[16:34] <mdeslaur> \o
[16:34] <jdstrand> hi!
[16:34]  * sbeattie waves hello
[16:34] <jjohansen1> o/
[16:35] <tyhicks> hello
[16:35] <jdstrand> #startmeeting
[16:35] <meetingology> Meeting started Mon Mar 24 16:35:28 2014 UTC.  The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
[16:35] <meetingology> Available commands: action commands idea info link nick
[16:35] <jdstrand> The meeting agenda can be found at:
[16:35] <jdstrand> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
[16:35] <jdstrand> [TOPIC] Announcements
[16:36] <jdstrand> I'm happy to announce I just booted into the ipc kernel and apparmor userspace that is available in the dbus-dev ppa (it is in that ppa for historical reasons, there are no dbus changes)
[16:36] <jdstrand> :)
[16:36] <jdstrand> [TOPIC] Weekly stand-up report
[16:36] <jdstrand> I'll go first
[16:37] <jdstrand> so, as mentioned, I am running the ipc kernel and userspace. I plan to continue running it and report issues, feed information back to the team, etc
[16:38] <jdstrand> I have to look into golang a bit and comment in its MIR (related to juju-core)
[16:38] <jdstrand> oxide-qt will be uploaded to the archive soon, and I'll help with that as I can
[16:39] <chrisccoulson> hi :)
[16:39] <jdstrand> I have a couple of action items related to webbrowser-app/webapp-container moving to oxide that I will work on
[16:39] <jdstrand> chrisccoulson: hi!
[16:40] <jdstrand> ScopesConfinement discussions have continued. I'm not sure I'll have more this week on that, but will be thinking about it for a meeting with the scopes team next week
[16:40] <jdstrand> I have several embargoed items
[16:41] <jdstrand> I'm on triage and will do updates if I can
[16:41] <jdstrand> mdeslaur: you're up
[16:42] <mdeslaur> I'm on community this week
[16:42] <mdeslaur> I have a bunch of updates to test
[16:42] <mdeslaur> I'm about to push out ca-certificates updates for our stable releases
[16:42] <mdeslaur> and also an initramfs-tools update to fix /run being mounted without noexec
[16:42] <mdeslaur> and apache2
[16:43] <mdeslaur> If I have any time pending those, I'll be going down the CVE list, as usual
[16:43] <mdeslaur> that's it for me, sbeattie?
[16:43] <sbeattie> I'm on apparmor this week
[16:44] <sbeattie> I too am focused on testing the ipc kernel and userspace
[16:44] <mdeslaur> is the ipc userspace pretty much done now?
[16:44] <jjohansen1> no
[16:44] <mdeslaur> I seem to recall discussion of syntax changes
[16:45] <jjohansen1> right, very limited discussion on that happened
[16:45] <jjohansen1> thats one of the things that needs to happen
[16:45] <sbeattie> yeah, I'll look at that as well
[16:45] <sbeattie> as part of testing
[16:45] <jdstrand> I will probably be able to respond too now that I am starting to profile some things
[16:45] <mdeslaur> jjohansen1: the userspace changes only affect userspace, right?
[16:46] <jdstrand> aiui, really just the discussion needs to happen. once it does, the changes are trivial
[16:46] <jjohansen1> mdeslaur: yes
[16:46] <mdeslaur> jjohansen1: ok, cool
[16:48] <sbeattie> anyway, I'm also monitoring fallout from the apparmor userspace upload from last week (though tyhicks got tagged with the lxc issue that was raised)
[16:48] <sbeattie> and that's pretty much it for me.
[16:48] <sbeattie> tyhicks: you're up
[16:48] <tyhicks> I'm working on LXC regressions in AppArmor (LP: #1296459, LP: #1295774)
[16:48] <mdeslaur> tyhicks: any quick idea what could be the cause?
