| === vladk|offline is now known as vladk | ||
| === vladk is now known as vladk|offline | ||
| === vladk|offline is now known as vladk | ||
| === vladk is now known as vladk|offline | ||
| === vladk|offline is now known as vladk | ||
| === zequence_ is now known as zequence | ||
| === cjwatson_ is now known as cjwatson | ||
| === s1aden is now known as sladen | ||
| === Quintasan is now known as Doktorant_R4k | ||
| === Doktorant_R4k is now known as Quintasan | ||
| === brendand_ is now known as brendand | ||
| === shuduo is now known as shuduo_afk | ||
| * bdmurray looks around | 15:00 | |
| bdmurray | I believe I'm that chair today, do we take attendance first or anything? | 15:01 |
|---|---|---|
| Laney | hi | 15:02 |
| stgraber | bdmurray: I think we've got quorum so it's fine to just start the meeting | 15:02 |
| * xnox O/ | 15:02 | |
| Laney | Do you mind chairing in your first meeting? | 15:02 |
| Laney | The agenda from the last meeting hasn't been cleared yet, unfortunately | 15:02 |
| bdmurray | I think I can sort it out | 15:02 |
| ScottK | \o | 15:03 |
| Laney | ok | 15:03 |
| bdmurray | #startmeeting Ubuntu DMB | 15:03 |
| meetingology | Meeting started Mon Apr 7 15:03:16 2014 UTC. The chair is bdmurray. Information about MeetBot at http://wiki.ubuntu.com/meetingology. | 15:03 |
| meetingology | Available commands: action commands idea info link nick | 15:03 |
| === meetingology changed the topic of #ubuntu-meeting to: Ubuntu Meeting Grounds | Calendar/Scheduled meetings: http://fridge.ubuntu.com/calendar | Logs: https://wiki.ubuntu.com/MeetingLogs | Meetingology documentation: https://wiki.ubuntu.com/meetingology | Ubuntu DMB Meeting | Current topic: | ||
| bdmurray | #topic Review of previous action items | 15:03 |
| === meetingology changed the topic of #ubuntu-meeting to: Ubuntu Meeting Grounds | Calendar/Scheduled meetings: http://fridge.ubuntu.com/calendar | Logs: https://wiki.ubuntu.com/MeetingLogs | Meetingology documentation: https://wiki.ubuntu.com/meetingology | Ubuntu DMB Meeting | Current topic: Review of previous action items | ||
| bdmurray | It doesn't look like there were any previous action items, as the one on the agenda seems to be a holdover, correct? | 15:04 |
| === Darkwing_ is now known as Darkwing | ||
| ScottK | No. I think at least some of that needed to be done after the last meeting. | 15:04 |
| ScottK | stgraber would know if it's all done, in any case. | 15:04 |
| stgraber | I think everything was done | 15:05 |
| bdmurray | okay, great. | 15:05 |
| bdmurray | moving on then | 15:06 |
| bdmurray | #topic Per Package Uploader Application: Benjamin Kerensa | 15:07 |
| === meetingology changed the topic of #ubuntu-meeting to: Ubuntu Meeting Grounds | Calendar/Scheduled meetings: http://fridge.ubuntu.com/calendar | Logs: https://wiki.ubuntu.com/MeetingLogs | Meetingology documentation: https://wiki.ubuntu.com/meetingology | Ubuntu DMB Meeting | Current topic: Per Package Uploader Application: Benjamin Kerensa | ||
| bdmurray | I don't see bkerensa here, but I've pinged him. | 15:08 |
| Laney | Could swap to stokachu & come back | 15:08 |
| bdmurray | okay, let's do that then | 15:09 |
| bdmurray | #topic Ubuntu Core dev application: Adam Stokes | 15:09 |
| === meetingology changed the topic of #ubuntu-meeting to: Ubuntu Meeting Grounds | Calendar/Scheduled meetings: http://fridge.ubuntu.com/calendar | Logs: https://wiki.ubuntu.com/MeetingLogs | Meetingology documentation: https://wiki.ubuntu.com/meetingology | Ubuntu DMB Meeting | Current topic: Ubuntu Core dev application: Adam Stokes | ||
| bdmurray | stokachu: Are you ready? | 15:09 |
