</guid> <description><![CDATA[Why Fedora for Architects Architects depend on digital tools for every stage of design, from sketching to modelling and documentation. But many popular tools are expensive, closed-source, or limited to specific platforms. Fedora offers a fast, stable, and open environment for professional design work. With a growing ecosystem of free and open source software, architects […]]]></description> <content:encoded><![CDATA[<h2 class="wp-block-heading">Why Fedora for Architects</h2> <p>Architects depend on digital tools for every stage of design, from sketching to modelling and documentation. But many popular tools are expensive, closed-source, or limited to specific platforms.</p> <p>Fedora offers a fast, stable, and open environment for professional design work. With a growing ecosystem of free and open source software, architects can build a complete work-flow on Fedora, without sacrificing capability or control.</p> <p>As an architect, I’d like to introduce how we can use Fedora for architectural design.</p> <h2 class="wp-block-heading">Fedora as Design Platform</h2> <p>Fedora Workstation is a solid choice for creative professionals. It is fast, up to date, and well-supported on a wide range of hardware, including laptops commonly used in architecture, like ThinkPads.</p> <p>Fedora gives you access to a wide selection of open source applications through <strong>DNF</strong>, <strong>Flatpak</strong>, and <strong>COPR</strong>. Whether you’re installing stable packages or testing the latest versions, Fedora’s software ecosystem is flexible and developer-friendly.</p> <p>With Wayland by default, good pen tablet support, and modern graphics drivers, Fedora handles demanding design tasks smoothly. It is a platform that gets out of the way, letting you focus on your ideas.</p> <h2 class="wp-block-heading">Open Source Tools for Architectural Design</h2> <p>Fedora supports a wide range of open source applications that can cover every stage of the architectural design process. From early sketching to 3D modelling, documentation, and even BIM. The following are some tools I use in practice.</p> <h3 class="wp-block-heading">Sketching and Early Concepts</h3> <p>Early-stage design relies on speed, intuition, and flexibility. On Fedora, you can use <strong>Krita</strong> for freehand sketching and expressive form exploration. Its brush engine and tablet support make it feel natural, especially when working through visual ideas. For quick annotations or tracing over site plans, <strong>Xournal++</strong> offers a fast and lightweight interface. When you need to build simple diagrams or zoning layouts, <strong>LibreOffice Draw</strong> lets you combine shapes and text easily. These tools support a fluid design process, helping you stay focused on ideas, not technical barriers.</p> <h3 class="wp-block-heading">Drawing, Modelling, and Visualization</h3> <p>As your design develops, modelling becomes a way to explore space, proportion, and materiality. On Fedora, <strong>Blender</strong> offers a robust environment for 3D modelling, rendering, and animation. You can build conceptual massing studies, detailed geometry, and even walk-throughs or camera animations to communicate spatial experience. Real-time rendering in Blender with the Eevee rendering engine and photo-realistic output using the Cycles rendering engine make it possible to move quickly from model to image or video.</p> <figure class="wp-block-image size-large"><a href="https://fedoramagazine.org/wp-content/uploads/2025/07/blender.png"><img loading="lazy" decoding="async" width="1024" height="538" src="https://fedoramagazine.org/wp-content/uploads/2025/07/blender-1024x538.png" alt="Blender" class="wp-image-42435" srcset="https://fedoramagazine.org/wp-content/uploads/2025/07/blender-1024x538.png 1024w, https://fedoramagazine.org/wp-content/uploads/2025/07/blender-300x158.png 300w, https://fedoramagazine.org/wp-content/uploads/2025/07/blender-768x404.png 768w, https://fedoramagazine.org/wp-content/uploads/2025/07/blender-1536x807.png 1536w, https://fedoramagazine.org/wp-content/uploads/2025/07/blender-816x429.png 816w, https://fedoramagazine.org/wp-content/uploads/2025/07/blender.png 1920w" sizes="auto, (max-width: 1024px) 100vw, 1024px" /></a></figure> <p>For precise 2D drafting, <strong>QCAD</strong> provides a clean and efficient workspace. It is useful for early layout studies, plans, and diagrams where clear lines matter more than complex parametrics.