[16:49] <tyhicks> the dfa generation for mount rules changed and it looks like some permissions are missing in the dfa
[16:49] <tyhicks> mdeslaur: ^
[16:49] <mdeslaur> ok
[16:49] <tyhicks> it also looks like the mount.sh regression test is busted and exits early
[16:49] <tyhicks> I'll fix that, too
[16:49] <tyhicks> after that I'll help with AppArmor work items, as needed
[16:49] <tyhicks> that's it for me
[16:50] <tyhicks> jjohansen1: you're up
[16:50]  * jjohansen1 is working on apparmor again this week
[16:50] <jdstrand> tyhicks: fyi, that could be considered as a separate uploading depending on the timing of things. if so, we could roll in the aa.py fixes
[16:50]  * tyhicks nods
[16:50] <jdstrand> s/uploading/upload/
[16:51]  * jjohansen1 is working on more ipc revisions to apparmor
[16:51] <jjohansen1> and will be coordinating with sbeattie, tyhicks, ...
[16:52] <mdeslaur> jjohansen1: what's the current status...have you managed to wrangle some of the bugs you had last week?
[16:52] <sbeattie> jdstrand: there's other bits to pull in as well as aa.py fixes, some of the testsuite fixes address issues that show up on arm/ppc64el
[16:52] <jjohansen1> mdeslaur: they are a work in progress, so not done
[16:53] <mdeslaur> cool
[16:53] <jjohansen1> so I am still working on the bugs from last week, and turned up a few more and fixed those
[16:54] <jjohansen1> I think that is it from me sarnold, your up
[16:55] <sarnold> I'm in the happy place this week, which means working on MIRs, which will make some people very happy indeed :)  I've got juju-core, glusterfs, schroot, and strongswan to review and I don't think they're all doable this week, but I aim to make progress on them :)
[16:55] <sarnold> if there's a new apparmor upload in the works I may do that one again, to keep those neurons fresh and try to take work from jjohansen1 and sbeattie
[16:56] <sarnold> it depends upon how much effort the brain-dumps would take, I guess
[16:56] <jdstrand> tyhicks may be able to help there. let's be flexible
[16:56] <sarnold> oh okay
[16:56] <tyhicks> we'll decide on the fly
[16:56] <jdstrand> sarnold: (and thanks for offering, we might need it)
[16:56] <sarnold> I think that's it for me, chrisccoulson, your turn :)
[16:57] <chrisccoulson> i'm just about to upload oxide to the archive :)
[16:57] <jdstrand> \o/
[16:57] <jdstrand> huge milestone-- great job :)
[16:57] <chrisccoulson> and then i've got a bunch of reviews that i need to get through for webapps
[16:57] <chrisccoulson> other than that, it's business as usual :)
[16:57] <chrisccoulson> did everyone see the blog posts?
[16:57] <mdeslaur> chrisccoulson: congrats!
[16:58] <jdstrand> chrisccoulson: was there another recent one beyond http://www.chriscoulson.me.uk/blog/?p=242?
[16:58] <jdstrand> I know of that and http://www.chriscoulson.me.uk/blog/?p=196
[16:58] <sarnold> chrisccoulson: heh, I saw the one about oxide running on raw egl, no display managers...
[16:58] <chrisccoulson> jdstrand, http://www.chriscoulson.me.uk/blog/?p=251
[17:00] <mdeslaur> chrisccoulson: nice
[17:02] <ScottK> o/
[17:02] <mdeslaur> hi ScottK!
[17:02] <ScottK> You might want to consider promoting clamav 0.98.1 from backports to updates or security/updates.  0.97.8 is not able to use all the current virus definitions and so there's a capability/security gap there if people aren't using backports.
[17:02] <ScottK> I think both upstream and the packaging are in a pretty stable place ATM.
[17:03] <jdstrand> chrisccoulson: ah, nice!
[17:03] <mdeslaur> ScottK: oh, cool. Is there a bug open about this?
[17:03] <ScottK> No.
[17:04] <ScottK> I can open one if you want, I thought it was worth a discussion first.
[17:04] <ScottK> There's no CVE's the force it, but I think we're at a point where it would be smart.
[17:05] <mdeslaur> ScottK: I think it definitely makes sense if the engine can't parse all the signatures...is there a link somewhere upstream where that is mentioned
[17:05] <mdeslaur> ?
