[12:04] <ajmitch> should just be eth0 in the guest
[12:04] <lophyte> it'll act like an additional box on my network?
[12:04] <ajmitch> yes
[12:05] <lophyte> hrm..
[12:05] <lophyte> it won't even ping itself..
[12:06] <ajmitch> (network-script 'network-bridge netdev=eth1')
[12:06] <ajmitch> ignore the netdev=eth1 bit
[12:06] <ajmitch> but you should have something like that on the dom0
[12:06] <lophyte> I do
[12:07] <lophyte> though, here's the issue I had...
[12:07] <lophyte> my main interface is ra0
[12:07] <lophyte> so I did (network-script 'network-bridge netdev=ra0')
[12:07] <lophyte> but then networking wouldn't work on dom0
[12:10] <lophyte> should I be using eth0 in dom0?
[12:11] <lophyte> dom0/eth0 -> xenbr0 -> ra0 -> network ?
[12:11] <lophyte> and domU/eth0 -> xenbr0 -> ra0 -> network
[12:11] <lophyte> is that how it works
[12:13] <ajmitch> no, the bridging is from domU to dom0
[12:13] <ajmitch> so only domU/eth0 -> xenbr0 -> ra0 -> network
[12:13] <lophyte> hmm..
[12:13] <ajmitch> ra0 only exists in dom0
[12:14] <lophyte> so the question is, why does ra0 break in dom0 when I use network-bridge netdev=ra0
[12:15] <lophyte> cuz I should be using eth0 in dom0..
[12:15] <lophyte> I think
[12:18] <ajmitch> why?
[12:18] <ajmitch> do you even have an eth0 in dom0?
[12:19] <lophyte> yeah
[12:19] <lophyte> ugh.. this is confusing..
[12:19] <ajmitch> just use the interface that's normally connected & it ought to work :)
[12:19] <lophyte> no..
[12:19] <ajmitch> why it suddenly stops in dom0 is beyond me
[12:19] <lophyte> when I use network-bridge netdev=ra0
[12:19] <lophyte> ra0 says "no wireless extensions"
[12:19] <ajmitch> hm right
[12:19] <lophyte> though it creates pra0, which has wireless extensions
[12:20] <ajmitch> though this could be why I switched to eth1 (the wired interface)
[12:20] <ajmitch> since the ipw2200 was playing funny tricks
[12:20] <ajmitch> but this was also when i was testing 2.6.16 & the firmware was broken :)
[12:20] <lophyte> but I tried using pra0 and it didn't work either
[12:20] <ajmitch> I haven't set it to use wireless since then
[12:21] <lophyte> I don't really have a choice
[12:21] <lophyte> has to use wireless :|
[12:21] <ajmitch> laptop sits on top of my tower case usually
[12:21] <lophyte> this is a desktop ;)
[12:21] <ajmitch> fun
[12:21] <lophyte> hrm..
[12:21] <ajmitch> I could hardly put my main box on my desk :)
[12:22] <lophyte> haha
[12:22] <lophyte> okay, its a tower :P
[12:22] <lophyte> not a laptop
[12:22] <lophyte> but..
[12:22] <lophyte> paste warning
[12:23] <lophyte> nm
[12:23] <lophyte> in /etc/xen/xend-config.sxp, there's a little diagram...
[12:23] <lophyte> dom0: fake eth0 -> vif0.0 -> bridge -> real eth0 -> network
[12:23] <lophyte> domU: fake eth0 -> vifN.0 -> bridge -> real eth0 -> network
[12:24] <lophyte> so if I use netdev=ra0, it becomes "real ra0 -> network"
[12:24] <lophyte> but would the fake ones remain eth0, or become ra0?
[12:26] <ajmitch> hm
[12:26] <lophyte> and also...
[12:26] <lophyte> is fake eth0 called 'eth0' or peth0? :P
[12:27] <ajmitch> see reponse above
[12:27] <lophyte> hrm
[12:50] <Burgwork> wasabi_: rh uses a joined /etc/ldap.conf
[12:50] <wasabi_> How do they deal with maintainer scripts, or do they not?
[12:50] <Burgwork> no idea
[12:50] <Burgwork> looking at my FC4 machines
[12:50] <wasabi_> It might be fine to not deal with it, and move ldap.conf configuration completely into authtooll
[12:50] <wasabi_> And remove conffile from the files.
[12:51] <wasabi_> Get rid of the debconf questions on libnss-ldap, etc
[12:54] <Burgwork> yep
[12:54] <Burgwork> I think that works
[12:54] <Burgwork> whiprush: what does SLED 10 have?
[12:55] <Burgwork> but FC doesn't have our common-* stuff
[12:55] <Burgwork> at least 4 doesn't
[12:57] <Burgwork> also, fedora bundles pam_ldap.so in with nss_ldap
[01:00] <cliebow_> Burgwork:How do you plan to supply the functions smbldap-tools provides?
[01:02] <wasabi_> What functions are those?
[01:02] <cliebow_> those from smb.conf...adding machines passwrord changes
[01:03] <wasabi_> winbind.
[01:03] <wasabi_> In the case of AD.
[01:04] <cliebow_> i guess i need to read the spec..ive been working on perl stuff to replace the functions smbldap-passwd smbldap-useradd etc do
[01:04] <Burgwork> how does ccreds interact with nssdb?
[01:04] <wasabi_> It doesn't.
[01:04] <wasabi_> It's completely seperate.
[01:04] <Burgwork> right
[01:05] <wasabi_> You reading my novel?
[01:05] <Burgwork> 'cause db doesn't appear to cache auth stuff
[01:05] <Burgwork> no
[01:05] <wasabi_> It does not.
[01:05] <Burgwork> so I need both?
[01:05] <wasabi_> NSS does not involve auth.
[01:05] <cliebow_> why does ad come up?
[01:05] <wasabi_> Yes.
[01:05] <wasabi_> NSS involves only passwd/group entries.
[01:05] <cliebow_> in This situation
[01:05] <wasabi_> pam is hte "is your password correct?" pipeline.
[01:05] <Burgwork> right
[01:05] <wasabi_> Kerberos users have no entry in shadow.
[01:05] <wasabi_> No hashed password, etc.
[01:06] <Burgwork> auth    sufficient      pam_ldap.so <-- replace with pam_ccreds.so ?
[01:06] <wasabi_> pam_ldap shouldn't be used.
[01:06] <Burgwork> right
[01:06] <wasabi_> Oh, this is at your office?
[01:06] <Burgwork> yes
[01:06] <wasabi_> Ahh. You have no kerberos.
[01:06] <wasabi_> https://wiki.ubuntu.com/NetworkAuthentication/ScratchPad/Client#preview
[01:06] <wasabi_> Jump to my sample pam file.
[01:06] <wasabi_> And my long explanation of it's purpose.
[01:07] <Burgwork> and I discovered the pain when my ldap server decided to start using a dhcp addy
[01:07] <wasabi_> Hah.
[01:07] <Burgwork> still haven't figured why
[01:08] <Burgwork> given I have hacked /etc/network/interfaces to list it as static
[01:10] <Burgwork> wasabi_: your novel can assume more knowledge on the part of the read
[01:10] <Burgwork> ie: don't tell use what pam is, etc.
[01:10] <wasabi_> I don't want it to.
[01:10] <wasabi_> Also it's only one sentence.
[01:11] <Burgwork> I assume those assumptions are inherent throughout the text
[01:11] <wasabi_> You'd be suprised how many people don't actually understand PAM and NSS.
[01:11] <wasabi_> Again, I want this to be blogged about, and get people talking/interested.
[01:12] <lophyte> okay, spec time
[01:12] <Burgwork> that is way too long to a be blog post
[01:12] <wasabi_> It won't be IN a blog post.
[01:12] <Burgwork> still too long
[01:12] <wasabi_> Linked from, sure.
[01:12] <Burgwork> look, you need to catch peoples attention
[01:12] <Burgwork> novels don't do it
[01:12] <wasabi_> Actually, specifically, I need to sell it to mark.
[01:13] <wasabi_> So he'll pay for it.
[01:13] <Burgwork> that is not going to catch his eye either
[01:13] <Burgwork> remember, mark has add
[01:13] <Burgwork> ADD, raterh
[01:13] <wasabi_> Haha
[01:13] <wasabi_> I have ADD. It worked for me.
[01:13] <Burgwork> yours is probably treated
[01:13] <Burgwork> Marks is not
[01:13] <wasabi_> Mine isn't. =)
[01:14] <wasabi_> I don't get anything done if I do. =(
[01:14] <Burgwork> ok, if you must keep the fracking novel
[01:14] <Burgwork> at least point the point form stuff at the top
[01:14] <Burgwork> the todos, etc.
[01:14] <lophyte> would you guys mind a short discussion about directory services in general?
[01:14] <wasabi_> Sure.
[01:14] <Burgwork> then put everything else in a discussion section
[01:14] <wasabi_> I suspect you should read my novel though. ;)
[01:14] <lophyte> I sifted through it ;)
[01:14] <Burgwork> it looks interesting, in a text book way
[01:14] <Burgwork> I need facts and short bits, not learning
[01:15] <Burgwork> lophyte: shoot
[01:15] <lophyte> I just basically wanted to do a braindump of my own and see how it matches up with other people's visions
[01:15] <Burgwork> The NSCD daemon will run as root. <-- lets figure out a way around this, if possible
[01:15] <wasabi_> There is no way around it.
[01:15] <Burgwork> ok
[01:15] <wasabi_> Except to one run copy for every user.
[01:15] <Burgwork> question about your pam block
[01:15] <wasabi_> Including root.
[01:16] <wasabi_> Each with massively duplicated information.
[01:16] <wasabi_> And redundant LDAP queries.
[01:16] <Burgwork> if I don't run kerberos, can I just nuke that line?
[01:16] <wasabi_> Replace the line with pam_ldap
[01:16] <wasabi_> In some intelligent way.
[01:16] <lophyte> UDS (ubuntu directory services, not developer summit) should, imo, be a group of packages that can either work standalone or together..
