#fedora-meeting-2 log

15:59:49 <mboddu> #startmeeting RELENG (2019-03-14)
15:59:49 <zodbot> Meeting started Wed Mar 13 15:59:49 2019 UTC.
15:59:49 <zodbot> This meeting is logged and archived in a public location.
15:59:49 <zodbot> The chair is mboddu. Information about MeetBot at http://wiki.debian.org/MeetBot.
15:59:49 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic.
15:59:49 <zodbot> The meeting name has been set to 'releng_(2019-03-14)'
15:59:49 <mboddu> #meetingname releng
15:59:49 <zodbot> The meeting name has been set to 'releng'
15:59:49 <mboddu> #chair nirik tyll sharkcz masta pbrobinson pingou puiterwijk maxamillion mboddu dustymabe ksinny jednorozec
15:59:49 <zodbot> Current chairs: dustymabe jednorozec ksinny masta maxamillion mboddu nirik pbrobinson pingou puiterwijk sharkcz tyll
15:59:49 <mboddu> #topic init process
15:59:56 <mboddu> Hello Everyone
16:03:17 <mboddu> Ping pong, ping pong, ping pong...
16:03:26 * dustymabe waves at mohan
16:03:39 <mboddu> dustymabe: Hello
16:03:49 <mboddu> Now that you are here, quick question for you dustymabe
16:04:51 <mboddu> dustymabe: Who all needs the coreos-continuous permission, you, bgilbert and ?
16:04:53 <dustymabe> hit me
16:04:57 <nirik> morning
16:05:12 <mboddu> I remember there was another person, but I forgot who it was
16:05:22 <mboddu> nirik: Morning, how goes?
16:05:46 <nirik> nice bunch of fog + sun on the mountain today. :)
16:05:59 <mboddu> dustymabe: And, I cannot find the 3rd person on the ticket
16:06:16 <mboddu> nirik: Woah, that is nice...
16:06:24 <mboddu> nirik: How's your new house? All settled down?
16:06:49 <nirik> still unpacking, but otherwise quite nice
16:07:42 * mboddu guesses nirik unpacked his server rack and other computer/electronics stuff before unpacking kitchen and other important stuff ;)
16:07:53 <nirik> you bet! :)
16:08:09 * nirik has to step away for a min, back shortly.
16:08:28 <dustymabe> what was the question?
16:08:33 <mboddu> nirik: haha :)
16:08:58 <mboddu> dustymabe: https://pagure.io/releng/issue/8165#comment-556362 I remember there was a third person as well, or am I just misremembering
16:09:18 <mboddu> I got couple of quick one's this week, lets get started
16:09:52 <mboddu> #topic #8206 Odd old content in https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/SRPMS/Packages/
16:09:58 <mboddu> #link https://pagure.io/releng/issue/8206
16:10:16 <dustymabe> mboddu: that's it for now
16:10:39 <mboddu> dustymabe: Okay, then I am misremembering stuff then :)
16:10:42 <mboddu> dustymabe: Thanks
16:12:31 <mboddu> dustymabe: So, you should be able to do the necessary tagging and building using the f29-coreos-continuous buildroot in stg koji, give it a try
16:12:43 <mboddu> Back to the topic
16:13:04 <mboddu> nirik: I think it was the leftovers when we moved stuff around
16:13:21 <mboddu> I can remove the content in https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/SRPMS/Packages/, but wanted to check with you before
16:15:07 <dustymabe> mboddu: ok i'll try
16:15:14 <dustymabe> if I remember how to access stg koji
16:15:31 <dustymabe> is it just using the stg-koji command ? does it use kerberos ?
16:15:51 <mboddu> dustymabe: Yes, fedpkg-stage and stg-koji is what you need to use
16:16:35 <mboddu> dustymabe: stg koji uses kerberos with domain as STG.FEDORAPROJECT.ORG
16:17:14 <dustymabe> same auth as regular kerberos though?
16:17:31 <dustymabe> mboddu: actually - let's add ksinny to the list of people with acls
16:18:12 <mboddu> dustymabe: Sure
16:19:04 <mboddu> dustymabe: Oh, is bgilbert is the fas id of his?
16:20:00 <dustymabe> yeah that should be right
16:20:14 <dustymabe> doesn't seem like stg kerberos is working for me
16:20:33 <mboddu> dustymabe: Cool, added sinnykumari as well
16:20:53 <mboddu> dustymabe: It uses different auth
16:21:00 <mboddu> than normal auth
16:21:49 <mboddu> dustymabe: https://admin.stg.fedoraproject.org/accounts/ you might need to setup two factor authentication as well
16:22:17 <dustymabe> i have 2FA setup
16:23:29 <mboddu> dustymabe: Okay, its working for me here, so I am guessing either the password is wrong or wrong 2FA...
