=== doko_ is now known as doko
=== Varka_ is now known as Varka
=== asac_ is now known as asac
=== antdedyet is now known as E_NOMAD
=== E_NOMAD is now known as antdedyet
=== antdedyet is now known as technomad
=== technomad is now known as technoant
=== technoant is now known as technogeek
=== technogeek is now known as technoant
=== ubotu changed the topic of #ubuntu-meeting to: Current meeting: Edubuntu meeting Calendar: http://fridge.ubuntu.com/event | Logs: https://wiki.ubuntu.com/MeetingLogs/ | 30 Jan 20:00 UTC: Security Team | 30 Jan 21:00 UTC: Server Team | 01 Feb 20:00 UTC: MOTU | 13 Feb 22:30 UTC: Forum Council | 20 Feb 01:00 UTC: TriLoCo-Midwest
[12:02] <RichEd> hello edubuntu meeting
[12:02] <juliux> hello RichEd
[12:02] <RichEd> who do we have around today ?
[12:02] <RichEd> hi juliux :)
[12:02] <juliux> still at work but around;)
[12:03]  * Hobbsee comes in to disrupt the meeting
[12:03] <RichEd> ahh Hobbsee ... hi there :)
[12:04] <RichEd> so looks like just RichEd juliux Hobbsee & ogra then ?
[12:04] <Hobbsee> hiya RichEd!
[12:04]  * RichEd waits for ogra to kick of with a short tech update - including the distro sprint last week
[12:04] <ogra> hey
[12:05] <ogra> well, most of my sprint time was invested into classmate to get it running with the new hardy kernel
[12:05] <ogra> but we also discussed the Cd changes
[12:05] <RichEd> [ actually glad to have juliux & Hobbsee ... we have been asked to get an opinion from the community on a name migration so please wait around to chat about that ]
[12:06] <ogra> sadly the scripts are not completely transitioned yet as i hoped for alpha4
[12:06] <Hobbsee> RichEd: any name will be acceptable, as long as it has reference to either a) monty python, or b) hitchhikers guide to the galaxy.
[12:06] <ogra> so alpha4 will still build a server CD but i dont test it
[12:07] <ogra> if you want to test install media, please test ubuntu alternate with the preseed options set as i stated in my mail recently
[12:07] <ogra> (to test ltsp)
[12:08] <ogra> cjwatson is busy changing the seed management to please us and get the plain addon setup going soon ...
=== nalioth__ is now known as nalioth
[12:09] <ogra> i have some bad ltsp bugs on y plate (i.e. ldm consolekit integration to make authenticated apps (sudo and the like) work at all on ltsp atm)
[12:09] <ogra> the dekstop changed a lot in this regard and ltsp isnt up to date here yet
[12:11] <ogra> johnny who isnt here but a resident in #edubuntu did a lot on sabayon ... talking to upstream and getting fixes in etc
[12:11] <ogra> i hope i find the time this week to update that
[12:11] <ogra> (there is a new upstream waiting)
=== cjwatson_ is now known as cjwatson
[12:11] <cjwatson> seed changes will land after alpha4
[12:11] <cjwatson> (I got blocked on a few more bits of infrastructure I'd missed)
[12:12]  * ogra didnt complain :) and the community wont either 
[12:12] <cjwatson> ogra: once the seed changes are done, I'd appreciate it if you could make the CD build script changes; I will be happy to help you
[12:12] <ogra> (dare you guys :) )
[12:12] <ogra> cjwatson, ok, will do
[12:12] <cjwatson> ogra: what sort of kernel problems did you encounter on the classmate?
[12:12] <cjwatson> (I didn't get a chance to talk with you at the sprint about this)
[12:13] <ogra> cjwatson, after searching 1.5 days i found the clocksource detection to be at fault
[12:13] <cjwatson> oh, fun
[12:13] <ogra> BenC knows about it ...
[12:13] <ogra> and you can set colcksource as grub parameter
[12:13] <ogra> so its not to bad actually
[12:13] <cjwatson> is there a suitably milestoned bug to ensure that it doesn't get forgotten?
[12:13] <ogra> well, and i'm still experimenting with tickless
[12:14] <ogra> not yet, i'll add one
[12:14] <cjwatson> thanks
[12:14] <ogra> but it seems i'm not the only one with that pob so i suspect ther is a bug already
[12:14] <ogra> *prob
[12:14] <cjwatson> ogra has sent me a summary of CK problems in ssh, which I will process and try to work out
[12:15] <ogra> we'll have a solution in any case fo CK ... the question is just which one :)
[12:16] <ogra> beyond all that i'll upload my corrected classmate-initramfs and -setings packages to the archive this week (since i need them for the image)
[12:16] <cjwatson> fortunately the ssh -X / consolekit problems are reproducible on a normal system
[12:16] <ogra> with the setup with the livefs-rootfs scripts it should then be possible for everyone to build his own classmate image
[12:17] <RichEd> ogra: can you and i touch sides tomorrow on the classmate issues going back & forth with intel ... and then prep a mail report for cjwatson and then on to intel ?
[12:17] <ogra> cjwatson, easiest would be to hook it into the ssh X proxy code ... but then we'd miss the case where ssh -x is used with a DISPLAY variable (which i suspect is used by more ltsp users than the default)
[12:18] <cjwatson> I need to read a few examples of consolekit integration before I can comment
[12:18] <ogra> RichEd, sure ... even though i think colin is up to date with everything on the tech side, i usually copy all my mails
[12:18] <RichEd> chris is very keen for us to hold them to the contract, and sort out any variances formally ... there is definately scope creep from their side
[12:19] <ogra> cjwatson, in case you dont know it: http://people.freedesktop.org/~mccann/doc/ConsoleKit/ConsoleKit.html
[12:19] <stgraber> hello
[12:19] <ogra> i also have access to upstream, he's in #ltsp regulary atm for quick questions
[12:20] <cjwatson> ogra: thanks, I hadn't seen that and that's definitely useful
[12:20] <ogra> well, thats all from my side ... LaserJock sent two mails to edubuntu-devel i'd like to pul peoples attention to
[12:21] <ogra> cjwatson, and mccann would love to help us out with whatever is needed (even CK upstream changes) if it improves :)
[12:21] <ogra> fedorea has similar probs :)
[12:21] <ogra> *fedora
[12:22] <ogra> and nobody with a colin watson-ish insight in openssh ;)
[12:23] <ogra> so i'm done with my tech stuff, stgraber anything new about iTalc ?
[12:23] <RichEd> ogra: summarise the LaserJock issues quickly please ... he did bring them up at the meeting last week
[12:23] <RichEd> hey stgraber :) you snuck in there
[12:23] <ogra> he'd like to chaneg the app selection ... rasmol should be replaced by gnome-chemistry-utils
[12:24] <RichEd> okay ... sounds fine ...
[12:24] <ogra> squeak is in bad shape and he tries to solve that with upstream to get us better packages
[12:24] <RichEd> he also mentioned there was no firm answer on where to do the menu editing ...
[12:24] <ogra> and he's busy with edubuntu-menus asking how to develop a gui for it
[12:24] <RichEd> he said you proposed alacarte ... but there was some reluctance from his side
[12:25] <ogra> (which i dont see happening two weeks before freeze though)
[12:25] <ogra> RichEd, well, if you edit menus you will use the menu editor
[12:25] <RichEd> ogra: np ... let's keep it moving forwards anyway ... regardless of the current cycle
[12:25] <stgraber> sorry, yes I was contacted by iTalc's upstream and he was as surprised as I'm about the various bugs I've found
[12:25] <ogra> so imho that feature needs to be in the menu editor gui
[12:25] <RichEd> that made sense to me as well
[12:26] <RichEd> hence i was unsure why that was not the obvious route
[12:26] <ogra> we need at least a proper documented wayx how to do it on the commandline though if we release it
[12:26] <ogra> i'll talk to him this week
[12:26] <ogra> to clearify that
[12:26] <cjwatson> ogra: oh, I dunno, I suspect the RH openssh maintainer at least is better than I am
[12:26] <RichEd> are there any or many people who are working on alacarte ? that we could draw on for help or at least some mentorship / guidance ?
[12:27] <ogra> cjwatson, mccann didnt sound like that :)
[12:27] <RichEd> if we aim for alacarte integrtion by 8.10 we may be able to get some new resources working on LaserJocks requirements as a project
[12:28] <ogra> RichEd, i think alacarte is the gnome default menu editor upstream now ... but they dont agree with LaserJocks implementation using overlays afaik so i dont expect much help from that side ...
[12:28] <ogra> we'd need a community guy knowing the alacarte code a bit
[12:29] <cjwatson> the alacarte author is an Ubuntu community guy
[12:29] <cjwatson> Amaranth
[12:29] <ogra> the only one i know is Amaranth ... but he's so much into compiz that i fear he wont be available
[12:29] <RichEd> ogra: this is starting to sound like the conversation with LaserJock ... we need to pick a route, define the requirements, and push forwards
[12:29] <RichEd> :)
[12:30] <ogra> yeah
[12:30] <RichEd> could we get someone like cody somerville (the newish voluteer) to tackle at least an overview plan
[12:30] <ogra> i dotn expect to have something thats polished and fully integrated by #hardy
[12:31] <RichEd> he should have the time to start some conversations
[12:31] <ogra> but having the backend bits done and stable would be a major step towards what we want
[12:31] <RichEd> ogra: that's fine re hardy ... but this spec seems to stall often
[12:31] <ogra> well, its a massive amount of work
[12:31] <RichEd> so lets aim for 8.10 and get someone on it who is not tied up with the current release cycle
[12:31] <ogra> i never expected it to be done in less than two releases
[12:32] <ogra> (it took three yet though and might be done after five)
[12:32] <RichEd> le me chat to cody by mail ... will cc you and LaserJock
[12:32] <RichEd> *let
[12:32] <ogra> i'm sure we could get something hacked together quickly outside of alacarte ... but i dont want such stuff in hardy
[12:34] <RichEd> any more tech stuff ?
[12:35] <ogra> stgraber, so whats the reaction of upstream (beyond being surprised) ?
[12:35] <ogra> does he want your fixes ?
[12:35] <ogra> is he aware that ltsp5 works different from 4.x ?
[12:36] <stgraber> he wants to fix but he seems to be lacking of time
[12:36] <ogra> well, he could start with just including your fixes :)
[12:36] <stgraber> and the network bug is really weird (port open on a computer but not on another ...)
[12:36] <ogra> that shouldnt take a major amount of time
[12:36]  * RichEd is back in 5 min
[12:36] <ogra> sounds like /hosts.allow/deny chime in ...
[12:37] <ogra> (just a guess though)
[12:37] <stgraber> indeed, but instead of using env vars as I'm currently doing it'd be better to fix it using the same parameters as ica itself
[12:37] <stgraber> well, the weird thing is that doing a nmap -p 5800 localhost returns a value on my laptop and not on my test computer
[12:37] <ogra> right
[12:38] <stgraber> both running Hardy on amd64 ...
[12:38] <stgraber> and I think it's the same bug causing the demo problem I had before (as looking at the debug messages it seems italc is unable to reach the local vnc server and then to broadcast our screen to the other computers, causing the crash I had)
[12:39] <ogra> we should combine thin client manager and italc :P
[12:39] <ogra> broadcasting was actually the only vnc function that works flawless there :)
[12:40] <johnny> hmm.. i'm sad about having a whole another service to do this kinda thing
[12:40] <johnny> i need to read more i suppose
[12:40] <ogra> johnny, iTalc is supposed to replace TCM
[12:40] <johnny> yes i know that
[12:40] <stgraber> yes, especially as italc currently crashes when using the demo mode, it's not "just not working"
[12:40] <ogra> as TCM has no maintainer
[12:40] <johnny> but when i heard that it had it's own services
[12:40] <johnny> i was suprised
[12:40] <ogra> TCM has a client as well
[12:41] <ogra> look in /etc/X11/Xsession.d if you have it installed
[12:41] <stgraber> I don't think the iTalc bug is that hard to fix neither is the slight improvment I want (-ivsport and -isdport for italc as we have for ica), I just have no C++/QT knowledge
[12:41] <ogra> (it was called scp (student control panel) before)
[12:41] <stgraber> so it takes me a lot of time to figure out what's wrong and then to find a way to fix it :)
[12:42] <ogra> stgraber, can we make it work out of the box with features disabled though ?
