[18:09] <mdeslaur> jdstrand, sbeattie, jjohansen, micahg, tyhicks: meeting?
[18:09] <jjohansen> \o
[18:09] <tyhicks> Hello
[18:09]  * sbeattie waves
[18:09] <micahg> o/
[18:14] <kees> \o
[18:14] <jdstrand> oh yes
[18:14] <jdstrand> (sorry)
[18:15] <jdstrand> I adjusted the clendar and everything, and then still got confused
[18:15]  * jdstrand hates DST
[18:15] <jdstrand> mdeslaur, sbeattie, micahg, tyhicks, jjohansen: I'm here for the meeting now
[18:15] <jjohansen> \o/
[18:15] <jjohansen> :)
[18:15] <jdstrand> I apologize for being late
[18:16] <micahg> ok, we only have 45 minutes :)
[18:16] <jdstrand> #startmeeting
[18:16] <meetingology> Meeting started Mon Nov  7 18:16:28 2011 UTC.  The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/AlanBell/mootbot.
[18:16] <meetingology> Available commands: #accept #accepted #action #agree #agreed #chair #commands #endmeeting #endvote #halp #help #idea #info #link #lurk #meetingname #meetingtopic #nick #progress #rejected #replay #restrictlogs #save #startmeeting #subtopic #topic #unchair #undo #unlurk #vote #voters #votesrequired
[18:16] <jdstrand> The meeting agenda can be found at:
[18:16] <jdstrand> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
[18:17] <jdstrand> [TOPIC] Announcements
[18:17] <jdstrand> Team attended UDS last week. It was a very busy week and we have a lot to do. For details, see http://summit.ubuntu.com/uds-p and our blueprints at https://blueprints.launchpad.net/ubuntu?searchtext=security-p
[18:17] <jdstrand> [TOPIC] Weekly stand-up report
[18:17] <jdstrand> I'll go first
[18:18] <jdstrand> I have a bunch of updates I am working on, so will continue with those
[18:18] <jdstrand> I've got a bit of an email backlog that I need to tend to
[18:18] <jdstrand> I'm also going through my merges today, and getting to some of them
[18:18] <jdstrand> I will be patch piloting this week
[18:18] <jdstrand> and then there is UDS aftermath (eg, discussing work items, prioritizing, etc)
[18:19] <jdstrand> that's it from me
[18:19] <jdstrand> mdeslaur: you're up
[18:19] <mdeslaur> I'm currently testing tomcat6 updates, hopefully I'll get them out today or tomorrow morning.
[18:19] <mdeslaur> I'm also working on some embargoed issues
[18:19] <mdeslaur> and have a few more packages to test that are ready to publish
[18:20] <mdeslaur> This week, we'll be going through the blueprints and assigning and prioritizing work items...We'll talk more about that once everyone has done their status report
[18:20] <mdeslaur> that's it from me. sbeattie, you're up
[18:20] <sbeattie> I'm on triage this week
[18:21] <sbeattie> I've got updates for openjdk, apache, and squid that I need to test and publish, with more in the pipeline.
[18:22] <sbeattie> I also need to a bit of post UDS cleanup
[18:22] <sbeattie> I think that's it for me
[18:22] <sbeattie> micahg: poke
[18:24] <micahg> I've got Mozilla updates, short week (off Wed and Thu), have to look into the DigiCert issue that Mozilla posted to see if we need other updates for it, some Chromium testing, that's it for me
[18:25] <jjohansen> I guess thats me up them
[18:25] <jjohansen> I have some kernel work flow (2 kernels), an email backlog, UDS aftermath (work item priorities, and apparmor ml follow on discussions), bug #810270, and starting on policy stacking
[18:26] <jjohansen> ah gah, wrong bug#
[18:26] <jjohansen> now /me has to dig through the bugs instead of notes
[18:27] <sbeattie> hehe
[18:27] <jjohansen> anyways its the alias bug cboltz brought up
[18:27]  * sbeattie marks jjohansen down for post-UDS organizational cleanup, too.
[18:28] <jjohansen> hehe, yeah
[18:28] <jdstrand> tyhicks: you're next
[18:29] <tyhicks> ack
[18:29] <tyhicks> I'm in the happy place this week
[18:29] <tyhicks> I've got a little bit of a start on a freetype update. I'll finish up that one before moving onto the rest of my security update queue
[18:29] <tyhicks> I need to finish testing a couple eCryptfs fixes and get them applied upstream A
[18:29] <tyhicks> ASAP*
[18:29] <tyhicks> I've got an ubuntu-security-sponsors update that spilled over from last week, while at UDS, that I want to get to before mdeslaur does
[18:29] <tyhicks> jdstrand: that's it
[18:29] <mdeslaur> oh! yeah, I'm on community this week also
[18:30] <jdstrand> cool, thanks
[18:30] <jdstrand> [TOPIC] Highlighted packages
[18:30] <jdstrand> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/Securi
[18:30] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/lastfm.html
[18:30] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/yaws.html
[18:30] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/libmojolicious-perl.html
[18:31] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/tinyproxy.html
[18:31] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/gromacs.html
[18:31] <jdstrand> [TOPIC] Miscellaneous and Questions
[18:31] <mdeslaur> jdstrand: your blurb got truncated there ^
[18:31] <jdstrand> meh
[18:31] <jdstrand> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
[18:31] <jdstrand> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
[18:31] <jdstrand> Does anyone have any other questions or items to discuss?
