15:00:42 <jforbes> #startmeeting FESCO (2019-06-21) 15:00:42 <zodbot> Meeting started Fri Jun 21 15:00:42 2019 UTC. 15:00:42 <zodbot> This meeting is logged and archived in a public location. 15:00:42 <zodbot> The chair is jforbes. Information about MeetBot at http://wiki.debian.org/MeetBot. 15:00:42 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic. 15:00:42 <zodbot> The meeting name has been set to 'fesco_(2019-06-21)' 15:00:42 <jforbes> #meetingname fesco 15:00:42 <zodbot> The meeting name has been set to 'fesco' 15:00:42 <jforbes> #chair nirik, bowlofeggs, jforbes, zbyszek, bookwar, sgallagh, contyk, mhroncok, otaylor, ignatenkobrain 15:00:42 <jforbes> #topic init process 15:00:42 <zodbot> Current chairs: bookwar bowlofeggs contyk ignatenkobrain jforbes mhroncok nirik otaylor sgallagh zbyszek 15:00:51 <nirik> morning. 15:00:56 <ignatenkobrain> .hello2 15:00:57 <zodbot> ignatenkobrain: ignatenkobrain 'Igor Gnatenko' <i.gnatenko.brain@gmail.com> 15:00:57 <dustymabe> .hello2 15:01:00 <zodbot> dustymabe: dustymabe 'Dusty Mabe' <dusty@dustymabe.com> 15:01:02 <bookwar> .hello2 15:01:03 <zodbot> bookwar: bookwar 'Aleksandra Fedorova' <alpha@bookwar.info> 15:01:16 <bgilbert> .hello2 15:01:17 <zodbot> bgilbert: bgilbert 'Benjamin Gilbert' <bgilbert@backtick.net> 15:01:27 <mhroncok> .hello churchyard 15:01:28 <zodbot> mhroncok: churchyard 'Miro Hrončok' <mhroncok@redhat.com> 15:01:46 <bcotton> .hello2 15:01:47 <zodbot> bcotton: bcotton 'Ben Cotton' <bcotton@redhat.com> 15:02:11 <otaylor> .hello2 15:02:12 <zodbot> otaylor: otaylor 'Owen Taylor' <otaylor@redhat.com> 15:03:27 <mhroncok> sgallagh, ignatenkobrain, bookwar, contyk: congrats 15:03:45 <jforbes> So I wanted to start the meeting off with a welcome to ignatenkobrain 15:04:18 <ignatenkobrain> jforbes: mhroncok thanks 🙂 15:04:23 <nirik> welcome! 15:04:25 <jforbes> And a big thank you to bowlofeggs 15:04:28 <dustymabe> welcome all! 15:04:35 <nirik> and many thanks to bowlofeggs too... yeah. 15:04:47 <contyk> .hello psabata 15:04:48 <zodbot> contyk: psabata 'Petr Šabata' <psabata@redhat.com> 15:05:09 <jforbes> since it seems we have quorum, let's get started 15:05:12 <contyk> mhroncok: thanks 15:05:16 <jforbes> #topic #2133 F31 System-Wide Change: Disable Root Password Login in SSH 15:05:17 <jforbes> .fesco 2133 15:05:17 <jforbes> https://pagure.io/fesco/issue/2133 15:05:19 <zodbot> jforbes: Issue #2133: F31 System-Wide Change: Disable Root Password Login in SSH - fesco - Pagure.io - https://pagure.io/fesco/issue/2133 15:06:46 <mhroncok> my proposal stands: Let's defer this change until the technical issues are solved. 15:07:28 <bookwar> mhroncok: but change is about approving the work to resolve the issues 15:07:42 <bookwar> mhroncok: or what do you mean as "resolved"? 15:08:08 <mhroncok> when there is a plan that all the relevant maintainers agree on 15:08:15 * nirik wonders if there could be a kickstart version of the checkbox too... 15:08:15 <jforbes> "I plan to start on this soon, so we have it in place well before branching" from the bz seemed like resolution of the planning change 15:09:06 <bookwar> i think the anaconda bug contains this plan and agreement, doesn't it? 15:09:15 <jforbes> That was how I read it 15:09:47 * mhroncok looks 15:10:02 <ignatenkobrain> I don't think that anaconda bug has exact plan on how to solve issue, but there are some possible solutions mentioned in a bug. 15:10:04 <mhroncok> it seems so, sorry 15:11:09 <ignatenkobrain> So I think I'm pretty confident +1 on this one. In worst case, contigency plan contains necessary things to be done and beta freeze seems like good time for it. 15:11:16 <otaylor> I thought from my reading there was a definite plan to proceed adding a checkbox (not entirely a fan...) 15:12:56 <mhroncok> if that checkbox is the plan, I'd be happier if the change page described that plan 15:12:59 <nirik> I think we could approve/vote now and if it's not done, it uses it's contingency plan. 15:13:37 <nirik> it does have a link to the bug, but it's not very detailed indeed. 15:13:47 <contyk> nirik: +1 15:15:53 <nirik> so? vote? defer? 15:15:54 <jforbes> So shall we vote then, or is there more to discuss? 