#fedora-meeting log

16:05:59 <jsmith> #startmeeting FESCO (2017-08-04)
16:05:59 <zodbot> Meeting started Fri Aug  4 16:05:59 2017 UTC.  The chair is jsmith. Information about MeetBot at http://wiki.debian.org/MeetBot.
16:05:59 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic.
16:05:59 <zodbot> The meeting name has been set to 'fesco_(2017-08-04)'
16:06:01 <jsmith> #meetingname fesco
16:06:01 <zodbot> The meeting name has been set to 'fesco'
16:06:03 <jsmith> #chair maxamillion dgilmore jwb nirik jforbes jsmith kalev sgallagh Rathann
16:06:03 <zodbot> Current chairs: Rathann dgilmore jforbes jsmith jwb kalev maxamillion nirik sgallagh
16:06:05 <jsmith> #topic init process
16:06:09 <jsmith> .hello jsmith
16:06:10 <zodbot> jsmith: jsmith 'Jared Smith' <jsmith.fedora@gmail.com>
16:06:12 <jforbes> .hello jforbes
16:06:13 <zodbot> jforbes: jforbes 'Justin M. Forbes' <jforbes@redhat.com>
16:06:20 <nirik> morning everyone
16:06:24 <nirik> .hello kevin
16:06:25 <zodbot> nirik: kevin 'Kevin Fenzi' <kevin@scrye.com>
16:06:59 <dgilmore> g'day
16:07:09 <kalev> .hello kalev
16:07:10 <zodbot> kalev: kalev 'Kalev Lember' <klember@redhat.com>
16:07:50 <maxamillion> .hello maxamillion
16:07:51 <zodbot> maxamillion: maxamillion 'Adam Miller' <maxamillion@gmail.com>
16:08:12 <sgallagh> .hello sgallagh
16:08:13 <zodbot> sgallagh: sgallagh 'Stephen Gallagher' <sgallagh@redhat.com>
16:08:55 <jsmith> Yay, we have a quorum, and lots of topics to discuss -- so let's get started
16:09:02 <maxamillion> +1
16:09:06 <jsmith> #topic Follow-ups
16:09:16 <jsmith> #topic #1736 - Don't automatically close security bugs on Fedora EOL
16:09:16 <jsmith> .fesco 1736
16:09:16 <jsmith> #link https://pagure.io/fesco/issue/1736
16:09:17 <zodbot> jsmith: Issue #1736: Don't automatically close security bugs on Fedora EOL - fesco - Pagure - https://pagure.io/fesco/issue/1736
16:09:49 <jsmith> Last week, we said we'd discuss on the list and come back -- there have been a couple of comments, but no major discussion
16:09:57 <nirik> so, I meant to add a comment to this... sgallagh's suggestion won't work
16:10:18 <nirik> (or at least currently)
16:10:56 <maxamillion> oh? I thought jkurik's comment suggests that it would
16:11:21 <nirik> we would need to create packagename-owner@fedoraproject.org accounts for every package (which we currently do not do)
16:11:41 <nirik> well, or would it work... perhaps I am misremembering how it tells
16:12:04 <jforbes> Why not the needinfo on the person it is assigned to?
16:12:26 <nirik> anyhow I think the needinfo is overkill... just move it to previous release at eol...
16:13:14 <kalev> let's do the Security keyword thing then so that it's possible to track the bugs properly?
16:13:38 <kalev> and it's easy enough to iterate over all security bugs later and add needinfo if we feel it's necessary to add later
16:14:08 <nirik> yeah, they should have the Security keyword already... we can use that
16:14:24 <Rathann> sorry guys, got sidetracked just before the meeting started
16:14:39 <kalev> ahh, even easier if they already have it
16:15:25 <kalev> Rathann: https://paste.fedoraproject.org/paste/3l4l5jc8P3pJ0jqEsc8lcg if you want to see scrollback
16:15:26 <maxamillion> +1 for security keyword
16:15:42 <nirik> proposal: eol scripts will be adjusted to move keyword: security bugs to the next release and add a note that this was a security bug and should be checked to see if it's fixed in the next release.
16:15:44 <Rathann> thanks kalev
16:15:55 <kalev> +1 to nirik's proposal
16:16:21 <jsmith> +1 to nirik's proposal
16:16:37 * nirik is +1 to his own
16:16:37 <jforbes> +1 nirik
16:17:10 <Rathann> +1
16:17:30 <Rathann> but I also like sgallagh's idea of setting needinfo to the pkg-owner
16:17:53 <sgallagh> +1
16:18:04 <maxamillion> +1
16:18:15 <sgallagh> Yeah, I wish we could needinfo everyone with commit privs. That way if the PoC is AWOL, someone else might see it.
16:18:31 <nirik> well, I can see how that would be anoying too tho
16:19:00 <nirik> say there's a security bug, but it's hard to fix... everytime a release EOL's you would needinfo again and the maintainer would have to clear it saying they are working on it and its not done yet
16:19:08 <jsmith> dgilmore: Voting?
16:19:58 <nb> I thought we used to have -owner aliases at one time
16:20:02 <nb> or am i imagining that
16:20:39 <jsmith> #agreed #1736 -  eol scripts will be adjusted to move keyword: security bugs to the next release and add a note that this was a security bug and should be checked to see if it's fixed in the next release
16:20:46 <jsmith> (+1:7,+0:0,-1:0)
16:21:08 <jsmith> In the interest of time, I'm going to move on to the next item.
16:21:09 <kalev> nb: that's only in the email system, not registered in bugzilla
16:21:09 <nirik> nb: we do, but bugzilla knows nothing about them... but I guess it would still work to cc them
16:21:17 <jsmith> #topic #1737 - Proposal: i686 SIG needs to be functional by F27 release date
16:21:17 <jsmith> .fesco 1737
16:21:17 <jsmith> #link https://pagure.io/fesco/issue/1737
16:21:18 <zodbot> jsmith: Issue #1737: Proposal: i686 SIG needs to be functional by F27 release date or we drop i686 kernel from F28 - fesco - Pagure - https://pagure.io/fesco/issue/1737
16:21:40 <jsmith> If I remember correctly, we lost quorum before we could take an action on this last week
16:21:49 <nirik> I kinda like mattdm's proposal here. Make the sig come up with critera... if they cannot do that then the answer is clear.
16:21:54 <kalev> mattdm came up with an idea with what I think makes most sense
16:21:56 * kalev nods.
16:22:22 <maxamillion> kalev: agreed
16:22:26 <maxamillion> nirik: +1
16:22:49 <nirik> I still see only 2 people listed on the page... and I am not sure Smooge was really interested or just wanted to help them organize.
16:22:56 <jsmith> Proposal: Give the SIG two weeks to come up with their criteria and come back to FESCo for approval
16:23:31 <kalev> +1 to jsmith's proposal
16:23:50 <sgallagh> jsmith: Are we assuming that if they cannot come up with criteria, we default to dropping i686 kernels?
16:24:05 <jsmith> sgallagh: I'm assuming so, yes.
16:24:11 <jforbes> For f28
16:24:12 <nirik> in f28 right?
16:24:15 <jsmith> For F28
16:24:25 <Rathann> +1 to jsmith's proposal with the above assumption
16:24:33 <nirik> +1 to the proposal (we should make sure we have someone post to the list about it tho to be very clear)
16:24:37 <jsmith> Proposal: Give the SIG two weeks to come up with their criteria and come back to FESCo for approval, and if they don't, drop i686 kernels for F28
16:24:47 <jforbes> +1 here
16:24:50 <maxamillion> +1
16:24:52 <Rathann> +1
16:25:17 <kalev> +1
16:25:46 <jsmith> sgallagh, dgilmore: Thoughts? Votes?
16:25:54 <nirik> still +1
16:26:00 <jsmith> nirik: Are you volunteering to post that, or would you like me to?
16:26:12 <dgilmore> sorry got distracted
16:26:14 <nirik> either way... I just want someone to.