</p> <figure class="wp-block-image size-large"><a href="https://fedoramagazine.org/wp-content/uploads/2025/07/qcad_3lXfSn2YlQ.png"><img loading="lazy" decoding="async" width="1024" height="633" src="https://fedoramagazine.org/wp-content/uploads/2025/07/qcad_3lXfSn2YlQ-1024x633.png" alt="QCAD" class="wp-image-42437" srcset="https://fedoramagazine.org/wp-content/uploads/2025/07/qcad_3lXfSn2YlQ-1024x633.png 1024w, https://fedoramagazine.org/wp-content/uploads/2025/07/qcad_3lXfSn2YlQ-300x185.png 300w, https://fedoramagazine.org/wp-content/uploads/2025/07/qcad_3lXfSn2YlQ-768x475.png 768w, https://fedoramagazine.org/wp-content/uploads/2025/07/qcad_3lXfSn2YlQ-1536x949.png 1536w, https://fedoramagazine.org/wp-content/uploads/2025/07/qcad_3lXfSn2YlQ-816x504.png 816w, https://fedoramagazine.org/wp-content/uploads/2025/07/qcad_3lXfSn2YlQ.png 1631w" sizes="auto, (max-width: 1024px) 100vw, 1024px" /></a></figure> <p>These tools help you move from form to image — and from image to motion — using an entirely open work-flow in the open source ecosystem.</p> <h3 class="wp-block-heading">Parametric and Algorithmic Design</h3> <p>Parametric design lets you build geometry through rules and relationships — making form more flexible and responsive. While visual tools like Grasshopper aren’t natively available on Linux, <strong>Blender</strong> offers a few promising options.</p> <p>The Geometry Nodes system in Blender supports procedural modelling based on attributes, modifiers, and data flows. For a more Grasshopper-like experience, the Sverchok add-on brings node-based parametric design into Blender — allowing you to create complex structures with visual logic. You can learn more about Sverchok at <a href="https://nortikin.github.io/sverchok/" target="_blank" rel="noreferrer noopener">https://nortikin.github.io/sverchok/</a></p> <p>If you prefer scripting, Blender’s built-in Python API gives you full control for custom modelling and automation. While the ecosystem is still evolving, these tools offer a solid foundation for algorithmic thinking in open work-flows.</p> <h3 class="wp-block-heading">Building Information Modelling (BIM)</h3> <p>If you work with BIM, Fedora supports open source tools that follow open standards like IFC. <strong>FreeCAD</strong> includes an Arch workbench designed for architectural model modelling, with objects like walls, windows, and sections that carry semantic data. It also supports parametric editing and IFC export, making it suitable for early-stage modelling and coordination. You can learn more about FreeCAD BIM Workbench at <a href="https://wiki.freecad.org/BIM_Workbench/" target="_blank" rel="noreferrer noopener">https://wiki.freecad.org/BIM_Workbench/</a>.</p> <figure class="wp-block-image size-full is-resized"><a href="https://fedoramagazine.org/wp-content/uploads/2025/07/Photos_zjjBCvB29J.png"><img loading="lazy" decoding="async" width="783" height="427" src="https://fedoramagazine.org/wp-content/uploads/2025/07/Photos_zjjBCvB29J.png" alt="FreeCAD BIM Workbench" class="wp-image-42439" style="width:840px;height:auto" srcset="https://fedoramagazine.org/wp-content/uploads/2025/07/Photos_zjjBCvB29J.png 783w, https://fedoramagazine.org/wp-content/uploads/2025/07/Photos_zjjBCvB29J-300x164.png 300w, https://fedoramagazine.org/wp-content/uploads/2025/07/Photos_zjjBCvB29J-768x419.png 768w" sizes="auto, (max-width: 783px) 100vw, 783px" /></a></figure> <p>Bonsai, an add-on for Blender, brings IFC-based modelling and data editing into a powerful 3D environment. You can create, inspect, and modify BIM models directly in Blender, with full control over geometry and metadata — without relying on proprietary formats. You can learn more about Bonsai at <a href="https://bonsaibim.org/" target="_blank" rel="noreferrer noopener">https://bonsaibim.org/</a>.</p> <figure class="wp-block-image size-large"><a href="https://fedoramagazine.org/wp-content/uploads/2025/07/banner-image2.png"><img loading="lazy" decoding="async" width="1024" height="563" src="https://fedoramagazine.org/wp-content/uploads/2025/07/banner-image2-1024x563.png" alt="" class="wp-image-42438" srcset="https://fedoramagazine.org/wp-content/uploads/2025/07/banner-image2-1024x563.png 1024w, https://fedoramagazine.org/wp-content/uploads/2025/07/banner-image2-300x165.png 300w, https://fedoramagazine.org/wp-content/uploads/2025/07/banner-image2-768x422.png 768w, https://fedoramagazine.org/wp-content/uploads/2025/07/banner-image2-1536x844.png 1536w, https://fedoramagazine.org/wp-content/uploads/2025/07/banner-image2-816x448.png 816w, https://fedoramagazine.org/wp-content/uploads/2025/07/banner-image2.png 1920w" sizes="auto, (max-width: 1024px) 100vw, 1024px" /></a></figure> <p>While open source BIM is still evolving, these tools already offer meaningful work-flows for concept modelling, coordination, and documentation — all while staying aligned with open data standards.