18:00:07 #startmeeting FESCO (2012-02-27) 18:00:07 Meeting started Wed Feb 27 18:00:07 2013 UTC. The chair is nirik. Information about MeetBot at http://wiki.debian.org/MeetBot. 18:00:07 Useful Commands: #action #agreed #halp #info #idea #link #topic. 18:00:07 #meetingname fesco 18:00:07 #chair abadger1999 jwb mitr mmaslano notting nirik pjones t8m sgallagh 18:00:07 #topic init process 18:00:07 The meeting name has been set to 'fesco' 18:00:07 Current chairs: abadger1999 jwb mitr mmaslano nirik notting pjones sgallagh t8m 18:00:13 who all is around? 18:00:15 Hello 18:00:38 (me) 18:01:24 (me) 18:01:25 (me) 18:01:30 * sgallagh is here 18:01:38 * abadger1999 here 18:01:40 Apologies if I drop out, I'm on a train 18:01:55 i'm here 18:01:58 hello. 18:02:36 ok, I guess lets go ahead and dive in... 18:02:43 #topic #979 Features process proposal: Track features in bugzilla 18:02:43 .fesco 979 18:02:43 https://fedorahosted.org/fesco/ticket/979 18:02:45 nirik: #979 (Features process proposal: Track features in bugzilla) – FESCo - https://fedorahosted.org/fesco/ticket/979 18:03:17 I guess my thought here is to do whatever the program manager would prefer, try it and if it fails, try something else? :) 18:03:42 as the person proposing this idea, yeah, I can get behind that :) 18:03:43 I can get behind that 18:04:00 +1 18:04:08 hi all, sorru for being late 18:04:10 I generally agree with that 18:04:18 i'm going to get to the side of it 18:04:22 Is jreznik in favor of this? 18:04:22 I can see advantages and disadvantages to trac or bugzilla. 18:04:37 He's prefering trac at the moment. 18:04:45 yep. As I said in the bug, I prefer bugzilla, but I prefer trac to nothing 18:04:51 worksforme 18:05:10 mattdm: I think I prefer Trac, honestly. Fedora has more control to tweak it if we need to 18:05:13 I actually prefer trac 18:05:38 Do we keep this open, or close it and let jreznik come up with a specific proposal, or something else? 18:05:47 sorry for being late 18:05:48 To me, the big advantage of bugzilla is the ability to link *directly* to actual-work bugs 18:05:55 (I might be overthinking the "proposal" part) 18:05:57 trac has problems, but so does bugzilla. I think we should look at trying something and fail faster. ;) 18:05:58 I've never thought trac does a good job - it does a lot of simple things badly, like making urls in titles not clickable 18:06:14 which means that once set up, it's low overhead to keep up-to-date rather than being Yet Another Thing to update 18:06:42 does anybody know anything about that devconf proposal marcela was talking about? 18:06:50 jreznik: next week 18:06:52 mitr: Can we just close it with "agreed with a minor addendum"? 18:07:26 sgallagh: any of the three options works for me 18:07:30 s/Can/Should/ 18:07:35 nirik: well both are not a good tracking tools, trac is more, bz is less but... 18:07:35 so, proposal: go with whatever option the program manager would like to try? 18:07:44 jreznik: agreed. :( 18:07:59 nirik, +1 18:08:05 and I see mattdm's point 18:08:14 nirik: +1. Just please make sure this gets announced/incorporated into the planning process 18:08:39 nirik: +1 18:08:46 sure, and perhaps we should dicuss more details on the options, but that doesn't need to be here... 18:09:02 nirik: yep, definitely 18:09:30 * jreznik is not open/closed for any good idea how to track it - wiki is even worst than bz/trac 18:09:58 is open is better and not against any viable option :) 18:10:08 so, thats +4 for the proposal? other votes? 18:10:20 which proposal? 18:10:25 so, proposal: go with whatever option the program manager would like to try? 18:10:33 yeah, +1 18:11:12 of course in coop with fesco 18:11:24 #agreed FESCo is ok to go with whichever tracker the program manager would like 18:11:46 yeah, +1 18:12:03 thanks jreznik. I suppose we could discuss the options on list, but there might be a lot of bikeshedding. 