20:06:08 #startmeeting Infrastructure 20:06:08 Meeting started Thu Nov 11 20:06:08 2010 UTC. The chair is smooge. Information about MeetBot at http://wiki.debian.org/MeetBot. 20:06:08 Useful Commands: #action #agreed #halp #info #idea #link #topic. 20:06:39 smooge is the man ATM 20:06:39 howdy smooge 20:06:39 or smooge 20:06:39 smooge: Ping? 20:06:56 #meetingname infrastructure 20:06:56 The meeting name has been set to 'infrastructure' 20:07:00 sorry I am PTO today 20:07:08 * mdomsch is here for a few minutes 20:07:11 oh tis ok then 20:07:15 and was trying to make sure it was staying at 2000 UTC 20:07:28 * CodeBlock[s] is here... 20:07:34 feeling any better? 20:07:42 #topic robot roll call 20:07:44 mmcgrath: Thanks for the email ;) 20:07:45 cambot here 20:07:49 * jsmith is here 20:07:49 * nirik is lurking around. 20:07:52 * mmcgrath here 20:07:53 * waltJ here 20:07:56 * goozbach is here 20:07:57 * skvidal is here 20:07:59 smooge: thanks 20:08:01 mdomsch will be back soon 20:08:02 * abadger1999 here 20:08:07 #chair mmcgrath 20:08:07 Current chairs: mmcgrath smooge 20:08:09 * ninjazjb here 20:08:09 *Robot* roll call? 20:08:28 been watching 1-2 MST3k's a day with my kid 20:08:31 :D 20:08:36 * abadger1999 can't subtract correctly 3:00 - 3hrs != 1:00 20:08:44 * CodeBlock[s] is in class but here 20:09:01 #topic agenda please 20:09:09 abadger1999: date -d '2000 UTC' 20:09:11 :) 20:09:13 since I have been out and such my agenda is rather light 20:10:01 heh.. update on getting -tools people01 quota increase access? 20:10:26 so I was trying to figure this out sanely 20:10:32 b/c you have to enable an editor, as root 20:10:44 which complicates things b/c then the user can edit pretty much anything, as root. 20:10:50 yep 20:11:34 its why you usually make it "operator" or "adm" user in the old days :) 20:11:43 can selinux help? 20:11:52 confine edquota to only read/write the quota file? 20:12:06 and confine who can run edquota 20:12:23 perhaps - I've not setup selinux to do such a thing. 20:12:29 the trouble is edquota uses $EDITOR 20:12:30 probably. I need to up my selinux work to do it properly 20:12:45 summon Dan 20:12:53 skvidal: edquota allows root? 20:12:55 ahhh 20:12:56 yes 20:13:02 mmcgrath: allows? requires 20:13:16 I meant it'd allow you to drop to root 20:13:24 no - but it opens up $EDITOR to edit the file 20:13:27 yeah 20:13:36 so, unless I'm mistaken that means you could get to other files, as root. 20:13:41 * mdomsch splits 20:13:43 and $EDITOR could have a shell escape 20:13:53 and even /usr/sbin/ed is evil 20:13:59 yeah, if you're in vi you can drop out to a shell 20:14:00 sorry /bin/ed 20:14:07 goozbach: hell $editor would let you open up some other file 20:14:18 and it'd be evil to make $editor readonly? 20:14:29 mmcgrath: true 20:14:34 skvidal: any reason not to force setquota (or what's it called?) instead of edquota and use some skel-type quotas with it? 20:14:40 well normally we would set up sudo to set that variable for us.. but pretty much every editor allows for evil 20:14:53 Jeff_S: vi allow syou to ":! ls /root" 20:14:54 Jeff_S: we could do it with setquota and do it all by hand, yes 20:14:56 Any reason not to just give root to sysadmin-tools (or some other group) on people01? 20:15:04 Not like there's anything terribly sensitive or critical on there, right? 20:15:58 or abolish quotas or set them higher? (no idea how much free space is available there) 20:16:03 ricky, hmmm I thought various things like community and such relied on stuff on people 20:16:07 mmcgrath: but /bin/bash is more fun 20:16:26 nirik: the reason I don't want to abolish quotas is just b/c we have some users who like to runaway with things 20:16:30 they aren't being malicious 20:16:33 just thoughtless 20:16:36 yeah. 20:16:49 but if we want to set the quotas WAY up 20:16:51 globally 20:16:53 how big an issue is it? do we not have enough mainers to handle the requests? 