19:30:02 <nirik> #startmeeting FESCO (2010-08-03)
19:30:02 <zodbot> Meeting started Tue Aug  3 19:30:02 2010 UTC.  The chair is nirik. Information about MeetBot at http://wiki.debian.org/MeetBot.
19:30:02 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic.
19:30:02 <nirik> #meetingname fesco
19:30:02 <zodbot> The meeting name has been set to 'fesco'
19:30:02 <nirik> #chair mclasen notting nirik SMParrish kylem ajax pjones cwickert mjg59
19:30:02 <nirik> #topic init process
19:30:02 <zodbot> Current chairs: SMParrish ajax cwickert kylem mclasen mjg59 nirik notting pjones
19:30:23 * notting is here
19:30:29 * mclasen is back
19:30:32 * SMParrish here
19:30:47 * cwickert is here
19:30:53 <mjg59> Here
19:30:57 <kylem> yo.
19:31:10 <kylem> sorry about last week; i totally spaced and didn't get home from lunch in time.
19:31:21 <nirik> ajax / pjones ?
19:31:45 <ajax> hereish
19:31:58 <SMParrish> my apologies as well, something came up at last minute
19:32:04 <nirik> cool. Hopefully not too long a meeting today. ;)
19:32:10 <nirik> #topic #351 Create a policy for updates - status report on implementation
19:32:11 <nirik> .fesco 351
19:32:12 <zodbot> nirik: #351 (Create a policy for updates) - FESCo - Trac - https://fedorahosted.org/fesco/ticket/351
19:32:39 <nirik> so, lmacken has commited (but it's not yet in production) the one week in updates-testing thing.
19:33:07 <nirik> jlaska: any news on autoqa off hand? still possible for f14alpha for broken deps at least?
19:33:43 <nirik> those should be the last 2 things from this.
19:33:49 <nirik> any other thoughts or comments?
19:34:09 <jlaska> nirik: that's the target, wwoods and company knocked out several significant autoqa patchsets this past week ... so fewer roadblocks in the way of getting that out now.
19:34:10 <lmacken> if an update has been in testing for 1 week, and has negative karma, do we still want to allow it to hit stable?
19:34:20 <lmacken> right now, the code will allow it
19:34:36 <notting> well, things can be DoSed otherwise
19:34:51 <nirik> yeah, could be a bogus or fixed or non issue...
19:35:07 <jlaska> nirik: although I suspect we may need to scale back what is live come the Alpha ... for example, I suspect it won't be tightly integrated with bodhi yet
19:35:20 <jlaska> so it will be more informative, than enforcing
19:35:25 <nirik> lmacken: only somewhat related, can maintainers delete updates still?
19:35:39 <nirik> jlaska: ok.
19:35:42 <lmacken> nirik: deleting updates will now 'obsolete' them instead
19:35:50 <nirik> ok, cool.
19:35:59 <nirik> when is this next bodhi update likely to land in production?
19:36:09 <lmacken> it's not in production yet, but I'm going to spin up a new release momentarily.  it'll go live this week
19:36:20 <nirik> ok.
19:36:33 <nirik> any further comments here? or shall we move on to it's related ticket? ;)
19:36:35 <lmacken> if all goes well, today or tomorrow
19:36:44 <jlaska> lmacken: are you and wwoods up to speed on what is needed to have autoqa enforcing karma?
19:36:46 <nirik> cool.
19:37:01 * pjones- is sortof here, but will probably be intermittant
19:37:19 <lmacken> jlaska: I haven't been in any autoqa loops, but I assume I just have to make bodhi aware of an 'autoqa' user at some point
19:37:31 <jlaska> okay ... I know that's something on our autoqa future radar, but not the next priority task for us
19:38:03 <nirik> ok, moving along...
19:38:07 <nirik> #topic #382 Implementing Stable Release Vision
19:38:07 <nirik> .fesco 382
19:38:08 <zodbot> nirik: #382 (Implementing Stable Release Vision) - FESCo - Trac - https://fedorahosted.org/fesco/ticket/382
19:38:16 <nirik> anyone have updates on the tasks we assigned them? ;)
19:38:43 <kylem> not i.
19:38:45 <nirik> I think the Board hasn't met recently due to travel and scheduling issue.
19:39:33 <nirik> I added a few more things to https://fedoraproject.org/wiki/Updates_Lessons
19:39:44 <nirik> we need to add the PackageKit/gnome-packagekit/selinux policy issue there.
19:39:46 <notting> nirik: not i.
19:40:25 <nirik> ok. do we want to try and farm out anything? Or keep trying to work on our tasks?