18:12:41 anyhow, moving on... 18:12:54 #topic #1028: tor package concerns 18:12:54 .fesco 1028 18:12:54 https://fedorahosted.org/fesco/ticket/1028 18:12:55 * mattdm gets out his bikeshed paint 18:12:57 nirik: #1028 (tor package concerns) – FESCo - https://fedorahosted.org/fesco/ticket/1028 18:13:06 mattdm: but what colour is it? ;) 18:13:19 anyhow, I reopened this because I still have a concern... 18:13:42 The maintainer doesn't want to push security impacting updates to stable without karma. 18:13:52 (i can voice an opinion too if that's appropriate) 18:14:02 pwouters: sure. 18:14:06 pwouters: go ahead. 18:14:18 this has been going on for about 3 years now. in different ways 18:14:21 jamielinux: Your input would be welcome too. 18:14:28 nirik: Great. 18:14:45 i am very close with upstream, and they totally gave up and now strongly recommend not using fedora/epel packages 18:15:06 pwouters: is that from them being out of date? or some other issue? 18:15:10 this has gone on against everyone's but a single person's (enrico) interest 18:15:29 out of date, patches that degrade security from upstream's point of view, 18:15:40 weirdness like different init susb systems 18:15:54 there's like 50+ emails in the archive about tor packaging (and actually clamav packaging) 18:16:14 (e.g. https://lists.fedoraproject.org/pipermail/devel/2013-February/178407.html ) 18:16:28 fesco kind of forced the co-maintainer 18:16:44 who then did work, then the maintainer just revered without talking to the comaintainer 18:16:46 For the record, jamielinux is who was added as a tor comaintainer. 18:16:55 so i am dont think the current solution is working 18:17:06 I'm not sure I'd want to make a general ruling on security updates here, but in the case of the Tor package (whose only reason for existence is to enhance anonymity) I think it might be reasonable to recommend that it push to stable with the timeout 18:17:26 frankly, i don't think focusing on tor is going to solve the problem 18:17:34 the problem is the maintainer, not the package. 18:17:40 yeah :/ 18:17:58 I was quite disheartened after my changes were all reverted. 18:17:59 For updates, I'd be surprised if we were able to come up with a general rule, it'll always involve human judgment. We can just emphasise Fedora's preference to stay with upstream 18:18:04 yes. the comaintainer was supposed to mostly fix the maintainer issue. not the issue of whatever is happening today or tomorrow 18:18:14 True, should we perhaps send a sternly-worded email about collaborating with comaintainers? 18:18:14 FYI, when f16 went eol: 18:18:18 141 https://admin.fedoraproject.org/updates/FEDORA-2012-14654/tor-0.2.2.39-1600.fc16 18:18:21 141 days 18:18:37 jamielinux: I have reviewed the commit, and I would have probably reverted it as well. The split version is much better. 18:18:39 And then revoke his rights if he doesn't shape up? 18:18:57 sgallagh: ^^ 18:19:09 Just for the record, I have just posted a split patch series here: 18:19:11 https://lists.fedoraproject.org/pipermail/devel/2013-February/179163.html 18:19:21 I have no doubt that Enrico will revert almost all of them however. 18:19:24 mitr: Wait, so it wasn't just a revert? I misunderstood the problem, then 18:19:36 I have not applied any of these in git yet, as I see no point. 18:19:43 mitr: while i agree attacking whitespace could have waited, the whole "non fedora init" style should be ripped out 18:19:50 sgallagh: Look at http://pkgs.fedoraproject.org/cgit/tor.git/commit/?id=dcca5c196a47528c40b4563dac9bf0adf892cc89 , it shows how large the thing was 18:19:52 jamielinux: I don't think it's our job to pre-approve your patches. 18:19:56 pwouters: yes 18:19:59 it should have been ripped at when it was initng 18:20:07 sgallagh: No, I wasn't suggesting that. Just posting here for the record. 18:20:11 * sgallagh nods 18:20:19 mitr: yeah, although really... it's not that big. I would have been able to view the diff... 18:20:36 IMHO all the %{?fedora} conditionalizing should be generally forbidden - just use git branches and merge. 