20:16:56 keeing the quota system as it is has worked pretty well, lots of people do actually clean up after themselves :) 20:17:16 I think we already trust sysadmin-tools not to bring some more visible things down.. like hosted mailing lists 20:17:23 nirik: not a major issue, CodeBlock[s] was a good use case though. He's around a lot, not a -main'er and is more than capable of handling those requests, he just didn't have access. 20:17:32 ah, ok. 20:17:39 ricky: I'm inclined to agree, we could treat fedorapeople as a -tools 20:17:43 ricky: I think i'm inclined to be okay with that 20:17:52 Actually, not the hosted ones, the main Fedora ones 20:17:52 ricky: but the important thing to me is this 20:18:02 requests for more quota do not have a default answer of 'yes' 20:18:06 sometimes the answer is 'why?' 20:18:12 setquota looks like it *may* work 20:18:43 We could come up with some guidelines for that and post it on the wiki for requestors and granters to look at 20:18:46 skvidal: I would just note it in the SOP 20:19:10 sounds fair to me 20:20:20 ok lets go over the items on this to make sure there is agreement 20:20:44 1. fedorapeople box(es) will be sysadmin-tool systems like hosted and such 20:21:05 2. the SOP will go over the questions and reasons to be noted for quota requests 20:21:17 does that sound correct? 20:21:25 +1 20:21:44 +1 from me 20:21:45 sounds good to me (though I'm not a -mainer, so bleh :P) 20:22:24 * nirik thinks that sounds good. (also no mainer) 20:22:33 your views are still important. 20:22:40 ok with that 20:22:40 :) 20:22:47 CodeBlock[s]: Mind sending a message to sysadmin-tools-members after the change is made so everybody knows that they can help out with stuff now? :-) 20:22:53 #action fedorapeople box(es) will be sysadmin-tool systems like hosted and such 20:23:02 #action the SOP will go over the questions and reasons to be noted for quota requests 20:23:22 #action sysadmin-tools-members to be notified of the change and the SOP 20:23:36 anything else? I have a couple of smaller items 20:23:47 #topic Elections 20:23:58 hey guys, guess what time it is? 20:24:24 time for whinging, bitter complaints, and general talk about how shitty things are! 20:24:31 smooge: No it is YOU that is wrong! 20:24:36 :) 20:24:41 Hehe 20:24:49 yes its election time again, and we as infrastructure have a job to do 20:25:21 mmcgrath, I got 3 different blog posts I deleted from people who were sure that my blog was a personal attack against them. 20:25:47 anyway.. abadger1999 what needs to be done about election and voting? 20:25:58 smooge: tremble runs it now. 20:26:11 although I think he set it up so jsmith could do everything 20:26:24 jsmith: Do you need infra to do anything special for the elections? 20:26:36 ah ok jsmith what help darn it slow typer 20:26:58 ricky: [late response] sure I'll send out the email after class 20:27:04 smooge: You just need a telepathic relay and a few minions who can type for you. 20:27:10 abadger1999: I know this is a dumb question, but are embargoed results exposed via the web interface yet? 20:27:11 Which I should be paying more attention in. 20:27:17 I seem to remember a time where I had to get them from the db manually 20:27:23 mmcgrath: I do not know. 20:27:37 abadger1999: No, I'm good... 20:27:50 abadger1999: I think I have the election app figured out (despite it's quirks) 20:28:10 jsmith: With results, are you able to see those? 20:28:28 jsmith: I know you needed me to look in the db last time... but maybe that was just for total vote count? 20:28:43 abadger1999: I was able to see the results, but not the total number of voters 20:29:05 20:29:33 jsmith: Alright feel free to ping me again if tremble's not around. I can find that out without difficulty. 20:29:43 abadger1999: I know where you work :-p 20:30:03 ok my only plan for it this year is to figure out how to implement other election types 20:30:34 * nirik places 5 points on 'down with range voting' 20:30:53 nirik: out of how many total possible? 20:31:10 :) 20:31:13 :) 20:31:16 smooge: What would you like to replace it with? 20:31:49 I would like to have the option of several so that people setting up elections could choose the one that worked best for them 20:32:15 me I like the good old un-fair, un-democratic kind of voting :) 20:32:24 smooge: but but it's not FREE ENOUGH! 