18:01:28 #startmeeting FESCO (2015-03-11) 18:01:28 Meeting started Wed Mar 11 18:01:28 2015 UTC. The chair is thozza. Information about MeetBot at http://wiki.debian.org/MeetBot. 18:01:28 Useful Commands: #action #agreed #halp #info #idea #link #topic. 18:01:28 #meetingname fesco 18:01:28 #chair ajax dgilmore jwb mitr nirik paragan rishi thozza sgallagh 18:01:28 #topic init process 18:01:28 The meeting name has been set to 'fesco' 18:01:28 Current chairs: ajax dgilmore jwb mitr nirik paragan rishi sgallagh thozza 18:01:33 Hello 18:01:37 * ajax waves 18:01:37 hi all 18:01:40 morning 18:01:42 hi 18:02:08 hello 18:02:35 will wait a minute and start 18:03:34 ok, let's start 18:03:37 #topic #1412 anaconda password change is causing consternation among the user community please review this policy decision 18:03:37 .fesco 1412 18:03:39 thozza: #1412 (anaconda password change is causing consternation among the user community please review this policy decision) – FESCo - https://fedorahosted.org/fesco/ticket/1412 18:03:58 we have a proposal from sgallagh 18:04:06 Proposal: Request a Freeze Exception to include it in the Alpha release if it becomes available, otherwise get to it in Beta. 18:04:10 hi, I am here to answer possible questions about libpwquality. 18:04:20 +2 votes in the ticket 18:04:30 that sounds fine, +1 18:04:34 * nirik reads up. I didn't see a proposal? 18:04:44 Alpha is out the door. i thought we thawed between Alpha and Beta? 18:04:45 comment 38 18:04:47 or did we stop doing that 18:05:01 we do/did. 18:05:11 then i don't think an exception is needed? 18:05:26 heh, indeed 18:05:29 hola 18:05:34 jwb: well, the proposal is 7 days old 18:05:36 right, as long as it's in before beta freeze. 18:06:01 thozza, ok. but my point is that it wasn't acted on in a timely manner and is now irrelevant :) 18:06:11 jwb: right 18:06:18 Alpha is out, it should make Beta 18:06:31 I somehow missed it. possibly thinking it was just part of the agreed from last week or something. 18:06:37 where it is the change fesco requested. did anybody look to see if that is done? 18:06:44 jwb: we freely allow updates between Alpha and Beta 18:06:56 jwb: ajax asked... they said they would do it as a local patch to f22... 18:07:16 * nirik looks 18:08:09 although, I think they generate/keep the spec in their git, so really it's not going to be possible to do in just pkgs... 18:08:11 http://pkgs.fedoraproject.org/cgit/anaconda.git/log/?h=f22 has last commit 7 days ago 18:09:02 so, aside that stuff, how can we move forward with a more overall policy? try and gather people who have time/inclination to work on it? 18:09:15 imho the enforcement of score > 50 or whatever the value anaconda uses was nonsense and they should have asked me at least before they switched it on 18:09:42 t8m: what should it be? 0? 18:09:49 nirik: Only having a local patch on the F22 branch is kind of forcing our hand :) 18:09:49 (in your opinion) 18:10:12 mitr, if said patch existed 18:10:30 nirik, if exception is not returned then it should be allowed and the score should be just informative value 18:10:35 mitr: I think they wanted to do that to force us to actually come up with a policy before f23... 18:10:39 jwb: Right. Do we want to explicitly file a Beta blocker bug? 18:10:59 bug is a good idea, yes. . 18:11:06 nirik, IMHO even the exception should be overridable but that is a different debate 18:11:27 ok, I can do the bug 18:11:59 basically requesting to get back to the double-click state, right? 18:12:07 yes 18:12:18 readd the ability to click done twice to accept any password, yes. 18:12:39 #action thozza to file a beta blocker bug for anaconda to get back to double-click for weak passwords 18:12:56 #info the proposal in the ticket is outdated since the alpha is already out. The change should go into beta. 18:13:14 ok, can we move on, or want to discuss the topic more? 18:13:59 alright, since I hate just leaving this sitting around with nothing happening on it, I will try and come up with a list of stakeholders and use cases and see if I can get everyone to meetup/discuss a overall policy. 18:14:18 I'll start with a wiki page probibly, help welcome. 18:14:32 * nirik doesn't have time, but screw it, this needs to get addressed. 