#fedora-blocker-review log

17:00:50 <adamw> #startmeeting F36-blocker-review
17:00:50 <zodbot> Meeting started Mon Feb  7 17:00:50 2022 UTC.
17:00:50 <zodbot> This meeting is logged and archived in a public location.
17:00:50 <zodbot> The chair is adamw. Information about MeetBot at https://fedoraproject.org/wiki/Zodbot#Meeting_Functions.
17:00:50 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic.
17:00:50 <zodbot> The meeting name has been set to 'f36-blocker-review'
17:00:55 <adamw> #meetingname F36-blocker-review
17:00:55 <zodbot> The meeting name has been set to 'f36-blocker-review'
17:00:58 <adamw> #topic Roll Call
17:01:08 <bcotton> .hello2
17:01:09 <zodbot> bcotton: bcotton 'Ben Cotton' <bcotton@redhat.com>
17:02:44 <coremodule> .hello2
17:02:45 <zodbot> coremodule: coremodule 'Geoffrey Marr' <gmarr@redhat.com>
17:04:47 <cmurf[m]> ha ok
17:04:59 <adamw> ahoyhoy folks, who's around for blocker review fun
17:05:24 <nielsenb> I'm here too
17:05:42 <adamw> brb, call of nature
17:09:37 <adamw> alrighty
17:09:46 <adamw> welcome to the first blocker review meeting of 2022! exciting times indeed
17:09:57 * pwhalen is here
17:09:59 <lruzicka> .hello lruzicka
17:10:00 <zodbot> lruzicka: lruzicka 'Lukáš Růžička' <lruzicka@redhat.com>
17:10:03 <lruzicka> Aloha
17:10:16 * coremodule willing to act as secretary.
17:11:18 * cmurf[m] found the room afterall
17:11:42 <adamw> welcome cmurf
17:12:59 <adamw> #chair coremodule cmurf
17:12:59 <zodbot> Current chairs: adamw cmurf coremodule
17:13:06 <adamw> impending boilerplate alert
17:13:12 <adamw> #topic Introduction
17:13:16 <adamw> Why are we here?
17:13:21 <adamw> #info Our purpose in this meeting is to review proposed blocker and nice-to-have bugs and decide whether to accept them, and to monitor the progress of fixing existing accepted blocker and nice-to-have bugs.
17:13:25 <adamw> #info We'll be following the process outlined at:
17:13:29 <adamw> #link https://fedoraproject.org/wiki/QA:SOP_Blocker_Bug_Meeting
17:13:33 <adamw> #info The bugs up for review today are available at:
17:13:38 <adamw> #link http://qa.fedoraproject.org/blockerbugs/current
17:13:41 <adamw> #info The criteria for release blocking bugs can be found at:
17:13:45 <adamw> #link https://fedoraproject.org/wiki/Basic_Release_Criteria
17:13:48 <adamw> #link https://fedoraproject.org/wiki/Fedora_36_Beta_Release_Criteria
17:13:51 <adamw> #link https://fedoraproject.org/wiki/Fedora_36_Final_Release_Criteria
17:14:05 <adamw> #info for Beta, we have:
17:14:23 <adamw> #info 3 Proposed Blockers
17:14:27 <adamw> #info 3 Accepted Blockers
17:14:32 <adamw> #info for Final, we have:
17:14:42 <adamw> #info 5 Proposed Blockers
17:15:50 <adamw> #info coremodule will secretarialize
17:16:26 <adamw> let's get going with:
17:16:29 <adamw> #topic Proposed Beta blockers
17:16:56 <adamw> #topic (2032085) Some variants are missing /etc/resolv.conf symlink (use systemd-resolved)
17:16:59 <adamw> #link https://bugzilla.redhat.com/show_bug.cgi?id=2032085
17:17:02 <adamw> #link https://pagure.io/fedora-qa/blocker-review/issue/581
17:17:06 <adamw> #info Proposed Blocker, distribution, POST
17:17:10 <adamw> #info Ticket vote: BetaBlocker (+1,0,-3) (+sgallagh, -imsedgar, -nielsenb, -bcotton)
17:17:30 <adamw> so this goes to the topic we had in the qa meeting
17:17:51 <adamw> there's no criterion-breaking functionality breakage here, but we're not doing what we said we were gonna do
17:18:14 <adamw> personally i think it would be reasonable for fesco to declare this a blocker, but it's not a blocker by the release criteria
17:18:23 <nielsenb> https://bugzilla.redhat.com/show_bug.cgi?id=2032085#c20
17:18:26 <cmurf[m]> it's reasonable to reject it due to lack of criterion, so my thought is to do that, hope the pending upstream changes fix it, and if not, file a fesco ticket
17:18:35 <nielsenb> if I understand that comment correctly, it might soon become breaking?
17:18:59 <nielsenb> Wait, wrong comment
17:19:05 <nielsenb> comment 21
17:20:05 <adamw> good point
17:20:20 <adamw> but it's not yet, afaik :D
17:20:42 <nielsenb> Yeah, the anticipation is killing me.
17:21:04 <adamw> suggestion: we punt on this and file a ticket for fesco to consider it?
17:21:15 <pwhalen> +1 to the suggestion
17:21:17 <nielsenb> That's what I think would be best.
17:21:19 <nielsenb> +1
17:21:25 <lruzicka> +1
17:21:36 <bcotton> +1 to the punt-to-fesco
17:21:56 <cmurf[m]> +1 to punt to fesco
17:22:07 <adamw> eeeexcellent
17:23:23 <adamw> proposed #agreed 2032085 - punt (delay decision) - we don't think this qualifies as a blocker under the release criteria currently, but there seems to be a strong case for FESCo to declare it a blocker as current state is not at all how we want things to be, and this is an important area. so instead of rejecting, we will file a ticket for FESCo to consider declaring it a blocker (as they are allowed to do)
17:23:38 <lruzicka> ack
17:23:56 <coremodule> ack
17:24:02 <pwhalen> ack
17:24:52 <adamw> #agreed 2032085 - punt (delay decision) - we don't think this qualifies as a blocker under the release criteria currently, but there seems to be a strong case for FESCo to declare it a blocker as current state is not at all how we want things to be, and this is an important area. so instead of rejecting, we will file a ticket for FESCo to consider declaring it a blocker (as they are allowed to do)
17:25:08 <adamw> #topic (2017043) GNOME doesn't accept input from wireless keyboard if there's not another "keyboard" input available
17:25:31 <adamw> #link https://bugzilla.redhat.com/show_bug.cgi?id=2017043
17:25:36 <adamw> #link https://pagure.io/fedora-qa/blocker-review/issue/590
17:25:41 <adamw> #info Proposed Blocker, libinput, NEW
17:25:45 <adamw> #info Ticket vote: BetaBlocker (+2,0,-1) (+nielsenb, +lruzicka, -sgallagh)
17:25:49 <adamw> #info Ticket vote: FinalBlocker (+1,0,-0) (+sgallagh)
17:25:53 <adamw> #info Ticket vote: BetaFreezeException (+1,0,-0) (+sgallagh)
17:27:12 <nielsenb> Per comment 19 in the bugzilla bug, it affects everything not x86
17:27:37 <nielsenb> In case you're wondering why the wireless keyboard you're typing on is working :)
17:28:44 <sgallagh> That reinforces my -1 for Beta :)
17:29:08 <nielsenb> Is aarch64 workstation not beta blocking?
