marslifeless, do you know of anyone who has a .testr.conf for nose?00:49
marslifeless, I know about the TestID plugin for nose, but using testr itself would be nice00:49
marslifeless, turns out to be pretty simple: http://pastebin.ubuntu.com/488515/.  But for some reason it will not pick up the list of failing tests.01:13
marsah ha!01:14
marslifeless, you need to redirect STDERR for it to work with nose.  This /almost/ works as expected: http://pastebin.ubuntu.com/488516/01:18
lifelessmars: sweet01:57
lifelessno idea why it would be writing subunit to stderr.01:58
lifelessstill, mine not to wonder why01:58
lifelessI've no idea how its getting negatives05:55
lifelessfinish sets duration to a timedelta of 'NOW - start'05:57
lifelessstart is set to NOW05:57
lifelessNOW - NOW = 0, so the duration should be the change in NOW between the two calls being made.05:57
lifelessjtv: &05:57
lifelessjtv: ^05:57
lifelessI wonder if its an errorlog bad-responsibilities thing05:58
jtvlifeless: you're sure only one clock is involved?05:59
lifelessthe durations go down almost linearly as the offset increases05:59
lifelessso something is substracting duration again05:59
lifelessbug 63061206:00
_mup_Bug #630612: Complete b0rkage of oops timing info <Launchpad itself:New> <https://launchpad.net/bugs/630612>06:00
lifelesse.g. https://lp-oops.canonical.com/oops.py/?oopsid=1708EB63606:00
jtvHmm it's definitely not clock skew.06:00
lifelessadd offset to the times and its right06:00
lifelessI think06:00
jtvAre you accidentally throwing the baseline time into the subtraction?06:01
lifelessdefinitional issue06:01
lifelessputting up a patch06:01
jtvAs in, finish - start - baseline?06:01
lifelessno, its that it doesn't want a duration06:03
lifelessthe old code wasn't tested06:03
lifelessand I misunderstood what the disk format was meant to represent06:03
lifelessthumper: are you around, perchance ?06:08
thumpernot really06:08
thumperwhats up?06:08
lifelessI broke oopses on edge; fix is trivial, PQM is closed, needs a release-critical stamp06:09
lifelesswhich is you, or gmb in about 3-4 hours06:09
thumperlifeless: that mp up?06:09
lifelessby broke, they work, but you need to think like a pretzel to analyse them06:09
thumperdiff not there yet06:09
* lifeless bets its hung06:10
lifelessI've pasted a diff in06:10
thumperlifeless: the diff and comment don't really help me understand it06:11
thumperbut if you are sure it is right06:11
thumperI'll rc it06:11
lifelessthumper: I can explain it pretty quickly06:12
thumpergo then06:12
lifelesslook at this oops06:12
* thumper is supposed to be making dinner06:12
lifelessspecifically the sql log06:12
lifelessnotice how the durations go negative06:12
lifelessthe actual duration is the reported duration + the start offset.06:12
lifelessmy patch adds the start offset in the generation code06:13
lifelessI misunderstood what the disk format was meant to have in it.06:13
lifelessjtv: care to provide the code review stamp that will be wanted by ec2land ?06:13
jtvlifeless: since you're phrasing it like I'll have a meaningful role in the process, sure06:14
lifelessThis won't hit sundays rollout, but I can nurse it into devel tonight and ask spm to trigger a reroll of edge monday am06:15
lifelesssorry about breaking it06:15
lifelessjtv: I think you do have a meaningful role - there are three people that have read the entire change here: you, me, mwhudson06:21
lifelessjtv: I can't think of anyone better suited to review this (trivial) patch06:21
jtvWell, it's reviewed.06:23
lifelessthank you06:24
jtvThe only way I could find to do that was to request a review from myself.06:24
lifelessall you have to do is type in the comment box06:24
jtvI could've added an Approve vote, but not with a specific review type.06:24
lifelessand change the drop-down to approve/needs info etc06:24
jtvAnd you want the "code" review type for "ec2 land."06:24
lifelessI think a default type == code, doesn't it ?06:24
lifelessjtv: thanks for catching this06:27
lifelessI would have when I got a chance to look, but I'm glad to catch it as early as possible06:27
