=== bdrung_ is now known as bdrung === ikonia_ is now known as ikonia === lhave is now known as lhavelund === davmor2_ is now known as davmor2 === ghostcube_ is now known as ghostcube === greyback is now known as greyback|food === greyback|food is now known as greyback === mzanetti is now known as mzanetti|food === mzanetti|food is now known as mzanetti [15:03] !dmb-ping [15:03] bdrung, ScottK, Laney, micahg, barry, tumbleweed, stgraber: DMB ping [15:03] I don't think we have anything to discuss? [15:04] hi [15:04] don't think so [16:48] \o [16:48] hello [16:48] #startmeeting [16:48] Meeting started Mon Sep 23 16:49:05 2013 UTC. The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology. [16:48] Available commands: #accept #accepted #action #agree #agreed #chair #commands #endmeeting #endvote #halp #help #idea #info #link #lurk #meetingname #meetingtopic #nick #progress #rejected #replay #restrictlogs #save #startmeeting #subtopic #topic #unchair #undo #unlurk #vote #voters #votesrequired [16:48] The meeting agenda can be found at: [16:48] [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting [16:49] [TOPIC] Weekly stand-up report === meetingology changed the topic of #ubuntu-meeting to: Weekly stand-up report [16:49] I'll go first [16:49] I'm on community this week [16:50] over the past couple weeks I've been going through all the policy groups, finding the SDK APIs and writing policy for them. they should all be written now, except sensors [16:50] sensors is blocked because apps that use the recommended api crash. I filed a bug on that [16:50] there is also some discussions that need to happen around friends [16:51] so I'll do that this week [16:51] I have a couple of smallish work items as well [16:51] and need to followup on various appstore reivews topics/tests [16:51] following up on application-confinement bugs and adjusting policy as they are fixed [16:52] I'm hoping I will get to some pending updates this week [16:52] mdeslaur: you're up [16:52] I'm in the happy place this week [16:52] I'm currently testing a couple of updates which I'll release either this afternoon or tomorrow [16:52] I have a few more to test this week, and then will continue going down the list [16:53] I also have an improvement to do for the upstart apparmor stanza to simplify upstart jobs for confined applications [16:53] It's a trivial change, I should be testing it this afternoon and uploading it soon [16:53] that's it from me [16:53] sbeattie: you're up [16:54] mdeslaur: please don't upload without discussing in #ubuntu-ci-eng [16:54] #ubuntu-ci-eng? [16:54] yes-- the Landings discussion on ue-leads [16:55] I'm on apparmor again this week, focused on testing improvements and trying to get things off of jjohansen's plate. [16:55] everything is supposed to go through the landings team [16:55] * sbeattie pauses [16:55] oh, huh [16:56] mdeslaur: we can discuss outside of the meeting if needed [16:56] sbeattie: feel free to go ahead (though I will ask what specific things you are hoping to take off of jj's plate this week) [16:57] * sbeattie resumes [16:57] I'm specifically focusing on ipc tests, and log parsing messages around ipc [16:57] as well as picking up other random bits that come up. [16:58] I'm hoping to sync up with tyhicks on the state of the c++-ification patches, so that we can finish landing them this week [16:58] and that's pretty much it for me. [16:59] tyhicks: you're up [16:59] I've been catching up on last week's email that came in while I was at Plumbers/LSS [16:59] As sbeattie mentioned, I still need to go through the apparmor list and the review/commit the latest C++ patches [16:59] My focus for the first part of this week will be apparmor/dbus bug squashing (bugs 1226141, 1226356, and 1229280) [16:59] bug 1226356 in apparmor (Ubuntu Saucy) "explicit deny rules do not silence logging denials" [Medium,Triaged] https://launchpad.net/bugs/1226356 [16:59] bug 1226141 in evince (Ubuntu) "evince reports apparmor denials" [High,Triaged] https://launchpad.net/bugs/1226141 [17:00] Then I'll either pick up some IPC work or look into kdbus, depending on which is deemed higher priority [17:00] JJ and I talked to gregkh about kdbus last week [17:00] I need to look into it very soon to make sure we can continue mediating messages the same way we are doing with dbus-daemon today [17:00] In the current kdbus patches, it sounds like the kernel may be lacking some context (path, interface, method) that we need [17:00] Also, we talked with SELinux and Smack folks that have an interest in working together to make sure the appropriate LSM hooks are in place [17:01] that's it for me [17:01] chrisccoulson: I think you're up since jj and seth are out [17:01] hi :) [17:01] i'm still working on implementing automated test cases for oxide [17:02] i've been finding quite a few bugs as i add them :) [17:02] particularly because we restart all of the chromium bits inbetween each test, without restarting the test binary [17:02] tyhicks: re "correct LSM hooks are in place" you were again referring to kdbus? [17:02] i'm currently debugging a crash because of that [17:02] jdstrand: correct [17:03] (right now, LSM hooks are not present in kdbus) [17:03] eek [17:04] chrisccoulson: nice :) [17:04] but we're jumping in early enough to handle that [17:04] chrisccoulson: did I mention that people will hopefully start contacting you to help you soonish? [17:04] jdstrand, no, but that's good :) [17:04] yes :) [17:05] i'm hoping i'll have got test coverage for all of the current API by then, and then there will be no excuses for people not to write tests :) [17:05] it came up in the webapps confinement discussion. I think they said the end of this month-- but it might be after release-- few weeks anyway :) [17:05] yeah, it should all be in pretty good shape by then [17:06] has anybody else tried building it yet? [17:06] (i still need to write some instructions actually) [17:06] * jdstrand nods [17:07] chrisccoulson: did you have anything else to report? [17:07] jdstrand, no, i think that's it from me [17:07] thanks [17:07] jj and seth are out today [17:07] [TOPIC] Highlighted packages === meetingology changed the topic of #ubuntu-meeting to: Highlighted packages [17:07] The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. [17:07] See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. [17:07] http://people.canonical.com/~ubuntu-security/cve/pkg/libspring-java.html [17:08] http://people.canonical.com/~ubuntu-security/cve/pkg/socat.html [17:08] http://people.canonical.com/~ubuntu-security/cve/pkg/glusterfs.html [17:08] http://people.canonical.com/~ubuntu-security/cve/pkg/gallery2.html [17:08] http://people.canonical.com/~ubuntu-security/cve/pkg/pktstat.html [17:08] [TOPIC] Miscellaneous and Questions === meetingology changed the topic of #ubuntu-meeting to: Miscellaneous and Questions [17:08] Does anyone have any other questions or items to discuss? [17:22] mdeslaur, sbeattie, tyhicks, chrisccoulson: thanks! [17:22] #endmeeting === meetingology changed the topic of #ubuntu-meeting to: Ubuntu Meeting Grounds | Calendar/Scheduled meetings: http://fridge.ubuntu.com/calendar | Logs: https://wiki.ubuntu.com/MeetingLogs | Meetingology documentation: https://wiki.ubuntu.com/meetingology [17:22] Meeting ended Mon Sep 23 17:23:05 2013 UTC. [17:22] Minutes (wiki): http://ubottu.com/meetingology/logs/ubuntu-meeting/2013/ubuntu-meeting.2013-09-23-16.49.moin.txt [17:22] Minutes (html): http://ubottu.com/meetingology/logs/ubuntu-meeting/2013/ubuntu-meeting.2013-09-23-16.49.html [17:22] thanks jdstrand! [17:23] jdstrand: thanks! === freeflying is now known as freeflying_away === freeflying_away is now known as freeflying