[18:32] <mdeslaur> jdstrand: shall we discuss blueprints/work items now?
[18:32] <jdstrand> mdeslaur: sure, go for it
[18:32]  * jdstrand hands the mic to mdeslaur 
[18:32] <mdeslaur> is this on? <tap><tap>
[18:33] <jdstrand> hehe
[18:33]  * jdstrand actually heard the tap in his head. kinda weird
[18:33] <mdeslaur> so, this week we'll be going through the blueprints to 1- assign work items, 2- prioritize work items
[18:34] <mdeslaur> jdstrand, sbeattie, micahg, tyhicks, jjohansen: could you please go through your blueprints and create work items for the ones that currently don't have any? This needs to be done before wednesday so we can then prioritize them
[18:34] <mdeslaur> also, if you see work items you would like, please mark your named next to them to make it easier once we go down the list
[18:34] <micahg> mdeslaur: not before Wed, I can do it Friday
[18:35] <jdstrand> jdstrand: ack
[18:35] <jjohansen> mdeslaur: ack
[18:35] <tyhicks> mdeslaur: ack
[18:35] <jjohansen> jdstrand: perhaps you meant mdeslaur?
[18:35] <jjohansen> :)
[18:35] <jdstrand> hah
[18:35] <jdstrand> mdeslaur: ack
[18:35] <tyhicks> jjohansen: No, he's talking to himself again :)
[18:35] <mdeslaur> in particular, the following don't currently have work items: https://blueprints.launchpad.net/ubuntu/+spec/security-p-ecryptfs , https://blueprints.launchpad.net/ubuntu/+spec/security-p-mozilla-lts , https://blueprints.launchpad.net/ubuntu/+spec/security-p-apparmor-ubuntu
[18:35] <jdstrand> jjohansen: ;)
[18:36] <jdstrand> I've got the last one
[18:36] <micahg> I have the middle one :)
[18:36] <tyhicks> I've got the eCryptfs one
[18:36] <mdeslaur> no fistfights, how nice :)
[18:36] <sbeattie> mdeslaur: okay
[18:36] <jdstrand> micahg: can you at least do a quick first pass on that bp? I don't think there is a ton and it will help mdeslaur
[18:37] <jdstrand> (friday is too late for the release status meeting)
[18:37] <micahg> ACK, will try
[18:37] <jdstrand> micahg: if not, we can do a first pass
[18:37] <mdeslaur> so, on wed, we'll be going down the list and making sure they're assigned to the right people, and prioritizing them
[18:38] <mdeslaur> micahg: that's why firefox and chromium are written in C, to give you time to do other stuff while they are compiling... :)
[18:38] <mdeslaur> ok, that's it for me
[18:38]  * mdeslaur hands mike back to jdstrand
[18:39] <jdstrand> mdeslaur: thanks!
[18:39] <jdstrand> anything else?
[18:39] <micahg> md5 stuff?
[18:39] <micahg> or we can save it for next week
[18:40] <mdeslaur> micahg: what would you like to talk about md5 stuff?
[18:41] <micahg> about the possibility of enabling a warning in certain libraries that md5 is being used and that it might be insecure if that's in a security context for the duration of the alphas in precise
[18:43] <jdstrand> micahg: that is a work item in the catch-all. we left it that it would be prioritized with the others, and depending on how it is prioritized, go from there
[18:43] <micahg> ok
[18:44] <broder> o/ re: backports stuff
[18:44] <jdstrand> broder: go ahead
[18:44] <jdstrand> broder: and hello :)
[18:44]  * broder waves
[18:45] <broder> we're now generating a report of backports that have been superseded by security or stable updates: http://people.ubuntuwire.org/~broder/rebackporter/rebackports.json
[18:45] <broder> (code in lp:~broder/+junk/rebackporter)
[18:45] <broder> (html-friendly report to come as soon as harvest starts importing again)
[18:45] <mdeslaur> broder: cool!