[12:42] <stgraber> with the port problem I currently have, no
[12:42] <ogra> hmm
[12:43] <stgraber> with this bug, iTalc is just unable to contact its own ica (daemon) and any other daemon (the clients)
[12:43] <ogra> then TCM should get some attention at least, we need at least oe tool to ship
[12:43] <ogra> i'm inclined to just drop the VNC feature from TCM
[12:44] <stgraber> I have found the problem and workarounded the other in only a couple of hours, so someone with C++ knowledge should be able to fix the bug easily
[12:44] <ogra> all others dont have probs and i'd like to have some session control available
[12:44] <stgraber> I'm not sure we really want to support tcm for 3 years :)
[12:44] <ogra> how hackish is your workaround ?
[12:44] <ogra> not sure we want to support a pre version of iTalc for three years either :)
[12:45] <stgraber> not that much, it's just using a IVSPORT env var to send the ica port (as in our case the port is different for each client)
[12:45] <stgraber> to have it done the proper way, the getenv() should be replaced by a command parameter (-ivsport)
[12:45] <ogra> is it possible for the user to modify that ? or is it relatively safe ?
[12:46] <ogra> i.e. if i set the var to something will italc respect that override ?
[12:46] <ogra> (it shouldnt for safety reasons)
[12:47] <ogra> could we have a wrapper script that forces a value ?
[12:47] <ogra> so overrides arent possible
[12:47] <stgraber> it'll connect on the port specified in the env var, if not it'll fallback to the default value
[12:48] <ogra> sounds somehow solvable
[12:49] <stgraber> my real problem is ica not listening to its ports ... the only thing I'm sure of is that it's not one of my patches that are causing that
[12:49] <ogra> well, anyway, we should discuss tech details off meeting
[12:50] <stgraber> indeed
[12:50] <RichEd> can we move on to art then ?
[12:50] <ogra> from my side we can
[12:50] <RichEd> any more tech from anyone else ?
[12:51] <johnny> uhmm? i don't know the protocols for these meetings, so i'll abstain until i can read some guidelines
[12:51] <RichEd> our wallpaper volunteer (jill) made a start on a new desktop ... she sent samples to ogra and myself ...
[12:51] <RichEd> johnny: jump in ...
[12:51] <ogra> johnny, its parted in two hlafs
[12:51] <RichEd> what would you like to chat about ?
[12:51] <ogra> first is tech, second is community etc
[12:51] <johnny> well, i was concerned about the fact that autologin was promoted, but never worked
[12:51] <ogra> RichEd, as i said before johnny cared a lot for sabayon
[12:52] <johnny> still care "ing" :)
[12:52] <RichEd> we do tech / art / distro stuff in part 1 ... then onto web site community etc. in part 2
[12:52]  * RichEd thanks johnny 
[12:52] <ogra> johnny, there are patches in LP i'll add soon
[12:52] <johnny> vagrantc put in a patch supposably
[12:52] <ogra> that should fix it ....
[12:52] <johnny> to ldm
[12:52] <johnny> as of a few hours that is
[12:52] <ogra> he pulled one from francis both, sbalneav and me werent happy about back then
[12:53] <johnny> yeah, scott was gonna write a new one, but he disappeared
[12:53] <ogra> but since scott didnt show up until yesterday i'm considering using that one
[12:53] <ogra> there is still a lot of time for bugfixes
[12:53] <johnny> oh.. scott is back?
[12:53] <johnny> would it be feasible to have an ltsp meeting ?
[12:53] <johnny> and then report back on the next ubuntu meeting
[12:53] <ogra> (bugs can be fixed all the time during the release cycle)
[12:54] <ogra> well, usually scott attends this meeting
[12:54] <johnny> but i doubt warren or vagrantc does..
[12:54] <ogra> since next time we'll have the late one (20:00 UTC i expect him to be here)
[12:54] <ogra> i dont care about warren
[12:54] <ogra> (form a distro maintainer POV)
[12:54] <johnny> thus was speaking of ltsp in general
[12:55] <ogra> well, if you want to organize a ltsp meeting and teh others agree we need one, go ahaed :)
[12:55] <ogra> i'll fix the ltsp bugs along the way to hardy anyway
[12:56] <johnny> ok
[12:56] <johnny> so, anybody have any issues with sabayon they wanted to bring up in this forum?
[12:56] <johnny> otherwise i'm done with tech for now until i can think onger
[12:56] <johnny> longer*
[12:56] <ogra> i think they are all on launchpad :)
[12:56] <johnny> been there done that :)
[12:56] <ogra> right
[12:56] <johnny> even got some patches from redhat bugtracker
[12:57] <ogra> i'll try to get the new upstream in this week ...
[12:57] <johnny> still waiting for federico to return ,he just had a daughter
[12:57] <ogra> but i want to look at upstreams solution for two patches they solved differently
[12:57] <johnny> before deciding on the next step
[12:57] <ogra> i didnt find the time fr that yet, but its on my list
[12:57] <johnny> well, lemme know :)
[12:58] <ogra> will do
[12:58] <ogra> i guess you are subbed to the bugs
[12:58] <ogra> ?
[12:58] <johnny> bugs in general? or specific bugs?
[12:58] <ogra> sabayon
[12:58] <johnny> launchpad or gnome?
[12:59] <ogra> launchpad
[12:59] <ogra> i'll put my comments there
[12:59] <johnny> ok
[12:59] <ogra> so lets communicate through LP
[12:59] <ogra> RichEd, stage is yours
[12:59] <ogra> show us the bling :)
[13:03] <RichEd> hi ...
[13:03] <RichEd> our wallpaper volunteer (jill) made a start on a new desktop ... she sent samples to ogra and myself ...
[13:03] <RichEd> she herself said they may be too busy and i agree
[13:04] <ogra> yeah
[13:04] <ogra> well, they might be good for a young desktop
[13:04] <RichEd> they are very cluttered ... not like the ubuntu cleanness
[13:04] <RichEd> ogra: as an optional, they are okay ... too much for a default though
[13:04] <ogra> right
[13:04] <RichEd> so if anyone has any artwork "theme" suggestions or ideas, i can get jill to think about ?
=== \sh_away is now known as \sh
[13:05] <RichEd> perhaps i should bounce off the mail lists
[13:06] <RichEd> okay ... on to the naming issue i mentioned earlier ... Hobbsee & juliux your comments would be appreciated
[13:06] <ogra> but also stgraber's and johnny's :)
[13:06] <RichEd> it's been suggested that as we move towards the current edubuntu being an add-op on top of an ubuntu install:
[13:07] <RichEd> " is edubuntu a true distro of its own, and does the naming still make sense ? "
[13:07] <johnny> my impression from ogra was that it wont' be one
[13:08] <RichEd> " would it be more accurate to call the Ubuntu Install with Edubuntu/Education Add on something like: Ubuntu Education Edition "
[13:08] <RichEd> we've been asked to float those questions / views, and then have a good debate at the next meeting which is a community council one
[13:09] <RichEd> my own view is that we could migrate the naming as follows:
[13:09] <ogra> johnny, well, we wont let a brand vanish if there is a need for it :) currently the idea is to get both communities closer together and to loose the image of the childs distro ...
[13:09] <RichEd> edubuntu 8.04 - ubuntu education edition
[13:09] <RichEd> ubuntu 8.10 education edition (edubuntu)
[13:09] <ogra> edu in ubuntu is more than kindergarden and elementary school, we'd like to reflect that
[13:09] <RichEd> ubuntu 9.04 - education edition
[13:09] <RichEd> ---
[13:10] <johnny> somebody in the channel was asking for apps for middle schoolers
[13:10] <nixternal> ooh, look what I found :)
[13:10] <ogra> kdeedu :)
[13:10] <ogra> nixternal, ?
[13:10] <ogra> tell us ?
[13:10] <RichEd> we don't want a huge debate now, we'll save that for next week, but any immediate thoughts or opinions from anyone to get onto the table ?
[13:10] <johnny> i'm not familiar with the apps themselves , i am only in edubuntu because of the ltsp affiliation.. or at least that's how i got started
[13:10] <nixternal> RichEd and ogra: I am updating the Edubuntu chapter btw for the book, so I will get with you both this week and torment you
[13:10] <nixternal> I mean pick your brains :)
[13:10] <ogra> great
[13:10] <ogra> there wont be much change
[13:10] <RichEd> nixternal: pick me a nice one please
[13:11] <nixternal> except for LTSP going into Ubuntu Server :p
[13:11] <nixternal> hehe RichEd
[13:11] <Hobbsee> RichEd: it will be interesting to see hwo that goes, as kubuntu may end up doing the same
[13:11] <johnny> i like the idea of helping education and linux tho
[13:11] <ogra> nixternal, ubuntu-alternate :)
[13:11] <ogra> -server has no desktop apps
[13:11] <RichEd> Hobbsee: expand on that ?
[13:11] <nixternal> err, ya alternate
[13:11] <nixternal> sorry
[13:11] <Hobbsee> RichEd: from a marketing perspective, it probably makes sense to keep ubuntu in the name - so ubuntu 8.10 education edition (edubuntu) would be my pick
[13:11]  * Hobbsee needs to type faster!
[13:11] <ogra> nixternal, but ltsp itself wont see much changes wrt configuration etc
[13:12] <nixternal> groovy
[13:12] <nixternal> what about KDE Edu? You guys need some work on it?
[13:12] <Hobbsee> RichEd: at least in kubuntu, and i presume edubuntu as well, there are lots of questions on "so, should i install ubuntu or kubuntu", they think it requires different repos to run, aren't co installable, etc.
[13:12] <ogra> main focus for ltsp is to make it the most stable and solid one we had yet
[13:12] <nixternal> there will be a bug fix release in February
[13:12] <RichEd> Hobbsee: thanks ... new people hearing about ubuntu do not alwayds get as far as finding or understanding edubuntu (especially in foreign language regions)
[13:12] <ogra> nixternal, it needs additions to all its .desktop files
[13:12] <RichEd> we think the new approach will lead them from ubuntu to the education add on more successfully
[13:13]  * RichEd needs to get moving for another meeting ... but peope are welcome to mail me comments ...
[13:13] <RichEd> i'
[13:13] <ogra> apparently KDE apps dont use the StartupNotify setting .... but thats for off-meeting :)
[13:13] <nixternal> ogra: OK, we can take a look at that after the meeting and it all worked out
[13:13] <nixternal> ahh
[13:13] <RichEd> I'll leave this window open and #edubuntu ... but need to move on
[13:13] <RichEd> ogra: can you handle the wrap up from here on in ?
[13:13] <ogra> is there anything left apart from "questions anyone ?" ?
[13:13] <ogra> :)
[13:14] <RichEd> yep .. that bit ...
[13:14] <ogra> heh
[13:14] <RichEd> bye all & thanks
[13:14] <ogra> questions anyone ?
[13:14] <Hobbsee> RichEd: i think you want to keep the "ubuntu" name, if you're going to remarket at all - ie, not edubuntu - make it known as ubuntu + blah.
[13:15] <ogra> Hobbsee, for edubuntu that akes perfect sense ...
[13:15] <ogra> i dont see it for kubuntu though
[13:15] <Hobbsee> ogra: kubuntu is harder, but yes.
[13:15] <ogra> edubuntu can be an addon to either desktop
[13:15] <ogra> and thus doesnt actually need a system install CD
[13:15] <ogra> thats the whole idea behind that change
[13:16] <ogra> kubuntu will always want its own base CD
[13:16] <johnny> until we all have dvd drives..
