[00:00] I think it's all about "connecting". I have a client who runs a pig-farm. They run Ubuntu to do their day-to-day operations and love it. They know nothing about bugs, IRC or Ubuntu for that matter. I'm sure they'd like to understand a little more about this community. [00:00] i think we should move to #ubuntu-server [00:00] point [00:39] woops meant -5 :) [00:39] if anyone's still here === asac_ is now known as asac === mrevell is now known as mrevell-lunch [13:14] re [13:31] @schedule shanghai [13:31] Schedule for Asia/Shanghai: 11 Apr 04:00: Security Team | 11 Apr 20:00: MOTU | 17 Apr 05:00: Server Team | 24 Apr 05:00: Server Team | 01 May 05:00: Server Team [13:36] *sigh* at the Fridge repeatedly forgetting meetings [13:36] Keybuk, The fridge doesn't forget. [13:36] Keybuk, People forget to ask to have their meetings added ;] [13:37] I asked months ago [13:37] and it was added [13:37] then it fell off [13:37] try again, then. [13:37] and give it a kick this time [13:37] Hobbsee: there seems little point, if they'll just drop it again after three weeks [13:38] Keybuk: file a bug? [13:38] What meeting is this? [13:38] cody-somerville: Desktop Team Meeting [13:38] every week, on Thursday, 1300 UTC in Northern summer time, 1400 UTC in Northern winter time [13:38] URL for agenda? [13:39] @now UTC [13:39] Current time in Etc/UTC: April 10 2008, 12:39:06 - Next meeting: Security Team in 7 hours 20 minutes [13:39] How long does the meeting usually last? [13:39] an hour [13:39] yes mostly 60 min. [13:40] @now GMT [13:40] cody-somerville: http://wiki.ubuntu.com/DesktopTeam/Meeting [13:42] Weird. There doesn't seem to be built in functionality for repeating events. [13:45] Ok. I added todays and next weeks. [13:45] I'll add more later. [13:56] * mvo looks around [13:57] * ted1 waves [13:58] hello [13:58] hey [13:58] salut seb128 [14:00] ola tudo [14:00] MacSlow: :) [14:01] OgMaciel, :) [14:02] Riddell, kwwii, mpt: ping [14:02] hihi [14:02] kwwii: somebody has been faster than me to sponsor your artwork update apparently, or you got upload rights? [14:03] must be the former, unless there's a quick way to upload rights now [14:03] hi [14:03] seb128: apparantly pitti did it at 3:30 our time [14:03] Hobbsee: that was a way to ask who did the sponsoring ;-) [14:04] :) [14:04] ok, we're mostly all here :-) [14:04] let's get going [14:04] https://wiki.ubuntu.com/DesktopTeam/Meeting/2008-04-10 [14:04] kwwii: ok, what I though but you didn't cc him on the mail so I was not sure how he knew [14:04] I didn't see any agenda items for this week's meeting, did I miss any? [14:04] seb128: yeah, I forgot that he is in America when I pinged him on chat [14:05] seb128: I thought he would miss it [14:05] sorry for the confusion [14:05] no problem, one thing less to do I'll do complain ;-) [14:05] I guess not [14:06] I read the mail at 3am before going to bed and I decided I worked way to late already and that I would do it today [14:06] outstanding actions from last week [14:06] * [14:06] pitti to disable gvfs libgphoto backend [14:06] * [14:06] seb128 to enable gvfs libarchive backend [14:06] and it was uploaded this morning ;-) [14:06] Keybuk: so I did drop the libgphoto backend [14:06] ok, great [14:06] and the libarchive backend, did that get enabled? [14:07] and I did enable the gvfs libarchive backend (was already the case previous week), add the nautilus new menu item for it and dropped that change later [14:07] cool [14:07] what I didn't think about was that most applications don't use gvfs yet [14:07] so they don't understand those new backends urls [14:08] which means you can browse but not open files there [14:08] hmm, do you think that's an issue? [14:08] for users yes [14:08] should we disable it again until applications do use gvfs? [14:08] it's really confusing to be able to browse something but not to open anything there [14:09] that's what I did [14:09] "and dropped that change later" [14:09] ah, got it [14:09] But, its the same problem we've had with applications not using gnome-vfs for a long time. [14:09] now it's installed to /usr/share/doc/nautilus-data/examples/mount-archive.desktop [14:09] so whoever want it can just cp that to /usr/share/applications [14:09] easy to get but not on by default [14:09] ted1: true, but more apps use gnome-vfs I guess [14:09] seems a good deal to me [14:10] ok [14:10] cool [14:10] ted1: well, I would be happy with gedit and eog working [14:10] which was the case for