lifelessI so want a button I can push.06:44
lifelesswhich will deploy.06:44
* mwhudson is tempted to say that lifeless almost certainly owns a device which can cause a deployment by pressing lots of buttons in the right order06:47
mwhudsonlifeless: i've just read set_request_timeline :)06:49
lifelessmwhudson: I would deeply deeply love to have that better..06:49
lifelessmwhudson: I'm going to be putting it fairly high up in my hygiene requests for foundations I think; can't build on a shaky base.06:50
lifelessDistributionSourcePackage:+addquestion is looking pretty unhealthy06:52
mwhudsonlifeless: did you do any coding towards bug 623199 ?06:54
_mup_Bug #623199: scripts do not establish valid zope partiticipations <Launchpad Foundations:New> <https://launchpad.net/bugs/623199>06:54
lifelessmwhudson: nothing reusable06:55
lifelessmwhudson: I scrapped it as a learning experience06:55
mwhudsoni could have a hack now, but i guess an hour is probably extremely optimistic to get something useful done06:55
mwhudsonlifeless: what did you learn?06:55
lifelessI learnt that our scripts code is horribly confused about what they do06:56
lifelessI am more and more of the opinion we want impersonation06:56
lifelesswe want something to be able to:06:56
lifeless - run async06:56
lifeless - use the API to do shit06:57
lifeless - do it on behalf of a user that originated the work06:57
lifelessI think the second line, when written 'use SQL to do shit'06:57
lifelessshould mean nearly-no-code-changes, ideally.06:57
lifelesse.g. scripts should setup a participation of the user who the work is on behalf of06:58
mwhudsonwell i can see that would be good06:58
lifelessthis is obviously only applicable to deferred-work-scripts06:58
mwhudsonbut can't we make canonical.launchpad.webapp.adapter less terrible without that?06:58
lifelessothers like the PPA access token updater are conceptually different06:58
lifelessmwhudson: sure06:58
mwhudsonlifeless: and by run async, you mean in the context of appserver requests?06:59
mwhudsonnot twisted scripts that somehow process more than one job at once?06:59
lifelessbadly phrased06:59
lifeless'run out of step with appserver stuff'06:59
mwhudsonok, that's what i thought you meant06:59
lifelessmaybe for a single request, maybe much later, and all things inbetween06:59
mwhudsoni phrased it badly too06:59
lifelessyes, we can make adapter better07:00
lifelessI think your plan is a good one:07:00
lifeless - a specific interface which needs the following characteristics:07:00
lifeless  - adapter and other code like it (timelines, featureflags, permission checking) can rely on [if missing the error/fail appropriate;y]07:01
lifeless - HttpRequest implements it07:01
lifeless - something for scripts implements it07:02
lifelesswe may want the ability to push-and-pop the contextual-lookup for these objects07:02
lifeless checkwatches starts up, it needs to (picking one such thing) get the timeline for it as a whole and use that while it queries the DB for watches to update07:03
lifelessit may then want to, per watch, push a new context, which will get the db queries, errors, http client times, mail sending times, for a single watch.07:03
mwhudsonthere is newInteraction and restoreInteraction07:04
mwhudsonso zope already supports this to some extent07:04
lifelessI'm trying not to talk impl07:04
lifelessyou know whats available much better than I07:04
mwhudsoni only learnt about restoreInteraction a couple of weeks ago :-)07:04
lifelessyou're a couple of weeks ahead of me :P07:05
lifelessthats a big fraction of my time in this job :>07:05
mwhudsonwell, if it took me three+ years and you a few months, that's a good sign all round i think07:05
mwhudsoni think launchpad suffered for a time for not having any one who really got zope07:06
lifelessI've been listening in the corners all this time07:06
mwhudsonso we should make sure we hang on to gary and benji :-)07:06
lifelessmmm, we *started* with serious zopers.07:06
lifelessanyhow, we're going well now07:07
lifelessand I can see a path to having headroom to really tackle things.07:07
