18:01:22 <sgallagh> #startmeeting FESCO (2015-01-07) 18:01:22 <zodbot> Meeting started Wed Jan 7 18:01:22 2015 UTC. The chair is sgallagh. Information about MeetBot at http://wiki.debian.org/MeetBot. 18:01:22 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic. 18:01:22 <sgallagh> #meetingname fesco 18:01:22 <zodbot> The meeting name has been set to 'fesco' 18:01:22 <sgallagh> #chair dgilmore jwb kalev mattdm mitr mmaslano nirik sgallagh stickster t8m thozza 18:01:22 <sgallagh> #topic init process 18:01:22 <zodbot> Current chairs: dgilmore jwb kalev mattdm mitr mmaslano nirik sgallagh stickster t8m thozza 18:01:30 <t8m> hi all 18:01:31 <nirik> morning everyone. 18:01:37 <jwb> hi 18:01:38 <kalev> hello 18:01:39 * mattdm crawls out from cave, blinks in sunlight 18:01:43 <thozza> good evening everyone :) 18:01:50 * mattdm notes that it's going to be six more weeks of winter 18:01:54 * mattdm goes back into cave 18:01:57 <sgallagh> .hello sgallagh 18:01:58 <zodbot> sgallagh: sgallagh 'Stephen Gallagher' <sgallagh@redhat.com> 18:02:11 <mattdm> .hello mattdm 18:02:13 <zodbot> mattdm: mattdm 'Matthew Miller' <mattdm@mattdm.org> 18:02:19 <mitr> Hello 18:02:24 <hadess> hey 18:03:17 <twoerner> hello 18:03:38 * jreznik is around, on the team meeting - ping me when you'll need me 18:04:22 <sgallagh> OK, that looks like almost everyone, so we can just get started 18:04:36 <sgallagh> #topic #1372 "Workstation" Product defaults to wide-open firewall 18:04:36 <sgallagh> .fesco 1372 18:04:37 <zodbot> sgallagh: #1372 ("Workstation" Product defaults to wide-open firewall) – FESCo - https://fedorahosted.org/fesco/ticket/1372 18:05:16 <mattdm> are the various stakeholders in attendence? 18:05:30 <sgallagh> I saw twoerner. I haven't seen Bastien. 18:05:56 <jwb> sgallagh, hadess is here 18:06:02 <hadess> sgallagh, you're not looking hard enough :) 18:06:14 <t8m> I am afraid there is no solution that is acceptable to everyone. 18:06:20 <sgallagh> Ah, I didn't realize that nick matched that name 18:07:13 <sgallagh> So, before we start arguing about solutions (short- and long-term), I was hoping we could discuss goals 18:07:31 <sgallagh> I don't think anyone is perfectly happy with the current state (is that a fair statement?) 18:07:51 <mattdm> fair understatement, maybe even 18:08:01 <nirik> I'm not sure we need to discuss solutions here tho... 18:08:10 <t8m> nirik, +1 18:08:15 <nirik> unless we feel that it's worth overriding the workstation working group. 18:08:20 <mitr> sgallagh: I am reasonably happy with the current capabilities _of the firewall_ actually. I am very much wishing for reliable sandboxing which would replace some of the firewall uses but is not actually a firewall. 18:08:22 <nirik> which IMHO, I am -1 to 18:08:25 <sgallagh> nirik: Well, we need to try to agree on an end-experience, not necessarily an implementation 18:08:38 <t8m> mitr, +1 18:08:41 <hadess> the long term goals were mentioned in my mail to fedora workstation, definitely not finished, but certainly on the right path 18:08:52 <nirik> sgallagh: we do? isn't that for the workstation working group? 18:08:53 <sgallagh> I'm not explaining myself well enough 18:09:02 <jwb> please explain more. 18:10:22 <sgallagh> /me tries to find appropriate phrasing 18:11:52 <sgallagh> Somewhere, someone needs to make a decision where on the Usability<->Security continuum the default Workstation environment belongs. This should probably be the Workstation WG, but I argue that it's sensible for FESCo to provide guidance 18:12:06 <jwb> i disagree. 18:12:42 <jwb> if it were sensible, then FESCo would have given that guidance long before now. like the first time this all came up 6 months ago 18:13:14 <hadess> i think that we've shown that the workstation WG can talk to security folks like mitr and twoerner when changes happen 18:13:18 <sgallagh> Well, the guidance we gave was "have the firewall and desktop people talk it out and come to a decision" 18:13:32 <nirik> The current setup is not ideal, but I trust the workstation folks to have made the best choice they could with what they have... 18:13:32 <jwb> and that decision was made 18:13:33 <kalev> that seemed to work pretty well, I should point out 18:13:37 <sgallagh> The communication kind of failed and both groups came away from the discussion with a different understanding of what was decided 18:13:39 <t8m> jwb, didn't it actually give at least vague guidance that the firewall should be there 18:13:46 <jwb> t8m, no 18:13:55 <mattdm> jwb: actually yes, at least partially 18:14:08 <t8m> jwb, i have to disagree 18:14:11 <hadess> sgallagh, it didn't fail, no 18:14:17 <mattdm> the proposal was "no firewall at all" and fesco voted against that 18:14:18 <twoerner> hadess: I do not agree 18:14:28 <jwb> t8m, mattdm: and the existing solution has a firewall 18:14:41 <sgallagh> hadess: Judging from the amount of "We were strong-armed into agreeing" I heard from the firewall folks, I think it did 18:14:42 <t8m> jwb, i am not saying it does not 18:14:45 <mitr> sgallagh: I don’t necessarily think that FESCo should make that kind of guidance. I do think that because the original discussion happened in FESCo and was rejected, the new proposal should have gone to FESCo—not because FESCo necessarily has or should have the authority, but because that’s where everyone _expected_ the follow-up; hence the current blowback. 18:14:48 <hadess> twoerner, you don't agree, but mitr did, he hopefully still does 18:14:50 <nirik> twoerner: could you share what you would like to see here? 18:15:11 <hadess> sgallagh, the problem seems to have been that i talked to one person not two, and they don't agree 18:15:21 <mitr> sgallagh, hadess: For context, I am not a “firewalld developer”. 18:15:47 <sgallagh> hadess: That would qualify as a communication failure. Not necessarily anyone's direct *fault*. 18:16:33 <sgallagh> I'm not looking to assign blame. Just to recognize that the communication was at least *incomplete* and therefore we ended up not getting the agreement we really sought. 18:16:33 <mclasen> failure to reach an agreement on every detail is not a communication failure. Sometimes, people just disagree 18:17:08 <mitr> I will be accountable for agreeing to this plan, I do think asking the user only once for communication/sharing decisions makes sense in principle. As for the communication, I was not happy with the decision to move this to desktop@ but I didn’t feel necessary to raise a pointless stink about it at the time. 18:17:15 <sgallagh> mclasen: Failure to talk to the right people is a communication failure. 18:17:39 <mclasen> who decides who the right people are ? 18:17:41 <jwb> let's focus on moving on, and not the definition of communication 18:17:47 <hadess> mitr, you've seen how it ended up on devel@, i'm completely happy with that decision :) 18:17:49 <sgallagh> jwb: yes 18:17:51 <jwb> so what do you want to actually accomplish here? 18:17:54 <t8m> jwb, +1 18:18:09 <mitr> hadess: Hiding from people who disagree with you is not really making things better, _especially_ when they later find out (like they did). 18:18:25 * nirik would like to hear from twoerner on that since I think he disagrees with the current setup... 18:18:38 <sgallagh> What I want to accomplish is this: agreement that the current state of things is not immutable and reopen the conversation for a usable AND secure default. 18:18:55 <nirik> sgallagh: I don't think anyone says this is immutable. 18:18:56 <kalev> twoerner: what's the problem with current setup? 18:18:59 <mitr> Primarily, kkofler raised this. 18:19:24 <twoerner> nirik: I voted against the use of the current workstation zone 18:19:35 <t8m> I believe it is mainly about expectations. 18:19:50 <nirik> what I want to accomplish (at least right now without more info otherwise): Close this ticket and say work with the workstation group on improving thnigs, we are not going to override them on this and we trust their judgement. 