16:00:39 <geppetto> #startmeeting fpc
16:00:39 <zodbot> Meeting started Thu Sep  3 16:00:39 2020 UTC.
16:00:39 <zodbot> This meeting is logged and archived in a public location.
16:00:39 <zodbot> The chair is geppetto. Information about MeetBot at http://wiki.debian.org/MeetBot.
16:00:39 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic.
16:00:39 <zodbot> The meeting name has been set to 'fpc'
16:00:39 <geppetto> #meetingname fpc
16:00:39 <geppetto> #topic Roll Call
16:00:39 <zodbot> The meeting name has been set to 'fpc'
16:00:49 <King_InuYasha> .hello ngompa
16:00:50 <zodbot> King_InuYasha: ngompa 'Neal Gompa' <ngompa13@gmail.com>
16:00:53 <geppetto> #chair King_InuYasha
16:00:53 <zodbot> Current chairs: King_InuYasha geppetto
16:00:54 <tibbs> Hello.
16:01:02 <geppetto> #chair tibbs
16:01:02 <zodbot> Current chairs: King_InuYasha geppetto tibbs
16:01:05 <King_InuYasha> hey y'all
16:01:21 <geppetto> Hey
16:01:43 <carlwgeorge> .hello2
16:01:44 <zodbot> carlwgeorge: carlwgeorge 'None' <carl@redhat.com>
16:01:54 <mhroncok> .hello churchyard
16:01:55 <zodbot> mhroncok: churchyard 'Miro Hrončok' <mhroncok@redhat.com>
16:02:26 <geppetto> #chair mhroncok
16:02:26 <zodbot> Current chairs: King_InuYasha geppetto mhroncok tibbs
16:02:31 <geppetto> #chair carlwgeorge
16:02:31 <zodbot> Current chairs: King_InuYasha carlwgeorge geppetto mhroncok tibbs
16:03:09 <decathorpe> hello o/ sorry, I won't be able to participate much today, I'm on a train right now
16:03:14 <geppetto> #chair decathorpe
16:03:14 <zodbot> Current chairs: King_InuYasha carlwgeorge decathorpe geppetto mhroncok tibbs
16:05:06 <geppetto> decathorpe: No problem
16:05:18 <geppetto> No new tickets and lots of people ;)
16:05:30 <mhroncok> let' go trough stalled?
16:05:56 <geppetto> #topic Schedule
16:05:59 <geppetto> #link https://lists.fedoraproject.org/archives/list/packaging@lists.fedoraproject.org/message/67VIQXGSCZ76DLTYPKTFSOUVRHSHKJGU/
16:06:20 <geppetto> mhroncok: You mean 1007?
16:06:40 <mhroncok> nothing in particular
16:06:54 <mhroncok> more like https://pagure.io/packaging-committee/pull-request/814
16:08:02 <geppetto> https://lists.fedoraproject.org/archives/list/packaging@lists.fedoraproject.org/message/67VIQXGSCZ76DLTYPKTFSOUVRHSHKJGU/
16:08:14 <geppetto> #topic #pr-814 Add SELinux Independent Policy Guidelines.
16:08:14 <geppetto> https://pagure.io/packaging-committee/pull-request/814
16:09:12 <geppetto> mhroncok: So a few changes have happened since you needed to speak to the people … and I see we have an updated example
16:10:24 <mhroncok> so I've actually met with them before the pandemic :)  (seems like in past life)
16:10:46 <mhroncok> is anybody available to review the PR?
16:11:09 <geppetto> I mean … we have some time now
16:11:22 <geppetto> Or do you think we'll need a couple of hours?
16:11:22 <mhroncok> ok, let's read! :)
16:12:24 <mhroncok> i don't think so
16:12:27 <geppetto> What is the easy way to get one big diff?
16:13:11 <tibbs> https://pagure.io/packaging-committee/pull-request/814#request_diff I guess
16:13:18 <tibbs> But it's entirely new files anyway.
16:13:51 * geppetto nods
16:16:20 <tibbs> One interesting question I still have is whether we expect that the selinux policy source files will just be included in the package git repo along with the specfile.
16:18:46 <geppetto> I guess so
16:18:54 <geppetto> Unless they go upstream somehow
16:19:12 <geppetto> Moving definitions seems gross … sigh.