15:16:44 <contyk> let's vote 15:16:46 <otaylor> I think we can vote to approve the change, and provide feedback if we think the anaconda changes need more careful planning 15:16:48 <mhroncok> +1 to the change. I can ask for the description update in the ticket. 15:16:55 <ignatenkobrain> vote+ 15:17:04 <jforbes> +1 to the change as well 15:17:11 <bookwar> +1 for the change 15:17:20 <ignatenkobrain> +1 for the change 15:17:21 <nirik> +1 to the change. Should update the change page to have more info on the anaconda checkbox (where it is, what it does, etc) 15:17:21 <otaylor> +1 to the change (will put my own comment in the ticket about the anaconda part) 15:17:39 <contyk> +1, too 15:18:14 <jforbes> #agree 31 System-Wide Change: Disable Root Password Login in SSH is approved (+6,0,0) 15:18:38 <bcotton> jforbes: I think it's #agreed 15:19:04 <contyk> both works 15:19:19 <jforbes> #topic #2149 Proposal to change non-responsive maintainer policy 15:19:19 <jforbes> .fesco 2149 15:19:19 <jforbes> https://pagure.io/fesco/issue/2149 15:19:21 <zodbot> jforbes: Issue #2149: Proposal to change non-responsive maintainer policy - fesco - Pagure.io - https://pagure.io/fesco/issue/2149 15:19:23 <bcotton> oh, well nevermind then :-) 15:20:54 <mhroncok> let's vote on the general idea, later work on the exact wording and finally approve it then? 15:21:21 <nirik> I think we were getting close to wording... 15:21:27 <mhroncok> otherwise the bikeshedding might prevent us from moving this forward 15:21:33 <nirik> just perhaps need to consider the non maintainer case... 15:21:46 <jforbes> I think there is enough agreement on the general idea in the ticket. Do we want to defer a week to finish the wording? I don't see a point in 2 votes. 15:22:07 <nirik> how about we defer and also see if devel list has any input before we change it? 15:22:08 <mhroncok> that work for me as well 15:22:24 <jforbes> I can agree to that 15:23:01 <contyk> let's do that then :) 15:23:09 <nirik> who wants to start a thread? if no one else I can... 15:23:29 <ignatenkobrain> I suppose I can do that :) 15:24:05 <nirik> cool. thanks. 15:24:09 <jforbes> #agreed The proposal to change non-responsive maintainer policy is deferred while wording is fine tuned and it is discussed on devel list 15:24:28 <jforbes> #action ignatenkobrain to start a thread on the non-responsive maintainer policy 15:24:52 <jforbes> #topic #2151 F31 Self-Contained Change: Include several modules in the EFI build of Grub2 for security use-cases 15:24:52 <jforbes> .fesco 2151 15:24:53 <jforbes> https://pagure.io/fesco/issue/2151 15:24:54 <zodbot> jforbes: Issue #2151: F31 Self-Contained Change: Include several modules in the EFI build of Grub2 for security use-cases - fesco - Pagure.io - https://pagure.io/fesco/issue/2151 15:25:50 <nirik> this has buy in from grub2 maintainers right... 15:25:52 <contyk> it's quite fresh 15:26:32 <bcotton> nirik: yes, i confirmed that with them (the first time it was announced, they were surprised) 15:26:49 <nirik> yeah. If they are ok with it, then +1 here... 15:27:19 <jforbes> I am +1 here and was in the ticket 15:27:21 <ignatenkobrain> +1 to the change 15:27:33 <mhroncok> still 0 15:27:37 <nirik> although it really seems like it's sort of 1/2 done... to be a real useful change it would change anaconda to use it, but that can be down the road... 15:28:24 <jforbes> Yes, anaconda would make it more useful 15:30:35 <otaylor> +1 15:32:07 <otaylor> bcotton: the grub2 maintainres are listed on the proposal as owners, did that change from the initial state? 15:32:40 <bcotton> otaylor: iirc, the proposer listed them but hadn't talked to them about it first :-) 15:32:48 <mhroncok> oh my 15:33:02 <bcotton> otaylor: he has since gotten their buy-in on it 15:33:07 <jforbes> bookwar contyk? 