18:20:14 <sgallagh> For example, I would be happy with us shipping several different default firewall configurations (or at least, just two: "Recommended" and "Paranoid") 18:20:22 <twoerner> kalev: that the ports above 1024 are completely open 18:20:26 <sgallagh> And documenting well how to use them 18:20:28 <nirik> twoerner: ok. you want it to block >1024 ports by default? and break those apps that need that open? 18:20:33 * mclasen waits for the suggestion to ask in the installer 18:20:50 <nirik> mclasen: no no, we need a popup! 18:20:56 <sgallagh> mclasen: No, we've been over that before. That's the wrong answer. 18:20:58 <mitr> sgallagh: Where “firewall configuration” is what? A package? A command to type? 18:21:06 <sgallagh> But a simple Firewall selection in GNOME Settings? 18:21:07 <mitr> Because we seem to have that command :) 18:21:08 <sgallagh> Maybe 18:21:08 <t8m> I there is a general expectation that Fedora has a firewall preventing outside connections to random (even 3rd party) software running on the computer, then we have a problem with the current configuration. If the expectation is not such, then we don't. 18:21:09 <twoerner> so that for example databases are reachable for everyone, which is bad on a (web-)development machine 18:21:16 <nirik> sgallagh: we have that. 18:21:22 <t8m> If there... 18:21:33 <hadess> sgallagh, there's already a "paranoid" setting available from the UI, though the default zone cannot be changed in the UI 18:21:58 <mattdm> twoerner: meh. I don't care if a database server is reachable for everyone on my home network. 18:22:04 <nirik> twoerner: which the user installed and setup... so, it's the expectation you are objecting to? 18:22:14 <mitr> t8m: The underlying assumption to that expectation question is that the passively listening / actively connecting distinction matters. And nowadays, with ISPs injecting JavaScript into others’ responses, it doesn’t all that much. 18:22:15 <twoerner> nirik: there was a nice proposal for a layer in the desktop 18:22:25 <thozza> which applications needs ports >1024 to be open to work properly? 18:22:26 <hadess> twoerner, it was awful UI 18:22:47 <nirik> layer? 18:22:48 <mclasen> firewallds configuration is just not ready for a ui 18:22:49 <twoerner> mattdm: I agree for @home.. but the workstation zone is also used for public (open) wifis by default 18:22:49 <t8m> mitr, I think it is more a publicity problem than a real security problem :) 18:22:53 <sgallagh> OK, we shouldn't get into the details here. 18:23:04 <hadess> thozza, they're listed over and over again in the thread, at least half-a-dozen applications in the default install 18:23:05 <mattdm> sgallagh++ 18:23:07 <twoerner> going to a internet cafe is bad with this 18:23:16 <sgallagh> I'd be fine with us all coordinating on a chapter in the admin guide on how to set this up to your individual specifications 18:23:37 <nirik> twoerner: if you install and configure and run apps on >1024... sure, but if you do that you can easily change the fw zone too. 18:23:45 <hadess> twoerner, not any more than it was before, really 18:24:25 <mcatanzaro> twoerner: Going to a internet cafe with a database server you configured yourself and a database hacker at the next table would be bad... all the sharing software installed by default should be turned off automatically on unapproved networks. 18:24:27 <mattdm> right, so going back to the initial statement in this discussion.... UI improvments could open up more options that everyone could feel better about, right? 18:24:41 <drago01> twoerner: which database listens on all interfaces by default? 18:24:55 <drago01> twoerner: that sounds like a bad practice regardless of firefwall presense 18:25:01 <jwb> apologies for dropping off. i had a power outage here 18:25:06 <jwb> win 14 18:25:09 <twoerner> mcatanzaro: should? which service is doing this? 18:25:35 <mcatanzaro> hadess, gnome-settings-daemon? (?) 18:25:45 <twoerner> drago01: yes it is 18:26:01 <hadess> twoerner, currently gnome-settings-daemon for a number of services, in the future, we'll be able to use sandboxing to make this better 18:26:07 <twoerner> mcatanzaro: so all database services are using gnome-settings-daemon?? 18:26:48 <twoerner> mcatanzaro: as Workstation is meant for developers there is more than gnome-* 18:26:51 <mitr> mattdm: I don’t think hoping for UI improvements is realistic. Because there are the two bounds of making the UI precise enough to be pointless for many users (”do you want IPv4 connections to 192.168.1.3, which is en2p0, port 5353, to succeeed”?) and making the UI nice enough to be useless (“You have a database running. Do you want to make it functional?”) 18:27:51 * mitr tries a set of completely orthogonal proposal to hopefully focus this… 18:27:54 <mattdm> mitr: I'm thinking more like: having fewer zones, and having zone selection more discoverable from the gnome/networkmanager ui 18:27:56 <drago01> twoerner: ok so which db does that? 18:28:26 <t8m> drago01, any random third party db 18:28:29 <jwb> so i take it we've moved from "let the Workstation WG discuss/decide this" to "FESCo needs to discuss implementations"? 18:28:37 <nirik> apparently 18:28:46 <drago01> t8m: oh so you don't mean the ones we ship ok 18:28:48 <jwb> amazing how quickly that happened. the power was only out for about 2 min here 18:28:48 <hadess> mattdm, i already explained that zones aren't a good match for something user visible 18:28:53 <mattdm> jwb you're right; can we pull this back? 18:29:02 <t8m> drago01, it does not matter actually - the local firewall was invented for exactly that purpose 18:29:06 * kalev is for pulling back too. 18:29:08 <sgallagh> I'd really like us to at least first agree that everyone involved is trying to get to a common point: Only the things we want people to be doing are open by default. The first part of that is highly fluid. 18:30:11 <mitr> t8m: Which is also exactly the kinds of applications where we can never do a good UI, it’s either “these work by default” or “these don’t work by default” (or, the worst of all, “users are trained to run arbitrary internet-provided commands as part of installation of ordinary software”) 18:30:12 <nirik> not sure how that helps us, until the neural brain plug interface happens so we know what the user intends. ;) 18:30:17 <sgallagh> I think "Shut everything off unless the user explicitly opens it" is just as wrong a choice as "Well, users don't know how to use a firewall, so just shut it off" 18:30:23 <sgallagh> There's got to be a sensible middle-ground 18:30:42 <t8m> sgallagh, really? 18:30:46 <hadess> sgallagh, i don't think i can find an agreement with twoerner, given the discussions we had since we got into an agreement with mitr 18:31:00 <t8m> sgallagh, I don't actually believe much in that. 18:31:24 <nirik> proposal: close ticket, ask interested parties to continue to work with the workstation group to improve things. 18:31:37 <t8m> nirik, +1 18:31:38 <sgallagh> nirik: We just had people stating that they don't think they can 18:31:46 <sgallagh> s/people/the relevant people/ 18:32:07 <mitr> sgallagh: No, there really isn’t. Even beyond the widespread practice of using port 80/443 fo everything _to bypass firewalls_, you can never let the user decide that “this weather application with nice animations is allowed to connect to weather.com but not to tor or IRC”, the situation is actually fairly hopeless. 18:32:11 <kalev> nirik: +1 18:32:13 <nirik> sgallagh: which is too bad, but you can't make everyone agree all the time. 18:32:23 <t8m> well maybe we could also somehow approve (or disapprove) the current situation as acceptable (or inacceptable) 18:32:36 <kalev> sgallagh: I don't think they said they can't work with the Workstation wg; they said they don't agree -- there's a difference 18:32:47 <mitr> Proposal 1) If the Workstation WG really doesn’t want FESCo {review,second guessing}, they are welcome to not ask for it for the configuration of their product. (FESCo may still raise some egregious issues but this proposal implicitly defines the firewalld default as not that egregious). 