18:20:53 the core issue is, the tor package is for the fedora community, not for enrico. Enrico is mixing this up. He should follow package guidelines. He's refused to comply for over 3 years. 18:20:57 OTOH we have asked FPC recently about support for other init systems, and they decided that they don't want to forbid them 18:21:35 mitr: yeah, but %{?fedora} is something we've never really taken a strong stance on 18:21:45 pjones: And I understand we probably won't. 18:21:47 * nirik notes upstart is now dead/blocked in rawhide 18:21:54 and f18 18:21:55 Too many people find it more convenient than branches. 18:21:59 The tor spec contains a tor-upstart package that isn't built, which I assume is fine by our guidelines as I couldn't find any guidance. 18:22:11 jamielinux: yeah, I think that's an okay thing to do. 18:22:19 https://fedorahosted.org/fpc/ticket/243 for the record 18:22:26 pjones: Sure, that's what I assumed. 18:22:56 also: tor security updates are vital. and should not be delayed willy nilly 18:23:14 anyhow, in the past when we have had issues like this we have selected a mediator... do we want to do that here? Or ask ensc some questions directly? or ? 18:24:33 mediation is good. provided there is an action if it fails 18:24:47 I'm reminded of last time fesco got involved with tor packaging. nothing ended up changing 18:25:02 yeah, that's the thing we want to avoid happening again. 18:25:04 * nirik doesn't recall that... I know we have talked about clamav several times. 18:25:26 * mitr finds https://fedorahosted.org/fesco/ticket/347 18:25:28 Might be worth having a mediator and expecting that mediator to come to us with resolution or at least strong recommendations within a couple of weeks. 18:25:36 nirik: I met up with upstream at GSoC a few years ago, and filed like 8 bugs needing fixing. 18:25:37 https://fedorahosted.org/fesco/ticket/347 18:26:50 i think that ticket is from _after_ I gave up on it all 18:27:06 Well, mediator... I kind of think we know what we want to achieve here already, it's just that we don't have (and don't want to set up) guidelines backing it 18:27:07 ah yeah. Now I remember that one. 18:27:29 mitr: what do we want to achieve here? 18:27:38 mitr: you're suggesting that somebody else should be maintaining these packages? 18:28:13 abadger1999: 1) updates to this specific package going out soon enough to make upstream content, 2) not insisting on packaging peculiarities 18:28:16 https://bugzilla.redhat.com/show_bug.cgi?id=532373 18:28:23 * nirik would like timely updated packages that upstream is happy to recommend to users. 18:28:39 nirik, +1 18:28:43 me as well 18:28:55 pjones: I don't think that's strictly necessary, no. But talk about "mediators" and "cooperation" when we want to say "rip this out" is confusing the issue 18:29:27 * abadger1999 agrees with mitr's sentiment of being clear 18:29:28 mitr, in 2) you mean who should not insist? fedora or enrico? 18:29:54 (not in that bz that Roger Dingledine is upstream) 18:29:59 s/not/note 18:30:00 Perhaps we might consider overruling FPC on https://fedorahosted.org/fpc/ticket/243 (and/or forbidding upstrart and allowing sysvidinit, since upstrart never existed that much),... 18:30:15 mitr: Uhmm... 18:30:16 * nirik oddly sees tor was not in the mass rebuild? 18:30:24 mitr: I'd prefer you didn't go at it in that manner :-) 18:30:30 abadger1999: yeah 18:31:08 abadger1999: I see the difficulty - it's just that seeing "you can have packaging that nobody else needs" and "we don't like how tor is packaged" is not consistent. 18:31:26 * abadger1999 notes that ensc's method of enabling upstart is definitely.... idiosyncratic. 