[01:16] <Burgwork> wasabi_: ok
[01:16] <lophyte> USUS for example.. can be run on its own, but works better with other packages, ie the GPO-like configuration system
[01:17] <lophyte> so you've got network auth, update services, config deployment... all things that can be run standalone or together as one big system
[01:18] <lophyte> unlike AD which is one big bloated package that you take all or none
[01:18] <Burgwork> yep
[01:18] <wasabi_> Not really, but okay. ;)
[01:18] <wasabi_> WSUS is not tied to AD.
[01:18] <wasabi_> The only real tie is that you're forced to use both their LDAP and their KDC.
[01:18] <lophyte> well, no.. but you can't have SSO services without GPO services
[01:18] <Burgwork> wsus not tied to AD is a mistake on MS's part
[01:19] <wasabi_> lophyte: Well, you don't have to USE GPO.
[01:19] <lophyte> no, but its still there
[01:19] <wasabi_> For instance, I use other software to deploy software.
[01:19] <wasabi_> wpkg.sf.net
[01:20] <lophyte> is there any work being done on a GPO-like system?
[01:20] <wasabi_> https://wiki.ubuntu.com/NetworkAuthentication/Client   Moved my novel.
[01:21] <lophyte> another question.. is UDS going to be tied to specific packages, or is it going to be versatile and flexible?
[01:21] <lophyte> ie. you don't /have/ to use openldap and krb5-kdc
[01:21] <wasabi_> Depends what you mean by that.
[01:21] <Burgwork> wasabi_: can you forward that on to federico
[01:21] <wasabi_> addy?
[01:21] <Burgwork> lophyte: we are going to pick a best of breed ldap server
[01:21] <Burgwork> ask whiprush
[01:22] <Burgwork> ubuntu is about making decisions
[01:22] <lophyte> indeed
[01:22] <wasabi_> I suspuect UDS will be nothing but some automated utilities to install a server, configure it, and setup some schema.
[01:22] <wasabi_> No reason you can't setup your own server instead of using that.
[01:22] <wasabi_> That's sort of why we'll work with AD.
[01:23] <lophyte> but under the umbrella of 'UDS' includes our own centralized config deployment system
[01:23] <lophyte> and network auth
[01:23] <lophyte> and perhaps other packages
[01:24] <wasabi_> Sure... but again, the client component is just Ubuntu configured to talk LDAP/Kerberos.
[01:24] <wasabi_> NO reason you have to use our server component for that.
[01:24] <lophyte> right.. so you don't have to use the config system if you don't want to
[01:25] <Burgwork> no
[01:25] <wasabi_> I don't think there's anyway we could force you to do so.
[01:25] <Burgwork> but we are going to provide the complete stack, client and server
[01:25] <Burgwork> for the server side, we are going to choose technologies and go with them
[01:25] <lophyte> at a bare minimum, UDS is simply Ubuntu configured to talk LDAP/Kerberos on the client side, and LDAP/KDC on the server side
[01:26] <Burgwork> the client is fairly generic
[01:26] <Burgwork> the server is going to be much more specific
[01:26] <wasabi_> I wouldn't even consider UDS a product name.
[01:26] <lophyte> but you can install fancy extras on top of that.. ie. config system, usus, etc.
[01:26] <wasabi_> Really.
[01:26] <Burgwork> we are going to say OpenLDAP or FDS
[01:27] <lophyte> FDS?
[01:27] <Burgwork> fedora directory server
[01:28] <lophyte> why fedora?
[01:28] <Burgwork> because FDS is better than most out there
[01:28] <Burgwork> OpenLDAP vs FDS is debatable right now
[01:28] <Burgwork> and the world doesn't need another ds
[01:29] <lophyte> so what are we doing then?
[01:29] <Burgwork> need to evaluate both of them and decide
[01:29] <lophyte> if the world doesn't need another ds.. are we just making ubuntu work with existing DS systems?
[01:30] <wasabi_> Yes.
[01:30] <wasabi_> A DS is just a database though.
[01:30] <Burgwork> yes, but we also don't need to go out and fork an existing DS
[01:30] <wasabi_> Something has to install it, configure it, and set it up with proper information for clients to use it.
[01:30] <lophyte> ah, alright
[01:30] <wasabi_> I suspect we'd like to reduce that down to a single wizard on a server.
[01:31] <lophyte> so if we choose FDS, how would we migrate that into ubuntu?
[01:31] <Burgwork> there is a spec for that
[01:31] <lophyte> ah.
[01:31] <wasabi_> Somebody needs to package it.
[01:32] <lophyte> alright..
[01:32] <lophyte> I'm just more or less catching up to what's going on :P
[01:32] <lophyte> and figuring out what our goals are
[01:32] <Fujitsu> Doesn't it depend on pretty much everything on the planet?
[01:33] <Burgwork> Fujitsu: less everyday
[01:33] <Fujitsu> Burgwork: Good!
[01:33] <Burgwork> they are splitting out the web frontend, which requires non-free java, in the next release
[01:34] <lophyte> is FDS free?
[01:34] <Burgwork> yes
[01:34] <Burgwork> all RH stuff is open source
[01:34] <Burgwork> everything
[01:35] <wasabi_> Did you give me federico's email?
[01:35] <Burgwork> whiprush has it
[01:35] <Burgwork> just a sec, let me see if have it
[01:36] <wasabi_> oh yeah i remember now
[01:36] <Burgwork> federico@novell.com
[01:36] <wasabi_> This one:
[01:36] <wasabi_> http://primates.ximian.com/~federico/news.html
[01:36] <wasabi_> k
[01:38] <lophyte> Burgwork: you didn't get a tracking # for that package did you?
[01:38] <Burgwork> yep, but it is at home
[01:38] <lophyte> ah
[01:38] <lophyte> should check it
[01:38] <lophyte> my mom said she hasn't gotten anything by courier
[01:43] <Burgwork> it came by regular post
[01:44] <lophyte> how big is it?
[01:44] <lophyte> I wonder if the mailman stuffed it in the mailbox
[01:50] <Burgwork> envelope
[01:50] <lophyte> ah
[01:50] <lophyte> probably in the mailbox
[01:50] <lophyte> brb I'll check
[01:53] <ajmitch> right, I'm back
[01:54] <ajmitch> wasabi_: yes, I started packaging FDS, nothing new there
[01:56] <ajmitch> so of the todo list you have there, I've got stuff for the last 2.
[02:01] <lophyte> Burgwork: got it, thanks
[02:01] <Burgwork> perfect
[02:01] <lophyte> I'll hand them out tomorrow and pass some on to djp
[02:03] <lophyte> 1 down, 3 to go
[02:06] <Burgwork> wasabi_: just got bitten by https://launchpad.net/distros/ubuntu/+source/pam/+bug/67276
[02:08] <lophyte> Burgwork: is there a list of goals for the directory team somewhere?
[02:09] <Burgwork> our specs
[02:13] <lophyte> ah, good point
[02:19] <Burgwork> what is the FC equiv of /var/log/auth.log ?
[02:23] <Fujitsu> ajmitch: That's what PHP is for!
[02:24] <Fujitsu> Being ugly, and raged at.
[02:31] <lophyte> Burgwork: alright, I'm gonna start merging our braindump with /UpdateServer
[02:31] <Burgwork> perfect
[02:31] <lophyte> also, re: -ca approval.. I'm gonna put us on the CC agenda, is there anything else we need?
[02:31] <Burgwork> we need the approval form
[02:31] <Burgwork> did you see that?
[02:31] <lophyte> I glanced at it briefly
[02:32] <Burgwork> please fill that out
[02:32] <Burgwork> I am fighting with FC4
[02:32] <wasabi> Burgwork: Yeah. So... You see why we need C coders. ;)
[02:32] <Burgwork> ajmitch: got a stumper of a question of you
[02:32] <Burgwork> userdel claims that I am logged in
[02:33] <Burgwork> but I am, have no open files and have no running processes
[02:33] <Burgwork> what else should I check?
[02:33] <ajmitch> w
[02:33] <Burgwork> ?
[02:33] <ajmitch> w
[02:33] <ajmitch> type it
[02:34] <Burgwork> nope, doesn't list me
[02:34] <ajmitch> ok
[02:34] <Burgwork> no idea
[02:35] <Fujitsu> It's Fedora, does it need a reason to do crazy stuff?
[02:36] <Burgwork> no
[02:36] <Burgwork> I am currently on dapper
[02:36] <lophyte> oohhh burrrrn.
[02:36] <Burgwork> my boss wants a "homogenous" environment with our main office
[02:36] <Fujitsu> Ah, you said `I am fighting with FC4' :P
[02:36] <Burgwork> 1 Ubuntu machine, 2 FC
[02:36] <Fujitsu> I've never had userdel do that sort of thing to me.
[02:37] <Burgwork> wasabi_: how are you working around the ccreds brokenness?
[02:42] <wasabi> auth_err=reset
[02:42] <wasabi> Which is incorrect functionally, but works for now.
[02:42] <wasabi> It's returning auth_err.
[02:44] <ajmitch> what should it return?
[02:47] <Burgwork> right, o
[02:47] <Burgwork> ok
[02:49] <Burgwork> getent passwd corey --> uid 10000
[02:49] <Burgwork> chown corey:corey --> uid of home dir? 0
[02:52] <wasabi> ?
[02:52] <Burgwork> hmm, ok
[02:52] <Burgwork> that worked
[02:53] <wasabi> That's another interesting point... probably a place where i'd be willing to take a stand against everybody else.
[02:53] <wasabi> libnss-ldap should not make groups for users.
[02:53] <Burgwork> you mean, it shouldn't do the Ubuntu default?
[02:53] <wasabi> Nope. It shouldn't.
[02:53] <Burgwork> a corey group along with the corey user?
[02:53] <Burgwork> why not?
[02:54] <wasabi> Because it serves no real purpose, and muddles the issue tremendously... the LDAP server would have to have groups for each user.
[02:54] <wasabi> And make sure there were no conflicting gids, etc.
[02:54] <Burgwork> are we talking ldap groups or local groups?
[02:54] <wasabi> Neither really.
[02:55] <wasabi> I make my LDAP members primary group 65535, nogroup.
[02:55] <Burgwork> we shouldn't diverge from ubuntu
[02:55] <Burgwork> I don't see a benefit to diverging, so why do it?
[02:55] <wasabi> Because we have no way to not diverge.
[02:55] <wasabi> Unless you're going to mandate AD make a group for every user.
[02:55] <Burgwork> oh?