| Laney | Hmm | 15:11 |
| xnox | utc/summer-time hiatus? | 15:12 |
| stgraber | well, if that was the case, they'd have been here an hour ago | 15:13 |
| stgraber | so probably not | 15:13 |
| * xnox ponders australia... two hours late or something like that?! | 15:13 | |
| ScottK | Makes it a short meeting. | 15:13 |
| xnox | they are not in southern hemispheres though, i think. | 15:13 |
| bdmurray | Maybe we should email candidates a reminder? | 15:13 |
| ScottK | I think if they can't manage to remember, they've earned the result they get. | 15:14 |
| ScottK | We can roll them over to two weeks from now. | 15:14 |
| ScottK | The agenda for that meeting is empty ATM anyway. | 15:14 |
| bdmurray | Maybe they should be 2nd in case anybody else applies | 15:15 |
| Laney | Bit unfortunate if anyone wants to apply today for the next meeting | 15:15 |
| Laney | Ho hum | 15:15 |
| bdmurray | #topic AOB | 15:15 |
| === meetingology changed the topic of #ubuntu-meeting to: Ubuntu Meeting Grounds | Calendar/Scheduled meetings: http://fridge.ubuntu.com/calendar | Logs: https://wiki.ubuntu.com/MeetingLogs | Meetingology documentation: https://wiki.ubuntu.com/meetingology | Ubuntu DMB Meeting | Current topic: AOB | ||
| Laney | That's what happens, I guess | 15:15 |
| bdmurray | Okay, is there anything else? | 15:16 |
| xnox | well if people show up in 1 hour maybe we could still reconvene... | 15:16 |
| bdmurray | I'm actually not working / on holiday today | 15:16 |
| bdmurray | and I still made it to the meeting on time ;-) | 15:17 |
| bdmurray | Since there's nothing else then let's wrap up the meeting. | 15:18 |
| bdmurray | #endmeeting | 15:18 |
| === meetingology changed the topic of #ubuntu-meeting to: Ubuntu Meeting Grounds | Calendar/Scheduled meetings: http://fridge.ubuntu.com/calendar | Logs: https://wiki.ubuntu.com/MeetingLogs | Meetingology documentation: https://wiki.ubuntu.com/meetingology | ||
| meetingology | Meeting ended Mon Apr 7 15:18:49 2014 UTC. | 15:18 |
| meetingology | Minutes: http://ubottu.com/meetingology/logs/ubuntu-meeting/2014/ubuntu-meeting.2014-04-07-15.03.moin.txt | 15:18 |
| Laney | Intense meeting | 15:19 |
| xnox | bdmurray: excellent chairing =) | 15:21 |
| stokachu | bdmurray: sorry im here | 15:22 |
| stokachu | probably to late | 15:22 |
| stokachu | damnit | 15:22 |
| xnox | bdmurray: Laney: ScottK: micahg: ping ^ | 15:23 |
| ScottK | Still here. | 15:23 |
| Laney | Cool | 15:23 |
| Laney | Just settled down for a nap too | 15:23 |
| xnox | we are still within normal 1h slot for the meeting =) | 15:24 |
| xnox | bdrung: around? =) | 15:24 |
| bdmurray | I'm still here | 15:25 |
| xnox | bdmurray: restart the meeting? =) | 15:26 |
| * bdmurray looks for restart command | 15:26 | |
| Laney | start it again | 15:26 |
| bdmurray | that was a joke ;-) | 15:26 |
| bdmurray | #startmeeting Ubuntu DMB | 15:26 |
| meetingology | Meeting started Mon Apr 7 15:26:47 2014 UTC. The chair is bdmurray. Information about MeetBot at http://wiki.ubuntu.com/meetingology. | 15:26 |
| meetingology | Available commands: action commands idea info link nick | 15:26 |
| === meetingology changed the topic of #ubuntu-meeting to: Ubuntu Meeting Grounds | Calendar/Scheduled meetings: http://fridge.ubuntu.com/calendar | Logs: https://wiki.ubuntu.com/MeetingLogs | Meetingology documentation: https://wiki.ubuntu.com/meetingology | Ubuntu DMB Meeting | Current topic: | ||
| bdmurray | #topic Ubuntu Core dev application: Adam Stokes | 15:26 |