19:40:39 * drago01 notes that the issue is not fixed fully yet
19:40:44 * mclasen added one too
19:41:03 <nirik> drago01: ticket 440 is next. ;)
19:41:24 <nirik> I don't know that we are making much progress, but I guess we can keep trying...
19:41:27 <drago01> nicubunu: ok
19:41:32 <drago01> err
19:41:34 <drago01> nirik: ^^
19:42:30 <nirik> #topic #442: Firefox and SELinux - bug 597858
19:42:30 <nirik> .fesco 442
19:42:31 <zodbot> nirik: #442 (Firefox and SELinux - bug 597858) - FESCo - Trac - https://fedorahosted.org/fesco/ticket/442
19:42:39 <nirik> no movement here that I have seen lately.
19:43:18 <notting> this is an alpha blocker, is it not?
19:43:20 <nirik> I mailed a few folks trying to get someone who understands the proposed patch to comment upstream, but no takers so far.
19:43:22 <nirik> https://bugzilla.mozilla.org/show_bug.cgi?id=506693
19:43:26 <nirik> is the upstream bug.
19:43:39 <drago01> notting: it is
19:43:51 <nirik> yep.
19:43:53 <nirik> https://bugzilla.redhat.com/show_bug.cgi?id=597858
19:44:57 <nirik> so, what action do we wish to take here?
19:45:19 <ajax> who's pushing for this patch to be in f14?
19:46:03 <ajax> excuse me.  who's pushing for the tighter security policy on firefox
19:46:27 <nirik> dwalsh I guess?
19:46:30 <pjones-> ajax: you're wondering if this whole thing is necessary, I suppose?
19:46:59 * ajax places his finger on his nose
19:47:17 <ajax> i mean, stronger lockdown on firefox yes, good thing
19:47:17 <nirik> selinux policy gets tightened up and firefox won't work... then we always relax it for release.
19:47:54 <ajax> but we're not throwing away firefox branding unless there's an exceptionally good reason and this sounds like merely a vaguely plausible reason
19:48:02 <nirik> see https://bugzilla.redhat.com/show_bug.cgi?id=gecko-execmem
19:48:07 <SMParrish> Why is this a blocker now with F14 when it has been around since F12
19:48:23 <mjg59> Because the selinux policy change has been reverted each time
19:48:31 <jsmith> SMParrish: Because it's still something we want fixed
19:48:38 <nirik> SMParrish: it's been a blocker before, each cycle, it then gets relaxed and working for release.
19:48:45 <mjg59> As a blocker, there are two obvious fixes
19:48:49 <mjg59> (1) Fork Firefox
19:48:55 <mjg59> (2) Revert the policy change
19:48:56 <nirik> lather, rinse, repeat. ;)
19:49:25 <nirik> when does this need to be decided? today?
19:49:31 <mjg59> I'm going to suggest that (2) is a significantly more reasonable outcome and that the selinux people should continue to work with upstream
19:49:40 <notting> it's an alpha blocker, so today-ish
19:49:47 * notting is +1 on reverting the policy for now
19:49:56 * jsmith is as well, reluctantly
19:50:00 * pjones- is also with mjg59 on #2 there
19:50:09 * nirik is +1 on a revert, but if we could get traction to finally fix this that would be very nice.
19:50:15 <ajax> shipping a broken firefox isn't an option.  shipping non-firefox isn't an option.  so we revert the policy and we swing again in six months.
19:50:37 <mclasen> its not like there has been no progress at all in the upstream bug
19:50:41 <nirik> or could we land the fix if it lands later in the cycle?
19:51:04 <ajax> nirik: i'm fine with that in principle anyway
19:51:21 <SMParrish> +1 as well but would like to see this resolved
19:51:35 <nirik> ok, I think thats 6 +1's for reverting...
19:51:39 <ajax> anyway, +1 revert.  which i think makes +5 (me pjones mjg59 smparrish nirik)
19:51:46 * mclasen gives a +1 too
19:51:57 <nirik> #agreed will relax the selinux policy for now, keep trying to get the change fixed upstream.
19:52:30 <nirik> #topic #440 Improve updates process to avoid "windows of doom"
19:52:30 <nirik> fesco 440
19:52:41 <nirik> so, we send out an announcement on this...
19:52:53 <nirik> drago01: did you have additional stuff on this still pending?
19:53:26 <drago01> nirik: no other than we lied in the announcement ... new installs are affected
19:53:44 <nirik> I didn't realize we said new installs were ok...
19:53:52 <drago01> we didn't?