[02:56] <Burgwork> is that a bad thing?
[02:56] <Burgwork> we shouldn't shoehorn Ubuntu into Windows
[02:56] <wasabi> Hmm. I'd say so.
[02:56] <ajmitch> that's a lot of unnecessary groups
[02:56] <wasabi> No, certainly not, but we should carefully examine the reasons MS doesn't make a group for every user.
[02:56] <wasabi> ANd I assert that reason is because nobody suggested it, because they had no problem to solve.
[02:56] <wasabi> Because it solves no problem. =)
[02:57] <Burgwork> the groups one?
[02:57] <wasabi> Yes.
[02:57] <Burgwork> what about standalone machines?
[02:57] <wasabi> I believe the old-schoolr eason for doing it is because POSIX permissions are limiting.
[02:57] <wasabi> And you can only have one owner.
[02:57] <Burgwork> I find them quite elegant, actually
[02:57] <wasabi> So, in the case you want to share your folder with one other perosn, you setgroup it to him.
[02:58] <wasabi> Posix ACLs don't make that a problem anymore.
[02:58] <ajmitch> which is why windows never really needed a group per user
[02:58] <wasabi> Yup. THey were never working around a Posix permission set.
[02:58] <wasabi> They started with ACLs
[02:59] <wasabi> Anyways, so the options are thus: Either we leave it up to the admin to make a AD group for every user (not likely to happen)
[02:59] <wasabi> We mandate they do, no way to enforce it.
[02:59] <wasabi> We auto generate matching "fake groups" in libnss-ldap
[02:59] <wasabi> (horribly hacky, might make conflicting gids)
[02:59] <wasabi> Or we fix the problem that made us need a per-user group in the first place.
[02:59] <wasabi> Which is probably a better long term goal.
[03:00] <Burgwork> then write a spec for that
[03:00] <wasabi> local users can still have their own group, it hurts nothing.
[03:00] <Burgwork> and get it on the MTV
[03:00] <ajmitch> wasabi: so do you want to spec up ACLs enabled throughout ubuntu?
[03:00] <wasabi> Hmm. I don't think it's required at first.
[03:00] <Fujitsu> ajmitch: There's already a spec on that...
[03:00] <wasabi> And I think somebody else will do that. ;)
[03:00] <wasabi> Yeah.
[03:00] <ajmitch> Fujitsu: sure, but when might that get done?
[03:01] <ajmitch> there's a spec for nearly everything
[03:01] <wasabi> NOt having a per user group doesn't break anything.
[03:01] <ajmitch> doesn't mean it's useful :)
[03:01] <wasabi> It just makes it slightly more difficult to give a single user access to one of your files.
[03:01] <Fujitsu> ajmitch: True, but it's not difficult to implement...
[03:01] <ajmitch> other linux distros have managed fine without group-per-user
[03:01] <ajmitch> I think it's an option in debian
[03:01] <wasabi> I don't mind per-user groups for local stuff. It hurts nothing.
[03:01] <wasabi> Let it continue.
[03:02] <wasabi> My first user I create in Ubuntu is "admin".. and that creates an "admin" group.
[03:02] <wasabi> And that group has sudo access.
[03:02] <ajmitch> then let's break from that for remote users
[03:02] <wasabi> So I add remote users to the local admin group, to give other users sudo access.
[03:02] <wasabi> adduser jhaltom@DOM admin
[03:02] <wasabi> And that's worked wonderfully.
[03:03] <wasabi> Since all users require a primary gid, I've been using 65534 I believe, for nogroup.
[03:03] <wasabi> Which has no permissions.
[03:03] <wasabi> Other groups are secondary.
[03:04] <lophyte> hey guys, where can I find a decent ldap+kerb howto?
[03:04] <wasabi> Don't think there is one.
[03:04] <ajmitch> yeah 65534 is default for  nogroup it seems
[03:04] <lophyte> hah
[03:04] <lophyte> you're telling me ;)
[03:04] <wasabi> bayour had a good one.
[03:04] <ajmitch> decent?
[03:04] <wasabi> but it's been aging.
[03:04] <lophyte> okay, half-decent.
[03:04] <ajmitch> there are 1001 useful ones
[03:04] <ajmitch> none decent
[03:05] <lophyte> Burgwork: what's the news about UDS?
[03:05] <Burgwork> uds?
[03:05] <lophyte> MTV I mean
[03:05] <Burgwork> need to look into my finances
[03:05] <lophyte> I don't know if I'm comfortable with you sending me :P
[03:06] <ajmitch> we'll help relieve you of your finances, that's fine
[03:06] <lophyte> that's quite a bit of buck
[03:06] <Burgwork> ajmitch: heh
[03:06] <Burgwork> mine is pretty bad too
[03:06] <ajmitch> hopefully I get paid again before I get to the US
[03:06] <Burgwork> just slightly less worse
[03:06] <ajmitch> currently about $250NZD to last me until next payday
[03:07] <ajmitch> yay for being poor :)
[03:07] <lophyte> I have about $250CAD in my account
[03:07] <lophyte> but that's /all/ i have
[03:07] <Burgwork> how are you paying rent?
[03:07] <ajmitch> unemployed?
[03:07] <lophyte> that's what my girlfriend is for, Burgwork ;)
[03:08] <wasabi> How are ya'll poor? You have more skills than 95% of the populace.
[03:08] <Burgwork> ok, here is a fun one
[03:08] <ajmitch> of course this $250 is the $250 until I hit the overdraft &  credit card limit :)
[03:08] <ajmitch> wasabi: sure, find me a job that pays
[03:08] <wasabi> Odd.
[03:08] <Burgwork> wasabi_: I am poor 'cause I choose to work for a Linux company and didn't want to move
[03:08] <ajmitch> there just aren't many jobs in this field where I live
[03:09] <wasabi> I get 4 job postings a day coming across my in box.
[03:09] <wasabi> For ~100k
[03:09] <wasabi> Ya'll should move to the US! =)
[03:09] <ajmitch> lucky you - I wouldn't see that in a year :)
[03:09] <lophyte> lol
[03:10] <Burgwork> wasabi: lophyte is poor 'cause he doesn't know how much he is worth
[03:11] <wasabi> Ahh.
[03:11] <lophyte> hah, that's about right actually
[03:11] <ajmitch> and I'm poor because I waste my life writing php ;)
[03:12] <wasabi> I do C# and Windows. ;)
[03:12] <Burgwork> thing is, I wasn't willing to sell my soul and work on Windows anymore
[03:12] <lophyte> yeah, I don't think I am either
[03:12] <lophyte> I'd /really/ prefer to work in a linux environment
[03:12] <ajmitch> wasabi: you poor sod
[03:12] <wasabi> I don't have a moral problem with technology. I have a technological problem.
[03:12] <wasabi> WIndows pisses me off.
[03:12] <lophyte> I have both :P
[03:12] <ajmitch> I have a windows box that I work on, but all the code runs on the debian server
[03:13] <wasabi> Because it sucks in such obvious ways.
[03:13] <wasabi> And there's no way to improve it.
[03:13] <wasabi> ANd hence I believe money is to be made in superceeding that.
[03:13] <lophyte> Burgwork: did I ever tell you our plans for the Vista launch party in Toronto?
[03:13] <Burgwork> no
[03:13] <lophyte> bwahaha...
[03:13] <lophyte> djp and I (and a gang of people probably) are going to be putting up his 12-foot inflatable Tux outside the party
[03:14] <wasabi> The idea of a Vista release party confuses the shit out of me.
[03:14] <Burgwork> heh
[03:14] <Burgwork> hand out Ubuntu cds
[03:14] <wasabi> People who had nothing to do with the actual development of it praising it's launch?
[03:14] <wasabi> That sounds like religion to me.
[03:14] <lophyte> LOL
[03:14] <lophyte> good call
[03:14] <wasabi> If they'd worked to make a Linux distro, they can have a release party.
[03:14] <lophyte> but then again, what do you call Edgy release parties?
[03:15] <wasabi> Depends whose there. =)
[03:15] <lophyte> true enough
[03:15] <wasabi> Since so many people do actually contribute.
[03:15] <wasabi> And have a personal stake in it.
[03:15] <lophyte> good point
[03:15] <ajmitch> most people who go to those ubuntu release parties have no involvement in contributing to development
[03:15] <wasabi> Wonder if there's one around me.
[03:15] <lophyte> djp is supposedly having one, but he wouldn't tell me the date
[03:15] <lophyte> I bet its tonight, and nobody showed up because it was a last minute thing
[03:16] <ajmitch> I don't think we're planning any release party here in dunedin
[03:16] <lophyte> fyi, djp = a dude in toronto that owns the linuxcaffe
[03:18] <cliebow_>  wasabi:call it community chuckle
[03:18] <lophyte> Burgwork: yay for recruiting
[03:19] <lophyte> I just saw Em3rald say he was from Edmonton in #ubuntu-offtopic, so I pointed him over to -ca ;)
[03:21] <lophyte> brb, rebooting
[03:41] <wasabi> ANyboyd know much about libdb?
[03:42] <wasabi> berkely db
[03:43] <wasabi> http://www.macdevcenter.com/pub/a/mac/2003/12/09/active_directory.html  <--- Joining OS X to AD
[03:44] <wasabi> ajmitch: You might be interested in their interfaces.
[03:44] <ajmitch> seen it
[03:44] <wasabi> k
[03:45] <ajmitch> flatmate has a mac
[03:45] <wasabi> ahh
[03:45] <ajmitch> he works with some of this stuff at uni
[03:45] <ajmitch> teaching fellow/sysadmin in telecommunications
[03:45] <ajmitch> which is where I got into it
[03:46] <wasabi> Cool.
[03:46] <wasabi> I'm wondering if berkely DB can be used properly readonly.
[03:55] <lophyte> ugh.. xen networking...
[03:58] <lophyte> I'm still lost.
[03:59] <lophyte> anywho.. bbl.
[03:59] <lophyte> time for TV
[03:42] <robertj> stily me forgot to read my scrollback this morning :P
[04:49] <robertj> well I'm a happy boy, my RAID is _finally_ rebuilding itself
[04:50] <robertj> the RAID controller has internal ports only, so there is an inside-outside mounting bracket that goes where PCI cards normally go
[04:50] <robertj> and apparently one of those ports is flaky enough to cause problems
[04:52] <robertj> 48 hr rebuild time still sucks
[07:02] <whiprush> anyone around?