18:31:31 t8m: "allowing the package to remove bits that only make it more complex for comaintainers" 18:31:59 mitr, I am still not getting it 18:32:21 he's not using parallel installable init scripts for different systems... he's using bcond_with/without to make the build conditionalized via command line arguments 18:32:36 so you'll never get the non-default behaviour in the fedora build system. 18:32:56 only if you build the package locally with your own set of command line arguments to rpmbuild 18:33:00 Yes, the tor-upstart package is not built by default. 18:33:12 Though the spec is horribly lengthy and confusing with all of the custom stuff. 18:33:28 After my most recent patch series, the length drops from 250 to 150. 18:33:35 And is *much* easier to grok. 18:33:40 * nirik nods. 18:33:50 But spec legibility is subjective. 18:33:50 yeah because three years ago there was hell and fire because you needed to install "tor-sysvinit" to get tor. and that fight caused enrico to fix it so "yum install tor" would get the default init system 18:34:00 jamielinux: sure, but less is usually more. 18:34:06 but that also took weeks of fighting :/ 18:34:20 again. the specific package detail is not the problem. The maintainer is. 18:34:22 I think the fpc made a ruling about something similar (macros for use on non-fedora OS's [like suse openbuildsystem]) and said that those macros should not be used.... but that ruling was in the first few years of fedora. 18:34:26 again, the problem is basically that you have a primary maintainer treating a package as a fifedom and pissing all over anything anyone else tries 18:34:30 But all of this is just a side-show. 18:34:36 so focus on the maintainer, not the damn pacakge 18:34:54 The problem FESCo needs to address isn't each individual package change that needs to go through - it's the fact that the maintainer is actively stopping things from getting better. 18:34:55 jamielinux: I think legibility is a huge thing. 18:35:14 abadger1999: I agree with you 100%. 18:35:30 right, so one thing I think we might want to look at documenting/whatever is the fact that packages you maintain are not yours. You are simply a caretaker. You shouldn't treat them as your own thing and reject things that make them easier to hand on to others. 18:35:31 pjones: And that's supposed to be FESCo's job (I kid) 18:35:32 jamielinux: the fact that ensc can jsutify reverting the patch solely on the "impossible to review" grounds points at problems in the current spec's readability. 18:35:35 either we have the "balls" to kick enrico out of being primary tor maintainer or we should probably accept his "style" in spec unless it is not conflicting the guidelines 18:36:10 pjones: I'm not too keen on using that revert as a basis for our decision. 18:36:28 mitr, then use the combined history of the maintainer's actions 18:36:30 mitr: that's not the only example that's been cited though. 18:36:41 and do note that this is a /recurring/ problem. 18:36:44 mitr: how about upstream recommendation that fedora packages for to should not be used? 18:36:47 why on earth do we suddenly have tunnel vision when we have to possibly talk to a human about their behavior? 18:36:48 is that a better indication? 18:36:49 abadger1999: No, the patch mixes about 8 separate changes; that's problematic regardless of what you are patching 18:37:19 pjones: Right, I was reading your comment too narrowly. Sorry 18:37:25 mitr: It's certainly no worse than a new package review, though. 18:38:02 * nirik notes we are at 24min on this topic. 18:38:04 proposal: remove Enrico from tor maintainership 18:38:39 * jamielinux would like to mention he did feel at fault for the massive commit and whitespace changes that weren't fully required, and was kicking himself after. But did feel Enrico didn't handle the situation well either. 18:39:00 jwb: +1 18:39:08 * nirik is a reluctant +1. 18:39:12 * abadger1999 notes that he's also willing to vote for "lesser" proposals. 