[18:11] <jdstrand> hi!
[18:12] <jdstrand> #startmeeting
[18:12] <meetingology> Meeting started Mon Feb  6 18:12:15 2012 UTC.  The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
[18:12] <meetingology> Available commands: #accept #accepted #action #agree #agreed #chair #commands #endmeeting #endvote #halp #help #idea #info #link #lurk #meetingname #meetingtopic #nick #progress #rejected #replay #restrictlogs #save #startmeeting #subtopic #topic #unchair #undo #unlurk #vote #voters #votesrequired
[18:12] <tyhicks> hello!
[18:12] <mdeslaur> \o
[18:12] <jdstrand> The meeting agenda can be found at:
[18:12] <jdstrand> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
[18:12] <jdstrand> [TOPIC] Announcements
[18:12] <jjohansen> \o
[18:12] <jdstrand> FeatureFreeze is coming in a less than two weeks (February 16th). Please try to finish any non-bugfix work items that are tied to the release by this date. Please talk to mdeslaur (and optionally me) soon if there are issues meeting this deadline. This is particularly true for essential and high priority items.
[18:12] <jdstrand> Thanks:
[18:13] <jdstrand> Leo Iannacone (l3on) provided debdiffs for natty and oneiric for usbmuxd (LP: #919435)
[18:13] <jdstrand> Your work is very much appreciated and will keep Ubuntu users secure. Great job! :)
[18:13] <jdstrand> [TOPIC] Review of any previous action items
[18:13] <jdstrand> ACTION: sbeattie to follow up on qrt bugs from QA team
[18:13] <sbeattie> oh gack, I still haven't responded to the QART bugs on that.
[18:14]  * jdstrand keeps it as an action for now
[18:14] <jdstrand> [TOPIC] Weekly stand-up report
[18:14] <jdstrand> I'll go first
[18:14] <jdstrand> so, for some reason, I have quite a few meetings this week
[18:15] <jdstrand> and out of them is coming significant work surrounding the partner archive and secure boot
[18:15] <jdstrand> so, I am going to be tied up with these things quite a bit
[18:15] <jdstrand> I managed to get mostly caught up with archive admin duties over the weekend
[18:16] <jdstrand> but MIR audits are lagging behind
[18:16] <jdstrand> I may need help with those. I'll ask if I do
[18:16] <jdstrand> I also have a couple of work items I'd like to finish up. hopefully I will be able to
[18:16] <jdstrand> mdeslaur: you're up
[18:17] <mdeslaur> I'm on triage this week
[18:17] <mdeslaur> this morning, I've released python-httplib2 backports to -proposed
[18:18] <mdeslaur> these packages add ssl certificate validation to the versions that were in lucid-natty
[18:18] <mdeslaur> and improve the ssl cert validation in oneiric
[18:18] <mdeslaur> the update should be seamless, but if anyone has stuff that uses python-httplib2, it would be good to make sure everything works as expected before they get released
[18:19] <mdeslaur> If tomcat6 testing goes well, I'll be releasing that this week or possibly next
[18:19] <mdeslaur> and I'll be doing down the cve list to pick up some new updates to work on
[18:19] <mdeslaur> that's it from me
[18:19] <mdeslaur> sbeattie: you're next
[18:19] <sbeattie> I'm in the happy place this week.
[18:20] <sbeattie> I'm currently testing openssl as well as working on php and glibc updates.
[18:20] <sbeattie> I also need to review my work items
[18:20] <sbeattie> I think that's it for me
[18:20] <sbeattie> micahg: tag
[18:20] <mdeslaur> sbeattie: you have two bugs that are milestoned, when do you think you'll be getting to them?
[18:21] <sbeattie> mdeslaur: after I get out from under these updates is my plan.
[18:21] <mdeslaur> sbeattie: ok, cool
[18:21] <mdeslaur> sbeattie: those are three nasty updates you've got there :)
[18:22] <micahg> I'm finishing updates from last week (Thunderbird, xulrunner), might have to push through an icedtea update due to a bad interaction between firefox 10 and icedtea, we're considering doing the Thunderbird rapid release migration during the Thunderbird 10 time frame due to the extra testing efforts upstream that went into the ESR prep (we're not using the ESR)
[18:23] <micahg> if we go ahead with this, those builds will be in -proposed later this week or early next week
[18:23] <jdstrand> micahg: what is the deciding factor?
[18:24] <micahg> jdstrand: umm, just availability I think
[18:24] <micahg> i.e. we don't have more important things to do right now
[18:24] <jdstrand> micahg: ok. perhaps you and mdeslaur can discuss that after this meeting
[18:25] <micahg> ok, sounds good
[18:25] <micahg> also, I'm planning to merge ca-certificates from Debian before feature freeze
[18:26] <micahg> and time permitting, work on the webkit migration in the stable releases to 1.6
[18:26] <micahg> that's it for me, tyhicks?
[18:26] <tyhicks> I'm in the community role this week
[18:27] <tyhicks> I'm currently trying to get bug 926292 triaged
[18:27] <tyhicks> Once that is done, I'll go back to my ruby1.8 update and begin testing this week
[18:28] <tyhicks> I think the only work item that I need to complete before feature freeze is getting a daily build ppa set up for ecryptfs-utils
[18:28] <jdstrand> tyhicks: re 926292> huh, that is from seb128? I thought it failed on the buildds without ecryptfs. interesting
[18:29] <tyhicks> jdstrand: Yeah, that's the one from seb128
[18:29] <mdeslaur> tyhicks: so, what's the status on ecryptfs on precise, and on previous releases?
[18:29] <tyhicks> If it failed on the buildds w/o eCryptfs, I missed that
[18:29] <tyhicks> I'll look back at the logs
[18:29] <mdeslaur> tyhicks: are there any outstanding bugs that should be milestones so we track them properly?
