17:30:02 #startmeeting FESCO (2011-06-15) 17:30:02 Meeting started Wed Jun 15 17:30:02 2011 UTC. The chair is nirik. Information about MeetBot at http://wiki.debian.org/MeetBot. 17:30:02 Useful Commands: #action #agreed #halp #info #idea #link #topic. 17:30:02 #meetingname fesco 17:30:02 The meeting name has been set to 'fesco' 17:30:03 #chair notting nirik ajax cwickert mjg59 mmaslano t8m pjones sgallagh 17:30:03 Current chairs: ajax cwickert mjg59 mmaslano nirik notting pjones sgallagh t8m 17:30:03 #topic init process 17:30:35 Afternoon 17:30:40 yo 17:30:41 hello folks. 17:30:43 * gholms waves to all the new members 17:30:44 ha ha suckers 17:30:46 oh, wait. 17:30:49 (and all the veterans) 17:31:02 rocking chair, shotgun... 17:31:02 Hello 17:31:03 gholms: don't forget the veteran new members. 17:31:14 pjones: They got *two* waves. :) 17:31:25 is three too much to ask? 17:31:35 pjones: Gotta make them last. 17:31:36 I say the waving has gone not too far enough. 17:31:39 * notting is here 17:31:50 hello 17:31:53 hi t8m 17:31:55 hello 17:32:11 hello t8m 17:32:40 ok, lets go ahead and dive in then... 17:32:51 #topic Welcome to new members, thanks to departing members 17:33:12 Welcome to newly elected folks: pjones, sgallagh, t8m. 17:33:41 Good to be here 17:33:44 Crap, I waved too soon. 17:33:50 * gholms waves anyway 17:33:55 Thanks to departing folks: kylem, SMParrish, mclasen 17:34:05 * kylem waves. 17:34:17 Hello again 17:34:40 #topic Elect Chair 17:34:55 So, I've been doing chair stuff for a while... my time has become less of late. 17:35:11 i wonder how that happened. :) 17:35:12 I wouldn't mind handing it off or having us switch to some kind of rotating duty on it. 17:35:20 yeah, odd. ;) 17:35:36 or we could delegate parts of it out more... 17:35:51 Rotation seems like a plan 17:35:52 i don't mind rotating in, but i don't think i could take it on full time. 17:36:01 Yeah, ditto 17:36:46 For the new kids: what are the chair's duties, besides running the meetings? 17:37:29 sending out agenda a day or so before. Keeping track of sponsor/provenpackager requests (sending for feedback, dealing with after a week). 17:37:34 running the meeting. 17:37:41 sending out minutes to the list after 17:38:05 nirik: do we have manual to creating minutes from irc etc? 17:38:20 I could write up a wiki page on it... 17:38:35 mmaslano: meetbot does that. ;) I just copy/paste to an email and reply to the agenda email. 17:38:37 handling sponsor/pp requests seems like sometihng that would be simpler to delegate than rotate. i'll do that 17:38:52 notting: cool. 17:39:15 #info notting to deal with sponsor / pp requests for now 17:39:50 * t8m would prefer keeping elected chair if someone steps up and agrees to be one 17:40:59 everyone takes one step back... 17:41:07 :) 17:41:09 well, if people really want I suppose I could keep doing it... just takes time. 17:41:16 t8m: Well, if you're volunteering... 17:41:30 * t8m is not :) 17:41:36 Heh 17:41:43 I agree with rotation 17:41:54 so, how about this: I will try and write up a wiki page with tasks/workflow. 17:42:04 sounds like a good start. 17:42:06 someone else can try and use that next week to run things and we can adjust from there? 17:42:12 +1 17:42:14 +1 17:42:17 1 17:42:24 +1 17:42:31 who would want to be the beta-tester for next week? ;) 17:43:01 yeah, why not. 17:43:03 If no one else wants to volunteer, I'll take that on 17:43:26 oh, also needing doing: update FESCo wiki page with current members, update previous members pages, and update fesco list (I can do that last one) 17:44:02 * cwickert rushes in late 17:44:30 i'll update the wiki 17:45:03 sgallagh / ajax: which of you would like next week? 17:45:19 #action nirik to write up wiki page on running meetings 17:45:24 nirik: i'll do it 17:45:35 take it 17:45:38 #action ajax to use that to run meeting next week. 17:45:57 #action notting to update wiki pages. 