15:33:21 <contyk> still +1 15:33:31 <jforbes> Oh right, you voted in ticket 15:33:41 <bookwar> +1 too 15:34:22 <jforbes> #agreed 31 Self-Contained Change: Include several modules in the EFI build of Grub2 for security use-cases is approved (+6,1,-0) 15:34:34 <jforbes> switched to agreed just for you bcotton :) 15:34:46 <mhroncok> :D 15:34:47 <bcotton> jforbes++ you're too good to me 15:34:48 <zodbot> bcotton: Karma for jforbes changed to 5 (for the current release cycle): https://badges.fedoraproject.org/tags/cookie/any 15:34:54 <jforbes> #topic #2152 "backport" branches in src.fp.o for backports to coreos stable streams 15:34:54 <jforbes> .fesco 2152 15:34:54 <jforbes> https://pagure.io/fesco/issue/2152 15:34:55 <zodbot> jforbes: Issue #2152: "backport" branches in src.fp.o for backports to coreos stable streams - fesco - Pagure.io - https://pagure.io/fesco/issue/2152 15:35:20 <mhroncok> 19 hours ago, I have not yet seen this 15:35:24 <jforbes> So this one is super new, like filed as I was making the agenda, but dustymabe asked if we could discuss it. I said we could, but I couldn't guarantee a decision today 15:35:48 * mhroncok goes to read it 15:35:49 * nirik hasn't read anything this morning 15:35:53 <jforbes> mhroncok: Yes, super new, and not exactly straight forward 15:36:49 <dustymabe> +1 15:36:59 <dustymabe> raising awareness, not expecting a vote today 15:37:16 <dustymabe> also bgilbert and I are here to field questions if any exist 15:37:20 * bgilbert waves 15:37:48 <bcotton> dustymabe: should this be discussed on devel first? 15:37:48 <otaylor> I'd like to see more thought put into alternate possible solutions before we vote on this. 15:37:54 * nirik is ok with it, but it may end up being a ton of work... hard to say. 15:38:31 <dustymabe> bcotton: not sure, is that something you would suggest ? 15:38:32 <jforbes> dustymabe: as I just commented in ticket, why would there be multiple branches? a single coreos-backport branch seems sufficient. If there were a 2nd CVE to address you would just add it to the first? 15:39:00 <bgilbert> jforbes: there might be separate bases for the `testing`, `stable`, and `next` streams 15:39:01 <mhroncok> dustymabe: how do you plan to "reuse" a branch? 15:39:12 <bgilbert> jforbes: I certainly hope that wouldn't be common 15:39:17 <bcotton> dustymabe: i would, but i'm only here in a non-voting capacity ;-) 15:39:55 <jforbes> dustymabe: Yes, package maintainers get picky about git branches. I am still annoyed at kernel branches that people accidentally (or intentionally) pushed WIP to years ago 15:40:17 <mhroncok> bcotton: I'm with you 15:40:17 <dustymabe> mhroncok: we'd basically merge what we want into that branch at the time we need it - the history wouldn't be pretty, but we proposed using tags to keep track of what commits were used for what rpms 15:40:24 <mhroncok> if this is not urgent, go trough devel@ first 15:40:49 <mhroncok> dustymabe: that sounds horrible 15:40:51 <dustymabe> otaylor: we're open to other more elegant solutions if they exist 15:41:19 <ignatenkobrain> I would prefer to have just one branch coreos-backports.. But generally I'm not happy with mid-branch fixes. +1 to mhroncok proposal 15:41:29 <dustymabe> there are several options discussed in the ticket. we talked with mattdm and releng (mohan) and it seems this proposal is what we came up with 15:42:20 <dustymabe> certainly open to better ideas :) 15:42:34 <dustymabe> mhroncok: bcotton: is the proposal to discuss on devel to see if there are better ideas out there ? 15:42:43 <mhroncok> dustymabe: realistically, when do you need a solution? 15:42:45 <mhroncok> dustymabe: yes 15:42:49 <jforbes> The reality is, there tend to be less than 10 critical CVE events in a given year. Things like MDS and SACK were multiple CVEs, but single events. 15:43:25 <jforbes> mhroncok: it is not a rush unless a disclosure suddenly makes it so :( 15:43:38 <dustymabe> jforbes: CVEs are a good example of when you'd need this, but there could be cases where we'd like to use this mechanism for regressions as well 15:43:46 <bookwar> dustymabe: so when you reuse branch, does it mean you reset it completely to point to another commit or you do merges and then get a very strange history 15:44:12 <dustymabe> bookwar: probably the strange history option - i don't think you can overwrite history in dist-git 15:44:32 <dustymabe> which is expected 15:44:53 <bgilbert> note that backports are not our preferred approach in any event. we'd prefer to just take the new package when that seems safe. 15:44:54 <ignatenkobrain> bookwar: no, you have to merge the other branch/commits 15:45:10 <jforbes> You can do what we do with stabilization. We don't do a merge, just change everything and commit it as a "catch up commit" 15:45:46 <otaylor> I don't see a reason to have branches with crazy history in dist-git permanently 15:45:49 <dustymabe> bgilbert: do we have a good answer for mhroncok on the "when do you need a solution"? 