16:06:54 <sgallagh> #startmeeting FESCO (2016-12-02) 16:06:54 <zodbot> Meeting started Fri Dec 2 16:06:54 2016 UTC. The chair is sgallagh. Information about MeetBot at http://wiki.debian.org/MeetBot. 16:06:54 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic. 16:06:54 <zodbot> The meeting name has been set to 'fesco_(2016-12-02)' 16:06:54 <sgallagh> #meetingname fesco 16:06:54 <zodbot> The meeting name has been set to 'fesco' 16:06:54 <sgallagh> #chair maxamillion dgilmore jwb nirik paragan jsmith kalev sgallagh Rathann 16:06:54 <sgallagh> #topic init process 16:06:54 <zodbot> Current chairs: Rathann dgilmore jsmith jwb kalev maxamillion nirik paragan sgallagh 16:07:01 <maxamillion> sgallagh++ 16:07:02 <zodbot> maxamillion: Karma for sgallagh changed to 5 (for the f25 release cycle): https://badges.fedoraproject.org/tags/cookie/any 16:07:06 <linuxmodder> (just staying up-to-speed) 16:07:23 <sgallagh> .hello sgallagh 16:07:24 <zodbot> sgallagh: sgallagh 'Stephen Gallagher' <sgallagh@redhat.com> 16:07:52 <nirik> morning. 16:08:58 <maxamillion> .hello maxamillion 16:08:59 <zodbot> maxamillion: maxamillion 'Adam Miller' <maxamillion@gmail.com> 16:09:05 <Rathann> .hello rathann 16:09:06 <zodbot> Rathann: rathann 'Dominik Mierzejewski' <dominik@greysector.net> 16:09:08 <kalev> .hello kalev 16:09:09 <zodbot> kalev: kalev 'Kalev Lember' <klember@redhat.com> 16:10:17 <sgallagh> We have quorum, let's get started. 16:10:19 <sgallagh> #topic #1651 F26 System Wide Change: Fedora 26 Boost 1.63 upgrade 16:10:20 <sgallagh> .fesco 1651 16:10:21 <zodbot> sgallagh: Issue #1651: F26 System Wide Change: Fedora 26 Boost 1.63 upgrade - fesco - Pagure - https://fedorahosted.org/fesco/ticket/1651 16:10:51 <sgallagh> +1 rubber stamp 16:10:52 <kalev> +1 16:11:09 <maxamillion> +1 16:11:27 <Rathann> +1, though there seems to be a typo with boost version 16:11:31 <nirik> sure, +1 16:12:00 <kalev> what's the typo? 16:12:08 <Rathann> first sentence talks about 1.62 and the next about 1.61 16:12:56 <kalev> weird, I only see 1.63 everywhere 16:14:07 <sgallagh> #agreed F26 System Wide Change: Fedora 26 Boost 1.63 upgrade is approved (+5, 0, -0) 16:14:17 <sgallagh> #topic #1650 F26 System Wide Change: Debugging Information For Static Libraries 16:14:17 <sgallagh> .fesco 1650 16:14:17 <Rathann> kalev: I'm talking about the feature wiki page 16:14:18 <zodbot> sgallagh: Issue #1650: F26 System Wide Change: Debugging Information For Static Libraries - fesco - Pagure - https://fedorahosted.org/fesco/ticket/1650 16:14:20 <Rathann> https://fedoraproject.org/wiki/Changes/F26Boost163 16:15:06 <sgallagh> Rathann: The jump is from 1.60 to 1.63. Those two paragraphs are describing what happened in the two intermediate releases that were skipped. 16:15:12 <sgallagh> It doesnt' look like a typo to me 16:15:17 * kalev concurs. 16:15:30 <Rathann> ah 16:15:34 <Rathann> right, I misread 16:15:37 <Rathann> never mind 16:16:24 <nirik> +1 to this change 16:16:35 <kalev> +1 16:16:54 <sgallagh> +1 from me as well. 16:17:04 <maxamillion> +1 16:17:51 <Rathann> right, I remember this one 16:17:52 <Rathann> +1 16:17:59 <sgallagh> /me notes that this change must be readied before the mass-rebuild 16:18:20 <Rathann> indeed 16:18:21 <sgallagh> #agreed F26 System Wide Change: Debugging Information For Static Libraries is approved (+5, 0, -0) 16:19:00 <sgallagh> Shall we assert that the contingency plan must go into effect if it's not ready by N days before the mass-rebuild? 16:20:16 <sgallagh> I suppose that's more or less already in the change. 16:20:25 <kalev> not sure it's necessary as the Change page explicitly mentions that it needs to go in before the rebuild 16:20:26 <sgallagh> Though "final mass rebuild" is oddly-phrased. 16:21:09 <sgallagh> #topic #1648 F26 System Wide Change: GHC 8.0 16:21:09 <sgallagh> .fesco 1848 16:21:14 <zodbot> sgallagh: An error has occurred and has been logged. Please contact this bot's administrator for more information. 