16:26:59 <dgilmore> I am good either way as well
16:27:13 <dgilmore> if we drop it there is a bunch of other questions that come up
16:27:21 <jsmith> dgilmore: Can you elaborate?
16:27:41 <dgilmore> jsmith: well the only thing we could ship is a i386 Everything repo
16:27:55 <sgallagh> +1
16:27:56 <dgilmore> the only real use case for it would be multilib
16:28:02 <dgilmore> which I would like to go away
16:28:30 <dgilmore> so then the next question would be do we drop 32 bit x86 entirely
16:28:35 <sgallagh> dgilmore: I'd love to hear your thoughts (offline) on how we could get rid of multilib.
16:28:42 <sgallagh> I'm in favor :)
16:28:58 <dgilmore> sgallagh: easist way is drop i386
16:29:05 <dgilmore> then its gone
16:29:09 <nirik> sadly there's still people using it... for popular things even
16:29:16 <dgilmore> right
16:29:19 <sgallagh> dgilmore: Like I said, offline.
16:29:35 <kalev> I think it's a bit premature to drop i386 multilib right now
16:29:37 <jforbes> dgilmore: baby steps
16:29:59 <dgilmore> dropping the kernel will drop a ton of deliverables
16:30:04 <jsmith> dgilmore: Does that mean you're +1 for my proposal above, just to be clear?
16:30:13 <Rathann> dropping multilib would be a mistake at this point
16:30:18 <dgilmore> jsmith: i am 0
16:30:37 <Rathann> there's still tons of proprietary 32bit software that people want to run on Fedora
16:30:45 * kalev nods.
16:30:48 <dgilmore> jsmith: I am torn over the impact of it
16:30:51 <jsmith> #agreed #1737 - Give the SIG two weeks to come up with their criteria and come back to FESCo for approval, and if they don't, drop i686 kernels for F28 (+1:8,+0:0,-1:0)
16:30:59 <jsmith> dgilmore: Understood.
16:31:05 * nirik wonders if they could be flatpaked
16:31:14 <jsmith> #topic #1744 - F27 System Wide Change: NSS signtool deprecation
16:31:14 <jsmith> .fesco 1744
16:31:14 <jsmith> #link https://pagure.io/fesco/issue/1744
16:31:15 <jforbes> haha
16:31:15 <zodbot> jsmith: Issue #1744: F27 System Wide Change: NSS signtool deprecation - fesco - Pagure - https://pagure.io/fesco/issue/1744
16:31:21 <dgilmore> nirik: that needs a kernel
16:31:29 <Rathann> nirik: now that's an idea
16:31:30 <dgilmore> nirik: we need a kernel to make the base imag
16:31:32 <dgilmore> image
16:31:40 <nirik> ah well, anyhow...
16:32:05 <jsmith> Sorry to rush the conversation onto the next topic, but we've got a ton of things to cover today
16:32:08 <nirik> +1 here. I thought we did this one a while back...
16:32:21 <maxamillion> yeah, I thought we did as well
16:32:21 <maxamillion> +1
16:32:23 <kalev> +1
16:32:31 <jsmith> Apparently it was discussed on 7/21, but there wasn't quorum
16:32:35 <jsmith> +1 from me
16:32:49 <dgilmore> I am -1 as we are past systemwide change deadline
16:32:56 <jforbes> I am still +1
16:33:26 <dgilmore> 2017-07-04 Change Checkpoint: Proposal submission deadline (System Wide Changes)
16:33:43 <dgilmore> I am +1 for f28
16:33:55 <nirik> dgilmore: they submitted in time...
16:34:03 <nirik> 3 weeks ago
16:34:12 <dgilmore> nirik: tahts not in time
16:34:18 <nirik> oh, system wide. hum
16:34:36 <dgilmore> system wide was 4 weeks ago
16:34:48 <dgilmore> I am a big fat -1
16:34:55 <nirik> why is it systetm wide?
16:35:02 <dgilmore> sucks but we have to enforce the schedule
16:35:11 <maxamillion> dgilmore: yeah, that's a good point
16:35:21 <sgallagh> nirik: Because packages may be using it to sign things like jars
16:35:34 <sgallagh> Though the proposal owner was unaware of any in-Fedora uses
16:35:41 <jforbes> I didn't even consider the fact that it might be system wide
16:35:53 <sgallagh> I'm actually kind of inclined to recategorize it as self-contained.
16:36:02 <jsmith> So by my math, they missed the deadline by two days (but looking by the history of the wiki page, may have had the initial version a day before the deadline)
16:36:08 <sgallagh> This isn't really going to have any impact on the rest of the official Fedora repo
16:36:15 <jsmith> sgallagh: Leaning there myself, considering the scope
16:36:43 <Rathann> also it'll continue to be available for some time, just in a different path
16:36:46 <maxamillion> doesn't seem system wide
16:36:47 <nirik> yeah, I don't think it's really system wide... unless this tool is much more widespread than I think it is.
16:36:48 <sgallagh> Hmm, actually I'm rethinking.
16:36:49 <jsmith> Either way, I'm still +1 towards accepting it.  If they missed the deadline, it was only by a couple of days
16:36:58 <dgilmore> I guess we should get the impact reevaluated
16:37:15 <dgilmore> as a systemwide I am -1
16:37:16 <sgallagh> Even if it's self-contained, if it causes unforseen problems, we are already in a schedule crunch.
16:37:27 <sgallagh> (sorry, thinking through this as we go)
16:37:28 <maxamillion> if it is actually system wide, I'm going to -1 based on schedule as dgilmore points out
16:37:44 <sgallagh> I think I'm actually going to say -1 here as well.
16:37:53 <dgilmore> I am +1 to f28 and +1 if its really self contained
16:37:57 <sgallagh> It's not critical that this land for any reason I can see.
16:38:20 <sgallagh> So I'd push it to F28 and be done with it
16:38:24 * Rathann notes that there are alternative tools for the same already, at least the change says so
16:38:28 * nirik nods. I am +1 to f28 or +1 if they change it to self contained...
16:38:36 <jforbes> That seems to make the most sense
16:38:40 <sgallagh> To be clear, I think I'm -1 on self-contained as well
16:38:41 <dgilmore> proposal reject as a f27 systemwde change, accept as a f28 systemwide change
16:38:47 <maxamillion> nirik: +1
16:38:59 <jsmith> dgilmore: +1,  I guess
16:39:31 <nirik> sure I guess.
16:39:33 * Rathann is +1 either way
16:39:39 <dgilmore> unless everyone decides ist self contained
16:39:44 <kalev> sure, I can be +1 to that
16:39:49 <sgallagh> If we want to get F27 out at anything resembling "on time", I think we need to make hard decisions about any change that might introduce issues.
16:39:54 <Rathann> the impact is small in my opinion
16:40:17 <dgilmore> if nothing in the distro uses it the imact is small and its self contained
16:40:19 <nirik> I can't imagine this blocking us, but ok
16:40:37 <sgallagh> dgilmore: Nothing known to the reporter is using it. That may not be the same thing.
16:40:46 <sgallagh> s/reporter/proposer/
16:40:51 <dgilmore> sgallagh: sure
16:41:05 <dgilmore> which may only be found out after making the change
16:41:20 <jsmith> OK, keep me honest here with my counting... jsmith, nirik, Rathann, Kalev, and dgilmore are +1 to dgilmore's proposal.  I'm assuming jforbes and sgallagh are as well, but didn't see a clear vote from them.