19:53:54 * drago01 checks
19:53:59 <nirik> .fesco 440
19:54:01 <zodbot> nirik: #440 (Improve updates process to avoid "windows of doom") - FESCo - Trac - https://fedorahosted.org/fesco/ticket/440
19:54:41 <drago01> ok we indeed didn't
19:55:10 <nirik> yeah, so the procedure should work ok for anyone, right?
19:55:17 <drago01> yes
19:55:17 <nirik> (who isn't getting packagekit updates)
19:55:23 <drago01> we need to fix it though
19:55:27 <drago01> so new installs should work
19:55:37 <drago01> but this isn't really a fesco issue
19:55:52 <nirik> right, can you file a PK bug to add a requires on the fixed selinux-policy?
19:56:00 <nirik> and we can close out the fesco ticket?
19:56:33 <nirik> anyone have anything to add? disagree? other actions ?
19:57:25 * nirik listens to the snoring from the rest of fesco. ;)
19:57:54 <nirik> drago01: let me know if you want me to file the bug...
19:58:03 * mclasen is awake but has nothing to add
19:58:14 <nirik> ok...moving on to new business...
19:58:19 <nirik> #topic #443 Proven packager request: Adam Williamson
19:58:19 <nirik> .fesco 443
19:58:20 <zodbot> nirik: #443 (Proven packager request: Adam Williamson) - FESCo - Trac - https://fedorahosted.org/fesco/ticket/443
19:58:25 <drago01> nirik: I'll go file one ... feel free to move on
19:58:30 <nirik> this request went to the sponsors list...
19:58:37 <cwickert> +1
19:58:39 <nirik> there were some -1's/vetos there.
19:58:47 <nirik> because they said he didn't maintain enough packages.
19:58:50 <cwickert> but only for formal reasons
19:59:33 <nirik> right, so by out process, it goes to a fesco vote.
19:59:45 <nirik> I'm +1. He knows what he's doing and will help out fixing things.
19:59:51 <SMParrish> the majority were for approval though, I am +1 on this
19:59:53 * adamw is here if anyone wants to ask anything
20:00:06 <kylem> i am +1... it's not like i maintain more than one package...
20:00:08 <nirik> yeah, there were a lot of +1's as well. ;) Many more than the 2 -1's.
20:00:47 * notting is +1
20:01:00 <ajax> that's 5
20:01:08 * nirik counts 9 +1's on the sponsor list... 2 -1's and a 0.
20:01:24 <nirik> #agreed Adam is approved for provenpackager.
20:01:36 <nirik> adamw: congrats. ;)
20:01:39 <adamw> thanks.
20:01:44 <adamw> now, to break the kernel!
20:01:45 * mclasen throw a +1, too
20:01:56 <nirik> #topic #444: Review Stale & Incomplete Fedora 14 Features
20:01:56 <nirik> .fesco 444
20:01:57 <zodbot> nirik: #444 (Review Stale & Incomplete Fedora 14 Features) - FESCo - Trac - https://fedorahosted.org/fesco/ticket/444
20:02:12 <nirik> ok, so we have some features that are not 100%
20:02:32 <notting> adamw: hey now. no psb.
20:02:47 <nirik> so, we want to do these one at a time? or ?
20:03:00 * mclasen has asked lennart to update systemd, hasn't happened yet :-(
20:03:23 <drago01> adamw: you don't have thus powers even yet :P
20:03:29 <notting> mclasen: have you moved the gnome3 feature out?
20:03:46 <mclasen> yeah, moved to f15
20:04:01 * dmalcolm is lurking
20:04:03 <mclasen> there's going to be some reshuffling post-alpha to get us on the 2.32 track
20:04:06 <cwickert> for rakudo star I can say it will happen but Gerd is on vacation
20:04:20 <cwickert> s/happen/happen soon
20:04:22 <notting> cwickert: that's not on the list
20:05:03 <nirik> dmalcolm: status on https://fedoraproject.org/wiki/Features/DebugPythonStacks
20:05:05 <cwickert> 7me is overly cautious
20:05:10 * cwickert is overly cautious
20:05:23 <dmalcolm> (I just updated the DebugPythonStacks page)
20:05:40 <nirik> What do folks think on systemd? still too early to tell if it will be ready for f14? (I know it's not had that much testing yet).
20:06:05 <adamw> i think it would be useful to look at alpha feedback on that
20:06:09 <cebbert> is it still trying to dictate how the kernel gets packaged?
20:06:14 <dmalcolm> nirik: it's implemented for the python and python3 packages, and it's usable if you use noarch modules but there are no arch-specific support on top
20:06:21 <notting> cebbert: have you filed a bug?