16:24:01 <dustymabe> mboddu: weird. do you need 2FA when you `kinit` ?
16:24:06 <dustymabe> i don't
16:24:16 <mboddu> dustymabe: When you kinit, you dont
16:24:27 <mizdebsk> dustymabe, i can help you resolve your issues with kerberos outsides of the meeting
16:24:35 <dustymabe> k
16:24:37 <mizdebsk> 2FA is not needed to authenticate to koji
16:24:46 <mizdebsk> stg fas password is the same as in production
16:36:14 <puiterwijk> krb password is *not* synced between stg and prod. Probably the problem is that your user didn't get created in stg krb
16:39:37 * nirik comes back. Sorry about that.
16:40:56 <mboddu> nirik: No problem, Patrick helped them on stg krb
16:41:41 <mboddu> The topic is https://pagure.io/releng/issue/8206
16:41:49 <mboddu> nirik: ^
16:41:57 <mboddu> <mboddu> I can remove the content in https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/SRPMS/Packages/, but wanted to check with you before
16:42:38 <nirik> +1
16:43:03 <nirik> we may want to run a hardlink over things too after that
16:43:37 <mboddu> nirik: hardlink from what to where?
16:45:05 <nirik> identical rpms on our download volume... quick-mirror-fedora has a tool to do it... or there's 'hardlink'
16:46:10 <nirik> the rawhide/branched syncs already do hardlinking, but sometimes things are missed somehow. I can do a dry run...
16:47:13 <mboddu> nirik: Okay, thanks, I need to learn more about mirroring, but every time, its like, dont touch it
16:47:28 <nirik> yeah, have to be carefull.
16:47:46 <nirik> how about you remove those files, then we both look at the hardlinking later this week sometime.
16:47:58 <nirik> we probibly shouldn't do it during freeze
16:48:15 <mboddu> nirik: I was about to ask :)
16:48:30 <mboddu> nirik: We can remove the content, but we can look at hardlinking after freeze
16:49:23 <mboddu> nirik: Since the content is from f29, not f30
16:50:12 <nirik> ok
16:50:16 <mboddu> #info mboddu will remove the content from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/SRPMS/Packages/ and will look at hardlinking after the freeze
16:50:21 <mboddu> #undo
16:50:21 <zodbot> Removing item from minutes: INFO by mboddu at 16:50:16 : mboddu will remove the content from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/SRPMS/Packages/ and will look at hardlinking after the freeze
16:50:35 <mboddu> #info mboddu will remove the content from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/SRPMS/Packages/ and nirik and mboddu will look at hardlinking after the freeze
16:53:11 <mboddu> #topic Open Floor
16:53:33 <mboddu> nirik: I have question regarding the retirement of packages that have security issues
16:53:44 <mboddu> How can we identify them in BZ?
16:55:59 <mboddu> I dont think there is a field to look at it afaik, so it we need to parse the content and use keywords to find them?
16:57:24 <nirik> hum
16:57:30 <nirik> I thought there was a field, let me see.
16:58:11 <nirik> well, they have a depends on -> a security bug... but thats likely hard.
16:58:39 <mboddu> nirik: I guess, its better than parsing using some keywords
16:58:40 <nirik> Keywords: Security, Securitytracking?
16:59:08 <nirik> thats all I can see... can we search on Keywords?
17:00:08 <nirik> yeah...
17:00:33 <nirik> https://bugzilla.redhat.com/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&classification=Fedora&keywords=SecurityTracking%2C%20&keywords_type=allwords&list_id=9076731&order=changeddate%2Cpriority%2Cbug_id&product=Fedora&query_based_on=&query_format=advanced
17:00:46 * mboddu checking
17:02:24 <mboddu> nirik: So, we are going by keywords
17:02:25 <mboddu> ?
17:03:18 <mboddu> Both Security and SecurityTracking
17:04:06 <mboddu> Which I guess, should be fine, hope that they are using it in the way we think they are using it :)
17:04:48 <nirik> yeah, the example in tickets uses SecurityTracking
17:05:02 <nirik> should work... if not we can try something else.
17:05:18 <mboddu> nirik: Okay, thanks for the help
17:06:05 <mboddu> #info We will use Security and SecurityTracking keywords to find the BZ tickets with security issues.
17:07:11 <mboddu> Thats all I got
17:07:17 <mboddu> Thanks everyone for joining
17:07:27 <mboddu> #endmeeting