[07:04] <whiprush> Burgwork: ping
[07:04] <Burgwork> whiprush: pong
[07:04] <whiprush> Burgwork: where you working on an email list?
[07:04] <whiprush> I just got a mail from that guy in Indiana doing edubuntu in schools
[07:04] <whiprush> and he's very interested in discussion, etc.
[07:07] <Burgwork> I have a half written email, but I felll asleep last night
[07:07] <Burgwork> will do it today
[07:07] <Burgwork> whiprush: can you followup with mdz about n-a?
[07:07] <whiprush> ok, just wondering if that was on the drawing board.
[07:07] <whiprush> Burgwork: will do when I finish this mail
[07:07] <Burgwork> you writing to devel?
[07:07] <whiprush> I was pinging him on irc
[07:07] <whiprush> but I can do -devel
[07:09] <Burgwork> no ping him
[07:11] <whiprush> ok
[07:23] <robertj_> btw, I'd note that the AD stuff posted for mac is no longer current and has been redone in 10.4
[07:23] <robertj_> although I haven't looked at it
[07:25] <Burgwork> ah
[07:25] <whiprush> "Please give me your feedback. I believe Andrew Mitchell was working on this as a SoC project but was unable to finish it? I don't know his status at the moment, and will try to get in contact with him."
[07:25] <Burgwork> whiprush: that is old
[07:25] <whiprush> maybe we should do a quick status for mdz.
[07:25] <whiprush> yeah
[07:25] <whiprush> so has he looked at this yet then?
[07:27] <Burgwork> well, as soon as that email to -devel goes out, they will know
[07:27] <whiprush> ah
[07:27] <whiprush> I hope that dude's school has the funds to send him out.
[07:27] <whiprush> I was like "dude just come to mountain view."
[07:27] <whiprush> Burgwork: One of our states (Indiana) is mandating linux desktops for all public schools
[07:27] <Burgwork> ah
[07:28] <whiprush> so guys like him are a big PR win too.
[07:28] <Burgwork> I have heard fo that
[07:29] <Burgwork> whiprush: have you responded to the indiana guy
[07:30] <whiprush> yep
[07:30] <whiprush> just about 5 minutes ago
[07:31] <Burgwork> perfect
[07:31] <whiprush> filled him in on the new stuff, pointed to the specs, launchpad, etc.
[07:32] <Burgwork> score
[07:32] <robertj_> what does GPO stand for?
[07:32] <robertj_> Group Policy Something?
[07:32] <Burgwork> group policy object
[07:32] <whiprush> object
[07:35] <robertj_> from they way it's referred to you need...leprechauns? It seems to be a magical fix to problem X :)
[07:39] <Burgwork> whiprush: n-a has been accepted
[07:40] <Burgwork> https://features.launchpad.net/sprints/uds-mtv/+specs
[07:41] <whiprush> Burgwork: you're the man on so many levels.
[07:41] <Burgwork> I had nothing todo with it
[07:42] <whiprush> I just felt like fanboing you for a little bit
[07:42] <whiprush> roll with it
[07:43] <Burgwork> right
[07:43] <SimonAnibal> Howdy
[07:43] <whiprush> hi SimonAnibal!
[07:43] <SimonAnibal> Hello Jorge
[07:44] <whiprush> Burgwork: this is Simon from Indiana like I was talking about.
[07:44] <Burgwork> hey SimonAnibal
[07:44] <whiprush> SimonAnibal: meet Corey Burger.
[07:44] <whiprush> and robertj_
[07:44] <SimonAnibal> just got your e-mail
[07:44] <whiprush> and the rest. :D
[07:44] <SimonAnibal> and I'm glad someone else is doing all the hard work :-D
[07:44] <robertj_> Howdy SimonAnibal
[07:44] <SimonAnibal> Howdy all
[07:44] <Burgwork> well, we also need testers
[07:45] <robertj_> SimonAnibal: what's your background? Are you rolling Ubuntu at at a school, multiples schools, etc?
[07:45] <SimonAnibal> High School here in Indiana
[07:45] <SimonAnibal> One school
[07:45] <SimonAnibal> 9 Classrooms
[07:45] <SimonAnibal> 279 workstations
[07:45] <Burgwork> SimonAnibal: what do you do for auto updating?
[07:45] <SimonAnibal> ONE RING!
[07:45] <robertj_> Excellent
[07:45] <SimonAnibal> sorry
[07:45] <SimonAnibal> that was overly geeky
[07:46] <SimonAnibal> *fidgets nervously* I've not been doing updates this year
[07:46] <SimonAnibal> Last year I used Ghost, but this year I've just not had time
[07:46] <Burgwork> ah, ok
[07:46] <SimonAnibal> I literally scorched earth and re-imaged every workstation about once a week to keep them up to date
[07:46] <Burgwork> you might want to take a peek at the UbuntuSUS stuff
[07:46] <whiprush> indeed
[07:47] <SimonAnibal> So, this is the part where I'm supposed to say: "UbuntuSUS?"
[07:47] <Burgwork> https://features.launchpad.net/distros/ubuntu/+spec/ubuntu-update-server
[07:48] <Burgwork> does that meet your needs?
[07:48] <Burgwork> code doesn't exist yet, just a spec
[07:48] <Burgwork> but lophyte here is going to be working on it
[07:49] <SimonAnibal> wow
[07:49] <SimonAnibal> yes, meets the need
[07:49] <SimonAnibal> or at least a need
[07:50] <whiprush> Yep.
[07:50] <whiprush> It's no secret that there's tons of stuff we need.
[07:50] <whiprush> SimonAnibal: since last we talked I've learned that Novell will be putting resources in sabayon and pessulus development.
[07:51] <SimonAnibal> So, my concerns are: Updates (just addressed), Active Directory integration, Desktop management and lockdown (Sabayon and Pessulus?)
[07:52] <SimonAnibal> AD would be Kerberos and LDAP (maybe something else?)
[07:52] <whiprush> you got it
[07:53] <SimonAnibal> So
[07:53] <SimonAnibal> boy I'm glad you guys have a freenode channel
[07:54] <whiprush> Burgwork: was lophyte looking at the existing nwu code or doing something else?
[07:54] <SimonAnibal> So, basics - how do launchpad teams "work"?
[07:54] <SimonAnibal> I've got a launchpad account, and I wanna join
[07:56] <SimonAnibal> And unfortunately I don't think my high school will fly me out to California
[08:04] <SimonAnibal> ack!
[08:04] <SimonAnibal> Firefox died and I'm using ChatZilla
[08:04] <SimonAnibal> So, who else here is in an aggresively homogenous Microsoft shop?
[08:04] <Burgwork> whiprush: new stuff
[08:05] <Burgwork> nwu solves a different issues
[08:05] <Burgwork> SimonAnibal: I work and sell Linux
[08:05] <Burgwork> work with, rather
[08:05] <SimonAnibal> Before the Indiana ACCESS program our network was about 100% Microsoft
[08:05] <Burgwork> ah, wow
[08:05] <SimonAnibal> though they do use Linux on some servers downtown
[08:06] <Burgwork> SimonAnibal: did you figure out LP
[08:06] <Burgwork> ?
[08:06] <SimonAnibal> Anyhow, our corporate tech support structure was not happy about 300 new Linux boxes
[08:06] <Burgwork> heh
[08:06] <Burgwork> especially with 3 different distros across several schools
[08:07] <SimonAnibal> You're speaking from a state perspective, yes, 3 different distros across several schools
[08:07] <SimonAnibal> our school is the only one in our corporation that runs Linux
[08:08] <SimonAnibal> and our Linux is homogenously Ubuntu
[08:08] <SimonAnibal> Re: LP, I'm looking for a button called "Join", but I see such a thing does not exist
[08:08] <SimonAnibal> or I am blind
[08:08] <SimonAnibal> Anyhow, our corporate IS people said flat out "We will not support this, you are on your own"
[08:08] <SimonAnibal> "We only support Windows XP"
[08:09] <SimonAnibal> I found out recently that they've been moving since XP came out towards a 100% Windows XP deployment, so as to operate Active Directory in "native mode", whatever that is. So it seems they're pretty irritated to have 300 Linux workstations dumped in the middle of their plans
[08:11] <Burgwork> to join an Ubuntu machine to add currently takes work
[08:11] <Burgwork> ajmitch is working on making that easier, as easy as windows
[08:12] <Burgwork> s/add/AD/
[08:13] <SimonAnibal> Yeah, and I'm grateful for that
[08:13] <SimonAnibal> But they're not concerned about how much work it's going to take
[08:13] <SimonAnibal> They're not doing any of the work
[08:13] <Burgwork> yep
[08:13] <SimonAnibal> And with that in mind, they still want to get rid of everything non-Microsoft
[08:14] <SimonAnibal> I've heard they're thinking of segregating all the Linux workstations in their own subnet
[08:14] <Burgwork> that is crack
[08:14] <Burgwork> and very MS-thinking
[08:14] <SimonAnibal> and cut it off completely from the Microsoft network
[08:14] <SimonAnibal> yeah, so I figure if I can demonstrate that they'll play nice, I can punch holes in their logic
[08:17] <SimonAnibal> My question is, is there some benefit (from their point of view) to having a 100% MS network?
[08:17] <SimonAnibal> Does anybody in here know?
[08:17] <SimonAnibal> (I mean in the context of they're not being asked to support any non-MS clients)
[08:17] <Burgwork> yes, head-in-the-sand-thinking
[08:17] <Burgwork> I used to work for such a company
[08:18] <SimonAnibal> that's not really a benefit, I'm looking for something more concrete like "it's easier to manage the network with AD in 'native mode'"
[08:18] <Burgwork> no, it isn't
[08:18] <SimonAnibal> Ok, I give up, how do I join a Launchpad Team?