17:29:20 <Southern_Gentlem> sgallagh, i thought arm was a blockng arch
17:30:14 <sgallagh> nielsenb: I think we block on aarch64 XFCE?
17:30:28 <nielsenb> "The current set of release-blocking desktops for x86_64 is GNOME and KDE, and for aarch64 is GNOME."
17:30:38 <bcotton> we don't block on anything for XFCE
17:30:40 <sgallagh> But my point was more around: how likely is it for someone NOT using x86_64 to be using a wireless keyboard?
17:30:41 <nielsenb> From the F36 release criteria
17:30:51 <sgallagh> I misremembered.
17:30:52 <Southern_Gentlem> +1 Blocker
17:30:55 <bcotton> #link https://docs.fedoraproject.org/en-US/releases/f36/blocking/
17:30:55 <nielsenb> I feel like it's more likely for an ARM device to be a couch computer?
17:31:09 <sgallagh> I think it's absolutely a blocker for Final.
17:31:14 <pwhalen> +1 blocker
17:31:16 <coremodule> agreed, I use wireless keyboards to test all my ARM installs...
17:31:19 <sgallagh> But at Beta, it wouldn't pass the "last blocker" test for me.
17:31:26 <cmurf[m]> oh my it's long
17:32:14 <lruzicka> sgallagh, I people had a film player run on Arm, wouldn't they want to use a remote keyboard? I guess so.
17:32:25 <adamw> sorry, i was looking in detail into the bug
17:32:33 <adamw> it looks a lot like this isn't really arm-specific
17:32:43 <sgallagh> I mean, it's an easy workaround to put into Common Bugs: use a wired keyboard.
17:33:08 <adamw> it's more that some code in mutter does not account for the possibility that a single device could have multiple capabilities (pointer, keyboard...)
17:33:18 <sgallagh> adamw: Right, but who on earth would use a wireless keyboard on ppc64le or s390x?
17:33:22 <adamw> so you hit the bug when using a device like that. doesn't matter what system it's connected to or what arch it is.
17:33:32 <nielsenb> Yeah, it's more luck it works with x86
17:33:48 <adamw> does it work with x86?
17:33:57 <sgallagh> It's absolutely worth fixing (and blocking Final for).
17:34:02 <nielsenb> The keyboards work, as far as I understand, yes
17:34:06 <lruzicka> we should also be very aware of the proposed common bugs process - people might feel confused
17:34:08 <adamw> hmm, bug report says it does
17:34:14 <adamw> but...that seems odd.
17:34:18 <nielsenb> Because the multi capability enumeration only fails if it's the first input device enumerated
17:34:23 <sgallagh> But I would absolutely vote against slipping if this was the last bug at Go/No-Go
17:34:31 <nielsenb> And x86 has some "virtual" device always connected for some reason
17:34:43 <nielsenb> At least that's my interpretation
17:34:46 <sgallagh> (Particularly since futzing with low-level mutter stuff during Freeze almost always has side-effects)
17:35:05 <adamw> ah, i wonder if the enumeration of capabilities is changing in different configs
17:35:12 <bcotton> well we're still two weeks away from beta freeze
17:35:17 <adamw> although...hmm...i don't see why that should matter. humf.
17:35:30 <cmurf[m]> what's the criterion?
17:35:53 <cmurf[m]> I'm -1 beta blocker, +1 final blocker, and +1 beta common bugs
17:36:05 <nielsenb> Definitely +1 to beta common bugs
17:36:08 <cmurf[m]> this is before i know what criterion 😛
17:36:10 <adamw> ah, ok, pbrobinson suggested a reason why it works on x86_64, i missed that
17:37:18 <adamw> i kinda don't like the idea that we'd be ok with this because it 'only' affects aarch64. they're supposed to be equally important, really.
17:37:26 <adamw> if it "only" affected x86_64 but aarch64 was fine, would we block on it?
17:37:35 <nielsenb> It feels like a bad "look" to me to push a beta that may not work for a decent subset of people
17:37:38 <lruzicka> adamw, I believe we would
17:38:00 <nielsenb> I would hope people using betas would check the common bugs
17:38:04 <lruzicka> nielsenb, I agree
17:38:09 <sgallagh> adamw: But it's specific to hardware configurations using wireless keyboards
17:38:21 <nielsenb> And specific wireless keyboards at that, apparently
17:38:26 <sgallagh> It's not that it's aarch64, it's an issue around a certain hardware.
17:38:26 <bcotton> i'm definitely not okay with it for final. still trying to figure out how i feel about beta
17:38:42 <sgallagh> And if that's the case, we make a judgement call about how many people will hit it.
17:38:51 <sgallagh> Same as with x86_64
17:38:58 <adamw> well, i think the specific requirement is "only having input devices with multiple capabilities connected"
17:39:19 <adamw> the ones we happen to know about are wireless, but i guess there could be a wired multi-capability input device. i've no idea if there is.
17:39:41 <nielsenb> I used to a Logictech USB one, but unfortunately no longer do
17:39:47 <nielsenb> So I can't really test
17:39:53 <nielsenb> But they do exist
17:39:55 <adamw> nielsenb: it's likely "ones using dongles that also support wireless mice". don't know if you actually have to have a wireless mouse also connected to the same dongle, or the dongle just has to have the capability.