[18:45] <jdstrand> broder: excellent! thanks :)
[18:46] <broder> state of things looks mostly good. i'm going to be following up with the backports team to try and establish policies for security/SRU backports going forward
[18:46] <jdstrand> broder: sounds awesome. thanks to you, tumbleweed and the other backporters on following up on this. we'll adjust that work item accordingly
[18:46] <broder> for the ones where the source release of the backport is deprecated, we don't have the manpower to test replacing them with a backport from a current release, so my proposal is to use the deprecated release as a being strictly better than what's in backports now
[18:47] <broder> and for all of them, i'm going to advocate reducing the testing requirements from our usual backports requirements so we can try and reduce the friction of getting them in
[18:48] <jdstrand> broder: I wonder if removing these types of backports would make sense, so others won't get them (since, by your admission, they aren't really maintainable any more)
[18:48] <broder> hmm...yeah, that seems like it could be a reasonable option as well
[18:49] <mdeslaur> hrm, at least having them there allows the possibility of them being manually patched for security issues
[18:49] <jdstrand> nothing saying someone can't still provide said update at a later date
[18:49] <micahg> if they're not there and someone wants them, they can request a backport from a supported release
[18:50] <jdstrand> (or do what micahg said)
[18:50] <broder> right, though for most of these (e.g. libvirt) the burden of backporting them (and testing reverse-dependencies) from a stable release is much higher than just cherry-picking updates
[18:51] <jdstrand> yep. I gave tumbleweed some pointers on trying to get the lucid libvirt going on hardy, but that is going to be a hairy update
[18:52] <jdstrand> but that is a corner case-- most aren't like that
[18:53] <jdstrand> are there any other items to discuss with the security team?
[18:56] <jdstrand> mdeslaur, sbeattie, micahg, tyhicks, jjohansen: (and broder) thanks!
[18:56] <jdstrand> #endmeeting
[18:56] <meetingology> Meeting ended Mon Nov  7 18:56:20 2011 UTC.
[18:56] <meetingology> Minutes:        http://ubottu.com/meetingology/logs/ubuntu-meeting/2011/ubuntu-meeting.2011-11-07-18.16.moin.txt
[18:56] <mdeslaur> thanks jdstrand!
[18:56] <sbeattie> jdstrand: thank you
[18:56] <tyhicks> jdstrand: thank you
[18:56] <jjohansen> jdstrand: thanks
[18:56] <broder> jdstrand: thanks :)
[18:58] <bdrung> !dmb
[18:58] <bdrung> !dmb-ping meeting in a few minutes
[18:59] <bdrung> !dmb-ping
[18:59] <micahg> hehe, wrong factoid :)
[18:59]  * stgraber waves
[18:59] <tumbleweed> o/
[19:00] <tumbleweed> [OT] jdstrand: err, I recall no discussion of libvirt on hardy. Was that really me?
[19:01] <broder> tumbleweed, jdstrand: uh, i think that was me :)
[19:02] <bdrung> cody-somerville and Laney won't attend the meeting
[19:03] <micahg> well, we still have quorum so we're good i think
[19:03] <bdrung> #startmeeting
[19:03] <meetingology> Meeting started Mon Nov  7 19:03:47 2011 UTC.  The chair is bdrung. Information about MeetBot at http://wiki.ubuntu.com/AlanBell/mootbot.
[19:03] <meetingology> Available commands: #accept #accepted #action #agree #agreed #chair #commands #endmeeting #endvote #halp #help #idea #info #link #lurk #meetingname #meetingtopic #nick #progress #rejected #replay #restrictlogs #save #startmeeting #subtopic #topic #unchair #undo #unlurk #vote #voters #votesrequired
[19:04] <bdrung> [TOPIC] Review of previous action items
[19:04] <bdrung> cody-somerville isn't here. so we probably can skip the review of his items.
[19:05] <bdrung> [TOPIC] Continue discussion about our package set management workflows (review TB feedback)
[19:05] <bdrung> i haven't found the time to catch up the mails from the last few days
[19:06] <bdrung> should we move this point to the end?
[19:07] <stgraber> sure
[19:07] <tumbleweed> IIRC the only response was from sabdfl
[19:07] <bdrung> [TOPIC] Creation of new desktop-extra package set
[19:07] <stgraber> tumbleweed: well, it was discussed at the TB meeting, then sabdfl commented by e-mail after the meeting
[19:08] <bdrung> [LINK] https://lists.ubuntu.com/archives/ubuntu-desktop/2011-October/003374.html
[19:08] <tumbleweed> stgraber: ah, I was in the plenaries... Anyway, we can discuss it later
[19:09] <bdrung> do we have a sufficient package set description?
[19:10] <micahg> https://lists.ubuntu.com/archives/ubuntu-desktop/2011-November/003391.html
[19:10] <bdrung> micahg: where is the description for ubuntu-desktop?
[19:11] <micahg> the only thing that looks funny in there is ekiga, the rest is fine
[19:11] <micahg> bdrung: it's a seed, no description needed
[19:12] <bdrung> micahg: but desktop-extra wouldn't be a seed, would it?
[19:12] <micahg> ubuntu-desktop packageset = basically anything in ubuntu-desktop excluding stuff in desktop-core and core
[19:12] <micahg> bdrung: correct, so seb128 gave a rough description
[19:13] <micahg> NOT IN ubuntu-desktop, but needed for a vanilla GNOME
[19:13] <bdrung> is this precise enough? how sharp is "vanilla GNOME" defined?