[08:18] <Burgwork> at least, as of server 2k it wasn;t
[08:18] <Burgwork> go to our LP team page
[08:18] <Burgwork> click join
[08:21] <SimonAnibal> :-/ the only instance of "join" is in "Membership policy:  Open Team. Any user can join and no approval is required. "
[08:21] <SimonAnibal> Ah, there I see it
[08:21] <SimonAnibal> strange
[08:23] <SimonAnibal> I get it, I was at https://features.launchpad.net/people/ubuntu-directory
[08:23] <wasabi_> hi
[08:23] <Burgwork> hey wasabi_
[08:26] <SimonAnibal> I was just listening to Chris DiBona's podcast with Jeremy from Samba. I'm addicted to podcasts recently
[08:28] <wasabi_> I see a lot of discussion.
[08:28] <wasabi_> What was all that about? Somebody distill it. ;)
[08:28] <Burgwork> SimonAnibal here has 250+ ubuntu workstations in an indiana school
[08:28] <Burgwork> he wants to be able to link them with AD
[08:29] <wasabi_> Fun.
[08:29] <SimonAnibal> Well, NEED is more accurate
[08:29] <wasabi_> Heh.
[08:29] <Burgwork> he also was droolling over the update server
[08:29] <SimonAnibal> I don't particularly WANT to deal with this
[08:29] <SimonAnibal> nodnod
[08:29] <SimonAnibal> And Sabayon
[08:29] <wasabi_> Well, it can be done, but it'll take a lot of knowledge on your part right now.
[08:29] <wasabi_> Are you up for it? :)
[08:29] <Burgwork> SimonAnibal: the other piece you need is http://live.gnome.org/Glocke
[08:30] <SimonAnibal> This page does not exist yet. You can create a new empty page, or use one of the page templates. Before creating the page, please check if a similar page already exists.
[08:30] <SimonAnibal> did you mean http://live.gnome.org/Glockenspiel?
[08:31] <Burgwork> yes
[08:32] <SimonAnibal> I'm checking it out
[08:32] <SimonAnibal> So, lots of great concepts
[08:32] <SimonAnibal> what can I do to help them become real products?
[08:33] <Burgwork> help federico with real world use cases
[08:34] <SimonAnibal> I'm inexperienced but willing
[08:35] <SimonAnibal> and I gotta go run TVs around the school now, bbiab
[08:48] <whiprush> mixed mode is when you support NT4 workstations on an AD
[08:48] <whiprush> which disables some features for AD.
[08:48] <whiprush> going native means you don't have to deal with them
[08:48] <wasabi_> Believe it also means LanMan hashes are not generated.
[08:50] <ajmitch> morning
[08:50] <wasabi_> Oh yes, in mixed mode the DC runs the services neccassary for a NT4 BDC to pull from.
[08:53] <whiprush> I run all native and my ubuntu machines work fine
[08:53] <wasabi_> Ayup.
[08:54] <whiprush> his windows guys probably think that they have to run in nt4 mode to support the linux machines.
[08:56] <wasabi_> The Linux machines can participate as fully secured AD members.
[08:56] <wasabi_> Including Kerberos authentication and LDAP access using Kerberos.
[08:56] <whiprush> yep
[08:57] <wasabi_> The will appear in AD as computer accounts, just like Windows.
[08:57] <wasabi_> And they will need their own tickets to even be able to talk to windows services.
[08:57] <whiprush> yep, they show up in the AD management tools
[08:57] <wasabi_> Obvioulsy GPO doesn't work with them.
[09:00] <robertj_> SimonAnibal: pretty much the only advantage from a networking perspective is that you could, with appropriate hardware, require anti-virus & firewall stuff before even getting routed to the outside world
[09:00] <robertj_> SimonAnibal: but _nobody_ I know is actually using that stuff thankfully
[09:02] <ajmitch> robertj_: sadly I do
[09:02] <ajmitch> robertj_: small businesses using the ISA firewall client - makes it hard to get a linux box on the network
[09:04] <SimonAnibal> This has been incredibly informative
[09:04] <SimonAnibal> I'm passing this information along to my boss for his perusal
[09:04] <whiprush> SimonAnibal: idle around for a while, wait until wasabi and ajmitch REALLY get going
[09:05] <SimonAnibal> And all I had to do was go push some TVs around
[09:05] <SimonAnibal> I'm actually now done with my work day
[09:05] <ajmitch> whiprush: haha
[09:05] <whiprush> SimonAnibal: do you talk with your counterparts in the other districts?
[09:06] <SimonAnibal> Well, I'm going to be representing Canonical at the next CINLUG meeting where I expect some of my counterparts will be
[09:06] <robertj_> wasabi: so is the plan to implement a subset of GPO where applicable or to come up with a full alternative?
[09:06] <whiprush> excellent.
[09:06] <SimonAnibal> but normal not
[09:06] <SimonAnibal> normally
[09:06] <SimonAnibal> I'll be promoting the ubuntu-education community mainly
[09:07] <whiprush> sweet
[09:07] <whiprush> maybe they'll be impressed with where we're going and climb aboard.
[09:07] <whiprush> SimonAnibal: work is sending me to the conference because we need this too.
[09:07] <whiprush> so you can ring the "academic alliance" bell a few times, heh.
[09:08] <SimonAnibal> I hope I can convert some
[09:08] <SimonAnibal> hm?
[09:08] <whiprush> "There are other schools doing this too ..."
[09:08] <whiprush> to convince management, etc.
[09:08] <SimonAnibal> Ah!
[09:08] <SimonAnibal> of course
[09:08] <SimonAnibal> I want to relate the Ubuntu creation story
[09:08] <whiprush> I whip out that Trump card all the time.
[09:08] <SimonAnibal> I think it's a good story/intriguing introduction
[09:09] <whiprush> "Hey, U of M is doing this, we don't want to be left behind." etc.
[09:09] <SimonAnibal> Well, the main pain with that is that I'd be luring them from Novell, who as far as I know have this directory stuff pretty much down
[09:09] <SimonAnibal> :-/
[09:09] <whiprush> oh.
[09:10] <whiprush> luckily we're friends with them
[09:10] <SimonAnibal> So I'm going for the community angle
[09:10] <whiprush> there's lots of things to learn from each deployment
[09:10] <SimonAnibal> nodnod, I don't want to HURT Novell, but I do want to score converts for Ubuntu
[09:10] <whiprush> heh
[09:10] <SimonAnibal> weird situation
[09:11] <SimonAnibal> I'd rather win converts from people who don't know Linux yet, so we can spread our user base without hurting the other projects out there
[09:11] <whiprush> yep
[09:11] <SimonAnibal> I admire what Novell and Red Hat have done for the community
[09:11] <SimonAnibal> I just think Ubuntu is the next logical evolutionary step.
[09:11] <whiprush> a guy from Novell will be at our spec braindumps, heh
[09:12] <SimonAnibal> Jeremy?
[09:12] <whiprush> yeah
[09:12] <SimonAnibal> I was just saying I was listening to him on FLOSS Weekly
[09:12] <whiprush> he's good people, we should have a great time.
[09:12] <SimonAnibal> awesome
[09:13] <SimonAnibal> Too bad there's no money to support the project
[09:13] <SimonAnibal> It's all deployment money and teacher professional development money
[09:13] <whiprush> he
[09:13] <whiprush> heh
[09:13] <SimonAnibal> So I doubt I'll ever get them to foot my bill for anything
[09:13] <SimonAnibal> I went to Ohio LinuxFest on my own dime
[09:14] <whiprush> that's ok, with all of us together we all have something to contribute
[09:14] <SimonAnibal> One day, I'll be making a living on this stuff
[09:14] <whiprush> yeah, I have it pretty good, surrounded by linux.
[09:15] <whiprush> a little bit of windows stuff
[09:15] <whiprush> but that's always nice to know to keep the skills up
[09:15] <SimonAnibal> I get paid $8/hr, 7hrs/day, 35 hrs/wk, 180 days/yr.
[09:16] <SimonAnibal> Which, frankly, sucks...I love the work, don't get me wrong
[09:16] <SimonAnibal> I feel like a fish in water
[09:16] <whiprush> heh, I took a pay cut to work at this U just to work on linux.
[09:16] <Burgwork> I took a pay cut to sell Linux
[09:16] <whiprush> but, if you factor in the costs of going back to school, I come out ahead.
[09:16] <whiprush> plus I don't deal with shit like Outlook anymore
[09:16] <whiprush> this makes me a happy camper
[09:17] <SimonAnibal> I just started working with all this stuff on top of my other responsibilities
[09:17] <SimonAnibal> So I provide 100% of the support on almost 300 computers on top of my job...and now I've put myself in the position where if I leave I feel this program will come to a grinding halt
[09:18] <ajmitch> you people get *paid* for this? ;)
[09:18] <SimonAnibal> which makes me feel bad thinking about moving on to a different job
[09:18] <SimonAnibal> cause I'm really invested in this community and this project, personally
[09:18] <whiprush> hardcore.
[09:19] <SimonAnibal> but, you know, I've got my whole life ahead of me
[09:19] <SimonAnibal> and $10,000 a year isn't going to cover any of my hopes and dreams
[09:19] <whiprush> how old are you?
[09:19] <SimonAnibal> I only survive by living with my mom (cramped house, my fiancee and I, my mom, my much older brother, and our 4 furry children)
[09:19] <SimonAnibal> I'm 23
[09:20] <whiprush> dang, it's like hispanic Full House
[09:20] <SimonAnibal> And, to add insult to injury, I don't have a computer to play with at home
[09:20] <robertj_> Umm, leave em
[09:20] <SimonAnibal> *lol* Actually I'm the only Hispanic in the house
[09:20] <robertj_> go find a better job
[09:21] <SimonAnibal> yeah, I know that's the logical conclusion
[09:21] <robertj_> let them go back to pirating windows and go work somewhere decent
[09:21] <whiprush> It took me 10 years to find a linux-related job, I'm going to retire here if I can get away with it, heh.
[09:21] <SimonAnibal> I've bitched to my bosses about it, though, and pointed out all the reponsibilities I've taken on on the off chance that the corporate machinery could be moved to realize they need me enough to pay me what I'm worth
[09:21] <SimonAnibal> I believe in Ubuntu, and I believe in education
[09:22] <SimonAnibal> If I didn't have to worry about money, THIS is what I'd be doing as a hobby to pass the time
[09:22] <SimonAnibal> you know?
[09:22] <SimonAnibal> it's hard to walk away from that
[09:22] <robertj_> SimonAnibal: tell them you need a raise, can't afford to live, and are taking time off to look at your options
[09:22] <SimonAnibal> only to go to a job that I hate where I make decent money
[09:22] <whiprush> the project is pretty high-visibility Linux-deployment wise
[09:22] <whiprush> who knows, maybe someone will come looking for him when it's done.
