[15:03] <tumbleweed> !dmb-ping
[15:03] <tumbleweed> I don't think we have anything to discuss?
[15:04] <Laney> hi
[15:04] <Laney> don't think so
[16:48] <mdeslaur> \o
[16:48] <tyhicks> hello
[16:48] <jdstrand> #startmeeting
[16:48] <meetingology> Meeting started Mon Sep 23 16:49:05 2013 UTC.  The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
[16:48] <meetingology> Available commands: #accept #accepted #action #agree #agreed #chair #commands #endmeeting #endvote #halp #help #idea #info #link #lurk #meetingname #meetingtopic #nick #progress #rejected #replay #restrictlogs #save #startmeeting #subtopic #topic #unchair #undo #unlurk #vote #voters #votesrequired
[16:48] <jdstrand> The meeting agenda can be found at:
[16:48] <jdstrand> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
[16:49] <jdstrand> [TOPIC] Weekly stand-up report
[16:49] <jdstrand> I'll go first
[16:49] <jdstrand> I'm on community this week
[16:50] <jdstrand> over the past couple weeks I've been going through all the policy groups, finding the SDK APIs and writing policy for them. they should all be written now, except sensors
[16:50] <jdstrand> sensors is blocked because apps that use the recommended api crash. I filed a bug on that
[16:50] <jdstrand> there is also some discussions that need to happen around friends
[16:51] <jdstrand> so I'll do that this week
[16:51] <jdstrand> I have a couple of smallish work items as well
[16:51] <jdstrand> and need to followup on various appstore reivews topics/tests
[16:51] <jdstrand> following up on application-confinement bugs and adjusting policy as they are fixed
[16:52] <jdstrand> I'm hoping I will get to some pending updates this week
[16:52] <jdstrand> mdeslaur: you're up
[16:52] <mdeslaur> I'm in the happy place this week
[16:52] <mdeslaur> I'm currently testing a couple of updates which I'll release either this afternoon or tomorrow
[16:52] <mdeslaur> I have a few more to test this week, and then will continue going down the list
[16:53] <mdeslaur> I also have an improvement to do for the upstart apparmor stanza to simplify upstart jobs for confined applications
[16:53] <mdeslaur> It's a trivial change, I should be testing it this afternoon and uploading it soon
[16:53] <mdeslaur> that's it from me
[16:53] <mdeslaur> sbeattie: you're up
[16:54] <jdstrand> mdeslaur: please don't upload without discussing in #ubuntu-ci-eng
[16:54] <mdeslaur> #ubuntu-ci-eng?
[16:54] <jdstrand> yes-- the Landings discussion on ue-leads
[16:55] <sbeattie> I'm on apparmor again this week, focused on testing improvements and trying to get things off of jjohansen's plate.
[16:55] <jdstrand> everything is supposed to go through the landings team
[16:55]  * sbeattie pauses
[16:55] <mdeslaur> oh, huh
[16:56] <jdstrand> mdeslaur: we can discuss outside of the meeting if needed
[16:56] <jdstrand> sbeattie: feel free to go ahead (though I will ask what specific things you are hoping to take off of jj's plate this week)
[16:57]  * sbeattie resumes
[16:57] <sbeattie> I'm specifically focusing on ipc tests, and log parsing messages around ipc
[16:57] <sbeattie> as well as picking up other random bits that come up.
[16:58] <sbeattie> I'm hoping to sync up with tyhicks on the state of the c++-ification patches, so that we can finish landing them this week
[16:58] <sbeattie> and that's pretty much it for me.
[16:59] <sbeattie> tyhicks: you're up
[16:59] <tyhicks> I've been catching up on last week's email that came in while I was at Plumbers/LSS
[16:59] <tyhicks> As sbeattie mentioned, I still need to go through the apparmor list and the review/commit the latest C++ patches
[16:59] <tyhicks> My focus for the first part of this week will be apparmor/dbus bug squashing (bugs 1226141, 1226356, and 1229280)
[17:00] <tyhicks> Then I'll either pick up some IPC work or look into kdbus, depending on which is deemed higher priority
[17:00] <tyhicks> JJ and I talked to gregkh about kdbus last week
[17:00] <tyhicks> I need to look into it very soon to make sure we can continue mediating messages the same way we are doing with dbus-daemon today
[17:00] <tyhicks> In the current kdbus patches, it sounds like the kernel may be lacking some context (path, interface, method) that we need
[17:00] <tyhicks> Also, we talked with SELinux and Smack folks that have an interest in working together to make sure the appropriate LSM hooks are in place
[17:01] <tyhicks> that's it for me
[17:01] <tyhicks> chrisccoulson: I think you're up since jj and seth are out
[17:01] <chrisccoulson> hi :)
[17:01] <chrisccoulson> i'm still working on implementing automated test cases for oxide
[17:02] <chrisccoulson> i've been finding quite a few bugs as i add them :)
[17:02] <chrisccoulson> particularly because we restart all of the chromium bits inbetween each test, without restarting the test binary
[17:02] <jdstrand> tyhicks: re "correct LSM hooks are in place" you were again referring to kdbus?
[17:02] <chrisccoulson> i'm currently debugging a crash because of that
[17:02] <tyhicks> jdstrand: correct
[17:03] <tyhicks> (right now, LSM hooks are not present in kdbus)
[17:03] <jdstrand> eek
[17:04] <jdstrand> chrisccoulson: nice :)
[17:04] <tyhicks> but we're jumping in early enough to handle that
[17:04] <jdstrand> chrisccoulson: did I mention that people will hopefully start contacting you to help you soonish?
[17:04] <chrisccoulson> jdstrand, no, but that's good :)
[17:04] <jdstrand> yes :)
[17:05] <chrisccoulson> i'm hoping i'll have got test coverage for all of the current API by then, and then there will be no excuses for people not to write tests :)
[17:05] <jdstrand> it came up in the webapps confinement discussion. I think they said the end of this month-- but it might be after release-- few weeks anyway :)
[17:05] <chrisccoulson> yeah, it should all be in pretty good shape by then
[17:06] <chrisccoulson> has anybody else tried building it yet?
[17:06] <chrisccoulson> (i still need to write some instructions actually)
[17:06]  * jdstrand nods
[17:07] <jdstrand> chrisccoulson: did you have anything else to report?
[17:07] <chrisccoulson> jdstrand, no, i think that's it from me
[17:07] <jdstrand> thanks
[17:07] <jdstrand> jj and seth are out today
[17:07] <jdstrand> [TOPIC] Highlighted packages
[17:07] <jdstrand> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
[17:07] <jdstrand> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
[17:07] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/libspring-java.html
[17:08] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/socat.html
[17:08] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/glusterfs.html
[17:08] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/gallery2.html
[17:08] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/pktstat.html
[17:08] <jdstrand> [TOPIC] Miscellaneous and Questions
[17:08] <jdstrand> Does anyone have any other questions or items to discuss?
[17:22] <jdstrand> mdeslaur, sbeattie, tyhicks, chrisccoulson: thanks!
[17:22] <jdstrand> #endmeeting
[17:22] <meetingology> Meeting ended Mon Sep 23 17:23:05 2013 UTC.
[17:22] <meetingology> Minutes (wiki):        http://ubottu.com/meetingology/logs/ubuntu-meeting/2013/ubuntu-meeting.2013-09-23-16.49.moin.txt
[17:22] <meetingology> Minutes (html):        http://ubottu.com/meetingology/logs/ubuntu-meeting/2013/ubuntu-meeting.2013-09-23-16.49.html
[17:22] <mdeslaur> thanks jdstrand!
[17:23] <sbeattie> jdstrand: thanks!