Hello, I would like to ask for an addition to the base Fedora Workstation Edition. I would ask that Openssl is added as part of Fedora Workstation. My reasoning as a request from the Silverblue team, as an issue brought forward by users viewable at https://github.com/fedora-silverblue/issue-tracker/issues/201, with corresponding discussion to be found at https://discussion.fedoraproject.org/t/why-not-openssl-bundled-with-silverblue/112726.
The GSConnect extension is packaged in Fedora and it already depends on the openssl package.
openssl
I'm not sure it makes sense for us to add it to the Workstation Edition unless we're willing to consider preloading the extension itself.
So what you're saying is it already does come in WS via GSConnect? I was wondering why I have it installed since I didn't specifically do it on my Fedora Workstation, which I have been updating since F31. I definitely do have it installed. Or are you saying that since it is packaged for Fedora already, simply layering it onto the Atomic variants will suffice, at least for now?
Yes to both questions.
I would say no, since nothing installed by default needs the OpenSSL command line tools. The library is already installed and that's what almost all apps want to use.
Workstation isn't the same as Silverblue. Here it's simple to install if you need it, right?
Does the GSConnect then pull in more than the library? Does it need to?
Workstation isn't the same as Silverblue.
Agreed, but don't the Atomic variants get the core of their image created from Workstation in some form?
Here it's simple to install if you need it, right?
True, it is merely a matter of layering the package at the moment. But I think the question of discussion thread was pointing out how this sort of inter connectivity is seemingly ubiquitous with most OS's OOTB, so why not Silverblue. This then became the reason for my creating the issue based on a long standing user query on ask.fp.o. Personally, I don't have a vested interest, but I can see it's merit. I'm not knowledgeable enough about the ramifications it would have on getting a WS release out the door though, and whether the extra effort of knowledge capital would be a wise investment of the limited resources. Not to mention growing the image size of a release as a consequence.
Can we plan to have a quick chat about that in the next meeting? Thanks
Metadata Update from @catanzaro: - Issue tagged with: meeting-request
Yes.
Metadata Update from @catanzaro: - Issue untagged with: meeting-request - Issue tagged with: meeting
I'll likely be 30 min late for today's meeting but there is https://pagure.io/fedora-workstation/issue/425 to talk about before so that should be fine.
The goal of this request is to get a clear decision from the Working Group about inclusion or not so that we can move on with the discussion and decision that will only apply to Silverblue.
We have a very long discussion about this today. We have multiple recommendations:
Installing the openssl command line tool would be harmless and not objectionable, but we don't want to preinstall every potentially useful utility. openssl command line is redundant with certtool.
Metadata Update from @catanzaro: - Issue untagged with: meeting - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
Thank you for your consideration.
Log in to comment on this ticket.