18:33:08 <nirik> mitr: the workstation working group did not file this ticket. 18:33:08 <mitr> Proposal 2) The automated tests to make sure that nothing in Fedora is listening by default unless on a strictly maintained whitelist are a blocker for F22. 18:33:13 <nirik> it was a user trying to override them 18:33:24 <mitr> nirik: True; I believe the outcome would follow. 18:33:42 <hadess> mitr, 2) was planned for f21, but taskotron never got to the point where it was usable for this purpose 18:33:46 <mitr> Proposal 3) Find someone interested in editing the release notes or otherwise highlighting this defaults change for long-term users. 18:33:49 <mattdm> nirik: they filed the original change request 18:33:55 <hadess> mitr, i doubt it is now 18:33:56 <sgallagh> mitr: Why does "following our established guidelines" have to be automated here? 18:34:01 <mitr> hadess: IMHO that should have been a _blocker_ for making that config change for F21. A Blocker means a blocker. 18:34:21 <nirik> to be clear I think it's fine that someone took something to us if they disagreed with a working group decision. In this case I don't agree the thing is something we want to override for and should be closed->wontfix 18:34:21 <mitr> sgallagh: What is this in reference to? 18:34:33 <sgallagh> "Proposal 2) The automated tests to make sure that nothing in Fedora is listening by default unless on a strictly maintained whitelist are a blocker for F22." 18:34:35 <mattdm> nirik +1 18:34:46 <hadess> mitr, given that i can't strongarm people into working on taskotron faster, that means pushing it back indefinitely 18:34:58 <sgallagh> We already have that stated explicitly that nothing can listen (externally) by default without permission 18:35:02 <mitr> sgallagh: Because we did have bugs in this area, and this is one of the few cases where firewalls are actually useful (and why everyone so desperately wanted them in the 1990s) 18:35:06 <nirik> mitr: if you can get QA buyin for such work, ok... but that sounds like a unfunded mandate. ;) 18:35:08 <jwb> we have 4 different proposals 18:35:15 <jwb> this is kind of a trainwreck 18:35:24 <sgallagh> mitr: Well, forcing the firewall to work around process failures is a bad idea 18:35:32 <mclasen> everything we do in fedora is unfunded...sad reality 18:35:58 <sgallagh> OK, let's take this back to the very top-level. 18:36:05 <mitr> hadess: No, that would mean pushing other Workstation work back. 18:36:27 <sgallagh> Proposal: FESCo trusts the Workstation WG to properly research and develop a sensible firewall solution and will stay out of the way. 18:36:28 <hadess> mitr, there's no one in workstation qualified to do that 18:36:31 <mitr> (Noting that 1) would make 2)3) obsolete) 18:36:43 <hadess> mitr, presumably there's nobody in your team to work on it either 18:37:13 <nirik> sgallagh: +1 18:37:17 <mitr> hadess: So somebody should learn? And I would argue that those changing the steady state :) But that is really not a FESCo matter. 18:37:20 <jwb> sgallagh, +1 18:37:28 <t8m> mitr, +1 18:37:30 <sgallagh> (For the record, I am +1 to my own proposal) 18:37:35 <kalev> sgallagh: +1 18:37:48 <mattdm> sgallagh: +1 18:37:57 <hadess> mitr, so tell me why the security folks aren't the ones working on that? 18:38:00 <t8m> sgallagh, this is equivalent to mitr's proposal 1) 18:38:01 <sgallagh> (I also volunteer my own time to the Workstation WG if they want to consult me for input) 18:38:07 <thozza> sgallagh: We see they didn't do that, so what guarantees that they will? 18:38:14 <mitr> sgallagh: I’m not so sure. I _am_ fairly happy with the status quo but #1301 really wasn't trust-inspiring. 18:38:33 <mitr> sgallagh: (it passed anyway so just for the record.) 18:38:35 <t8m> sgallagh, +0 18:38:40 <mitr> sgallagh: +0 I guess. 18:38:47 <thozza> +0, too 18:38:49 <mcatanzaro> mitr: Safe bet that the status quo will prevail, at least in the mid-term. 18:39:25 <sgallagh> I've got (+5, 3, -0). 18:39:32 <mitr> hadess: To the extent I have any influence in that, making DLNA work is not even at the bottom of the priority list. 18:39:46 <thozza> sgallagh: one vote from t8m was for mitr 18:40:04 <sgallagh> #agreed FESCo trusts the Workstation WG to properly research and develop a sensible firewall solution and will stay out of the way. (+5, 3, -0) 18:40:11 <sgallagh> thozza: I know; I counted him as +0 18:40:12 <t8m> thozza, he voted for himself, it is correctly counted 18:40:18 <thozza> ahh, ok 18:41:07 <sgallagh> #info sgallagh volunteers to act as a security consultant to the Workstation team if they are interested. 18:41:13 <sgallagh> #topic #1349 Fedora 22 scheduling strategy (and beyond) 18:41:13 <sgallagh> .fesco 1349 18:41:15 <zodbot> sgallagh: #1349 (Fedora 22 scheduling strategy (and beyond)) – FESCo - https://fedorahosted.org/fesco/ticket/1349 18:41:20 <hadess> mitr, working on regression testing server packages that go in fedora should be 18:42:04 <sgallagh> So... we've left this decision long enough, yes? 18:42:15 <kalev> we have a very rough schedule at http://fedoraproject.org/wiki/Releases/22/Schedule 18:42:17 <nirik> FWIW, I found one thing listening on my laptop >1024. unbound-control. Guess I should file a bug on it. 18:43:17 <sgallagh> I'm fairly comfortable with the proposed schedule. 18:43:28 <jwb> i think it's as good as it's going to get for now 18:43:30 <thozza> nirik: if on all interfaces, we should change it 18:43:31 <nirik> seems fine to me. 18:43:38 <sgallagh> I also like that we enter Alpha Freeze shortly after DevConf.cz, so we should be able to use the hackfests there to good effect. 18:43:55 <mattdm> #link http://fedoraproject.org/wiki/Releases/22/Schedule 18:44:13 <nirik> oh, it is localhost. nevermind. ;) 18:44:21 <mattdm> so, that means change submission deadline in _less than two weeks_ 18:44:24 <sgallagh> I'd suggest that we schedule the mass rebuild for seven days before Alpha freeze 18:44:35 <jreznik> mattdm: yes 18:44:35 <sgallagh> jreznik: ping (this is likely important to you) 18:44:36 <nirik> sgallagh: no 18:44:43 <sgallagh> nirik: no? 18:44:47 <nirik> mass rebuild has to be several weeks before branch 18:44:51 <mattdm> #info change submission deadline in _less than two weeks_ 18:44:51 <sgallagh> oh ok 18:45:02 <nirik> otherwise we have to do rawhide and f22. and ... no thanks. ;) 18:45:12 <jreznik> mattdm: I'm going through right now and will send reminders soon 18:45:22 <sgallagh> nirik: Several weeks? Or would one suffice? 18:45:22 <mattdm> jreznik: thanks1 18:45:25 <jwb> remind me why we're going a mass rebuild? 18:45:28 <sgallagh> I misspoke above; I meant a week before branch 18:45:50 <sgallagh> jwb: Boost, if nothing else... 18:46:06 <nirik> sgallagh: it's best to have several so things get cleaned up and fixed... 18:46:08 <sgallagh> And don't we usually have a new gcc around then? 18:46:11 <nirik> and yeah, we don't know yet 18:46:15 <jreznik> sgallagh: boost is in side tag 18:46:21 <nirik> boost doesn't need mass rebuild. 18:46:24 <sgallagh> ok 18:46:25 <nirik> the PIE everything would. 18:46:28 <nirik> new gcc would 18:46:29 <jreznik> yep 18:46:30 <sgallagh> /me nods 18:46:45 <sgallagh> Didn't we have the PIE everything discussion in F18 and decide against it? 18:46:46 <thozza> nirik: the PIE should also use side tag, no? 18:46:51 <jwb> so we're kind of doing this backwards 18:46:59 <jwb> since we didn't actually approve or talk about those changes yet 18:47:07 <nirik> thozza: not really, it would need every archfull package. 