[13:16] <ogra> instead of being any kind of addon
[13:16] <johnny> but that will be a long time..
[13:16] <ogra> johnny, no option for edu ... for the next ten years i guess
[13:17] <ogra> anyway ...
[13:17] <ogra> if theer are no other questions ....
[13:17] <ogra> going once ...
[13:18] <ogra> going twice ...
[13:18] <Hobbsee> what's the answer to life, the universe and everything?
[13:18] <ogra> 42
[13:18] <Hobbsee> oh good
[13:18] <Hobbsee> so not 37 then
[13:18] <Daviey> tis 63
[13:18] <ogra> anyway, adjourned ... (i was referring to serious questions rather :) )
[13:19] <ogra> next meeting is wed at 20:00 UTC ... thanks all for attending
[13:19] <Hobbsee> ogra: awww.  but i said iw as going to come in and disrupt your meeting, so i had to add it :)
[13:19] <ogra> you waited quite long though
[13:19] <ogra> not much to disturb anymore
[13:19] <Hobbsee> i was distracted.  putting out spot fires.
[13:28] <emgent> @now
[13:28] <emgent> @schedule rome
[13:29] <emgent> @schedule
=== edson is now known as puzzle
=== puzzle is now known as edson
=== davies is now known as jpatrick
=== ubotu changed the topic of #ubuntu-meeting to: Calendar: http://fridge.ubuntu.com/event | Logs: https://wiki.ubuntu.com/MeetingLogs/ | 30 Jan 20:00 UTC: Security Team | 30 Jan 21:00 UTC: Server Team | 01 Feb 20:00 UTC: MOTU | 13 Feb 22:30 UTC: Forum Council | 20 Feb 01:00 UTC: TriLoCo-Midwest
=== technoant is now known as antdedyet
=== czessi_ is now known as Czessi
[15:14] <emgent> @schedule rome
[15:14] <ubotu> Schedule for Europe/Rome: 30 Jan 21:00: Security Team | 30 Jan 22:00: Server Team | 01 Feb 21:00: MOTU | 13 Feb 23:30: Forum Council | 20 Feb 02:00: TriLoCo-Midwest
[15:16] <zul> @schedule montreal
[15:16] <ubotu> Schedule for America/Montreal: 30 Jan 15:00: Security Team | 30 Jan 16:00: Server Team | 01 Feb 15:00: MOTU | 13 Feb 17:30: Forum Council | 19 Feb 20:00: TriLoCo-Midwest
=== freeflyi2g is now known as freeflying
[16:00]  * pedro_ waves
[16:00] <ogasawara> hi pedro_
[16:00] <stgraber> hello
[16:00] <pedro_> hello ogasawara, stgraber
[16:00] <stgraber> ouch, what a good timing, just finished a call :)
[16:00] <pedro_> jejeje
[16:01] <nand> hi
[16:02] <stgraber> hi nand
[16:03] <ogasawara> so it seems heno is out sick for the meeting
[16:03] <nand> I'm at work, not easy for me!
[16:03] <nand> oh
[16:03] <Mithrandir> hiya Leann, thanks for taking us to that place yesterday.
[16:04] <ogasawara> Mithrandir: np :)  it was fun!
[16:04] <liw> ogasawara, yeah, did you arrange for someone else to chair this meeting?
[16:04] <ogasawara> liw:  nope
[16:04] <ogasawara> liw:  I nominate you :)
[16:04] <liw> bdmurray, are you there?
[16:05] <ogasawara> liw:  he's at intel today
[16:05] <bdmurray> liw: kind of I have to run though
[16:05] <liw> ok
[16:05] <liw> then we could start
[16:05] <liw> I can chair, I just need to find the bot instructions
[16:06] <Hobbsee> liw: use #startmeeting
[16:06] <liw> right, found https://wiki.ubuntu.com/ScribesTeam/MootBot?highlight=%28mootbot%29
[16:06] <liw> #startmeeting
[16:06] <MootBot> Meeting started at 16:06. The chair is liw.
[16:06] <MootBot> Commands Available: [TOPIC], [IDEA], [ACTION], [AGREED], [LINK], [VOTE]
[16:06] <liw> welcome to the QA team weekly meeting
[16:06] <liw> agenda is at https://wiki.ubuntu.com/QATeam/Meetings
[16:06] <pedro_> woohoo!
[16:06] <ogasawara> heh
[16:07] <liw> [TOPIC] London sprint QA highlights
[16:07] <MootBot> New Topic:  London sprint QA highlights
[16:07] <liw> so, we had a distro team sprint in London last week, and that included the Canonical QA people; it wasn't a community event, but we should report the QA related highlights
[16:08] <ogasawara> I've got a few things . . .
[16:08] <liw> for me: I got some advice on using KVM, and discussed expanding automatic desktop testing to the graphical installer, and worked together with Marc Tardif to create a package based on his hwtest framework that will run packaged automated desktop tests
[16:09] <liw> also, various people suggested including, in some form or another, automatic tests they have made, e.g., for security work
[16:09] <ogasawara> as a team we drafted out SRU process, bug workflow, bug forwarding, re-organizing the Debugging* wiki pages
[16:10] <liw> oh, and I made changes to the piuparts testing harness to provide a summary that can be included in the developer weather report
[16:10] <pedro_> And also we verified some of the outstanding SRU's ;-)
[16:11] <ogasawara> oh and went through the iso-testing bugs
[16:12] <liw> anything else?
[16:12] <pedro_> one of the new things that we are going to introduce are the new desktop hug days based on of course desktop packages they will be held the Thursdays so stay tune
[16:13] <stgraber> oh, so we'll have two hug days ?
[16:13] <pedro_> yes sr
[16:13] <stgraber> the first one being for the base system and the second for the GUI apps ?
[16:15] <pedro_> the second one is supposed to be based on Desktop apps like alacarte, evolution, nautilus, etc we have a few hundreds bugs there that need love
[16:15] <pedro_> and yeah the first one is more base system but includes another GUI apps like openoffice.org
[16:16] <stgraber> good, let's hope we'll have as many people for the desktop hugday as we do for the current one
[16:16] <liw> anything else?
[16:17] <liw> if so, let's get back to this point later
[16:17] <liw> [TOPIC] Nautilus bug day
[16:17] <MootBot> New Topic:  Nautilus bug day
[16:18] <liw> pedro? ogasawara? (assuming bdmurray ran away already)
[16:18] <pedro_> the nautilus bug day went pretty fine we have some stats at the bottom of https://wiki.ubuntu.com/UbuntuBugDay/20080129
[16:18] <liw> cool
[16:18] <pedro_> a couple of new faces helped out
[16:18] <liw> excellent
[16:19] <liw> anything else about this?
[16:20] <pedro_> yes the good thing is that the bugs that we need confirmation to be fixed with nautilus-gio a good portion are fixed
[16:20] <pedro_> so thanks to all the brave bug testers ;-)
[16:20] <liw> indeed :)
[16:21] <liw> [TOPIC] Alpha 4 testing
[16:21] <MootBot> New Topic:  Alpha 4 testing
[16:23] <liw> https://lists.ubuntu.com/archives/ubuntu-devel-announce/2008-January/000371.html is the announcement for Alpha 4, from yesterday, so Alpha 4 should happen tomorrow
[16:23] <stgraber> Do we have candidates ready for testing ?
[16:23] <stgraber> I have done some netboot testing yesterday with good results
[16:23] <liw> how are we set up for that? is everything in order to start testing tomorrow once the ISOs are released?
[16:23] <stgraber> the only problem being the new restricted-manager being buggy (I had to install my nvidia driver by hand)
[16:24] <stgraber> I have set "Hardy Alpha 4" as the default milestone on the tracker
[16:24] <stgraber> so any website admin can now add the builds (pitti and slangasek know how to do so)
[16:25] <Hobbsee> ich auch
[16:25] <liw> stgraber, so the iso tracker is ready for everything? that should mean we're ready to start testing, yes?
[16:26] <stgraber> yes
[16:26] <liw> excellent
[16:27] <liw> [TOPIC] QA-Poll beta
[16:27] <MootBot> New Topic:  QA-Poll beta
[16:27] <nand> oh, my turn.
[16:27] <stgraber> nand: stage is yours :)
[16:27] <nand> Well, I was hoping to see heno today for the domains names!
[16:28] <nand> otherwise everything is ready
[16:28] <nand> for upload and a private testing period
[16:28] <stgraber> apart from the fact that we need to merge devel with trunk again (which may take some time) :)
[16:28] <nand> I just need confirmation for the subdomains to tweak my .htaccess scripts :)
[16:28] <nand> yes :)
[16:29] <nand> This WE, if you are available
[16:29] <stgraber> What I also wanted to ask here about that is also : Who will be part of the private beta ?
[16:30] <nand> sry, pple around
[16:30] <nand> I'd say the QA team
[16:31] <nand> and some others... But we cannot publicy announce it yet I guess.
[16:31] <stgraber> the idea is not to have people advertising it through blog posts or things like that as we may have to change some bits
[16:31] <nand> yes.
[16:31] <nand> So I'd say the team and trusted friends
[16:32] <liw> is the private beta expected to last long?
[16:32] <stgraber> I personally thought ot : Canonical QA team + nand + evand (he was beta tester for the first implementation of qa-poll) + davmor2 + myself
[16:32] <stgraber> liw: my plan was from Tribe-4 till Tribe-5
[16:33] <nand> the time for me to fix everything you find :) I hope no more than two weeks
[16:33] <stgraber> liw: public release happening short after Tribe-5
[16:33] <liw> that's pretty short
[16:33] <liw> which is good
[16:33] <stgraber> that's a 2-3 weeks window, good if we don't find any major bug/lack
[16:33] <nand> yes. I'd really like it to be released at least two months before the hardy release, to gather a good lot of ideas
[16:34] <nand> yes
[16:34] <stgraber> anyway, I think we'll need Canonical's approval for the final release as it was planned to advertise it quite a bit (it's not a devel tool)
[16:34] <nand> I guess so
[16:35] <liw> anything else about the qa-poll beta?
[16:35] <nand> nothing else to add.
[16:36] <nand> stgraber: let's see this week end about it?
[16:36] <liw> in that case...
[16:36] <liw> #endmeeting
[16:36] <MootBot> Meeting finished at 16:36.
[16:36] <liw> whee
[16:37] <pedro_> thanks all
[16:37] <stgraber> nand: works for me
[16:38] <stgraber> nand: I'll need to check that all the patches I have done in the trunk are also done in the devel branch to avoid regressions
[16:38] <stgraber> nand: I think I did them the same time in both, but I would like to be sure of that before merging
[16:38]  * liw runs off to an irl meeting *sigh*
[16:38] <nand> ok. See ya this WE then!
[16:39] <stgraber> liw: have a good irl meeting
[16:39]  * nand is back to work
=== txwikinger2 is now known as txwikinger
=== \sh is now known as \sh_away
=== \sh_away is now known as \sh
[19:21] <propagandist> @schedule EST
[19:21] <ubotu> Schedule for EST: 30 Jan 15:00: Security Team | 30 Jan 16:00: Server Team | 01 Feb 15:00: MOTU | 13 Feb 17:30: Forum Council | 19 Feb 20:00: TriLoCo-Midwest
=== ubotu changed the topic of #ubuntu-meeting to: Current meeting: Security Team Calendar: http://fridge.ubuntu.com/event | Logs: https://wiki.ubuntu.com/MeetingLogs/ | 30 Jan 21:00 UTC: Server Team | 01 Feb 20:00 UTC: MOTU | 13 Feb 22:30 UTC: Forum Council | 20 Feb 01:00 UTC: TriLoCo-Midwest
[20:00] <keescook> @now
[20:00] <emgent> heya keescook
[20:00] <emgent> :)
[20:00] <keescook> hiya emgent
[20:01] <keescook> it's 20:00 so I'll get us started...