20:06:27 <nirik> dmalcolm: 20% done?
20:06:52 <dmalcolm> nirik: given that as it stands it's less featureful that ubuntu's version of the same, it's debatable that it's now a "feature"
20:07:05 <dmalcolm> nirik: hence F15, I think
20:07:11 <mclasen> nirik/adamw: I know lennart was working on a bugfix release of systemd todasy
20:07:45 <nirik> dmalcolm: yeah, no shame in moving it out a release...
20:07:49 <adamw> yeah, we're going to need one to fix the 100% CPU usage bug at a minimum.
20:07:58 <nirik> mclasen: great.
20:08:13 <mclasen> I'll try to make sure that it lands before tomorrow
20:08:18 <mclasen> if I can get hold of lennart
20:08:21 <adamw> ok
20:08:24 <adamw> thanks
20:08:57 <nirik> ok, so: Gnome3 / DebugPythonStacks move to f15? and systemd gets updated today.
20:09:09 <nirik> mitr: news on https://fedoraproject.org/wiki/Features/CryptographyInKernel ?
20:10:00 <mjg59> nirik: Pretty sre that was pushed to 15
20:10:15 <nirik> ok.
20:10:17 <mitr> nirik: The kernel is feature-complete and needs polishing; user-space library exists and test suite is being written; kernel component upstream acceptance is the major roadblock.
20:10:30 <mjg59> Oh, huh. No, back to 14.
20:10:42 <nirik> pjones-: any news on https://fedoraproject.org/wiki/Features/MultipathInstall ? (95% complete)
20:10:44 <mjg59> mitr: There's pretty much no chance of it going in the kernel until it's accepted upstream
20:10:48 <ajax> "To enable the kernel implementation, run the system in FIPS mode."
20:10:49 <notting> mitr: well, if it's not accepted upstream at this point, i wouldn't want to worry about it for f14
20:10:55 <pjones-> mitr: how is the kernel feature complete if "component upstream acceptance" is a roadblock?
20:10:57 <pjones-> nirik: push it
20:10:59 <kylem> by 'pretty much' the answer is 0.
20:11:01 <ajax> ^^ that's a joke, right?  fips mode is unusable.
20:11:11 <ajax> (is my understanding)
20:11:24 <mjg59> kylem: He could kill us all and take over kernel maintenance
20:11:32 <kylem> mjg59, unlikely.
20:11:38 <nirik> is fips mode even possible in the fedora kernel?
20:11:40 <mitr> Isn't the merge window just opening?
20:11:51 <mitr> nirik: Yes, it is upstream.
20:11:53 <mjg59> mitr: Yeah, but it should already have been accepted into an appropriate tree by now
20:11:57 <mitr> (fips mode)
20:12:22 <nirik> pjones-: ok.
20:12:41 <nirik> anyone know the status of https://fedoraproject.org/wiki/Features/Go_Programming ?
20:13:34 <cwickert> nope
20:13:36 <ajax> not i
20:13:53 <pjones-> nyet
20:14:02 * nirik can mail the feature owner. I don't see any links to reviews or anything.
20:14:12 <mclasen> no go in f14, according to repoquery
20:14:22 <ajax> i'm getting a nasty carpal tunnel flareup atm; i'm going to be a very slow typist for the rest of the day
20:14:27 <notting> ... at least it's something that shouldn't affect anything else
20:15:25 <nirik> ok, so punt this out. I can mail the feature owner to see if there is anything we missed.
20:15:46 <mclasen> I can't find a go review request either
20:16:06 <nirik> #info Gnome3 / DebugPythonStacks / Go_Programming / MultipathInstall will be re-targeted at f15.
20:16:18 <nirik> #info systemd will update later today.
20:16:28 <nirik> so what do we do about CryptographyInKernel ?
20:16:41 <mjg59> Push to F15?
20:17:16 <pjones-> yeah.
20:17:17 <nirik> yeah, I suppose... since it would only be able to get into 2.6.36 at this point?
20:17:27 <mjg59> nirik: I think .36 is probably optimistic
20:17:28 <kylem> even that is an open question.
20:17:39 <kylem> we don't add new ABIs without thorough scrutiny.
20:17:59 <kylem> off topic though.
20:18:11 <nirik> mitr: sorry... anything to add? or shall we point this for f15?
20:18:16 * notting is +1 for push to f15
20:18:21 <kylem> notting, i agree.