| === meetingology changed the topic of #ubuntu-meeting to: Ubuntu Meeting Grounds | Calendar/Scheduled meetings: http://fridge.ubuntu.com/calendar | Logs: https://wiki.ubuntu.com/MeetingLogs | Meetingology documentation: https://wiki.ubuntu.com/meetingology | Ubuntu DMB Meeting | Current topic: Ubuntu Core dev application: Adam Stokes | ||
| xnox | From service manpage restart is stop, start =))))))))) </joke> | 15:26 |
| stokachu | hi, thanks guys for restarting for me | 15:27 |
| bdmurray | stokachu: Could you introduce yourself, your work, and your application? | 15:27 |
| stokachu | Hi, I've been working for Canonical doing a Sustaining Engineering role and recently moving into Solutions Engineer concentrating on juju, maas, and our most recent project cloud installer | 15:28 |
| stokachu | one sec lemme get the app link | 15:28 |
| stokachu | https://wiki.ubuntu.com/AdamStokes/CoreDevApplication | 15:28 |
| ScottK | For those of us that don't work at Canonical, sustaining/solutions engineering doesn't mean much. | 15:29 |
| stokachu | as stated in the application ive been using Ubuntu for roughly 3 years and Fedora prior to that for 7 years | 15:29 |
| stokachu | Susstaining engineering revolved around maintaining the quality and stability of the existing product lines | 15:29 |
| stokachu | inlucding Base OS, Kernel maintenance, and Cloud technologies such as Juju | 15:30 |
| xnox | stokachu: mostly on LTS releases only? | 15:30 |
| stokachu | Sustaining rarely did new feature enhancements or new package appication | 15:30 |
| stokachu | Yea our main focus was LTS releases | 15:30 |
| stokachu | however when we sent a patch we did it for all supported Relesaes | 15:30 |
| stokachu | releases* | 15:30 |
| stokachu | In solutions engineering we are kind of a R&D department | 15:31 |
| stokachu | where we work on upstream enhancements with focus in maas, juju, and hpc | 15:31 |
| ScottK | Usually, people apply for MOTU, before core-dev. How it's somewhat unusual to see someone going for core-dev as their first entry point into ubuntu-dev. | 15:32 |
| stokachu | as for outside of the canonical realm i've successfully submitted the package sosreport in the Debian archive via the mentors program | 15:32 |
| stokachu | which was handled from scratch until upload | 15:32 |
| stokachu | I am currently a Ubuntu contributing developer | 15:32 |
| stokachu | ScottK: ^ | 15:33 |
| stokachu | when time permits ive done package merges from debian into X ubuntu release | 15:33 |
| stokachu | participated in +1 maintenance | 15:33 |
| ScottK | Right, but that's not part of ubuntu-dev (that's people with upload rights) | 15:34 |
| Laney | What do you imagine you'll be mainly working on in the Ubuntu archive? | 15:34 |
| xnox | ScottK: however, I went straight from contributing developer -> core dev. So there have been cases like that before. Also looking at stokachu's upload history most of the uploads that got sponsored for him are for "main" packages. | 15:34 |
| stokachu | My main focus will be our cloud products such as Maas, Juju, and Cloud installer | 15:34 |
| * Laney doesn't think going straight for core-dev is a problem in itself if there's experience and that's where the interests/intention to contribute is | 15:34 | |
| stokachu | curtin | 15:34 |
| stokachu | Where main package contributions come into play will be against those that are depending on by the stated cloud products | 15:35 |
| stokachu | dhcp, bind, etc | 15:35 |
| ScottK | xnox: I know it's happened, it's just not usual. | 15:35 |
| stokachu | ive worked with xnox and bdmurray on a few occasions related to packaging and userspace maintenance work | 15:36 |
| bdmurray | stokachu: with your change in teams and responsibilities has your focus shifted from SRUs to the development release? | 15:36 |
