#fedora-meeting log

20:06:08 <smooge> #startmeeting Infrastructure
20:06:08 <zodbot> Meeting started Thu Nov 11 20:06:08 2010 UTC.  The chair is smooge. Information about MeetBot at http://wiki.debian.org/MeetBot.
20:06:08 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic.
20:06:39 <goozbach> smooge is the man ATM
20:06:39 <goozbach> howdy smooge
20:06:39 <jsmith> or smooge
20:06:39 <jsmith> smooge: Ping?
20:06:56 <smooge> #meetingname infrastructure
20:06:56 <zodbot> The meeting name has been set to 'infrastructure'
20:07:00 <smooge> sorry I am PTO today
20:07:08 * mdomsch is here for a few minutes
20:07:11 <goozbach> oh tis ok then
20:07:15 <smooge> and was trying to make sure it was staying at 2000 UTC
20:07:28 * CodeBlock[s] is here...
20:07:34 <goozbach> feeling any better?
20:07:42 <smooge> #topic robot roll call
20:07:44 <ninjazjb> mmcgrath: Thanks for the email ;)
20:07:45 <smooge> cambot here
20:07:49 * jsmith is here
20:07:49 * nirik is lurking around.
20:07:52 * mmcgrath here
20:07:53 * waltJ here
20:07:56 * goozbach is here
20:07:57 * skvidal is here
20:07:59 <mmcgrath> smooge: thanks
20:08:01 <smooge> mdomsch will be back soon
20:08:02 * abadger1999 here
20:08:07 <smooge> #chair mmcgrath
20:08:07 <zodbot> Current chairs: mmcgrath smooge
20:08:09 * ninjazjb here
20:08:09 <gholms> *Robot* roll call?
20:08:28 <smooge> been watching 1-2 MST3k's a day with my kid
20:08:31 <CodeBlock[s]> :D
20:08:36 * abadger1999 can't subtract correctly 3:00 - 3hrs != 1:00
20:08:44 * CodeBlock[s] is in class but here
20:09:01 <smooge> #topic agenda please
20:09:09 <goozbach> abadger1999: date -d '2000 UTC'
20:09:11 <goozbach> :)
20:09:13 <smooge> since I have been out and such my agenda is rather light
20:10:01 <CodeBlock[s]> heh.. update on getting -tools people01 quota increase access?
20:10:26 <skvidal> so I was trying to figure this out sanely
20:10:32 <skvidal> b/c you have to enable an editor, as root
20:10:44 <skvidal> which complicates things b/c then the user can edit pretty much anything, as root.
20:10:50 <smooge> yep
20:11:34 <smooge> its why you usually make it "operator" or "adm" user in the old days :)
20:11:43 <mdomsch> can selinux help?
20:11:52 <mdomsch> confine edquota to only read/write the quota file?
20:12:06 <mdomsch> and confine who can run edquota
20:12:23 <skvidal> perhaps - I've not setup selinux to do such a thing.
20:12:29 <skvidal> the trouble is edquota uses $EDITOR
20:12:30 <smooge> probably. I need to up my selinux work to do it properly
20:12:45 <mdomsch> summon Dan
20:12:53 <mmcgrath> skvidal: edquota allows root?
20:12:55 <mmcgrath> ahhh
20:12:56 <mmcgrath> yes
20:13:02 <skvidal> mmcgrath: allows? requires
20:13:16 <mmcgrath> I meant it'd allow you to drop to root
20:13:24 <skvidal> no - but it opens up $EDITOR to edit the file
20:13:27 <mmcgrath> yeah
20:13:36 <skvidal> so, unless I'm mistaken that means you could get to other files, as root.
20:13:41 * mdomsch splits
20:13:43 <goozbach> and $EDITOR could have a shell escape
20:13:53 <smooge> and even /usr/sbin/ed is evil
20:13:59 <Jeff_S> yeah, if you're in vi you can drop out to a shell
20:14:00 <smooge> sorry /bin/ed
20:14:07 <mmcgrath> goozbach: hell $editor would let you open up some other file
20:14:18 <goozbach> and it'd be evil to make $editor readonly?
20:14:29 <goozbach> mmcgrath: true
20:14:34 <Jeff_S> skvidal: any reason not to force setquota (or what's it called?) instead of edquota and use some skel-type quotas with it?
