[15:00]  * barry waves
[15:06]  * tumbleweed is here to chair a DMB meeting, if we do one
[15:06] <tumbleweed> but it sounds like we have nothing to dicuss
[15:06] <tumbleweed> https://wiki.ubuntu.com/DeveloperMembershipBoard/Agenda
[15:06] <barry> i'm happy skipping it
[16:31] <jdstrand> hi!
[16:31] <jdstrand> #startmeeting
[16:31] <meetingology> Meeting started Mon Aug 26 16:32:03 2013 UTC.  The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
[16:31] <meetingology> Available commands: #accept #accepted #action #agree #agreed #chair #commands #endmeeting #endvote #halp #help #idea #info #link #lurk #meetingname #meetingtopic #nick #progress #rejected #replay #restrictlogs #save #startmeeting #subtopic #topic #unchair #undo #unlurk #vote #voters #votesrequired
[16:31] <jdstrand> The meeting agenda can be found at:
[16:31] <jdstrand> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
[16:33] <jdstrand> [TOPIC] Weekly stand-up report
[16:33] <jdstrand> I'll go first
[16:33] <jdstrand> I'm on triage this week
[16:33] <jdstrand> I have several pending updates I'm working on
[16:34] <jdstrand> I plan to test/sponsor tyhicks' saucy uploads this week
[16:34] <jdstrand> I have a couple of august work items to do
[16:34] <jdstrand> and participate in vUDS
[16:34] <jdstrand> mdeslaur is not here today. sbeattie, you're up
[16:35] <sbeattie> I'm again working on apparmor testing this week, looking at IPC issues
[16:35] <sbeattie> I need to review work items, and make sure I don't have anything outstanding
[16:35] <sbeattie> as well as attend vUDS.
[16:36] <sbeattie> that's it for me, tyhicks?
[16:36] <jdstrand> sbeattie: how is the IPC testing going?
[16:36] <sbeattie> slow
[16:36] <sbeattie> making progress but slow.
[16:37] <jdstrand> sbeattie: you have one work item for august that I left for you. please focus on IPC
[16:37] <sbeattie> jdstrand: okay, will do
[16:37] <tyhicks> sbeattie: are you writing tests? if so, do you plan on incorporating the simplified socketpair() testcase that I wrote last week?
[16:37] <tyhicks> (or should I do that?)
[16:37] <jdstrand> sbeattie: it is the device-specific accesses. I may try to do soemthing with that, but will likely want to discuss it with you
[16:37] <sbeattie> tyhicks: yeah, I can take that.
[16:37] <jdstrand> might just postpone the work item. we'll see
[16:38] <jdstrand> tyhicks: please proceed
[16:38] <jdstrand> (with your status update)
[16:38] <tyhicks> I'll be handing jdstrand a couple debdiffs and test results for saucy uploads this morning
[16:39] <jdstrand> \o/
[16:39] <tyhicks> there's still one known bug in dbus, around how we're handling eavesdropping, I'll be working on fixing this this week
[16:40] <tyhicks> then I'll probably take a look at the 'update apparmor_parser to add v3 open rules to v2 policy' work item
[16:41] <tyhicks> I also need to spend a little time getting ecryptfs ready for the next merge window
[16:41] <jdstrand> tyhicks: so, you addressed the dbus rules in abstractions issue with the tools?
[16:41] <tyhicks> and I need to test jj's fix for a socketpair() labeling bug that I came across last week
[16:41] <tyhicks> jdstrand: yes - I need to send that patch out to the list
[16:42] <tyhicks> jdstrand: apparmor - 2.8.0-0ubuntu24+dbusdev4 contains the fix
[16:43] <jdstrand> tyhicks: iirc, there were some test-dbus.py failures. is that the socketpair() issue?
[16:44] <tyhicks> jdstrand: that was one issue
[16:44] <jdstrand> ok, let's back up
[16:44] <tyhicks> ok
[16:44] <jdstrand> tyhicks: you are going to give me pacakges to upload. it sounds like there are bugs that are known to exist. what are they?
[16:45] <tyhicks> jdstrand: the known bug remaining is around eavesdropping
[16:45] <tyhicks> jdstrand: when we grant permissions in policy, we imply some permissions
[16:46] <tyhicks> jdstrand: so when you have permission to send a message, you implicitly have permissions to receive a method_return or error message from the peer that you can send a message to
[16:46] <tyhicks> jdstrand: our short-circuit code in dbus to allow the method_return or error messages to slip through is too loose
[16:47] <jdstrand> I see
[16:47] <tyhicks> jdstrand: it also allows eavesdroppers to see those messages
[16:47] <jdstrand> so no problem uploading to saucy. we'll just fix that in the next upload
[16:47] <tyhicks> exactly
[16:47] <tyhicks> the only time that someone would see it is if they used dbus-monitor
[16:48] <tyhicks> it is a very important bug to fix, but it doesn't affect day to day use
[16:48] <jdstrand> yes
[16:48] <jdstrand> tyhicks: ok, I'm done. please proceed :)
[16:48] <tyhicks> I think that's it for me
[16:48] <tyhicks> jjohansen: you're up
[16:49] <jjohansen> I'm working on apparmor this week, specifically the ipc work items
[16:50] <jdstrand> tyhicks: btw, after we upload to saucy, can you file a bug on the eavesdropping issue?