gnome-vfs [14:10] because people will expect to be able to open text files [14:10] And they aren't gvfs? [14:10] no [14:10] no application is using gvfs [14:10] Oh. === mrevell-lunch is now known as mrevell [14:11] just nautilus? [14:11] well, gvfs is used in nautilus yes [14:11] the fileselector and the panel uses it too [14:11] so mounted volumes, etc are coherent [14:12] but the desktop applications have not been ported to gvfs for data reading, etc yet [14:12] you don't notice that when using normal locations [14:13] because gnomevfs also understand file:, ssh:, etc [14:14] ok [14:14] any other items before we move on to the regular bits? [14:14] seb128: Thanks. Sucks, but good to know. [14:14] Keybuk: unless some more gdm theme suggestions come down the line the artwork is done I guess [14:14] kwwii: I haven't had any feedback from Mark [14:15] the ubuntu chicken is cooked, so to speak [14:15] mmm, chicken [14:15] Wouldn't the heron be cooked? [14:15] * Keybuk briefly wonders what Heron tastes like [14:15] I'm not a big fan of the new gdm theme [14:15] seb128: in what sense? [14:16] but artwork is always a matter of taste ;-) [14:16] * Hobbsee wonders where screenshots would be. [14:16] or download the source package? [14:16] Hobbsee: or run Hardy? :p [14:16] Keybuk: the colors are too "cold", not sure if that's the right word [14:16] it gives this metal feeling [14:16] seb128: compared to Gutsy? [14:16] not very warm [14:16] or compared to Ken's previous effort for Hardy [14:16] seb128: I thought about making it less glowy in the middle [14:16] not compared to something else [14:16] Keybuk: i do. But i autologin for gdm, to cut down on the wait time (and password-protect the bios) [14:16] if I can still change it I will [14:16] Keybuk: i have been since pre-alpha1 :) [14:17] that's just looking at it doesn't give be a nice and warm feeling [14:17] a little bit can't hurt :-) [14:17] but as said artwork is a matter of taste [14:17] Hobbsee: ah, I abandoned auto-login since I have to type password for gnome-keyring anyway [14:17] Keybuk: not true [14:17] Keybuk: you can set that to no p/w too. [14:18] or otherwise get around it [14:18] I'd like to know how :-) [14:18] Keybuk: but if you use an unprotected keyring you don't get gpg and ssh keyring storage though [14:18] * Hobbsee only has to use a p/w for the gpg & ssh keys, now [14:18] seb128: right, I use gpg and ssh storage [14:18] does that mean you have to type a password the first time or every time for those? [14:18] oh, maybe it was that i stored the network mangler password in cleartext, figuring that if they got past the bios password, there was more important stuff than the network key [14:18] mpt: after installation when it asks for a keyring password just enter none [14:19] it'll warn you about the lack of security and not store ssh keys etc [14:19] but that will make autologin and network manager works without asking for any password [14:19] I already have a keyring, I've kept GPG and SSH keys in it since 2005, but it's only asked me for a password since November 2007 [14:19] but anyway, that's a bit off-topic [14:20] seb128: but how do you then store GPG and SSH keys in it? [14:20] right [14:20] or what happens to the ones already stored there? [14:20] Keybuk: you don't [14:20] hum, that's a good question [14:20] so I'd have to enter a password every time I used gpg or ssh? [14:20] I didn't try to remove the password from a keyring which has some of those [14:20] yes [14:20] bah :) [14:21] isn't there a way to create a new keyring for gpg and ssh passwords that's locked? :p [14:21] you can create different keyrings yes, not sure if you can tell it to use those for the ssh agent for example though [14:21] anyway not really a meeting topic ;-) [14:21] heh [14:21] who's upstream? [14:22] "Stef Walter" [14:22] not sure if he does IRC [14:22] don't think I know him [14:22] anyway, on with meeting topics [14:22] http://people.ubuntu.com/~dholbach/sponsoring/ [14:22] mvo: bug #213040 [14:22] Launchpad bug 213040 in update-manager "update-manager: spelling errors in hardy.tar.gz" [Undecided,Confirmed] https://launchpad.net/bugs/213040 [14:23] Keybuk: we are in string freeze, but I can unfuzzy them by hand if needed [14:23] mvo: you can remove the sponsoring team, remember :p [14:23] I read this one this morning, lot of strings changes, not sure if that's worth the trouble [14:23] *cough* yes [14:24] seb128: #bug 183603 [14:24] Launchpad bug 