</p> <h3 class="wp-block-heading">Graphic and Document Production</h3> <p>Architectural work involves more than modelling — it also requires clear visuals and well-structured documents. On Fedora, tools like <strong>Inkscape</strong> and <strong>GIMP</strong> help you produce diagrams, edit renderings, or refine presentation materials with full control over layout and image quality.</p> <figure class="wp-block-image size-large"><a href="https://fedoramagazine.org/wp-content/uploads/2025/07/gimp-3_egkzEoFYKU.jpg"><img loading="lazy" decoding="async" width="1024" height="538" src="https://fedoramagazine.org/wp-content/uploads/2025/07/gimp-3_egkzEoFYKU-1024x538.jpg" alt="GIMP" class="wp-image-42440" srcset="https://fedoramagazine.org/wp-content/uploads/2025/07/gimp-3_egkzEoFYKU-1024x538.jpg 1024w, https://fedoramagazine.org/wp-content/uploads/2025/07/gimp-3_egkzEoFYKU-300x158.jpg 300w, https://fedoramagazine.org/wp-content/uploads/2025/07/gimp-3_egkzEoFYKU-768x404.jpg 768w, https://fedoramagazine.org/wp-content/uploads/2025/07/gimp-3_egkzEoFYKU-1536x807.jpg 1536w, https://fedoramagazine.org/wp-content/uploads/2025/07/gimp-3_egkzEoFYKU-816x429.jpg 816w, https://fedoramagazine.org/wp-content/uploads/2025/07/gimp-3_egkzEoFYKU.jpg 1920w" sizes="auto, (max-width: 1024px) 100vw, 1024px" /></a></figure> <p>For documentation, <strong>LibreOffice</strong> offers a reliable suite for writing specifications, reports, and schedules. If you prefer more control over formatting, <strong>LaTeX</strong> gives you a structured way to produce professional documents — especially when precision and consistency matter.</p> <p>These tools help you communicate ideas clearly, whether for clients, collaborators, or construction teams.</p> <h2 class="wp-block-heading">Fedora Tips for Architects</h2> <h3 class="wp-block-heading">Flatpak vs DNF</h3> <p>Many design tools are available through both Flatpak and DNF. Use Flatpak when you want easy access to the latest versions and isolated environments (e.g., graphics software), and DNF when you prefer tighter system integration and package control.</p> <h3 class="wp-block-heading">Pen Tablet Setup</h3> <p>Fedora detects most pen tablets automatically. You can configure pressure sensitivity, button mapping, and input area through GNOME Settings > Devices > Stylus, or use CLI tools like <em>xsetwacom</em> or <em>libinput</em> for advanced tweaks.</p> <h3 class="wp-block-heading">Fonts and Typography</h3> <p>Fedora provides a wide selection of high-quality free fonts through its repositories. You can install additional font packages using dnf, or manually place fonts in <em>~/.fonts/</em> for user-level use — useful when working on design boards or documents.</p> <h3 class="wp-block-heading">Version Control with Git</h3> <p>Even for design files, <strong>Git</strong> can help track changes and back up your work. Use it for versioning .blend, .svg, .fcstd, or even LaTeX files. For larger binaries, consider using Git LFS or structured folder snapshots.</p> <h2 class="wp-block-heading">Conclusion</h2> <p>Architecture is about more than form, it’s about intent, structure, and the systems that support them. The same applies to the tools we use. Choosing open source is not just about avoiding cost; it’s a decision to work with transparency, adaptability, and long-term agency.</p> <p>Fedora offers a platform where design and freedom coexist, where architects can shape their tools as much as they shape space. It may not have every convenience out of the box, but it gives us something more enduring: control over our work-flow, and a community-driven path forward.</p> <p>Designing openly is not always the easiest path, but it may be the most honest one.</p> <p></p>]]></content:encoded> <wfw:commentRss>https://fedoramagazine.org/fedora-for-architects-open-source-tools-for-architectural-design/feed/</wfw:commentRss> <slash:comments>16</slash:comments> <post-id xmlns="com-wordpress:feed-additions:1">42396</post-id><enclosure url="https://fedoramagazine.org/wp-content/uploads/2025/07/FedoraMagz-FedoraForArchitects-300x127.png" length="26296" type="image/jpg" /> </item> </channel></rss> If you would like to create a banner that links to this page (i.e. this validation result), do the following:
Download the "valid RSS" banner.
Upload the image to your own server. (This step is important. Please do not link directly to the image on this server.)
Add this HTML to your page (change the image src attribute if necessary):
If you would like to create a text link instead, here is the URL you can use:
http://www.feedvalidator.org/check.cgi?url=https%3A//fedoramagazine.org/feed/