[18:29] <jdstrand> tyhicks: it might be worth asking about...
[18:29] <tyhicks> mdeslaur: I feel really good about eCryptfs on precise
[18:30] <mdeslaur> tyhicks: is the automake bug the only one right now?
[18:30] <tyhicks> mdeslaur: Nope - one more bug that I need to fix
[18:30]  * tyhicks looks up the number
[18:30] <tyhicks> bug 842647
[18:31] <mdeslaur> tyhicks: ok, I'll milestone those two to precise
[18:31] <tyhicks> thanks mdeslaur
[18:31] <tyhicks> I think that's it for me
[18:32] <tyhicks> jjohansen: you're up
[18:32] <jjohansen> I need to get the mount and associated rules out and in review and testing this week.  Then I will go back and roll a new version of the dentry patch for Bug #925028.  After that it will be getting all the patches marshalled for a pull request, and then maybe looking at a limited implicit labeling patch more.
[18:34] <jjohansen> I think thats it from me
[18:34] <jdstrand> [TOPIC] Highlighted packages
[18:34] <jdstrand> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
[18:34] <jdstrand> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
[18:34] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/gnome-shell.html
[18:34] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/wxwidgets2.6.html
[18:34] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/atop.html
[18:34] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/vdr.html
[18:34] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/kolabd.html
[18:35] <jdstrand> [TOPIC] Miscellaneous and Questions
[18:35] <jdstrand> Does anyone have any other questions or items to discuss?
[18:38] <jdstrand> mdeslaur, sbeattie, micahg, tyhicks, jjohansen: thanks!
[18:38] <jdstrand> #endmeeting
[18:38] <meetingology> Meeting ended Mon Feb  6 18:38:21 2012 UTC.
[18:38] <meetingology> Minutes:        http://ubottu.com/meetingology/logs/ubuntu-meeting/2012/ubuntu-meeting.2012-02-06-18.12.moin.txt
[18:38] <mdeslaur> thanks jdstrand
[18:38] <micahg> thanks jdstrand
[18:38] <tyhicks> thanks!
[18:39] <sbeattie> jdstrand: thanks!
[18:39] <jdstrand> np
[20:56] <mdz> soren, here
[20:57]  * pitti waves good evening
[20:57] <kees> \o
[20:57]  * stgraber waves
[20:59] <highvoltage> howdy
[21:00] <soren> pitti: Oh, you're here. I missed that.
[21:00] <soren> So we're missing..
[21:00] <soren> Colin and..
[21:00] <stgraber> I think that's it
[21:00] <soren> Oh, right. I'm here.
[21:00] <soren> Heh
[21:00] <kees> :P
[21:01] <stgraber> apparently you're
[21:01] <soren> #startmeeting
[21:01] <meetingology> Meeting started Mon Feb  6 21:01:01 2012 UTC.  The chair is soren. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
[21:01] <meetingology> Available commands: #accept #accepted #action #agree #agreed #chair #commands #endmeeting #endvote #halp #help #idea #info #link #lurk #meetingname #meetingtopic #nick #progress #rejected #replay #restrictlogs #save #startmeeting #subtopic #topic #unchair #undo #unlurk #vote #voters #votesrequired
[21:01] <soren> #topic action review
[21:01] <pitti> btw, Laney said that he probably cannot make it
[21:01] <soren> Heh* stgraber
[21:01] <soren>  ** stgraber to harmonize the DMB expiring dates  (extend bdrung to 2013-02-13 and micah, tumbleweed and then the two new members to 2014-02-13)
[21:01] <soren> #startmeeting[B[B
[21:01] <meetingology> soren: Error: Can't start another meeting, one is in progress.
[21:01] <pitti> but I think we are aware of his topics
[21:02] <soren> stgraber: You did that, right?
[21:02] <stgraber> right, all the DMB changes have been done
[21:02] <soren> Awesome.
[21:02] <soren> kees to perform brainstorm review
[21:02] <kees> I suck!
[21:02] <soren> kees: At least you're consistent :)
[21:02] <kees> :)
[21:02] <soren> #action kees to perform brainstorm review
[21:02] <meetingology> ACTION: kees to perform brainstorm review
[21:02] <soren> stgraber to de-activate Emmet Hikory's membership in the DMB as he's still MIA. DONE
[21:02] <soren> Great.
[21:03] <soren> #topic Is Partner a part of Ubuntu? -- IainLane
[21:03] <soren> https://lists.ubuntu.com/archives/technical-board/2012-January/001177.html
[21:03] <pitti> wrt. brainstorm, I think at this point it makes more sense to just drop this one and do March one
[21:03] <soren> #link https://lists.ubuntu.com/archives/technical-board/2012-January/001177.html
[21:03] <pitti> (sorry for lag)
[21:03] <soren> Does anyone want to present this subject?
[21:04] <pitti> is anyone not familiar with the discussion and needs some time to catch up/explanations?
[21:04] <soren> I'm not sure what we're meant to decide.
[21:04] <pitti> there was some back and forth, mostly between Mark who has always considered Partner a part of Ubuntu, and some developers who never considered it to be
[21:04] <sabdfl> hi all
[21:04] <pitti> hey sabdfl
[21:05] <mdz> I think perhaps part of the confusion is over what is meant by "part of Ubuntu"
[21:05] <pitti> TBH I'm less worried about the mere terminology; what is and isn't "Ubuntu" certainly canot be proved or disproved, it's a matter of definition
[21:05] <mdz> particularly with the word "Ubuntu" being overloaded
[21:06] <pitti> so perhaps we should talk more about the policy/procedures
[21:06] <mdz> (community, project, product, package repository, ISO, etc.)