16:21:43 <sgallagh> .fesco 1648 16:21:48 <zodbot> sgallagh: Issue #1648: F26 System Wide Change: GHC 8.0 - fesco - Pagure - https://fedorahosted.org/fesco/ticket/1648 16:22:06 <maxamillion> +1 16:22:08 <sgallagh> There are four +1s in the ticket 16:22:16 <kalev> " with much improved support for aarch64, ppc64, and ppc64le" -- sounds like a good time now that these are all on primary koji 16:22:16 * maxamillion meant to +1 in ticket but forgot :/ 16:22:19 <kalev> +1 16:22:43 <sgallagh> #agreed F26 System Wide Change: GHC 8.0 is approved (+6, 0, -0) 16:23:48 <sgallagh> #topic #1635 F26 Self Contained Changes (Java Security Policy) 16:23:48 <sgallagh> .fesco 1635 16:23:50 <zodbot> sgallagh: Issue #1635: F26 Self Contained Changes - fesco - Pagure - https://fedorahosted.org/fesco/ticket/1635 16:24:46 <sgallagh> jkurik requested the Change owner to provide additional information, but it has not happened. 16:24:53 <maxamillion> +1 - seems like a sane change, I honestly didn't know that wasn't already the case ... I don't really Java 16:25:06 <maxamillion> what's missing? 16:25:13 <sgallagh> maxamillion: That's one of the open questions: it sounds like it maybe was supposed to already work but there was a bug that got fixed. 16:25:24 <kalev> it's driven by our crypto toolset maintainer and I definitely trust that he knows what he's doing 16:25:26 <sgallagh> It's unclear. 16:25:27 <maxamillion> sgallagh: ahhh ok 16:26:14 <sgallagh> Actually, reading further... 16:26:27 <sgallagh> Looks like it was added to F24 and F25 (as a 0day update) 16:26:52 <sgallagh> But it wasn't called out as a Change for either release, so if we wanted to approve it solely for marketing purposes, I could get behind that, I suppose. 16:27:22 <sgallagh> (or we could just deny it and ask that they add it to the F26 release highlights when they get put together) 16:27:33 <maxamillion> sgallagh: +1 16:27:38 <sgallagh> Because it looks like there's nothing technical remaining to be done 16:27:50 <kalev> from the last (private) comment, it looks like it's going to get reverted in older fedora releases 16:28:10 <kalev> https://bugzilla.redhat.com/show_bug.cgi?id=1249083#c40 -- note the "ok" reply 16:28:32 <sgallagh> /me nods 16:28:45 <sgallagh> OK, I'm thinking we perhaps don't have enough information today. 16:28:47 <nirik> private comments. yuck 16:28:52 <sgallagh> I move to defer to next week. 16:29:07 <nirik> sure, +1 16:29:17 <maxamillion> +1 16:29:23 <kalev> +1 to next week 16:30:14 <sgallagh> #info FESCo defers this discussion to next week, as it's currently unclear what is the status of the effort. 16:30:25 <Rathann> ok 16:30:25 <sgallagh> OK, that's the last item on the list marked with "meeting". 16:30:37 <sgallagh> I didn't have a chance to groom them before the meeting (I wasn't scheduled to chair). 16:30:53 <sgallagh> Anything on https://pagure.io/fesco/issues that we want to discuss? 16:31:04 * kalev looks 16:33:00 <kalev> sudo's ticket sounds like "fun" mediating between the maintainer and the person who filed the ticket 16:33:05 <sgallagh> Anyone want to discuss https://pagure.io/fesco/issue/1646 on sudo>? 16:33:36 <sgallagh> #topic #1646 No appropriate sudo directory for user scripts 16:33:36 <sgallagh> .fesco 1646 16:33:40 <zodbot> sgallagh: An error has occurred and has been logged. Please contact this bot's administrator for more information. 16:33:55 <maxamillion> zodbot is having a rough day 16:34:33 <sgallagh> The earlier one I figured was because of the typo... 16:34:34 <sgallagh> .fesco 1646 16:34:38 <zodbot> sgallagh: An error has occurred and has been logged. Please contact this bot's administrator for more information. 16:34:44 <sgallagh> nirik! ;-) 16:34:52 <maxamillion> I think the addition of /usr/local/bin and /usr/local/sbin make sense but I also think that if that's needed, an administrator can just enable it so I'm a bit torn as I like the system being secure "out of the box" 16:35:40 <sgallagh> Well, I think part of the issue is that there's no clear guideline on what /usr/local/bin is for 16:35:53 <kalev> I think it makes sense too, but I don't particularly want to override the maintainer either 16:35:55 <sgallagh> My *intuition* is that it's meant to be there for third-party tools 16:36:15 <sgallagh> And that's why it exists in the default PATH 16:36:38 <sgallagh> kalev: Well, the last comment from the maintainer sounds like he is looking for FESCo's thoughts on the matter. 