17:46:03 ok, anything else on chair stuff? 17:46:16 meeting time is a separate item? 17:46:59 yeah 17:47:01 next up 17:47:06 #topic Change meeting time/day? 17:47:18 so, does this time work for everyone? or should we try a whenisgood thing again? 17:47:20 Well, everyone's here now 17:47:26 This time works fine for me 17:47:28 can we have the meeting a little later? 17:47:33 So it clearly works to some extent :) 17:47:38 I'd like to change the day of meeting 17:47:39 this time works for me as well. 17:47:39 But probably best to do another whenisgood 17:47:48 I'll set one up after the meeting 17:47:55 thanks 17:47:56 +1 to do another whenisgood 17:48:07 Sure 17:48:13 whatevs. 17:48:18 so, we're split between us eastern, us mountan, and CET? 17:48:29 presumably whatever we decide on won't take effect until after next week. 17:48:30 notting: and somebody from CET wants it later ;) 17:48:58 ajax: presumably we use whenisgood as a recommendation and move it by vote. 17:49:02 mjg59: thanks. Perhaps make a ticket with the whenisgood link, and we can chime in there when we have updated it? 17:49:59 yeah, lets meet this same time next week, then change? 17:50:07 ack. 17:50:19 ok 17:50:24 nirik: Sure 17:50:31 +1 17:50:37 ok 17:50:41 yep 17:50:47 #action mjg59 to file ticket on new meeting time, add whenisgood link and we will revisit next week about changing the time/day of meeting. 17:51:08 ok, anything else on time/day/administravia? 17:51:37 ok, moving on. 17:51:39 #topic #563 suggested policy: all daemons must set RELRO and PIE flags 17:51:40 .fesco 563 17:51:41 nirik: #563 (suggested policy: all daemons must set RELRO and PIE flags) - FESCo - Trac - https://fedorahosted.org/fesco/ticket/563 17:51:44 any news here? 17:52:00 last thing before i stepped aside 17:52:05 in ticket are details from jakub 17:52:07 This just seems like another PIE in the sky feature that... 17:52:13 ;) 17:52:18 he had some recommendation 17:52:21 i got jakub to post to the ticket, and he supplied a bit more info to me and ajax 17:52:30 (but didn't answer whether the bug is a bug.) 17:52:40 ah, I didn't see his comment. 17:53:06 i'd suggest you follow the original suggestion, enable PIE as necessary, and possibly add some tooling with upstream to ensure that symbols are resolved as intended 17:53:22 (enable PIE where security relevant, long running daemons) 17:53:28 relro is pretty trivially okay globally 17:53:39 yeah 17:53:42 yup. 17:53:55 does relro without now bring actually any security? 17:54:09 perhaps you can ask for a ftbfs-style test of them both 17:54:12 t8m: you mean without PIE? 17:54:26 proposal: enable relro in rawhide by default, ping FPC to see about adding a guideline to use PIE for long running or security relevant applications? 17:54:43 pjones: No, there are two variants of RELRO 17:54:46 pjones, no Partial relro (-Wl,-z,relro) instead of Full relro (-Wl,-z,relro,-z,now) 17:54:48 t8m: yes. imagine an array of function pointers, all bound to symbols provided by the executable. relro lets you mark that const and have it actually work. 17:55:50 full relro extends that to cases where the symbol you're taking the address of is provided by one of your libraries instead. 17:55:59 wait, is he saying he also objects to relro? 17:56:10 nirik: no, he's saying he objects to -z now. 17:56:30 nirik, yes, that sounds like something that will keep the toolchain people happy (ie: what they intended) as well 17:56:31 ah, so partial he's ok with... 17:56:35 also note that systemd isn't on the list in the ticket 17:56:41 (because it's newer than the ticket, looks like) 17:56:54 pjones: I suspect we need to come up with a critera and ask it to be a packaging guideline... 