16:41:22 <sgallagh> dgilmore: Right, and if that happens, I'd rather we did that in Rawhide post-branch
16:41:35 <dgilmore> sgallagh: sure
16:41:45 <sgallagh> jsmith: I am in favor of rejecting it from F27
16:41:46 <jsmith> Oh, how'd I miss maxamillion
16:41:55 <kalev> also, I still think it would make more sense to split this out to a subpackage to phase it out, it could be nss-tools-unsupported or something like that, and keep it in /usr/bin
16:41:57 <jforbes> I am +1, yes
16:42:01 <dgilmore> sgallagh: my proposal was accept if for f28
16:42:12 <sgallagh> Call me +1 for that, then
16:42:38 <maxamillion> +1 for me as well
16:42:56 <kalev> I don't really like how with the current approach with moving it to a subdir we'll a) have an unsupported tool in the default install
16:43:03 <kalev> and b) how we'll break end users scripts who might be using it
16:43:10 <dgilmore> jsmith: so my proposal passes , unless anyone else wants to propose something else
16:43:15 <jsmith> #agreed #1744 - Reject as an F27 system-wide change, and accept as an F28 system-wide change (+1:8:+0:0,-1:0)
16:43:17 <sgallagh> kalev: provide that as feedback after we reject it
16:43:27 <jsmith> #topic #1745 - F27 System Wide Change: Switch OpenLDAP from NSS to OpenSSL
16:43:27 <jsmith> .fesco 1745
16:43:27 <jsmith> #link https://pagure.io/fesco/issue/1745
16:43:29 <zodbot> jsmith: Issue #1745: F27 System Wide Change: Switch OpenLDAP from NSS to OpenSSL - fesco - Pagure - https://pagure.io/fesco/issue/1745
16:43:34 <dgilmore> +1
16:43:34 <jforbes> kalev: they have a whole release cycle and a half to fix it
16:43:40 <dgilmore> gahh
16:43:41 <dgilmore> no
16:43:42 <sgallagh> So, I have good news about this one
16:43:42 <dgilmore> -1
16:43:45 <dgilmore> same reason
16:43:48 <dgilmore> systemwide
16:43:59 <jsmith> sgallagh: Oh?
16:44:03 <sgallagh> This is basically ready to go now.
16:44:40 <sgallagh> The only known Fedora packages that were holding us back were the FreeIPA stack
16:45:06 <sgallagh> But dgilmore makes a good point about it being really late for this.
16:45:15 <maxamillion> agreed
16:45:33 <maxamillion> -1 based on systemwide deadline
16:45:42 <dgilmore> I propose the same as the previous change
16:45:46 <jsmith> I'd also rather shift this to F28
16:45:58 <sgallagh> Yeah, I think at this point in the cycle I have to agree.
16:46:00 <jsmith> (more due ot the F27 time-crunch, rhan the deadline)
16:46:09 <sgallagh> jsmith: +1
16:46:14 <nirik> yeah, moving to f28 and providing a long ramp seems good.
16:46:22 * kalev nods.
16:46:29 <Rathann> agreed
16:46:30 <jsmith> Proposal: Defer this to F28
16:46:37 <dgilmore> proposal: Reject as an F27 system-wide change, and accept as an F28 system-wide change
16:46:40 <dgilmore> ack
16:46:44 <jforbes> +1 dgilmore
16:46:48 <sgallagh> Proposal: Due to the short F27 cycle, we request that this be deferred until F28 and landed as soon after branch as possible.
16:46:48 <Rathann> +1
16:46:57 <kalev> so many proposals :)
16:47:06 <jsmith> And they're all essentially the same.
16:47:16 <kalev> sgallagh's is perhaps the most informative?
16:47:16 <sgallagh> I'll amend mine, one sec
16:47:22 <jsmith> I think we'll go with sgallagh's as it's the most verbose
16:47:29 <dgilmore> +1
16:47:40 <sgallagh> Proposal: Due to the short F27 cycle, we defer this until F28 and accept if for that release. Please  land it as soon after branch as possible.
16:47:42 <jsmith> (as amended, perhaps, once he amends it)
16:47:50 <sgallagh> s/if/it/
16:47:52 <jsmith> Still +1 to that proposal
16:47:56 <sgallagh> +1
16:48:01 <Rathann> still +1
16:48:02 <kalev> +1
16:48:08 <dgilmore> +1
16:48:12 <jforbes> +1
16:48:13 <nirik> +1
16:48:15 <maxamillion> +1
16:48:43 <jsmith> #agreed #1745 -  Due to the short F27 cycle, we defer this until F28 and accept it  for that release. Please land it as soon after branch as possible. (+1:8,+0:0,-1:0)
16:48:57 <jsmith> #topic #1747 - F27 System Wide Change: RPM 4.14
16:48:58 <jsmith> .fesco 1747
16:48:58 <jsmith> #link https://pagure.io/fesco/issue/1747
16:49:00 <zodbot> jsmith: Issue #1747: F27 System Wide Change: RPM 4.14 - fesco - Pagure - https://pagure.io/fesco/issue/1747
16:49:13 <dgilmore> same :(
16:49:24 <dgilmore> though parts of it have already landed
16:49:35 <sgallagh> This was approved weeks ago
16:49:40 <sgallagh> What is the open question?
16:49:47 <maxamillion> sgallagh: how many weeks ago? :)
16:49:54 <jsmith> Oh, good call -- not sure why it was still o nthe list.  It was voted on in the 7/21 meeting.
16:49:55 * dgilmore thinks its sad we have so many system wide changes coming to us this late
16:50:00 <maxamillion> deadline was 4 weeks ago wasn't it?
16:50:05 <dgilmore> maxamillion: yes
16:50:07 <sgallagh> maxamillion: We voted to approve two weeks ago
16:50:10 <jsmith> dgilmore: Part of that is that we haven't had quorum for a couple of meetings.
16:50:16 <maxamillion> sgallagh: rgr
16:50:26 <maxamillion> we weren't paying attention to schedule ... we really need to do that
16:50:39 <jsmith> #agreed #1747 -- This was already approved on 2017-07-21
16:50:40 <dgilmore> maxamillion: indeed
16:50:49 <jsmith> #topic #1749 - F27 Self Contained Change: VirtualBox Guest Integration
16:50:49 <jsmith> .fesco 1749
16:50:49 <jsmith> #link https://pagure.io/fesco/issue/1749
16:50:50 <sgallagh> maxamillion: It was submitted four weeks ago and hit FESCo three weeks ago and we approved it two weeks ago
16:50:50 <zodbot> jsmith: Issue #1749: F27 Self Contained Change: VirtualBox Guest Integration - fesco - Pagure - https://pagure.io/fesco/issue/1749
16:50:51 <sgallagh> Seems in order
16:51:21 <sgallagh> I'm with jwb: I'd REALLY like this to land, but I don't want to see us carrying private patches for it.
16:51:22 <nirik> right, it was submitted before the deadline, but then needs a week discussion on list then needs us to meet... so there are a lot of delays in there.
16:51:27 <sgallagh> Didn't work really well with kdbus...
16:51:45 * nirik wants to hear jforbes's thoughts on this
16:51:51 <dgilmore> jforbes: what say you?
16:51:53 <jsmith> nirik: Me too :-)
16:52:21 <jforbes> Sorry, was going through the minutes from before where we had looked at some of this
16:52:25 <kalev> I'd really like to see this too
16:52:25 <jsmith> (That being said, I'm also inclined to defer and revisit the decision in the F28 timeframe)
16:52:47 <kalev> I think I heard the change author say somewhere that one of the guest drivers already made it to the staging tree
16:52:49 <sgallagh> jsmith: I suspect in that timeframe it will be upstream and a freebie
16:52:50 <jforbes> VirtualBox, here's the thing
16:53:04 * jsmith listens attentively
16:53:07 <jforbes> Yes, one guest driver is in staging (very low bar of entry there)
16:53:13 <kalev> but there's more than one driver and others still need to make it to staging
16:53:41 <jforbes> The rest of them are not.   I really do not have any inclination to carry them as a patch in hopes that they may eventually one day get upstream
16:54:17 <maxamillion> that doesn't give me the warm and fuzzies
16:54:32 <nirik> so defer until they are upstream?