| stokachu | bdmurray: yea my focus won't be SRU at this time | 15:37 |
| stokachu | primarily due to team sizes/resources etc | 15:37 |
| stokachu | CTS would still handle the SRU's for products i will directly work on | 15:37 |
| ScottK | CTS? | 15:37 |
| stokachu | canonical technical services | 15:37 |
| stokachu | the department where Sustaining Engineering resides | 15:37 |
| stokachu | ScottK: sorry i dont intentially mean to automatically assume everyone knows canonical | 15:38 |
| ScottK | Let's try and make it through the rest of the meeting without any references to the Canonical org chart. | 15:38 |
| stokachu | sure | 15:38 |
| ScottK | What do you think of the process for landing maas/juju development efforts into Ubuntu? | 15:39 |
| stokachu | They aren't in line with the rest of development processes | 15:39 |
| bdmurray | stokachu: your application seems to be missing the "Things I could do better" section. Is that deliberate? | 15:40 |
| stokachu | As in feature freezes tend to not apply to them, however, I feel they should | 15:40 |
| stokachu | bdmurray: there is a one liner which states Increase my productivity by stream lining my work items for the different projects I am involved in. | 15:40 |
| stokachu | and by increasing productivity I mean adhearing to the processes defined by Ubuntu | 15:40 |
| ScottK | stokachu: Feature freeze does apply. They just ignore it and ask for an FFe every time. | 15:41 |
| stokachu | reduce back and forth | 15:41 |
| xnox | stokachu: MAAS & juju testing is loosely integrated with ubuntu release cycle. Past three releases co-incided with Openstack summits and there was nobody available (and had hardware) to execute end-to-end MAAS testing, and it hasn't been tested regularly during the development cycle. In your opinion, how can this be improved? | 15:41 |
| xnox | (thus critical bugs were discovered more-or-less during release weeks) | 15:41 |
| stokachu | xnox: So CI is definitely a big issue in my eyes | 15:41 |
| stokachu | we shouldnt be releasing products that do not 100% pass tests and have a huge percentage of coverage | 15:42 |
| ScottK | Having a release schedule that's aligned to Ubuntu's would help. | 15:42 |
| stokachu | For juju in particular it would be beneficial to stick to not making breaking changes in minor releases | 15:42 |
| stokachu | Also maas release 1.5 which is way to close to the 14.04 release | 15:42 |
| stokachu | to be audited and signed off on | 15:43 |
| stokachu | released* | 15:43 |
| stokachu | Making sure codebases are green before doing releases is a pet peeve of mine | 15:43 |
| stokachu | But, maas and juju teams do realize the pitfalls | 15:44 |
| stokachu | and are actively changing their processes and increasing testing | 15:44 |
| stokachu | They are in the right direction so I strongly believe those aligned processes with Ubuntu will be seen in the near future | 15:44 |
| xnox | stokachu: ok. Slightly different question: What should one do when updating a library, that removes one function from its ABI? | 15:45 |
| stokachu | xnox: ifa function is removed the symbol tables would need to be updated to reflect that | 15:46 |
| stokachu | among a version bump and possible rebuilds of affected packages | 15:47 |
| * bdrung_work arrives | 15:48 | |
| xnox | stokachu: how would you find out list of affected packages? | 15:48 |
| stokachu | xnox: running a rdepends to see which version of the library is used | 15:50 |
| stokachu | using ldd will also give you the library version used | 15:50 |