[17:05] <ScottK> I suspect it's in the changelog.
[17:05] <ScottK> Let me look.
[17:06] <mdeslaur> ScottK: if you could please open a bug with a link, and assign it to me, I'll take care of it
[17:06] <ScottK> OK.
[17:06] <ScottK> I don't immediately see it in the Changelog, it may take reading the code.
[17:07] <ScottK> (there's a variable that gets bumped.
[17:07] <ScottK> Also there's on access scanning now that works with our kernel.
[17:07] <ScottK> Other goodness too.
[17:10] <mdeslaur> jdstrand: I think we're done?
[17:10] <jdstrand> can this be taken to the bug or is there more discussin needed here?
[17:10] <jdstrand> ok
[17:10] <jdstrand> [TOPIC] Highlighted packages
[17:10] <jdstrand> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
[17:10] <jdstrand> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
[17:10] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/php-radius.html
[17:10] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/gamera.html
[17:10] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/offlineimap.html
[17:10] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/banshee.html
[17:10] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/python-scipy.html
[17:10] <jdstrand> [TOPIC] Miscellaneous and Questions
[17:10] <jdstrand> Does anyone have any other questions or items to discuss?
[17:11] <ScottK> jdstrand: Working on the bug now.
[17:16] <jdstrand> mdeslaur, sbeattie, tyhicks, jjohansen1, sarnold, chrisccoulson, ScottK: thanks
[17:16] <jdstrand> #endmeeting
[17:16] <meetingology> Meeting ended Mon Mar 24 17:17:00 2014 UTC.
[17:16] <meetingology> Minutes:        http://ubottu.com/meetingology/logs/ubuntu-meeting/2014/ubuntu-meeting.2014-03-24-16.35.moin.txt
[17:16] <mdeslaur> thanks jdstrand!
[17:17] <jjohansen1> thanks jdstrand
[17:17] <sarnold> thanks jdstrand!
[17:17] <tyhicks> thanks!
[17:17] <sbeattie> jdstrand: thanks
[19:06] <Noskcaj> morning micahg-work
[19:06] <micahg-work> hi
[19:07] <Noskcaj> Can you give me a testimonial too, or are you only allowed to vote in +1 -1 ?
[19:08] <bdrung> !dmb-ping
[19:09] <ScottK> \o
[19:09] <micahg-work> tumbleweed, ignore
[19:09] <micahg-work> bdmurray, xnox:  DMB ping
[19:09] <ScottK> I may be off and on due to spotty wifi.
[19:10] <bdrung> we are three. one more missing to be quorate.
[19:12] <ScottK> I may drop off at any time, so I probably shouldn't count anyway.
[19:17] <bdrung> Laney, stgraber, bdmurray, xnox: DMB ping
[19:17]  * bdrung will wait some minutes for them to show up. Otherwise he has to cancel the DMB meeting today.
[19:19] <Noskcaj> Please may they turn up
[19:21] <stgraber> I'm around now
[19:24] <stgraber> I actually have to disappear for a sec (irssi problem)
[19:26] <bdrung> okay, then let's start the meeting (hoping that ScottK will stay with us)
[19:27] <bdrung> #startmeeting
[19:27] <meetingology> Meeting started Mon Mar 24 19:27:06 2014 UTC.  The chair is bdrung. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
[19:27] <meetingology> Available commands: action commands idea info link nick
[19:27] <bdrung> #topic Review of previous action items
[19:28] <bdrung> stgraber: Did you add the new DMB members?
[19:28] <stgraber> yep
[19:28] <bdrung> stgraber: the dmb-ping doesn't seem to be update
[19:29] <rww> I can correct that for you. Changes?
[19:29] <stgraber> rww: that'd be great. Remove barry and tumbleweed and add xnox and bdmurray
[19:30] <stgraber> bdrung: oops, yeah, forgot about that one.