20:18:24 <SMParrish> +1 for F15
20:18:56 <mitr> nirik: I can't honestly argue about the "not upstream" problem
20:18:59 <mclasen> mitr: why only fips mode in the first place ? should you rather use it, always ?
20:19:01 <pjones> hey, that's better.
20:19:05 <mclasen> or is it prohibitively expensive ?
20:19:11 <ajax> +1 push to f15
20:19:32 * notting guesses this does *not* mean we re-implement luks by 'echo /dev/sda3 > /dev/crypto'
20:20:06 <nirik> #info CryptographyInKernel retargeted to f15.
20:20:20 <mitr> mclasen: The /dev/crypto interface is always available - FIPS mode would probably act as a switch between implementations inside openssl/nss/libgcrypt, because there is some unavoidable overhead.
20:20:26 <nirik> ok, I think thats all of them. Any I missed or anything anyone would like to add?
20:20:53 <mclasen> dist-git is nice
20:21:05 <nirik> speaking of that...
20:21:10 <nirik> #topic Some Kudos
20:21:17 <kylem> rough edges, but yes, big time happy about it.
20:21:48 <cebbert> i like not having to re-tag
20:21:52 <nirik> I'd like to propose that we officially (or as officially as we can) announce kudos for a job well done to Oxf13 and dmalcolm. (for dist-git and python.27 stuff)
20:22:10 <nirik> they both did a lot of work and many long days to get stuff done.
20:22:16 <mclasen> +1
20:22:26 <notting> +1
20:22:27 <pjones> nirik: yes, +1
20:22:28 <SMParrish> +1
20:22:28 <kylem> indeed. +1.
20:22:37 <dmalcolm> nirik: I had lots of help on the python 2.7 stuff (oget, in particular)
20:22:55 <ajax> hells yes +1
20:23:01 <mjg59> +1
20:23:15 <nirik> yeah, lots of folks pitched in, but you guys drove things forward. :)
20:23:16 * dmalcolm definitely owes $FAVORITE_BEVERAGE to oget, abadger1999, tomspur
20:23:55 <nirik> #agreed Kudos for a job well done for Oxf13 and dmalcolm. Thanks for your hard work!
20:24:28 <nirik> #topic koji bug in rawhide - https://bugzilla.redhat.com/show_bug.cgi?id=619276
20:24:36 <nirik> rjones wanted us to note/discuss this.
20:24:47 <nirik> dgilmore is working on it though, so not sure what we can really do.
20:25:18 <nirik> so, unless anyone has something to add, we will just note it and move on.
20:25:27 <rwmjones> I'm actually here
20:25:34 <notting> other than 'dgilmore is now much busier', and perhaps help might be appreciated
20:25:37 <rwmjones> but yes, note it fine
20:25:42 <mclasen> haralds workaround works fine locally
20:25:55 * dmalcolm will take a look from the py2.7 end
20:26:07 <rwmjones> very temporarily, but people installing rawhide will always hit this
20:26:14 <rwmjones> so the bug does need to be fixed properly and quickly
20:26:24 <nirik> dmalcolm: would be good to confirm it's not a py27 xmlrpc thing.
20:26:53 <nirik> ok, anything further on this? or shall we move along?
20:27:33 <nirik> #topic Open Floor
20:27:41 <nirik> Anyone have anything for open floor?
20:28:28 <bioinfornatics> i have a question, when someone review this tango-0.99.9-fix.patch
20:28:29 <nirik> I'll note that the nightly live composes should boot again.
20:28:37 <bioinfornatics> oops
20:28:39 <notting> nirik: i'm sure we can fix that
20:28:40 <bioinfornatics> https://fedorahosted.org/fpc/ticket/7
20:28:44 <bioinfornatics> bad paste
20:29:11 <notting> bioinfornatics: FPC has meetings every other week, IIRC
20:29:26 <nirik> except I am not sure when they last met was.
20:29:27 <bioinfornatics> ok
20:29:45 <bioinfornatics> thanks
20:29:47 <mclasen> you can also just send a note to the packaging list
20:30:03 <nirik> yes, that might be good to get discussion and feedback on.
20:30:59 <bioinfornatics> ok :)
20:31:35 <bioinfornatics> please do not remove my Feature D programming i wait end of review
20:31:45 <bioinfornatics> for me all works
20:31:50 <nirik> anyone have anything else?
20:31:56 <nirik> bioinfornatics: I know you are working hard on it. ;)
20:32:17 <bioinfornatics> :) thanks
20:32:32 * nirik will close the meeting in a minute if nothing else comes up.
20:33:10 <nirik> Thanks for coming everyone!
20:33:14 <nirik> #endmeeting