[20:01]  * jdstrand waves
[20:01] <keescook> #startmeeting
[20:01] <MootBot> Meeting started at 20:01. The chair is keescook.
[20:01] <MootBot> Commands Available: [TOPIC], [IDEA], [ACTION], [AGREED], [LINK], [VOTE]
[20:01] <emgent> ok :)
[20:01] <keescook> so who all is here for the security team meeting?  So far I know emgent and jdstrand are listening.  :)
[20:01] <propagandist> me
[20:01] <keescook> hi propagandist!
[20:01]  * propagandist waves
[20:01] <dendrobates> \o/
[20:01]  * zul is lurking
[20:02] <keescook> I've started the initial outline for the security team wiki area
[20:02] <keescook> [URL] https://wiki.ubuntu.com/SecurityTeam
[20:02] <keescook> it's nearly empty except for the agenda
[20:02] <jdstrand> heh
[20:02] <emgent> :)
[20:02] <keescook> [URL] https://wiki.ubuntu.com/SecurityTeam/Meeting
[20:03] <keescook> well, given it's our first meeting, I figure we should all give a quick intro about ourselves.
[20:04] <keescook> I'm part of the "main" security team (and a Canonical employee).  With jdstrand, I'm responsible for keep packages in main for all the supported releases free of CVEs.  :)
[20:05] <keescook> additionally, I do some coordination of proactive security development work in the devel release of Ubuntu.
[20:05] <keescook> who wants to go next?  :)
[20:05] <jdstrand> o/
[20:05] <crimsun> ('lo, sorry about the tardiness)
[20:05] <keescook> neversfelde, jason_tang, crimsun: all here for the security team meeting?
[20:05]  * Mithrandir lurks
[20:05] <keescook> np, we're just getting started
[20:05] <crimsun> keescook: aye.
[20:05] <jdstrand> as keescook said, I am a part of the 'main' security team and a Canonical employee
[20:06] <emgent> :)
[20:06] <jason_tang> jason_tang -> jtang@tresys.com
[20:06] <propagandist> I'm an employee of Tresys Technology and work generally with the upstream SELinux. My current project is to supply Hardy with SELinux support ;o)
[20:06] <keescook> neversfelde, jason_tang, crimsun: agenda is here https://wiki.ubuntu.com/SecurityTeam/Meeting
[20:07] <emgent> I'm a member of Motu-swat, and i'm in MOTU mentoring.
[20:07] <emgent> keescook, sorry i should reset router. see u 2 mins.
[20:07] <keescook> [LINK] https://wiki.ubuntu.com/SecurityTeam
[20:07] <MootBot> LINK received:  https://wiki.ubuntu.com/SecurityTeam
[20:07] <keescook> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
[20:07] <MootBot> LINK received:  https://wiki.ubuntu.com/SecurityTeam/Meeting
[20:07] <keescook> (was using the wrong command...)
[20:08] <keescook> emgent: okay
[20:08] <keescook> cool, thanks, anyone else want to introduce themselves?
[20:09] <dendrobates> oooo me
[20:09] <crimsun> sure.  dan chen, crimsun at ubuntu dot com.
[20:10] <dendrobates> I am also a Canonical employee.  I manage the server and security team , of which, jdstrand and keescook are a part.
[20:10] <keescook> crimsun: what things are you generally interested in from a security perspective?  everyone else so far, I can guess at.  :)
[20:11] <crimsun> keescook: development processes, IDS/IPS, auditing generally.
[20:12] <keescook> emgent: you're up.  can you give people a quick overview about what you're interested in?
[20:13] <keescook> _emgent: ^^
[20:13] <_emgent> back.
=== _emgent is now known as emgent
[20:14] <emgent> sure
[20:14] <emgent> My main interest are: auditing generally and penetration tests
[20:15] <keescook> okay, cool.  Let's move to the first item on the agenda
[20:15] <keescook> [TOPIC] CVE status
[20:15] <MootBot> New Topic:  CVE status
[20:16] <keescook> one of the things jdstrand, Fujitsu, and I have been working on is getting the Ubuntu CVE tracker looking good
[20:16] <keescook> at present, the tracker is in bzr, and we're doing well keeping up with things.
[20:16] <keescook> there's always more work to do, but for anyone interested in issue tracking, check it out:
[20:17] <keescook> [LINK] https://launchpad.net/ubuntu-cve-tracker/
[20:17] <MootBot> LINK received:  https://launchpad.net/ubuntu-cve-tracker/
[20:17] <keescook> pretty soon we should have the finishing touches on an HTML export of the data (jdstrand has done some great work on this)
[20:17] <emgent> cool
[20:17] <jdstrand> I'd like to mention that the ubuntu-cve-tracker covers all packages, not just main
[20:17] <keescook> yes, very good point.
[20:18] <keescook> some of it is a bit out of date -- one tool that needs to be (re)written is a changelog-scanner that can see when CVEs are fixed on upload.
[20:18] <keescook> [IDEA[ finish changelog scanner to mark closed CVEs
[20:18] <keescook> [IDEA] finish changelog scanner to mark closed CVEs
[20:18] <MootBot> IDEA received:  finish changelog scanner to mark closed CVEs
[20:18] <emgent> +1
[20:18] <keescook> :)
[20:18] <joejaxx> :)
[20:19] <keescook> that's all I wanted to mention about the tracker.  it basically drives the security update work, so it's a good place to look for things or check on stuff.
[20:20] <keescook> (and I want to start moving a little more quickly, since we've got a hard-stop at 21:00)
[20:20] <keescook> moving on...
[20:20] <keescook> [TOPIC] AppArmor progress
[20:20] <MootBot> New Topic:  AppArmor progress
[20:20] <keescook> this is a bit redundant with the server team status possibly, but I thought I'd mention it quickly here too.
[20:21] <keescook> as it stands, the AppArmor infrastructure is stable and working in Hardy.  There are a few tweaks pending in the next kernel upload, but other than that, we should now match what SuSE will ship next.
[20:21] <keescook> profile creation work continues -- I will defer to the Server Team meeting for that discussion.
[20:22] <keescook> any questions or thoughts on AppArmor?
[20:22] <emgent> nope, https://wiki.ubuntu.com/AppArmor is ok :)
[20:22] <keescook> sounds good.
[20:22] <joejaxx> i am glad we are matching up with SuSE :)
[20:22] <keescook> [TOPIC] SELinux progress
[20:22] <MootBot> New Topic:  SELinux progress
[20:22] <keescook> we've got 2 tresys folks here, so I'll let them discuss this one.  :)
[20:23] <propagandist> ;o}
[20:23] <propagandist> We've updated the packages for most of selinux upstream. I've put them here:
[20:23] <propagandist> [LINK] https://code.launchpad.net/~calebcase/+junk/selinux-support
[20:23] <MootBot> LINK received:  https://code.launchpad.net/~calebcase/+junk/selinux-support
[20:23] <propagandist> The blueprint for selinux support is available at:
[20:23] <propagandist> [LINK] https://blueprints.launchpad.net/ubuntu/+spec/selinux-support
[20:23] <MootBot> LINK received:  https://blueprints.launchpad.net/ubuntu/+spec/selinux-support
[20:23] <propagandist> The wiki was updated today with some more infomration about our direction here:
[20:23] <propagandist> [LINK] https://wiki.ubuntu.com/HardySELinux
[20:23] <MootBot> LINK received:  https://wiki.ubuntu.com/HardySELinux
[20:24] <keescook> are these packages patched versions of what's in Debian, or total replacements?
[20:24] <propagandist> They are total replacements.
[20:24] <propagandist> The debian maintainer is somewhat mia at the moment.
[20:25] <keescook> okay.  (I see the changelog builds on the Debian package -- that's good)
[20:25] <emgent> :)
[20:25] <keescook> [LINK] http://codebrowse.launchpad.net/~calebcase/+junk/selinux-support/annotate/calebcase%40gmail.com-20080129123710-usfimgmeob938hj5?file_id=changelog-20080128164716-qc9exv0y4qt0xf39-216
[20:25] <MootBot> LINK received:  http://codebrowse.launchpad.net/~calebcase/+junk/selinux-support/annotate/calebcase%40gmail.com-20080129123710-usfimgmeob938hj5?file_id=changelog-20080128164716-qc9exv0y4qt0xf39-216
[20:26] <keescook> I'm on holiday next week, but I'll get these reviewed (and in theory uploaded) before feature freeze
[20:26] <keescook> [ACTION] keescook to review selinux packaging work
[20:26] <MootBot> ACTION received:  keescook to review selinux packaging work
[20:26] <keescook> I'd happily welcome other eyes on it too.  :)
[20:26] <propagandist> Up till recently the focus was to get all the packages updated to upstream. That seems to be mostly done now, and we've moved to creating the 'selinux' package and testing them out. We're also updating the security policy.
[20:27] <keescook> propagandist: have you posted any of the package builds to REVU?  That might be handy too.
[20:27] <crimsun> I'm happy to look over them, too, since my work is directly related.
[20:27] <propagandist> keescook: will do
[20:27] <joejaxx> :)
[20:27] <keescook> [ACTION] crimsum to review selinux packaging work
[20:27] <MootBot> ACTION received:  crimsum to review selinux packaging work
[20:27] <propagandist> the more eyes the better
[20:27] <keescook> [ACTION] propagandist to post selinux packaging to REVU
[20:27] <keescook> agreed
[20:27] <MootBot> ACTION received:  propagandist to post selinux packaging to REVU
[20:28] <emgent> cool
[20:28] <keescook> great job!  I'm really happy to see this moving forward at a fast clip.  :)
[20:28] <joejaxx> :D
[20:28]  * joejaxx is too :)
[20:28] <propagandist> ;o}
[20:28] <propagandist> There is one issue with ubuntu-standard
[20:29] <keescook> propagandist: once things are uploaded, would you be able to write a "here's how to use/test SELinux" email for ubuntu-devel and ubuntu-hardened?
[20:29] <keescook> propagandist: what's the issue?
[20:29] <joejaxx> keescook: i was just about to ask that
[20:29] <joejaxx> :)
[20:29] <propagandist> it is recommending apparmor-utils, which if you try to install a conflicting package with apparmor attempts to uninstall standard
[20:30] <propagandist> It may be better for it to recommend security-utils and have apparmor-utils provide it
[20:30] <keescook> propagandist: right, I remember this bit now -- I like the meta-package solution that was proposed
[20:30] <propagandist> kk
[20:30] <propagandist> sure thing on the email
[20:30] <crimsun> oh, meaning virtual package?  Sorry, I was looking for a security-meta.
[20:30] <propagandist> although there is a short quick and dirty on the wiki
[20:31] <keescook> crimsun: sorry, yes, virtual package; my bad.  :)
[20:31] <propagandist> yes a meta package for linux-security would be ideal for handling the switching
[20:31] <keescook> propagandist: between an PPA and REVU, it should be possible to make item 1 on the "Quick and Dirty" list very easy for people.
[20:32] <keescook> [ACTION] keescook to investigate virtual package for security utils (apparmor/selinux agnostic) to not conflict with ubuntu-standard
[20:32] <MootBot> ACTION received:  keescook to investigate virtual package for security utils (apparmor/selinux agnostic) to not conflict with ubuntu-standard
[20:32] <propagandist> keescook: kk, i've been working on putting things into my PPA
[20:32] <keescook> great! :)
[20:32] <keescook> any other notes on SELinux?  (/me rushes forward in the agenda...)
