Distribution-wide Changes

Inherited locale settings will be reset on login if necessary

When logging in over ssh or another mechanism, locale settings are forwarded. If the destination does not support that is configured in the source environment, various tools would generate warnings about invalid locale settings. Now, locale is automatically reset to C.UTF-8 if such situation is detected.

Many obsolete RPM scriptlets have been removed

Plenty of installation scriplets in packages are not necessary anymore. Their removal should make installation and upgrades of packages a bit faster.

Binaries provided by the distribution have optimized linking

The link flags used for Fedora packages have been updated to skip libraries which are not used by the executable. This removes the dependencies on those librararies from various packages, making their installation slightly more efficient.

Binaries provided by the distribution have additional hardening

The link flags used for Fedora packages have been updated to make the array of function pointers which is used to implement dynamic linking (the GOT) read-only at runtime. This makes it harder for exploit writers to overwrite these function pointers and redirect execution.

Changed build flags saved in Python’s distutils module

The build flags (CFLAGS, CXXFLAGS and LDFLAGS) saved in the Python’s distutils module for building extension modules have been changed in Fedora 30. See the Python section for details.

SWID tags for Fedora distribution and edition

The fedora-release-common and fedora-release-$edition packages ship distribution-level SWID tags under /usr/lib/swidtag/fedoraproject.org/ that identify the Fedora distribution, release, and edition.

The swidq command from new package swid-tools can be used to list the SWID tags (swidq -a) or show its content (swidq -i -n Fedora, swidq --xml -a 'org.fedoraproject.*').

UEFI for ARMv7 devices

In previous releases, Fedora used extlinux to boot the kernel on ARMv7-based systems. This allowed Fedora to standardize the boot process due to most ARMv7 devices being able to use extlinux out of the box due to being supported in various u-boot releases. However, u-boot support for UEFI has significantly improved in recent years, and starting with Fedora 30, the UEFI provided by u-boot is considered stable enough to be used with ARMv7 systems.

This change allows Fedora on ARMv7 systems to use grub2, providing ARMv7 users an experience similar to other architectures. It also simplifies a number of software stacks across the distribution due to being able to provide a unified installation/upgrade/support path across architectures.

Flicker-free boot on Fedora Workstation

The Workstation edition of Fedora 30 provides a flicker free boot - the system will now boot without displaying any text or menus from system power up all the way to the graphical login manager screen.

Work on this feature was started in Fedora 29 with the GRUB menu hidden by default change, and Fedora 30 builds upon this and provides a fully flicker-free boot. (Technically, systems with AMD and nVidia GPUs will still see a flicker at the start of the boot process due to how their drivers work. Intel GPUs provide the most smooth boot experience.)

Note that only fresh Fedora Workstation installs will have this functionality enabled by default. See the FAQ below for instructions on enabling this feature on systems upgraded from earlier releases.

For detailed information, see the following FAQ articles:

DNF repository metadata is now compressed using zchunk

Fedora 30 provides improved compression for DNF package metadata, resulting in significantly reduced size of metadata being downloaded. See System Utilities for details.

Updated software

Please note that this only lists a small subset of all upgraded packages where there’s a significant change.

Vagrant 2.2

Vagrant 2.2 is new major release, that includes many features, improvements, and and bug fixes. Using qemu:///session instead of qemu:///system allows Vagrant to run unprivileged.

Bash 5.0

The default shell bash has been updated to version 5.0. This release fixes several outstanding bugs in bash 4.4 and introduces several new features. The most significant bug fixes are an overhaul of how nameref variables resolve and a number of potential out-of-bounds memory errors discovered via fuzzing.

Fish 3.0

This update for one of the alternative shells contains many new features and some backwards incompatible changes. See the documentation for details.

New desktop environments

Fedora 30 adds two new desktop environments for users with a graphical interface: Pantheon and Deepin. See the Desktop section for details.