20:14:40 <smooge> well normally we would set up sudo to set that variable for us.. but pretty much every editor allows for evil
20:14:53 <mmcgrath> Jeff_S: vi allow syou to ":! ls /root"
20:14:54 <skvidal> Jeff_S: we could do it with setquota and do it all by hand, yes
20:14:56 <ricky> Any reason not to just give root to sysadmin-tools (or some other group) on people01?
20:15:04 <ricky> Not like there's anything terribly sensitive or critical on there, right?
20:15:58 <nirik> or abolish quotas or set them higher? (no idea how much free space is available there)
20:16:03 <smooge> ricky, hmmm I thought various things like community and such relied on stuff on people
20:16:07 <Jeff_S> mmcgrath: but /bin/bash is more fun
20:16:26 <skvidal> nirik: the reason I don't want to abolish quotas is just b/c we have some users who like to runaway with things
20:16:30 <skvidal> they aren't being malicious
20:16:33 <skvidal> just thoughtless
20:16:36 <nirik> yeah.
20:16:49 <skvidal> but if we want to set the quotas WAY up
20:16:51 <skvidal> globally
20:16:53 <nirik> how big an issue is it? do we not have enough mainers to handle the requests?
20:16:56 <mmcgrath> keeing the quota system as it is has worked pretty well, lots of people do actually clean up after themselves :)
20:17:16 <ricky> I think we already trust sysadmin-tools not to bring some more visible things down..  like hosted mailing lists
20:17:23 <mmcgrath> nirik: not a major issue, CodeBlock[s] was a good use case though.  He's around a lot, not a -main'er and is more than capable of handling those requests, he just didn't have access.
20:17:32 <nirik> ah, ok.
20:17:39 <mmcgrath> ricky: I'm inclined to agree, we could treat fedorapeople as a -tools
20:17:43 <skvidal> ricky: I think i'm inclined to be okay with that
20:17:52 <ricky> Actually, not the hosted ones, the main Fedora ones
20:17:52 <skvidal> ricky: but the important thing to me is this
20:18:02 <skvidal> requests for more quota do not have a default answer of 'yes'
20:18:06 <skvidal> sometimes the answer is 'why?'
20:18:12 <goozbach> setquota looks like it *may* work
20:18:43 <ricky> We could come up with some guidelines for that and post it on the wiki for requestors and granters to look at
20:18:46 <CodeBlock[s]> skvidal: I would just note it in the SOP
20:19:10 <skvidal> sounds fair to me
20:20:20 <smooge> ok lets go over the items on this to make sure there is agreement
20:20:44 <smooge> 1. fedorapeople box(es) will be sysadmin-tool systems like hosted and such
20:21:05 <smooge> 2. the SOP will go over the questions and reasons to be noted for quota requests
20:21:17 <smooge> does that sound correct?
20:21:25 <skvidal> +1
20:21:44 <smooge> +1 from me
20:21:45 <CodeBlock[s]> sounds good to me (though I'm not a -mainer, so bleh :P)
20:22:24 * nirik thinks that sounds good. (also no mainer)
20:22:33 <smooge> your views are still important.
20:22:40 <smooge> ok with that
20:22:40 <CodeBlock[s]> :)
20:22:47 <ricky> CodeBlock[s]: Mind sending a message to sysadmin-tools-members after the change is made so everybody knows that they can help out with stuff now?  :-)
20:22:53 <smooge> #action fedorapeople box(es) will be sysadmin-tool systems like hosted and such
20:23:02 <smooge> #action the SOP will go over the questions and reasons to be noted for quota requests
20:23:22 <smooge> #action sysadmin-tools-members  to be notified of the change and the SOP
20:23:36 <smooge> anything else? I have a couple of smaller items
20:23:47 <smooge> #topic Elections
20:23:58 <smooge> hey guys, guess what time it is?
20:24:24 <smooge> time for whinging, bitter complaints, and general talk about how shitty things are!
20:24:31 <mmcgrath> smooge: No it is YOU that is wrong!
20:24:36 <mmcgrath> :)
20:24:41 <ricky> Hehe
20:24:49 <smooge> yes its election time again, and we as infrastructure have a job to do
20:25:21 <smooge> mmcgrath, I got 3 different blog posts I deleted from people who were sure that my  blog was a personal attack against them.