mwhudsonthat's good07:08
lifelessso webapp adapter07:08
lifelessI can - I have - described what I think we need in broad terms.07:08
lifelessbuilding on your description on the list07:09
lifelesswhat it needs now is someone to implement it and migrate a couple of scripts over, such that we can see it has legs.07:09
lifelessyou could probably do the start in an hour07:10
lifelessI dunno about getting into the meat07:11
lifelesstime for me to put on the war of the worlds and ratchet up the private librarian refactoring07:11
mwhudsonfair enough07:13
mwhudsoni think i'm going to think about linaro stuff instead :)07:21
lifeless\o/ next rollout will be tracking email/librarian/memcache times07:29
lifelessbut tracking them07:29
lifelessjtv: bug 629921 might entertain you09:44
_mup_Bug #629921: Archive:+packages with empty name search does like '%%' search. <timeout> <Soyuz:Triaged> <https://launchpad.net/bugs/629921>09:44
maxbWhat's the likelyhood of finding someone capable of bouncing codebrowse on a Sunday? :-/09:59
lifelessmaxb: low to middling10:31
lifelesshmm, whats the recommended url parsing lib for lp code10:32
wgrantlifeless: lazr.uri, probably.11:10
lifelesswgrant: do you know of any use for https urls on librarian files?11:11
lifeless(the current system, I mean)11:11
wgrantlifeless: They're used in the webapp.11:18
wgrantTo avoid insecure content warnings.11:18
wgranteg. project icons.11:18
* lifeless rethinks part of this11:18
lifelessthe docs could at least be a little less daft about how they explain it11:19
lifelessman the layers are messy11:27
lifelessI think its been refactored and docstrings not changed.11:27
gmblifeless, So, the current build failure is because the checked-in wadl is out of sync with what's generated by LP. I'm regenerating the on-disk wadl and checking it in; that should fix the breakage.11:32
lifelessso are we meant to do that always? How do we tell if a change is incompatible?11:33
lifelesscould you perhaps file a bug asking these things of foundations :)11:33
lifelessgmb: can you please disable the test.11:34
gmblifeless, You have a good point. I think I can shed some light on the reason for the test anyway:11:35
gmb1. Before we had checked-in WADL, there were always bzr conflicts because people would accidentally check in the apidoc directory (which would be created if it didn't exist already)11:36
gmb2. Therefore, it was decided to check in the WADL to prevent those conflicts.11:36
gmb3. Trouble was that WADL generation took a long time and unless it's --forced it won't overwrite the extant files.11:36
gmbSo the test is there to prevent us from having something broken rolled out.11:37
gmblifeless, I don't think we should disable the test unless we're going to stop having the WADL checked-in.11:37
lifelessgmb: I've replied in the thread11:37
lifelessgmb: but lets check my logic.11:38
lifelesswe have two branches.11:38
lifelessstable, db-devel.11:38
lifelessboth receive API changes.11:38
lifelesswhats going to happen in a cycle after both have had -any- API change.11:38
gmblifeless, Your reasoning is sound.11:39
gmblifeless, Okay, I agree; I'll disable the test.11:39
lifelessPerhaps revert the merge that added it to restore the old logic, whatever that was.11:39
wgrantChecking in WADL seems somewhat... odd.11:39
lifelessI don't know enough of the guts to suggest the right thing to do.11:39
lifelessI believe there was an additional desire to prevent API regressions by making people thing.11:39
lifelessOn reflection, I don't think the WADL is human readable enough for developers to do that routinely.11:40
gmblifeless, I think that test has been around for a while, actually.11:40
lifelessgmb: really ?11:40
gmblifeless, Yes. THough I'm not certain. I'll check now.11:41
lifelessI though benji landed it late last weke11:41
lifeless\o/ we should be getting librarian stuff in oops now. /me goes to try11:41
gmblifeless, Oh, right. For some reason I thought it was something that had been kicking around for a while. In my head, I was blaming mars ;)11:42