16:36:43 <kalev> ahhh 16:36:53 <sgallagh> I'm not sure it's an "override" so much as him asking FESCo what the correct answer is 16:37:06 <kalev> fair enough, sorry, I didn't read the ticket to the end 16:37:12 <Rathann> hm I wonder what sudo upstream default is 16:37:31 <maxamillion> Rathann: +1 16:37:46 <sgallagh> /me looks 16:39:30 <sgallagh> upstream has no secure_path in examples/sudoers 16:39:38 <sgallagh> That said, this isn't a *default*, it's an example. 16:39:40 <kalev> my opinion here is that since putting things to /usr/local/bin requires root access, it should be fine to add it to sudo's path as well 16:39:49 <kalev> it's not like anyone can sneak behind an admin and add things there 16:40:06 <kalev> and it makes sense to have consistency between ubuntu and fedora 16:40:51 <sgallagh> My mistake. 16:40:58 <sgallagh> It's actually a compile-time option: /bin:/usr/ucb:/usr/bin:/usr/sbin:/sbin:/usr/etc:/etc 16:41:26 <sgallagh> Which is actually much more lenient than our default :) 16:41:51 <Rathann> I see Solaris paths :) 16:42:00 <Rathann> still, no /usr/local/bin 16:43:19 <sgallagh> I think I'm a weak -1 on adding /usr/local to secure_path. 16:43:28 <maxamillion> I'd be inclined to leave it the way it is citing that the proposed paths are not included by defualt from upstream and are not well defined paths 16:43:37 <maxamillion> -1 here as well 16:43:40 <sgallagh> Nowadays, most people who install third-party software do it either in /usr or /opt 16:43:46 <maxamillion> sgallagh: +1 16:44:03 <sgallagh> /usr/local is rapidly becoming a legacy concept 16:44:26 <Rathann> I think it's worth checking if other Linux distributions (apart from Ubuntu) do have /usr/local/bin there 16:45:05 <sgallagh> The only other relevant distro I can think of would be SUSE 16:45:26 <sgallagh> Between the Fedora/RHT family, Debian and SUSE, that's where most of the rest take their cues 16:46:47 <sgallagh> SUSE uses `Defaults secure_path = "/bin:/usr/bin:/sbin:/usr/sbin"` 16:47:00 <Rathann> Debian doesn't modify secure_path as far as I can tell 16:47:23 <sgallagh> I'm -1 to adding /usr/local 16:47:30 <sgallagh> Rathann: "modify" how? 16:47:43 <Rathann> ah 16:47:53 <Rathann> they ship a default sudoers 16:48:01 <Rathann> Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" 16:48:12 <Rathann> so that's probably why Ubuntu has it as well 16:48:14 <nirik> yeah, I lean toward -1 as well. 16:48:39 <kalev> I think it makes sense to have some kind of search path in the default config where admins can install scripts 16:48:53 <kalev> just so that people can avoid editing the config file 16:48:57 <Rathann> I'm with kalev on this one 16:49:09 <nirik> well, there is /etc/sudoers.d 16:49:18 <sgallagh> I was about to say the same 16:49:31 <Rathann> yes, but you need to (remember to) put a file there 16:49:36 <sgallagh> They can modify secure_path with a dropfile in sudoers.d if they don't want to touch the main file 16:50:12 <sgallagh> kalev: Why wouldn't admins just install scripts in /usr/bin or /usr/sbin? 16:50:15 <Rathann> if we want to attract Ubuntu users, then every additional step they have to do on Fedora to get the same experience is a loss 16:50:49 <Rathann> so, I'm +1 to adding /usr/local/{bin,sbin} 16:51:13 <Rathann> it doesn't make things any less secure 16:51:13 <kalev> sgallagh: because /usr/bin and /usr/sbin are tracked by rpm and if they want to install something manually, it's much clearer to see what they've installed if they put things in a separate directory 16:51:50 <kalev> if they install something through rpm, then I totally agree that they should put things in /usr/bin, but quite often people do one-off hacks on their systems 16:52:15 <kalev> and it makes sense to have a separate directory for these hacks I think 16:52:24 <Rathann> also, it's already in the default $PATH 16:52:46 <Rathann> so not having it in secure_path may be confusing 16:53:08 <Rathann> kalev: +1 16:53:40 <kalev> I am just trying to say that the reason that _fedora_ doesn't install anything in /usr/local doesn't mean that local admin's can't find it useful 16:54:28 <kalev> "make" + "make install" usually defaults to /usr/local, for example 16:54:59 <sgallagh> Rathann: I don't really