18:47:09 * jreznik does not see any need for any big changes in current draft before we get changes proposes (ala pie, probably gcc, other stuff) 18:47:10 <nirik> yeah. 18:47:14 <sgallagh> jwb: Well, "If we have to do a rebuild, it has to happen by this date" 18:47:16 <mitr> sgallagh: I would also like to have that discussion again soonish FWIW. 18:47:20 <sgallagh> We can ignore the hypotheticals 18:47:29 <nirik> we can't decide mass rebuild until we decide all the changes 18:47:38 <jreznik> jwb: right, first talk about changes that could affect schedule before 18:48:03 <mitr> nirik: If we didn’t do a mass rebuild, would we shorten the schedule? If not, let’s just schedule it now and we can drop it anytime. 18:48:26 <sgallagh> Honestly, if we're trying to get back to a time-based schedule, I'd like us to say "If GCC isn't ready for a mass-rebuild by X, it waits until F23" 18:48:38 <t8m> sgallagh, +1 18:48:57 <t8m> also given the last record with major gcc update I am afraid of forced rebuilds. 18:49:01 <nirik> we could... 18:49:11 <t8m> if the update is done too hastily 18:49:16 <kalev> sgallagh: +1 -- I do would do a schedule first and then see what features fit in there 18:49:21 <nirik> how about 2015-01-29 18:49:26 <thozza> sgallagh: +1 18:49:31 <sgallagh> nirik: +1 18:49:32 <mcatanzaro> The next gcc update is planned to change c++ ABI. 18:49:35 <mitr> sgallagh: +1 18:49:42 <jreznik> sgallagh: and are we going back? I still hope we are not 18:49:54 <sgallagh> mcatanzaro: Then *definitely* not a great idea for a short cycle 18:50:06 <mcatanzaro> And enable c++11 unless explicitly disabled. 18:50:16 <sgallagh> jreznik: I didn't understand the question 18:51:11 <mattdm> jreznik wants to go to a features-based schedule, I think? 18:51:12 <jreznik> sgallagh: going back to time based schedule, I still think the current compomise we have in between is the best way but it's up to fesco, I'lm just schedule wrangler :) 18:51:41 <jwb> so what do we do if we say gcc isn't going to make the cut, and the maintainers don't buy in? 18:51:42 <drago01> jreznik: well given that we still keep slipping multiple times ... I don't think it "worked" 18:51:47 <jreznik> mattdm: I think what we have now and we worked on for several years makes sense - draft schedule, take a look what we can do, finalize schedule 18:51:56 <mattdm> jreznik: I think the idea is to keep the compromise fundamentally, but tilt it more towards time-based? 18:52:06 <sgallagh> jwb: Can we assume that they aren't going to be jerks (by default)? 18:52:20 <mattdm> drago01: That's a perception thing. Under the "current compromise", those slips are just part of the process, not a problem 18:52:35 <jreznik> drago01: and is that really bad thing? especially with fedora.next? where it had to be more feature driven than any other release 18:52:38 <drago01> mattdm: not really 18:52:44 <jwb> sgallagh, it's not a question of being a jerk. this is a community project. if there's an important package and the community member driving it doesn't agree, what do we do? 18:52:46 <jreznik> mattdm: exactly 18:52:47 <kalev> jwb: also, if we have a schedule known in advance, the gcc folks are in a better position to decide if they should try to get a new gcc in or not 18:52:55 <kalev> jwb: it's hard to do that without knowing the deadlines 18:53:00 <drago01> mattdm: the slips after the schedule have been decided still happen 18:53:00 <nirik> jwb: adjust schedule after that I guess? 18:53:04 <sgallagh> jwb: I assume the maintainers won't want to ship a distro built on a prerelease gcc or force us to wait for them 18:53:06 <drago01> mattdm: and those are sure not "by design" 18:53:18 <mattdm> drago01: no, they _are_ by design. That's the thing. 18:53:23 <jwb> i'm not articulating my point well enough 18:53:29 <mattdm> Whether that's what we want to keep doing is... basically the question. 18:53:35 <jreznik> kalev: but we have draft now, if they think they really need latest gcc, let's talk about schedule implication - that's current compromise we're talking about 18:53:37 <sgallagh> jwb: Welcome to my world :-/ 18:53:49 <mattdm> Is gcc the main thing we are concerned with at this point? 18:54:03 <jwb> i was using it as an example. i wasn't really concerned 18:54:07 <nirik> hard to say since we don't have all the proposed changes in hand. ;) 18:54:14 <drago01> jreznik: yes it is ... it makes us look incomptenet 18:54:15 <jwb> nirik, yes. 18:54:16 <jreznik> mattdm: s/gcc/any other significant piece of Fedora :) 18:54:30 <mattdm> jreznik: I mean, specifically. 18:54:37 <mattdm> drago01: again, that's a perception issue. 18:54:45 <drago01> jreznik: we get lots of press like "slipped again" 18:54:46 <drago01> (and I can't type= 18:54:46 <jreznik> drago01: and is that really problem? 18:54:46 <drago01> ) 18:54:52 <kalev> mattdm: I don't think there are plans to upgrade gcc this cycle, at least I haven't heard of them if there are 18:54:53 <drago01> jreznik: "yes it is" 18:54:58 <mattdm> partly because we call them "slips". we could call them fluffy-good-times-bonus-weeks :) 18:55:00 <t8m> no it isn' 18:55:02 <t8m> no it isn't 18:55:07 * nirik notes there's several things being done to try and get rid of slips... is this the place to discuss them tho/ 18:55:10 <t8m> mattdm, +1 :D 18:55:12 <drago01> mattdm: does not make it not exist 18:55:12 <jreznik> it would be easier if we were proprietary company, I see much bigger changes here just it's not visible 18:55:28 <jwb> happy new year! just like the old year so far! 18:55:36 <jwb> let's get back to schedule 18:55:37 <jreznik> jwb: :D 18:55:40 <t8m> jwb, +1 18:55:46 <sgallagh> OK, let's ask the fundamental question first: 18:55:52 <jwb> do we either wait to review changes, or go with the tentative schedule now? 18:55:55 <drago01> mattdm: you can't just talk away issues and pretend they do not exit 18:56:06 <mattdm> So, annnyway, drago01, I basically agree with you and am just trying to explain the other viewpoint. 18:56:10 <drago01> mattdm: exist ... that doesn't work 18:56:14 <t8m> drago01, slips are inevitable 18:56:16 <sgallagh> proposal: FESCo would like for F22 to strictly adhere to a schedule, rather than adjusting the schedule based on submitted features. 18:56:25 <sgallagh> (Let's level-set, here) 18:56:35 <t8m> drago01, and are not a really big problem unless they are indefinite 18:56:58 <drago01> t8m: sure I am just saying the "new" processes has not make us slip any less ... so "going back" isn't any worse 18:57:05 <kalev> sgallagh: +1 to that, I think it makes a lot of sense 18:57:06 <sgallagh> (Note: I'm not attempting to answer the F23+ question above) 18:57:23 <nirik> sgallagh: +0.5... that makes it sound like we wouldn't adjust ever, which seems too strong to me, but I am ok with setting the schedule 18:57:27 <jreznik> btw. this proposal of course does not mean no slips :) 18:57:32 <thozza> sgallagh: I'm for it +1 18:57:41 <mattdm> sgallagh: to clarify, does this mean that there's going to be different procedures around qa and slips? 18:57:44 <t8m> sgallagh, same as nirik 18:57:44 <mitr> sgallagh: +0.5: schedule first, then features. 18:57:46 <sgallagh> mattdm: no 18:57:48 <thozza> nirik: I think it is better to sound like that to make them stick to the schedule 18:57:54 <mattdm> or are you just talking about the schedule strategy from _this_ point. 18:58:09 <sgallagh> Just that we aren't going to say "Ok, with all these Changes, we're going to add two weeks to the schedule" 18:58:12 <jwb> does this mean we REALLY require and stick to contingency plans for Changes? 18:58:12 <mitr> thozza: OTOH lying lain doesn’t work. 18:58:18 <sgallagh> Some Changes may be postponed instead. 18:58:19 <mattdm> ("this" = feature submissions) 18:58:26 <mattdm> okay. in that case, I am +1 18:58:34 <mitr> jwb: We should, yes. 18:58:39 <sgallagh> jwb: That would be my hope, yes 18:58:48 <jreznik> jwb: yes, it does and be strict - and as we know, sometimes it's even not possible at all 18:58:49 <jwb> i'm only going to +1 this if everyone is on board with that. otherwise it's a toothless proposal 18:58:59 <mattdm> jwb: define "everyone".... 