17:56:59 ok then -Wl,-z,relro should be in default flags at least on arches where it makes sense 17:56:59 nirik: yes. 17:57:29 nirik: does "long running" include, say, gnome-shell? :) 17:57:38 t8m: i don't think there are any arches where it doesn't. pretty sure that's an OSABI not PSABI thing. 17:57:46 it could I suppose. ;) 17:58:00 I guess we can leave that up to FPC. 17:58:04 and for the -Wl,-z,now and PIE we should tell FPC to make a guideline that recommends (requires?) that for long running daemons 17:58:09 anyway the answer here is that i still don't have a resolution on the thing that was keeping me from changing the rpm configs. 17:58:28 so, we can't enable partial relro anyhow yet? 17:58:36 ajax, and that was? 17:58:42 t8m: requires; if there's genuine cause for exception, it can be granted. 17:58:44 nirik, no, that was -pie that caused it 17:58:47 t8m: -fPIE seems to imply -rdynamic. 17:58:55 t8m: but we don't expect that to be common, so no reason not to. 17:59:19 nirik: i suppose we can, yeah. 17:59:26 i'll do that this week 17:59:39 ok, so votes on my proposal? or alternates? 17:59:50 proposal: enable partial relro in rawhide by default, ping FPC to see about adding a guideline to use PIE for long running or security relevant applications? 18:00:04 nirik, +1 18:00:05 +1 18:00:09 +1 18:00:10 +1 18:00:11 +1 18:00:13 +1 18:00:15 +1 18:00:18 +1 18:00:41 #agreed enable partial relro in rawhide by default, ping FPC to see about adding a guideline to use PIE for long running or security relevant applications? 18:00:56 anything further on this? 18:00:57 Wow, I haven't seen +8 here in a while. 18:01:50 #topic #599 F16Feature: ConsoleKit Removal/Automatic Multi-Seat Support - https://fedoraproject.org/wiki/Features/ckremoval 18:01:50 .fesco 599 18:01:51 nirik: #599 (F16Feature: ConsoleKit Removal/Automatic Multi-Seat Support - https://fedoraproject.org/wiki/Features/ckremoval) - FESCo - Trac - https://fedorahosted.org/fesco/ticket/599 18:02:01 we got answers on the talk page... 18:02:46 I'm all for removing CK 18:02:53 given those answers, +1 from me 18:03:02 +1 same here 18:03:07 +1 18:03:16 +1 here. 18:03:36 +1 from me as well. 18:03:43 if the other desktops/*dms keep working (regardless of the multiseat support) then +1 from me 18:03:47 As long as it's true that CK is parallel-installable. 18:03:47 +1 18:03:57 +1 if destops are ok 18:04:28 +1, conditional on compatibility with other desktops 18:04:35 #agreed feature is approved. 18:04:51 we had 2 features that came in this morning... 18:04:58 should we do them now? or wait for next week on them? 18:05:16 would prefer to wait, i've not had a chance to read them 18:05:30 I think the tboot one, especially, is going to require some examination 18:05:30 I would argue for next week, since I haven't had a chance to read them, but I'm also gloriously unprepared for everything else today. 18:05:33 (apologies) 18:05:42 Yeah, let's get them next week, unless they've requested an urgent decision 18:05:44 oh, tboot is on there. definitely next week then. 18:06:00 pjones: You've been looking at tboot before - can you stick some questions on the talk page? 18:06:20 mjg59: I've really not been looking at it; jreiden and his team have. 18:06:27 of course, he' 18:06:31 he's sitting 5 feet to my left. 18:06:34 Heh 18:06:38 * nirik is fine with defering them. 18:06:57 any objections? 18:07:26 #topic Open Floor 18:07:36 ok, open floor time. Anyone have any open floor items? 18:07:43 mmaslano: how goes the perl rebuild? 18:08:12 notting: I and my co-worker are working on automatical rebuild script. 