183603 in gtksourceview "The code comment plugin does't work with Fortran 95" [Wishlist,Confirmed] https://launchpad.net/bugs/183603 [14:24] that looks rather invasive for this point in the cycle? [14:24] fortran 95?!? [14:25] that's a one liner change in the fortran coloration thing [14:25] oh, is it? [14:25] I'll try to get upstream to commit it so we get it in the next tarball [14:25] Keybuk: http://launchpadlibrarian.net/11460132/fortran.lang.patch [14:25] cool [14:25] http://people.ubuntu.com/~ogasawara/qa-hardy-list-archive/sort-by-package/desktop-buglist.html [14:25] nothing new on there that I can see [14:25] no, just a fix on jockey [14:27] ok [14:27] that's all then, any other business for today? [14:29] * Hobbsee wonders why simple-ubuntu.png is so big. [14:29] Keybuk: good work on the uds topics btw ;-) [14:29] seb128: did I miss anything major? [14:30] I don't think so [14:30] Keybuk, any thought on the "spit and polish"-idea yet? [14:30] MacSlow: yeah, I'm going to try and fit that one in [14:30] thoughts [14:30] ok [14:30] I think that's a good selection of things that need polish and work [14:31] seb128, you read it too? [14:31] Keybuk: oh, maybe the menus issue [14:31] MacSlow: read what? no I was speaking about the list of topics on the agenda [14:31] seb128: I think that was under UI Cleanup? [14:31] seb128, ah alright [14:32] Keybuk: but not an another "how can we reduce the number of items there", we have one of those at every UDS [14:32] ok [14:32] Keybuk: well, I think we should rather thing about changing the menu approch, using the gnome-control-centre shell and do some work on it to get it good enough for that or something similar [14:33] will make sure that's in the list of sessions [14:33] s/thing/think [14:33] that's not something urgent, but we have menu issues for a while [14:33] *nods* [14:34] I should have a draft schedule of the desktop track by next week [14:34] so we can beat up on that then [14:36] adjourned for today then [14:36] thanks everyone [14:36] thanks [14:36] thanks Keybuk [14:36] thanks [14:37] danke [14:38] so long === thekorn_ is now known as thekorn === cody-somerville_ is now known as cody-somerville === _Czessi is now known as Czessi [17:01] @schedule rome [17:01] Schedule for Europe/Rome: 10 Apr 22:00: Security Team | 11 Apr 14:00: MOTU | 16 Apr 23:00: Server Team | 23 Apr 23:00: Server Team | 30 Apr 23:00: Server Team [17:02] @schedule santiago [17:02] Schedule for America/Santiago: 10 Apr 16:00: Security Team | 11 Apr 08:00: MOTU | 16 Apr 17:00: Server Team | 23 Apr 17:00: Server Team | 30 Apr 17:00: Server Team === Mez is now known as Floodbot5 === Floodbot5 is now known as Mez [17:55] @schedule montreal [17:55] Schedule for America/Montreal: 10 Apr 16:00: Security Team | 11 Apr 08:00: MOTU | 16 Apr 17:00: Server Team | 23 Apr 17:00: Server Team | 30 Apr 17:00: Server Team === ogasawara__ is now known as ogasawara === ubotu changed the topic of #ubuntu-meeting to: Current meeting: Security Team Calendar: http://fridge.ubuntu.com/event | Logs: https://wiki.ubuntu.com/MeetingLogs/ | 11 Apr 12:00 UTC: MOTU | 16 Apr 21:00 UTC: Server Team | 23 Apr 21:00 UTC: Server Team | 30 Apr 21:00 UTC: Server Team [21:00] #startmeeting [21:00] Meeting started at 22:00. The chair is keescook. [21:00] Commands Available: [TOPIC], [IDEA], [ACTION], [AGREED], [LINK], [VOTE] [21:00] hello! who all is here for the security team meeting? [21:01] * propagandist waves [21:01] :) [21:02] o/ [21:02] emgent had to leave, so I put a few quick agenda items in the meeting today [21:02] I'm not here [21:02] [topic] agenda [21:02] New Topic: agenda [21:02] [link] https://wiki.ubuntu.com/SecurityTeam/Meeting [21:02] LINK received: https://wiki.ubuntu.com/SecurityTeam/Meeting [21:02] hi! [21:02] Keybuk: noted. :) [21:03] I have to split for another meeting in half an hour, so hopefully we can make this quick. :) [21:03] ok go! [21:03] I'm going to cover emgent's topics quickly, since they're more "announcements" than anything else. [21:03] [topic] ubuntu whitehat [21:03] New Topic: ubuntu whitehat [21:04] emgent has been working on anteater for reporting private security issues to Launchpad. [21:04] [link] https://blueprints.launchpad.net/ubuntu-whitehat-project/+spec/anteater-plb-support [21:04] LINK received: https://blueprints.launchpad.net/ubuntu-whitehat-project/+spec/anteater-plb-support [21:04] so anyone interested in that, please have a look. He's also looking for help with