15:45:58 <mhroncok> I have some ideas, but I need to read all the requirements, this is too quick for me 15:45:59 <otaylor> Just have a branch for each event named in some descriptive way 15:46:22 <mhroncok> otaylor: that. also we could have those branches live in nondefault ref namespace 15:46:28 <otaylor> and if that's really annoying people, delete the branch and just leave the tags 15:46:30 <jforbes> dustymabe: the only odd thing there, if something like a kernel bug is filed on some older version such as you ship, the default answer would likely be "try the current kernel" 15:46:43 <bookwar> dustymabe: is there an expectation, how many cases like this would appear in let's say one release cycle? 15:47:13 <bgilbert> dustymabe, mhroncok: we don't _need_ a solution for day 1 of the preview release. it's a preview release; we can occasionally regress a bit. but it'd be good to have an answer "soon". 15:47:18 <mhroncok> "nondefault refs namespace" is probably not a proper git term 15:47:21 <dustymabe> jforbes: correct. there would be some divergence here from the rest of fedora proper, which is why we hope we don't use this often 15:47:59 <bgilbert> otaylor, mhroncok: if something like that is workable, I'd personally prefer it 15:48:01 <jforbes> otaylor: You can't delete a branch in dist-git. And even if you could, if this was something that ever ships (and it sounds like it always would be), wouldn't it have to be kept for compliance reasons? 15:48:33 <mhroncok> jforbes: not if you keep the tag 15:48:35 <dustymabe> jforbes: well the tag would be there 15:48:46 <otaylor> jforbes: you'd need a branch or a tag to keep the commits from being garbage collected, but otherwise the commits are pointed to from koji, and that should be fine for compliance 15:49:14 <mhroncok> dustymabe, bgilbert: can we meet next week and discuss this (and not steal this fesco meeting)? 15:49:21 <dustymabe> absolutely 15:49:29 <bookwar> to be honest I don't get what is the problem with having more branches, Aren't tag and branch the similar concept in git, it is a pointer to a hash of a commit, isn't it? 15:49:33 <dustymabe> i was about to say I think we've gone far enough to let people think about it some 15:49:37 <bgilbert> mhroncok: I'm out next week :-( 15:49:50 <bgilbert> but in general, yes, happy to meet 15:49:59 <dustymabe> i'll be around, and the discussion can continue in the ticket too 15:50:22 <jforbes> Yes, I expect there will be plenty more discussion in ticket. 15:50:36 <bgilbert> +1 15:50:38 <jforbes> Anyway, I didn't promise a vote, but it was asked that I bring it up, and I did. 15:50:46 <dustymabe> thanks jforbes 15:50:48 <bgilbert> jforbes: thanks 15:50:49 <mhroncok> #action mhroncok to draft some more ideas next week, will put everything in the ticket (mostly based on what was said here) 15:50:53 <dustymabe> this was productive I think 15:51:18 <mhroncok> dustymabe: can you please drop me an e-mail? I'm on PTO today and might forget to do this next week 15:51:37 <dustymabe> sure 15:51:47 <mhroncok> thanks 15:51:52 <jforbes> #agreed voting on backport branches is deferred and will be further discussed in ticket 15:52:09 <jforbes> #topic Next week's chair 15:52:53 <jforbes> any takers? 15:53:01 <contyk> guess I could if there's no one else 15:53:22 <jforbes> Thanks contyk 15:53:37 <jforbes> #action contyk will chair next meeting 15:53:43 <jforbes> #topic Open Floor 15:54:07 <jforbes> Anyone have anything for open floor? 15:54:14 <mhroncok> onboarding ignatenkobrain 15:54:24 <mhroncok> do we need a ticket? there's plenty of stuff 15:54:42 <nirik> a ticket would be lovely. Happy to do stuff, but want it all tracked... 