[16:50] <tyhicks> jdstrand: yes
[16:51] <jdstrand> jjohansen: sorry for interrupting
[16:52] <jjohansen> jdstrand: heh thats fine
[16:53]  * jjohansen will coordinate with tyhicks and sbeattie to get more testing of a couple of fixes I pushed out last week
[16:53] <jjohansen> I'll dump a bunch of kernel and parser patches for sarnold to review
[16:55] <jjohansen> hrmmm, I have some compatibility patches to update for 3.10, and 3.11 but some how I don't think I will get to that this week
[16:56] <jjohansen> to preempt jdstrand's question on how ipc is going, its slow once I get a major crash bug fixed we should be able to start playing with several parts of it this week
[16:57] <jdstrand> well, I wasn't going to ask this week-- you only worked last friday :)
[16:57] <jjohansen> that is other people can start playing with
[16:57] <jdstrand> jjohansen: but thanks! that sounds agreat :)
[16:57] <jjohansen> oh? I did?
[16:57] <jdstrand> jjohansen: ok, I was only aware that you worked one day last week
[16:58] <jdstrand> jjohansen is a sneaky one
[16:58] <jjohansen> vacation was last week? sigh that is so depressing
[16:58] <sarnold> take two they're small
[16:59] <jjohansen> alright so it feels like Its been a few weeks since vacation, anyways thats it for me sarnold your up
[16:59] <sarnold> I'm on community this week
[17:00] <sarnold> I'm also on MIR duty this week, I'm the blocker for six or seven audits.
[17:01] <sarnold> and I've got an apparmor parser patch to prepare for SRU for precise, the features buffer size problem -- and I'm curious if I should prepare packages for all releases or just precise, which is the current problem for kernel team preparing saucy-on-precise LTS kernels..
[17:01] <jjohansen> sarnold: precise is the important one
[17:02] <sarnold> jjohansen: okay, sounds good to me :)
[17:02] <sarnold> will any saucy-kernel installed on precise poke the problem?
[17:02] <jjohansen> sarnold: if you find yourself without something to do poking the other releases would be nice
[17:03] <jjohansen> sarnold: yes it will
[17:03] <sarnold> jjohansen: oh I don't think I'll be in that position this week, feature freeze is soon and I owe a lot of people ACKs or NACKs on MIRs..
[17:03] <sarnold> jjohansen: cool. thanks :)
[17:04] <jjohansen> err, that is any saucy kernel after the alpha4 apparmor sync, so all future saucy kernels
[17:05] <sarnold> jjohansen: would e.g.  3.11.0-3.8 do the job?
[17:06] <jjohansen> sarnold: yes that kernel will cause things to fail nicely
[17:06] <sarnold> jjohansen: woot! \o/
[17:07] <sarnold> okay, I think that's me finished, and chrisccoulson has time'd out, so jdstrand, back to you
[17:13] <jdstrand> thanks, sorry, got pulled aside
[17:13] <jdstrand> [TOPIC] Highlighted packages
[17:13] <jdstrand> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
[17:13] <jdstrand> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
[17:14] <jdstrand> normally at this point I would provide a list of packages, but python-apt broke UCT so I don't have them atm.
[17:14] <jdstrand> I will update https://wiki.ubuntu.com/SecurityTeam/HighlightedPackages once I fix that
[17:14] <jdstrand> [TOPIC] Miscellaneous and Questions
[17:14] <jdstrand> Does anyone have any other questions or items to discuss?
[17:24] <jdstrand> sbeattie, tyhicks, jjohansen, sarnold: thanks!
[17:24] <jdstrand> #endmeeting
[17:24] <meetingology> Meeting ended Mon Aug 26 17:24:46 2013 UTC.
[17:24] <meetingology> Minutes (wiki):        http://ubottu.com/meetingology/logs/ubuntu-meeting/2013/ubuntu-meeting.2013-08-26-16.32.moin.txt
[17:24] <meetingology> Minutes (html):        http://ubottu.com/meetingology/logs/ubuntu-meeting/2013/ubuntu-meeting.2013-08-26-16.32.html
[17:24] <tyhicks> thanks!
[17:24] <jjohansen> thanks jdstrand
[17:24] <sarnold> thanks jdstrand! :)
[17:25] <sbeattie> thanks, jdstrand
[19:59] <soren> o/
[20:00]  * soren checks calendar
[20:01] <soren> https://wiki.ubuntu.com/TechnicalBoardAgenda is fairly out-of-date (very likely my fault), but today should be a meeting day.
[20:27] <stgraber> soren: 2013-08-05 + 2 weeks == 2013-08-19 (last week) + 2 weeks == 2013-09-02 (next week)
[20:40] <soren> stgraber: Your arithmetic is impeccable.
[20:40] <soren> stgraber: Unlike mine.