[20:33] <propagandist> i think thats it for now
[20:33] <keescook> [TOPIC] Hardening wrapper testing
[20:33] <MootBot> New Topic:  Hardening wrapper testing
[20:33] <jdstrand> thanks for your good work on this propagandist
[20:33] <keescook> okay, I sent an email about the new compile-time hardening options wrapper
[20:33] <propagandist> jdstrand: thanks ;o)
[20:34] <keescook> [LINK] https://lists.ubuntu.com/archives/ubuntu-devel/2008-January/024958.html
[20:34] <MootBot> LINK received:  https://lists.ubuntu.com/archives/ubuntu-devel/2008-January/024958.html
[20:34] <keescook> and I've been coordinating with Debian as well (Moritz announced the cousin project for hardening in Debian this week)
[20:35] <keescook> I'd really love it if people doing builds could test the wrapper (and obviously the resulting builds)
[20:35] <keescook> does anyone have any ideas about ways we can motivate its use, and/or track its progress?
[20:36] <crimsun> one way could be to have it hook into pbuilder.
[20:37] <keescook> crimsun: in what way?  hooking it to dpkg-buildpackage had been discussed, but no one wanted it to be a hard Depends or anything.
[20:38] <keescook> I'd love to see about getting a full archive rebuild done with it enabled.  This was done in Debian which was very educational.
[20:39] <jdstrand> keescook: IIRC this is going to be turned on by default in hardy+1, correct?
[20:39] <crimsun> keescook: assuming hardening-wrapper is promoted into main, have the pbuilder package depend on it, create a separate hooks subdirectory.  This would allow people to enable it for testing by passing the pbuilder hook* options.
[20:39] <keescook> jdstrand: assuming it doesn't melt all the builds, yes.  Part of getting it tested in Hardy is to make doko happy
[20:39] <jdstrand> oh, so we are turning it on for hardy builds, at least for a while?
[20:40] <keescook> crimsun: interesting -- I don't use pbuilder so I'm unfamiliar with the hook options.
[20:40] <keescook> jdstrand: no, I mean, the package is available for people to test with
[20:40] <crimsun> keescook: since a lot of people should^Ware using pbuilder, it would be a fairly unintrusive method of selectively enabling it.
[20:40] <jdstrand> ah, that's what I thought
[20:40] <crimsun> should be*/are
[20:40] <keescook> crimsun: can you write a few notes about that to the wiki page for it?
[20:41] <keescook> [LINK] https://wiki.ubuntu.com/Security/HardeningWrapper
[20:41] <MootBot> LINK received:  https://wiki.ubuntu.com/Security/HardeningWrapper
[20:41] <crimsun> keescook: sure
[20:41] <keescook> cool, I'll add some notes about it for sbuild
[20:41] <keescook> [ACTION] crimsun to add pbuilder notes to wiki, keescook to add sbuild notes to wiki
[20:41] <MootBot> ACTION received:  crimsun to add pbuilder notes to wiki, keescook to add sbuild notes to wiki
[20:42] <emgent> good. :)
[20:42] <keescook> has anyone actually used the wrapper yet besides me?  :)
[20:42] <keescook> if you haven't, please pick you favorite app and give it a try.  :)  inkscape builds/runs fine for me.  :)
[20:43]  * jdstrand is ashamed to say he has not yet
[20:43] <keescook> hehe
[20:43] <jdstrand> (but will)
[20:43] <keescook> okay, moving on
[20:43] <emgent> hhaha me too.
[20:43] <emgent> :)
[20:43] <keescook> [TOPIC] organized penetration testing and auditing
[20:43] <MootBot> New Topic:  organized penetration testing and auditing
[20:44] <keescook> emgent has been doing some great work poking at the edges of various ubuntu services, and proposed a formalized team to do this kind of work into the future
[20:45] <keescook> emgent: what sort of plans do you have?  I have a few notes about it, but figured we should hear from you first.
[20:45] <\sh> grmpf...I'm late...but I'm there at least
[20:45] <emgent> well, i created a wiki page and launchpad group
[20:45] <keescook> \sh: hi!
[20:46] <joejaxx> emgent: do you have a link to that? :)
[20:46] <emgent> but i dont know if name is good and if it's good add to MOTU-SWAT branch.
[20:46] <\sh> keescook, evening...sorry for being late :)
[20:46] <emgent> [LINK] https://wiki.ubuntu.com/UbuntuHackersTeam
[20:46] <MootBot> LINK received:  https://wiki.ubuntu.com/UbuntuHackersTeam
[20:46] <keescook> \sh: no problem -- that's what IRC logs are for.  :)
[20:46] <emgent> [LINK] https://launchpad.net/~ubuntu-hackers
[20:46] <MootBot> LINK received:  https://launchpad.net/~ubuntu-hackers
[20:46] <keescook> emgent: so, one of the things that came up on MOTU was people not wanting to confuse the term "hackers".
[20:47] <emgent> i select this name because i see GNU structure
[20:47] <keescook> I don't have any strong opinion myself, but in the interests of clarity, what do you think about calling the subteam "ubuntu-pentest" or something like that?
[20:47] <joejaxx> perhaps use PenTest ?
[20:47] <joejaxx> keescook: yeap :D
[20:47] <keescook> joejaxx: we are of one mind! :)
[20:47] <joejaxx> keescook: :D
[20:47] <crimsun> right, "hackers" is far too overloaded.
[20:47] <emgent> and GNU have Hackers Team, but the name it'snt important
[20:47] <Mithrandir> ubuntu-pokers.
[20:47] <keescook> I've never tried -- can LP team names be changed?
[20:48] <keescook> Mithrandir: heheh
[20:48] <joejaxx> keescook: yes i believe so
[20:48] <emgent> Mithrandir, lol
[20:48] <joejaxx> lol
[20:48] <Mithrandir> suitably ambigious. :-)
[20:48] <keescook> Mithrandir: then we'll need to buy chips and deal cards.
[20:48] <keescook> hehe
[20:48] <joejaxx> lol :P
[20:49] <keescook> another topic was auditing as an area of work for the pentest team.
[20:49] <emgent> What would be the best name, and who is interested in contributing?
[20:49] <keescook> I tend to view successfully audit work as "grey boxing" -- looking at both source and behavior.  if you're looking at behavior, you're a pentester.
[20:49] <keescook> emgent: I'd vote for "ubuntu-pentest".  I'm highly interested, but low on time.
[20:50] <emgent> ubuntu-pentest or ubuntu-fox ? :-)
[20:50] <joejaxx> yeah i would put my vote -pentest as well
[20:50]  * Mithrandir votes for -pokers
[20:50] <keescook> let's go with ubuntu-pentest for now?  emgent can you adjust it?
[20:51] <emgent> keescook, sure.
[20:51] <emgent> but i'd like Mithrandir idea :P
[20:51] <keescook> [ACTION] emgent to rename ubuntu-hackers team to ubuntu-pentest
[20:51] <MootBot> ACTION received:  emgent to rename ubuntu-hackers team to ubuntu-pentest
[20:51] <keescook> another area of concern is making sure we attract the _right_ kind of people for the pentest work.
[20:52] <joejaxx> keescook: yeah that is the other thing :(
[20:52] <joejaxx> we do not want to attract the wrong crowd
[20:52] <keescook> emgent has done a great job with private disclosure, and I think making sure this remains the focus, it will be sucessful
[20:52] <emgent> https://edge.launchpad.net/~ubuntu-pentest is online.
[20:52] <emgent> :)
[20:52] <keescook> so, making sure the language is unambigious on the wiki page will be good.
[20:53] <joejaxx> yeap
[20:53] <emgent> keescook, just a moment :)
[20:53] <keescook> also, the LP team has asked that poking at LP be done via staging.launchpad.net just in case something would break production services.
[20:54] <keescook> equally so, anything that may have bad effects should be run past the #is staff first
[20:54] <jdstrand> ok good
[20:54] <emgent> ok cool.
[20:54] <Mithrandir> keescook: ITYM #canonical-sysadmin?
[20:54] <crimsun> literally #is, or #canonical-sysadmins?
[20:55] <jdstrand> I would like to say that the language should be *very* clear
[20:55] <keescook> Mithrandir: right, sorry.  #canonical-sysadmins is right
[20:55] <\sh> keescook, what about a general "you are allowed to break stuff on a commercial website", for the members of the team? thinking of the legal view of all those penetration tests
[20:55] <jdstrand> this isn't a honeynet challenge or anything
[20:55] <keescook> \sh: yeah, agreed.
[20:56] <\sh> keescook, regarding all the nifty lawyers out there, it's necessary to address those issues first for non-canonical members :)
[20:56] <joejaxx> :)
[20:56] <keescook> let's get some language proposed, and we can approve it for the next meeting?
[20:56]  * mathiaz waves at keescook and sits at the back for the first security team meeting :D
[20:56] <jdstrand> if the members of the team are allowed to break stuff, then that needs to by a moderated team-- is it?
[20:56] <joejaxx> sounds good
[20:56] <emgent> keescook, +1
[20:56] <keescook> okay, 5 minutes left...
[20:56] <\sh> jdstrand, hopefully yes...
[20:56] <joejaxx> jdstrand: the team is restricted at the moment
[20:57] <joejaxx> i just looked
[20:57] <emgent> keescook, i open this ? or restricted ?
[20:57] <jdstrand> ok
[20:57] <crimsun> (I was thinking to have emgent and Canonical employees be admins.)
[20:57] <keescook> emgent: leave it restricted -- we want to make sure people understand the "do no harm" ideals
[20:57] <keescook> [TOPIC] next meeting
[20:57] <MootBot> New Topic:  next meeting
[20:57] <emgent> keescook, ok.
[20:57] <keescook> what do people think of same time/place in two weeks?
[20:57] <crimsun> WFM.
[20:57] <joejaxx> keescook: sounds good to me :)
[20:58] <jdstrand> time is good for me
[20:58] <\sh> keescook, around 20 UTC is a good time :) so yes :)
[20:58] <emgent> +1
[20:58] <propagandist> good for me too
[20:58] <keescook> \o/  that's set.
[20:58] <keescook> okay, everyone please feel free to add agenda items to the wiki page (and fill out missing sections of the wiki)
[20:58] <\sh> crimsun, you add something for sbuild how to enable the wrapper? :)
[20:58] <crimsun> \sh: kees will; I'll work on pbuilder.
[20:59] <\sh> crimsun, ok...other way around :)
[20:59] <emgent> keescook, two questions:
[20:59] <keescook> emgent: sure
[20:59] <crimsun> thanks, everyone!
[20:59] <emgent> 1) it's possible drop and register #ubuntu-security?
[20:59] <keescook> emgent: yes, I think we should do this, and probably start a mailing list too
[20:59] <keescook> [ACTION] keescook to poke irc ops to get #ubuntu-security online
[20:59] <MootBot> ACTION received:  keescook to poke irc ops to get #ubuntu-security online
[21:00] <emgent> 2) it's possible add ubuntu-security@lists.ubuntu.com ?
[21:00] <mathiaz> keescook: couldn't ubuntu-hardened be used for that ?
[21:00] <keescook> mathiaz: possibly... good point
[21:00] <keescook> emgent: is that okay with you?  the channel is pretty low-volume at the moment
[21:00] <emgent> ubuntu-security it's ok, we can add all security project this.
[21:00] <jdstrand> #ubuntu-hardened needs some life ;)
=== ubotu changed the topic of #ubuntu-meeting to: Current meeting: Server Team Calendar: http://fridge.ubuntu.com/event | Logs: https://wiki.ubuntu.com/MeetingLogs/ | 01 Feb 20:00 UTC: MOTU | 13 Feb 22:30 UTC: Forum Council | 20 Feb 01:00 UTC: TriLoCo-Midwest
[21:00] <keescook> #endmeeting
[21:00] <MootBot> Meeting finished at 21:00.
[21:01] <emgent> motu-swat, security and ubuntu-pentest.
[21:01] <keescook> okay, we gotta get outta the way for the next meeting.  :)   yup, we should list all the "sub-teams" on the wiki
[21:01] <joejaxx> :)
[21:01] <keescook> thanks everyone for coming!!  yay first meeting!  :)
[21:01] <propagandist> ;o)
[21:01] <emgent> :)
[21:01] <emgent> thanks keescook
[21:01] <joejaxx> keescook: :D
[21:01] <mathiaz> all right folks ! Let's get started with the server meeting
[21:01] <dendrobates> hello all
[21:01]  * keescook switches hats
[21:02] <emgent> hehehe :)
[21:02] <zul> hello
[21:02] <joejaxx> hi
[21:03] <mathiaz> #startmeeting
[21:03] <MootBot> Meeting started at 21:03. The chair is mathiaz.