18:59:05 <jwb> in fesco 18:59:14 <sgallagh> jwb: +1 18:59:23 <mattdm> ok. I am on board. I've been saying it for a long time. 18:59:26 <jwb> jreznik, no contingency plan means no for f22 is a good start. 18:59:28 <drago01> jwb: what if the contingency plan is more work then just finishing the feature? (see f18 anaconda etc) 18:59:34 <t8m> in the general sense +1 as I said 18:59:42 <jwb> drago01, then it shouldn't have been accepted in the first place 18:59:47 <mattdm> drago01: make a better contingency plan, please? 18:59:48 <jwb> also, let's stop talking about anaconda 18:59:49 <mitr> drago01: Then we screwed up in approving it (and yes we do screw up) 18:59:50 <sgallagh> jwb: Well, for System-Wide, I agree. For leaf projects... meh? 18:59:52 <drago01> jwb: ok fair enough 19:00:03 <jreznik> drago01: yeah, anaconda is that example I'm talking about and it was the reason why we changed the way how we schedule :) 19:00:04 <drago01> mitr: who doesn't? ;) 19:00:19 <mattdm> sgallagh: for those, "eh, we got this far" is usually an okay contingency 19:00:30 <mattdm> jreznik: it's done. movin' on. :) 19:00:34 <jwb> anyway, +1 for being hardasses 19:00:38 <sgallagh> jreznik: That was pretty exceptional. It's not going to change again in the immediate future. Let's stop basing decisions on a milestone we already passed. 19:00:49 <sgallagh> /me starts doing squats. 19:00:50 <mitr> sgallagh: self-contained changes already don’t have a mandatory contingency plan. 19:01:01 <sgallagh> mitr: Right, I was just clarifying 19:01:07 <jreznik> sgallagh: I know it was one time and there are not so many examples as anaconda, fedora.next 19:01:27 <nirik> so where are we here? 19:01:39 <kalev> I think next we should finalize the current schedule? 19:01:46 <sgallagh> Can we revote on my proposal? I lost track of it with all the ongoing stuff. 19:01:48 <mitr> (jreznik: IIRC we did make a similar mistake since F18 at least once but I don't recall what it was.) 19:02:00 <sgallagh> Are we agreed that we're going to tie down the schedule and be hardasses about contingency plans? 19:02:03 <jreznik> tell me to be real hardass, and I'll be, even personally I liked some kind of flexibility and making fedora better in the end (and I really don't think it will significantly change slips) 19:02:31 <nirik> sgallagh: +1 sure. 19:02:37 <kalev> sgallagh: +1 19:02:37 <thozza> sgallagh: +1 19:02:41 <sgallagh> sgallagh: +1 19:02:45 <mitr> sgallagh: +1 19:02:59 <nirik> we may want to wait for next week when dgilmore is back to set the side-tag and mass rebuild dates... not sure if he has anything in there that would affect them. 19:03:06 <t8m> sgallagh, +1 19:03:09 <sgallagh> nirik: That's fair. 19:03:22 <jreznik> nirik: yep 19:03:24 <kalev> nirik: we maybe want to set tentative dates for those, so that Boost et al can schedule better 19:03:25 <nirik> might be a short ramp for boost folks. 19:03:39 <mattdm> sgallagh: +1 ftr 19:04:19 <sgallagh> #agreed FESCo would like for F22 to strictly adhere to a schedule, rather than adjusting the schedule based on submitted features. We intend to enforce the contingency plan very strictly this cycle (+8, 0, -0) 19:04:23 <nirik> kalev: we could... say: 2015-01-29 for side tag merge, and 2015-01-30 for mass rebuild start? 19:04:40 <nirik> (tenative) 19:04:45 <sgallagh> nirik: Sounds good to me 19:04:52 <kalev> nirik: maybe a few more days between the mass rebuild and merge? 19:05:05 <kalev> there's usually fallout after a merge ... 19:05:14 <nirik> kalev: could move to monday I suppose... feb 2nd 19:05:40 <nirik> that doesn't leave much time after it before branch tho 19:05:54 <kalev> or move tag merge earlier and leave mass rebuild on 2015-01-30 ? 19:05:54 <sgallagh> nirik: That's also going to run into travel time for people headed to Brno 19:06:40 <nirik> kalev: sure, but the meeting on the 28th would be our last one with proposed changes... I guess any change with a side tag then would be out of luck anyhow. 19:07:38 <jwb> sgallagh, the project is large. maybe those people can find backups 19:07:52 <jwb> because otherwise we suck terribly at scaling 19:07:54 <sgallagh> Sure, just noting it. 19:08:14 <kalev> nirik: I think 2 days between the merge and mass rebuild should be fine to get rawhide back in working order -- perhaps merge 2015-01-28 (same day as fesco meeting), and mass rebuild 2015-01-30 ? 19:08:16 <sgallagh> (Mostly because both people that usually fire off mass rebuilds might be traveling at that time) 19:08:30 <jwb> sgallagh, you're making my point for me. 19:08:39 <sgallagh> You're welcome? 19:08:46 <nirik> kalev: sure works for me for tenative. ;) 19:09:11 <sgallagh> Anyone opposed, or shall I just #info that? 19:09:32 <t8m> sgallagh, go ahead 19:09:55 <sgallagh> #info Tentative date for side-tag merge is 2015-01-28 19:10:05 <sgallagh> #info Tentative date for mass rebuild (if needed) is 2015-01-30 19:10:20 * jreznik will add it to the schedule 19:10:30 <sgallagh> jreznik: Tentative date for side-tag merge is 2015-01-28 19:10:37 <sgallagh> (In case you missed it) 19:10:43 <jreznik> ok 19:10:51 <mitr> Do we need a more targeted announcement to the side-tag owners? 19:11:21 <sgallagh> I think we need to make a devel-announce posting regarding the schedule in general (particularly the stricter contingency enforcement) 19:11:23 <jreznik> mitr: I can add it into the schedules reminder I'm going to send 19:11:40 <jreznik> sgallagh: that's of course going to be part of ^^^ 19:11:51 <sgallagh> OK, I'll leave it to you, then 19:12:01 <t8m> Just for a note I think we should probably move the Change submission and review process of Fn to be in parallel with the Fn-1 finalization. This is too tight deadline. 19:12:02 <jreznik> but tomorrow 19:12:05 <sgallagh> #action jreznik to send schedule reminder announcement 19:12:11 <t8m> but that's for F23 19:12:35 <sgallagh> t8m: Usually it would be, but we were really close to the holidays with F21 19:12:42 <sgallagh> And everyone was burned out 19:12:49 <jreznik> t8m: just f21 broke everything we do but for f22/f23 we will be in better situation 19:12:59 <jreznik> sgallagh was faster 19:13:00 <mitr> t8m: We do accept change proposals much earlier (like we did discuss dnf for F22). 19:13:22 <mitr> It’s just that they mostly arrive before the deadlines ☺ 19:13:27 <jreznik> and /me delayed it a bit too :( 19:13:50 <jreznik> mitr: that's another point, day before deadline is the right time to start writing change page :) 19:14:08 <sgallagh> OK, so we didn't formally agree on the current schedule, but it sounds like we're good with it? 19:14:20 <jwb> yes 19:14:22 <t8m> sgallagh, +1 19:14:27 <kalev> yep 19:14:29 * nirik nods 19:14:39 <thozza> yes 19:14:57 <mattdm> yes 19:15:02 <mitr> Yes 19:15:08 <sgallagh> #agreed FESCo approves the current proposed schedule with a planned final delivery on 2015-05-19 (+8, 0, -0) 19:15:19 <sgallagh> (including my implied +1) 19:15:56 <sgallagh> Given the time, do we want to punt on the EOL and replacement tickets this week and get to the Changes? 19:16:08 <jwb> yes 19:16:23 <kalev> let's 19:16:40 <jreznik> well, for EOL - if you can comment in the ticket, would be great 19:16:46 <sgallagh> #topic #1198 Possible changes to Fedora EOL bug procedure 19:16:46 <sgallagh> #info FESCo punted on this until next meeting 19:16:47 <sgallagh> #topic #1326 change to fesco replacement process? 