[21:06] <pitti> i. e. should Partner be subject to TB ruling, community involvement, or stay a pure Canonical project
[21:06] <kees> while I would like "ubuntu" to mean exclusively free software, we already have exceptions.
[21:06] <Laney> made it through the snow covered wastelands
[21:06] <pitti> hello Laney
[21:07] <highvoltage> hey Laney
[21:07] <pitti> sabdfl: did I understand you right that you would actually want more community involvement there?
[21:07] <sabdfl> Laney, sounds poetic :)
[21:08] <sabdfl> pitti, would be happy to facilitate
[21:08] <pitti> so far it has always been a canonical service on top of Ubuntu to me, to make it very easy for users to install popular software
[21:08] <highvoltage> pitti: it's easy to understand it that way if it's been defined like that *everywhere* ;)
[21:08] <sabdfl> pitti, yes, i think it was described that way, fair enough
[21:08] <soren> pitti: I feel (and have always felt) the same way.
[21:08] <Laney> I'm not so tied to the formulation of my two questions fwiw. I think we're pretty clear on what the discussion is about.
[21:09] <sabdfl> on community involvement
[21:10] <sabdfl> i hadn't realised there was interest in being able to engage there
[21:10] <Laney> I don't think anyone is in doubt that partner as it stands isn't "part of Ubuntu" as we want it, so we should figure out what we'd like to see to make it so, if that is the goal.
[21:10] <sabdfl> but since it was asked about, we should ask the folk who run the archive to make that possible
[21:10] <soren> Laney: I'm less sure. I think it's an interesting topic for sure, but I'm unclear how we can close this point on the agenda a way that's satisfactory to anyone.
[21:10] <Laney> I don't really know that there is interest.
[21:11] <sabdfl> stepping back a little
[21:11] <pitti> argh, DSL reconnect; I lost the previous conversation, and probably you didn't see my ramblings
[21:11] <sabdfl> ubuntu is unusual in that it tries to bring balance across some areas of tension
[21:11] <sabdfl> for example, between company and community
[21:11] <stgraber> pitti: last from you: 21:08 < pitti> so far it has always been a canonical service on top of Ubuntu to me, to make it very easy for users to install popular software
[21:12] <sabdfl> it's easy, if you live on only one side of that fence, to snipe at the other side
[21:12] <pitti> so far it has always been a canonical service on top of Ubuntu to me, to make it very easy for users to install popular software
[21:12] <pitti> and I have some doubts whether we'd do Canonical or the Ubuntu community a favor by trying to push partner under Ubuntu packaging and other policies
[21:12] <pitti> that might restrict Canonical in what it's doing with it, and we could never make it even remotely adhere to Ubuntu standards
[21:12] <pitti> (free software, minimal SRUs, freezes, etc.), as this kind of software just doesn't work like that
[21:12] <sabdfl> but we try to bring both together, in an appropriate way
[21:12] <sabdfl> recognizing that end users want clarity and principles, and also want working results
[21:13] <sabdfl> in pitti's list (free software) is a good example, since we created restricted at the outset, and multiverse not long after
[21:13] <sabdfl> i often see folk claiming ubuntu stands for just on part of the whole
[21:13] <sabdfl> but to me, it's the whole that makes it really interesting
[21:13] <sabdfl> now, we do have clear lines
[21:13] <pitti> "interesting" for sure
[21:14] <sabdfl> we haven't put proprietary userspace apps in the cd, afaict
[21:14] <sabdfl> just drivers
[21:14] <pitti> I actually haven't seen any reply that considered partner a bad or irrelevant service
[21:14] <sabdfl> pitti, then the question is: how does the Ubuntu project want to deliver those bits to its users?
[21:15] <pitti> I wasn't actually sure what the question was here :)
[21:15] <highvoltage> http://www.canonical.com/about-ubuntu
[21:15] <sabdfl> because (a) it needs to answer that, and (b) the answer will describe what it means for those bits to be 'in Ubuntu'
[21:15] <highvoltage> "But best of all, Ubuntu is and always will be absolutely free."
[21:15] <highvoltage> what exactly does "Ubuntu is and always will be absolutely free" mean?
[21:15] <sabdfl> highvoltage, that refers to price
[21:15] <pitti> sabdfl: hm, the current integration into software-center seems quite nice to me? have there been any complaints?
[21:15] <highvoltage> hmm, interesting :/
[21:16] <Laney> I don't think the project has had any problem with how partner is implemented currently
[21:16] <sabdfl> pitti, i'm sure there were eyebrows raised in some quarters :)
[21:16] <pitti> I had the impression the discussion revolved more about definitions and who can drive it
[21:16] <sabdfl> perhaps the term 'enemy of freedom' was bandied about in certain tea parties
[21:16] <Laney> the project as led by the TB, at least.
[21:16] <sabdfl> highvoltage, what did you think restricted was?
[21:16] <mdz> the question arose because of remixing, right?
[21:17] <mdz> maybe we should discuss in that context
[21:17] <sabdfl> Laney, the TB has a mandate to lead technical processes, supervise developers, set technical direction etc
[21:17] <sabdfl> i forget the wording
[21:17] <sabdfl> this is not, technically, a matter for the TB ;-)
[21:17] <Laney> Whatever the precise mandate is, I don't see any push from inside the project to change how partner is delivered
[21:18] <highvoltage> sabdfl: restricted is at least a clearly noted exception that's documented from the very start
[21:18] <sabdfl> but since it was being discussed here, and since we have many folk here who contribute more than technically, I thought it would be worth engaging
[21:18] <sabdfl> highvoltage, yes. but it establishes that we understand the need to dance appropriately with proprietary software
[21:18] <sabdfl> and this conversation is thus appropriate
[21:19] <Laney> I think a good outcome of this would be to open partner up to (a) bug reporting and (b) patches to the packaging as far as it isn't currently
[21:19] <sabdfl> the question is, for our users, what do we want to do about things like vmware player?