[19:14] <micahg> idk, perhaps an upstream GNOME link with their base components would be enough?
[19:15]  * micahg hunts for a SME
[19:15] <bdrung> SME?
[19:15] <micahg> subject matter expert
[19:17] <micahg> bdrung: maybe we should table until someone pops up that can give us more info
[19:18] <bdrung> k
[19:18] <tumbleweed> or if that fails, invite a desktop person to the next meeting
[19:18] <micahg> ideally the person who requested the packageset should be here, but maybe we didn't make that clear
[19:19] <bdrung> [TOPIC] Serge Hallyn's application for upload rights for the Ubuntu Server package set.
[19:19] <hallyn> \o
[19:19] <bdrung> [TOPIC] https://wiki.ubuntu.com/SergeHallyn/ServerDeveloperApplication
[19:19] <bdrung> hallyn: can you introduce yourself?
[19:20] <hallyn> Sure - I'm Serge Hallyn, member of server team.  I mainly watch the virtualization stack, libvirt, lxc, qemu-kvm, etc
[19:22] <hallyn> I rarely make any changes without discussing them with someone else first, but sponsoring is much more work to ask of someone, so it seemed best to ask for server set upload rights
[19:23] <bdrung> hallyn: how good is the relation between the server team and debian?
[19:23] <bdrung> hallyn: IIRC e.g. qemu-kvm has big difference in both distributions
[19:23] <hallyn> I like to think it's pretty good.  (getting ready to submit a bug back to debian from an ubuntu one right now)
[19:23]  * ajmitch had thought that hallyn was core dev already, tbh :)
[19:24] <hallyn> yes, qemu-kvm is ac ompletely different package in ubuntu
[19:24] <hallyn> after this next TLS I want to think about merging back
[19:24] <hallyn> but not for LTS
[19:24] <hallyn> (s/TLS/LTS :)
[19:24] <stgraber> As I said on hallyn's wiki page, I've been sponsoring quite a few of his uploads (last being an lxc SRU last week), most were good to upload as-is, the few I changed were mostly to add some stuff that I wanted to bundle in the upload ;)
[19:24]  * micahg wonders if there will be a new TLS after the LTS
[19:24] <bdrung> :)
[19:25] <hallyn> (better than a TPS report i guess)
[19:25] <bdrung> hallyn: is there something like a server team on the debian side or are you just working with a bunch of different maintainers?
[19:26] <hallyn> bdrung, different maintainers, though mostly I just work through the debian bug system.  (i do sit on the mailing lists)
[19:26] <bdrung> do the other dmb members have questions in the pipe?
[19:26] <stgraber> I don't
[19:26] <hallyn> I've said this before, but am intending to seek a sponsor soon to get debian DD so I can feel more closely involved
[19:27] <micahg> hallyn: do you have an interest in any of the other packages in the server packageset besides the few you've uploaded?
[19:27] <hallyn> (thank you for not pointing out redundancy)
[19:27] <hallyn> micahg, yes.  For general helping out in early-release syncs for instance
[19:28] <bdrung> ready to vote?
[19:28] <micahg> yep
[19:28] <stgraber> yep
[19:28] <tumbleweed> sure
[19:29] <bdrung> [VOTE] Should Serge Hallyn get upload rights for the Ubuntu Server package set?
[19:29] <meetingology> Please vote on: Should Serge Hallyn get upload rights for the Ubuntu Server package set?
[19:29] <meetingology> Public votes can be registered by saying +1, +0 or -1 in channel, (private votes don't work yet, but when they do it will be by messaging the channel followed by +1/-1/+0 to me)
[19:29] <bdrung> +1
[19:29] <meetingology> +1 received from bdrung
[19:29] <stgraber> +1
[19:29] <meetingology> +1 received from stgraber
[19:29] <tumbleweed> +1
[19:29] <meetingology> +1 received from tumbleweed
[19:29] <geser> +1
[19:29] <meetingology> +1 received from geser
[19:29] <micahg> +1
[19:29] <meetingology> +1 received from micahg
[19:30] <bdrung> [ENDVOTE]
[19:30] <meetingology> Voting ended on: Should Serge Hallyn get upload rights for the Ubuntu Server package set?
[19:30] <meetingology> Votes for:5 Votes against:0 Abstentions:0
[19:30] <meetingology> Motion carried
[19:30] <bdrung> hallyn: congrats
[19:30] <hallyn> thanks :)
[19:30] <micahg> bdrung: jbicha is here if you want to go back to the desktop-extra packageset
[19:31] <stgraber> hallyn: congrats!
[19:31] <micahg> at least I think he is
[19:31] <jbicha> hi, sorry for missing the beginning of the conversation
[19:31] <micahg> congrats hallyn
[19:31] <bdrung> [TOPIC] Creation of new desktop-extra package set
[19:31] <jbicha> http://git.gnome.org/browse/jhbuild/tree/modulesets
[19:31] <jbicha> we could use whatever is not in main from gnome-suites-core, gnome-suites-core-deps, and gnome-apps
[19:33] <bdrung> jbicha: does a script/tool exist to format the .modules file nicely for our usecase?