documentation [21:04] [link] https://blueprints.launchpad.net/ubuntu-whitehat-project/+spec/anteater-docs [21:04] LINK received: https://blueprints.launchpad.net/ubuntu-whitehat-project/+spec/anteater-docs [21:05] I'd also like to have emgent organize the first whitehat meeting, and announce it to the ubuntu-hardened mailing list. [21:05] [action] emgent to send email to ubuntu-hardened mailing list, with schedule for first whitehat meeting [21:05] ACTION received: emgent to send email to ubuntu-hardened mailing list, with schedule for first whitehat meeting [21:05] [topic] CVE review [21:05] New Topic: CVE review [21:06] anyone got any CVEs they'd like to call attention to? [21:07] emgent gave me a list of debdiffs that I'll be looking at soon [21:07] okay, cool. I haven't had time yet this week to review the security sponsorship queue [21:07] hm, Fujitsu is missing... we scheduled this meeting special for him :P [21:07] I cleared out a few things today, and have been trying to see where hardy really stands [21:08] if anyone reading this has some interest, I'd like to see if we can help calc with CVE-2007-4575 (bug 174112). It's been open a while, and the backporting isn't trivial. [21:08] (quite a few uploads fixed things) [21:08] jdstrand: very cool; nice work. [21:09] okay, moving on. [21:09] [topic] roadmap progress [21:09] New Topic: roadmap progress [21:10] the roadmap has been tweaked a bit since the last meeting, and it's looking much better. [21:10] the FAQ and KnowledgeBase still need work though. :) [21:10] [link] https://wiki.ubuntu.com/SecurityTeam/Roadmap [21:10] LINK received: https://wiki.ubuntu.com/SecurityTeam/Roadmap [21:10] Launchpad bug 174112 in openoffice.org "[openoffice.org] [CVE-2007-4575] Potential arbitrary code execution vulnerability in 3rd party module (HSQLDB)" [Critical,In progress] https://launchpad.net/bugs/174112 [21:10] HSQLDB before 1.8.0.9, as used in OpenOffice.org (OOo) 2 before 2.3.1, allows user-assisted remote attackers to execute arbitrary Java code via crafted database documents, related to "exposing static java methods." (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4575) [21:11] the hsqldb part of that is fixed in hardy btw [21:11] yeah, hardy is okay, but the backports are supposedly not easy, according to calc. [21:12] * jdstrand nods [21:12] [topic] SELinux progress [21:12] New Topic: SELinux progress [21:12] (I just happened to update ubuntu-cve-tracker for that one today ;) [21:12] propagandist: how'd things? [21:12] er, how're things? [21:12] SETools has been syned with Debian. Several bug have been submitted and I'll be trying to resolve as many as possible asap. I've been working on fixes to the cups, cups-pdf, and service restarting problems and hope to have an updated refpol package soon. [21:12] cool, are any of the setools bugs show-stoppers? [21:13] Not that I know of, but I haven't looked at them since earlier this week. [21:14] I chatted with slangasek briefly about release notes including SELinux -- it sounds like something can get worked out. [21:14] Redhat has given us some props: [21:14] [LINK] http://www.press.redhat.com/2008/04/09/red-hat-welcomes-opensolaris-and-ubuntu-to-the-world-of-type-enforcement/ [21:14] LINK received: http://www.press.redhat.com/2008/04/09/red-hat-welcomes-opensolaris-and-ubuntu-to-the-world-of-type-enforcement/ [21:14] haha nice [21:14] ;o] [21:14] Not much else to report. [21:15] no news can be good news. :) [21:15] thanks! [21:15] [topic] hardening wrapper testing [21:15] New Topic: hardening wrapper testing [21:16] the buildds for interpid are still not set up for hardening, but infinity and doko have promised to get to a solution before the archive opens. [21:16] Debian adoption continues, but slowly, and is uncovering bugs in various arch flavors. [21:17] anyone else uncover any issues or ideas for the wrappers? [21:19] [topic] next meeting [21:19] New Topic: next meeting [21:19] I propose same time & place in two weeks... [21:19] cool by me [21:20] sounds good [21:21] okay, Apr 24th, 2000 UTC #ubuntu-meeting. [21:21] thanks everyone! yay quick meeting! :) [21:21] #endmeeting [21:21] Meeting finished at 22:21. === ogra_ is now known as ogra === ubotu changed the topic of #ubuntu-meeting to: Calendar: http://fridge.ubuntu.com/event | Logs: https://wiki.ubuntu.com/MeetingLogs/ | 11 Apr 12:00 UTC: MOTU | 16 Apr 21:00 UTC: Server Team | 23 Apr 21:00 UTC: Server Team | 30 Apr 21:00 UTC: Server Team