[09:23] <Burgwork> yep
[09:23] <robertj_> whiprush: "done"?
[09:23] <whiprush> heh, good point.
[09:23] <SimonAnibal> That's another hope I have, that this experience and visibility will be worth something in the long run
[09:23] <SimonAnibal> well, worth something tangible
[09:23] <whiprush> I got some job offers at linuxworld and i don't do /shit/ but blog about ubuntu.
[09:23] <whiprush> So there's definately a need out there for people like us
[09:24] <SimonAnibal> I think what I'm doing should be worth something to someone. I mean why is our military so well-funded when we're churning out illiterate high school graduates and cutting back the education budget?
[09:24] <robertj_> SimonAnibal: $7.50 is chump change in the states
[09:25] <SimonAnibal> it is
[09:25] <whiprush> yeah, we pay our student-employees like, 9 bucks
[09:25] <SimonAnibal> which makes me a chump
[09:25] <robertj_> SimonAnibal: Dude, the principle at your school is probably pulling down $100-150k
[09:25] <robertj_> whiprush: some of may lab workers get paid 10
[09:25] <SimonAnibal> Well, he's a brand new principal, so he'd be a little lower than that, but your point is valid
[09:25] <ajmitch> whiprush: yeah, I should so start blogging about this :)
[09:26] <SimonAnibal> my boss directly over me makes at least 4 or 5 times as much as I do
[09:26] <ajmitch> throw up a few screenshots, etc :)
[09:26] <robertj_> whiprush: the issue is not that there isn't enough money in the game, it's that someone is getting to it before you are. And if there is a 2x increase in funding you will see a cost-of-living increase and they will fatten their take, that's how it works everywhere
[09:26] <robertj_> SimonAnibal: what's your bosses name?
[09:26] <whiprush> ya
[09:26] <SimonAnibal> My direct boss?
[09:26] <SimonAnibal> Steve
[09:26] <whiprush> ajmitch: yeah dude ... publicity always gets people involved, etc.
[09:26] <robertj_> the head honcho at the school
[09:26] <robertj_> first & last, I can look it up & let you know
[09:26] <SimonAnibal> Jeff Henderson
[09:26] <SimonAnibal> Jeffry, actually
[09:27] <ajmitch> whiprush: then dholbach can stop nagging me to get on the planet
[09:27] <whiprush> Look at Burgwork, he's a sales weeny and already has an Ubuntu book under his belt.
[09:27] <whiprush> ajmitch: heh. YOu know you can add yourself to planet right?
[09:27] <SimonAnibal> Oh, THAT Corey Burger
[09:27] <SimonAnibal> heh, I have a copy of the book right here
[09:27] <whiprush> see?
[09:27] <Burgwork> the one and same
[09:27] <whiprush> famous.
[09:27] <ajmitch> SimonAnibal: yeah, the infamous one
[09:28] <SimonAnibal> I got it for getting the Ohio LinuxFest organizer a drink
[09:28] <ajmitch> whiprush: I know I can add myself to planet - I need some content first
[09:28] <robertj_> ajmitch: is he new to Indiana? He doesn't seem to bel isted here
[09:28] <robertj_> err SimonAnibal, not ajmitch, sorry
[09:28] <whiprush> ajmitch: blog about this stuff.
[09:28] <ajmitch> :)
[09:28] <SimonAnibal> and I got Ubuntu hacks for just saying I'd invite my bosses for next year
[09:28] <ajmitch> whiprush: I will
[09:28] <whiprush> it'll get more interest
[09:28] <whiprush> more attention, etc. etc.
[09:28] <SimonAnibal> This is his first year as a principal
[09:28] <SimonAnibal> I think
[09:28] <SimonAnibal> maybe last...
[09:28] <SimonAnibal> Last it was
[09:28] <ajmitch> for the sake of the project
[09:28] <robertj_> SimonAnibal: hehe, what's steves last name then?
[09:29] <robertj_> http://www2.indystar.com/state_salaries/ <-- take a peek for yourself
[09:29] <lophyte-> anyone around?
[09:29] <SimonAnibal> Cole
[09:30] <Burgwork> robertj_: we are trying make him not leave his job, not make him more depressed about how little he gets paid
[09:30] <lophyte-> hey Burgwork
[09:30] <SimonAnibal> He's not there either
[09:30] <Burgwork> hey lophyte
[09:30] <whiprush> hi lophyte-
[09:30] <lophyte-> hey whiprush
[09:31] <lophyte-> I'm working on the uus spec.. and i've run into something that doesn't make sense..
[09:31] <SimonAnibal> Noone I know here is on that list
[09:31] <whiprush> lophyte-: ok
[09:31] <lophyte-> why would we download Packages.gz/Releases from the dapper/edgy repo if those packages are frozen on release?
[09:31] <ajmitch> ok, back later
[09:32] <lophyte-> for an update server, it would never need to access the main repo... only -updates and -security
[09:32] <whiprush> I agree
[09:33] <lophyte-> also, storing all this information in the filesystem seems kinda disorganized.. but I don't know if its worth while to use mysql or postgre
[09:33] <whiprush> how about something like sqlite?
[09:33] <lophyte-> the uus server would need to keep track of a) updates available upstream, b) which updates are required by which clients, and c) which packages are installed on which clients
[09:33] <lophyte-> and tracking that via files is messy imo
[09:34] <lophyte-> if that info was stored in a db it'd be so much easier for comparison/storage/retrieval
[09:34] <robertj_> lophyte-: are you doing the implementation?
[09:34] <whiprush> sqlite seems appropriate for this
[09:34] <lophyte-> robertj_, yes
[09:35] <lophyte-> robertj_, I'm working on the spec right now though
[09:35] <lophyte-> whiprush, I'll look into that
[09:35] <robertj_> lophyte-: were you here for my suggestion that it be in twisted w/ xmlrpc?
[09:35] <lophyte-> I remember you briefly mentioning xmlrpc, but thats about it
[09:35] <lophyte-> care to elaborate?
[09:36] <robertj_> lophyte-: and that the web client would also communicate over xmlrpc & not use apache
[09:37] <robertj_> but include derive from the twisted HTTPServer class
[09:37] <SimonAnibal> Alright, and as you move to a higher plane in the conversation I have important personal business to attend to (including, but not limited to, getting the hell out of here)
[09:37] <whiprush> I wonder what pup does (the fedora one)
[09:37] <SimonAnibal> sruiz@mccsc.edu - http://indianalinux.blogspot.com if you wanna get ahold of me
[09:37] <SimonAnibal> I'm on the Launchpad team now, and I plan to start idling here when I'm on
[09:37] <SimonAnibal> So I'll see you all around
[09:37] <whiprush> cool
[09:37] <lophyte-> see ya
[09:38] <whiprush> thanks for dropping by
[09:38] <SimonAnibal> Thanks for clueing me in
[09:38] <whiprush> <3
[09:38] <SimonAnibal> Por curiosidad, me puedes entender en este idioma?
[09:39] <whiprush> <-- doesn't speak spamish
[09:39] <whiprush> spanish either.
[09:39] <lophyte-> <-- doesn't either
[09:39] <lophyte-> spamish, hehe
[09:39] <SimonAnibal> yeah, just checking
[09:39] <SimonAnibal> I said "Out of curiosity, can you understand me in this language?"
[09:39] <Burgwork> whiprush: pup is our update-manager
[09:39] <SimonAnibal> now for real
[09:39] <lophyte-> Burgwork, FSOSS sucked, btw
[09:40] <Burgwork> lophyte: is it done already?
[09:40] <whiprush> Burgwork: yeah I see that, I'm looking for whatever they replaced up2date with
[09:40] <lophyte-> nope, i left early because i didn't pay for registration and didn't wanna keep sneaking into talks :P
[09:40] <whiprush> for the RHN integration thing
[09:40] <lophyte-> the other guys were more interested in attending the seminars
[09:40] <whiprush> lophyte-: dang.
[09:41] <lophyte-> there weren't any other tables.. it was just kinda awkward
[09:41] <lophyte-> I snuck into an interesting seminar on marketing foss though
[09:41] <lophyte-> it was really interesting
[09:45] <lophyte-> but anywho... back to uus
[09:46] <lophyte-> i think it would make sense to store package and tracking info in a db...
[09:46] <lophyte-> when the client-side update checker is triggered, it checks whether or not it has reported its package list to the server.. if not, it sends a full package list, and the server stores it in a db
[09:47] <lophyte-> when updates are made.. the client machine makes a copy of dpkg.log, updates, and diff's the two dpkg logs and pushes the diff to the server
[09:47] <lophyte-> the server takes the diff, analyzes it and updates its tracking info as necesary
[09:55] <whiprush> "rhnsd" is the Red Hat Network Daemon. Every other hour, it sends a request to Red Hat Network asking for any notifications or updates and works in coordination with Red Hat Network to schedule automated tasks. It sends information to Red Hat Network only requested by you. If you add a new system using the Red Hat Network web interface, the next time the Red Hat Network Daemon probes Red Hat Network it receives a request to return the inform
[10:10] <Burgwork> can we build our client side stuff into update-manager?
[10:11] <lophyte-> that's what I was planning
[10:11] <Burgwork> in that case, you need to talk to mvo
[10:12] <lophyte-> how do I go about that?
[10:14] <Burgwork> write up the client side code changes
[10:14] <Burgwork> then run them past him
[10:14] <lophyte-> alright
[10:14] <lophyte-> how would the update-manager discover if there's a uus server?
[10:15] <Burgwork> need to be configured
[10:15] <Burgwork> told an IP addy, I think
[10:15] <lophyte-> hmm..
[10:15] <lophyte-> well the uus server info would be in sources.list..
[10:15] <Burgwork> yep
[10:15] <lophyte-> perhaps it could check the repos for a certain file, to see if its a uus repo
[10:16] <Burgwork> we have no way of knowing what is an uus repo
[10:16] <Burgwork> better to explicitly mark it
[10:16] <Burgwork> after all, uus is likely going to be used in conjunction with kickstart or something simlar
[10:16] <lophyte-> hmm..