lifeless the motivations are good11:42
lifelessneeds some more glue to work well11:42
gmblifeless, You're right; it landed on devel the week before last.11:44
gmbI'll revert the merge(s).11:45
lifelessmy sunday is fading fast11:46
gmblifeless, Okay, no worries. I'll take care of this.11:47
lifelesssomething slightly screwy11:55
lifeless15ms to connect to librarian in the dc11:56
lifelessand 0ms to get the diff down11:56
lifeless15ms is a bit slow11:57
gmbI swear PQM keeps adding things to the regex so that my submissions fail.11:57
lifelesshttps://lp-oops.canonical.com/oops.py/?oopsid=1709EB904 for folk that can see11:57
lifelessgmb: what did you try11:57
lifelessand to what branch; they are funkily different11:57
gmblifeless, Oh, I'm being facetious. For some reason it's asking for [ui=] as well as [testfix][r-c][rs].11:58
lifelesswhat branch11:58
lifelessso this cycle11:59
lifelesswhen questions goes beserk, I'll be able to point and laugh at email very very easily :P11:59
* lifeless bets sending email is not cheap11:59
thekornlifeless: hi, your last comment on bug 620458 is a big surprise too me ;) the code from my last comment did not work a week ago,12:02
_mup_Bug #620458: cannot access attachments of private bugs any more <qa-needstesting> <httplib2:Unknown> <Launchpad Bugs:Fix Committed by adeuring> <https://launchpad.net/bugs/620458>12:02
lifelessthekorn: are you using production or edge?12:03
thekornand no, I'm not running the code in your datacenter12:03
thekornlifeless: works on both, maybe I was facing a different issue12:03
lifelessperhaps deryck and abel rolled back the privacy change12:03
lifelessI'm working on the long term fix atm12:03
lifelesshopefully we'll get it out in this rollout, and it will be faster after that.12:03
thekornlifeless: my way to reproduce this bug was always: "attachments are not accessible for private bugreports not reported by myself"12:04
lifelessthekorn: well, I'll talk to deryck tomorrow night12:04
lifelessgmb may know stuff now.12:04
lifelessgnight y'all12:04
thekorngood noight12:04
gmbthekorn, I'm afraid I don't know much about the private attachment stuff besides that there's still work ongoing. I'll speak to adeuring in the morning.12:05
thekorngmb: no problem, just wanted to give lifeless a quick answer to the question he had in his last comment12:08
gmbthekorn, Ah, okay, cool.12:09
ricotzplease, could someone restart https://launchpad.net/~xorg-edgers/+archive/ppa/+build/1945560 which is stuck20:42
lifelessricotz: I don't think anyone with that access is around yet; you might try asking in #launchpad which is the support channel and has different people in it.20:46
ricotzlifeless, thanks21:00
=== Pilky_ is now known as Pilky
mwhudsongood morning21:19
=== gmb` is now known as gmb
lifelesswhats that thing where you can get a librarian running before the test suite starts and use it ?21:47
mwhudsonpossibly spelt a bit differently21:48
lifelesswhat I mean is21:52
lifelessHTF do I debug the librarian daemon21:53
mwhudsonlifeless: appears to be ./bin/start_librarian21:54
lifelessheres the scenario21:54
lifelessoh thanks21:54
lifelessI really need to track down why I get leaked processed 1/3 test runs21:55
lifelessmwhudson: so, I guess I need to set a config variable too ?21:56
lifelesswhat I want to do is: run some tests that make the librarian 500; with pdb on the librarian21:56
mwhudsonlifeless: afaik know, LP_CONFIG defaults to development21:57
mwhudsons/know/no/ yay for homonym substitution21:57
mwhudsonlifeless: maybe make start_librarian LP_CONFIG=testrunner21:57
mwhudsonthen run the tests you care about with LP_PERSISTENT_TEST_SERVICES=1 set  ?21:58
mwhudsonwould work mostly by chance i guess, but might work21:58
lifelessDaemons cannot log to stdout, exiting21:58
* lifeless files a bug21:58
mwhudsonfigure out what start_librarian does, do that but add -n to the twistd arguments21:59
mwhudsonlifeless: it may be easier to do make run_all and recreate the tests by hand22:00
mwhudson(or not, depending on circs)22:00
lifelessit was entertaining finding this in the librarian22:01