17:40:26 <adamw> nielsenb: it would depend also on how it presents itself to the OS - it could represent itself as two different input devices even though it's physically one thing, i guess
17:40:27 <lruzicka> yeah, I have once had a keyboard with a touchpad ... I no longer do
17:40:29 <adamw> anyway, where are we with votes...
17:40:58 <bcotton> 0 BetaBlocker, +1 BetaFE
17:41:07 <coremodule> I have 4 wireless keyboard/trackpad combos that I use everyday for testing various hardware... mostly ARM stuff, but some x86. For me, this is a blocker, having to test several raspberry pies with a separate wired mouse and wired keyboard attached to each is more hardware to buy and more mess when running multiple at once
17:41:13 <sgallagh> I remain +1 FinalBlocker, -1 BetaBlocker, -1 BetaFE, +1 BetaCommonBugs
17:41:25 <nielsenb> +1 BetaBlocker
17:41:26 <adamw> honestly i think i'm +1 beta. i get sgallagh's argument, but this is just a pretty bad bug for people who hit it.
17:41:36 <nielsenb> Though I understand and appreciate both sides
17:41:40 <adamw> coremodule: is that a +1 vote?
17:41:42 <coremodule> +1 beta blocker, +1 final blocker, +1 common bugs
17:41:45 <lruzicka> I agree, +1 betablocker
17:41:47 <adamw> ok
17:42:04 <adamw> lruzicka and nielsenb were already counted in the ticket, so we're at +4 / -1 i believe
17:42:13 <pwhalen> +1 blocker here to
17:42:15 <pwhalen> too
17:42:24 <adamw> ok, +5/-1, that's clear enough
17:43:04 <sgallagh> I'll just make sure I have my "I Told You So" stamp ready when we get to Go/No-Go ;-)
17:43:28 <adamw> proposed #agreed 2017043 - AcceptedBlocker (Beta) - accepted as a conditional violation of "A system installed with a release-blocking desktop must boot to a log in screen where it is possible to log in to a working desktop using a user account created during installation or a 'first boot' utility" (can't log in or create user if you can't type) on affected systems (aarch64 with multi-capability input device)
17:43:35 <adamw> did that fit on IRC?
17:43:39 <coremodule> yes
17:43:42 <lruzicka> yes, ack
17:43:43 <adamw> yay
17:43:44 <coremodule> ack
17:43:44 <bcotton> ack
17:43:46 <nielsenb> yes
17:43:48 <sgallagh> ack
17:43:49 <nielsenb> ack
17:43:49 <cmurf[m]> ack
17:43:57 <adamw> #agreed 2017043 - AcceptedBlocker (Beta) - accepted as a conditional violation of "A system installed with a release-blocking desktop must boot to a log in screen where it is possible to log in to a working desktop using a user account created during installation or a 'first boot' utility" (can't log in or create user if you can't type) on affected systems (aarch64 with multi-capability input device)
17:44:03 <adamw> Stephen Gallagher: i will go and fix the bug just to spite you
17:44:19 <sgallagh> adamw: I approve of this
17:44:27 <adamw> dangit
17:44:41 <bcotton> spite-driving development is the most effective development methodology
17:44:54 <adamw> quick, write a blog post and get a book deal, we'll be reach
17:44:58 <sgallagh> Honestly, my ideal here is that it gets fixed before Freeze and this is all academic.
17:45:02 <adamw> somebody call O'Reilly
17:45:07 <sgallagh> Bill?
17:45:11 <nielsenb> Do we need a 'spite-master'?
17:45:30 <adamw> no, the ones who print all the books.
17:45:41 <sgallagh> (I know, I was being an ass)
17:45:53 <adamw> oh, apparently they're trying to be a Learning Platform now
17:46:03 <adamw> quick, somebody call O'Reilly and get us a...learning platform...deal
17:46:21 <adamw> #topic (2008179) tpm2_createprimary fails
17:46:26 <adamw> #link https://bugzilla.redhat.com/show_bug.cgi?id=2008179
17:46:30 <adamw> #link https://pagure.io/fedora-qa/blocker-review/issue/588
17:46:35 <adamw> #info Proposed Blocker, tpm2-tss, ASSIGNED
17:46:39 <adamw> #info Ticket vote: BetaBlocker (+0,0,-3) (-sgallagh, -nielsenb, -bcotton)
17:46:43 <adamw> #info Ticket vote: FinalBlocker (+1,0,-0) (+bcotton)
17:46:47 <adamw> #info Ticket vote: BetaFreezeException (+0,0,-1) (-sgallagh)
17:46:50 <adamw> so as noted, this has =3
17:46:53 <cmurf[m]> there is an iot requirement
17:46:53 <adamw> er, -3
17:46:55 <cmurf[m]> https://fedoraproject.org/wiki/Fedora_35_Final_Release_Criteria#Automatic_partition_decryption_.28Clevis.29
17:47:01 <adamw> but i thought i'd bring it to the floor in case someone wants to make the case for it here
17:47:04 <adamw> thanks cmur
17:47:05 <adamw> f
17:47:42 <sgallagh> cmurf: That's for Final, FYI
17:47:58 <nielsenb> Yeah, definitely a final blocker
17:47:58 <cmurf[m]> comment 3, maybe we should find out if IoT is affected?
17:48:13 <cmurf[m]> because that's the only edition the final release criterion applies to at the moment
17:48:37 <nielsenb> Fair point
17:48:39 <sgallagh> I could be +1 FinalBlocker here.
17:49:05 <cmurf[m]> if IoT then +1 final blocker, per criterion
17:49:31 <adamw> well, it would be nice to confirm that workflow is actually affected
17:50:03 <adamw> i'm pinging dusty
17:50:41 <sgallagh> Well, are we agreed that it's NOT a Beta blocker?
17:50:53 <sgallagh> If so, let's put a pin in the Final discussion and move on.
17:51:01 <adamw> i was pinging dusty to see if he has any justification for that
17:52:50 <adamw> but i guess not, so
17:53:11 <adamw> proposed #agreed 2008179 - RejectedBlocker (Beta) - this does not appear to violate any Beta criteria
17:53:12 <cmurf[m]> needinfo and punt to next week
17:53:21 <adamw> oh, now he replied. :D
17:53:23 <adamw> hold on
17:54:01 <adamw> dustymabe: ahoy
17:54:17 <adamw> so, we were about to reject https://bugzilla.redhat.com/show_bug.cgi?id=2008179 , but is there a justification we're missing for it to block beta?