Deprecations and removals

Deprecation of BerkleyDB support in OpenLDAP server

In the next Fedora version (31) package openldap-servers will no longer ship with support for back-bdb or back-hdb. Users should migrate data to use back-mdb instead, which is fully supported, developed, and encouraged as the replacement by OpenLDAP upstream.

Deprecation of old Apache Java packages

Apache Jakarta ORO, Apache Jakarta Commons Regexp, Apache Jakarta Commons HttpClient, and Apache Avalon packages are intended to be eventually removed from Fedora, but are kept in Fedora for some additional, indeterminate time for various reasons including maintaining backwards compatibility. They are now considered deprecated and no new code should use them.

Deprecation of Sonatype OSS Parent

This package is obsolete software. sonatype-oss-parent packages are intended to be eventually removed from Fedora, but are kept in Fedora for some additional, indeterminate time due to relatively large number of packages still depending on Sonatype OSS Parent. They are now considered deprecated and no new code should use them.

Deprecation of Apache Maven 2.x

The last upstream release of Apache Maven 2.x was in November 2009, more than 9 years ago. Upstream declares that this version of Maven has reached its end of life, is no longer supported and that security vulnerability reports will not be addressed. It is still packaged in Fedora, but is deprecated and will be removed in one of the next releases.

Removal of unsafe functions from libcrypt

The POSIX standard mandates the presence of certain encryption and hashing functions (encrypt, encrypt_r, setkey, setkey_r, fcrypt) that rely on the DES encryption algorithm which today is widely considered insecure and insufficient for applications which require sane data encryption. Library headers have been changed so that it is not possible to compile code using those functions.

The version of the libxcrypt package included with Fedora 30 now ships the libcrypt.so.2 library that omits those legacy functions.

For backwards compatibility, the libxcrypt-compat package which contains libcrypt.so.1 is provided. If you are using a third-party application that links against those functions, or that is linked against glibc’s libcrypt, you may need to install the libxcrypt-compat package manually.

In addition, those legacy functions have been replaced by stub implementations which immediately return an error when invoked. This means that it is still possible to execute binaries compiled to use those functions, but they cannot actually use those unsafe encryption algorithms silently.

MongoDB removal

The MongoDB database has recently changed its license from AGPL to a custom license called the Server Side Public License v1 (SSPL). Upon reviewing the new license, Fedora Project has determined that the the SSPL is not a free software license. As Fedora’s licensing policies prohibit the project from distributing non-free software, MongoDB would be impossible to update to new upstream versions, and it is therefore being removed from Fedora.

The following packages are being removed:

  • mongodb

  • mongodb-server

  • mongodb-test

Other packages will remain in Fedora but will be adapted to MongoDB removal:

  • condor

  • golang-github-go-mgo-mgo

  • fawkes

  • fawkes-devenv

  • mongo-c-driver

  • mongo-cxx-driver

  • mongo-tools

  • mongodb-test

  • perl-MongoDB – adapted in 2.0.3-1.fc30

  • python-beaker

  • python-pymongo

  • rubygem-database_cleaner

  • rubygem-mongo

  • rubygem-mongoid

  • php-alcaeus-mongo-php-adapter, php-mongodb

FreeIPA Python 2 removal

FreeIPA client and server packages have been using Python 3 by default since Fedora 27, but Python 2 packages have been provided until Fedora 29. These packages are not used by FreeIPA, but they were provided for backwards compatibility, e.g. for Python 2 applications that used python2-ipaclient to communicate with an IPA server.

Python 2 is being deprecated in Fedora 30 as documented in the Python section, and support is also being dropped from the upstream project in upcoming version 4.8.0. Continuing support for Python 2 is causing needless development and testing overhead and blocking improvements such as using the new Python-based 389-ds installer, use of Python 3 features, and so on. Therefore, the following packages are no longer available in Fedora 30:

  • python2-ipalib

  • python2-ipaclient

  • python2-ipaserver

  • python2-ipatests

  • python2-ipa-desktop-profile-client (dependency)