16:54:32 <jsmith> Proposal: Reject for F27, revisit the decision later for F28
16:54:34 <jforbes> They have a history of saying "lets get vbox upstream", making a couple of posts ignoring feedback, and forgetting about it.  Long history, over 10 years
16:54:49 <Rathann> right, defer until the kernel patches are upstream
16:54:51 <kalev> how is this different from, let's say i686 sig where the sig promises to take care of one part of the kernel? if the feature owner promises to take care of the patch, is this in any way different?
16:54:56 <nirik> well, hans is driving it this time, and he knows the drill.
16:54:58 <sgallagh> Proposal: FESCo would prefer that Fedora does not carry these patches, instead defer until VirtualBox drivers are upstreamed into the kerne.
16:55:12 <maxamillion> jforbes: yeah, I seem to remember a lot of articles about vbox+lkml in the paste to that effect
16:55:22 <maxamillion> sgallagh: +1
16:55:23 <jsmith> +1 to sgallagh's proposal (or my own)
16:55:36 <Rathann> +1
16:55:43 <dgilmore> I know hans knows the right thing to do
16:55:45 <sgallagh> jsmith: I don't want to specifically refer to F28. That sort of sets a deadline.
16:55:47 <jforbes> We do not enable staging drivers as policy, but if hans is interested in maintaining them, we will be happy to enable the drivers as they hit staging
16:55:55 <dgilmore> and he has a history of getting changes in the mainline kernel
16:56:15 <sgallagh> jforbes: Interested enough to do this in the F27 cycle?
16:56:20 <jsmith> sgallagh: My intention was not to set a deadline -- just to kick the can down the road.  We can always re-evaluate for F28 and kick the can farther down the road.
16:56:44 <nirik> kalev: I would think i686 fixes would be very upstreamable... if they wanted to carry a big patch for adding the arch or something I could see the kernel maintainers not wanting to do that there too.
16:56:45 <sgallagh> jsmith: If we're doing this, I'd rather it be clear that we want this upstream.
16:56:55 <jforbes> sgallagh: Yes, and no.  If they land before F25 is EOL, it will get the drivers during a rebase.
16:57:00 <dgilmore> assumim jforbes is okay with hans maintaing things, i am +1 to f27
16:57:32 <kalev> I am +1 to F27 as well
16:57:33 <sgallagh> I thought this was further along than it is from this discussion.
16:58:02 <sgallagh> I'm -1 to F27.
16:58:07 <jforbes> We don't turn off drivers on rebases, but we do turn them on.
16:58:35 <jforbes> This isn't going to land by F27 GA, if they follow through, it may land as an update
16:58:39 <dgilmore> jforbes: so in theory we may get delayed some while hans does a rebase
16:58:50 <nirik> well, provided the change is updated to reflect things (ie, only once they are merged in staging, and on a kernel rebase will they be enabled) I'm +1 for whenever that happens.
16:58:55 <sgallagh> At which point it's realistically an F28 feature that happened to get backported.
16:58:58 <sgallagh> Not an F27 feature.
16:59:09 <jforbes> correct
16:59:21 <jsmith> I'm fine with that
16:59:23 <jforbes> dgilmore: the delay is waiting for them to get upstream
16:59:24 <sgallagh> So I'm happy to say -1 on F27. Don't put it in until after branch.
16:59:54 <kalev> I would be sad to see a hardware enablement feature not land if it's ready in time for F27
17:00:11 <jforbes> Well, they will get enabled as they are added upstream, regardless of schedule
17:00:23 <sgallagh> kalev: I would be sadder still to see F27 not land in time because of a half-baked hardware-enablement feature :)
17:00:57 <jsmith> OK, let's see how votes are shaping up around sgallagh's proposal
17:01:01 <sgallagh> Right, if it lands in whatever upstream kernel we ship for F27, that's all well and good and we can reverse this decision
17:01:13 <jforbes> Correct
17:02:00 <sgallagh> But as for carrying them privately, I don't like that idea and think it's unnecessary risk for F27
17:02:25 <sgallagh> Another bus will be along soon
17:02:42 <maxamillion> sgallagh: +1
17:03:01 <jsmith> Amended proposal: FESCo would prefer that Fedora doesn't carry these patches for F27 release kernel, instead deferring until after branch or until upstreamed.
17:03:03 <jsmith> Thoughts?
17:03:18 <dgilmore> +1
17:03:19 <sgallagh> jsmith: +1
17:03:25 <Rathann> +1
17:03:30 <kalev> +1
17:03:49 <jforbes> -1 to that proposal, it implies that we will accept the patches after branch
17:03:50 <Rathann> actually s/until after branch or//
17:04:06 <Rathann> so, just like jforbes said
17:04:31 <sgallagh> That's fair.
17:04:31 <jsmith> jforbes: Well, I thought we would *if* Hans is willing to do all the maintenance work -- maybe that was a bad assumption on my part
17:04:36 <maxamillion> ah yeah, fair point
17:04:52 <maxamillion> I don't think we should accept until it's upstream
17:05:05 <nirik> proposal: accept change with the proviso that patches are all ustreamed and would be enabled in a rebase. If that rebase takes place after f27 release, make this a f28 change
17:05:06 <maxamillion> adding more work to the kernel team is bad form
17:05:08 <sgallagh> Amended proposal: FESCo would prefer that Fedora doesn't carry these patches for F27 release kernel, instead deferring until  upstreamed. Private patches may be considered for a F28 Change if they are sufficiently ready for testing.
17:05:09 <jforbes> I am absolutely not against having vbox support in the kernel, I am however very much against carrying patches that may never land upstream
17:05:15 <dgilmore> jforbes: i read it as being possibly accepter to rawhide after branching
17:05:17 <maxamillion> nirik: +1
17:05:22 <maxamillion> sgallagh: +1
17:05:26 <dgilmore> gahh
17:05:28 <maxamillion> either nirik or sgallagh's proposal
17:05:37 <dgilmore> type failure here
17:05:55 <jsmith> I'm +1 to either of those new proposals
17:06:13 <jforbes> +1 sgallagh We may revisit the status in F28, if there is a clear path.
17:06:17 <Rathann> +1
17:06:50 <dgilmore> what jforbes said
17:07:16 <sgallagh> jforbes: I was trying to communicate that. Feel free to suggest a clearer wording.
17:07:17 <nirik> seems a bit contradictory, but sure... "deferring until upstreamed" "private patches may be accepted"
17:07:44 <jforbes> sgallagh: I think your wording is fine there
17:07:44 <jsmith> Let's spend two more minutes cleaning up the language a bit, shall we?
17:08:36 <jforbes> nirik: It makes sense to me because if it gets upstreamed, F27 will get it on rebase.
17:08:46 <dgilmore> instead deferring until it is clear that there is a clear path they will be accepted upstream
17:09:08 <sgallagh> Reworded: FESCo would prefer that Fedora doesn't carry private  patches for F27 release kernel.If the patches are upstreamed, we will accept them in a rebase. Private patches may be considered for a F28 Change if they are sufficiently ready for testing.
17:09:18 <nirik> jforbes: sure, but then what private patches are there for f28?
17:09:44 <sgallagh> nirik: The private patches bit is in case they're not upstream but *are* ready for prime-time
17:09:48 * nirik 's uderstanding is that you don't want to carry any private patches
17:10:03 <dgilmore> Amended proposal: FESCo would prefer that Fedora doesn't carry these patches for F27 release kernel, instead deferring until it is clear that there is a clear path they will be accepted upstream.
17:10:20 <sgallagh> I guess we  could drop the F28+ part entirely and leave it up to the next FESCo to figure out
17:10:30 <nirik> dgilmore: +1
17:10:36 <jforbes> nirik: In general we don't, but if it were to land in say next, meaning there is a very clear path upstream, it would just be after the F28 release kernel, we may carry them
17:10:39 <sgallagh> dgilmore: +1  I can work with that
17:10:51 <nirik> ok
17:11:15 <jsmith> Everybody OK with dgilmore's latest language then?
17:11:23 <nirik> I guess it depends on what 'upstream' means really... acked, landed in next, landed in staging, landed in normal drivers, etc.