| xnox | stokachu: ok. There is also "reverse-depends" command, that I find is often faster (it uses pregenerated caches) | 15:50 |
| xnox | no more questions from me. | 15:50 |
| bdmurray | Does anybody else have any questions? | 15:51 |
| stokachu | xnox: is that different than the rdepends argument? | 15:51 |
| stokachu | apt-rdepends? | 15:52 |
| stokachu | or that may be recursive | 15:52 |
| ScottK | If you have a library that needs a version bump, what packaging changes are needed? | 15:52 |
| xnox | stokachu: one is local, the other one uses remote cache. Otherwise basic functionality is about the same. But each has extra features lacking in the other tool. | 15:53 |
| stokachu | ah ok good t oknow | 15:53 |
| ScottK | Also reverse-depends -b will give you the reverse build-deps. | 15:53 |
| stokachu | ScottK: changing the SONAME and corresponding name for the binary package | 15:54 |
| stokachu | call ldconfig within postinst | 15:54 |
| stokachu | hm.. what else | 15:54 |
| stokachu | i think those are the main things | 15:55 |
| ScottK | Other than sosreport and the things related to your work, what interests in Ubuntu development do you have? | 15:55 |
| stokachu | im a big fan of KDE so I'd like to be more active in that area | 15:56 |
| stokachu | maybe not so much the DE portion but its applications | 15:56 |
| stokachu | I also enjoy blogging and talking about products/projects in a way that can benefit small businesses | 15:57 |
| stokachu | wrt juju I have a interest in the "scaling down" part of the environment | 15:58 |
| bdmurray | Alright, is that all the questions? | 15:59 |
| bdmurray | #vote Adamd Stokes for Ubuntu Core Developer | 16:01 |
| meetingology | Please vote on: Adamd Stokes for Ubuntu Core Developer | 16:01 |
| meetingology | Public votes can be registered by saying +1, +0 or -1 in channel, (for private voting, private message me with 'vote +1/-1/+0 #channelname) | 16:01 |
| xnox | +1 | 16:02 |
| meetingology | +1 received from xnox | 16:02 |
| ScottK | +0 #clearly knows a lot, but straight to core-dev is a big jump - I would be more comfortable starting with PPU or maybe server dev. | 16:02 |
| meetingology | +0 #clearly knows a lot, but straight to core-dev is a big jump - I would be more comfortable starting with PPU or maybe server dev. received from ScottK | 16:02 |
| Laney | +1 | 16:02 |
| meetingology | +1 received from Laney | 16:02 |
| stgraber | +1 | 16:02 |
| meetingology | +1 received from stgraber | 16:02 |
| bdmurray | +1 | 16:02 |
| meetingology | +1 received from bdmurray | 16:02 |
| Laney | micahg: bdrung | 16:02 |
| bdrung_work | i still have to catch up. | 16:03 |
| Laney | ok, well no need anyway :-) | 16:03 |
| xnox | micahg had tentative +0 | 16:04 |
| bdmurray | #endvote | 16:05 |
| meetingology | Voting ended on: Adamd Stokes for Ubuntu Core Developer | 16:05 |
| meetingology | Votes for:4 Votes against:0 Abstentions:1 | 16:05 |
| meetingology | Motion carried | 16:05 |
| stokachu | sweet! | 16:05 |
| stokachu | bdmurray: just noticed Adamd Stokes :) | 16:05 |
| Laney | well done ;-) | 16:05 |
| arges | congrats | 16:06 |
| bdmurray | stokachu: sorry about that typo | 16:06 |
| stokachu | bdmurray: its cool man | 16:07 |
| stokachu | micahg: ScottK, promise not to let you down :) | 16:07 |
| xnox | stokachu: =) congrats. | 16:07 |
| stokachu | thanks everyone :) | 16:07 |
| bdmurray | Okay, we already handled AOB in the previous meeting ;-) so I guess that's a wrap. | 16:07 |
| stokachu | thanks again for your time and restarting the meeting | 16:08 |
| stgraber | stokachu: congrats! | 16:08 |