[19:30] <rww> !dmb-ping =~ s/barry, tumbleweed,/xnox, bdmurray,/
[19:31] <bdrung> thanks
[19:31] <bdrung> moving on
[19:31] <bdrung> #topic Xubuntu packageset/MOTU application from Jackson Doak
[19:32] <bdrung> #link https://wiki.ubuntu.com/Noskcaj#MOTU
[19:32] <bdrung> Noskcaj: please introduce yourself
[19:33] <Noskcaj> Hello everyone, i'm Jackson Doak. I've been doing packaging work since mid 2013, and would like to gain upload rights.
[19:33] <Noskcaj> Is there anything specific i should be saying?
[19:35] <bdrung> no. we will ask you questions.
[19:35] <Noskcaj> A large portion of my work is keeping Xfce/Xubuntu up to date, as well as other, minor DEs
[19:35]  * bdrung is still reading the application wiki (sorry for not having time to do that earlier)
[19:36] <bdrung> Noskcaj: so xfce you are using xfce?
[19:36] <Noskcaj> yes
[19:38] <stgraber> Noskcaj: so it's been exactly a month since your last application, what steps did you take to resolve some of the hilighted issues?
[19:39] <Noskcaj> I've been making sure i test build everything i work on, and only taking patches that have been tested
[19:40] <Noskcaj> Also, reading debian and upstream changelogs more extensively
[19:40] <Noskcaj> I believe my quality of work has improved in the last month, and since i first applied in january. Next month i should finally have my dev PC working too.
[19:44] <micahg-work> Noskcaj, so, you made a call for sponsoring shortly after the last meeting, but there was an issue with that, do you understand what that was and what steps would you take to prevent that from happening in the future
[19:45] <Noskcaj> micahg, yes. I made a call for sponsoring during a freeze which meant very few things could actually get sponsored, plus i said some changes were "release critical", but that was only for final release
[19:46] <Noskcaj> In future i won't call for sponsoring in freezes, and will check if a package is seeded before uploading
[19:49] <bdrung> Noskcaj: what steps do you do before uploading (or requesting an upload)?
[19:50] <Noskcaj> Check no one else is working on the package, test build it and make sure i'm not adding regressions, check if it's affected by any current freezes/transitions, upload
[19:51] <bdrung> Noskcaj: how do you test to not introduce regressions?
[19:52] <Noskcaj> changelog checking, testbuilding, automated checks like lintian and blhc, upstream bug trackers, not packaging unstable releases unless needed
[19:54] <bdrung> Noskcaj: do you install the packages and run them before uploading?
[19:54] <Noskcaj> bdrung, When possible, but it's difficult for me to do due to hardware limitation. That will be fixed in a few weeks time
[19:55] <Noskcaj> (When i will have my VM server finished)
[19:56] <bdrung> Noskcaj: are you subscribed to the ubuntu-devel-announce mailing list?
[19:56] <Noskcaj> yes
[19:58] <micahg-work> Noskcaj, could you please explain the difference between CFLAGS, CPPFLAGS, and CXXFLAGS
[20:00] <Noskcaj> They are all makefile macros. Cflags is for C only, CXXflags is for C++, CPPflags for both
[20:02] <bdrung> Noskcaj: why is CPPFLAGS for both?
[20:03] <Noskcaj> It's where preprocessor flags go, which both c and C++ use
[20:06] <micahg-work> Noskcaj, where's your reference for that?
[20:06] <Noskcaj> http://stackoverflow.com/questions/5541946/cflags-ccflags-cxxflags-what-exactly-do-these-variables-control
[20:06] <Noskcaj> I don't know C or C++, but i do understand what the flags do
[20:07] <micahg-work> Noskcaj, did you notice the first comment on that response?
[20:07] <Noskcaj> oh
[20:07] <Noskcaj> 1. I feel stupid now 2. Thanks for telling me to look there
[20:08] <micahg-work> Noskcaj, I certainly did not intend to make you feel stupid
[20:09] <bdrung> no questions are left. so let's vote.
[20:09] <micahg-work> we don't have quorum
[20:10] <bdrung> ScottK voted in private for this case. so we still have quorum.