18:14:37 nirik: thanks 18:14:39 nirik, cc me please 18:14:50 t8m: definitely will include you... 18:15:36 #action nirik to start a wiki page for discussion around the overall password policy 18:15:58 ok, let's move on then 18:16:01 sure 18:16:07 #topic #1420 policy change: admins (non-POC) should be able to retire packages 18:16:07 .fesco 1420 18:16:08 thozza: #1420 (policy change: admins (non-POC) should be able to retire packages) – FESCo - https://fedorahosted.org/fesco/ticket/1420 18:16:46 I count +5 in the ticket ( sgallagh, jwb, mitr, pnemande, ajax 18:16:50 i am +1 to this 18:16:53 I'm also +1 18:17:45 #agreed Allow also package admins to retire the package (+7, 0, -1) 18:18:03 let's move on :) 18:18:07 #topic #1421 FESCO Decision on COPR/Playground in GNOME Software 18:18:07 .fesco 1421 18:18:09 thozza: #1421 (FESCO Decision on COPR/Playground in GNOME Software) – FESCo - https://fedorahosted.org/fesco/ticket/1421 18:18:50 Sorry I'm late, folks. 18:18:53 I meant to reply to sgallagh's last comment there, but haven't had time yet... ;) 18:19:11 I count +5 in the ticket 18:19:30 sgallagh: we are discussing https://fedorahosted.org/fesco/ticket/1421 18:19:37 I am +1, but I think we should look at mirroring options 18:19:52 thozza: Thanks 18:19:56 IMHO, copr repo files should also include skip-if-unavailable. That would help mitigate any issues with mirroring, etc. 18:20:13 nirik: sounds reasonable 18:20:57 I think adding mirroring might be good down the road, but might not be needed for initial rollout. 18:21:16 there's currently 451GB of copr rpms. 18:21:53 AFAICS the proposal is not at all to include repo files for all of that 18:22:01 No, absolutely not. 18:22:01 i wonder how many could be cleaned up 18:22:05 right. only a small curated subset. 18:22:22 also note that with this policy change we would allow any such packages right? 18:22:27 But whether that distinction can be made for mirrors is a valid question 18:22:42 so, I could make, get reviewed and added a 'junk-from-coprs' package with all the repo files I want? 18:22:46 nirik: Sorry, can you rephrase that? It was unclear what we would allow. 18:23:36 Hmm, good point. That wasn't the intent, but it's not clearly spelled out. 18:23:40 ie, this wouldn't allow just workstation folks to add something, but anyone right? 18:23:56 technically, yes 18:23:56 we could add a 'get a approval from fesco' or something. 18:24:03 Maybe too technical an answer, but we should probably keep the list to subpackages of the fedora-repos package 18:24:15 nirik: do we want to have the .repo files ship as a subpackage of fedora-repos fedora-repos-copr ? 18:24:32 But yeah, a generic answer of "Approval from FESCo or those FESCo delegates" is probably valid. 18:24:33 we could do that, but it might mean changing that somewhat often? 18:24:42 dunno how much they would change over releases. 18:24:50 And figure out the technical solution from there 18:24:54 this seems somewhat unnecessary at this point 18:24:55 me doesn't know either 18:25:16 sgallagh: delegating this to subpackages of fedora-repos seems very reasonable to me 18:25:17 right, these are technical details mostly. ;) can do them out of meeting? 18:25:26 jwb: you mean the need to approve repos? 18:25:37 nirik: Mostly, but one thing to agree on. 18:25:52 thozza, the necessity to make it a subpackage of fedora-repos 18:26:02 right 18:26:03 thozza, also, in part, the need to approve them 18:26:08 Add language around "Approval from FESCo or those FESCo delegates is required for adding a repo to the Fedora Collection" 18:26:12 because i would expect the WGs to curate their own sets 18:26:20 Where "delegates" basically amounts to WGs 18:26:31 sure. I was speaking to initially entering the collection. 18:26:39 sgallagh, then remove FESCo and say "WGs" 18:27:06 unless it's a copr for nonproduct related stuff? 18:27:12 Well, I was willing to leave that open to more interpretation, but ok: "Approval from FESCo or the WGs is required for adding a repo to the Fedora Collection" 18:27:23 nirik: In which case that goes to FESCo 18:27:25 'a repo' ? 18:27:35 s/a repo/a repo file./ 18:27:36 nirik, this is why i think we're adding a restriction prematurely. 