[19:34] <bdrung> micahg: ekiga is listed in gnome-apps
[19:35] <jbicha> I don't know what format you need it in, and I don't know if it comes in a simpler format
[19:35] <micahg> yeah, I see, I'm just wondering how related it is, but I guess that's fine
[19:36] <bdrung> a plain list of package instead of an xml file would be easier to read, but the xml is sufficient
[19:36] <jbicha> there's also http://git.gnome.org/browse/jhbuild/plain/modulesets/ but it's the same thing
[19:38] <bdrung> The description of desktop-extra would be then: "Every package that is NOT in ubuntu-desktop, but needed for a vanilla GNOME. Vanilla GNOME is defined by upstream in gnome-suites-core, gnome-suites-core-deps, and gnome-apps http://git.gnome.org/browse/jhbuild/tree/modulesets"
[19:38] <bdrung> this sound precise enough for me. thought?
[19:39] <bdrung> s/thought/thoughts/
[19:39] <jbicha> that's fine, how about "NOT in main" instead?
[19:39] <micahg> I wish I could see a textual list of those files before voting
[19:39] <micahg> yes, this would be a universe only packageset I think
[19:40] <stgraber> I also would like to see an actual list matching this criteria before voting. The description is fine to review additions afterwards though
[19:40] <stgraber> (especially as I'll likely be the one who needs to implement the package set, having a list makes it easier ;))
[19:40] <bdrung> the current list is posted here: https://lists.ubuntu.com/archives/ubuntu-desktop/2011-October/003374.html
[19:40] <jbicha> bdrung: that list wasn't compiled straight from the jhbuild list though
[19:41] <bdrung> we could decide on that list and modify it later using the package description
[19:41] <jbicha> I could make a list and email it to the DMB list
[19:42] <micahg> well, still, I'd prefer a textual list of those .module files before agreeing to use them as criteria for future additions
[19:42] <bdrung> jbicha: can i give you that action item?
[19:42] <jbicha> bdrung: yes
[19:43] <bdrung> jbicha: if you write a script, you could share that with us
[19:43] <bdrung> [ACTION] jbicha to create a list of packages from the .modules files
[19:43] <meetingology> ACTION: jbicha to create a list of packages from the .modules files
[19:44] <bdrung> then let's way with voting after getting the list
[19:44] <bdrung> [TOPIC] Herton Ronaldo Krzesinski's application for upload rights for linux-* packages.
[19:44] <herton> o/
[19:45] <bdrung> [LINK] https://wiki.ubuntu.com/HertonKrzesinski/PerPackageUploaderApplication
[19:45] <bdrung> herton: can you introduce yourself?
[19:45] <herton> I'm Herton R. Krzesinski, I work with ubuntu kernel stable team, looking at the stable updates, tracking regressions, etc.
[19:47] <herton> I'm doing a lot of stable updates lately, so it seemed a good thing to get upload rights, instead of bugging Steve Conklin or Brad Figg to sponsor them (they also work/worked on the stable kernel stuff)
[19:48] <sconklin> +1 - sponsoring Herton's uploads has become very boring in the last six months
[19:49] <bdrung> herton: are you involved in the community outside of the kernel area?
[19:51] <herton> not at the moment. I have been in UDS, talked with some people, but my are of expertise is more kernel, so I'm more interacting with community in the bug reports about it
[19:51] <micahg> herton: the earliest upload I see is at the beginning of June, is there evidence of earlier uploads?
[19:52] <bdrung> herton: you criticise the political structure inside the project. Does this criticism applies only for getting upload rights or are there other places, too?
[19:52] <herton> micahg: that sounds right, June is when I started pushing the ubuntu kernel updates
[19:54] <herton> bdrung: for a newcomer it's not very easy to understand everything at the start I think how to get involved, may be there is some improvements that could be done
[19:54] <micahg> herton: were you aware that we generally require 6 months of sustained contributions before granting upload rights?
[19:55] <bdrung> herton: did you started with contributing to the kernel package?
[19:56] <sconklin> Herton has been preparing kernels for longer than six months, and making contributions during that time. It's only that he's started actually doing uploads in the last 6 months
[19:57] <micahg> sconklin: in the Ubuntu kernel git tree?
[19:57] <sconklin> yes.
[19:57] <sconklin> looking for dates now
[19:57] <micahg> sconklin: I figured as much since he joined the team 10 months ago, but just wanted to be sure
[19:58] <micahg> er...9 months
[19:58] <cnd> micahg, I didn't know of any specific 6 months of work for PPU uploads
[19:58] <cnd> I thought that was for motu or more expansive sets
[19:58] <micahg> cnd: it's for membership in general not upload rights specifically
[19:59]  * micahg is worried bdrung's question got lost above
[19:59] <cnd> ok, maybe this is butting up against the ppu vs ubuntu membership thing mentioned last week
[19:59] <apw> i will point out that herton has been contributing to the kernle since 2009 though outside of ubuntu
[20:00] <bdrung> sconklin: do you have a link handy to one commit as prove?