18:39:19 * pjones is also a +1 , though wishes it hadn't come this far. 18:39:41 0. I think I'm still looking for a less radical fix, although I can see the case for a +1 18:40:18 we could ask him to apply the split out patches, and push security updates stable... 18:40:27 but not sure that would fully solve things. 18:40:29 mitr: if you have any suggestions for a less radical fix, now is the time. 18:40:48 nirik: if we're going to tell him how to maintain the package, what's the point of leaving him in place as maintainer? 18:40:50 the best I can think of as a counter-proposal is "FESCo wants tor updates to go out timely enough from now on, and is willing to remove maintainership over this issue" 18:40:57 Which is really not great 18:41:10 I'm still not quite well enough informed to decide. Can someone give me the 30-second explanation of why tor has to see Fedora-specific patches on a regular basis vs. rebasing? Does it go against our stable updates policy in some way? 18:41:10 pjones: yeah. 18:41:13 pjones: I absolutely agree with your second comment. 18:41:27 pjones: And there is a long history too.. 18:41:52 sgallagh: it's not fedora specific. Tor updates, ensc updates the package, it sits in updates-testing. It doesn't get +3 karma, it never goes stable. 18:41:59 pjones: Well, "telling others how to maintain the package" is the whole point of packaging guidelines... and what we want never was in them 18:42:15 mitr: no, there's a difference between setting guidelines and saying "make these changes". 18:42:16 the package itself has lots of issues preventing it from easily being managed by co-maintainers. 18:42:17 i've been involved with a few rounds with this issue. I like being nice and doing another round, but I dont think it will work. enrico showed not the least bit of cooperation willingness in years 18:43:02 nirik: Yes, making this patch series was a lot more work than I anticipated, with bits of the spec all over the palce. 18:43:29 nirik: Not that I mind putting in the work to fix the package.. 18:43:40 * sgallagh really doesn't want to be the swing vote on this, but I suppose staying at 0 would be an implicit -1. 18:43:54 We have a comaintainer who is willing to do the work needed, so I guess I'm a weak +1 18:44:03 sgallagh: Give me a minute... 18:44:39 If enrico later demonstrates he can play well with others, he can always request to be re-added as a comaintainer 18:44:42 * nirik waits for a counterproposal from mitr 18:44:52 actually, I will also go back to Roger at upstream and see about bringing theirs and our packages back togehter, so they can stop shipping rpms and tell people to not use fedora packages 18:45:16 I'd be willing to give +1 if there was a clear response (or clear ignorance) from enrico that he is not willing to change his maintenance style of tor even if we remove it from him forcibly if he doesn't 18:45:31 After looking at bugzilla a bit more, I'm +1 to the proposal 18:45:47 t8m: What swayed me was the CVE bugs in CLOSED/WONTFIX - EOL 18:46:00 mitr: yeah, that's incredibly bad. 18:46:13 ok, lets see... thats +7? 18:46:45 someone points out the CWG arguably exists for things liek this 18:46:51 i've yet to see CWG actual exist though 18:46:55 so... 18:47:24 so, thats +6, and t8m's conditional +1, which I guess is 0 or -1 for the proposal? 18:47:31 jwb: yeah -- -ENOTIMe on my part and I think this may have progressed beyond CWG already. 18:47:45 nirik, rather 0 18:47:49 t8m: ok. 18:47:51 for the record: i do not take pleasure in proposing this, but i think it needs to be done 18:48:04 if i had any thoughts something else would work, i would have proposed that instead 18:48:13 #agreed remove Enrico from tor maintainership (+6,0,0) 18:48:25 I assume we can orphan it and jamielinux will pick it up? 18:48:44 yes 18:48:47 jwb: I'm in the same boat. Its a sad state. :( 18:48:51 anyhow, moving on then... 18:49:00 * jamielinux would like to thank everyone here for the discussion, input and advice. 