[21:19] <sabdfl> Laney, +1
[21:19] <pitti> wrt. restricted, it's part of archive.ubuntu.com, and covered by the usual ubuntu-{,core-}dev privileges, SRU policy, etc.
[21:19] <pitti> none of which applies to partner
[21:19] <Laney> But there's a risk of removing its agility if you involve the community more
[21:19] <sabdfl> let's consider that historical
[21:19] <micahg> partner is already open for bug reporting (there are plenty open :))
[21:19] <Laney> ok
[21:19] <sabdfl> and ask what it would look like, if it were designed now
[21:20] <Laney> that was just something raised on list
[21:20] <pitti> (a) (bug reporting) should already be provided? cf. cjwatson's reply
[21:20] <sabdfl> yes, bug reporting is handled
[21:20] <popey> "handled" as in we have infratructure to report them
[21:20] <sabdfl> and i have no objections to figuring out how to take patches
[21:20] <popey> not "handled" in that anyone takes care of the bugs
[21:20] <sabdfl> and possibly even how to have an ITP type process inviting participation
[21:21] <sabdfl> *some* things will require NDA's from the ISV, and preclude that kind of pre-release discolsure
[21:21] <sabdfl> disclosure, even
[21:21] <pitti> those sound fine to me
[21:21] <sabdfl> but i don't know any examples
[21:21] <Laney> I actually think it is a great example of how Canonical and Ubuntu can work together, so it seems a little strange to me to see that it is desirable to make it a "part of Ubuntu", whatever that means
[21:21] <ajmitch> how does this differ from the commercial apps queue on developer.ubuntu.com now?
[21:21] <sabdfl> Laney, you get to the heart of my point
[21:21] <pitti> I'd just object against trying to crowbar partner into the ubuntu packaging/freeze/SRU policies, that's IMHO not going to fly
[21:21] <sabdfl> pitti, agreed
[21:22] <pitti> it seems much closer to extras.ubuntu.com to me
[21:22] <sabdfl> we have the same core issues with restricted and multiverse, though
[21:22] <sabdfl> i don't really know extras.u.c, tbh
[21:22] <popey> partner is not a lot different from any one of a number of PPAs we already have out there, it's just more integrated into USC
[21:22] <mdz> restricted and multiverse differ only in licensing
[21:22] <mdz> the rest of Ubuntu's policies and processes still apply
[21:22] <sabdfl> is that the ARB repo?
[21:23] <pitti> sabdfl: yes, that one
[21:23] <Laney> I'm not sure how the paid apps are delivered thusly
[21:23] <pitti> sabdfl: i. e. post-release apps added to s-c by third party devs
[21:23] <sabdfl> mdz, agreed, though i think 'integrated in the USC' is tantamount to 'we've put our stamp on it'
[21:23] <tumbleweed> sticking my nose in, the issue I raised in the private discussion was: Are we happy with an Ubuntu remix that dosen't have the "freedom to share it with anyone you like"?
[21:23] <sabdfl> so, perhaps belatedly, we should figure out how to do that to a standard that matches the stamp :)
[21:24] <pitti> tumbleweed: right, I think that question comes closest to the definition side of the word, and is very much unrelated to policies, upload privs, etc.
[21:24] <sabdfl> tumbleweed, hence remix, not edition, for sure
[21:24] <Laney> that is the second question I asked
[21:24] <beuno> I've had that email parked for reply for a while now, and I can't really see how this would be much different than what we have been doing up to now
[21:24] <pitti> #link https://wiki.ubuntu.com/ExtensionRepositoryPolicy
[21:24] <mdz> sabdfl, we present software to users in various ways, but it doesn't always mean the same thing
[21:24] <beuno> it's just a change in the way it's delivered
[21:25] <sabdfl> by way of background, the team originally did it as a derivative, tentatively called the Canonical Business Desktop, to which there were objections that it would set us on a course of having 'special bits'
[21:25] <sabdfl> which is definitely not a course we want to set
[21:25] <mdz> e.g. Ubuntu downloads third party software from various sources, which we enable, but on a kind of as-is basis
[21:25] <sabdfl> i asked that it be redone, as a pure remix
[21:25] <mdz> plugins, printer drivers, and the like
[21:25] <sabdfl> thinking that there would be far fewer objections to that, since anyone can do a remix
[21:25] <mdz> but this seems to be more a question of governance than of user experience or messaging
[21:26] <pitti> sabdfl: my question to this would be: do we want to allow anyone else than C to create a remix that includes partner, and perhaps even extras.u.c., and call it "Ubuntu"?
[21:26] <mdz> if the question is, who governs partner, the answer is unquestionably Canonical and not Ubuntu
[21:26] <soren> pitti: We can't, can we?
[21:26] <pitti> sabdfl: or should that be more like a Canonical prerogative/project?
[21:26] <sabdfl> pitti, i would have no objection
[21:26] <sabdfl> they would need distribution rights to the bits
[21:26] <mdz> soren, Canonical may be able to, but Ubuntu cannot
[21:26] <soren> pitti: Stuff in partner may only be distributable by Canonical.
[21:26] <mdz> depending on the terms
[21:26] <Laney> to me the word "remix" really doesn't imply endorsement from the project
[21:26] <soren> mdz: Exactly.
[21:26] <sabdfl> but we would not assert special rights to the parts we do, i.e. the packaging
[21:26] <pitti> sabdfl: right, I mean in the category of TM compliance/violation
[21:26] <Laney> quite the contrary infact
[21:27] <pitti> no, but in order to call it Ubuntu you need to satisfy the trademark restrictions
[21:27] <sabdfl> mdz, can you clarify why Ubuntu cannot?