20:32:26 or is it fair? 20:32:29 I can never remember 20:32:32 I'd like to port elections to TG2 since it's our sinmplest custom app but ... tremble is managing the app so I'd need to clear it with him first. 20:32:42 cool 20:32:58 What is it in now? 20:33:08 smooge: more and more, I've come to like that kind of voting too, although you can skip the voting :-) 20:33:34 I wonder if we could get the Debian voting method implemented easily.. 20:33:46 CodeBlock, it is in TG1 I think 20:34:09 Correct. 20:34:16 ah, ok 20:34:17 ok enough on that.. let us know if/how/when we can help jsmith 20:34:32 OK :-) 20:34:32 and beyond that on to the next topic 20:34:38 #topic RHEL-6 20:34:43 abadger1999: You have my vote on porting the app to TG2 20:34:57 I guess this company I work for had a major release this week and I missed it 20:35:16 okasy 20:35:19 so syncing it down 20:35:23 here's what's happening 20:35:30 I had to get around an rhnlib..... thing 20:35:44 and that's been done. so we can get the repos synced over 20:35:55 I'm also taking the opportunity to clean up some.... less obvious bits of this process 20:36:07 smooge: ...Was that a joke? 20:36:07 skvidal: are you also loading that into koji for epel6? or leaving that for dgilmore when he gets back? 20:36:19 I'm not focusing on making it beautiful b/c we'll just have to do it again whenever the channel thing changes 20:36:27 (or it might automagically happen since I think it uses the same external repos) 20:36:29 nirik: I'm just going to get the base dvds exploded and sync over the repos 20:37:07 and I'm working on cleaning up the automation of this process for us 20:37:46 once that's done then I would expect we should continue apace at upgrading some systems from rhel5 to rhel6 20:37:58 smooge: ? 20:38:00 your thoughts? 20:38:09 catching up .. 20:38:18 gholms, not a joke. been out of it this week 20:38:24 Ah 20:38:31 what about the already rhel6b2 ones? is there a yum upgrade path there? or re-install? 20:38:40 nirik: I think reinstall is best 20:38:47 mainly b/c not all pkgs are necessarily upgrades 20:38:51 and while we could probably distro-sync 20:38:56 I don't think there is a good reason to do that 20:39:04 what do we have that's rhel6b2? 20:39:11 I think all the builders? 20:39:13 that would be difficult to reinstall? 20:39:14 bah 20:39:15 skvidal, sounds good. what is the "whenever the chanel thing changes?" 20:39:24 builders are trivial to reinstall aren't they? 20:39:28 smooge: long story 20:39:43 np.. we can tell it over coffee at Fudcon 20:39:53 smooge: just expect that at some point in the future i'll be busting my knuckles against this 20:40:02 lovely 20:40:18 no idea off hand, but I would expect they should be pretty easy. 20:40:31 nirik: should just be a repoint-urls and reinstall 20:40:49 skvidal, currently our EL6 boxes are asterisk2, builders, some pt boxes, fasXX, and a couple others 20:41:24 okay 20:41:28 FAS should be fun to up to 6 stable :( 20:41:32 so we know we're going to have to do SOMETHING about the fas boxes 20:41:44 and asterisk2 is, I suspect, lightly used 20:41:50 Right... it's just a backup 20:41:54 the builders are SUPPOSED to be quickly reinstallable 20:41:55 (at least, as far as I remember) 20:42:13 yes. it and asterisk1 both need to be reinstalled. asterisk1 runs rawhidw 20:42:14 if the owners of the pt boxes want to yum upgrade them I guess that's fine, ish 20:42:28 * skvidal just likes reinstalls 20:42:29 it's clean 20:42:30 it's pure 20:42:34 smooge: Did Asterisk 1.8 get put into EPEL6, by chance? 20:42:37 I was going to reinstall anyway. i 20:42:43 smooge: Or are we stuck w/ 1.6.2? 