17:54:41 <adamw> we aren't aware of any criteria for it. there's an IoT Final criterion for TPM-based encryption, but that's all we've got
17:55:43 <cmurf[m]> ergo if the problem reproduces on IoT edition then it might be a final blocker 😉
17:55:50 <dustymabe> I don't know of a specific criteria. It basically breaks any users who currently rely on that functionality and upgrade IIUC
17:56:24 <cmurf[m]> at the moment we only have a final release criterion for TPM/Clevis functionality for IoT edition
17:56:30 <dustymabe> the bug has been open for months - we could have reverted tpm2 to the older version when the bug was introduced
17:56:50 <dustymabe> we still have the older version pinned in FCOS which is why our tests are still passing
17:57:24 <dustymabe> I just don't understand why we would choose to leave it broken in rawhide and not revert it
17:58:09 <adamw> dustymabe: the bug doesn't actually seem to mention that an older version of tpm2 works?
17:58:15 <adamw> it's all about how it doesn't work with a newer openssl
17:58:39 <dustymabe> adamw: sorry, I guess that's implied (i.e. was working, now broken)
17:58:41 <adamw> "revert to an even older version" isn't an immediately obvious solution to that problem. so, unless you told him some other way, maybe peter didn't know of the possibility?
17:58:56 <dustymabe> here's our FCOS issue tracker for it: https://github.com/coreos/fedora-coreos-tracker/issues/968
17:59:05 <adamw> "Started happening with tpm2-tss-3.1.0-4.fc36, which was rebuilt for OpenSSL 3.0.0"
17:59:22 <adamw> to me i wouldn't read that as meaning "so just downgrade to an older tpm2 and everything will be fine" heh
17:59:34 <sgallagh> I suspect it's a problem that could be resolved by building against openssl 1.2 compat
17:59:41 <adamw> note, in rawhide we can't literally just revert to an older package, that is not allowed
17:59:53 <adamw> anyhow
18:00:01 <dustymabe> adamw: could you not bump epoch and rebuild ?
18:00:17 <adamw> dusty: we could, but it'd still be built against openssl 3 in that case, wouldn't it?
18:00:19 <adamw> anyhow
18:00:31 <adamw> let's go back to the proposal...
18:00:35 <adamw> but i'm gonna patch it a bit
18:01:02 <dustymabe> adamw: k - just let me know what comment I should add to the bug (sorry there was missing info)
18:01:18 <adamw> proposed #agreed 2008179 - RejectedBlocker (Beta) AcceptedFreezeException (Beta) - this does not appear to violate any Beta criteria, but it's useful functionality and would be a showstopper for anyone using it on F35 who upgrades to F36, so accepted as an FE issue
18:01:30 <bcotton> ack
18:01:32 <lruzicka> ack
18:01:38 <adamw> dustymabe: i'll try and remember to add a comment later
18:01:40 <nielsenb> ack
18:01:44 <sgallagh> ehhh, I'm not thrilled with having it as an FE, but okay.
18:01:57 <adamw> Stephen Gallagher: sorry, i should've asked for votes on that i guess
18:02:15 <adamw> what do people feel about FE?
18:02:19 <lruzicka> sgallagh, do you think it's dangerous?
18:02:29 <sgallagh> I explained my justification here: https://pagure.io/fedora-qa/blocker-review/issue/588#comment-778016
18:02:32 <dustymabe> I admittedly don't know enough about TPM2 stuff (I'm just the FCOS mule that looks at test failures)
18:02:32 <adamw> since it is something we block on for Final, and dusty makes a point about upgraders, FE seems reasonable to me
18:02:33 <bcotton> +1 FE. if the fix makes it worse, we're not obligated to accept it
18:02:47 <dustymabe> but what happens if someone is depending on this and upgrades to the beta?
18:03:03 <adamw> Stephen Gallagher: if the bug is "TPM doesn't work", I'm having trouble seeing how an update to tpm packages could make things much worse :D
18:03:26 <adamw> dustymabe: it breaks. we *do* tell people not to use beta in production. it's a beta.
18:03:41 <sgallagh> The bug is "TPM doesn't work for auto-decryption" and could end up with "Fixes auto-decryption, breaks all other usages"
18:04:06 <nielsenb> Do we actually know it doesn't work for auto decryption? The bug is SSL
18:04:23 <sgallagh> Anyway, I've said my piece and Ben is correct; we don't have to accept it if it looks too dangerous.
18:05:06 <nielsenb> I do tend to agree it's risky, but we can back out...
18:05:12 <dustymabe> either way I'd like to thank you all for considering this and helping me navigate this process
18:05:21 <adamw> https://bugzilla.redhat.com/show_bug.cgi?id=2008179#c6 says it breaks other things
18:05:49 <adamw> so yeah, i think i'm +1 FE
18:05:50 <adamw> any other votes?
18:05:51 <nielsenb> So yeah...
18:05:54 <nielsenb> +1 FE
18:06:40 * dustymabe can't vote
18:07:01 <lruzicka> +1 FE, if there is an option to bail out
18:07:21 <adamw> there always is
18:07:28 <pwhalen> +1 FE
18:07:42 <adamw> and it depends entirely on my cursory, possibly-hungover inspection of the bugs when filing the push request
18:07:45 <adamw> there, don't you feel re-assured
18:07:57 <adamw> OK, so, same proposal:
18:08:23 <adamw> proposed #agreed 2008179 - RejectedBlocker (Beta) AcceptedFreezeException (Beta) - this does not appear to violate any Beta criteria, but it's useful functionality and would be a showstopper for anyone using it on F35 who upgrades to F36, so accepted as an FE issue
18:08:23 <sgallagh> ack
18:08:27 <bcotton> ack again (just like tag team)
18:08:34 <lruzicka> ack
18:08:40 <nielsenb> ack
18:09:01 <adamw> i feel like proposing it again just to mess with you
18:09:06 <adamw> #agreed 2008179 - RejectedBlocker (Beta) AcceptedFreezeException (Beta) - this does not appear to violate any Beta criteria, but it's useful functionality and would be a showstopper for anyone using it on F35 who upgrades to F36, so accepted as an FE issue
18:09:31 <adamw> ok, moving on to:
18:09:35 <adamw> #topic Proposed Final blockers
18:09:39 <cmurf[m]> ack
18:09:43 <cmurf[m]> oops
18:09:54 <adamw> oh, coremodule, when secretarializing, can you propose that tpm bug as a final blocker?