[10:16] <lophyte-> i'm wondering how we'd mark it
[10:16] <Burgwork> someting in an update-manager.conf
[10:16] <lophyte-> ah
[10:17] <Burgwork> useuss = yes
[10:17] <Burgwork> serverIP = 192.168.1.80
[10:17] <lophyte-> good call
[10:17] <lophyte-> update-manager is python, isn't it?
[10:18] <Burgwork> yep
[10:18] <Burgwork> http://packages.ubuntu.com/cgi-bin/search_contents.pl?searchmode=filelist&word=update-manager&version=edgy&arch=all
[10:18] <Burgwork> currently it has conf file
[10:18] <Burgwork> it has no, rather
[10:18] <Burgwork> except gconf
[10:18] <lophyte-> could be stored in gconf..
[10:18] <lophyte-> a gconf key for uus
[10:25] <Burgwork> see waht mvo has says
[10:39] <lophyte-> i'm gonna look into using sqlite for storing package and update tracking data on the server sde
[10:40] <Burgwork> cool
[10:40] <Burgwork> it rocks how you are just digging in
[10:42] <lophyte-> I've been kicking around the whole directory services idea on my own for a while.. I was excited to find out there's already a team working on it ;)
[10:44] <wasabi_> There is an update-manager config file?
[10:44] <wasabi_> I thought it just pulled from apt?
[10:46] <lophyte-> no, there isn't
[10:46] <lophyte-> just gconf
[10:50] <lophyte-> btw Burgwork, I delivered the remaining case badges to djp.. i'm at the caffe right now
[10:59] <Burgwork> lophyte-: cool. How many did you have?
[10:59] <Burgwork> wasabi_: it uses the sources.list and sources.list.d
[10:59] <lophyte-> I think I gave him 60 or so
[10:59] <lophyte-> handed out some this morning at fsoss
[10:59] <Burgwork> so you gave out 40 or so?
[10:59] <lophyte-> yeah, about that
[11:01] <lophyte-> also..
[11:01] <lophyte-> update-notifier is what we'd need to modify
[11:01] <lophyte-> not update-manager
[11:02] <wasabi_> Yeah, SQL lite was what I expected to be used.
[11:02] <Burgwork> update-notifier is a generic method of notifying on changes
[11:02] <wasabi_> Some simple db storage thing.
[11:02] <wasabi_> update-manager is the part that runs as root though isn't it?
[11:03] <Burgwork> update-manager is the piece that actually does the update
[11:03] <wasabi_> And pulls from apt I assume.
[11:03] <Burgwork> http://packages.ubuntu.com/edgy/gnome/update-notifier
[11:03] <Burgwork> but notifier is the daemon that runs constantly
[11:03] <lophyte-> notifier launches manager?
[11:04] <Burgwork> notifier puts the thing in the notification area
[11:04] <wasabi_> Looks like /etc/cron.daily/apt is the thing that is schedule to pull updates.
[11:04] <Burgwork> manager is launched by the user
[11:04] <wasabi_> And thus, the thing that should push package info.
[11:04] <lophyte-> wasabi, on the client side, right?
[11:04] <wasabi_> Yes.
[11:04] <lophyte-> alright
[11:04] <lophyte-> so there's the key
[11:04] <Burgwork> that runs 24 times a day, you realize that?
[11:05] <lophyte-> should only be once a day if its in cron.daily
[11:05] <Burgwork> hmm
[11:06] <lophyte-> wasabi, you're right.. that's what we'll need to modify
[11:06] <wasabi_> yeah, it looks like it runs 24 times, but only does something every now and then.
[11:07] <lophyte->  /etc/cron.daily/apt should push its package list to the uus server
[11:07] <wasabi_> If that server is UUS.
[11:07] <wasabi_> Or otherwise it is told to do so.
[11:07] <lophyte-> say what?
[11:08] <wasabi_> Well, you want it to simply report packages to "the apt servers", which may or may not be UUS.
[11:08] <lophyte-> you mean you don't want it to do that
[11:08] <wasabi_> Report packages to archive.ubuntu.com
[11:08] <wasabi_> It does not need to do that. ;0
[11:08] <lophyte-> right
[11:08] <lophyte-> hmm..
[11:08] <wasabi_> Also, it shouldn't report packages to any random line in apt.sources, only ones marked as trusted in some way.
[11:09] <lophyte-> well, that's what we tossed around earlier..
[11:09] <lophyte-> having a gconf key or a config file specify the uus server
[11:09] <lophyte-> and have the script use that
[11:09] <wasabi_> gconf won't work, since this doesnt' happen as a user.
[11:09] <lophyte-> alright, so then a config file..
[11:09] <wasabi_> I'd say a companion file to apt.soruces is fine.
[11:09] <wasabi_> sources.list i mean
[11:09] <wasabi_> Unless apt provides a built in way to attach metadata to specific servers.
[11:10] <wasabi_> Which it might, I remember there being special syntax back in the pre apt-key days
[11:10] <lophyte-> hmm..
[11:10] <lophyte-> I'll have to look into that
[11:11] <lophyte-> what's the wiki page for edgy release parties?
[11:12] <Burgwork> EdgyReleaseParties
[11:12] <lophyte-> thanks
[11:13] <Burgwork> lophyte-: for comparison
[11:13] <Burgwork> http://www.mat.univie.ac.at/~gerald/ftp/autoupdate/
[11:13] <Burgwork> perl, but might have some interesting ideas
[11:15] <Burgwork> lophyte-: just to let you know, time is ticking on the -ca approval process, to get edgy cds
[11:15] <lophyte-> I wanted to talk to you about what to put on the application
[11:16] <Burgwork> for the stuff we have done
[11:16] <Burgwork> lophyte-: you are not in -ca
[11:16] <Burgwork> lets move there
[11:19] <lophyte-> alright, so we've got this apt cronjob that checks for updates.. it can also push its package list to the uus server if there is one..
[11:19] <lophyte-> i imagine it simply does apt-get update..
[11:19] <lophyte-> and then update-notifier checks the package cache to see if there's a new version available
[11:19] <lophyte-> and notifies you
[11:20] <lophyte-> which then launches update-manager to do the actual update
[11:20] <lophyte-> so update-manager would need to be modified to push the update results back to the server, so uus can keep track of which updates are installed on which clients
[11:21] <lophyte-> wasabi_, I wonder if we could create an apt-config entry for UUS-specific variables
[11:21] <lophyte-> ie. whether or not its enabled, and the IP/address of the serer
[11:23] <wasabi_> Why do ya need IP address of server?
[11:23] <wasabi_> Create a convention underneath an apt repository.
[11:23] <wasabi_> just like dists, pool, etc.
[11:23] <wasabi_> "Data shall be reported in this schema posted to $repos/post"
[11:23] <wasabi_> etc
[11:24] <lophyte-> yeah, but we need to differentiate between archive.ubuntu.org and a local uus server
[11:24] <Burgwork> for the actual updates, yes
[11:24] <Burgwork> but the passing for the sources.list info, we need another method
[11:24] <Burgwork> and the dpkg -l stuff
[11:25] <lophyte-> we need another method of determining the uus server for package list pushing
[11:25] <lophyte-> apt-config might work..
[11:25] <Burgwork> apt-config?
[11:26] <wasabi_> Well, you don't want to determine a single server.
[11:26] <wasabi_> Since there may actually be multiple.
[11:26] <wasabi_> Just push to each apt source, if it's marked as pushable.
[11:26] <Burgwork> pushable?
[11:26] <lophyte-> marked how?
[11:27] <wasabi_> I dunno. "this apt source is ok!"
[11:27] <wasabi_> In apt-config if it fits there.
[11:27] <lophyte-> that's what i said :P
[11:27] <Burgwork> but there are two issues here
[11:27] <lophyte-> which are?
[11:27] <Burgwork> the actual updates, which is easy
[11:27] <Burgwork> and the backchannel data transfer
[11:28] <wasabi_> for source in `cat sources.list`; if source is marked as ok; push; end; done
[11:28] <Burgwork> the actual updates is simply hacking the sources.list
[11:28] <lophyte-> how is it marked in sources.list, though
[11:28] <Burgwork> but for passing teh sources.list and dpkg -l information, we need another method
[11:28] <lophyte-> well, passing sources.list to the clients is done via the unnamed configuration deployment system
[11:29] <Burgwork> are we going to be passing the sources.list back?
[11:29] <Burgwork> I don't us doing that
[11:29] <lophyte-> not that I planned, no
[11:29] <lophyte-> just dpkg -l
[11:29] <Burgwork> yep
[11:29] <lophyte-> and dpkg.log diffs
[11:29] <Burgwork> we need to pass teh sources.list to the server
[11:29] <lophyte-> dpkg -l gets pushed once.. and dpkg.log diffs get pushed on every update
[11:29] <lophyte-> why?
[11:29] <Burgwork> to check whether or not the list is correct
[11:30] <lophyte-> hm.. good call
[11:30] <Burgwork> then the server would say "this is correct"
[11:30] <lophyte-> or should that be up to the config system?
[11:30] <Burgwork> for now, just notifying is what we will do
[11:30] <Burgwork> ie server says to admin "you have a problem with this computer"
[11:31] <lophyte-> but sources.list isn't going to be handled by uus..
[11:31] <Burgwork> no, it is not
[11:31] <lophyte-> but uus should verify it?
[11:31] <Burgwork> yes
[11:31] <Burgwork> because that is simple
[11:31] <lophyte-> yeah, i suppose, as an extra security precaution
[11:32] <Burgwork> yep
[11:32] <lophyte-> but the question is again.. how do we mark a specific sources.list entry as pushable/uus?>
[11:32] <Burgwork> so there are two error conditions the server notifies the admin of
[11:32] <Burgwork> we assume the admin is controlling the entire sources.list
[11:32] <Burgwork> assuming we have a uss=yes set somewhere
[11:33] <Burgwork> actually, we don't need to set an IP, just a flag
[11:33] <Burgwork> as we have the IP
[11:33] <Burgwork> via the sources.list
[11:33] <lophyte-> yup
[11:33] <lophyte-> we just need something that flags a specific entry as a uus server
[11:33] <Burgwork> no we don't
[11:34] <lophyte-> ?