18:27:36 a package containing copr repos 18:27:58 jwb: could be. It might be no one wants to add anything else. 18:28:15 i think you are all forgetting that just because a package exists does not mean it will be installed by default 18:28:15 proposal: "Approval from FESCo or the WGs is required for adding a package containing a repo file to the Fedora Collection" 18:28:20 sgallagh, -1 18:28:39 this is unnecessary overhead in my opinion 18:28:53 ok, jwb convinced me. :) until there's an issue... 18:28:55 jwb: I think by default we want packages in Fedora proper; so without someone coming forward with a specific use case or class of use cases for using this copr mechanism I would not want to open the floodgates (if only because the right thing might be to refuse the request and get Fedora proper changed instead) 18:29:00 sgallagh: +1 18:29:24 sgallagh: nitpicking s/adding a package containing a repo file/packaging a repo file into a package/ 18:29:26 so, -1, lets not bother for now. 18:29:27 mitr, we will have to disagree. 18:29:44 Allow me to rephrase again: 18:29:51 sgallagh: Do we want the default-disabled as a requirement in there? 18:29:57 sgallagh, also, your language is confusing. the ticket is limited to COPR repos but you don't specify that 18:30:15 "Approval from FESCo or the WGs is required for packaging a repo file into a package included in the default install set of any Fedora release media" 18:30:37 maybe something like 18:30:37 Proposal: It is OK for RPM distributed within standard Fedora to install COPR repo that is not enabled by default (enabled=0), but has enabled metadata (enabled_metadata=1). The COPR repo file should also include skp_if_unavailable=1. Approval from FESCo or the WGs is required for adding a package containing a COPR repo file to the Fedora Collection. 18:30:42 … we don’t want the default-disabled in there, that is already in https://fedoraproject.org/wiki/Third_Party_Repository_Policy 18:31:15 thozza, i'm fine with everything except the approval part. 18:31:43 jwb: even with the distinction of "on default media"? 18:31:44 jwb: well I don't have problem with that 18:31:47 mitr: thats what we are changing here no? 18:32:10 sgallagh, i don't see it being necessary, even with that distinction 18:32:21 but we should not allow it as a means to get packages that don't conform to packaging guidelines to Fedora just by adding a Fedora package with only repo file 18:32:27 nirik: Ultimately I don’t care that we are redundant; I only wanted to make sure that _something_ requires that, and that is already the case. 18:33:06 mitr: this ticket is to revise that policy. It even mentions that page. ;) 18:33:12 sgallagh: the “on default media” feels too weak to me, though I don’t feel strongly about it. 18:33:31 thozza: but they can just 'dnf copr enable ...' now, why would they bother with a .repo file package? 18:34:05 nirik: right 18:34:12 thozza, trying to craft a rule that grants this request but prevents what you are suggesting is fairly impossible 18:34:26 * nirik is sorry for starting us on this tangent. ;) 18:34:55 I'm fine to just leave it alone and just approve it as originally proposed, then 18:34:58 jwb: given that I agree that the rule does not make sense 18:35:13 Realistically, nothing will end up on the default media without FESCo or the WGs putting it there anyway. 18:35:33 the request, as asked in the ticket, already passes with 5 +1s 18:35:33 (Excluding a rogue provenpackager, but I think someone would notice) 18:35:41 does anyone that voted +1 want to change their vote? 18:35:51 * nirik is fine with the proposal as in ticket. 18:36:05 do we want to add the skip_if_unavailable part? 18:36:06 we can ask releng/interested parties to work out where the package lives, etc. 18:36:10 thozza: The difference is that GNOME Software will start showing the other package; it will no longer be “Google for a project you are specifically looking for, find out that there is a COPR, and run a command” but “search for it in the default UI, click through some nonsense you didn’t read, package is installed”. 18:36:32 thozza: That's an RFE for the COPR folks 18:36:36 Not a requirement for this policy 18:36:49 IMHO 18:36:50 thozza: but only if you have the package(s) installed right? why would you install 'kevins-junk-coprs' ? 18:36:58 sorry, that was for mitr 18:37:07 sgallagh: AFAICS that is a requirement for the .repo file _in the package_, not necessarily in the repo file generated by COP 18:37:15 ok, fine. 18:37:22 nirik: true 18:37:30 If anyone particularly wants to paint that particular shed now, fine. 18:37:50 I suppose it could be a two step thing... 