18:10:04 <coremodule> sure will
18:10:14 <adamw> we'll need to ask pbrobinson to confirm if it affects IoT, I guess. openQA would, but IoT composes don't seem to be...happening
18:10:22 <adamw> there hasn't been one at all for like a month, and no 36 one yet
18:10:41 <adamw> #topic (2050615) Printing not possible over Cups-PDF in Rawhide
18:10:42 <adamw> #link https://bugzilla.redhat.com/show_bug.cgi?id=2050615
18:10:46 <adamw> #link https://pagure.io/fedora-qa/blocker-review/issue/600
18:10:50 <adamw> #info Proposed Blocker, cups-pdf, NEW
18:10:54 <adamw> #info Ticket vote: FinalBlocker (+2,0,-0) (+nielsenb, +lruzicka)
18:11:07 <lruzicka> I still think +1
18:11:18 <cmurf[m]> i just added a comment to it
18:11:40 <adamw> so, i'm not sure about this
18:12:00 <adamw> i don't recall why we use cups-pdf in the openqa tests, but i don't think cups-pdf actually *is* "the built-in print-to-PDF driver", is it?
18:12:41 <adamw> i don't have cups-pdf installed, but i can "Print to File" from gedit and there's a "PDF" choice for "Output format:"
18:12:59 <pwhalen> adamw: it does affect iot, the composes have been broken due to https://bugzilla.redhat.com/show_bug.cgi?id=2034360
18:13:01 <adamw> not sure about KDE off the top of my head
18:13:12 <adamw> pwhalen: thanks
18:13:42 <sgallagh> I saw that got fixed this morning, so hopefully tomorrow the composes will resurrect.
18:13:46 <lruzicka> adamw, well, I believe I have used this to go through the process of installing a printer to the system and confirm it worked
18:14:16 <nielsenb> Huh, I don't have it installed either.
18:14:27 <lruzicka> adamw, I know however, that you could go like "Save as PDF" without the need to install the printer.
18:14:32 <nielsenb> And I definitely have a Print to PDF option, but this is Gnome
18:15:20 <lruzicka> nielsenb, it seems that gnome tools convert to pdf automatically, and they either send it to the file or to the real printer
18:15:26 <adamw> yeah, so, hmm, we're kinda in an awkward position here...
18:15:54 <adamw> the test is set up the way it is for a reason (to test that you can "add a printer" and that works), and it finds a real bug, but the real bug isn't exactly covered by the criteria...
18:15:58 <lruzicka> adamw, we are not ... let's punt this and I will look into it more, if you can save into PDF on KDE as well
18:16:20 <lruzicka> adamw, oh .. yeah, you are right
18:16:22 <nielsenb> The more I interact with the printing stack, the more I realize I have no idea how any of it works...
18:16:31 <adamw> haha, i know right
18:16:48 <adamw> i feel like we had this side discussion somewhere about whether cups-pdf was a good idea, but it's not in the PR or anywhere i can find right now
18:17:04 <adamw> there might even have been a mention that it might go away, but i might be misremembering
18:17:48 <cmurf[m]> i don't know what cups-pdf does
18:18:01 <adamw> cmurf: it's basically a fake printer that just prints to a PDF file
18:18:11 <cmurf[m]> but if printing a pdf via ipp doesn't work... that'd be a problem
18:18:12 <cmurf[m]> ahh
18:18:12 <adamw> so you have print-to-PDF functionality in any context you can use CUPS
18:18:15 <nielsenb> It makes PDF files out of cups, tea cups, coffee cups, anything really
18:18:18 <nielsenb> :)
18:18:24 <adamw> also that, yes
18:18:33 <cmurf[m]> so print to pdf file must be implemented in GNOME without cups-pdf, i also don't have it
18:18:44 <lruzicka> cmurf[m], it sure is
18:19:17 <lruzicka> cmurf[m], there is the "Save as PDF" option that can be used even without cups-pdf
18:19:31 <nielsenb> I think CUPS even has a built in PDF filter these days
18:19:41 <cmurf[m]> right, I think that's what's referred to as "The built-in print-to-PDF driver"
18:19:44 <lruzicka> however, I thought that if cups-pdf worked, there I might believe, regular cups printing worked, too
18:20:18 <lruzicka> when I was writing that test case
18:20:31 <adamw> lruzicka: yeah, like i said, i can see value in the test using cups-pdf because it's a bit closer to testing that a 'real' printer would work than the built-in PDF functionality is
18:20:36 <nielsenb> Right, it makes sense as something to use for testing the 'add a printer' user flow
18:20:45 <adamw> but it means the test winds up not exactly hitting either of the scenarios covered by the criteria :/
18:20:50 <nielsenb> Yeah
18:21:14 <cmurf[m]> i see, makes sense
18:21:21 <adamw> so, for the purposes of this meeting...
18:21:33 <nielsenb> I guess you could argue it is still a blocker under the 'makes testing harder' criterion
18:21:37 <adamw> i think i'm either -1 or punt because this bug seems to be in cups-pdf which isn't actually covered
18:21:40 <nielsenb> But I would rather not
18:21:52 <adamw> nielsenb: yeah, for this case i'd say that's more a problem for us on the test writing side
18:21:55 <lruzicka> ok, I am ok with making it -1
18:22:04 <nielsenb> -1 FinalBlocker
18:22:11 <nielsenb> Do I need to change my vote on Pagure?
18:22:12 <adamw> this would be a blocker if 'built-in' PDF printing or printing to a real physical printer failed similarly
18:22:15 <adamw> (I can actually test that later)
18:22:26 <adamw> nielsenb: no, votes in this meeting override votes in the app
18:22:27 <lruzicka> what if we punted and I would check KDE until next time?:
18:22:30 <lruzicka> we still have time
18:22:43 <adamw> lruzicka: we can probably check KDE from screenshots, actually, let me see
18:22:54 <lruzicka> adamw, ok
18:23:17 <adamw> oh, no, the way the UI is i can't see for sure. darn
18:23:22 <adamw> do i have a KDE vm hooked up...
18:26:49 <lruzicka> adamw, I have started one
18:27:00 <lruzicka> adamw, I will check it in 5 minutes
18:27:27 <adamw> i have one running already
18:27:53 <adamw> yeah, looks like KDE has a native "Print to File (PDF)" printer even without cups-pdf installed.