20:42:44 like the surface of the earth after a thermonuclear detonation 20:42:48 jsmith, no idea. 20:42:57 jsmith, I do not believe anything is stuck in EPEL 20:43:19 people like to think that but that is only the people who follow the rules. everyone else just updates :) 20:43:57 1.6.2.12-0.1.rc1.el6 is in epel6 now. 20:44:07 :-( 20:44:14 I guess we are still in 'beta' so you could go to 1.8 now if you can. 20:44:18 1.8 is a long-term release version 20:44:19 jsmith: But epel6 has not frozen yet 20:44:19 however Epel-6 is not 'frozen' until CentOS6 comes out :) 20:44:27 Ah, good to know 20:44:30 1.8 is in Fedora :-) 20:44:36 .whoowns asterisk 20:44:36 smooge: jcollie 20:44:36 do it! 20:44:44 Shouldn't be to hard to get jcollie to kick it into EPEL as well 20:44:50 so go help jcollie and we can have cake with companion cube afterwords 20:44:53 I'll try to keep up with z00dax about centos6 release timeline 20:44:55 * jsmith should really get approved as a packager and co-maintain that package 20:45:20 they seem to be kicking things up quite a bit I expect a beta out in a week or two :) skvidal 20:45:30 smooge: nod - I've been watching 20:46:37 smooge: for centos? 20:46:39 smooge: I'd guess beyond 2 weeks for a beta 20:47:04 Jeff_S, I am ever the optimist. 20:47:12 lol 20:47:15 fair enough 20:47:59 anyway, skvidal will have EL6 ready in a short while and then we will work out what boxes get rebuilt and where. 20:48:05 right now 20:48:08 looking at the download stuff 20:48:16 it might take through the weekend to get stuff synced over 20:48:24 cool 20:49:30 when its ready we will update the kickstarts and pxe default and be ready to rebuild things 20:50:14 nod 20:50:50 I am getting a list of how many boxes need to be rebuilt currently 20:51:15 so I suspect ALL of them do :) 20:51:28 yes you are correct 20:51:39 so I havea couple of projects 20:51:43 that if someone wanted to wokr on 20:51:46 cool 20:51:51 they could have nice results 20:51:52 #topic Seth's projects 20:52:03 the infrastructure to do this exists now 20:52:14 but there is some scripting needed to make it more automagic 20:52:23 we have a lot of data available via the func-yum script 20:52:31 it would be good if we could get that happening all the time 20:52:41 especially things like func-yum compare 20:52:48 so we know when systems are sliding out of alignment 20:53:20 right now what happens is that folks wil lgo to debug something 20:53:21 they'll install strace 20:53:21 or something 20:53:28 and they'll forget to remove it 20:53:41 and the system will be out of sync 20:54:20 if anyone would like to work on a set of cron jobs to make sure our data is kept current - maybe just daily or even weekly is enough 20:54:44 and then doing some comparisons between hosts that are in a group which _SHOULD_ be the same would be useful as a status report kind of thing 20:55:10 so the other question I have has to do with the rhel6 (and rhel5) syncing, in fact 20:55:33 for building epel pkgs 20:55:38 do we need a copy of all versions of all pkgs? 20:55:50 for example we have about 20 different versions of glibc in the rhel5 trees right now 20:55:57 and that somehow seems excessive to me 20:56:37 does anyone have any thoughts on if we need ALL of them - or maybe if we could reduce what we keep to the latest 3? 20:56:40 wow thats a bit more than I expected 20:56:43 maybe latest 4? 20:57:11 I don't know about the builders requirements but I would see 'original', and last 3 as a good option 20:57:47 well the original one is always in the install tree 20:57:52 which is separate from the rhn-channel trees 20:58:00 but for example we have 24 copies of glibc 20:58:03 correct. I figured that would be where it would be :) 20:58:04 for i386 rhel5 20:58:17 wow we have nearly 40 EL6 boxes 20:58:38 well, koji uses the external repo for that, so I suspect the old ones are all not used. 20:59:11 the external repo? 21:00:15 * rbergeron pokes in 21:00:35 you guys still giong for a bit? 21:00:36 ie, koji doesn't know about all those glibc versions, it just uses the repo for building epel stuff. 21:00:47 so we don't need to untag/change anything, just nuke all the old junk in the repo. ;) 21:00:47 we can take this to #fedora-admin 21:01:11 * rbergeron can probably migrate the cloud-sig-mtg into f-m-1 if that's easier 21:01:44 smooge: ? 21:01:46 you got a preference? 21:01:53 sorry looking at pages. one sec 21:02:03 #endmeeting