lifelessraise LookupError22:01
thumpermorning people22:23
wgrantmwhudson: Homophone! Not homonym!22:50
wgrantBut anyway, morning.22:50
thumpermorning wgrant22:51
wgrantHow're things in NZ after the earthquake?22:51
lifelesswgrant: we're still here.22:51
lifelesschc is a bit fucked up22:51
wgrantYeah, so it seems...22:51
lifelesswe got out of there 2 weeks before the quake; good timing if I do say so myself22:52
wgrantEr, yes.22:52
lifelesswgrant: private librarian stuff is just about gtg22:53
lifelesshttps://code.edge.launchpad.net/++oops++/~lifeless/launchpad/private-librarian/+merge/31020 if you're interested in it22:53
wgrantI might remove the ++oops++ :)22:54
* thumper goes to make a coffee22:54
wgrantlifeless: Oh, going straight to multiple domains?22:54
wgrantThat's great.22:54
wgrantIt would be nice if access with an invalid token would redirect to the webapp to get a new token.22:56
wgrantBut LFAs don't have enough context :(22:56
wgrantAh, I see you've already discussed that.22:56
wgrant480+When the context file is a restricted `LibraryFileAlias`, traversal causes an23:01
wgrant481+access token to be allocated and a redirection to https on a unique domain to23:01
wgrant482+be issued.23:01
wgrantIn that test, can you unelide the 'i....restricted'?23:02
wgrantOtherwise it's not obvious then that anything's different about the URL.23:02
wgrantAnd since it's meant to be documentation, that seems like a bad thing.23:02
lifelessthat test file is unit tests masquerading as docs23:04
thumperlifeless: got time to chat?23:04
lifelessthats on line 465 for me23:04
lifelessthumper: sure23:04
thumperlifeless: yep23:04
wgrantlifeless: Ah, I didn't have the latest rev.23:05
wgrantlifeless: So it doesn't actually check the domain?23:11
wgrantNot a huge fan, but I guess it's OK.23:12
lifelesswgrant: if there is  ahole we can fix it, but I think its ok23:13
wgrantIt just lets people make mistakes without noticing.23:13
wgrantHm, actually, it might be dangerous.23:14
wgrantYes, it is.23:14
wgrantI think.23:15
wgrantI forget the exact cross-window security restrictions....23:15
wgrantWhy can't this be simple? :(23:15
mwhudsonwgrant: ah right23:16
wgrantI'm also not sure how browsers treat Referer when leaving an HTTPS URL for another HTTPS domain.23:18
wgrantThe RFC only says that they shouldn't send it when going non-secure.23:18
wgrantNot cross-domain.23:18
lifelesswgrant: what would the attack be23:21
lifelessI've asked kees to review as well23:22
wgrantlifeless: Somebody visits a private file. I can come along and send them to a page which lives on that same domain. Now, I'm not entirely sure how to get the other URL, but we've now bypassed cross-domain restrictions, so it needs thought.23:23
wgrantComplicated :(23:23
wgrantAh, I know.23:24
wgrantI know that somebody has access to a private file. I know its webapp URL, LFA ID and filename.23:25
wgrantI get an HTML file into a library file, and send them a URL to it on the target LFA's domain.23:25
wgrantThat page uses an iframe to go to the webapp URL (thus holding a reference to the window).23:25
wgrantOnce it gets to the webapp, my nasty page can't access the iframe (because it's on a different domain).23:26
wgrantBut the webapp will then redirect back to the file, on my domain.23:26
wgrantOnce it's back on my domain, I can access properties of the window (including its URL).23:26
wgrantI think that should work.23:26
lifelessso, concretely23:28
lifelessyou file a private bug that they will look at23:29
lifelessit has an attachment which will look up some other thing via the attach you describe above23:29
lifelessand to block it we need to make the domains line up23:29
wgrantIt doesn't need to be a private bug.23:29
wgrantI just need to get them to a librarian URL somehow.23:30
wgrantBut yes, you need to ensure that the domains match.23:30
lifelesswhich means knowing the LFA, which is only shown if you have access23:30
wgrantlifeless: Oh really?23:30
wgrantIt can be guessed.23:30
wgrantI've done so on a number of occasions :)23:30