19:16:47 <sgallagh> #info FESCo punted on this until next meeting 19:16:48 <jreznik> especially that warning part 19:16:57 <sgallagh> #topic #1378 F22 System Wide Change: Elasticsearch - https://fedoraproject.org/wiki/Changes/Elasticsearch 19:16:57 <sgallagh> .fesco 1378 19:16:58 <zodbot> sgallagh: #1378 (F22 System Wide Change: Elasticsearch - https://fedoraproject.org/wiki/Changes/Elasticsearch) – FESCo - https://fedorahosted.org/fesco/ticket/1378 19:17:08 <t8m> sgallagh, shouldn't there be FESCo elections just now? 19:17:18 <jreznik> so actually I'd prefer EOL first than changes 19:17:25 <sgallagh> #undo 19:17:25 <zodbot> Removing item from minutes: <MeetBot.items.Topic object at 0x7959090> 19:17:26 <sgallagh> #undo 19:17:27 <zodbot> Removing item from minutes: INFO by sgallagh at 19:16:47 : FESCo punted on this until next meeting 19:17:27 <jreznik> t8m: it was my topic for open floor 19:17:28 <sgallagh> #undo 19:17:28 <zodbot> Removing item from minutes: <MeetBot.items.Topic object at 0xaf72090> 19:17:31 <sgallagh> #undo 19:17:31 <zodbot> Removing item from minutes: INFO by sgallagh at 19:16:46 : FESCo punted on this until next meeting 19:17:41 <sgallagh> #undo 19:17:41 <zodbot> Removing item from minutes: <MeetBot.items.Topic object at 0xe0dbcd0> 19:17:46 <sgallagh> #topic #1198 Possible changes to Fedora EOL bug procedure 19:17:52 <sgallagh> /me rewinds 19:18:01 <mattdm> okay so this is in progress 19:18:13 <t8m> jreznik, I am ok with your proposal to the EOL bug procedure 19:18:15 <jreznik> to make it fast - due to my faulty brain, I messed warning part that should run before break 19:18:37 <mattdm> jreznik there was some mail from you when I was on vacation about the CLOSED:EOL name problem <- my fault 19:18:40 <sgallagh> .fesco 1198 19:18:42 <zodbot> sgallagh: #1198 (Possible changes to Fedora EOL bug procedure) – FESCo - https://fedorahosted.org/fesco/ticket/1198 19:18:46 <jreznik> and we're already EOL - do we want to run short warning? or proceed with clossure? 19:18:51 <jreznik> mattdm: it's fixed now 19:18:58 <jreznik> so CLOSED:EOL is now fixed, it's EOL 19:18:59 <mattdm> jreznik: awesome thanks for taking care of that 19:19:10 <mattdm> do we have the changes in place which allow people to reopen? 19:19:30 <jreznik> other stuff like only selected user can use EOL resolution means coding on BZ side, they are looking on it 19:19:35 <kalev> if we have the changes in place that allow reopening EOL tickets, I'd go directly to closing 19:19:48 <nirik> jreznik: I never saw a reply to your thing about a group perm for EOL. Did that get sorted? 19:19:53 <t8m> I don't think we have. 19:20:01 <jreznik> mattdm: that's what I'm not sure, would be nice to check 19:20:09 <mattdm> n.b. the plan is that the EOL tickets can be reopened but need to be changed to a newer version in the process 19:20:19 <jreznik> nirik: the answer from BZ team was that it probably needs some coding on BZ side 19:20:27 <nirik> jreznik: ok. ;( 19:20:29 <mattdm> the person who said it would be no problem a year ago now has bouncing email so i assume has left rh 19:20:39 <nirik> can we not test with partner-bugzilla? 19:21:05 <jreznik> nirik: we can probably test on some of victim bugs... there are many to try it :) 19:21:22 <mattdm> remainig respondants still seemed amenable to doing it, though. :) 19:21:37 <mattdm> proposal: send EOL warning now, wait until those scripts are in place to actually close 19:21:48 <jwb> sure 19:21:58 <jreznik> I'm just thinking - if we remove F19 from the list of versions and someone reopens bug - what happens? is it still the same version or it forces it to the newer version? 19:22:05 <nirik> well, partner-bugzilla has the advantage of not sending any emails. ;) 19:22:11 <jreznik> mattdm: yeah, that was my proposal 19:22:21 <nirik> jreznik: we don't remove the version... they are all still there back to fc1. 19:22:29 <jreznik> nirik: I have flag in my script not to send mails (it's in XML RPM) 19:22:31 <jreznik> RPC 19:23:12 <mattdm> jreznik: you mean without additional scripting? I think it just leaves version same. 19:23:15 <jreznik> mattdm: for sending EOL warning - month period? to sort it out or shorter? 19:23:35 <mattdm> jreznik: You talked to the bugzilla people more recently. what do you think? 19:23:47 <jreznik> mattdm: should be easy to try it, I'll check tomorrow or anyone faster pls comment in ticket 19:24:00 <mattdm> (also, I kind of think not sending email defeats half the purpose.) 19:24:10 <nirik> mattdm: just for testing... not the real thing 19:24:17 <jreznik> mattdm: not sending mails for testing only 19:24:18 <mattdm> nirik: ah okay good :) 19:24:34 <jreznik> or I can test on my own bugs 19:24:45 <jwb> need to drop for one second. back shortly 19:25:06 <jreznik> mattdm: well, from all comments seems like it will need additional coding and I'm not sure we can get it anytime soon... 19:25:16 <jreznik> at least for EOL clossure 19:25:32 <jreznik> so let's go with month notice warning now, I can start tomorrow 19:25:38 <mattdm> jreznik: +1 19:25:40 <jreznik> and do some testing what's possible in current bz 19:25:46 * nirik thinks a month is a bit long. 19:25:56 <t8m> jreznik, +1 19:25:57 <sgallagh> Two weeks? 19:25:59 <nirik> but I guess it doesn't matter too much... 19:26:06 <jreznik> f14/f15 was closed after several years :) 19:26:31 <jreznik> nirik: if some changes will be needed in bz, it's not too long 19:26:39 <nirik> true... ok, a month it is then 19:26:53 <kalev> for what it's worth, I personally just delete all the bugmail over the days of the EOL notices and hope that nothing important gets deleted along with the EOL spam 19:27:22 <sgallagh> /me just applies a filter 19:27:37 <jreznik> kalev: percentage of people who really reacts is pretty low but maybe better than nothing 19:27:39 <nirik> anyhow, move on now? 19:27:39 <sgallagh> Anyway, ok. Send warning today, close in a month 19:27:47 <jreznik> sgallagh: yep 19:27:50 <mattdm> kalev: yeah, kind of painful for packagers with a lot of open bugs. +1 to filter. the emailed notice _hopefully_ gives users who care a reminder to retest. 19:27:57 <jreznik> and with mattdm we will follow up with bugzilla guys 19:28:14 <sgallagh> #info F19 EOL warning will be sent today. We will auto-close all remaining bugs in one month. 19:28:23 <sgallagh> #topic #1378 F22 System Wide Change: Elasticsearch - https://fedoraproject.org/wiki/Changes/Elasticsearch 19:28:23 <sgallagh> .fesco 1378 19:28:24 <zodbot> sgallagh: #1378 (F22 System Wide Change: Elasticsearch - https://fedoraproject.org/wiki/Changes/Elasticsearch) – FESCo - https://fedorahosted.org/fesco/ticket/1378 19:28:31 <nirik> +1 19:28:46 <t8m> +1 19:29:02 <jwb> +1 19:29:03 <kalev> +1 19:29:12 <sgallagh> I'm somewhat nervous about this, honestly. 19:29:19 <mitr> +1, though a little worried whether everyone will be able to keep all of the packages in sync over time. 19:29:21 <thozza> sgallagh: why? 19:29:49 <sgallagh> The Change proposal is really vague. 19:30:05 <mitr> Or rather, having _only_ ElasticSearch like this but having every package maintain manual bilateral keep-in-sync arrangements with every used dependency would be untenable. 19:30:38 <sgallagh> Yeah that was the other part. There's basically no way we can hold Fedora packages on strict versions to support this. 19:30:50 <mattdm> Right, this is a prime example of the tradeoff we get with strict no-bundling policies. 19:31:01 <jreznik> mitr: yep, but it's about fine-tuning performance, so maybe it's not going to be that needed unless someone needs top performance (and it does not break stuff) 19:31:07 <sgallagh> I'd rather reject this for F22 and have them work tightly with the Env/Stacks group for a better F23 plan. 19:31:10 <mitr> Sadly? the practice of library$version packages has become very widespread so there is ample precedent that it is _possible_. 19:31:28 <jreznik> sgallagh: SCLs would be great for such change... 19:31:39 <sgallagh> Sure... that's not going to happen for F22, last I checked. 19:31:44 <thozza> sgallagh: that sounds reasonable 19:31:51 <jwb> i +1'd this with the full expectation that we'd have to +1 some bundling exceptions for it 19:31:52 <mitr> sgallagh: ISTM that the worst case is that one of the dependencies or users will lose a maintainer and the entire stack will be removed, which is IMHO not bad enough to reject the Change. 19:31:57 * nirik hopes that packaging it up in fedora would help upstream be better about the exacting versions stuff too 19:32:15 <sgallagh> jwb: If that's an expectation, we should state it outright. 