[20:11] <bdrung> #vote Should Jackson Doak become MOTU?
[20:11] <meetingology> Please vote on: Should Jackson Doak become MOTU?
[20:11] <meetingology> Public votes can be registered by saying +1, +0 or -1 in channel, (for private voting, private message me with 'vote +1/-1/+0 #channelname)
[20:14] <stgraber> -1 [A month ago I said "I'd prefer to have you work for a few more months through sponsors", since it has only been a month, I'm sticking to my vote]
[20:14] <meetingology> -1 [A month ago I said "I'd prefer to have you work for a few more months through sponsors", since it has only been a month, I'm sticking to my vote] received from stgraber
[20:16] <Noskcaj> stgraber, My reason for the only one month is i cannot apply again till the end of the year
[20:16] <Noskcaj> just FYI
[20:16] <bdrung> Noskcaj: why?
[20:16] <micahg-work> -1 same as stgraber, though I'm glad to see the sponsors say that some improvement has been made
[20:16] <meetingology> -1 same as stgraber, though I'm glad to see the sponsors say that some improvement has been made received from micahg-work
[20:17] <Noskcaj> bdrung, 19UTC is currently 6am here, 6th of april, it becomes 5am
[20:17] <Noskcaj> I struggled to make this meeting as it is
[20:18] <bdrung> +1 [ Noskcaj is a young and passionate developer. He made mistakes and probably will make mistakes, but he is learning and improving ]
[20:18] <meetingology> +1 [ Noskcaj is a young and passionate developer. He made mistakes and probably will make mistakes, but he is learning and improving ] received from bdrung
[20:18] <micahg-work> Noskcaj, we can either do a vote by email or something else, we'll work with you
[20:18] <bdrung> i got one -1 from ScottK
[20:18] <bdrung> #endvote
[20:18] <meetingology> Voting ended on: Should Jackson Doak become MOTU?
[20:18] <meetingology> Votes for:1 Votes against:2 Abstentions:0
[20:18] <meetingology> Motion denied
[20:19] <Noskcaj> i'll try to apply by email then, but last time it took two months, two irc meetings, just to be told "-1 from everyone"
[20:20] <bdrung> Noskcaj: sorry for not granting you upload rights. you are on the right path (improving and learning).
[20:20] <Noskcaj> thanks
[20:20] <Noskcaj> and for xubuntu packageset?
[20:20] <bdrung> #vote Should Jackson Doak get upload rights to the Xubuntu packageset?
[20:20] <meetingology> Please vote on: Should Jackson Doak get upload rights to the Xubuntu packageset?
[20:20] <meetingology> Public votes can be registered by saying +1, +0 or -1 in channel, (for private voting, private message me with 'vote +1/-1/+0 #channelname)
[20:21] <stgraber> +0 [Same reason as previous vote, sticking to what I voted a month ago]
[20:21] <meetingology> +0 [Same reason as previous vote, sticking to what I voted a month ago] received from stgraber
[20:21] <Noskcaj> I'd expected to not get MOTU this meeting, but had to try. Xubuntu packageset i think i deserve since i've not had any bad uploads there, and micahg's time to upload stuff is fairly limited
[20:24] <micahg-work> +0
[20:24] <meetingology> +0 received from micahg-work
[20:24] <bdrung> +1 [ same reason as for MOTU application ]
[20:24] <meetingology> +1 [ same reason as for MOTU application ] received from bdrung
[20:25] <bdrung> I got one -1 from ScottK
[20:25] <bdrung> #endvote
[20:25] <meetingology> Voting ended on: Should Jackson Doak get upload rights to the Xubuntu packageset?
[20:25] <meetingology> Votes for:1 Votes against:0 Abstentions:2
[20:25] <meetingology> Motion carried
[20:25] <Noskcaj> Is that actually motion carried or does scott's vote make is denied?
[20:26] <bdrung> Noskcaj: sorry. this isn't enough for upload rights.