[21:27] <sabdfl> in some senses, i understand
[21:27] <sabdfl> ubuntu can't countersign a license with the ISV
[21:27] <pitti> so if sabdfl wants "Ubuntu" to encompass partner, I see no reason to object
[21:28] <sabdfl> but in other senses, it can, in that we could ask TB to take a view on challenges presented in the packaging, for example
[21:28] <pitti> (again, only under a trademark POV; sorting out licenses is the business of the creator of that remix, of course)
[21:29] <sabdfl> pitti, if we consider partner as part of ubuntu, then vmware could use the package in there to do an Ubuntu VMWare Client Remix
[21:30] <Laney> http://www.ubuntu.com/aboutus/trademarkpolicy: "In general, a Remix can have applications from the Ubuntu archives added, or default applications removed, but removing or changing any infrastructure components (e.g., shared libraries or desktop components) will result in changes too large for the resulting product to be called by a Trademark"
[21:30] <sabdfl> and users would get exactly what they expect
[21:30] <sabdfl> same for, say, Citrix
[21:30] <pitti> sabdfl: yes, that was sort of my question, whether you would like the Ubuntu TM policy to allow that
[21:30] <soren> Shall we formally move on to the remix subject?
[21:30] <sabdfl> pitti, yes. that's what I *thought* it already said :)
[21:30] <pitti> because at that point it would go pretty far from "free/libre OS"
[21:30] <sabdfl> pitti, remixes can already include all of multiverse
[21:31] <pitti> sabdfl: right, it just seems rather counter-intuitive to us long-term ubuntu devs, so that takes a while to settle
[21:31] <soren> #topic Should the Ubuntu remix policy be relaxed to allow the use of non-Ubuntu components in remixes?
[21:31] <kees> I have trouble seeing how software that cannot be redistrubted by anyone but Canonical should be considered "part of Ubuntu".
[21:31] <soren> (calling it like it is)
[21:31] <micahg> multiverse is at least freely redistributable, just not necessarily modifyable
[21:31] <sabdfl> kees, separate distribution from redistribution
[21:31] <sabdfl> you can get permission to distribute anything in there, if you want it
[21:31] <sabdfl> then remix it
[21:32] <sabdfl> that's not something canonical forces, nor that ubuntu forces, it's a reality we need to deal with
[21:32] <sabdfl> we're having this conversation because i'd prefer that you *can* make a remix that has those bits in, rather than having Canonical be the only company which can do so
[21:33] <soren> What does "can" mean in this context?
[21:33] <sabdfl> again, a remix is in my mind what you can get to, or back from, using standard package management
[21:33] <kees> right, I'd like these remixes to be flexible. if a mirror can't be a mirror without seeking some sort of additional permissions, I don't think that should be under the Ubuntu umbrella.
[21:33] <sabdfl> which isn't *exactly* the same as USC, but close enough
[21:33] <sabdfl> kees, there we differ
[21:34] <sabdfl> mirrors can mirror what they can mirror
[21:34] <greg-g> soren: "can" if you go get the separate licensing agreements from the companies that Canonical has, no garauntee that you will.
[21:34] <sabdfl> Ubuntu should facilitate that, yes, but not penalise users because there are some bits which cannot be mirrored
[21:34] <sabdfl> greg-g, there are few guarantees of anything in life, beyond mortality ;)
[21:35] <micahg> partner licensing wouldn't affect a -desktop package in the archive that recommends partner apps
[21:35] <soren> greg-g: In that case the limitation on "can" must refer to "being allowed to name it 'ubuntu' something"?
[21:35] <kees> I don't ever want to see "I provided an Ubuntu mirror and Xyz Corp sued me"
[21:35] <sabdfl> kees, agreed. which is why we have a place for non-mirrorable bits
[21:35] <sabdfl> *must* have a place for non-mirrorable place
[21:35] <sabdfl> erk
[21:35] <sabdfl> bits
[21:36] <sabdfl> and why that place can't easily be in the archive / components / pockets
[21:36] <sabdfl> so, again, we promote those bits in the software centre; we implicitly stand by them
[21:37] <sabdfl> and if the TB thinks that the implementation is stinky, we should figure out how to address that
[21:37] <sabdfl> i make no claims of non-stinkiness, especially for old packages in partner
[21:37] <pitti> the TB actually did discuss and eventually approve https://wiki.ubuntu.com/ExtensionRepositoryPolicy
[21:38] <pitti> so as long as pacakges satisfy that minimal standard (both partner and ARB alike), there is a certain confidence that users can put into them
[21:38]  * kees nods
[21:38] <sabdfl> right
[21:38] <Laney> Can't we just allow remixes to include packages from extension repositories, and specify some way by which non-redistributility is to be indicated
[21:38] <sabdfl> that's very useful
[21:38] <Laney> ?
[21:38] <pitti> that's one point where Ubuntu institutions (TB in that case) can influence e. g. Partner
[21:38] <pitti> without totally pulling it under Ubuntu governance
[21:39] <pitti> sorry, "ubuntu" from a developer's POV here
[21:39] <pitti> (terminology...)
