So basically Fedora is not completely open and transparent distribution thanks to that binary blob.
It’s not a binary blob; OpenH264 is free software. It just can’t be distributed by Fedora due to patents. From an earlier link:
Fedora has worked with Cisco to allow us to build and sign the RPMs, thus insuring integrity for Fedora users. We then ship Cisco the binary RPMs, which they publish. We reference their binary distribution in a repository that end users have access to. This allows users to legally get the codec, verify the integrity of the content, and receive packages that integrate nicely into a Fedora system.
Note that there are many different items that fedora cannot distribute similarly. Anything with certain patent, proprietary code, and copyright encumbrances are restricted from distribution by fedora even though they may be freely available from another source
Also note that what you are calling a binary blob is fully compatible with fedora software, just not distributed by fedora. It is not installed by fedora, nor is is mandatory for the distro.
It is required for certain multimedia uses, but that is entirely up to each users desires and not determined by fedora. Fedora makes it available from a different repo and does not distribute it directly.
That’s all very shady. Are those builds reproducible? Can I get the sources, repeat the build in isolated environment and compare it to the shipped binary to ensure that there is no unexpected binary code?
Source code is found at https://github.com/cisco/openh264 and the spec files for building it is at https://src.fedoraproject.org/rpms/openh264.git.
With that you should be able to build it on your own computer.
Unexpected binary code from where? The package is built on Fedora infrastructure and signed by Fedora, so Cisco cannot modify it. Fedora package builds aren’t yet easily reproducible, but this package is no worse in that regard.
That doesn’t directly answer the question if the build is reproducible, but thanks for the pointer.
Is there any easy to remember command to build the spec? In Homebrew I do
HOMEBREW_NO_INSTALL_FROM_API=1 brew install foo
Which means it installs foo
using “formula” (brew style spec) from local repo,
Whoever controls Fedora infrastructure, can get package signed. In many countries companies are required to provide access to their infrastructure to various kind of “secret service” organizations, who can not be trusted.
Thanks for the pointer, nice reading about repro.
This topic and its above posts have been moved from Fedora-cisco-openh264 repo does not work - #17 into a dedicated topic in order to keep both topics focused on their very issue.
There are two versions of reproducible.
- Independently build a 100% bit-for-bit identical RPM
- Build the software from source using the same instructions.
Fedora can do (2).
You can use mock
to build any source RPM for your self easily.
There is also the rpmbuild
command, but it requires more seup to do the builds.
See How RPM packages are made: the source RPM - Fedora Magazine
How to prove that this openh264
package is built on Fedora infrastructure? It can not be found among packages (openh264 - Fedora Packages), and https://mirrormanager.fedoraproject.org/ don’t list any fedora-cisco-openh264
repo. I don’t even know how to see which files are being distributed by this repo.
Source: Overview - rpms/openh264 - src.fedoraproject.org
Builds: openh264 | Package Info | koji
It’s not in packages because it’s in a seperate repo instead of the ones
packages is watching.
You can look at the meta data for the RPM that shows the host it was built on.
Below it shows it from the fedora-cisco-openh264
repr and was built onbuildvm-a64-31.iad2.fedoraproject.org
.
$ dnf info openh264
Updating and loading repositories:
Repositories loaded.
Installed packages
Name : openh264
Epoch : 0
Version : 2.4.1
Release : 2.fc41
Architecture : aarch64
Installed size : 1.1 MiB
Source : openh264-2.4.1-2.fc41.src.rpm
From repository : fedora-cisco-openh264
Summary : H.264 codec library
URL : https://www.openh264.org/
License : BSD-2-Clause
Description : OpenH264 is a codec library which supports H.264 encoding and decoding. It is
: suitable for use in real time applications such as WebRTC.
Vendor : Fedora Project
$ rpm -qi openh264
Name : openh264
Version : 2.4.1
Release : 2.fc41
Architecture: aarch64
Install Date: Sat 16 Nov 2024 18:52:41 GMT
Group : Unspecified
Size : 1130745
License : BSD-2-Clause
Signature : RSA/SHA256, Tue 13 Feb 2024 20:23:11 GMT, Key ID d0622462e99d6ad1
Source RPM : openh264-2.4.1-2.fc41.src.rpm
Build Date : Tue 13 Feb 2024 20:19:34 GMT
Build Host : buildvm-a64-31.iad2.fedoraproject.org
Packager : Fedora Project
Vendor : Fedora Project
URL : https://www.openh264.org/
Bug URL : https://bugz.fedoraproject.org/openh264
Summary : H.264 codec library
Description :
OpenH264 is a codec library which supports H.264 encoding and decoding. It is
suitable for use in real time applications such as WebRTC.
There is a new version released - 2.5.0 - Releases · cisco/openh264 · GitHub - but no builds to tests - Fedora Updates System is empty.
How to request openh264
update in F41? I feel there are a lot of issues with this open implementation, from Reddit posts to Deep Learning video Videos don't play on Firefox - Platform Technical Support - DeepLearning.AI and shipping outdated codecs for OS stability doesn’t outweigh the drawbacks of having different performance and stability problems with media content.
2.5.0 has been built for F42 (rawhide), but not for F41 as shown in the above Koji link. The process to get it into Cisco’s repo is pretty manual; it involves a developer opening a releng ticket (example).
There doesn’t seem to be any formal testing process, so some care needs to be taken to make sure a new build doesn’t regress before pushing it to everyone. In any case, there’s no guarantee that 2.5.0 will resolve your issues with the codec. OpenH264 is an imperfect h.264 decoder, but it’s the only one Fedora can offer.
Your best option is always going to be to use ffmpeg (ignoring any legal concerns).
In any case, there’s no guarantee that 2.5.0 will resolve your issues with the codec.
People upstream report that 2.5.0 resolves them - Error decoding MPEG-TS stream (Firefox doesn't play learning materials) · Issue #3808 · cisco/openh264 · GitHub
OpenH264 is an imperfect h.264 decoder, but it’s the only one Fedora can offer.
Would be nice to get an official statement on that with a story that can be referenced from Wikipedia, to push people to use more modern and royalty free open source codec alternatives.
Opened Issue #12466: Please update `openh264`to 2.5.0 in F41 - releng - Pagure.io
If upstream doesn’t do regression testing, I don’t see how less specialized distribution can do better. I can test openh264
issues I experience with Reddit, messengers and DLAI online learning platform, after the package is available.
If I wasn’t scared to death by legal concerns, I wouldn’t use Fedora.
Speaking about legal concerns, if Cisco already paid royalties, it can “own” copyleft version of x264
much like everybody else, and ship it too.
The licencing authority, MPLA, will not talk to businesses that ship less the 100,000 units. In my day job a few years ago we tried to pay for MPEG and found this out.
You gave them the authority? If they don’t do their duty, it is time to revoke it.