[21:03] <MootBot> Commands Available: [TOPIC], [IDEA], [ACTION], [AGREED], [LINK], [VOTE]
[21:03] <mathiaz> The agenda for today is here: https://wiki.ubuntu.com/ServerTeam/Meeting
[21:04] <mathiaz> [TOPIC] Start a Mentoring program
[21:04] <MootBot> New Topic:  Start a Mentoring program
[21:04] <mathiaz> So I'd like to talk about starting a mentoring program for the server team
[21:04] <nxvl_work> it would be great
[21:05] <nxvl_work> so more people can be involved on the team
[21:05] <mathiaz> The MOTU team and the Documentation have similar programs in order to attract more contributors
[21:05] <nxvl_work> (and i can get a little help starting :P)
[21:05] <ScottK2> The MOTU program has not, in my opinion, been a resounding success.
[21:05] <keescook> mathiaz: would it be joined to MOTU mentoring in some way, or is this above and beyond "regular" MOTU mentoring?
[21:05]  * ScottK2 doesn't really like it.
[21:05] <soren> ScottK2: Why?
[21:05] <mathiaz> keescook: it wouldn't be related to the MOTU mentoring process.
[21:06] <ScottK2> Because it divides the community up.
[21:06] <mathiaz> there are different activities that can be mentored in the server team, not only packaging
[21:06] <faulkes-> I think it would be of value (as I'm new here), getting involved would make it easier for new people
[21:06] <soren> ScottK2: Not "why wasn't it a success", but "why don't you like it"?
[21:06] <ScottK2> Right
[21:06] <mathiaz> like bug triagging or documentation
[21:06] <ScottK2> There are separate mentoring lists, etc and so people go there and don't get known in the community.
[21:07] <ScottK2> It raises the barrier to entry on the regular MOTU ML/IRC.
[21:07] <mathiaz> ScottK2: I don't think we should copy exactly what has been done for MOTU
[21:07] <ScottK2> OK.
[21:07] <mathiaz> I like the way the documentation team is doing it.
[21:07]  * ScottK2 isn't familiar with that.
[21:07] <mathiaz> I like also the concept of the MOTU reception.
[21:07] <sommer> I was just going to mention the doc team's mentoring
[21:07] <soren> ScottK2: I see what you saying about dividing the community, but I think a server specific mentoring program might lure a different demographic to help us out.
[21:08] <mathiaz> the documentation team requires potential candidates to sent out an email to the ubuntu-doc to ask for a mentor.
[21:08] <Daviey> Who is the target audience for a mentoring program?
[21:08] <mathiaz> I wonder if the MOTU reception system would be better
[21:09] <ScottK2> Additionally, the existance of a mentoring program leads to people believing it's required to start contributing.
[21:09] <mathiaz> Daviey: people that want to get involved in the Server Team but don't really know how
[21:09] <ScottK2> mathiaz: That's the start of dividing the community.
[21:09] <soren> How about if we "market" an Ubuntu Server mentoring program that is really part of the regular motu mentoring program, but we assign server-types as mentors? It wouldn't have to be totally separate.
[21:09] <nxvl_work> mathiaz: on the MOTU they have a track of who is mentoring who, and a queue of the available mentors
[21:09] <ScottK2> Unless you're in the mentoring program you have no idea who is there.  It's completely separate.
[21:09] <mathiaz> some people know exactly what they wanna do, others not really.
[21:09] <Daviey> mathiaz: yes, other than social aspects of how the team works, how to contribute etc - i mean on a technical level, what would the mentor recieve?
[21:10] <mathiaz> soren: linking the mentoring program to the MOTU would focus mentees on packaging
[21:10] <mathiaz> I think the server mentoring program should have broader scope
[21:10] <soren> mathiaz: Not necessarily. The MOTU mentoring program isn't exactly a static entity.
[21:11] <mathiaz> As I already said: documentation, bug triagging, etc..
[21:11] <\sh> mathiaz, I think you need a focus on people who are dealing with ubuntu/debian servers in real world environments...
[21:11] <nxvl_work> mathiaz: but you can ask the motu-mentors team to manage a second queue for server team
[21:11] <mathiaz> soren: IIUC MOTU mentoring is about packaging
[21:11] <soren> So far, it has been focused on getting new packagers on board, but it's open to people who just want to help fixing bugs here and there.
[21:11] <ScottK2> In my experience anyone who is afraid to ask a question via ML or IRC isn't likely to be much help in the long run.
[21:11] <nxvl_work> mathiaz: no, it isn't
[21:11] <mathiaz> soren: ok - I missed that change of focus then.
[21:12] <nxvl_work> mathiaz: it is about packaging, community, and all the aspects of the ubuntu-developing
[21:12] <soren> My point is:
[21:12] <nxvl_work> but also a mentor is not always behind you saying what to do, just put goals on you and is there is you need some help
[21:12] <soren> We can advertise a server mentoring program..
[21:12] <soren> if people sign up for it, we'd have people mentoring them.
[21:12] <soren> but
[21:12] <\sh> soren, you mean we need sysadmins filing bugs, knowing eventually how to fix the issue etc. not the ubuntu desktop user using a local apache2 on his/her homemachine
[21:12] <soren> it could be part of the MOTU mentoring program. It wouldn't have to be completely separate from it.
[21:13] <nxvl_work> soren: i will be the first one signed up XP
[21:13] <nxvl_work> XD
[21:13] <soren> If we find that Ubuntu would benefit from a change to the MOTU mentoring process, we can just propose it.
[21:13] <ScottK2> nxvl_work: What would you hope to get out of it you can't get already?
[21:14] <nxvl_work> ScottK2: good point :S
[21:14] <mathiaz> May be we can advertise the MOTU mentoring process on the ServerTeam pages then
[21:14] <ScottK2> Is a serious question.
[21:14] <ScottK2> mathiaz: To what benifit?
[21:14] <soren> I'd love to see the mentoring program expand to have domain specific branches as well.
[21:14] <mathiaz> ScottK2: get more people aware of this program
[21:14] <nxvl_work> mmm
[21:15] <mathiaz> soren: aggred - that's my point.
[21:15] <ScottK2> OK.
[21:15] <mathiaz> people come to Ubuntu using different paths
[21:15] <ScottK2> I'll say I'm against it because I don't think it helps.
[21:15] <nxvl_work> ok, about the cuestion of ScottK2, i find a mentoring program usefull for new developers that have really noob cuestions and they will not ask on the ML
[21:15] <soren> People might not be looking to "become a MOTU", but just "want to help out with server stuff". It's not obvious at first sight that one implies the other.
[21:15] <mathiaz> so the earlier they have signs about how to contribute the better
[21:16] <nxvl_work> BUT
[21:16] <mathiaz> ScottK2: but I aggree with you that we shouldn't duplicate processes.
[21:16] <nxvl_work> i'm also agree with ScottK2 that they can ask on the ML and IRC, as i have done se far, and is the same
[21:16] <mathiaz> ScottK2: If the MOTU mentoring can be used for server-oriented folks, I'm all for it.
[21:16] <nxvl_work> there is always someone that helps
[21:16] <mathiaz> soren: exactly.
[21:16] <ScottK2> The problem is that once you push 'noob questions' off on a mentoring program, the barrier to entry just becomes higher and the problem gets works.
[21:17] <soren> ScottK2: How do you figure that?
[21:17] <nxvl_work> i think it will be better to participate on the MOTU mentoring program and teach server specific things for the ones who are interested on it
[21:17] <faulkes-> to interject, asking a question on IRC or an ML does not itself imply any commitment to the team, it's usually people looking for an answer to a problem they have
[21:17] <nxvl_work> starting from packaging
[21:17] <\sh> mathiaz, would you like to explain "server-oriented folks" to me? people having problems with the linux kernel on ubuntu-server are "server oriented" or "kernel oriented"? just asking for clarification?
[21:18] <ScottK2> soren: People don't ask basic questions because no one else does and they are afraid to look stupid.  The more those questions get asked elsewhere, the more people are afraid.
[21:18] <mathiaz> \sh: by server-oriented, I mean people that have an interest in server related software
[21:18] <mathiaz> \sh: mainly sys admin in buisness and so on
[21:18] <ScottK2> Segragating new people off on another channel doesn't create more resources to answer questions.
[21:19] <soren> ScottK2: Well, some people make sure that the tone is #ubuntu-motu isn't always as friendly as one would like. If another place that is specifically meant for newbie questions existed, people who are afraid can just ask there. I don't see the problem.
[21:19] <mathiaz> they're not necessarly interested in doing packaging work. Their server experience could be helpfull in other areas
[21:19] <\sh> mathiaz, so the real problem is, that sysadmins using ubuntu on a server are not knowing about  how to deal with a bug, e.g. filing bugs or where to push a bugfix to...right?
[21:20] <faulkes-> or add documentation / implementation guides
[21:20] <mathiaz> \sh: no.. That's not what I meant. I'm trying to get more contributors on board.
[21:20] <ScottK2> soren: OK.  We'll have to agree to disagree then.
[21:20] <nxvl_work> soren: but as ScottK2 says, MOTU is tu separete, there is #ubuntu-classroom channel, motu-mentors list, so it's kind of saying newbies here, people who know there
[21:20] <mathiaz> \sh: how can we turn them from bug reported (for ex) to bug fixer
[21:21] <soren> If the alternative is that they just stay away...
[21:22] <nxvl_work> mathiaz: using more the "mentoring offered" option for example is a good place to start
[21:22] <mathiaz> ok - so to get tings moving, I think we should get in touch with the MOTU mentoring program to see if we can colaborate on this.
[21:22] <ScottK2> My experience when people have PM'ed me with questions that they thougth were too basic for the channel is that I asked them to work on channel so others could benifit from the answers and it was all fine.
[21:23] <nxvl_work> if a new contributor comes to the LP page, clicks on mentoring offered and only sees 4 options, they walk away
[21:23] <mathiaz> I'll talk with dholbach about it.
[21:23] <nxvl_work> and thats not what we want
[21:23] <faulkes-> maybe I can put this into perspective a bit, like I said, I'm new, I'm looking to get involved, however, having gone over the wiki, the team pages and what not, there is still quite a bit which eludes me from the perspective of "how do I specifically get involved with the server side of things"
[21:23] <ScottK2> soren: I think the alternative is to make the main channel of communication more open, not to make new ones.
[21:23] <\sh> mathiaz, the normal case for sysadmins dealing with bugs/problems on server based linux distros is: a) they know how to file bugs into the respective bug reporting tool b) they know how to create patches c) they know how to package software for the OS of their choice...therefore we have only to deal with people, who are not falling into the sysadmin case...therefore we need to find people of the MOTU basement who are interested in working on serv
[21:23] <\sh> er-related packages full-time
[21:23] <soren> ScottK2: I'd love to hear your ideas about that.
[21:23] <faulkes-> ScotK2: I would agree there, I don't think a #server-mentor or what not channel would be required
[21:24] <soren> Agreed.
[21:24] <mathiaz> faulkes-: would it help to have a mentor for the server team to help you get started ?
[21:24] <faulkes-> mathiaz: with specific reference to dealing with ubuntu based server issues and needs, yes
[21:25] <nxvl_work> we need to start making the communication channels more open to new contributors/basic questions
[21:25] <ScottK2> faulkes-: What keeps you from asking more questions on #ubuntu-server so you know better how to help out?
[21:25] <mathiaz> faulkes-: Is the Roadmap page to daunting ? Or the GettingInvolved page to general ?