[20:26] <Noskcaj> :(
[20:26]  * Noskcaj flips table, leaves to get breakfast
[20:27] <bdrung> we need +4 to carry a motion (with +0 and 3 absent member, you can't reach it any more)
[20:27] <stgraber> Noskcaj: if you are still around for a few minutes, we do have a PPU proposal for you though
[20:28] <bdrung> Noskcaj: your application is not denied, but deferred. Most of us think that you need more time until you get upload rights to learn and improve.
[20:33] <Noskcaj> stgraber, I'll be around for another hour.
[20:34] <Noskcaj> bdrung, ok. I should probably find time to learn a programming language in a meaningful way, but that does need a lot of time
[20:35] <bdrung> Noskcaj: Do you want to get upload rights for catfish, parole, and mugshot?
[20:36] <Noskcaj> bdrung, If possible, although menulibre, whiskermenu, gthumb, and maybe all of xfce could be added to that list
[20:39] <bdrung> we add gthumb to the PPU list.
[20:39] <bdrung> #vote Should Jackson Doak get upload rights for catfish, gthumb, parole, and mugshot?
[20:39] <meetingology> Please vote on: Should Jackson Doak get upload rights for catfish, gthumb, parole, and mugshot?
[20:39] <meetingology> Public votes can be registered by saying +1, +0 or -1 in channel, (for private voting, private message me with 'vote +1/-1/+0 #channelname)
[20:40] <bdrung> +1
[20:40] <meetingology> +1 received from bdrung
[20:40] <micahg-work> +1
[20:40] <meetingology> +1 received from micahg-work
[20:40] <stgraber> +1
[20:40] <meetingology> +1 received from stgraber
[20:40] <Noskcaj> Thanks, it's something.
[20:43] <stgraber> so that's 3/4, ScottK proposed this (except for gthumb) so I believe he's likely to approve but final approval and granting of the rights will have to happen once he's back online
[20:43] <Noskcaj> :)
[20:43] <bdrung> #endvote
[20:43] <meetingology> Voting ended on: Should Jackson Doak get upload rights for catfish, gthumb, parole, and mugshot?
[20:43] <meetingology> Votes for:3 Votes against:0 Abstentions:0
[20:43] <meetingology> Motion carried
[20:45] <bdrung> Noskcaj: as previously said, we need +4 (out of seven). you got +3 from the three present members.
[20:45] <Noskcaj> yep
[20:46] <bdrung> Noskcaj: we will get the remaining vote(s) via IRC or mail later.
[20:47] <Noskcaj> If i may ask, why is the whole dmb so rarely present at meetings?
[20:47] <bdrung> Noskcaj: as stgraber already said, I assume you will get the missing vote and the PPU will be granted.
[20:48] <bdrung> Noskcaj: we are distributed around the globe and real live can make it hard to attend. For example, the early meeting is in my work time and I can only attend if I do not have an other meeting.
[20:49] <stgraber> Noskcaj: because most DMB members work, some have to travel (like ScottK today) and for some it's just too late or too early based on their repsective timezones
[20:49] <Noskcaj> ok
[20:49] <bdrung> Noskcaj: we will let you know about the outcome of the vote.
[20:49] <Noskcaj> thanks
[20:49] <bdrung> #topic Any other business
[20:50] <bdrung> next chair will be Brian (following the list)
[20:50] <bdrung> anything left?
[20:51] <bdrung> I guess not.
[20:51] <bdrung> #endmeeting
[20:51] <meetingology> Meeting ended Mon Mar 24 20:51:20 2014 UTC.
[20:51] <meetingology> Minutes:        http://ubottu.com/meetingology/logs/ubuntu-meeting/2014/ubuntu-meeting.2014-03-24-19.27.moin.txt
[20:51] <micahg-work> thanks bdrung
[20:51] <bdrung> you're welcome
[20:52] <bdrung> now i have to leave -> RL asks for my presence
[21:01] <Noskcaj> Is there a wiki page for how to upload stuff?
[23:30] <ScottK> stgraber: I'm +1 for gthumb too.
[23:37] <stgraber> ScottK: thanks, I'll take care of granting the PPU then