20:25:47 <smooge> anyway.. abadger1999 what needs to be done about election and voting?
20:25:58 <abadger1999> smooge: tremble runs it now.
20:26:11 <abadger1999> although I think he set it up so jsmith could do everything
20:26:24 <abadger1999> jsmith: Do you need infra to do anything special for the elections?
20:26:36 <smooge> ah ok jsmith what help darn it slow typer
20:26:58 <CodeBlock[s]> ricky: [late response] sure I'll send out the email after class
20:27:04 <abadger1999> smooge: You just need a telepathic relay and a few minions who can type for you.
20:27:10 <mmcgrath> abadger1999: I know this is a dumb question, but are embargoed results exposed via the web interface yet?
20:27:11 <CodeBlock[s]> Which I should be paying more attention in.
20:27:17 <mmcgrath> I seem to remember a time where I had to get them from the db manually
20:27:23 <abadger1999> mmcgrath: I do not know.
20:27:37 <jsmith> abadger1999: No, I'm good...
20:27:50 <jsmith> abadger1999: I think I have the election app figured out (despite it's quirks)
20:28:10 <abadger1999> jsmith: With results, are you able to see those?
20:28:28 <abadger1999> jsmith: I know you needed me to look in the db last time... but maybe that was just for total vote count?
20:28:43 <jsmith> abadger1999: I was able to see the results, but not the total number of voters
20:29:05 <abadger1999> <nod>
20:29:33 <abadger1999> jsmith: Alright feel free to ping me again if tremble's not around.  I can find that out without difficulty.
20:29:43 <jsmith> abadger1999: I know where you work :-p
20:30:03 <smooge> ok my only plan for it this year is to figure out how to implement other election types
20:30:34 * nirik places 5 points on 'down with range voting'
20:30:53 <skvidal> nirik: out of how many total possible?
20:31:10 <skvidal> :)
20:31:13 <nirik> :)
20:31:16 <abadger1999> smooge: <nod>  What would you like to replace it with?
20:31:49 <smooge> I would like to have the option of several so that people setting up elections could choose the one that worked best for them
20:32:15 <smooge> me I like the good old un-fair, un-democratic kind of voting :)
20:32:24 <skvidal> smooge: but but it's not FREE ENOUGH!
20:32:26 <skvidal> or is it fair?
20:32:29 <skvidal> I can never remember
20:32:32 <abadger1999> I'd like to port elections to TG2 since it's our sinmplest custom app but ... tremble is managing the app so I'd need to clear it with him first.
20:32:42 <smooge> cool
20:32:58 <CodeBlock[s]> What is it in now?
20:33:08 <abadger1999> smooge: more and more, I've come to like that kind of voting too, although you can skip the voting :-)
20:33:34 <smooge> I wonder if we could get the Debian voting method implemented easily..
20:33:46 <smooge> CodeBlock, it is in TG1 I think
20:34:09 <abadger1999> Correct.
20:34:16 <CodeBlock[s]> ah, ok
20:34:17 <smooge> ok enough on that.. let us know if/how/when we can help jsmith
20:34:32 <jsmith> OK :-)
20:34:32 <smooge> and beyond that on to the next topic
20:34:38 <smooge> #topic RHEL-6
20:34:43 <jsmith> abadger1999: You have my vote on porting the app to TG2
20:34:57 <smooge> I guess this company I work for had a major release this week and I missed it
20:35:16 <skvidal> okasy
20:35:19 <skvidal> so syncing it down
20:35:23 <skvidal> here's what's happening
20:35:30 <skvidal> I had to get around an rhnlib..... thing
20:35:44 <skvidal> and that's been done. so we can get the repos synced over
20:35:55 <skvidal> I'm also taking the opportunity to clean up some.... less obvious bits of this process
20:36:07 <gholms> smooge: ...Was that a joke?
20:36:07 <nirik> skvidal: are you also loading that into koji for epel6? or leaving that for dgilmore when he gets back?
20:36:19 <skvidal> I'm not focusing on making it beautiful b/c we'll just have to do it again whenever the channel thing changes
20:36:27 <nirik> (or it might automagically happen since I think it uses the same external repos)
20:36:29 <skvidal> nirik: I'm just going to get the base dvds exploded and sync over the repos
20:37:07 <skvidal> and I'm working on cleaning up the automation of this process for us
20:37:46 <skvidal> once that's done then I would expect we should continue apace at upgrading some systems from rhel5 to rhel6
20:37:58 <skvidal> smooge: ?
