Download Fedora 23 Server
Download Fedora 23 Workstation
Fedora 23 features the 4.2.0 kernel.
3.2.1. General Anaconda Changes
The Anaconda installer has been completely ported to Python 3 in Fedora 23. This will have no noticeable impact on your experience while installing Fedora, but is important to Anaconda’s backend and to developers – especially those who create installer add-ons.
Python 3 is the next generation of the Python programming language. It is currently mature and stable, since it has been under active development for more than six years – version 3.0 was released in December 2008. Version 2.7 will continue being supported by upstream until 2020; however, this support concerns only necessary maintenance, not new features.
With the move to Python 3, Anaconda (and other packages which have also been ported) can use new features provided by Python upstream. By staying close to upstream, Fedora can also better help the Python community go forward by contributing patches.
3.2.2. Changes in Anaconda’s Text Interface
Handling of non-Latin scripts in text mode has been improved. It uses an appropriate font if possible, and falls back to English if the language cannot be displayed by the Linux console.
Rescue mode has been reworked to use the same interface as the text mode installer instead of
3.2.3. Changes in Kickstart Syntax
Software environment handling should now be more robust.
reqpart. This command creates any partitions which are required by your hardware platform. For example, IBM Power Systems servers require a small
PReP Boot partition, 64-bit Intel-compatible systems with BIOS firmware and GUID Partition Table (GPT) on the boot drive require a
biosboot partition, etc.
reqpart command can not be used together with
autopart, it can be used together with additional partitioning commands; you can use
reqpart to create whatever partitions are necessary, and then use other storage configuration commands such as
part to create the rest of the partitioning layout.
This command has one option:
--add-boot. This option will also create a separate
/boot partition in addition to platform-specific partitions created by the base command.
reboot command has a new option:
--kexec. Use this option to reboot into the new system using the
kexec kernel switching mechanism instead of a full reboot, bypassing the BIOS/Firmware and boot loader.
logvol command has new options which are all used to create cached logical volumes:
----cachesize= – Requested size (in MiB) of cache attached to the logical volume. (Requires
--cachepvs= – A comma-separated list of (fast) physical volumes that should be used for the cache.
--cachemode= – The mode which should be used for the cache – either
lvmcache(7) man page for more information about LVM caching.
raid commands all have a new option:
--mkfsoptions=. This option specifies additional parameters to be passed to the program (
mkfs) that makes a file system on this partition, volume or subvolume. No processing is done on the list of arguments, so they must be supplied in a format that can be passed directly to
mkfs. This means multiple options should be comma-separated or surrounded by double quotes, depending on the file system.
3.2.4. System Upgrades with DNF
Upgrade to Fedora 23 with the native package manager dnf. The updates are performed in an offline environment that allows system packages to be safely replaced.
Procedure 1. Upgrading with DNF
This upgrade functionality comes from a dnf plugin. Install the package:
#dnf install dnf-plugin-system-upgrade
Update your system.
Some third party repos may not be available for the next version of Fedora. Check the status of your configured repositories:
#dnf repolist --releasever 23
If problems are reported with a repository, you may wish to disable it:
#dnf config-manager --set-disabled
Prepare the upgrade enviroment.
#dnf system-upgrade download --releasever
Reboot to perform the upgrade.
#dnf system-upgrade reboot
If an upgrade fails, clean up the download, resolve any issues, and try again.
#dnf system-upgrade clean
Syncing package versions
By default, if a package is a newer version than the same package in the target Fedora release, it will not be replaced. Some common post-installation issues involving packages from mixed repositories can be resolved by performing a
distribution synchronization, or
distro-sync, which ensures that packages are replaced with those in the target repos, wherever possible.
You can perform this operation during the system upgrade with the
dracut utility, which is used to create the initramfs image used during the boot process, can now create a UEFI-bootable executable. The
--uefi argument allows
dracut to create a single UEFI executable, including an EFI stub, kernel, and initramfs.
3.4.1. Disable SSL 3.0 and RC4
SSL 3.0 protocol and the
RC4 cipher are considered insecure and vulnerable to attacks. As such, both are now disabled by default for all Fedora components which use system-wide crypto policies. This includes the
openssl libraries and all applications based on them.
Applications or environments that require
SSL 3.0 or
RC4 can use update-crypto-policies to globally switch to the
LEGACY policy to enable them.
Applications that use
NSS are not affected by this change.
3.4.2. OpenSSH 7.1
The OpenSSH project continues to improve the security of network communication with the release of OpenSSH 7.1. See the upstream release notes for detailed information about this release.
3.4.3. Package Hardening
Packages built for Fedora 23 will be compiled with a position-independent code flag (
FULL RELRO enabled by default. This was previously an optional setting; requiring it by default will protect users from certain potential security vulnerabilities.
Find more information about this change at http://fedoraproject.org/wiki/Changes/Harden_All_Packages.
3.4.4. Standardized Passphrase Policy
A common password policy is being utilized in Fedora 23 to provide a set of consistent rules for password policies. These rules can be modified locally to fit user needs. Information about the default policy is available at https://fedoraproject.org/wiki/Passphrase_policy.