[11:34] <Burgwork> oh, hmm, we do
[11:34] <lophyte-> we need to differentiate between a regular apt repo and a uus server
[11:34] <Burgwork> because you might have mixed sources
[11:34] <lophyte-> yu[
[11:34] <lophyte-> yup
[11:34] <Burgwork> then I think we need an IP field
[11:34] <lophyte-> outside of sources.list?
[11:34] <Burgwork> yes, where the flag is
[11:35] <lophyte-> apt-config
[11:35] <lophyte-> perhaps
[11:35] <wasabi_> Not an ip. Just a source path.
[11:35] <Burgwork> that field shoudl be able to take several IP addys, to handle wasabi_'s use case of several update servers
[11:35] <wasabi_> Just a copy of whatever is in apt sources.
[11:35] <Burgwork> no, no
[11:35] <Burgwork> this is for the primary server to contact with config stuff
[11:35] <wasabi_> That way it's a simple "does this == that"
[11:35] <Burgwork> this is completely seperate from apt
[11:35] <wasabi_> Not really.
[11:35] <Burgwork> yes it is
[11:35] <wasabi_> My UUS might be on a different box.
[11:36] <wasabi_> My WSUS sure is.
[11:36] <Burgwork> the update-notifier takes this IP and passes the dpkg -l and sources.list to this box
[11:36] <lophyte-> yup
[11:36] <wasabi_> I don't like that at all.
[11:36] <Burgwork> then apt, which is a seperate system, updates the system based on the sources.list
[11:36] <wasabi_> Just post it to the HTTP URL in sources.list
[11:36] <lophyte-> but then you're posting to apt rpeos
[11:36] <lophyte-> repos*
[11:36] <wasabi_> So?
[11:36] <Burgwork> that is crack
[11:36] <wasabi_> You're posting to a known URL under an apt repos.
[11:36] <Burgwork> we also have the issue that it should work without changing apt
[11:36] <wasabi_> In the same way we "know binary-arch"
[11:36] <wasabi_> or "release.gz"
[11:37] <wasabi_> or "Packages.gz"
[11:37] <lophyte-> we don't need people trying to post their dpkg -l to archive.ubuntu.org
[11:37] <wasabi_> Nothing is changing apt.
[11:37] <wasabi_> lophyte-: Hence the mark.
[11:37] <Burgwork> if you add stuff to sources.list, you need to change apt
[11:37] <lophyte-> what mark?
[11:37] <wasabi_> Didn't say we were.
[11:37] <wasabi_> A mark in apt-config.
[11:37] <wasabi_> "this sources.list line is postable!"
[11:37] <lophyte-> that's what I said :P
[11:37] <Burgwork> then we need to change apt
[11:37] <wasabi_> Not IP.
[11:37] <wasabi_> Sources.list line.
[11:37] <Burgwork> which sucks
[11:37] <wasabi_> No we don't.
[11:37] <wasabi_> Heh.
[11:37] <Burgwork> I am totally lost
[11:37] <lophyte-> use apt-config
[11:38] <Burgwork> where is teh config stored? on the server?
[11:38] <wasabi_> apt-config certainly has the ability to stick some srot of string into it someplace.
[11:38] <lophyte-> yeah
[11:38] <wasabi_> In fact, check out apt.conf.d
[11:38] <lophyte-> apt-config -o UUS::ServerIP='172.16.0.1'
[11:38] <wasabi_> There's stuff in there for Unattended-Upgrade
[11:38] <Burgwork> hmm, ah
[11:38] <wasabi_> Read 50unattended-upgrades
[11:38] <Burgwork> I see
[11:38] <wasabi_> model after that
[11:39] <Burgwork> perfect
[11:39] <wasabi_> UUS::Allowed-Servers { "http://server.com/whatever" ; "next line"; }
[11:39] <wasabi_> ;
[11:39] <lophyte-> sounds good
[11:39] <wasabi_> Simple for each line in sources.list, if it == a line in Allowed-Servers, you're good.
[11:39] <Burgwork> what parses apt.conf?
[11:39] <wasabi_> At some point, maybe that can change to be key based or something.
[11:39] <wasabi_> For now that is good.
[11:39] <lophyte-> that sounds good
[11:39] <Burgwork> wait a sec
[11:40] <Burgwork> are we talking checking whether or not you should update from a server or whether or not you shoudl pass data to that server
[11:40] <Burgwork> ?
[11:40] <lophyte-> whether or not you should pass data
[11:40] <Burgwork> right
[11:40] <Burgwork> wasabi_: is that what you were thinking?
[11:40] <lophyte-> we're trying to determine whether or not a sources.list entry is pushable
[11:41] <lophyte-> i should probably head home
[11:41] <wasabi_> Whether you should post data to it.
[11:41] <Burgwork> ok
[11:41] <wasabi_> Whether or not you should update is something else.
[11:41] <lophyte-> apt-config sounds like the best method
[11:41] <Burgwork> in that case UUS::Config-Servers { "http://server.com/whatever" ; "next line"; }
[11:41] <wasabi_> Which actually, seems to be in 50unattended-upgrades
[11:41] <Burgwork> that is better
[11:41] <wasabi_> / allowed (origin, archive) pairs
[11:41] <wasabi_> Unattended-Upgrade::Allowed-Origins {
[11:41] <wasabi_>         "Ubuntu edgy-security";
[11:41] <wasabi_> /      "Ubuntu edgy-updates";
[11:41] <wasabi_> };
[11:42] <Burgwork> does this require apt changes?
[11:42] <lophyte-> no
[11:42] <lophyte-> all we need to modify is /etc/cron,daily/apt to push the dpkg -l
[11:42] <wasabi_> We would use Allowed-Origins too
[11:42] <lophyte-> and update-manager to push the dpkg.log diffs
[11:42] <wasabi_> Since it looks like unattended-upgrades already handles this
[11:43] <lophyte-> yea
[11:43] <wasabi_> we would configure which servers you can POST to, and they would configure which ones get pulled from automatically.
[11:43] <lophyte-> yeah, right
[11:43] <lophyte-> okay, that sounds good
[11:43] <wasabi_> So you can do those independently, or in conjunction.
[11:44] <wasabi_> Allowed-Origins is interesting.
[11:44] <Burgwork> but that is drifting into configuration issues
[11:44] <wasabi_> Since it's Origins.
[11:44] <wasabi_> yup
[11:44] <Burgwork> which is a little bit beyond this spec
[11:44] <lophyte-> yeah
[11:44] <Burgwork> for now, the server should do some parsing and notify the admin is something is amiss
[11:44] <lophyte-> well, milestone 1 is getting the basic framework to function
[11:45] <lophyte-> pushing dpkg -l, dpkg.log diffs, approving packages, etc.
[11:45] <Burgwork> as soon as you have code, I want to test it
[11:45] <lophyte-> alright
[11:45] <lophyte-> well I'm still working on the spec.. I'll probably start coding next week
[11:45] <Burgwork> cool
[11:45] <lophyte-> I wanna make sure all the methodology is planned out before I write code
[11:46] <Burgwork> make certain you get some of the core dev team to look at it
[11:46] <lophyte-> that way I don't trip over my own feet half way through
[11:46] <Burgwork> include mvo, infinity and keybuk
[11:46] <lophyte-> look at the spec?
[11:46] <lophyte-> or the code?
[11:47] <Burgwork> the spec
[11:47] <lophyte-> alright
[11:47] <Burgwork> after all, we want this is main
[11:47] <lophyte-> well once I have it finished I'll pass it around
[11:47] <Burgwork> oh, pitti to
[11:47] <lophyte-> will have to meet these folks.. never spoke to them before
[11:48] <Burgwork> pitti does security, keybuk and mvo are apt people and infinity does servers
[11:48] <lophyte-> alright
[11:48] <lophyte-> well once the spec is looking good, I'll pass it around
[11:48] <Burgwork> pitti is Martin Pitt, keybuk is Scott James Remnant, mvo is Michael Vogt, and inifinity is Adam Conrad
[11:49] <wasabi_> / never update the packages in this list
[11:49] <wasabi_> Unattended-Upgrade::Package-Blacklist {
[11:49] <wasabi_> /      "vim";
[11:49] <wasabi_> Heh.
[11:50] <lophyte-> haha
[11:50] <wasabi_> I suspect we fit into this file.
[11:50] <wasabi_> Maybe to the point where your client code becomes part of it
[11:50] <wasabi_> And you're client portions are actually part of Unattended-Upgrade
[11:50] <lophyte-> wasabi, agreed
[11:50] <lophyte-> I'll look through the apt-config stuff whe i get home
[11:51] <lophyte-> anywho.. i'm out before i have to pay more for this laptop
[11:51] <wasabi_> Actually, now that I'm in this file, my ideas have been altered
[11:51] <lophyte-> yay rentals
[11:51] <lophyte-> haha
[11:51] <lophyte-> well.. leave the discussion for later ;)
[11:51] <Burgwork> lophyte-: you rent a laptop?
[11:51] <wasabi_> Unattended-Upgrade::Trusted-Post-Keys { "apt-key name"; };
[11:51] <lophyte-> Burgwork, linuxcaffe rents them for $2/hr
[11:51] <Burgwork> ah
[11:51] <Burgwork> at least you get ubuntu
[11:51] <lophyte-> yup :)
[11:51] <lophyte-> anyhow.. I'll be back later tonight, and we can discuss this more
[11:51] <lophyte-> I wanna get the spec done by sunday
[11:52] <lophyte-> start on the code next week
[11:52] <lophyte-> anyway.. i'm out
[11:53] <lophyte-> be back in a few hours
[11:53] <Burgwork> cya
[11:55] <Burgwork> ok, this update server is going to rock
[11:56] <SimonAnibal> hell yes it will
[11:57] <Burgwork> now I just need to make it talk yum *grin*
[11:58] <SimonAnibal> why yum?
[11:58] <Burgwork> cause I have to deal with FC4 boxen
[11:58] <Burgwork> I only have an Ubuntu machine 'cause I brought it in the backdoor
[11:58] <Burgwork> I work for Userful, we build on Fedora
[11:58] <SimonAnibal> heheh
[11:59] <SimonAnibal> that is quite the interesting story
[12:00] <SimonAnibal> I'm glad to see you on the team, I'm sure your getting this to work will help other people as well, doncha think?
[12:02] <Burgwork> yep