20:38:00 <skvidal> your thoughts?
20:38:09 <smooge> catching up ..
20:38:18 <smooge> gholms, not a joke. been out of it this week
20:38:24 <gholms> Ah
20:38:31 <nirik> what about the already rhel6b2 ones? is there a yum upgrade path there? or re-install?
20:38:40 <skvidal> nirik: I think reinstall is best
20:38:47 <skvidal> mainly b/c not all pkgs are necessarily upgrades
20:38:51 <skvidal> and while we could probably distro-sync
20:38:56 <skvidal> I don't think there is a good reason to do that
20:39:04 <skvidal> what do we have that's rhel6b2?
20:39:11 <nirik> I think all the builders?
20:39:13 <skvidal> that would be difficult to reinstall?
20:39:14 <skvidal> bah
20:39:15 <smooge> skvidal, sounds good. what is the "whenever the chanel thing changes?"
20:39:24 <skvidal> builders are trivial to reinstall aren't they?
20:39:28 <skvidal> smooge: long story
20:39:43 <smooge> np.. we can tell it over coffee at Fudcon
20:39:53 <skvidal> smooge: just expect that at some point in the future i'll be busting my knuckles against this
20:40:02 <smooge> lovely
20:40:18 <nirik> no idea off hand, but I would expect they should be pretty easy.
20:40:31 <skvidal> nirik: should just be a repoint-urls and reinstall
20:40:49 <smooge> skvidal, currently our EL6 boxes are asterisk2, builders, some pt boxes, fasXX, and a couple others
20:41:24 <skvidal> okay
20:41:28 <CodeBlock[s]> FAS should be fun to up to 6 stable :(
20:41:32 <skvidal> so we know we're going to have to do SOMETHING about the fas boxes
20:41:44 <skvidal> and asterisk2 is, I suspect, lightly used
20:41:50 <jsmith> Right... it's just a backup
20:41:54 <skvidal> the builders are SUPPOSED to be quickly reinstallable
20:41:55 <jsmith> (at least, as far as I remember)
20:42:13 <smooge> yes. it and asterisk1 both need to be reinstalled. asterisk1 runs rawhidw
20:42:14 <skvidal> if the owners of the pt boxes want to yum upgrade them I guess that's fine, ish
20:42:28 * skvidal just likes reinstalls
20:42:29 <skvidal> it's clean
20:42:30 <skvidal> it's pure
20:42:34 <jsmith> smooge: Did Asterisk 1.8 get put into EPEL6, by chance?
20:42:37 <smooge> I was going to reinstall anyway. i
20:42:43 <jsmith> smooge: Or are we stuck w/ 1.6.2?
20:42:44 <skvidal> like the surface of the earth after a thermonuclear detonation
20:42:48 <smooge> jsmith, no idea.
20:42:57 <smooge> jsmith, I do not believe anything is stuck in EPEL
20:43:19 <smooge> people like to think that but that is only the people who follow the rules. everyone else just updates :)
20:43:57 <nirik> 1.6.2.12-0.1.rc1.el6 is in epel6 now.
20:44:07 <jsmith> :-(
20:44:14 <nirik> I guess we are still in 'beta' so you could go to 1.8 now if you can.
20:44:18 <jsmith> 1.8 is a long-term release version
20:44:19 <abadger1999> jsmith: But epel6 has not frozen yet
20:44:19 <smooge> however Epel-6 is not 'frozen' until CentOS6 comes out :)
20:44:27 <jsmith> Ah, good to know
20:44:30 <jsmith> 1.8 is in Fedora :-)
20:44:36 <smooge> .whoowns asterisk
20:44:36 <zodbot> smooge: jcollie
20:44:36 <goozbach> do it!
20:44:44 <jsmith> Shouldn't be to hard to get jcollie to kick it into EPEL as well
20:44:50 <smooge> so go help jcollie and we can have cake with companion cube afterwords
20:44:53 <skvidal> I'll try to keep up with z00dax about centos6 release timeline
20:44:55 * jsmith should really get approved as a packager and co-maintain that package
20:45:20 <smooge> they seem to be kicking things up quite a bit I expect a beta out in a week or two :) skvidal
20:45:30 <skvidal> smooge: nod - I've been watching
20:46:37 <ninjazjb> smooge: for centos?