18:28:11 <adamw> so, those are the features the criterion covers. we'll have to figure out what we want to do about this in the openqa tests outside of the meeting
18:28:41 <adamw> so we're at -3 now
18:29:16 <lruzicka> adamw, I can confirm.
18:29:20 <lruzicka> -1 from me
18:29:42 <adamw> proposed #agreed 2050615 - RejectedBlocker (Final) - this bug appears to be specific to the cups-pdf virtual printer, which isn't actually covered by the criteria. We will revisit if it turns out to affect GNOME's or KDE's built-in PDF printing features, or a real physical printer. we'll consider whether and how to adjust the openQA tests as well
18:29:42 <lruzicka> I am going to change the tests tomorrow to use the native print out options.
18:29:46 <lruzicka> ack
18:29:53 <nielsenb> ack
18:30:10 <adamw> in a way it might be nice to do both, but not sure if it's worth the effort, especially since it's a kinda fragile test :|
18:30:53 <lruzicka> adamw, well ... why not, we might do both :)
18:31:19 <lruzicka> the problem seems to be in the invocation command of ghostcript
18:31:28 <lruzicka> I believe it will be fixed soon anyway
18:31:51 <adamw> ok, cool
18:31:55 <adamw> one more ack?
18:32:38 <lruzicka> alter ego ack
18:32:48 <coremodule> ack
18:32:55 <lruzicka> thank you, coremodule
18:32:57 <cmurf[m]> ack
18:33:02 <lruzicka> thank you, cmurf[m]
18:33:06 <cmurf[m]> without the admiral
18:34:13 <adamw> hehe
18:34:17 <adamw> #agreed 2050615 - RejectedBlocker (Final) - this bug appears to be specific to the cups-pdf virtual printer, which isn't actually covered by the criteria. We will revisit if it turns out to affect GNOME's or KDE's built-in PDF printing features, or a real physical printer. we'll consider whether and how to adjust the openQA tests as well
18:34:28 <adamw> #topic (2049849) Windows with bitlocker enabled can't be booted, needs to use bootnext instead of chainloader
18:34:31 <adamw> #link https://bugzilla.redhat.com/show_bug.cgi?id=2049849
18:34:35 <adamw> #link https://pagure.io/fedora-qa/blocker-review/issue/597
18:34:38 <adamw> #info Proposed Blocker, grub2, NEW
18:35:12 <lruzicka> +1 final blocker
18:35:15 <nielsenb> This one is hard for me
18:35:42 <nielsenb> Without it being fixed, Fedora can't really be a drop in dual boot option on machines shipping Windows 11
18:36:00 <lruzicka> but?
18:36:12 <adamw> cmurf: so this basically affects newer Windows pre-installs?
18:36:14 <nielsenb> We explicitly waive blocking on Secure Boot don't yet?
18:36:19 <nielsenb> *don't we?
18:36:30 <adamw> no, we explicitly include it.
18:36:46 <nielsenb> "The bootloader entry part of this criterion does not apply when Secure Boot is enabled (because it has not yet been made to work, and fixing it is not trivial). cases. "
18:36:59 <adamw> oh, i was thinking of elsewhere
18:37:15 <nielsenb> So I think we already don't work on these machines
18:37:33 <cmurf[m]> oh oops where are we
18:37:41 <nielsenb> https://fedoraproject.org/wiki/Fedora_36_Final_Release_Criteria#Windows_dual_boot
18:37:45 <cmurf[m]> by we i mean me
18:37:46 <adamw> yes, good point
18:37:56 <adamw> i honestly am not very experienced in this area, cmurf is the expert
18:38:05 <adamw> cmurf, do you remember what the deal with that SB carve-out for dualboot is/was?
18:38:13 <cmurf[m]> this affects any recent system possibly for some time now
18:38:13 <adamw> and how does it relate here?
18:38:49 <cmurf[m]> did we have a carve out for dual boot SB?
18:39:34 <cmurf[m]> the gist is that our Windows boot option in GRUB is increasingly unlikely to work - you just get a blue screen that says enter your bitlocker recovery key instead of Windows booting to a login prompt
18:39:51 <cmurf[m]> new Lenovo laptop out of the box last June is when i first came across it
18:39:54 <lruzicka> cmurf[m], what happens if you have the key?
18:39:57 <adamw> cmurf: nielsenb just pasted it
18:40:00 <cmurf[m]> and it's not even that new, X1 Carbon Gen 7
18:40:07 <adamw> https://fedoraproject.org/wiki/Fedora_36_Final_Release_Criteria#Windows_dual_boot
18:40:10 <cmurf[m]> if you have the key you can enter it and boot
18:40:15 <adamw> "Secure Boot excepted" footnote
18:40:32 <lruzicka> we have also had an issue with this on Fedora Installfest and we basically destroyed a guy's windows installation
18:40:35 <cmurf[m]> this is not a Secure Boot related issue though
18:40:47 <cmurf[m]> it'd happen even without SB enabled
18:40:49 <nielsenb> But if you disable secure boot to install, you will now also trip the TPM, right?
18:41:01 <adamw> not directly, but will there ever be a system that's affected by this but does not have SB on?
18:41:12 <cmurf[m]> lruzicka: tell me more (just not here, maybe in #fedora-qa:libera.chat
18:41:30 <cmurf[m]> i'm not sure how to answer it
18:41:36 <cmurf[m]> if i turn off SB, the problem still happens
18:41:56 <adamw> would windows even boot in that case though? i just kinda thought microsoft was tying these features together, but imbw
18:41:58 <nielsenb> and Windows with bitlocker enabled will still boot?
18:42:00 <cmurf[m]> in practice, SB will be on any time there's a laptop with TPM 2.0 on it even though the features are orthogonal
18:42:11 <cmurf[m]> you can boot Windows 10 with SB off
18:42:26 <cmurf[m]> i don't know about 11, have been avoiding it so far
18:42:39 <nielsenb> But if you have a system with SB and TPM enabled, Windows installed, bitlocker enabled, then turn SB off, will Windows boot?