[21:25] <soren> It doesn't have to be much more than just a notice on the wiki page that people can contact someone if they want to get involved. That someone can then be the mentor (or assign someone else to be the mentor), but it'd be part of the motu mentoring program.
[21:25] <nxvl_work> for example running QA sessions on the #ubuntu-server channel
[21:25]  * nealmcb returns home
[21:25] <soren> hi, nealmcb.
[21:25]  * mathiaz waves at nealmcb 
[21:26] <soren> nxvl_work: That could work.
[21:26] <mathiaz> Ok - let's get moving. I wanted to start a discussion. There are a lot of idea about it.
[21:26] <faulkes-> Scottk2: nothing, I waited for the meeting as it was an item on the agenda
[21:26] <nxvl_work> BUT, we need to be carefull to make all the activities on the daily communication channels, not on new ones
[21:26] <ScottK2> OK.
[21:26] <ScottK2> +1 to nxvl_work
[21:27] <mathiaz> I'll send an email to ubunut-server to raise this question and get dholbach in the loop.
[21:27] <mathiaz> [ACTION] mathiaz to send an email about a mentoring program proposal to ubuntu-server
[21:27]  * sommer wants ScottK2 to be his mentor
[21:27] <MootBot> ACTION received:  mathiaz to send an email about a mentoring program proposal to ubuntu-server
[21:27] <nxvl_work> ok, let's discuss it on the list
[21:27] <mathiaz> [TOPIC] Review ACTION points from previous meeting.
[21:27] <MootBot> New Topic:  Review ACTION points from previous meeting.
[21:28] <mathiaz> Last meeting logs: https://wiki.ubuntu.com/MeetingLogs/Server/20080123
[21:28] <ScottK2> sommer: I'm always glad to answer questions and help out, but I'm not signing up for anything formal.
[21:28] <sommer> heh... just trying to through in some levity
[21:28] <mathiaz> soren: any news from UWN ?
[21:29] <soren> Er.. I'm writing my interview right now, actually :)
[21:29] <soren> It'll most likely be in the next edition.
[21:29] <mathiaz> soren: great !
[21:30] <mathiaz> other than that, I think all the action have been done (or will be reviewed later on)
[21:30] <mathiaz> [TOPIC] Review each section of the ServerTeam/Roadmap.
[21:30] <MootBot> New Topic:  Review each section of the ServerTeam/Roadmap.
[21:30] <mathiaz> https://wiki.ubuntu.com/ServerTeam/Roadmap
[21:31] <mathiaz> zul: you've a look at a lot of bugs
[21:31] <zul> yep..
[21:31] <zul> most of them are in one state or another
[21:31] <mathiaz> zul: how is samba doing ?
[21:31]  * soren hugs zul
[21:32] <zul> mathiaz: getting there most of its waiting to hear back from users
[21:32] <mathiaz> zul: I mean on the bug front
[21:32]  * zul high fives soren
[21:32] <mathiaz> should we target another package ?
[21:32] <zul> i dont think so at this point we should talk to slangslek of course though
[21:33] <dendrobates> mathiaz: openldap perhaps
[21:33] <ScottK2> Make it talk with db4.6?
[21:33] <zul> isnt that a performance issue?
[21:33] <ScottK2> Actually there's an upstream db4.6 issue in that
[21:33] <ScottK2> Yes.
[21:33] <mathiaz> dendrobates: opendlap is already on the Roadmap.
[21:34] <mathiaz> dendrobates: May be we should link to all the openldap packages (openldap2.2, openldap2.3).
[21:34] <mathiaz> I though about openssh
[21:34] <mathiaz> it's never been on the Roadmap
[21:34] <dendrobates> mathiaz: I just want to remind everyone since new openldap bugs are pouring in since the update to 2.4
[21:34] <zul> #69948 looks interesting for openldap
[21:36] <mathiaz> [ACTION] mathiaz to update the bug triagger section of the roadmap to highlight openldap
[21:36] <MootBot> ACTION received:  mathiaz to update the bug triagger section of the roadmap to highlight openldap
[21:36] <mathiaz> On the packaging front, there is apache2 stuff.
[21:36] <mathiaz> I had a look at SNI support for apache2 and got it working.
[21:37]  * nealmcb hugs mathiaz
[21:37] <mathiaz> Unfortunately openssl has to be recompiled to enable tls extension.
[21:37] <ScottK2> Someone ought to look at http://revu.ubuntuwire.com/details.py?package=libapache2-mod-authnz-external too.
[21:37] <zul> its already in universe
[21:37] <mathiaz> according to the openssl debian maintainer it may require a abi bump
[21:38] <soren> mathiaz: "may"? Where's the patch?
[21:38] <mathiaz> soren: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=462596
[21:38] <ubotu> Debian bug 462596 in openssl "openssl: Please include support for tls extensions / server name indication" [Wishlist,Open]
[21:39] <mathiaz> soren: there isn't any patch for openssl. it's just a configure option at build that has to be added.
=== \sh is now known as \sh_away
[21:39] <mathiaz> soren: but to get apache2 working with SNI, I first had to rebuild openssl, install it and rebuild apache2.
[21:39] <mathiaz> soren: otherwise apache2 would be compiled with SNI enabled.
[21:40] <soren> mathiaz: Right. As slangasek says: the structs are exposed in public header files, so changing them means an ABI bump.
[21:40] <soren> mathiaz: for openssl, that is.
[21:41] <mathiaz> soren: yop - so I'm not sure what would be the impact at this time of the release cycle.
[21:41] <soren> mathiaz: slangasek would be the person to ask.
[21:41] <mathiaz> soren: ok. I'll talk to him then.
[21:41] <soren> (He's the release manager in case anyone doesn't know)
[21:41] <mathiaz> [ACTION] mathiaz to talk with slangasek about an ABI bump in openssl for hardy
[21:41] <MootBot> ACTION received:  mathiaz to talk with slangasek about an ABI bump in openssl for hardy
[21:42] <mathiaz> I've uploaded openssl to my PPA
[21:42] <mathiaz> and once it's built, I'll upload apache2.
[21:42] <mathiaz> so that we can get started with testing.
[21:43] <dendrobates> ivoks: greetings
[21:43]  * soren hugs mathiaz 
[21:44] <mathiaz> ivoks: any news about dovecot/postfix ?
[21:44] <soren> mathiaz: awasome!
[21:44] <ivoks> hi
[21:44]  * mathiaz waves at ivoks 
[21:44]  * ScottK2 wonders if lamont is here.
[21:44] <ivoks> still nothing :/
[21:44] <mathiaz> ivoks: ok.
[21:44]  * lamont is somewhat here
[21:45] <mathiaz> sommer: what's going on on the documentation front ?
[21:45] <ScottK2> mathiaz: On that note - If we can get the amavisd-new MIR processed soon it'd be nice to integrate that with tasksel.
[21:45] <mathiaz> ScottK2: it's in the hand of the MIR team (ie pitti and doko).
[21:45] <sommer> mathiaz: still cruisin
[21:45] <ScottK2> mathiaz: So maybe you can enourage them.
[21:46] <mathiaz> sommer: is there any change in the milestone dates ?
[21:46] <sommer> mathiaz: not that I know of
[21:46] <sommer> I think they've been posted somewhere on the wiki
[21:46] <sommer> actually I'm not really 100% sure they're official
[21:46]  * doko is not sure that we do want that in main ...
[21:47] <sommer> besides the final freeze
[21:47] <sommer> but since there hasn't been much discussion, I'd think everyone agrees
[21:47] <sommer> or doesn't have major objection
[21:48] <mathiaz> sommer: ok. I've seen a new contribution in the security section
[21:48] <ScottK2> doko: It'd be without the milter package so we don't need to bring Sendmail bits into Main.
[21:48] <sommer> ya, that's been really great working with him
[21:48] <soren> doko: Want what in main? amavisd-new?
[21:48] <sommer> hopefully we can cover more ground
[21:48] <mathiaz> sommer: the guide is maintained in bzr ?
[21:48] <sommer> still working on the virtualization section
[21:49] <mathiaz> sommer: has the wiki page wrote up by soren been usefull ?
[21:49] <sommer> mathiaz: yep: https://code.launchpad.net/ubuntu-docs
[21:49] <soren> I rather consider it a scaffold on which to build proper documentation. :)
[21:50] <sommer> mathiaz: ya, I wasn't too sure how to integrate it with qemu, but I think soren cleared that up
[21:50] <soren> Did I? Er.. Ok, then :)
[21:50] <sommer> gilbert the other contributer may be working on a kvm section
[21:50] <sommer> soren: the other day :-)
[21:50] <soren> sommer: If you say so :D
[21:51] <mathiaz> there was some discussion in #ubuntu-server about it.
[21:51] <mathiaz> has the wiki page been updated wrt these discussion ?
[21:51] <sommer> mathiaz: the server roadmap, or the virtetc page?
[21:52] <mathiaz> sommer: viretc
[21:52] <sommer> not that I know, of... I plan to devote some time to it this weekend
[21:52]  * soren hugs sommer
[21:52] <mathiaz> I'm refering to the kvm discussion in #ubuntu-server
[21:52] <sommer> if not before
[21:53] <sommer> mathiaz: gotcha, I'll do some updates with regards to qemu
[21:53] <mathiaz> sommer: great ! Thanks.
[21:53] <mathiaz> that leads us to the virtualization front
[21:53] <mathiaz> soren: any updates on this ?
[21:54] <soren> Since last meeting? Er..
[21:54] <soren> Well, yes.
[21:54] <soren> I got the kernel side of kvm updated. On the guest side, I've added the fancy new virtio stuff that massively improves I/O from inside the guest.
[21:55] <nealmcb> mathiaz: when was this kvm discussion in #ubuntu-server?
[21:55] <soren> On the host side, I've updated the kvm modules shipped with our kernel images to match what was released with kvm 60.
[21:55] <mathiaz> nealmcb: don't remember exactly - I think it was last week.
[21:55] <soren> This fixed a whole host (pun intended) of bugs. Most importantly, the gfxboot screen now shows up properly when booting a Hardy ISO.
[21:55] <mathiaz> nealmcb: I remember sommer asking question about it
[21:56] <sommer> nealmcb: feels more like around monday to me
[21:56] <soren> Er... Well, it will once the kernel is uploaded.
[21:56] <sommer> it was a short converstation
[21:56] <dendrobates> soren: I was about to object.
[21:56] <soren> The virtio stuff is there, though. You need to pass special arguments to kvm to enable it, but I'm working on getting that into libvirt.
[21:56] <mathiaz> soren: so that means KVM can be used to test isos ?
[21:57] <mathiaz> soren: I meant livecd isos specifically
[21:57] <soren> mathiaz: There's one more thing I need to a) fix in kvm (upstream bug) and b) fix in X, then it should be rocking.
[21:57] <soren> Right now, it's a bit... rough.
[21:57] <mathiaz> soren: excellent. That was pitti's main concern about kvm in hardy.
[21:58] <mathiaz> dendrobates: any news on likewise ?
[21:58] <dendrobates> mathiaz: yes.
[21:59] <dendrobates> mathiaz: I have packaged 4.0.4 and uploaded to chinstrap.
[21:59] <dendrobates> baring any issues, it should be uploaded to universe tomorrow.
[22:00] <dendrobates> the giu has been changed to gtk, which is much better.
[22:00] <mathiaz> dendrobates: how can it be tested ?
[22:00] <mathiaz> dendrobates: or what are the main features ?
[22:01] <mathiaz> dendrobates: If it's uploaded before Alpha 4, we should a section in the Release notes about it.
[22:01] <dendrobates> once it is uploaded, you can use it to join a windows domain
[22:01] <mathiaz> dendrobates: either from the command line or using the gui
[22:01] <dendrobates> with a cli or gui.
[22:01] <mathiaz> dendrobates: ?
[22:02] <mathiaz> dendrobates: could you add section the Release Notes for Alpha 4 ? or ask nijaba to take care of it ?