18:08:35 but I play in mu buildroot, so nothing should broke 18:09:34 * mmaslano is running out of battery 18:09:42 There's been a lot of chatter on fedora-devel lately about systemd. 18:09:53 sgallagh: yeah. 18:10:11 I was thinking it might be prudent to discuss some milestones for the SYSV->systemd conversions 18:10:17 sgallagh: s/lot of chatter/flamewar/ 18:11:10 sgallagh: ok. we do have a feature on it... 18:11:36 sgallagh: in the form of 'for any given package, do it by beta, or don't do it'? or some different sorts of milestones? 18:12:12 notting, something like that would be nice 18:12:27 notting: Well, the point of the feature is to be 100% converted by beta 18:12:44 and you'd prefer to not have 100% land directly at beta? 18:12:49 I'm proposing that we should try to accomplish 100% of "base" by alpha 18:12:51 18:13:05 Is it realistic? 18:13:18 Is it any less realistic than beta? 18:13:34 having areas to concentrate on seems like a good idea. 18:13:41 how many are there in base? 18:14:15 t8m: depends a bit on the implementation - if it's "wait until the service file is in upstream version", it will take longer 18:14:45 notting: I don't think that's likely achievable by RC, let alone beta or alpha. 18:14:55 notting, it might take forever for some upstreams :D 18:14:58 Fedora is going to have to carry some private copies for a while (possibly several releases) 18:15:41 * cwickert is sorry but has to leave now. 18:15:43 * nirik nods. 18:16:00 I think asking the folks working on that feature to concentrate on base seems fine... 18:16:01 before I leave: if you decide anything, I am +1 for converting everything to systemd asap 18:16:21 sgallagh: so, first step would be to audit services to get the base & core list. anyone want to take that as an action item? (if it's not on the feature page already) 18:16:27 yeah, I don't have a problem telling them to prioritize stuff in base 18:16:58 cwickert, I do not agree with that. 18:17:24 notting: I'll take an action item to get the base and core list. (Should be easy with a little mock-fu) 18:18:00 I propose that once we have this list, we open a bug on each as-yet unconverted daemon in Bugzilla, blocking the alpha 18:18:20 sgallagh, from the base and core lists I suppose? 18:18:26 Yes 18:18:31 OK then 18:19:14 sgallagh: there already are bugs on things for converting. 18:19:17 sgallagh: just make the existing bugs block the alpha, but yes 18:19:20 could we just update those to block? 18:19:22 t8m: you don't have to agree with me. it was just in case we vote whether we want to have base or everything converted by alpha, beta or whatever, I want the earliest milestone in this development cycle to give it as much testing as possible. understood? 18:19:39 nirik: If they already exist, updating them to block is fine 18:19:48 cwickert, OK 18:19:49 +1 to that plan. seems fine to me. 18:19:58 +1 18:20:03 +1 18:20:07 * cwickert is really afk now 18:20:07 It'd be nice to have a keywork for SystemdConversion or similar in BZ as well, but it's probably too late for that. 18:20:31 sgallagh: abuse a whiteboard? 18:20:36 * notting is +1 to the plan 18:20:43 #action sgallagh will collect base / core packages that need conversion to systemd and we will try and get those done by alpha. 18:20:46 sgallagh, no need to add keyword, either abuse whiteboard or add a tracking bug 18:20:47 sgallagh: why is a tracker bug not enough? 18:21:00 cwickert, still here? :D 18:21:06 :) 18:21:18 cwickert: A tracker is fine. I should have been less specific: "An easy search filter for BZ" 18:21:29 ok, anything else on this? or any other open floor item? 18:21:35 ok then 18:22:57 * nirik will close out the meeting in a minute if nothing else comes up 18:24:22 thanks for coming everyone! 18:24:26 #endmeeting