[20:00] <herton> my first contribution to the ubuntu kernel was to bug https://bugs.launchpad.net/ubuntu/+source/linux/+bug/636091
[20:00] <tumbleweed> herton: I'm also interested in your comments about bureaucracy. I remember thinking that it was very bureaucratic before I got involved. But I can't remember quite where, and I wouldn't know what documentation needs changing
[20:00] <micahg> yep, noted in changelog for March
[20:01] <micahg> herton: thanks
[20:01] <sconklin> bdrung: no, I can't find it. Maybe I'm mistaken, but I can tell you he has contributed going back some time, as apw pointed out
[20:02] <bdrung> k
[20:02] <ogasawara> http://kernel.ubuntu.com/git?p=ubuntu/ubuntu-oneiric.git;a=commit;h=41d202d80e829c0a489119ad63d7ece08a9786da
[20:02] <ogasawara> ^^ he's actually been contributing since 2007
[20:02] <micahg> the bug that herton linked shows an upload where he was included in the changelog in March which IMHO is sufficient here
[20:03] <tgardner> commit 41d202d80e829c0a489119ad63d7ece08a9786da is July of 2007, the first of many
[20:03] <bdrung> herton: one of my questions got lost: did you start contributing to ubuntu by contributing to the kernel?
[20:03] <herton> tumbleweed: the wiki has a lot information scattered, it takes some time to read and understand all the membership process. May be a better description in one page of all memberships, a organization structure or picture could help
[20:03] <micahg> ogasawara: yes, but not to Ubuntu :), we were wondering about Ubuntu specific contributions
[20:03] <bdrung> e.g. can the bureaucracy come from the kernel package bureaucracy?
[20:04] <herton> bdrung: yes. In ubuntu I'm started contributing only with the kernel
[20:04] <tumbleweed> herton: yeah, we are planning on revamping that page
[20:05] <ogasawara> micahg: hrm, I'd consider a contribution to the upstream kernel a contribution to ubuntu as well since we do base all our bits on upstream
[20:05] <tumbleweed> ogasawara: sure, but that isn't related to Ubuntu membership
[20:06] <micahg> ogasawara: it's irrelevant in this case anyways, since he does have 6+ months of Ubuntu contribution
[20:06] <bdrung> ogasawara: contributing to an upstream project (here the kernel) doesn't grant you ubuntu membership
[20:07] <bdrung> i am wondering if we should have an other format for presenting the information than using a wiki
[20:08] <bdrung> a wiki tend to be not structured enough
[20:08] <geser> like?
[20:08] <tumbleweed> the packaging guide?
[20:09] <bdrung> that's the question.
[20:09] <stgraber> we're already past our allocated time for the DMB meeting, should we vote?
[20:09] <bdrung> k, let's vote.
[20:09] <bdrung> before vote: do we have a package set for the kernel?
[20:09] <apw> yes
[20:09] <micahg> http://people.canonical.com/~stgraber/package_sets/precise/kernel
[20:10] <stgraber> yes, we have a package set and associated team for the kernel
[20:10] <geser> IIRC they are the only one who can upload kernels (not sure if core-devs can do it or not)
[20:10] <stgraber> ouch, the uploaders part is a mess, yeah for LP bugs... /me goes to poke #launchpad to fix that one too
[20:11] <stgraber> geser: ubuntu-core-dev is part of ubuntu-kernel-uploaders
[20:11] <bdrung> [VOTE] Should Herton Ronaldo Krzesinski get upload rights for the kernel package set?
[20:11] <meetingology> Please vote on: Should Herton Ronaldo Krzesinski get upload rights for the kernel package set?
[20:11] <meetingology> Public votes can be registered by saying +1, +0 or -1 in channel, (private votes don't work yet, but when they do it will be by messaging the channel followed by +1/-1/+0 to me)
[20:11] <geser> +1
[20:11] <meetingology> +1 received from geser
[20:11] <tumbleweed> +1
[20:11] <meetingology> +1 received from tumbleweed
[20:11] <stgraber> +1
[20:11] <meetingology> +1 received from stgraber
[20:12] <bdrung> +1
[20:12] <meetingology> +1 received from bdrung
[20:12] <micahg> +0 I'm reluctant to give a +1 w/out a dev release sponsored upload
[20:12] <meetingology> +0 I'm reluctant to give a +1 w/out a dev release sponsored upload received from micahg
[20:12] <bdrung> [ENDVOTE]
[20:12] <meetingology> Voting ended on: Should Herton Ronaldo Krzesinski get upload rights for the kernel package set?
[20:12] <meetingology> Votes for:4 Votes against:0 Abstentions:1
[20:12] <meetingology> Motion carried
[20:13] <bdrung> herton: congrats
[20:13] <herton> thanks!