18:42:57 <cmurf[m]> sure
18:43:06 <cmurf[m]> measured boot is not related to Secure Boot
18:43:06 <nielsenb> Interesting
18:43:22 <cmurf[m]> Secure Boot just means it's checking for signed bootloaders (EFI binaries)
18:43:30 <nielsenb> Then they are purely orthogonal
18:43:36 <cmurf[m]> measured boot is a separate thing you can do with or without Secure Boot
18:43:36 <nielsenb> And the SB carve out doesn't apply here
18:43:50 <nielsenb> At least as far as I now understand it
18:43:59 <cmurf[m]> yeah pretty sure the SB carve out doesn't apply
18:45:02 <adamw> yeah, i agree it doesn't apply directly, i was just wondering that if we know dualboot like this doesn't work with SB, maybe it makes this bug practically less important
18:45:02 <adamw> anyhow
18:45:16 <adamw> is the SB carve-out still valid? does grub dualboot still not work with SB?
18:45:46 <cmurf[m]> it works
18:46:02 <cmurf[m]> for a long time you can boot Windows via GRUB with Secure Boot enabled
18:46:09 <cmurf[m]> everything is signed so it boots
18:47:01 <nielsenb> Do we have any idea how common Bitlocker is on preloads?
18:47:10 <cmurf[m]> increasingly common
18:47:16 <nielsenb> Figured
18:47:32 <cmurf[m]> mine was out of the box, gen 7 X1 Carbon (what is that about 2 years old?)
18:47:55 <nielsenb> Though more of an enterprise class machine
18:47:58 <cmurf[m]> and when i downloaded a Windows 10 ISO from microsoft.com and obliterated the Lenovo OEM copy of Windows 10 - it too used bitlocker by default
18:48:08 <adamw> okay, so maybe we should ditch that carveout, but by the same token, this bug gets more important...
18:48:12 <nielsenb> Okay, if it's using it by default
18:48:23 <nielsenb> This is really unfortunate
18:48:28 <cmurf[m]> yeah
18:48:51 <cmurf[m]> but being super precise about our existing language, our bootloader does still boot windows, just not to a login prompt
18:48:56 <cmurf[m]> we get a recovery prompt
18:49:13 <adamw> hmm, i think i'd still count that as not working right, heh
18:49:18 <cmurf[m]> does "boot into Windows" mean the login window? or the Windows kernel? 😛
18:49:39 <adamw> i do try to avoid wordsmithing to the extent the criteria read like a terms & conditions document. it's a fine balance. :D
18:49:42 <cmurf[m]> yeah that's probably our intent is to not disturb what the user expects to happen
18:49:45 <lruzicka> cmurf[m], I would like to know what happens if you boot to the recovery prompt and you recover using the Bitlocker key?
18:49:55 <lruzicka> cmurf[m], is it the same on the next boot, too?
18:49:56 <cmurf[m]> works
18:50:01 <nielsenb> I'd rather err on the side of not making people go "what did you do to my machine‽"
18:50:07 <cmurf[m]> nope, one time thing each time
18:50:19 <cmurf[m]> i have to enter the key every time
18:50:28 <cmurf[m]> it's a long ass key too haha
18:50:29 <lruzicka> so this sucks
18:50:33 <nielsenb> Gross
18:50:39 <cmurf[m]> is the machine generated type of recovery key
18:50:58 <adamw> urgh, yeah, that doesn't seem practical
18:51:00 <adamw> one time maybe
18:51:02 <adamw> every time, no
18:51:06 <lruzicka> yeah, it's like a windows installation key
18:51:16 <cmurf[m]> in particular, since it's enabled by default, you don't get an obvious "oh hey by the way here is your recovery key save this in a good spot" warning
18:51:24 <adamw> i guess i'm kinda leaning +1 with all relevant info
18:51:30 <nielsenb> How did you get the key?
18:51:34 <nielsenb> Asking for a friend
18:51:37 <nielsenb> :)
18:51:38 <adamw> it's a conditional blocker, but it's clearly happening already and likely to get worse through 36's life
18:51:45 <cmurf[m]> i forget, there is a way though
18:52:04 <cmurf[m]> i'm on board with it being a conditional blocker
18:52:08 <nielsenb> Yeah, I really don't like that this is basically asking _someone_ to change boot, which is a feature, not a bug
18:52:21 <nielsenb> But on the other hand, ew
18:52:25 <lruzicka> I am so happy not to be using windows
18:52:29 <cmurf[m]> it's a question for javierm and/or rharwood whether this must come from upstream
18:52:39 <cmurf[m]> or if they'd carry a patch and if so how to do it
18:52:45 <adamw> how practical is it for grub to be setting BootNext and rebooting the system? is this something that's been done/considered before or elsewhere?
18:52:57 <cmurf[m]> so it might still get punted for practical reasons to f37 if it's too hard to do in the 36 time frame
18:53:09 <adamw> anyhow, we can take it for now and reconsider later if it turns out to be considered unfixable
18:53:12 <cmurf[m]> yeah i've discussed it a few times with Javier
18:53:48 <adamw> i guess we can ask javier/robbie to chime in soon so we can make a decision before it gets too late
18:53:51 <nielsenb> Unfortunate timing too, I feel like interest in desktop Linux is increasing somewhat with press coverage
18:54:02 <nielsenb> And dual booting easily is a part of that
18:54:16 <adamw> so, other votes?
18:54:20 <nielsenb> +1 FinalBlocker
18:54:34 <lruzicka> +1 for now
18:54:39 <cmurf[m]> For sure we can common bugs this at the least, and improve documentation how users can still boot Windows directly - in which case they don't need to enter the key manually or even have the key
18:54:49 <cmurf[m]> +1 final blocker
18:54:55 <lruzicka> cmurf[m], great idea
18:55:01 <cmurf[m]> i've got to bug out but i'll be lurking by mobile
18:55:32 <cmurf[m]> there is no data loss here but it might appear there's data loss if you don't know you can boot windows without grub still...
18:55:46 <lruzicka> I am sorry but I need to go, children need to go to bed and I am occupying their room, will read the rest from the meeting minutes.