19:32:20 <kalev> we can also allow bundling for some stuff if it's too painful to keep the versions in sync otherwise 19:32:22 <jwb> ok. i just did :) 19:32:37 <jwb> or SCLs might work 19:32:56 <sgallagh> mitr: No, the worst case is that we can't upgrade to a newer version of one of the deps because Elasticsearch is holding it back. 19:33:02 <thozza> kalev: I would not state it explicitly now 19:33:19 <nirik> sgallagh: then if there is enough pressure, it can update and ES can make a compat package 19:33:28 <mattdm> jwb: so this would include a request to FPC to allow bundling exceptions for this package? 19:33:50 <jwb> mattdm, if we think it's inevitable, yes. i was simply saying i expect it to happen, not that it will happen 19:33:59 <mattdm> sgallagh: and let's say that the new version fixes a security problem that there's no patch for in the old version... 19:34:17 * nirik doesn't know that it will happen, hard to say without closer looking at all the stuff involved or talking to the feature owner 19:34:19 <sgallagh> mattdm: I know, this is an old argument. 19:34:23 <thozza> mattdm: why do we want to approve it before it even happened? 19:34:28 <kalev> then someone would have to do the usual dance of backporting the patch 19:34:34 <jreznik> on devel list, compat packages were mentioned and it should be easy for java packages... java guys says they have very good support and it's easy 19:34:57 <t8m> jreznik, +1 19:34:59 <sgallagh> I'm okay with approving it with a blanket exception to the bundling policy 19:35:03 <mattdm> jreznik: thanks -- I haven't caught up on devel list yet. That makes me feel better about it. 19:35:05 * nirik steps away for a min for more coffee. 19:35:10 <sgallagh> Provided that FPC accepts that 19:35:20 <sgallagh> (or accepts our authority to decide that, I should say) 19:35:23 <t8m> sgallagh, I don't agree with such blanket exception 19:35:27 <mitr> sgallagh: I’d much rather not have that blanket exception. Compat packages are better. 19:35:35 <t8m> mitr, +1 19:35:41 <thozza> mitr: +1 19:35:50 <mattdm> So should we ask for compat packages as the contingency plan? 19:35:55 <mitr> (And they are a bigger hurdle to motivate people to keep with one version :) ) 19:36:16 <mitr> mattdm: The contingency plan for F22 is very plausibly “not ship it”, that’s the easy part 19:36:29 <jwb> i find compat packages to be amusing 19:36:56 <jwb> they avoid "bundling" by making it possible so that everyone can share all the same CVEs that can't be fixed in that old version. 19:36:57 <sgallagh> There's no contingency plan listed at all right now 19:37:23 <mattdm> sgallagh: right. and as per above, we should not approve this without one. 19:37:30 <sgallagh> yes 19:37:43 <jreznik> change owner is going back in two weeks 19:37:57 <mitr> jwb: They are clearly better than >1 bundled copy in that respect. No, they don’t ensure vulnerabilities get fixed. 19:37:59 <sgallagh> going back? 19:38:00 <jwb> oh, i missed that they didn't add a contingency plan. my mistake 19:38:29 <jreznik> and my mistake too not checking it properly 19:38:39 <jreznik> sgallagh: he's out for a few weeks 19:38:40 <jwb> i'm changing my vote to a -1 19:38:40 <mattdm> There is some text in the contingency plan section, but it's basically _risks_, not fallback positions 19:39:01 <jreznik> well, fallback is easy - no elasticsearch 19:39:09 <sgallagh> I'm going to stick with -1. As written, I don't want to accept this. 19:39:11 <mitr> I could keep the +1 with assumption that the contingency is “package does not added”, but sending this back for a revision wouldn’t hurt that much. 19:39:25 <t8m> same as mitr 19:39:27 <jreznik> mitr: yeah, I ask to fix it and resend 19:39:30 <sgallagh> jreznik: Well, it may in fact have an effect on what versions of it deps we would ship. 19:39:49 <mattdm> +1 send back for revision. correction of a few typos (I assume that's not "rehat.com", right?) woudln't hurt either :) 19:40:03 <sgallagh> I'd really rather see this fleshed our with the Env/Stacks group for a few months and re-proposed for F23 19:40:07 * jreznik already fixed a few typos there 19:40:27 <mitr> So, send back for 1) contingency plan revision? or 2) completely change of approach? 19:40:35 <mitr> (I am +1 -1 at the moment) 19:40:55 <kalev> mitr: I'm +1 -1 too 19:40:55 <mattdm> elasticsearch is cool and it'd be _nice_ to have it, but, yeah. 19:40:56 <nirik> sure, we should require a contingency plan... 19:41:03 <thozza> mitr: +1 19:41:12 <mattdm> I don't see a COPR -- that would make a good proving ground. 19:41:24 <t8m> mitr, I am +1 -1 as well 19:41:29 <thozza> mattdm: yes, that would be great 19:41:30 <sgallagh> I *really* want this to get used to solve the wider problem of "big packages with tight dep requirements". Hence why I want to make this an Env/Stacks problem. 19:41:49 <sgallagh> It gives them a specific mission to accomplish, rather than generic solutions 19:42:05 <jwb> them being who? 19:42:09 <jwb> Env/Stacks? 19:42:11 <sgallagh> jwb: Env/Stacks 19:42:22 <nirik> I'm not sure what this wider solution would be... 19:42:34 <jwb> seems like a good challenge for them, but i don't think it's fair to the Elastic packagers 19:42:37 <t8m> I don't think we should take a Change for a hostage 19:42:41 <jwb> and i don't see why it can't be done in parallel 19:42:49 <t8m> jwb, +1 19:43:07 <sgallagh> Because history shows that it won't be. ES will get whatever exceptions it needs and ignore Env/Stacks. 19:43:08 * nirik nods 19:43:12 <mattdm> yeah I agree with parallel, as long as there are people interested in actually working on parallel approaches. 19:43:33 <jwb> sgallagh, if packagers can ignore a WG, they can ignore the FPC, FESCo, and pretty much anyway 19:43:36 <nirik> right, all we know now is someone is willing to work on packaging it. 19:43:37 <jwb> er, anyone 19:43:48 <jwb> so it's up to us to give them incentive to work with Env/Stacks for an F23 solution 19:43:57 <jwb> while not arbitrarily holding them up 19:44:14 <jwb> and if that incentive is "if you ignore Env/Stacks, we punt your package", well... 19:44:28 <thozza> they can always use COPR in the meanwhile 19:44:35 <jwb> they could, this is true 19:44:48 <nirik> I don't think threatening them is good... 19:44:56 <mattdm> So, as I read this, I think the change request is mostly a request for FESCo to ask the maintainers of the relevant dependencies to coordinate on versions. 19:44:59 <mitr> thozza: yes but they don't need a Change for that at all and it won’t make the result a part of the distro. 19:45:01 <sgallagh> I don't want to threaten them. 19:45:04 <mitr> mattdm: yes 19:45:11 <jwb> nirik, no, but assumign they're going to ignore Env/Stacks isn't good either. 19:45:15 <sgallagh> Though I admit, it would probably come across that way 19:45:17 <mattdm> I think that's _fine_, but we'd like a better long-term framework for doing things like this in ways that scale. 19:45:22 * jreznik has to move to phone - ping me if needed... one topic for open floor - elections 19:45:23 <thozza> mitr: that's why it is "in the meanwhile" 19:45:57 <mitr> sgallagh: OTOH the combined constraints of (Env/Stacks + FPC) have so far made the possible solutions about zero, and FESCo telling others “wait for this zero-solution problem to be solved” would mostly add to the frustration without making a solutino more likely. 19:46:07 <nirik> we could ask nicely for them to talk to env and stacks group and vice versa... but I don't think we should hold up packaging for it 19:46:20 <t8m> nirik, +1 19:46:37 <kalev> nirik: yes, I don't think we should hold up packaging for this either 19:47:30 <sgallagh> My major concern is the potential for "locking" package versions. 