20:46:39 <Jeff_S> smooge: I'd guess beyond 2 weeks for a beta
20:47:04 <smooge> Jeff_S, I am ever the optimist.
20:47:12 <Jeff_S> lol
20:47:15 <Jeff_S> fair enough
20:47:59 <smooge> anyway, skvidal will have EL6 ready in a short while and then we will work out what boxes get rebuilt and where.
20:48:05 <skvidal> right now
20:48:08 <skvidal> looking at the download stuff
20:48:16 <skvidal> it might take through the weekend to get stuff synced over
20:48:24 <smooge> cool
20:49:30 <smooge> when its ready we will update the kickstarts and pxe default and be ready to rebuild things
20:50:14 <skvidal> nod
20:50:50 <smooge> I am getting a list of how many boxes need to be rebuilt currently
20:51:15 <skvidal> so I suspect ALL of them do :)
20:51:28 <smooge> yes you are correct
20:51:39 <skvidal> so I havea couple of projects
20:51:43 <skvidal> that if someone wanted to wokr on
20:51:46 <smooge> cool
20:51:51 <skvidal> they could have nice results
20:51:52 <smooge> #topic Seth's projects
20:52:03 <skvidal> the infrastructure to do this exists now
20:52:14 <skvidal> but there is some scripting needed to make it more automagic
20:52:23 <skvidal> we have a lot of data available via the func-yum script
20:52:31 <skvidal> it would be good if we could get that happening all the time
20:52:41 <skvidal> especially things like func-yum compare
20:52:48 <skvidal> so we know when systems are sliding out of alignment
20:53:20 <skvidal> right now what happens is that folks wil lgo to debug something
20:53:21 <skvidal> they'll install strace
20:53:21 <skvidal> or something
20:53:28 <skvidal> and they'll forget to remove it
20:53:41 <skvidal> and the system will be out of sync
20:54:20 <skvidal> if anyone would like to work on a set of cron jobs to make sure our data is kept current - maybe just daily or even weekly is enough
20:54:44 <skvidal> and then doing some comparisons between hosts that are in a group which _SHOULD_ be the same would be useful as a status report kind of thing
20:55:10 <skvidal> so the other question I have has to do with the rhel6 (and rhel5) syncing, in fact
20:55:33 <skvidal> for building epel pkgs
20:55:38 <skvidal> do we need a copy of all versions of all pkgs?
20:55:50 <skvidal> for example we have about 20 different versions of glibc in the rhel5 trees right now
20:55:57 <skvidal> and that somehow seems excessive to me
20:56:37 <skvidal> does anyone have any thoughts on if we need ALL of them - or maybe if we could reduce what we keep to the latest 3?
20:56:40 <smooge> wow thats a bit more than I expected
20:56:43 <skvidal> maybe latest 4?
20:57:11 <smooge> I don't know about the builders requirements but I would see 'original', and last 3 as a good option
20:57:47 <skvidal> well the original one is always in the install tree
20:57:52 <skvidal> which is separate from the rhn-channel trees
20:58:00 <skvidal> but for example we have 24 copies of glibc
20:58:03 <smooge> correct. I figured that would be where it would be :)
20:58:04 <skvidal> for i386 rhel5
20:58:17 <smooge> wow we have nearly 40 EL6 boxes
20:58:38 <nirik> well, koji uses the external repo for that, so I suspect the old ones are all not used.
20:59:11 <skvidal> the external repo?
21:00:15 * rbergeron pokes in
21:00:35 <rbergeron> you guys still giong for a bit?
21:00:36 <nirik> ie, koji doesn't know about all those glibc versions, it just uses the repo for building epel stuff.
21:00:47 <nirik> so we don't need to untag/change anything, just nuke all the old junk in the repo. ;)
21:00:47 <skvidal> we can take this to #fedora-admin
21:01:11 * rbergeron can probably migrate the cloud-sig-mtg into f-m-1 if that's easier
21:01:44 <skvidal> smooge: ?
21:01:46 <skvidal> you got a preference?
21:01:53 <smooge> sorry looking at pages. one sec
21:02:03 <smooge> #endmeeting