[20:13] <bdrung> should we end this meeting now and defer the remaining application to the next meeting?
[20:14] <tumbleweed> micahg: in the case of kernel packages, that doesn't concern me too much
[20:15] <micahg> tumbleweed: if not for the dev release, why are upload rights required?  kernel packages go through a PPA anyways
[20:15] <bdrung> SRUs need more care than -dev uploads
[20:15] <micahg> indeed
[20:16] <bdrung> anyone not having time to process the last applicant?
[20:16]  * tumbleweed has time
[20:16] <Laney> I don't think you should be considering components for packagesets
[20:17] <micahg> Laney: in this case where it's shadowing a seed based packageset, it makes sense IMHO
[20:17] <stgraber> bdrung: yeah, I think I have time for one more
[20:17] <Laney> no, it makes sense in relation to the other set
[20:18] <bdrung> [TOPIC] Stephen M. Webb's application for upload rights for the uTouch package set
[20:19] <bdrung> [LINK] https://wiki.ubuntu.com/StephenMWebb/DeveloperApplication
[20:19] <bdrung> bregma: can you introduce yourself?
[20:19] <bregma> sure
[20:20] <bregma> I'm a software developer, a member of the uTouch team developing touch-based sofwtare for Ubuntu
[20:20] <bregma> I also occasionally fix other unrelated bugs, for Ubuntu and Debian
[20:21] <bregma> I have also spent the better part of a decade packaging all kinds of software for other Debian-based distros
[20:23] <micahg> bregma: what makes you want to join a "cabal of cliquish members"
[20:23] <bdrung> bregma: do you have a debian qa page?
[20:23] <bregma> micahg, cliques are only a problem when you're not a member
[20:25] <micahg> well, some would say that just their existence would be problematic which I think "cliques" is something we try to shy away from in Ubuntu
[20:25] <bdrung> bregma: are you active on the ubuntu devel irc channels?
[20:25] <bregma> bdrung, from time to time
[20:26] <bregma> I mean, I'm usually on the channel, but rarely can answer anything before someone better able can
[20:26] <jbicha> if Ubuntu development appears to be "a very closed cabal of cliquish members", then we're doing something very wrong
[20:27] <bregma> yes
[20:27] <bdrung> bregma: can you give an example in which the ubuntu development appeared as a "closed cabal of cliquish members"
[20:27] <bregma> but I wrote that on a day I was frustrated
[20:28] <bregma> well, I asked on #ubuntu-devel what the best format to submit a bug was
[20:28] <bregma> and the answer was "it doesn't matter" from several responses
[20:28] <bregma> so I submitted a merge request to the ubuntu source package
[20:29] <bregma> and the immediate response from a maintainer was 'we don't do things that way"
[20:29] <bregma> I guess I should have gone back to change my develop application when i was less annoyed but I got busy with UDS and I forgot
[20:29] <bdrung> some prefer patches and other merge proposals
[20:30] <tumbleweed> naah, it's good to shed light on problems, that's why that's in the t emplate
[20:30] <bregma> I understand, but it does not mean it' does not appear like a shibboleth
[20:30] <bdrung> it's important to talk about problem.
[20:30]  * tumbleweed is guessing desktop team (which uses non-UDD bzr branches, but plans to migrate, from what I heard at UDS)
[20:30] <bregma> the docs and wiki are stymying
[20:30] <micahg> debcheckout can be your friend sometimes :-/
[20:31] <tumbleweed> and probably an enemy too :P
[20:31] <tumbleweed> bregma: hrm, how didyou get an @ubuntu.com address without membership?
[20:31]  * ajmitch still gets confused as to the 'right' way to do things as well, it's not like you're alone in that
[20:32] <bregma> I've since seen all the changes proposed to the developer application process and other processes, so I realize it's just hard to know what's not easy to learn if you're already on the inside
[20:32] <bregma> tumbleweed, the guys at Canonical gave it to me, I assume so uploads don;t balk
[20:33] <bdrung> are there other problematic areas beside getting the correct format of your contribution?
[20:33] <bregma> just the problem of trying to figure out how the whole system works... I am not a fan of wikis for finding information
[20:34] <bregma> I didn;t intend to sound like a grouch or anything
[20:35] <bregma> but a lot of my experience with figuring out how things works ends up with a "well, you just gotta know"
[20:35] <bdrung> you are not the only one who finds wikis sub-optimal for presenting information
[20:35] <micahg> bregma: any address is fine for a changelog entry (ubuntu.com preferred once earned)
[20:36] <bregma> as a long-time Unix developer, I'm used to having to know what the command is before I can find which command to use, c'est la vie
[20:36] <cnd> micahg, it's a lintian warning if it's not @ubuntu.com, IIRC
[20:36] <micahg> cnd: only if DEBEMAIL is set to an ubuntu dot come address
[20:36] <micahg> oops..ubuntu.com
[20:37] <cnd> hmm? DEBEMAIL is used for the changelog entry
[20:37] <bdrung> yes if you use dch
[20:37] <bregma> I do not believe I've used my ubuntu.com mail address for anything except mailing list subscriptions any way
[20:37] <bdrung> every question asked?
