/srv/irclogs.ubuntu.com/2011/08/19/#ubuntu-release.txt

ScottLubuntu studio has been having some trouble getting an image built01:31
ScottLhttp://people.canonical.com/~ubuntu-archive/cd-build-logs/ubuntustudio/oneiric/daily-20110818.log01:31
ScottLcan someone help me resolve this please?01:31
ScottKslangasek: It'd make me very happy if you could do the removals in Bug #794513.02:52
ScottKTurns out option 3 had already been asked for.02:52
ScottKslangasek: I think between what's in that bug, what's already NBS, and Bug #829149 it'll make a clean sweep of KDE3.02:58
slangasekScottK: done03:17
ScottKslangasek: Thanks.03:17
=== chrisccoulson_ is now known as chrisccoulson
=== doko_ is now known as doko
scott-workcjwatson:  i was told to mention to you about a problem with the ubuntu studio image build which i believe is affecting other derivatives11:48
scott-workcjwatson:  this is a typical problem: W: Failed to fetch file:/srv/cdimage.ubuntu.com/ftp-universe/dists/oneiric/main/binary-amd64/Packages.bz2  Hash Sum mismatch11:48
cjwatsonI can't do anything about it except retry11:49
scott-workcjwatson: http://people.canonical.com/~ubuntu-archive/cd-build-logs/ubuntustudio/oneiric/daily-20110819.log11:49
cjwatsonit's due to the archive sync being too slow11:49
scott-workah, okay, that's surprising because it has been happening for at least three days :(11:49
cjwatsonit's basically random11:49
cjwatsonand it's not remotely a new issue11:49
scott-workokay, thank you for the infomration :)11:50
cjwatsonI've kicked a retry; who knows, it might work11:50
cjwatsonwhenever we get the new hardware it should address this, I think11:50
scott-workthank you again for your time :)11:51
cjwatsonscott-work: seems to have worked that time12:29
scott-workcjwatson: thank you every so much!  :)13:06
* lamont stuffs all the buildds on manual for a bit13:28
lamontand the world is coming back14:33
* highvoltage hides14:37
lamontthe ppa builders are either back on line or coming back online, and the chrootwait thing is fixed, dead and gone.14:39
NCommanderlamont: thanks:-)14:50
ogra_hrm14:51
NCommanderogra_: can you tell skaet I'm going to be a bit late for the release meeting?14:51
lamontogra_: hrm, you say?14:51
NCommander(I shouldbe back in time, but just in case)14:51
* ogra_ fights with PREINSTALLED_IMAGE_FILESYSTEM14:51
ogra_i somehow need to overrice the hardcoded default thats set in debian-cd based on a subarch search ... but i dont want to add additional code to debian-cd14:52
ogra_overriding from cdimage code doesnt work since debian-cd always processes CONF.sh, which resets that var to default14:52
=== joshuahoover1 is now known as joshuahoover
=== Ursinha` is now known as Ursula
=== Ursula is now known as Ursinha
ScottKtumbleweed: I do think we should generally approve things like dh_python2 changes as long as they've had a second set of eyes to verify their correctness.17:03
tumbleweedScottK: so you don't require any justification beyond "it looks ok"? I've always regarded FF as the point where I should justify my changes17:09
ScottKtumbleweed: It depends on the change.  For dh_python2 we've got an overall goal to switch so there's an inherent reason.17:10
ScottKIMO, YMMV, etc.17:10
tumbleweedok in that case I can ack the one I marked as incomplete, although I would have preferred to see a build log17:11
ScottKI find the debc output it a lot more useful for dh_python2 changes.17:12
tumbleweedI mean a build log including debc :)17:13
ScottKRight.17:13
tumbleweedI want to see the Depends, and the contents, and I'd generally like to see what dh_python2 said when it ran17:13
ScottKYep.17:13
ScottKYou might just build it yourself, for fun.17:13
tumbleweedmight as well, it's not like I don't have the time17:14
* ScottK wonders why people think "I'm not paid to do this work" is part of a rationale for an FFe?19:19
nigelbsrsly? :|19:22
* slangasek blinks19:27
ScottK82970919:32
elmowow, I can't believe I'm going to be defending kirkland and/or byobu, but...19:34
elmoScottK: he didn't make it part of the rationale, it's pretty clearly in the 'Additional Info' section, not the 'Rationale' section19:34