18:55:52 <lruzicka> take care
18:56:36 <adamw> proposed #agreed 2049849 - AcceptedBlocker (Final) - accepted as a conditional violation of Final criterion "The installer must be able to install into free space alongside an existing clean Windows installation and install a bootloader which can boot into both Windows and Fedora" in the case of Windows being installed with Bitlocker enabled (as is increasingly common). We recognize this is technically difficult to fix and may change
18:56:36 <adamw> or defer this status based on feedback from the grub maintainers
18:56:50 <adamw> cya lruzicka, we're nearly done
18:56:51 <adamw> thanks for coming
18:57:05 <nielsenb> ack
18:57:11 <Southern_Gentlem> ack
18:58:26 <cmurf[m]> Elevator ack
18:59:54 <adamw> #agreed 2049849 - AcceptedBlocker (Final) - accepted as a conditional violation of Final criterion "The installer must be able to install into free space alongside an existing clean Windows installation and install a bootloader which can boot into both Windows and Fedora" in the case of Windows being installed with Bitlocker enabled (as is increasingly common). We recognize this is technically difficult to fix and may change or defer
18:59:54 <adamw> this status based on feedback from the grub maintainers
19:00:05 <adamw> #topic (2020759) [abrt] dma_alloc_noncontiguous: WARNING: CPU: 0 PID: 1429 at kernel/dma/debug.c:1162 debug_dma_map_sg+0x32a/0x380
19:00:08 <adamw> #link https://bugzilla.redhat.com/show_bug.cgi?id=2020759
19:00:12 <adamw> #link https://pagure.io/fedora-qa/blocker-review/issue/580
19:00:15 <adamw> #info Proposed Blocker, kernel, NEW
19:00:20 <adamw> #info Ticket vote: FinalBlocker (+1,0,-0) (+nielsenb)
19:01:10 <nielsenb> I can reproduce on a fresh install of the latest compose, on first boot
19:03:26 <adamw> seems pretty +1-y if it's appearing as a notification for everyone
19:04:50 <coremodule> yeah, agreed
19:04:56 <coremodule> +1 blocker
19:05:08 <coremodule> *+1 final blokcer
19:05:27 <adamw> so that's +3
19:05:55 <adamw> proposed #agreed 2020759 - AcceptedBlocker (Final) - accepted as a violation of Final criterion "There must be no SELinux denial notifications or crash notifications on boot of or during installation from a release-blocking live image, or at first login after a default install of a release-blocking desktop."
19:06:00 <coremodule> ack
19:06:03 <nielsenb> ack
19:06:37 <Southern_Gentlem> ack
19:07:03 <Southern_Gentlem> +1fb
19:07:28 <adamw> #agreed 2020759 - AcceptedBlocker (Final) - accepted as a violation of Final criterion "There must be no SELinux denial notifications or crash notifications on boot of or during installation from a release-blocking live image, or at first login after a default install of a release-blocking desktop."
19:08:31 <adamw> #topic (2042877) crash happens on the newly installed system
19:08:35 <adamw> #link https://bugzilla.redhat.com/show_bug.cgi?id=2042877
19:08:39 <adamw> #link https://pagure.io/fedora-qa/blocker-review/issue/595
19:08:41 <adamw> #info Proposed Blocker, spice-vdagent, NEW
19:09:00 <nielsenb> I was unable to reproduce.
19:09:24 <coremodule> +1 punt for more testing
19:09:39 <coremodule> I'll mess around with this and try to reproduce
19:09:44 <nielsenb> Yeah, if punt is an option, I vote punt
19:09:53 <nielsenb> Because as soon as I say no, I'll run into it and feel silly
19:10:05 <adamw> hmm, yeah, i haven't seen that on any of my vm attempts either
19:10:10 <adamw> so yeah, punt and ask for more details seems good
19:10:12 <adamw> haha yes
19:10:14 <adamw> that always happens
19:10:27 <adamw> "you're crazy, that's not happening to me!...oh wait"
19:11:44 <Southern_Gentlem> +1 punt
19:11:53 <adamw> proposed #agreed 2042877 - punt (delay decision) - other testers have not immediately been able to reproduce this, we will ask lili for more details on the scenario and try again to reproduce
19:12:04 <coremodule> ack
19:12:08 <nielsenb> ack
19:12:12 <Southern_Gentlem> ack
19:14:40 <adamw> #agreed 2042877 - punt (delay decision) - other testers have not immediately been able to reproduce this, we will ask lili for more details on the scenario and try again to reproduce
19:14:59 <adamw> #topic (2006393) [DNS over TLS] following connection to a wifi AP, internet is not available for ~30s
19:15:05 <adamw> #link https://bugzilla.redhat.com/show_bug.cgi?id=2006393
19:15:09 <adamw> #link https://pagure.io/fedora-qa/blocker-review/issue/579
19:15:13 <adamw> #info Proposed Blocker, systemd, ASSIGNED
19:16:05 <nielsenb> Again, unsure, looks like it may be fixed soon upstream
19:16:17 <nielsenb> Comment 9 implies it may at least be somewhat hardware dependent
19:16:51 <coremodule> what did we do for this on f35?
19:17:13 <nielsenb> Ignored it and hoped it went away :D
19:17:15 <adamw> we disabled dns-over-tls
19:17:33 <adamw> the PR mentioned in the bug was merged long ago
19:17:38 <adamw> so this ought to be fixed now
19:17:40 <adamw> cmurf, have you re-tested it?
19:18:15 <nielsenb> And does it still happen if you try with a 'cloud' DoH provider instead of your router?
19:18:37 <nielsenb> I guess this is DoT
19:20:15 <adamw> gonna propose we punt to ask cmurf for info on current status
19:20:20 <nielsenb> Yeah
19:20:39 <coremodule> I'm good with that
19:20:44 <adamw> proposed #agreed 2006393 - punt (delay decision) - this is an automatic transfer from F35 and we don't know the exact status of F36 currently wrt this bug. delaying decision to ask cmurf to report back on how F36 is
19:20:44 <coremodule> +1 punt for cmurf
19:21:20 <Southern_Gentlem> cmurf punt +1
19:21:29 <coremodule> ack
19:21:30 <nielsenb> +1
19:21:37 <Southern_Gentlem> +1
19:21:53 <nielsenb> ack
19:22:24 <adamw> #agreed 2006393 - punt (delay decision) - this is an automatic transfer from F35 and we don't know the exact status of F36 currently wrt this bug. delaying decision to ask cmurf to report back on how F36 is
19:22:29 <adamw> alrighty, and with that we're through the list
19:22:33 <adamw> #topic Open floor
19:22:37 <adamw> any other business, folks?
19:23:38 <coremodule> nothing of note here
19:24:20 <nielsenb> nope
19:26:45 <adamw> alrighty, then thanks a lot for coming out! really appreciate it
19:27:56 <adamw> #endmeeting