| ScottK | stokachu: The main thing is to ask when you're not sure. Core-dev means you have more ability to break things, it doesn't mean you're expected to know it all. | 16:08 |
| stokachu | ScottK: i will definitely do that | 16:08 |
| stokachu | stgraber: thanks! | 16:08 |
| ScottK | The breaking part or the asking part? | 16:08 |
| bdmurray | #endmeeting | 16:08 |
| === meetingology changed the topic of #ubuntu-meeting to: Ubuntu Meeting Grounds | Calendar/Scheduled meetings: http://fridge.ubuntu.com/calendar | Logs: https://wiki.ubuntu.com/MeetingLogs | Meetingology documentation: https://wiki.ubuntu.com/meetingology | ||
| meetingology | Meeting ended Mon Apr 7 16:08:42 2014 UTC. | 16:08 |
| meetingology | Minutes: http://ubottu.com/meetingology/logs/ubuntu-meeting/2014/ubuntu-meeting.2014-04-07-15.26.moin.txt | 16:08 |
| ScottK | ;-) | 16:08 |
| Laney | stokachu: https://wiki.ubuntu.com/MOTU/New | 16:08 |
| Laney | might be useful, please add new tips that you come up with | 16:09 |
| Laney | bdmurray: now the joy of post meeting tasks | 16:10 |
| jose | jdstrand: ping, mind a quick PM? | 16:30 |
| jdstrand | jose: I am about to step into a meeting. feel free to privmsg me, I read backscroll | 16:31 |
| jose | thanks | 16:31 |
| mdeslaur | \o | 16:35 |
| chrisccoulson | o/ | 16:35 |
| tyhicks | hello | 16:35 |
| jdstrand | hi! | 16:36 |
| jdstrand | #startmeeting | 16:36 |
| meetingology | Meeting started Mon Apr 7 16:36:06 2014 UTC. The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology. | 16:36 |
| meetingology | Available commands: action commands idea info link nick | 16:36 |
| jdstrand | The meeting agenda can be found at: | 16:36 |
| jdstrand | [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting | 16:36 |
| jdstrand | [TOPIC] Announcements | 16:36 |
| === meetingology changed the topic of #ubuntu-meeting to: Announcements | ||
| jdstrand | apparmor ptrace and signal mediation has landed on desktop and server. Touch images have the userspace and should have kernel updates next week. For anyone seeing apparmor denials in distro/click policy, please file bugs | 16:36 |
| jdstrand | oxide is now in main and in use on the touch images | 16:36 |
| jdstrand | [TOPIC] Weekly stand-up report | 16:37 |
| === meetingology changed the topic of #ubuntu-meeting to: Weekly stand-up report | ||
| jdstrand | I'll go first | 16:37 |
| jdstrand | I'm in the happy place this week | 16:37 |
| jdstrand | I will be publishing the openjdk-6 update today | 16:37 |
| jdstrand | I'm also working with phonedations on the media-hub landing (apparmor policy updates) | 16:37 |
| jdstrand | and will be working on scopes apparmor policy this week | 16:38 |
| jdstrand | I have other updates assigned to me that I plan on picking up again | 16:38 |
| jdstrand | mdeslaur: you're up | 16:38 |
| mdeslaur | I'm on triage this week | 16:38 |
| mdeslaur | just published a couple of updates, and have some more in the PPA to test and release | 16:39 |
| mdeslaur | the cve list is growing, so I'll be poking at that too | 16:39 |
| mdeslaur | and I'm off on friday | 16:39 |
| mdeslaur | that's it for me, sbeattie, you're up | 16:39 |
| sbeattie | I'm on apparmor again this week | 16:39 |
| sbeattie | I'm finishing up reviewing the user spaces patches for ptrace signals, to get them landed upstream. | 16:40 |
| sbeattie | As well as writing additional test cases for them. | 16:40 |
| sbeattie | I know jj made a couple of commits over the weekend, which caused the jenkins builds to fail, so I need to see what's up with that (I suspect a couple of files got missed being added in a commit) | 16:41 |
| sbeattie | and I also need to finish making travel arrangements for the upcoming sprint. | 16:41 |