[21:39] <sabdfl> hmm... that looks like the TB has outlined a framework, within which those archives need to operate
[21:39] <sabdfl> so the task at hand is to make sure that partner (and the others) meet that standard
[21:40] <sabdfl> which i'm confident we can do
[21:40] <pitti> let's say it's a set of requirements that aims to say what a third-party package must look like to work on, and not break, the Ubuntu OS underneath it
[21:40] <sabdfl> the guys currently figuring this out are very good - mvo & co
[21:40] <mdz> sabdfl, (sorry, had to step away from my desk)
[21:40] <Laney> So (a) the TB can designate repositories to be extension repositories and (b) remixes can include sources from these so long as the repositories are following the policy
[21:40] <pitti> I'm not sure to what extend (B) can be enforced
[21:40] <mdz> I was saying that Ubuntu could not, without specific permission from Canonical and/or the original rights holder, remix with partner
[21:40] <sabdfl> and really, i'd like to ask the TB to trust them, and work with them, to do it right, even if the task isn't as much fresh air as, say, figuring out multiarch :)
[21:41] <Laney> well, the TB can take a look if concerns are raised to it
[21:41] <sabdfl> mdz, ok
[21:41] <mdz> that's the point, isn't it? that the software can't be distributed by Ubuntu, otherwise it would be in the Ubuntu repositories
[21:41] <ajmitch> Laney: that would exclude most PPAs without TB involvement?
[21:41] <sabdfl> if Canonical grants that right, under the remix guidelines which are essentially a wide trademark license subject to the constraint of using packages from those archives
[21:42] <Laney> correct, remixes can't have these anyway
[21:42] <sabdfl> then, it is only a matter for the ISV and the person doing the remix
[21:42] <sabdfl> PPA's can't go into remixes, because the namespace is not managed
[21:42] <sabdfl> a ppa package can overwrite a normal package
[21:42] <sabdfl> that would be a derivative
[21:43] <Laney> and (c) If a remix includes a non-freely-redistrutable component then it must indicate in some to-be-defined way the presence of this so that people wishing to mirror or derive know that they must seek additional licenses
[21:43] <sabdfl> to me, https://wiki.ubuntu.com/ExtensionRepositoryPolicy suggests we've already answered this question, setting standards for those archives
[21:43] <pitti> right, the extras policy avoids that possibility of overwriting
[21:44] <sabdfl> Laney, we don't publish the remix in a way that standard mirroring would pick it up
[21:44] <sabdfl> so as to avoid inadvertent issues for the mirrors
[21:44] <Laney> sabdfl: right, any mirroring
[21:44] <sabdfl> you could warez it, but there wouldn't be much point :)
[21:44] <Laney> just something that people working with these remixes need to be aware of
[21:44] <pitti> right, I wouldn't like these to be on cdimage.u.c. or releases.u.c. anywhere
[21:44] <soren> We seem to be converging. Anyone care to sum up? Laney?
[21:44] <pitti> for the same reason why archive.c.c shouldn't be
[21:45] <pitti> (expectancy that *.ubuntu.com is redistributable and mostly FOSS, as www.u.c. advertises)
[21:45] <Laney> soren: I gave my (a) (b) and (c) that I think would be reasonable
[21:45] <sabdfl> pitti, right, they can't be on those sites, because of mirroring
[21:45] <Laney> you guys should decide what you think about that, or something else
[21:45] <sabdfl> Laney, (a) bug reports, (b) packaging patches, (c) ?
[21:45] <Laney> no, those are just nice wishlists for partner to have (although a is done)
[21:46] <pitti> so for Laney's (a), I don't think the TB should "designate" extension repos
[21:46] <soren> So (a) the TB can designate repositories to be extension repositories and (b) remixes can include sources from these so long as the repositories are following the policy (c) If a remix includes a non-freely-redistrutable component then it must indicate in some to-be-defined way the presence of this so that people wishing to mirror or  derive know that they must seek additional licenses
[21:46] <sabdfl> ah
[21:46] <Laney> I don't know what is currently done
[21:46] <pitti> Laney: I'd like to modify your (a) to say "TB can define what an extension repo must look like"
[21:46] <sabdfl> any mirror needs to satisfy themselves as to (c) as good practice
[21:46] <Laney> did you say "extras is an extension reposotory" when that was created?
[21:47] <Laney> the list of three repositories in the first paragraph of ExtensionRepositoryPolicy
[21:47] <pitti> yes, unlike partner we had that policy discussion before extras.u.c. was opened
[21:47] <Laney> "This policy applies to software published through one of the extension repositories Extras, Partner, and Commercial"
[21:47] <Laney> so I guess you already have (a)
[21:48] <soren> Lovely.
[21:48] <pitti> right; I (mis?)understood "designate" as "actively bless"
[21:48] <pitti> "define" would perhaps be clearer
[21:48] <Laney> I am saying that there is a canonical list of extension repositories, and that Ubuntu Remixes can include packages from those.
[21:48] <wendar> pitti: aye, or "recognize"
[21:49] <soren> Ok, so shall we move to vote on: "Remixes can include sources from these so long as the repositories are following ExtensionRepositoryPolicy"?
[21:49] <soren> (running low on time)
[21:49] <sabdfl> +1
[21:49] <soren> #vote Remixes can include sources from these so long as the repositories are following ExtensionRepositoryPolicy
[21:49] <meetingology> Please vote on: Remixes can include sources from these so long as the repositories are following ExtensionRepositoryPolicy
[21:49] <meetingology> Public votes can be registered by saying +1, +0 or -1 in channel, (private votes don't work yet, but when they do it will be by messaging the channel followed by +1/-1/+0 to me)
[21:49] <sabdfl> +1
[21:49] <meetingology> +1 received from sabdfl
[21:49] <Laney> these → extension repositories as defined in https://wiki.ubuntu.com/ExtensionRepositoryPolicy
[21:49] <Laney> s/defined/your btetter word/
[21:50] <mdz> soren, sorry, what does "these" refer to specifically?
[21:50] <pitti> "these" == extras, partner, commercial ?
[21:50] <pitti> i. e. a specific subset?
[21:50] <pitti> it seems a bit lax to say "any archive which adheres to above policy
[21:50] <Laney> I think it should be dynamic and refer to the wiki page, so it's easily updated.