18:49:02 #topic 1091 NRM: Request ownership change for mediawiki 18:49:02 .fesco 1091 18:49:02 https://fedorahosted.org/fesco/ticket/1091 18:49:03 nirik: #1091 (NRM: Request ownership change for mediawiki) – FESCo - https://fedorahosted.org/fesco/ticket/1091 18:49:13 (I'm mooninite FYI) 18:49:24 welcome daumas 18:49:43 since the maintainer hasn't responded, I'm fine moving ownership here. 18:49:46 I think this is a pretty clear-cut case for the NRM process, just that we didn't handle this on the mailing list. 18:49:55 * mitr apologizes for not reacting there 18:50:09 We may want to consider if other of the maintainers packages should also be orphaned or co-maintainers added. 18:50:56 I think we should probably solicit co-maintainers for them. 18:51:03 pjones: +1 18:51:07 do we even need a vote on mediawiki? should be pretty clear under the policy. 18:51:12 (not having mediawiki1XX packages strongly recommended) 18:51:27 we still likely need them for epel, but yeah. 18:51:35 nirik: It needs an explicit ACK from >=1 FESCo member 18:51:45 mitr: I'll ack it 18:52:07 sgallagh: you were faster :) 18:52:09 pwouters: could those packages be blocked for fedora only? they were never reviewed for fedora. only epel 18:52:09 would someone like to manage soliciting co-maintainers for the other packages of theirs? 18:52:19 proposal: make daumas (mooninite) the maintainer and solicit for co-maintainers for the owner's other packages. 18:52:22 daumas: most if not all of them should be already 18:52:51 (whether we need a vote or not, we're already discussing it and having a record can't hurt) 18:53:17 daumas: That came up on the mailing list some time ago. They accidentally filtered in from rawhide (which wasn't dead.package like it should have been) 18:53:18 sure, +1 18:53:25 I'm in favor of killing it and blocking the packages 18:53:34 nirik, sgallagh: ok thanks 18:53:51 pjones: +1 18:53:59 https://admin.fedoraproject.org/pkgdb/users/packages/athimm?acls=owner are the 27 packages by the way 18:54:00 pjones: +1. 18:54:16 pjones, +1 18:54:44 #agreed make daumas (mooninite) the maintainer and solicit for co-maintainers for the owner's other packages. (+5,0,0) 18:54:51 anything else on this topic? 18:54:59 thanks for your time, gentlemen 18:55:06 #topic next week chair 18:55:15 who wants the shiny gavel? 18:55:54 nirik: I think it's my turn 18:55:54 anyone? 18:56:00 cool. thanks sgallagh 18:56:06 #info sgallagh to chair next week 18:56:10 #topic Open floor 18:56:14 any items for open floor? 18:56:24 Can we vote on blocking those mediawikiXXXX packages from Fedora? 18:56:44 I don't think there would be any objection. 18:57:00 sgallagh: dude, whatever. 18:57:02 I don't either, but it's good to have a record of decisions 18:57:28 all of them are blocked except 119 18:57:31 and that was a mistake. ;) 18:57:33 If no one is objecting, I'll just shut up and go do it 18:57:43 .whoowns mediawiki119 18:57:43 abadger1999: smooge 18:57:58 sgallagh: yeah, mistake, just do it. 18:58:13 #action sgallagh to fix mediawiki119 mistake 18:59:18 Just a note that any help on this cleanup would be appreciated: https://fedoraproject.org/wiki/User:Toshio/Devendorize_desktop_files#List_of_affected_packages 18:59:36 halfway done, but half still to go. 19:00:16 abadger1999: I noticed we still have that python-pillow ticket open. 19:00:21 does that need to be anymore? 19:00:32 Hmm.. 19:00:39 So there is one question around that ticket I think 19:00:41 https://fedorahosted.org/fesco/ticket/985 19:00:56 dmalcolm hasn't responded on the bug against python3 19:00:59 ok 19:01:36 anything else from anyone? will close out in a minute if not. 19:01:39 Do we want to ask him what's going on with that in some official capacity? 19:01:55 a ping on the bug might be nice. 19:02:08 k. I'll put on a fesco hat and ask. 19:02:36 #action abadger1999 to ping on python3 pillow bug 19:03:36 ok, thanks for coming everyone. 19:03:39 #endmeeting