16:19:19 <mhroncok> "create your .spec file (rpmbuild configuration file)" :)
16:19:38 <tibbs> The new guidelines say "The custom policy repository must contain the following files" but doesn't really talk about it otherwise.  I know the draft used to have language about creating a github repository to hold the thing, which wasn't really appropriate.
16:22:10 <mhroncok> I don't particularly like the %if 0%{?with_selinux} condiitonal all over the myapp-selinux-edit.spec
16:23:07 <tibbs> I agree; I figured there must be some good reason why it would need to be optional.
16:23:43 <mhroncok> and I think the two examples should be the (almost) first thing to talk about
16:24:29 <mhroncok> the rest of it, like "Port Labeling" or "File contexts and equivalency rules" is hard for me to digest :(
16:24:34 <geppetto> Maybe they can change: %{_sbindir}/selinuxenabled to %{_selinuxenabled} and have it be false when %{with_selinux} is zero?
16:25:01 <geppetto> Yeh, I did some SELinux work a few years ago and it's still hard going
16:25:51 <tibbs> Well I imagine you need some working knowledge of selinux to understand the guideline; it's not supposed to be a tutorial on actually writing the policy.
16:26:06 <King_InuYasha> this whole policy document is kind of confusing to me
16:26:25 <King_InuYasha> I tried to use it to package SELinux policy modules and it didn't work :(
16:26:56 <geppetto> mhroncok: looking more it appears to be mainly so when with_selinux is 0 it doesn't build the sub-module … which AFAIK there isn't a good way to remove that
16:27:21 <geppetto> King_InuYasha: Did you ping the authors, or find out what the problem was?
16:27:33 <King_InuYasha> geppetto: I did try, but alas no response
16:27:52 <King_InuYasha> I wound up making it up myself when I was doing it for my stuff
16:28:18 <geppetto> Do you remember the rough differences?
16:28:46 <King_InuYasha> the scriptlets were wrong
16:29:00 <King_InuYasha> and the way dependencies were specified triggered rpmbuild errors
16:29:09 <King_InuYasha> because the macros aren't available at srpm creation time
16:29:32 <geppetto> bonus
16:30:24 <King_InuYasha> indeed
16:30:55 <geppetto> mhroncok: Any chance you can speak to them again?
16:32:22 <geppetto> I'm probably fine to approve it … if it worked. It seems complicated, but it's SELinux
16:33:08 <geppetto> carlwgeorge: Any opinion?
16:33:23 <mhroncok> geppetto: no promises. I can certainly summarize my feedback in the ticket once more. I would feel more confident if we see it in action
16:34:11 * geppetto nods … that should also help them see any problems like King_InuYasha hit.
16:34:35 <geppetto> #action mhroncok to speak to authors again, having a working example might help a lot.
16:34:56 <geppetto> #topic #1007 Golang pkg review exception to update a lot of packages
16:34:56 <geppetto> .fpc 1007
16:34:56 <geppetto> https://pagure.io/packaging-committee/issue/1007
16:34:57 <zodbot> geppetto: Issue #1007: Golang package review exception to update a lot of packages - packaging-committee - Pagure.io - https://pagure.io/packaging-committee/issue/1007
16:35:13 <geppetto> So I think enough people have voted in the ticket for this
16:35:22 <geppetto> Anyone else want to vote before I just approve it?
16:35:23 <carlwgeorge> geppetto: i'm not familiar enough with the selinux details (yet) to have an opinion on that one
16:40:19 <geppetto> #action Golang pkg review exception to update a lot of packages (+1:6, 0:0, -1:0)
16:41:22 <geppetto> #topic Open Floor
16:41:43 <geppetto> Anyone want to talk about any of the other tickets or the PR?
16:42:11 <geppetto> There were a lot of actions on PR 947
16:43:00 <mhroncok> I've contacted upstream about my action, but there was not much movement there
16:44:12 * geppetto nods
16:44:25 <geppetto> Ok, I'm going to end then and give everyone 15 minutes back
16:44:48 <geppetto> carlwgeorge: King_InuYasha I hope you enjoyed your first official meeting :)
16:44:54 <King_InuYasha> :)
16:45:43 <geppetto> #endmeeting