[21:50] <pitti> then "Ubuntu" would be quite meaningless
[21:51] <Laney> The wiki page should be the canonical list of extension repositories
[21:51] <soren> Sorry, I skimmed that page and thought it gave a list.
[21:51] <Laney> modified only by decision of the TB
[21:51] <Laney> it does
[21:51] <pitti> if "these" == "list on above wiki page", it sounds fine to me
[21:51] <wendar> sensible that any new repositories that what to be recognized would approach the TB to be added to that page.
[21:51] <soren> Oh, yes, it does.
[21:51] <sabdfl> +1 to requiring TB approval
[21:51] <meetingology> +1 to requiring TB approval received from sabdfl
[21:52] <stgraber> +1 [Remixes can include packages from the extension repositories listed on https://wiki.ubuntu.com/ExtensionRepositoryPolicy (additions to that list need to be approved by the TB)]
[21:52] <meetingology> +1 [Remixes can include packages from the extension repositories listed on https://wiki.ubuntu.com/ExtensionRepositoryPolicy (additions to that list need to be approved by the TB)] received from stgraber
[21:52] <pitti> +1 then
[21:52] <meetingology> +1 then received from pitti
[21:52] <gekker> thank you gentlemen of the board, this is very good guidance
[21:52] <soren> +1
[21:52] <meetingology> +1 received from soren
[21:52] <pitti> (based on sabdfl's +1, as I think it's pretty much his choice what "ubuntu" is :) )
[21:52] <mdz> +1, what stgraber said
[21:52] <meetingology> +1, what stgraber said received from mdz
[21:52]  * pitti wonders how meetingology adds these up
[21:52]  * soren lost count
[21:52] <soren> kees?
[21:53] <kees> +1
[21:53] <meetingology> +1 received from kees
[21:53] <soren> #endvote
[21:53] <meetingology> Voting ended on: Remixes can include sources from these so long as the repositories are following ExtensionRepositoryPolicy
[21:53] <meetingology> Votes for:6 Votes against:0 Abstentions:0
[21:53] <meetingology> Motion carried
[21:53] <soren> Yay.
[21:53] <micahg> pitti: I'd guess by an abacus on the backend :)
[21:53] <soren> #topic Review copyright file placement for Ubuntu ARB apps (currently installed under /opt, should probably be under the usual location).
[21:53] <soren> highvoltage: .
[21:53] <highvoltage> right!
[21:54] <sabdfl> i should say thanks to the TB retroactively for the extension repo policy, it's very clear and addresses this nicely
[21:54] <highvoltage> ARB apps currently require that the copyright file is installed under /opt
[21:54] <Laney> (I think the remix trademark policy needs to specify some standard for documenting non-freely-redistrutable stuff, but maybe I'll take it to list)
[21:54] <Laney> (good decision, thanks)
[21:54] <highvoltage> imho there's very little reason why it can't go under /usr/share/doc/$packagename like all the other packages
[21:55] <pitti> also, a link to the "Ubuntu" trademark policy couldn't hurt, whereever that lives these days
[21:55] <mdz> highvoltage, refresh my memory please, is $packagename already required to be non-overlapping with Ubuntu proper?
[21:55] <ajmitch> the package name is going to have to be unique
[21:55] <highvoltage> (should I hold on a bit longer for the remix discussions?)
[21:55] <stgraber> right, /usr/share/doc/<package name> is already namespaced, so there can't be conflict between ARB and regular package there as otherwise you'd have a package name conflict too
[21:55] <Laney> someone needs an action to get the trademark policy fixed
[21:55] <pitti> mdz: yes
[21:55] <Laney> sorry, /me goes awy
[21:55] <highvoltage> mdz: yes
[21:55] <mdz> I don't see a problem with it then
[21:56] <soren> mdz: Even if not, there couldn't possible be overlap on individual systems.
[21:56] <soren> *possibly
[21:56] <pitti> mdz: in fact, that's the first requirement
[21:56] <stgraber> it's really just a small clarification to the ARB policy I asked highvoltage to send to the TB for approval anyway. I didn't think it'd be covered by the generic namespace exception I proposed a few meetings ago
[21:56] <kees> seems fine, almost better, to have it in /usr/hsare/doc/$pkg
[21:56] <highvoltage> I think it would be good to have it somewhere predictable, and if someone wants to use some auditing tools for licensing (even if it's toy ones like the rms script) then at least it will still work
[21:56] <pitti> kees: hm, I disagree
[21:56] <pitti> if the whole package lives in /opt/<name>, so should the doc and copyright IMHO
[21:57] <pitti> but I don't have a strong opinion either way
[21:57] <stgraber> I also think it's going to possibly fix a few tools expecting to find the changelog/copyright file in /usr/share/doc/<package> and not /opt/extras.ubuntu.com/<package>/doc/
[21:57] <soren> I think /usr/share/doc makes sense. I like the assumption that any package dpkg knows about has its copyright file in the same place.
[21:58] <highvoltage> (I don't have much more to say on the issue)
[21:58] <ajmitch> shoudl an exception apply to anything under /usr/share/doc/package, or just copyright/changelog?
[21:58] <kees> pitti: there isn't a need to keep the contents isolated to a single root path because we have a package manager. putting things in /opt keeps it out of PATH if needed. re-using the common documentation path seems correct to me.
[21:58] <pitti> kees: ok, fair enough
[21:58] <soren> Does anyone want further discussion, or should we vote?