elmoScottK: not for nothing, but assuming a bit of good faith would, IMO, go a long way.  when I read the bug, I don't think kirkland's put that in there in the expectation that it's going to change the outcome, rather genuinely as non-actionable/influencing background info19:38
highvolt1gebyoby and kirkland are both awesome and you shouldn't have to defend defending them!20:02
=== highvolt1ge is now known as highvoltage
=== Ursinha` is now known as Ursinha
=== Ursinha is now known as Guest59628
* tumbleweed reads it mostly as an "I've been busy" rather than "I'm not paid"20:28
nigelbSort of equal to "dayjob has been kicking me in the gut?"20:30
nigelb:)20:30
tumbleweedwell, a sorry I couldn't get to it before FF20:30
tumbleweedyeah20:30
slangasekdoes anyone know what has changed in the past bit (last year or so?) that changed who's able to see private bug reports against packages?20:54
slangasekwe've just figured out mvo didn't see private bug reports filed against update-manager, and he ought to (also, apport shouldn't have filed the bugs as private, but that's a different bug)20:54
slangasekand I've been seeing similar behavior on pam and grub bugs, where they're not visible to me until the security team unchecks the 'private' flag20:55
slangaseknow that I know that it's not me, it sounds like a significant regression20:55
slangaseks/not me/not just me/20:55
slangasekkees, jdstrand, micahg, mdeslaur: ^^ maybe you guys have some insight into what may have changed in LP on this score?20:56
nigelbslangasek: *maybe* security bugs are only visible to security team?20:56
jdstrandsorry, I don't20:56
* nigelb checks code20:56
kirklandslangasek: funny enough, aliguori tackled me today at LinuxCon saying he hasn't been getting private bug notices against the qemu upstream project in Launchpad20:57
mdeslaurslangasek: security bugs are only visible to the security team20:57
jdstrandI think if it is both private and security, only we see it20:57
kirklandslangasek: he said he was "embarassed" when a guy who filed a number of CVEs asked him why he hadn't taken any action in several weeks :-o20:57
jdstrandbut I don't know of anything that has changed recently that would alter behavior20:57
keesslangasek: that's certainly a regression -- the package owner should be able to see it, I thought20:57
keesslangasek: are those bugs marked "security"? that's the only time the package subscribers can't see it, I thought.20:58
mdeslaurkees: I don't remember it ever being any different20:58
keesmdeslaur: right, _security_ bugs. but "just" private...20:58
slangasekmdeslaur: a) my update-manager bugs aren't tagged security, b) I would expect trusted package owners to still be able to see them, like kees says20:58
keesthe problem is the order of operations.20:58
slangasekand see above for the upstream case kirkland mentions20:58
keesyou check 'security' at the start, no one is subscribed but us, the reporter unchecks 'security', and then it should be visible to the package owners. wait, I've just talked myself out of this.20:59
mdeslaurslangasek: so, basically, nobody can see it except for the reporter? what good is that? :)20:59
slangasekI guess this should be taken to #launchpad then20:59
keesthere is no such thing as "package owner"20:59
slangasekmdeslaur: no kidding!20:59
slangasekkees: well, I would expect package bug subscribers who are part of some "trusted" group wrt the bug task, to be able to see them20:59
keesso, right, mdeslaur is right, after running through this a few times in my mind.21:00
keesslangasek: that would be good, but where is that defined in LP? I don't think such a thing exists.21:00
slangasekkees: well, it used to be defined for Ubuntu in order for people to poke at backtraces when the retracer has failed21:00
slangasekin fact, the retracer itself needs to get access to private reports21:01
mdeslaurprivate bugs are supposed to be visible to whoever signed up to get bugmail for a particular package, and the reporter can remove people21:01
keesmdeslaur: but anyone can subscribe...21:01
mdeslaurkees: yes, but if you subscribe, you aren't added to the bugs which are already private21:01
mdeslauranyway, #launchpad probably knows more21:02
keesslangasek: so, it must be related to the project contacts or something21:02