18:38:07 sgallagh: Re skip_if_unavailable, I would be happy enough with noting this in the FESCo ticket and hoping that the appropriate people will notice. 18:38:14 mitr, same. 18:38:18 search gnome-software, see "kevins junk coprs! cure what ales you!" and you install that, then you have more, but i doubt it would hit many people. 18:38:23 I don't see what harm could the skip-is-unavailable do 18:38:23 mitr: +1 18:38:23 Not going to put this for a vote or wordsmith it. 18:38:38 it was proposed as a solution in case COPR can not deal with the load 18:39:32 so 5 votes in the ticket 18:39:45 I'm also +1 for the original proposal 18:39:56 i continue to agree with the +1 i left in the ticket 18:40:12 /me finds it amusing that we spent 30 minutes to discuss a ticket we actually approved async 18:40:23 just to make sure, we agree on: 18:40:24 I love +1's, so I am +1ing my +1 in the ticket. +1. ;) 18:40:27 Proposal: It is OK for RPM distributed within standard Fedora to install COPR repo that is not enabled by default (enabled=0), but has enabled metadata (enabled_metadata=1). 18:40:29 ? 18:40:45 +1 (still) 18:40:45 thozza: Yes 18:40:51 +1 for the count 18:40:57 thozza: Just incorporate comment#0 by reference if you want to be extra precise. 18:41:07 +1 to that as well, finally. 18:41:51 * thozza is counting 18:42:05 +1 again 18:42:18 +1 to above proposal 18:42:34 thozza: -1 there are many places where downloading the copr metadata will cause issues, especially for the bandwidth limited portions of the world 18:42:57 I think users shoudl be able to opt in 18:43:04 you have +5 twice now 18:43:06 I counted +7 sgallagh, nirik, paragan, jwb, thozza, ajax, mitr; dgilmore -1 18:43:32 dgilmore: Compared to the size of the fedora-updates repo, a few COPRs will surely not be noticeable, will they? 18:43:40 (02:19:37 PM) dgilmore: I am +1, but I think we should look at mirroring options 18:43:47 i propose we move on 18:43:53 because we've now approved this twice 18:43:59 jwb: +1 ;-) 18:44:10 sgallagh: I am +1 to shipping the repo files, -1 to having enabled_metadata=1 18:44:24 dgilmore: That's functionally useless. 18:44:31 Anyway, it's approved. Let's move on. 18:44:34 #agreed FESCo agrees with changes proposed in https://fedorahosted.org/fesco/ticket/1421#comment:0 (+7, 0, -1) 18:44:50 #topic Next week's chair 18:44:51 sgallagh: no its not. software centre can give an opt in message that toggles enabled_metadata 18:45:27 any volunteer? :) 18:45:54 I may have a conflict next week, not sure yet. So not I. 18:47:09 I guess I can do it. 18:47:15 nirik: thanks 18:47:26 #action sgallagh to update the Third_Party_Repos wiki page 18:47:34 I'll take care of it 18:47:43 #info nirik to chair next week's meeting 18:47:45 sgallagh: thanks 18:47:52 #topic Open Floor 18:48:19 anyone has business to discuss? 18:49:03 I'm working on redesigning the way per-product config stuff works. 18:49:20 I've sent a first pass at some of the dependent pieces to the rel-eng list. 18:49:32 I'll put together a more comprehensive design and send it to the devel list later this week 18:49:56 With luck, I should be able to eliminate the package-dependency-hell we have in F21 18:50:12 sgallagh: thanks for the info 18:50:24 I've started that wiki page at: https://fedoraproject.org/wiki/User:Kevin/Draft_Passwordpolicy 18:50:37 feel free to dump ideas/stakeholders/usecases there. 18:50:51 nirik: thanks 18:51:07 #info Password policy wiki page started at https://fedoraproject.org/wiki/User:Kevin/Draft_Passwordpolicy 18:51:50 thanks nirik 18:53:01 So if there is not anything else I'll end the meeting in a minute 18:53:04 ajax: Care to update the status of the SYSV init stuff? I saw mention that you'd been working on it. 18:53:15 sgallagh: yeah, grinding away slowly 18:53:35 Anything blocking you besides time? 18:53:52 not yet. i'll dump a status update in the ticket 18:54:08 Cool, thanks 18:54:29 ajax: if you need assistance, I'd be happy to help 18:56:32 hey there 18:57:05 Cydrobolt: you have someting for FESCo Open Floor? 18:57:14 hi by the way :) 18:57:19 no, just stopping by 18:57:24 hi thozza :) 18:57:36 ok, I'll end the meeting in a minute 18:58:43 #endmeeting