19:47:45 <mitr> mattdm: <tired>The right long-term framework is to only use, and only write, OS libraries with full ABI stability using symbol versioning and whatever other very-work-intensive solutions that requires. Without that there will be gazillions of versions and we will have no choice but to package them, and then _how_ we package them is a trivial issue compared to the workload necessary to package them in _any_ way</tired> 19:47:52 <sgallagh> I don't believe (from this Change page) that the proposers have a sufficient plan in place for avoiding that. 19:48:11 <jwb> sgallagh, so vote -1, tell them to address it in an update and resubmit 19:48:23 <sgallagh> jwb: I thought I said that ten minutes ago... 19:48:26 <mattdm> yep. let's do that and move on to the next thing :) 19:48:30 <jwb> then why are we still talking about this? 19:48:35 <mattdm> meeting fatigue is setting in 19:48:43 <jwb> proposal: STOP TALKING ABOUT THIS 19:48:48 <t8m> mattdm, it looks like that 19:48:56 <jwb> i have to leave in like 3 minutes for good this time 19:49:04 <mitr> So, to simplify: 19:49:16 <mitr> Proposal: The approach is OK, please resubmit with a real contingency plan. 19:49:19 <mitr> yes?no? 19:49:22 <t8m> mitr, +1 19:49:22 <sgallagh> I'm -1 on the grounds that there's no contingency plan and no clear mechanism for avoiding package locking. 19:49:23 * mitr is +1 19:49:29 <thozza> mitr: +1 19:49:52 <nirik> mitr: +1 19:50:01 <kalev> mitr: +1 19:50:04 <jwb> +1 i think 19:50:34 <sgallagh> mattdm: ? 19:50:40 <mattdm> mitr: +1. If contingency plan involves new compat packages or similar, needs to specify who will actually do that 19:50:50 <mitr> (For the record I would stop short of saying “this approach is recommended”, sgallagh does have valid concerns.) 19:51:03 <sgallagh> #agreed Change is approved. The approach is OK, please resubmit with a real contingency plan. (+7, 0, -1) 19:51:28 <sgallagh> #topic #1379 F22 System Wide Change: Change xorg input stack to use libinput - https://fedoraproject.org/wiki/Changes/LibinputForXorg 19:51:28 <sgallagh> .fesco 1379 19:51:29 <zodbot> sgallagh: #1379 (F22 System Wide Change: Change xorg input stack to use libinput - https://fedoraproject.org/wiki/Changes/LibinputForXorg) – FESCo - https://fedorahosted.org/fesco/ticket/1379 19:51:35 <mitr> 2 concerns: 19:51:53 <mitr> 1) KKofler mentioned that KDE has a synaptics control panel; do we know who will take care of porting it? 19:52:29 <mitr> 2) The contingency plan says “switch back to old drivers”; I would just like to make sure that the updated/patched control panels will continue working 19:52:50 <mitr> (/me apologizes for not raising 2) before, still recovering from a long PTO and email outage) 19:52:53 <nirik> on 2... probibly need to add that those would have to be reverted too 19:53:59 <sgallagh> Let's add 1) as a contingency-plan trigger (if either KDE or GNOME isn't fixed by contingency date, it goes into effect) 19:54:13 <nirik> yeah, they are both release blocking. ;) 19:54:24 <mitr> works for me 19:54:34 <sgallagh> Right, but I want to make it clear that it's not up to KDE to play catch-up after contingency dare 19:54:36 <sgallagh> *date 19:54:51 <t8m> sgallagh, +1 19:54:57 <kalev> works for me too, good idea to specify this 19:54:58 <kalev> +1 19:55:09 <mattdm> +1 to that. It looks like the contingency plan is an easy switch back 19:56:12 <nirik> +1 19:56:15 <sgallagh> proposal: Approved with two caveats: 1) Both GNOME and KDE must be updated by the contingency date or it goes into effect and 2) the contingency plan should note that it will may reverting changes to the control panels as well. 19:56:25 <mitr> sgallagh: +1 19:56:28 <mattdm> sgallagh: +1 19:56:33 <sgallagh> +1 19:56:36 <kalev> sgallagh: +1 19:56:41 <thozza> sgallagh: +1 19:57:10 <t8m> sgallagh, +1 19:57:46 <sgallagh> #agreed Approved with two caveats: 1) Both GNOME and KDE must be updated by the contingency date or it goes into effect and 2) the contingency plan should note that it will may require reverting changes to the control panels as well. (+7, 0, -0) 19:57:57 <sgallagh> (I assumed that nirik's +1 carried over. Correct me if I'm mistaken) 19:58:00 <nirik> yeah, +1 19:58:15 <sgallagh> Last one: 19:58:16 <sgallagh> #topic #1380 F22 System Wide Change: wxPython 3 - https://fedoraproject.org/wiki/Changes/wxPython3 19:58:17 <sgallagh> .fesco 1380 19:58:18 <zodbot> sgallagh: #1380 (F22 System Wide Change: wxPython 3 - https://fedoraproject.org/wiki/Changes/wxPython3) – FESCo - https://fedorahosted.org/fesco/ticket/1380 19:58:22 <mitr> +1 19:58:27 <nirik> +1 19:58:47 <kalev> +1 19:58:50 <sgallagh> +1 19:58:55 <thozza> +1 19:58:57 <t8m> +1 19:59:06 <sgallagh> Though I question why they have a separate contingency deadline... 19:59:21 <sgallagh> Beta freeze is probably too late. 19:59:48 <mattdm> oh geez i used to maintain this package and I'm glad someone else does now :) 19:59:48 <t8m> sgallagh, +1 20:00:28 <sgallagh> Addendum to the acceptance: must meet the same contingency date as everything else? 20:00:43 <mattdm> sgallagh: +1 to that addendum 20:00:51 <thozza> sgallagh: +1 20:00:56 <kalev> +1 20:00:57 <mattdm> I'm -1 overall otherwise. 20:01:12 <nirik> +1 to that... 20:01:52 <mitr> sgallagh: What do you mean by "separate" deadline? Beta freeze is the standard one. 20:02:21 <sgallagh> mitr: "2015-02-24: Change Checkpoint: Completion deadline (testable)" 20:02:51 <sgallagh> I mean that any dependent rebuilds need to be done by Alpha. 20:02:58 <sgallagh> Bugs can be fixed until Beta before reverting. 20:03:07 <t8m> sgallagh, +1 to the addendum 20:03:20 <mitr> sgallagh: but contengency deadline is “When is the last time the contingency mechanism can be put in place?” 20:03:30 <mitr> That change checkpoint still applies 20:03:30 <sgallagh> Good point. 20:03:39 <sgallagh> Sorry, getting tired. 20:03:47 <sgallagh> My addendum is therefore completely redundant. 20:03:47 <mitr> (Though, to be fair, I was equally confused and thinking the same thing as you about what the deadline means.) 20:04:30 <mattdm> meeting fatigue strikes again! 20:04:45 <sgallagh> #agreed Change is approved. (+7, 0, -0) 20:04:53 <sgallagh> #topic Next week's chair 20:05:01 <sgallagh> /me tosses the grenade 20:05:10 <sgallagh> Who's going to fall on it this week? 20:05:23 <jreznik_pp> Btw elections should start soon 20:05:38 <mattdm> jreznik_pp: -> next open floor topic? 20:05:47 * mattdm looks around shifty-eyed 20:05:59 <mattdm> okay fine I'll do it :) 20:06:14 <sgallagh> #info mattdm to chair next week's meeting 20:06:18 <jreznik_pp> Oops, sorry, I saw grenade on this meeting, not chair, heh 20:06:19 <sgallagh> #topic Elections 20:06:33 <jreznik_pp> Draft is on elections page 20:06:39 <sgallagh> link? 20:06:47 <jreznik_pp> I'm on phone 20:07:08 <jreznik_pp> http://fedoraproject.org/wiki/Elections 20:07:12 <sgallagh> #link https://fedoraproject.org/wiki/Elections 20:07:48 <jreznik_pp> No FAmSCo this time but env and stacks 20:08:07 <jreznik_pp> Mattdm, pls take a look 20:08:16 <nirik> seems fine to me 20:08:22 * mattdm looking 20:08:35 <jreznik_pp> We will need announcement ;-) 20:08:40 <sgallagh> Sounds good to me 20:08:46 <mattdm> yeah looks good to me too 20:08:56 <mattdm> jreznik_pp: you want annoucnement from me or you wanna do it? 20:09:16 <jreznik_pp> I don't mind doing it 20:09:39 <mattdm> jreznik_pp: help yourself :) 20:09:50 <mattdm> I can help with Fedora Magazine again. 20:10:02 <jreznik_pp> Ok 20:10:14 <jreznik_pp> We will sync over next few days 20:10:21 <mattdm> FTR I don't plan to run again. It's been fun. :) 20:10:43 <jreznik_pp> All from me today 20:10:55 <jreznik_pp> Time to get off the bus 20:11:17 <sgallagh> Any opposition to the proposed election schedule? 20:11:20 <nirik> mattdm: it's like you're busy with other stuff or something. ;) 20:11:40 <t8m> sgallagh, no 20:11:57 <sgallagh> #info Elections will open for nominations on January 13th. Voting will open on January 27th. 20:12:03 <sgallagh> #topic Open Floor 20:12:57 <sgallagh> Anything, or are we all well and truly out-meetinged? 20:13:03 * mattdm falls over 20:13:14 <t8m> completely 20:13:26 <thozza> end it :) 20:13:27 <sgallagh> Thanks for sticking it out this far, folks 20:13:30 <sgallagh> #endmeeting