17:11:24 <maxamillion> I am if jforbes is
17:11:25 <kalev> sounds good to me
17:11:25 <jforbes> I am fine with carrying a patch when there is a guarantee that it goes away in a release or 2
17:11:52 <kalev> yep, I too think it may make sense to _backport_ the patch if needed
17:11:56 <jforbes> nirik: We will accept staging for this
17:12:04 <kalev> anyway, +1 to dgilmore's proposal
17:12:05 <dgilmore> nirik: thats up to jforbes and Laura to decide
17:12:12 <jforbes> I am +1 to dgilmore's proposal
17:12:13 * nirik nods. right. +1
17:12:21 <Rathann> +1
17:12:22 <jsmith> I'm +1 to dgilmore's proposal
17:12:35 <maxamillion> +1 to dgilmore's proposal
17:13:40 <dgilmore> i am +1 obviously
17:13:53 <jsmith> #agreed #1749 - FESCo would prefer that Fedora doesn't carry these patches for F27 release kernel, instead deferring until it is clear that there is a clear path they will be accepted upstream. (+1:8,+0:0,-1:0)
17:14:06 <jsmith> #topic #1750 - Decide if EOL is one month after release, four weeks, or something else
17:14:06 <jsmith> .fesco 1750
17:14:06 <jsmith> #link https://pagure.io/fesco/issue/1750
17:14:07 <zodbot> jsmith: Issue #1750: Decide if EOL is one month after release, four weeks, or something else - fesco - Pagure - https://pagure.io/fesco/issue/1750
17:14:31 <kalev> mattdm suggested 5 weeks, I think
17:14:40 <dgilmore> kalev: he did
17:14:42 <nirik> so I thought (but couldn't find) that we delegated this to releng a while back...
17:14:53 * dgilmore would rather not push updates for a week longer
17:15:04 <nirik> ie, fesco used to decide dates, then just decided to let releng do it when it was good for them.
17:15:15 <jsmith> nirik: I'm fine with that :-)
17:15:16 <dgilmore> I do wish I knew what the probelem with the exitisting setup is
17:15:26 <dgilmore> it was always ~1 month
17:15:26 <maxamillion> dgilmore: same
17:15:37 <dgilmore> we defaulted to that being 4 weeks years ago
17:15:55 <dgilmore> a difference of 2-3 days
17:16:03 <sgallagh> I don't really think he cares as long as we document it accurately.
17:16:20 <sgallagh> If it's 28 days, then let's just print that and move on
17:16:21 <nirik> its one month in one place and 4 weeks in another apparently
17:16:21 <jsmith> sgallagh: Agreed
17:16:47 <maxamillion> nirik: ah ok, so there's an inconsistency in the information provided
17:16:51 <maxamillion> that's fair
17:17:12 <dgilmore> does it say 1 month or approximately 1 month
17:17:15 <dgilmore> ?
17:17:19 <kalev> I think mattdm's idea was that in marketing, it's easier to say one month, and in reality make sure that we actually do that a few more days than that so that nobody feels cheated
17:17:27 <kalev> so 5 weeks
17:17:51 <jsmith> Proposal: Declare the time as "35 days"
17:17:55 <nirik> https://fedoraproject.org/wiki/Fedora_Release_Life_Cycle#Schedule_Methodology
17:18:03 <nirik> "One release plus one month"
17:19:17 <sgallagh> jsmith: I propose that FESCo declares that all months are 30 days long. Extra days at the end of the calendar year are discarded. :)
17:19:40 <nb> :)
17:19:41 <nirik> ha
17:19:42 <jsmith> -1 to sgallagh's proposal
17:19:44 <puiterwijk> How about lunar months at the time of release?
17:20:17 * sgallagh notes that he was attempting to use satire to call attention to the ridiculousness of this debate
17:20:55 <jsmith> sgallagh: https://en.wikipedia.org/wiki/International_Fixed_Calendar
17:20:56 <sgallagh> IMHO, the use of "month" for marketing purposes is unnecessary. Let's say "four weeks" or "28 days" everywhere and have done. <-- Proposal
17:21:05 <nirik> how about just making it 4 weeks.
17:21:08 <nirik> +1
17:21:08 <jsmith> sgallagh: +1
17:21:30 <Rathann> +1
17:21:53 <sgallagh> +1, to be clear
17:21:55 <maxamillion> +1
17:21:59 <kalev> +1
17:22:04 <dgilmore> +1
17:22:22 <mattdm> four weeks sounds a lot scarier to me than one month
17:22:32 <sgallagh> As an aside, this meeting is starting to feel like "28 Days Later"...
17:22:32 <mattdm> but I'm fifty-fifty on whether that's a bad thing :)
17:22:35 <sgallagh> mattdm: GOOD
17:22:47 <sgallagh> The whole point of EOL is to scare people off the thing we don't want to support anymore
17:22:47 <jsmith> mattdm: You'll note my first proposal was "35 days", but nobody liked that at all...
17:22:53 <dgilmore> mattdm: in most people mind 4 weeks is a month
17:23:08 <maxamillion> ¯\_(ツ)_/¯
17:23:11 <jsmith> jforbes: Vote?
17:23:17 <jforbes> +1
17:23:19 <mattdm> too many geeks involved here for that kind of imprecision to fly :)
17:23:53 <dgilmore> a month rounded to the closest Tuesday ;)
17:24:01 <jsmith> #agreed $1750 -  The use of "month" for marketing purposes is unnecessary. Let's say "four weeks" or "28 days" everywhere and have it done (+1:8,+0:0,-1:0)
17:24:03 <kalev> I think mattdm is in the best position to say which of these options works best in reality, so I'm willing to get behind with what he says :)
17:24:10 <jsmith> #topic New business
17:24:24 <jsmith> #topic #1751 - Request to accept a Self Contained Change after deadline
17:24:24 <jsmith> .fesco 1751
17:24:24 <jsmith> #link https://pagure.io/fesco/issue/1751
17:24:25 <zodbot> jsmith: Issue #1751: Request to accept a Self Contained Change after deadline - fesco - Pagure - https://pagure.io/fesco/issue/1751
17:24:32 <jsmith> I spoke to pbrobinson about this one the other day
17:24:42 <jsmith> Seems like the work is essentially done, and the ticket was really just opened for marketing purposes
17:24:52 <pbrobinson> yes, correct
17:24:56 <jsmith> So I'm strongly inclined to vote +1 for it
17:25:01 <maxamillion> yeah, +1 here
17:25:12 <jforbes> +1
17:25:14 <pbrobinson> there's a little testing and some new versions of u-boot but that's normal release cycle stuff
17:25:19 <maxamillion> self contained and the work is done? I'm in :)
17:25:21 <nirik> sure. +1
17:25:22 <sgallagh> Yeah, +1
17:25:23 <kalev> +1
17:25:35 <Rathann> +1
17:25:55 <dgilmore> +1
17:26:11 <jsmith> #agreed #1751 Change is accepted (+1:8,+0:0,-1:0)
17:26:22 <jsmith> #topic #1690 - F27 Self Contained Changes
17:26:22 <jsmith> .fesco 1690
17:26:22 <jsmith> #link https://pagure.io/fesco/issue/1690
17:26:25 <zodbot> jsmith: Issue #1690: F27 Self Contained Changes - fesco - Pagure - https://pagure.io/fesco/issue/1690
17:26:27 <jsmith> And we have a bunch of these...
17:26:35 <jsmith> #topic Unified database for DNF
17:26:35 <jsmith> #link https://fedoraproject.org/wiki/Changes/Unified_database_for_DNF
17:26:54 <jsmith> I'm +1 for this one
17:27:12 <sgallagh> ignatenkobrain: Are you around? What's the status of this?
17:27:21 <sgallagh> Is it just waiting for the go-ahead to land, or is there work still to be done?
17:27:33 <jsmith> The wiki page says the patches are there
17:28:02 <sgallagh> What about the PackageKit side?
