Mystery Fedora disruption prompts security fears

Did security breach prompt ground-up rebuild?

globalisation

The majority of servers supporting the Fedora Linux distribution were back online on Tuesday following a mystery disruption.

Last Thursday (14 August) Fedora project leader Paul Frields took the unusual step of advising users not to download or update their software, as a precaution while the Fedora team responded to an unspecified issue. He warned ahead of time that service outages were likely.

"The Fedora Infrastructure team is currently investigating an issue in the infrastructure systems," Frields wrote in a posting to the Fedora announcement mailing list. "That process may result in service outages, for which we apologize in advance. We're still assessing the end-user impact of the situation, but as a precaution, we recommend you not download or update any additional packages on your Fedora systems."

A later post on Saturday revealed that Fedora was completely rebuilding its systems from the ground up. This, together with the earlier advice to hold off on downloads, sparked speculation that a security breach may be behind the problem.

By early Tuesday most of the Fedora systems were back online. In his latest posting Frields said that all critical systems - needed for the day-to-day operation of Fedora - would be back by close of play on Tuesday.

Frields said a detailed explanation of what provoked the incident would be available soon.

"We know the community is awaiting more detail on the past week's activities and their causes. We're preparing a timeline and details and will make them available in the near future. We appreciate the community's patience, and will continue to post updates to the Fedora-announce-list as soon as possible." ®

Sponsored: 5 critical considerations for enterprise cloud backup