[20:38] <tumbleweed> bregma: I see you've touched packages outside the packageset you are applying for
[20:38] <tumbleweed> are you intending to apply for MOTU at some point?
[20:38] <bregma> some day
[20:38] <micahg> bregma: is there a reason you've only had one sponsor and therefore one endoresement?
[20:39] <micahg> *for the utouch stuff at least
[20:39] <tumbleweed> micahg: I've sponsored uploads for bregma too
[20:39] <micahg> tumbleweed: yes, but you haven't commented on the APP
[20:39] <micahg> even as a character witness
[20:39]  * tumbleweed tends to comment when asked. I was replying to "one sponsor"
[20:39] <cnd> micahg, for the utouch package set, the number of people available to sponsor is small
[20:40] <micahg> cnd: core devs can sponsor as can MOTUs depending on the package
[20:40] <bregma> I've had several sponsors, I just feel really uncomfortable asking for an endorsement
[20:40] <cnd> yes, I understand, it just seems like the criteria should be lower for ppu
[20:41] <bregma> there's room in Ubuntu for the less social, too
[20:41] <tumbleweed> heh
[20:41] <cnd> tbh, I'm tired of sponsoring bregma's uploads :)
[20:41] <cnd> he's quite capable
[20:42] <micahg> indeed, for one package I might agree, but for a set, I would think that there should be multiple people reviewing their work before agreeing
[20:42]  * tumbleweed sees that he had no problem's with bregma's uploads either (2 sponsorships). They were in perfect shape
[20:42] <tumbleweed> but I wouldn't endorse from two uploads
[20:42] <cnd> there's only one person who uploads utouch packages outside of abnormal cases
[20:42] <bdrung> tumbleweed: even for a package set?
[20:43] <micahg> bregma: right, but part of uploading is knowing when to ask others and being able to ask others is important
[20:43] <cnd> and that person endorses bregma to add to the pool :)
[20:45] <tumbleweed> bdrung: yeah, I'd probably have left a comment
[20:45] <bdrung> are we are ready to vote or do we need more time to discuss this topic?
[20:45] <tumbleweed> ready
[20:45]  * stgraber too
[20:45] <micahg> ready
[20:46] <bdrung> [VOTE] Should Stephen M. Webb get upload rights for the uTouch package set?
[20:46] <meetingology> Please vote on: Should Stephen M. Webb get upload rights for the uTouch package set?
[20:46] <meetingology> Public votes can be registered by saying +1, +0 or -1 in channel, (private votes don't work yet, but when they do it will be by messaging the channel followed by +1/-1/+0 to me)
[20:47] <tumbleweed> +1
[20:47] <meetingology> +1 received from tumbleweed
[20:48] <bdrung> +1 but more than one endorsement would be better
[20:48] <meetingology> +1 but more than one endorsement would be better received from bdrung
[20:48] <stgraber> +1
[20:48] <meetingology> +1 received from stgraber
[20:48] <geser> +1
[20:48] <meetingology> +1 received from geser
[20:48] <micahg> +0 the work itself seems fine and there have been no quick uploads subsequently to fix issues, but I'm concerned about communication with others, it's not just about being social, but about peer review as well, even comments by other sponsors would have been helpful
[20:48] <meetingology> +0 the work itself seems fine and there have been no quick uploads subsequently to fix issues, but I'm concerned about communication with others, it's not just about being social, but about peer review as well, even comments by other sponsors would have been helpful received from micahg
[20:49] <bdrung> [ENDVOTE]
[20:49] <meetingology> Voting ended on: Should Stephen M. Webb get upload rights for the uTouch package set?
[20:49] <meetingology> Votes for:4 Votes against:0 Abstentions:1
[20:49] <meetingology> Motion carried
[20:49] <bdrung> bregma: congrats.
[20:49] <micahg> bregma: congrats
[20:49] <cnd> thanks all!
[20:50] <bdrung> bregma: for your next application i recommend to take micahg's voting comment to heart
[20:50] <bregma> thank you
[20:50] <bdrung> #endmeeting
[20:50] <meetingology> Meeting ended Mon Nov  7 20:50:24 2011 UTC.
[20:50] <meetingology> Minutes:        http://ubottu.com/meetingology/logs/ubuntu-meeting/2011/ubuntu-meeting.2011-11-07-19.03.moin.txt
[20:50] <tumbleweed> welcome to the clique (hopefully) :)
[20:50] <tumbleweed> next chair?
[20:51] <bdrung> ups
[20:51] <micahg> alphabetical order :)
[20:51] <micahg> cody-somerville: wins
[20:51] <tumbleweed> I guess we also need to get some of our UDS discussion points into the agenda