buy the "attract from Ubuntu" argument. As a whole, the set of people who know how to use sudo sufficiently to care about secure_default is a rather small subset of Ubuntu users 16:56:40 <sgallagh> I mean, the other side of it is that you can *still use the full path* 16:56:57 <sgallagh> The only purpose of this option is to set the PATH variable that the elevated process sees. 16:57:14 <sgallagh> If you type `sudo /usr/local/myscript`, it's going to work. 16:57:30 <sgallagh> If you care about more than that, changing the config is REALLY EASY. 16:58:31 <kalev> what's the argument against changing the path? 17:00:11 <kalev> I am just trying to understand, maybe there are good reasons :) 17:00:19 <kalev> so far it seems to me that leaving /usr/local/bin out is just a weird annoyance for users 17:00:25 <kalev> something that they'd probably find their way around, but also something that we should try and make work out of the box 17:00:26 <sgallagh> kalev: The age-old "I forgot to type ./ before my command name and I accidentally ran something in the PATH instead" situation? 17:01:04 <maxamillion> it opens up for a non-standard and not well defined location to be default in secure_path ... however, there seems to be a decent amount of "defacto standard" around it, I'm not hard -1 ... but for now I'm -1 17:01:38 <kalev> yeah, but this is more like: people try to get this to work with sudo. it doesn't work. some admins are going to figure it out. others wont, and they end up giving root access to all people instead of using more secure sudo. 17:02:04 <sgallagh> kalev: I'd be less hesitant about a well-named location. But I really don't like using /usr/local for this. I'd be more comfortable with /usr/custom-sudo/bin or something 17:02:30 <sgallagh> kalev: I think that's a gross overstatement. People will make bad sudo decisions no matter what. 17:02:37 <sgallagh> It's a complicated feature 17:02:38 <maxamillion> indeed 17:02:43 <maxamillion> I've made my fair share of them :) 17:02:58 <sgallagh> I doubt anyone here could say otherwise with a straight face :) 17:02:59 <maxamillion> (many years ago before I knew it was a bad decision) 17:04:16 <sgallagh> Do we want to attempt to take this to a vote, or punt until we have a bigger quorum? 17:04:28 <sgallagh> /me would like to get lunch 17:04:52 <kalev> yes, dinner time here too! 17:05:23 <kalev> sorry for arguing and dragging this meeting so long 17:05:54 <Rathann> If I'm counting correctly, we have +2 and -2 17:06:18 <sgallagh> We're clearly not going to achieve the +5 that would be needed to make a decision today. 17:06:22 <Rathann> yup 17:06:27 <maxamillion> table! :D 17:07:17 <kalev> :D 17:07:51 <nirik> table is ok with me, I keep getting sidetracked/sucked into things and would be nice to read the bug more fully. 17:08:06 <sgallagh> #info FESCo discussed this issue but did not reach a decision today. We will discuss it again next week with hopefully a larger attendance. 17:08:18 <sgallagh> #topic Open Floor 17:08:42 <kalev> I may be missing next week, likely on a train with spotty connection at that time 17:09:03 * nirik actually will definitely be missing next week. I can vote in tickets tho 17:10:39 <maxamillion> afaik I will be here next week but I have jury duty on Tuesday ... so if I get selected I might not make it 17:10:43 <sgallagh> Oh, I forgot: 17:10:43 <sgallagh> #topic Next Week's Chair 17:11:24 <kalev> I could maybe take it in two weeks, but definitely not next week 17:11:32 <Rathann> I have a dentist appointment next week and don't know if I'll be able to attend, much less chair 17:12:22 <sgallagh> ... 17:12:54 <maxamillion> I can take next week's chair ... but I'm not convinced we will have quarum 17:13:17 <maxamillion> quorum* 17:13:17 <sgallagh> maxamillion: Thanks. If you end up with jury duty, I'll be your backup 17:13:23 <maxamillion> sgallagh: thanks 17:13:26 <sgallagh> #info maxamillion to chair next week's meeting. 17:13:48 <maxamillion> sgallagh: if that happens, I'll be sure to email to let you know so it's not a surprise thing 17:13:55 <sgallagh> Thanks 17:15:14 <sgallagh> OK, I'm closing out the meeting. Thanks for coming, everyone. 17:15:19 <sgallagh> #endmeeting