15:54:43 <mhroncok> groups, badges, mailing lists, pagure rights whatnot 15:54:53 <mhroncok> on it 15:54:53 <jforbes> Oh right. I forgot there is no magic script that does all of that 15:54:55 <nirik> and perhaps we could make a sop/wiki page? 15:55:13 <mhroncok> there is somehting 15:55:13 <ignatenkobrain> .fesco 2154 15:55:15 <zodbot> ignatenkobrain: Issue #2154: Update FESCo membership with elections results - fesco - Pagure.io - https://pagure.io/fesco/issue/2154 15:55:20 <nirik> and could get it so others besides me could do it all. ;) 15:55:20 <contyk> also, is it time for another whenisgood? 15:55:33 <mhroncok> https://docs.fedoraproject.org/en-US/fesco/Updating_Fedora_Engineering_Steering_Committee_Members/ 15:55:43 <mhroncok> ignatenkobrain: is this meeting time OK for you, generally? 15:55:46 <ignatenkobrain> contyk: I'm fine with this time 15:56:22 <jforbes> Seems we are okay. Didn't even think about it since ignatenkobrain is typically involved in the meetings for one reason or another before elected 15:56:34 <bookwar> side-question, do we have anything fesco-specific at flock? 15:56:52 <jforbes> There is a modularity thing that we were tagged in 15:56:57 <bcotton> fwiw, i'm happy to handle the new/leaving member stuff as a matter of routine, if fesco is open to granting the appropriate privileges (and if you're not, i won't be hurt, i'll just keep filing tickets for you) 15:57:05 <jforbes> https://pagure.io/flock/issue/192 15:57:35 <mhroncok> nirik: https://pagure.io/fesco/issue/2156 15:57:38 <bookwar> jforbes: thanks 15:57:53 <nirik> bcotton: fine with me. don't want to overburden you, but if you are good with that being a FPM thing, fine 15:58:11 <ignatenkobrain> Do we actually have some FESCo session on a Flock? 15:58:14 <mhroncok> nirik, bcotton: +1 15:58:16 <ignatenkobrain> like where people can come and just ask us questions 15:58:30 <jforbes> bookwar: And we typically do a meeting in the same room, but it still has to be IRC based so that non attendees can participate 15:58:36 <contyk> we do panels sometimes 15:58:50 <contyk> it would be good to have one again 15:59:00 <ignatenkobrain> contyk: +1 15:59:06 <jforbes> There isn't a FESCo panel proposed that I see this year 16:00:06 <contyk> anyone wants to fix that? 16:00:09 <bcotton> for the sake of having a record in case anyone questions it: proposed #agreed the FPgM is authorized to update membership of FESCo mailing lists, Pagure groups, etc. 16:00:25 <bookwar> bcotton: +1 16:00:36 <contyk> +1 16:00:40 <mhroncok> bcotton: +1 16:00:52 <ignatenkobrain> +1 16:00:59 <ignatenkobrain> contyk: well, I guess I can open a flock proposal 16:01:11 <ignatenkobrain> Just need to find previous ones and copy description :) 16:01:16 <nirik> bcotton: +1 (and see me after meeting and we can sort out what you need for perms) 16:01:17 <contyk> ignatenkobrain++ 16:01:31 <bookwar> maybe start from beginning, who doesn't go to flock? 16:01:35 <jforbes> It is late, round 2 selection is already in process isn't it? 16:01:38 <bcotton> nirik: ack 16:01:49 <ignatenkobrain> jforbes: cfp is open until 1st of July 16:02:07 <jforbes> Oh, forgot it was extended 16:02:25 <jforbes> I will be there, skipping Defcon for it 16:02:47 <ignatenkobrain> I'm coming to Flock, already bought a bus tickets 16:03:17 * nirik hopes to be there 16:03:21 <bookwar> assuming contyk, probably enough for a panel 16:03:53 <contyk> I'll be there 16:04:47 <bookwar> then ignatenkobrain files a request and we just come :) 16:04:50 <mhroncok> bcotton: sorry for the duplicate ticket :( 16:04:56 <bcotton> mhroncok: no worries :-) 16:05:05 <bcotton> mhroncok: two tickets are better than none :-) 16:05:39 <jforbes> If there is nothing else for open floor, will close in 2 minutes 16:05:40 <ignatenkobrain> #action ignatenkobrain to open FESCo Panel ticket for Flock 16:06:07 <bcotton> jforbes: can you #agreed my proposal for the record if the vote supports it? 16:06:19 <bcotton> jforbes: or #agree :p 16:06:33 <jforbes> +1 16:07:12 <jforbes> #agreed the FPgM is authorized to update membership of FESCo mailing lists, Pagure groups, etc. (+5,0,-0) 16:07:23 <bcotton> thanks :-) 16:07:43 <jforbes> #endmeeting