[21:58] <stgraber> ajmitch: I'd go with anything usually found under /usr/share/doc/<package>, I definitely don't want apps to start putting non-standard stuff there
[21:59] <stgraber> ajmitch: so having changelog, copyright, upstream changelog, possibly some examples sounds reasonable, anything else definitely shouldn't (as it shouldn't in the archive anyway)
[21:59] <ajmitch> stgraber: right, I'm just thinking of the usual README & example files
[21:59] <pitti> soren: nothing from me
[21:59] <soren> #vote Copyright files for ARB apps should reside in /usr/share/doc/<packagename>/copyright even though the rest of the package's files are in /opt
[21:59] <meetingology> Please vote on: Copyright files for ARB apps should reside in /usr/share/doc/<packagename>/copyright even though the rest of the package's files are in /opt
[21:59] <meetingology> Public votes can be registered by saying +1, +0 or -1 in channel, (private votes don't work yet, but when they do it will be by messaging the channel followed by +1/-1/+0 to me)
[21:59] <kees> +1
[21:59] <meetingology> +1 received from kees
[21:59] <soren> +1
[21:59] <meetingology> +1 received from soren
[21:59] <pitti> 0
[21:59] <meetingology> 0 received from pitti
[22:00] <mdz> +1
[22:00] <meetingology> +1 received from mdz
[22:00] <mdz> pitti, nice that meetingology understands that zero is unsigned :-)
[22:00] <soren> stgraber: ?
[22:00] <stgraber> +1 [applies to any file in /usr/share/doc/<package name>/ that'd normally be allowed in the archive, that's at least changelog, copyright, upstream changelog, possibly some readme and examples]
[22:00] <meetingology> +1 [applies to any file in /usr/share/doc/<package name>/ that'd normally be allowed in the archive, that's at least changelog, copyright, upstream changelog, possibly some readme and examples] received from stgraber
[22:00] <pitti> mdz: yes, I refuse to say "plus zero" :)
[22:01] <pitti> 0~
[22:01] <meetingology> 0~ received from pitti
[22:01] <soren> #endvote
[22:01] <meetingology> Voting ended on: Copyright files for ARB apps should reside in /usr/share/doc/<packagename>/copyright even though the rest of the package's files are in /opt
[22:01] <meetingology> Votes for:4 Votes against:0 Abstentions:1
[22:01] <meetingology> Motion carried
[22:01] <pitti> . o O { meetingology hacking }
[22:01] <soren> Laney raised a good point: Someone needs an action item to adjust the trademark policy for the remixes. Who can do that?
[22:01] <sabdfl> you mean fix the website, or draft the text?
[22:01] <sabdfl> i can get the policy amended, especially if you have specific text to add
[22:01] <sabdfl> and can get it on the website, given the URL to amend
[22:02] <sabdfl> thanks all
[22:02] <soren> Draft the text, I guess. Getting it changed should be a matter of filing a bug and waiting :)
[22:02] <sabdfl> let's go with Laney's amended text?
[22:02] <Laney> I didn't suggest precise wording, but I think I'm going to work with wendar on this
[22:02] <Laney> We'll CC the TB
[22:02] <sabdfl> ok, feel free to CC me
[22:02] <sabdfl> ok
[22:03] <soren> #action Laney and wendar to get trademark policy updated wrt remixes
[22:03] <meetingology> ACTION: Laney and wendar to get trademark policy updated wrt remixes
[22:03] <soren> AOB real quick? Chair for next meeting?
[22:03] <soren> #topic AOB
[22:03] <pitti> lexicographically that would be stgraber?
[22:03] <soren> WEll, he filled in for me last time.
[22:04] <soren> So Colin's next, I guess.
[22:04] <pitti> so, back to the top then, Colin?
[22:04] <soren> Alright, then.
[22:04] <soren> Ok, great. Thanks everyone, and sorry it ran late.
[22:04] <stgraber> thanks!
[22:04] <soren> #endmeeting
[22:04] <meetingology> Meeting ended Mon Feb  6 22:04:54 2012 UTC.
[22:04] <meetingology> Minutes:        http://ubottu.com/meetingology/logs/ubuntu-meeting/2012/ubuntu-meeting.2012-02-06-21.01.moin.txt
[22:05] <AlanBell> sabdfl: there are very few stinky old packages in partner, things don't get dragged forward to new releases, so anything stinky is a stinky new package. Things going missing is, in itself, a bit stinky.
[22:05] <pitti> thanks everyone!
[22:05] <AlanBell> pitti: meetingology counts votes once per person, but you can change your vote as many times as you like before #endvote is called, it uses the last thing you said. I have no idea what it thought 0~ meant.
[22:05] <AlanBell> micahg: yes, it is an abacus.
[22:05] <micahg> hehe
[22:05] <pitti> AlanBell: "~" has a special meaning in Debian/ubuntu package versions
[22:05] <pitti> it was really just a joke
[22:06] <pitti> AlanBell: for dpkg, "0~" is rathehr interesting, as it's smaller than 0, but not negative :)
[22:06] <soren> It's roughly equal to 0-ε.
[22:06] <soren> Although, that would be negative, I guess.
[22:06] <pitti> right
[22:07] <pitti> I don't think 0~ can be expressed with any mathematical model of real numbers
[22:07] <soren> I think I must insist that 0~ is negative, too. Otherwise my head will explode :)
[22:07] <AlanBell> it looks at the first two characters and sees if it is something it is expecting, I am surprised it looked like it accepted 0~
[22:08] <pitti> AlanBell: nah, it just accepted the "0" and ignored the rest, I figure
[22:08] <pitti> I just really like "0~" because it's a nice brain teaser
[22:08] <pitti> anyway, bed time
[22:08] <pitti> soren: well, if it is, it's smaller than any negative number
[22:09]  * AlanBell will have to go read the code in a sec
[22:09]  * pitti waves good night
[22:11] <soren> o/
[22:11] <kees> thanks soren!
[22:58]  * cielak is away: Busy/Away