[22:02] <dendrobates> mathiaz: np
[22:02] <mathiaz> [ACTION] dendrobates will add a section to the Alpha 4 Release Notes about windows integration.
[22:02] <MootBot> ACTION received:  dendrobates will add a section to the Alpha 4 Release Notes about windows integration.
[22:03] <mathiaz> dendrobates: I've seen two emails (I think it was the same guy) asking about windows integration.
[22:03] <sommer> is alpha4 released tomorrow?
[22:03] <mathiaz> sommer: yes actually...
[22:04] <mathiaz> sommer: it may too late for the Release Notes then.
[22:04] <sommer> cool, couldn't remember exact date
[22:04]  * mathiaz thought it was tuesday
[22:04]  * jdstrand added something to the release notes today...
[22:04] <ScottK2> mathiaz: I think for the alphas it's on a wiki.
[22:04] <mathiaz> jdstrand: about UFW ?
[22:04] <jdstrand> mathiaz: yes
[22:05] <jdstrand> it is on the wiki-- let me get the url
[22:05] <mathiaz> ScottK2: yes - I think that all the release notes are prepared on the wiki
[22:05] <ScottK2> So there is no "to late"
[22:05] <jdstrand> https://wiki.ubuntu.com/HardyHeron/Alpha4
[22:06] <mathiaz> jdstrand: is there more testing done on UFW ?
[22:07] <jdstrand> mathiaz: I wan't meaning to take over the conversation, but if you're ready for the ufw update...
[22:07] <nxvl_work> i have tested yesterday IIRC
[22:07] <mathiaz> jdstrand: please do
[22:07] <jdstrand> I sent an email to ubuntu-server and ubuntu-devel-discuss
[22:07] <jdstrand> I haven't heard much, excepting nxvl_work
[22:08] <jdstrand> it is in pretty good shape
[22:08] <jdstrand> https://wiki.ubuntu.com/UbuntuFirewall
[22:08] <jdstrand> there are instructions on testing in the wiki
=== _bigon is now known as bigon
[22:08] <sommer> jdstrand: woops I forgot to give you some feedback, but I tried ufw out last week and it worked great
[22:09] <mathiaz> jdstrand: excellent. It may get more coverage once alpha4 is being published
[22:09] <sommer> haven't had a chance to test the new version though
[22:09] <jdstrand> sommer: great! check out 0.9
[22:09] <sommer> jdstrand: will do
[22:10] <mathiaz> jdstrand: keescook: now that there is security meeting, do you still wanna discuss apparmor and other bits in the server team meeting ?
[22:10] <mathiaz> or should it be moved to the security meeting ?
[22:10] <keescook> mathiaz: well, it overlaps
[22:10] <jdstrand> I'll mention that I hope to get some profile work and testing done soon
[22:11] <keescook> mathiaz: the profile work is, I think, more closely tied to server team work than security work
[22:11] <keescook> i.e. it's a per-service kind of thing
[22:11] <mathiaz> keescook: right.
[22:11] <keescook> so, unless there is objection, I'd like to keep the apparmor profiling discussion part of this meeting
[22:11] <mathiaz> keescook: WFM
[22:11] <keescook> and focus the "infrastructure" work in the security team
[22:11] <keescook> okay
[22:12] <mathiaz> pitti asked me if there was plans to create a profile for the dhcp client so that the derooting patch can be dropped.
[22:12] <mathiaz> If someone wants to get started with profile generation, that would be a very good starting point
[22:13] <jdstrand> since we are talking about profile generation-- I plan on doing slapd, named and mysqld
[22:13] <emgent> :)
[22:13] <jdstrand> some of those are in apparmor-profiles, so I'll do testing
[22:14] <mathiaz> jdstrand: excellent. I did generate them during last release cycle
[22:14] <mathiaz> zul: Thanks for all the MIR writing.
[22:14] <jdstrand> mathiaz: right, I hope to build on that and get them out of apparmor-profiles and into the package
[22:14] <mathiaz> zul: anything left on there ?
[22:14] <zul> no problem
[22:15] <mathiaz> https://wiki.ubuntu.com/ServerPackageReview
[22:15] <zul> most of them are pending on the mir team i havent gotten to one yet
[22:15] <jdstrand> s/the package/their respective packages/
[22:15] <mathiaz> soren: iscsi stuff ?
[22:15] <zul> mathiaz: openhpi yet because I dont have a clue on that package
[22:15] <soren> No news, I'm afraid.
[22:16] <zul> i agree with fabio about bacula it shouldnt go into main either
[22:16] <mathiaz> zul: you mentionned you've fixed iscsi target
[22:16] <zul> yep, the kernel stuff is building with 2.6.24 now
[22:16] <zul> drbd kernel stuff is in the kernel-team's git archive
[22:16] <ScottK2> mathiaz: Last meeting I thought there was going to be a message to the server team ML about packages thrown out of the spec.  Did I miss it?
[22:16] <mathiaz> zul: is it a package in universe ?
[22:16] <zul> mathiaz: yes
[22:17] <mathiaz> zul: do you plan to move it to ubuntu-modules
[22:17] <zul> mathiaz: i could
[22:17] <mathiaz> ScottK2: nope. I didn't send it.
[22:17] <zul> i thought I was just suppose to report back at the meeting
[22:17] <mathiaz> zul: OTOH it's really high priority.
[22:17] <zul> mathiaz: ill put it on my todo list then for tomorrow morning
[22:17] <mathiaz> zul: for hardy, we focus more on initiator
[22:18] <zul> consider it done
[22:18] <mathiaz> zul: could you send an email to ubuntu-server about the reason to drop bacula from the ServerPackageReview list ?
[22:18] <ScottK2> mathiaz: Please do.
[22:18] <zul> mathiaz: yep
[22:19] <sommer> is there another "enterprise" backup package in main?
[22:19] <mathiaz> [ACTION] zul will send an email to ubuntu-server about bacula in main
[22:19] <MootBot> ACTION received:  zul will send an email to ubuntu-server about bacula in main
[22:19] <sommer> or integrated backup anyway
[22:19] <zul> amanda is in universe but that was rejected
[22:19] <mathiaz> sommer: not that I know of.
[22:20] <sommer> okay, just wondering for the backup section of the docs
[22:20] <mathiaz> zul: yep - the other option was amanda.
[22:20] <sommer> tar never let anyone down :-)
[22:20] <ivoks> we decided that bacula had more features
[22:20] <zul> yeah but it has a big gapping security hole
[22:21] <ivoks> right :/
[22:21] <mathiaz> zul: any news or plan on the xen front ?
[22:22] <zul> mathiaz: uploaded 2.6.24 final patch today will upload xen-3.2 final tomorrow
[22:22] <zul> er...the patch went to the kernel-team's git repo
[22:23] <mathiaz> is there any integration with libvirt ?
[22:23] <zul> not that I know of right now
[22:23] <nealmcb> a virtualization question occurred to me.  are any virtual images of hardy available for testing under gutsy via kvm and the like?  e.g. for testing server-related packages?
[22:23] <dendrobates> libvirt works with xen by default, unless soren has borked that.
[22:24] <soren> If I did, it wasn't on purpose :)
[22:24] <nealmcb> as opposed to isos that need installing....
[22:24] <zul> i always used xen-image-create :)
[22:24] <soren> nealmcb: We don't currently have "blessed" vm images, no.
[22:25] <nealmcb> are there plans to offer them?  folks have wanted them in the past, and this would be a good time to start testing the build stuff
[22:25] <zul> well you could probably use jeos :)
[22:25] <mathiaz> it may be worth checking that xen can be integrated with soren's work on virtualization
[22:26] <zul> i can look into i
[22:26] <zul> it even
[22:26] <dendrobates> zul: can you put xen in a ppa?
[22:26] <zul> sure
[22:27] <nealmcb> zul: sure - jeos would be a popular one to start with, and a vm image would be lots more fun than an iso I think.
[22:27] <dendrobates> I'll test it out tomorrow
[22:27] <zul> dendrobates: ill put my kernel .debs on chinstrap for you as well
[22:28] <dendrobates> zul: ok
[22:28] <mathiaz> [ACTION] dendrobates to test xen support in libvirt.
[22:28] <MootBot> ACTION received:  dendrobates to test xen support in libvirt.
[22:29] <mathiaz> ivoks: are you still working on [BOTTOM][TOP]Simplify storage management (RAID1 - LVM-on-RAID) during installation ?
[22:29] <mathiaz> ivoks: https://wiki.ubuntu.com/ServerTeam/Roadmap#head-a36fb4f1b51aa401df3eb5d44fb737ddc5731cd0
[22:30] <ivoks> mathiaz: didn't touch it for weeks
[22:30] <ivoks> i'm kind on middle of exam period on faculty, so i have little time
[22:30] <mathiaz> ivoks: still working on it ?
=== ubotu changed the topic of #ubuntu-meeting to: Calendar: http://fridge.ubuntu.com/event | Logs: https://wiki.ubuntu.com/MeetingLogs/ | 01 Feb 20:00 UTC: MOTU | 13 Feb 22:30 UTC: Forum Council | 20 Feb 01:00 UTC: TriLoCo-Midwest
[22:30] <ivoks> but i'll try work something out during next couple of days
[22:30] <mathiaz> ivoks: ok. great !
[22:31] <mathiaz> I think that's all for the roadmap review.
[22:31] <mathiaz> [TOPIC] Another Business
[22:31] <MootBot> New Topic:  Another Business
[22:31] <mathiaz> Anything to add ?
[22:31] <ivoks> sorry late entrance :/
[22:31] <ivoks> ...for late...
[22:31] <nxvl_work> mathiaz: yes, the multiple ssl certs we talk about yesterday
[22:32] <nealmcb> what image format(s) would we supply?  qcow2?
[22:32] <ScottK2> Can we talk about libdb transitions?
[22:33] <ScottK2> It seems most of the packages left on the older libdb releases has issues with on disk format chagnes.
[22:33] <ScottK2> chagnes/changes
[22:33] <mathiaz> ScottK2: I think pitti is working on getting libdb4.{234} out of main
[22:34] <mathiaz> ScottK2: you may wanna ask him about this.
[22:34] <ScottK2> mathiaz: Yes and we could probably get 2 and 3 out of Ubuntu entirely with a little work.
[22:34] <ScottK2> 4.2 is down to about a half dozen packages.
[22:35] <mathiaz> ScottK2: do you have a list of these packages ?
[22:36] <ScottK2> Yes
[22:36] <mathiaz> ScottK2: It may worth adding a point in the Packager section of the Roadmap
[22:36] <nxvl_work> and also put that list somewhere
[22:36] <mathiaz> ScottK2: and list the packages.
[22:36] <mathiaz> ScottK2: there.
[22:37] <mathiaz> ScottK2: another option could be to file bugs against the relevant packages in LP
[22:37] <ScottK2> Adding it.
[22:39] <mathiaz> [ACTION] ScottK2 to add a point in the Roadmap section about libdb4.2 transition.
[22:39] <MootBot> ACTION received:  ScottK2 to add a point in the Roadmap section about libdb4.2 transition.
[22:39] <mathiaz> So I think we had a long meeting now.
[22:39]  * nealmcb nods
[22:39] <mathiaz> [TOPIC] Agree on next meeting date and time.
[22:39] <MootBot> New Topic:  Agree on next meeting date and time.
[22:39] <nealmcb> lots of good progress though I think
[22:39] <mathiaz> same place, same time, next week ?
[22:40] <nxvl_work> +1
[22:40] <ScottK2> mathiaz: Action complete
[22:41] <nealmcb> I'll have a conflict next week fwiw
[22:41] <mathiaz> All right folks ! Thanks for attending and happy alpha 4 testing :)
[22:41] <mathiaz> #endmeeting
[22:41] <MootBot> Meeting finished at 22:41.
[22:41] <sommer> thanks mathiaz, have a good one all
[22:42] <jdstrand> thanks mathiaz!
[22:44]  * nxvl_work waves