17:28:08 <nirik> +1 but yeah...
17:28:16 <sgallagh> I'm kind of wary of calling this self-contained.
17:28:23 <maxamillion> sgallagh: agreed
17:28:34 <maxamillion> I was just about to ask if it's truly considered self contained
17:28:35 <jsmith> sgallagh: The more I read this, the more I tend to agree with you.
17:28:52 <jsmith> Proposal: Defer to F28, and re-evaluate if it's really self-contained
17:28:59 <sgallagh> I'm leaning slightly on the -1 side right now. I'm hoping ignatenkobrain can alleviate my fears.
17:29:09 <ignatenkobrain> sorry for delay
17:29:10 <ignatenkobrain> I'm here
17:29:14 <maxamillion> ignatenkobrain: o/
17:29:30 <ignatenkobrain> sgallagh: SWDB still WIP, though
17:29:35 <sgallagh> Because any change to low-level plumbing during this short cycle has me on edge.
17:30:02 <ignatenkobrain> chang is definitely self-contained
17:30:17 <sgallagh> ignatenkobrain: Except the part where multiple package management tools need to integrate with it.
17:30:22 <ignatenkobrain> not really
17:30:36 <ignatenkobrain> only dnf uses yumdb
17:30:45 <maxamillion> does packagekit not?
17:30:51 <ignatenkobrain> no, it has its own DB
17:30:58 <maxamillion> of course it does :)
17:31:17 <jforbes> nice
17:31:22 <sgallagh> ignatenkobrain: The Change implies that the purpose is to move PK onto swdb as well
17:31:25 <ignatenkobrain> if something else uses ymudb, let me know and I will write blogpost asking people to not use that software ;)
17:31:38 <ignatenkobrain> yes, edynox has patches to integrate PK with swdb
17:31:44 <ignatenkobrain> through libdnf
17:32:00 <ignatenkobrain> what's the current status of -1/0/+1?
17:32:18 <ignatenkobrain> I mean if I should start arguing for inclusion it into F27 or just agree for moving to F28?
17:32:42 <maxamillion> ignatenkobrain: there was concern about it having a lager impact than we originally understood, but it sounds (at least as I understand it) that it's not a wide spanning impact
17:32:57 <nirik> well, how much more work is pending? we have a very tight schedule this cycle. ;(
17:33:06 <maxamillion> ignatenkobrain: also what nirik said
17:33:10 <Rathann> what happens if PK is not ported to the new swdb?
17:33:18 <sgallagh> Yeah, if it's not ready to happen basically today, I'm concerned about inclusion at this point.
17:33:21 <ignatenkobrain> Rathann: it still uses its own db
17:33:21 <Rathann> I mean not ported in time?
17:33:44 <ignatenkobrain> nirik: everything is pretty much done, needs cleanup and testing
17:34:33 <Rathann> do we end up with things like needing to manually mark installed packages with "dnf mark" or dnf will happily remove them by default?
17:34:43 <nirik> well, the big advantage here is both of them using the same db... if they aren't then it's not so interesting.
17:34:55 <nirik> Rathann: you mean like it is today? ;)
17:35:24 <ignatenkobrain> when dnf finds that swdb doesn't exist but yumdb does, it will automatically convert db
17:35:26 <ignatenkobrain> though it can't do opposite
17:35:49 <Rathann> nirik: I mean https://fedoraproject.org/wiki/Common_F24_bugs#DNF_might_remove_essential_system_packages_if_you_used_PackageKit_.28GNOME_Software.2C_KDE_Apper.29_in_the_past
17:36:00 <Rathann> is this still a thing today?
17:36:08 <nirik> yes, as far as I know
17:36:12 <Rathann> oh
17:36:15 <ignatenkobrain> not really
17:36:27 <kalev> ignatenkobrain: can you make sure that when it goes through PK, the yumdb -> swdb conversion also automatically happens?
17:36:44 <ignatenkobrain> kalev: sure
17:36:52 <kalev> great
17:36:59 <nirik> oh I guess it was fixed.
17:37:35 <ignatenkobrain> btw, when is the deadline?
17:37:36 <kalev> Rathann: I fixed that a few releases ago
17:37:48 <ignatenkobrain> for self contained changes to be complete
17:38:29 <nirik> 2017-09-05 	Change Checkpoint: 100% Code Complete Deadline
17:38:40 <nirik> Changes should be testable now/a few days ago
17:39:12 <ignatenkobrain> so do we need to make decision now or we can make it next week?
17:39:39 <ignatenkobrain> I could ask edynox if we can have it testable within 1-2wks, if not we could just simply move this change to F28
17:39:59 <ecuba> kalev: if SWDB is not in the system and PK with SWDB support is used, then it just logs data to yumdb like before... Then DNF performs the conversion including that data
17:40:19 <sgallagh> Honestly, if it's not ready today, I'm inclined to just push it to F28 so you don't have to stress over it.
17:40:19 <kalev> ahh, right
17:40:22 <ignatenkobrain> ha! he's here... didn't notice
17:40:25 <sgallagh> (And it's one fewer thing to go wrong)
17:40:35 <ignatenkobrain> ecuba: so, what's the status of swdb?
17:40:45 <ignatenkobrain> can we get it merged within few days?
17:41:23 <ecuba> ignatenkobrain: we had a talk with jarda about moving it to F28 - pushing it to rawhide after F27 fork and releasing it as update for F27 later - when it is properly tested in rawhide
17:41:26 * nirik has to step away for a few, back soon.
17:41:42 <ignatenkobrain> I'm kinda against backporting this to F27 later...
17:41:49 <ignatenkobrain> Proposal: defer to F28
17:41:56 <ignatenkobrain> sgallagh: maxamillion: nirik: others: ^
17:42:04 <sgallagh> ignatenkobrain: +1, defer to F28.
17:42:17 * kalev nods.
17:42:17 <sgallagh> And thanks for that
17:42:29 <maxamillion> +1 to defer to f28
17:42:32 <Rathann> sure, one thing less to worry about, +1
17:42:34 <jforbes> +1 defer
17:42:42 <ignatenkobrain> Rathann: =)
17:42:43 <jsmith> +1 to defer
17:43:32 <sgallagh> ecuba: Please *do* land it immediately post-branch to give it maximum time to bake in F28, though.
17:43:42 <sgallagh> It's a worthwhile enhancement.
17:43:50 <jsmith> #agreed Defer "Unified database for DNF" to F28 (+1:6,+0:0,-1:0)
17:43:53 <jsmith> OK, next up...
17:44:02 <jsmith> #topic Authselect: new toold to replace authconfig
17:44:02 <jsmith> #link https://fedoraproject.org/wiki/Changes/Authselect
17:44:22 <dazo> s/toold/tool/
17:44:31 <ecuba> sgallagh: will do
17:44:57 <sgallagh> So, as previously discussed, this tool is additive in F27. It will not replace authconfig in anaconda, etc. until at least F28
17:45:17 <dgilmore> where will it be used then?
17:45:27 <Rathann> will there be some documentation to create your own auth config profiles?
17:45:41 <maxamillion> Rathann: +1
17:45:53 <Rathann> the proposed set covers most scenarios, but surely someone will want to do their own thing
17:46:10 <sgallagh> Rathann: My understanding is that this is exactly the case it is trying to avoid.
17:46:21 <sgallagh> And that if you want to do your own thing, you just don't use authselect
17:46:35 <Rathann> oh, it actually says this:
17:46:37 <Rathann> If an administrator has different needs they can create a custom profile and make it accessible by authselect by dropping it in the tool directory.
17:46:37 <sgallagh> It's not going to replace the ability to edit nsswitch/PAM stacks directly
17:47:03 <Rathann> so, +1 as long as there's documentation on how to create those
17:47:21 <sgallagh> Well, it's still going to be somewhat more limited than today.