keesmdeslaur: right21:02
mdeslaurhuh, actually, the only person subscribed to a private bug I've opened earlier today is apport21:03
mdeslaurand if I look at an _old_ private bug I had opened last year, a whole slew of people are subscribed to it21:04
jdstrandI think it's wrong for someone to subscribe to get bugmail and then automatically get all security bugs21:11
jdstrandif we uncheck the security box, then yes. otherwise, we bring in who is needed21:12
slangasekright, subscribing to bugmail shouldn't automatically get you access to security bugs21:12
slangasekbut if you're the owner of the project (cf. qemu-kvm above), you certainly should!21:13
jdstrandyes!21:13
jdstrandby all means :)21:13
jdstrandI may be lacking context, but that's ok21:14
mdeslaurno, owners of projects should _not_ be getting security bugs21:22
slangaseker, what21:22
cjwatsonoh god.  if I touch a package called "php5-ffmpeg", will I go to hell?21:23
slangasekthe Ubuntu security team shouldn't be setting the policy for security bugs filed against upstream21:23
jdstrandmaybe we are talking about different things21:23
jdstrandif we get a bug against qemu in Ubuntu, then only the security team should get the bug initially21:24
slangasekwe're talking about an *upstream* security report - the registrant of the qemu project in launchpad should certainly be able to see bugs filed against qemu in launchpad, security or not21:24
slangasekcjwatson: that depends on how you touch it :P21:24
jdstrandif upstream qemu gets a bug, they should get the bug21:24
mdeslaurslangasek: what's an upstream security report?21:24
jdstrandcjwatson: I think the safe answer is 'yes'21:24
slangasekmdeslaur: there are projects other than Ubuntu that use launchpad21:24
mdeslaurok, if I type "ubuntu-bug qemu" and on the webpage check "security", I expect only the security team to see it21:25
slangasekthat's not an upstream bug report21:25
jdstrandmdeslaur: that's correct21:25
slangasekan upstream bug report is one filed against the qemu *project* in launchpad21:25
jdstrandbut if you go to https://bugs.launchpad.net/apparmor/+filebug, that's an upstream bug21:25
kirklandhttp://bugs.launchpad.net/qemu -> Report a bug21:26
mdeslaurright, ok, we're all in agreement21:26
mdeslaurjdstrand: do we even see those? I didn't think so21:26
jdstrandmdeslaur: no, and we should not21:26
slangasekor if someone uses 'also affects project' -> qemu on a security bug filed against Ubuntu, the qemu upstream bug contact should be able to see it21:26
kirklandyou don't, no21:26
mdeslaurslangasek: yes, agreed21:27
jdstrandhttps://bugs.launchpad.net/ubuntu/+source/foo/+filebug (we see). https://bugs.launchpad.net/foo/+filebug (wee should not)21:27
kirklandbut aliguori was complaining to me just today that he didn't think he was receiving the bug mail for which he's marked as the security contact21:27
jdstrands/wee/we/21:27
jdstrandslangasek: I'm not as enthusiastic about 'also affects project', but I think I don't disagree21:28
slangasekjdstrand: well, the set of people who are in a position to *add* such a task to a bug are finite; you don't have to do it, but if you do those are the sensible semantics :)21:31
keescjwatson: elmo made me audit php5-ffmpeg ! it's not so bad, actually.21:33
elmohey, hang on, I rick trolled you into auditing it, I didn't expect you to fall for it!21:34
mdeslaurrofl21:35
jdstrandhehe21:35
* cjwatson wonders what to do about mplayer - attempt to bodge it into libav 0.7 support in ways different from what was done upstream, or pull in a new snapshot from Debian experimental21:48
cjwatsonneither is massively appealing21:48
micahgslangasek: sinzui has been working on a disclosure story for LP, there was a thread on launchpad-devel about it22:14
slangasekmicahg: oh; does the thread touch on this issue we're hitting?22:17
micahgslangasek: yes, who can see what was a large part of the issue discussed22:18
* micahg looks for the thread22:18
micahgslangasek: https://lists.launchpad.net/launchpad-dev/msg07445.html22:21
slangasekmicahg: thanks for the link22:26
micahgslangasek: sorry, I was out before22:29

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!