lifelessI'm trying to estimate the risk if we:23:31
lifeless - deploy roughly what we have today23:31
lifeless - check the request path to be sure Host is preserved23:31
lifeless - enhance it to enforce domain matching in a future revision23:31
wgrant"to be sure Host is preserved"?23:31
lifelessthe request path for the private librarian is: client -> apache -> squid -> librarianN23:32
lifelessI'm not entirely sure the host header will be getting through untouched *right now* because we've never depended on it.23:32
wgrantOh, request path as in path of the request.23:33
wgrantNot the path attribute of the request.23:33
lifelessto enforce the domain matches the LFA id on all requests, we need to make sure its preserved23:33
lifelesswgrant: I'd like to get an iteration of this live on thursday23:33
lifelesswgrant: we have essentially 2 days to get all the kinks out, or to defer some stuff.23:34
wgrantWe should also check out how browsers handle Referer.23:34
wgrantI can't find any explicit mention of them behaving sanely :(23:34
lifelessI don't want to deploy a badly broken system, but if it is better than what we had, and relatively low risk, it might be ok for a week or two23:34
lifelesswgrant: assume insanity23:34
wgrantlifeless: I am.23:34
wgrant(the issue here is that links from private files to external HTTPS sites may reveal the file to the target site)23:36
lifelesswgrant: yes. I don't have any ideas how to do that other than having a cookie setting service.23:36
lifelesswgrant: and it would still reveal the existence of the files23:37
lifelesswgrant: OTOH a file can only shoot itself in the foot23:37
wgrantYeah, the solution I thought of was to have the tokenised URL set a cookie then redirect to something without the token.23:37
wgrantBut grrrr.23:38
wgrantStupid web.23:38
lifelesswgrant: yeah, 'cookie setting service'. meep sucky.23:38
lifelesswgrant: but back to /now/ : is the current thing fatally flawed, or something we could iterate on over a couple weeks.23:39
lifelessdeploy + iterate, that is.23:39
lifelessI'm personally fine with attachments that shoot themselves in the foot.23:39
wgrantlifeless: I'm not comfortable making a statement either way.23:39
wgrantRight, that's probably OK.23:39
wgrantThe attack I outlined earlier is my concern.23:40
wgrantBut that *in combination* with the shooting-themselves-in-the-foot is pretty bad.23:40
wgrantIf Referer is indeed sent.23:40
thumperwallyworld_: morning23:40
wgrantDifficulties I see with implementing the domain restriction:23:41
wgrant - As you say, the request path may not preserve Host.23:41
wgrant - We might have to make launchpad.dev exempt, since otherwise we need wildcard /etc/hosts....23:41
lifelessright, there is a comment in the tests about that ;)23:43
lifelesswe can actually test the librarian without it23:44
lifeless(connect on ip, host header passed to librarian)23:44
lifelessand we could check that private bug /urls/ are of the right shape, not actually connect.23:44
lifelessattachment urls, I mean.23:45
lifelessdo a non-follow-redirect request23:45
wgrant(also, are you going to be able to get a cert in time?)23:45
lifelesswgrant: its the top ticket in the LP queue.23:46
lifelesswgrant: also on the MP it says 'have a thing to allow it to be enabled post rollout'23:46
wgrantAh, good.23:46
wgrantI didn't actually read the MP description.23:46
wgrantJust the diff.23:46
lifelessspecifically I'd like to get the code out there23:46
lifelesspost rollout hernias addressed.23:46
lifelessthen get a manually inserted TLT, check with wget it works, then enable the appserver code.23:48
wgrantI prefer to read the code first, so my interpretation isn't incorrectly influenced by the description.23:48
wgrantWait, TLT?23:48
lifelesstime limited token23:48
wgrantOh, right.23:48
wgrantI guess this is what feature flags are for.23:48
lifelessthey're a bit rought still23:49
lifelessbut will do the job23:49
=== Ursinha is now known as Ursinha-afk
lifelesswgrant: http://www.geonet.org.nz/images/news/2010/Fault_0564.jpg23:56

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!