17:47:31 <sgallagh> To help constrain the supportable uses
17:48:02 * sgallagh still wants to slap people who try to use pam_fprintd with SSSD for remote logins.
17:48:16 * jsmith blinks
17:48:24 <Rathann> authselect is not in Fedora yet
17:48:27 <dgilmore> sgallagh: I wish that I could :P
17:49:00 <Rathann> however, there is a review request: https://bugzilla.redhat.com/show_bug.cgi?id=1477134
17:49:21 <sgallagh> dgilmore: There are ways to use biometric devices based on smart-cards. That is supportable :)
17:49:22 <Rathann> I wonder why it's not mentioned on the change proposal page
17:49:32 <dgilmore> sgallagh: :)
17:50:06 <dgilmore> I think at this point I am not sure what the change is doing, other than saying this is cooming to a release soon
17:50:06 <jsmith> In the interest of time, does someone want to make a proposal?
17:50:26 <dgilmore> at which point it should be a change for that release
17:50:57 <dgilmore> proposal: punt to being a system wide change in a future release
17:51:10 <Rathann> dgilmore: from what I understand, it's introducing an alternate way to configure authentication
17:51:18 <Rathann> and just that
17:51:21 <sgallagh> Yes
17:51:25 <Rathann> authconfig is not being removed yet
17:51:50 <sgallagh> Proposal: Reject as a change since it's effectively just a new package. Repropose as a Change when it's time to replace authconfig.
17:52:32 <dgilmore> sgallagh: +1
17:52:35 <Rathann> hm, fair enough
17:52:36 <jsmith> I guess I can be +1 to that
17:52:48 <Rathann> +1
17:53:10 <maxamillion> sgallagh: +1
17:53:25 <jforbes> +1 sgallagh
17:54:00 * nirik reads u
17:54:09 <nirik> p
17:54:29 <nirik> +1
17:55:37 <jsmith> #agreed "New tool to replace Authconfig" is rejected, as it's effectively just a new package.  Repropose as a Change when it's time to replace authconfig (+1:7,+0:0,-1:0)
17:55:41 <jsmith> Next up...
17:55:54 <jsmith> #topic New default cipher in OpenVPN
17:55:54 <jsmith> #link https://fedoraproject.org/wiki/Changes/New_default_cipher_in_OpenVPN
17:56:02 * dazo is the change owner of that one
17:56:51 <sgallagh> dazo: Can you summarize the compatibility between 2.4 and 2.3 clients and servers?
17:57:00 <sgallagh> I'm having trouble parsing it from the Proposal page
17:57:01 <dazo> It should just work :)
17:57:25 <jforbes> I really don't like the fact that this is in a .service file instead of /etc, but it really isn't relevant to this change
17:57:29 <nirik> have the openvpn maintainer(s) approved of the change, or are you one dazo ?
17:57:36 <sgallagh> So no problem with 2.3 clients connecting to a 2.4 with this new default?
17:57:37 <dazo> I am the maintainer
17:57:56 <sgallagh> And no problem with an updated 2.4 client connecting to an older 2.3 server?
17:57:56 <dazo> it should not be any problems for 2.3 clients to connect to 2.4 clients with this change
17:58:00 * jsmith has read the page several times, and is +1 to the change
17:58:00 <nirik> cool. Then +1
17:58:28 <Rathann> I like the change, but why cannot it be done in upstream code instead of via explicit parameter setting in the systemd unit?
17:58:30 <dazo> and if client updates to 2.4, it gets AES-GCM by default ..... and 2.3 clients can add --cipher AES-256-GCM to switch away from BF-CBC
17:58:35 <dazo> (and it would still work)
17:59:02 <sgallagh> dazo: Would work to connect to 2.3 servers silently, or requiring user intervention?
17:59:11 <Rathann> the documentation entry is kind of cryptic
17:59:12 <dazo> Rathann: we're working on a more comprehensive fix, but that needs to be done more carefully - as that is the C code changing
17:59:39 <Rathann> dazo: fair enough
17:59:47 <dazo> sgallagh: no change needed ... but if users decides to migrate to better ciphers, they can do that on a one-by-one approach
17:59:52 <sgallagh> ok
17:59:56 <sgallagh> Then I'm +1
18:00:00 <Rathann> +1 from me
18:00:10 <jforbes> +1 here
18:00:12 <sgallagh> dazo: Thank you for helping clarify
18:00:26 <dazo> Rathann: I'm willing to improve the cryptic docs ... but we can discuss that afterwards
18:00:42 <dazo> (it's hard to be less cryptic when you don't see the crypticness yourself :) )
18:00:50 <jsmith> #agreed "New default cipher in OpenVPN" is approved (+1:5,+0:0,-1:0)
18:00:52 <jsmith> Next up...
18:01:04 <jsmith> #topic Chinese Serif Fonts
18:01:04 <jsmith> #link https://fedoraproject.org/wiki/Changes/ChineseSerifFonts
18:01:41 <nirik> +1
18:01:45 <jsmith> I'm +1 -- seems rational
18:01:55 <Rathann> +1, but why does it need to be a change?
18:02:03 <maxamillion> +1
18:02:08 <jforbes> +1
18:02:24 <Rathann> it's a bit like authselect
18:02:47 <sgallagh> +1
18:02:55 <maxamillion> Rathann: yeah, that's a fair point
18:02:59 <ignatenkobrain> those Chineese guys not having Serif fonts ;)
18:03:06 <Rathann> and how to test section could use real examples to test
18:03:08 <ignatenkobrain> s/Chineese/Chinese/
18:03:27 <Rathann> like *which* Chinese website looks different (better?) when these fonts are available
18:03:49 <sgallagh> This is such a low-risk change that I'd rather just wave it through and move on, personally :)
18:04:51 <jsmith> #agreed "Chinese Serif Fonts" is approved (+1:6,+0:0,-1:0)
18:04:54 <jsmith> Next up...
18:05:05 <jsmith> #topic libpinyin 2.1
18:05:05 <jsmith> #link https://fedoraproject.org/wiki/Changes/libpinyin2.1
18:05:51 <Rathann> ok, this looks like a real change
18:06:59 <nirik> +1
18:07:03 <jsmith> I'm +1
18:07:09 <maxamillion> +1 here as well
18:07:15 <Rathann> doesn't really explain why you need to type less with the new method, but I assume it's obvious to Chinese users
18:07:56 <Rathann> +1
18:07:57 <sgallagh> I don't really like the lack of a contingency plan.
18:08:12 <Rathann> it says revert to old package versions
18:08:52 <jforbes> +1
18:08:55 <sgallagh> I also don't know enough about IME to know if this is really self-contained or if other packages need to start linking to libpinyin
18:10:15 <sgallagh> I'm +0 simply because I don't have enough domain-specific-knowledge here
18:10:49 <maxamillion> yeah, that's fair ... I don't know the reach of it either
18:11:09 <jsmith> #agreed "libpinyin 2.1" is approved (+1:5,+0:1,-1:0)
18:11:14 <jsmith> Next up...
18:11:22 <jsmith> #topic Platform Python Stack
18:11:22 <jsmith> #link https://fedoraproject.org/wiki/Changes/Platform_Python_Stack
18:11:29 <puiterwijk> sgallagh: that should not be needed I think
18:11:30 <jsmith> (We're almost done, I promise...)
18:12:03 <cstratak> I'm here if you have any questions about platform python
18:12:17 <sgallagh> OK, so this is a dependency for the modularity efforts
18:12:30 <sgallagh> To allow system tools to have a stable, known version of python 3 to rely on.
18:12:42 <sgallagh> And then be able to swap out the rest of the python stack as needed.
18:13:06 <sgallagh> I've been following this effort for a while, and I'm pretty comfortable with the plan. +1 from me
18:14:00 <jsmith> Seems reasonable to me, +1
18:14:13 <maxamillion> yeah, seems reasonable
18:14:14 <maxamillion> +=
18:14:17 <maxamillion> +1 *
18:14:18 <jforbes> I read through most of this after an unrelated pythonthing, it makes sense
18:14:20 <jforbes> +1
18:14:35 <nirik> +1 here. sad to go through some of the effort again, but oh well.
18:14:55 <Rathann> so how is that *different* from the current system-python?
18:15:08 <cstratak> Rathann, it's a replacement basically
18:16:00 <cstratak> essentially a new package will be created that dnf and it's dependencies will be able to depend on in the modular world
18:16:04 <Rathann> ok, but I can see that current python3 depends on system-python-libs and this proposal claims it'll be an independent module now
18:16:06 <sgallagh> Rathann: Also, system-python as a term is starting to be used for something else upstream
18:16:12 <sgallagh> So the name needs to change
18:16:16 <Rathann> or do I misunderstand something
18:16:27 <Rathann> right, no questions about the new name
18:16:33 <Rathann> and thanks for referencing upstream PEP
18:17:26 <Rathann> so will the plain python3 package depend on the new platform-python(-libs)?
18:17:37 <sgallagh> Rathann: platform-python *itself* will no longer be a subpackage of the python3 SRPM
18:17:43 <Rathann> like it does on system-python-libs now?
18:17:46 <sgallagh> It'll be maintained separately and stably
18:17:59 <cstratak> platfrom python and python3 will be separate packages
18:18:06 <sgallagh> cstratak can confirm, but the intent is for them to be completely independent
18:18:19 <Rathann> ok
18:18:26 <cstratak> different srpm's basically
18:18:33 <dgilmore> so thats different to before
18:18:50 <Rathann> +1
18:19:36 <jsmith> #agreed "Platform Python Stack" is approved (+1:6,+0:0,-1:0)
18:20:01 <jsmith> #topic OpenSSH Server Crypto Policy
18:20:01 <jsmith> #link https://fedoraproject.org/wiki/Changes/OpenSSH_Server_Crypto_Policy
18:21:21 <Rathann> ugh, depending on predefined comment in the config file?
18:21:26 <Rathann> is there really no better way?
18:21:27 <jsmith> I guess I'm leaning towards +1 for this, but would love to hear any concerns that someone might have
18:21:42 <sgallagh> So, I guess it will change the config for anyone who hasn't manually modified their config in the past. So there might be some limited breakage for clients that are trying to use the older algorithms
18:22:12 <Rathann> I'd have hoped openssh developed support for /etc/ssh/sshd_config.d/foo drop-ins by now
18:22:26 <Rathann> *sigh*
18:22:30 <sgallagh> Rathann: openssh upstream is... difficult about modifications of any kind
18:23:01 <nirik> +1 here
18:23:09 <Rathann> can I at least ask for some documentation on what to put in my own modified sshd_config to achieve the same thing?
18:23:18 <sgallagh> I suspect that any breakage we see would likely be with REALLY old clients connecting to the new server, and I'm okay with that. +1
18:23:34 <dgilmore> +1 here. I would like to see them work withupstream to make it simpler
18:23:35 <nirik> Rathann: definitely.
18:23:36 <sgallagh> Rathann: Like... a .rpmnew file?
18:23:43 <dgilmore> but given what is there now
18:23:48 <Rathann> sgallagh: right, thanks
18:23:54 <maxamillion> +1
18:23:55 <Rathann> +1, then
18:24:23 * Rathann notes that the Release Notes section is empty
18:24:40 <Rathann> and I guess there should be something there
18:24:42 <jforbes> +1
18:25:03 <jsmith> Rathann: Agreed
18:26:55 <dgilmore> Rathann: indeed there should be, but thats not a requirement at this point in time
18:27:02 <Rathann> right
18:27:15 <dgilmore> they have to have the release notes info as the completion deadlines loom
18:28:13 <jsmith> #agreed "OpenSSH Server Crypto Policy" is approved (+1:6,+0:0,-1:0)
18:28:23 <jsmith> #topic #1752 Dealing with non reviewed Changes after "Completion deadline (testable)" check point
18:28:24 <jsmith> .fesco 1752
18:28:24 <jsmith> #link https://pagure.io/fesco/issue/1752
18:28:26 <zodbot> jsmith: Issue #1752: Dealing with non reviewed Changes after "Completion deadline (testable)" check point - fesco - Pagure - https://pagure.io/fesco/issue/1752
18:29:04 <jsmith> I *think* we've done all the sub-bullets under this...
18:29:28 <jforbes> Yup
18:29:30 <jsmith> Other than agree to push the deadline out one week for the items
18:29:33 <jsmith> (obviously)
18:31:19 <dgilmore> we rejected most of them
18:32:04 <dgilmore> but i am +1 to the ones accepted
18:33:02 * nirik nods. me too
18:33:10 <maxamillion> same
18:33:57 <jsmith> I'm obviously +1 for it
18:34:18 <jsmith> Couple more votes, and we can call it good, and wrap up the meeting
18:34:21 <Rathann> +1
18:34:42 <jsmith> sgallagh, jforbes, kalev: Thoughts?
18:34:51 <jforbes> +1
18:34:59 <dgilmore> jsmith: I have one thing for open floor, that may need a issue opened and more discussion
18:35:04 <jsmith> OK.
18:35:06 <sgallagh> +1
18:35:55 <jsmith> #agreed #1752: Give items approved today one more week for Completion deadline (+1:7,+0:0,-1:0)
18:35:59 <jsmith> #topic Next week's chair
18:36:13 <jsmith> If I remember correctly, someone volunteered to take this week
18:36:21 <jsmith> Was it you, sgallagh?
18:36:21 * dgilmore would, but is on PTO next Friday
18:36:27 <dgilmore> jsmith: I think it was
18:36:35 <sgallagh> Yes
18:36:39 <sgallagh> I'll take it next week.
18:36:42 <jsmith> #agreed sgallagh to chair next week
18:36:46 <jsmith> #topic Open Floor
18:36:51 <jsmith> dgilmore: Take it away!
18:37:48 <dgilmore> so it seems that this week was not the first time we were not fully up2date on the schedule
18:38:05 <dgilmore> So I think it wuold be useful to make a small change to the meeting schedule
18:38:31 <dgilmore> and start with a reminder of deadlines passed in the last week, and ones coming in the next week or two
18:38:53 <nirik> sounds reasonable
18:38:55 <sgallagh> By meeting schedule you mean meeting agenda? Or am I misunderstanding?
18:39:00 <dgilmore> perhaps even doing things like calling out in the agenda that change deadlines are upcoming so get them submitted etc
18:39:09 <dgilmore> sgallagh: yes the agrenda
18:39:13 <dgilmore> agenda
18:39:20 <sgallagh> Just making sure I was following. Thanks
18:39:30 <maxamillion> dgilmore: +1
18:39:49 * dgilmore is happy to adjust the templates
18:40:14 <jforbes> Seems worthwhile
18:40:14 <maxamillion> dgilmore++
18:40:14 <zodbot> maxamillion: Karma for ausil changed to 3 (for the f26 release cycle):  https://badges.fedoraproject.org/tags/cookie/any
18:40:15 <jforbes> +1
18:40:19 <maxamillion> I like it
18:40:25 <jsmith> +1
18:40:34 <Rathann> good idea, +1
18:41:10 <sgallagh> Works for me. +1
18:42:07 <nirik> +1
18:42:19 <dgilmore> jsmith: ¡fin!
18:42:37 <jsmith> Any other topics for the open floor?
18:42:48 <jsmith> If not, I'll end the meeting in a minute (and finally get some lunch)
18:43:56 <dgilmore> #agreed FESCo meeting agenda to be updated to include last weeks schedule deadlines and upcoming deadlines (1:7 0:0 -1:0)
18:44:04 <dgilmore> get that in the notes
18:44:15 <jsmith> :-)
18:44:17 <dgilmore> #action dgilmore to update the wiki page for meetings
18:44:33 <jsmith> Ok, thanks everyone for an epic meeting!
18:44:35 <jsmith> #endmeeting