| sbeattie | that's it for me | 16:41 |
| sbeattie | tyhicks: you're up | 16:42 |
| tyhicks | I'm currently working on fixing up some lightdm guest session denials | 16:42 |
| tyhicks | one is a new denial from the signals/ptrace ffe and the rest are pre-existing denials | 16:42 |
| tyhicks | I also need to do a small followup patch, at cboltz's request, around the aa.py test cases that I added | 16:43 |
| tyhicks | then I'm going to get caught up on what's been happening around kdbus LSM integration | 16:43 |
| tyhicks | I also need to book sprint travel | 16:43 |
| tyhicks | that's it for me | 16:43 |
| tyhicks | jj is out today | 16:44 |
| tyhicks | sarnold: that means you're up | 16:44 |
| sarnold | I'm on community this week | 16:44 |
| sarnold | I believe there is only one outstanding MIR left, glusterfs, to finish up this week | 16:44 |
| sarnold | I want to upgrade to trusty before release, it'd be nice to participate in a pre-release circus :) | 16:45 |
| sarnold | there's plenty of apparmor patches outstanding, I'd like to review some of those and get them checked in | 16:45 |
| tyhicks | +1 | 16:45 |
| sarnold | and I haven't yet bookde sprint travel, so that'll be this week :) | 16:46 |
| sarnold | I think that's me this week, chrisccoulson? :) | 16:46 |
| jdstrand | tyhicks: re pre-existing-- I'm not sure you have to fix everything up. I think there are several things that may have been left out on purpose | 16:46 |
| chrisccoulson | hi :) | 16:47 |
| tyhicks | jdstrand: I'll be sure to pass everything by you | 16:47 |
| mdeslaur | sarnold: geez, might as well wait an extra couple of weeks and directly upgrade to U :P | 16:47 |
| chrisccoulson | right now, i'm fixing bug 1301341 | 16:47 |
| ubottu | bug 1301341 in webbrowser-app "grooveshark playback has stopped functioning" [Undecided,Confirmed] https://launchpad.net/bugs/1301341 | 16:47 |
| chrisccoulson | i'm going to do another upload of oxide later with some other stuff in (file picker support) | 16:47 |
| sarnold | mdeslaur :) | 16:48 |
| chrisccoulson | but other than that, i shall be mostly working on https://bugs.launchpad.net/oxide/ ;) | 16:48 |
| jdstrand | chrisccoulson: fyi, oxide got promoted this morning | 16:48 |
| chrisccoulson | i've got another update to do this week as well | 16:49 |
| chrisccoulson | jdstrand, thanks | 16:49 |
| chrisccoulson | i think that's me done | 16:49 |
| jdstrand | [TOPIC] Highlighted packages | 16:49 |
| === meetingology changed the topic of #ubuntu-meeting to: Highlighted packages | ||
| jdstrand | The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. | 16:49 |
| jdstrand | See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. | 16:49 |
| jdstrand | http://people.canonical.com/~ubuntu-security/cve/pkg/gallery2.html | 16:50 |
| jdstrand | http://people.canonical.com/~ubuntu-security/cve/pkg/libjboss-cache3-java.html | 16:50 |
| jdstrand | http://people.canonical.com/~ubuntu-security/cve/pkg/jplayer.html | 16:50 |
| jdstrand | http://people.canonical.com/~ubuntu-security/cve/pkg/djbdns.html | 16:50 |
| jdstrand | http://people.canonical.com/~ubuntu-security/cve/pkg/pen.html | 16:50 |
| jdstrand | [TOPIC] Miscellaneous and Questions | 16:50 |
| === meetingology changed the topic of #ubuntu-meeting to: Miscellaneous and Questions | ||
| jdstrand | I had one question | 16:50 |
| jdstrand | someone reported this denial to me in #ubuntu-devel: [13395.573516] type=1400 audit(1396873920.517:120): apparmor="DENIED" operation="file_inherit" profile="/usr/lib/NetworkManager/nm-dhcp-client.action" name="/var/lib/NetworkManager/dhclient-9a71cfcd-ec48-4ea2-9a72-928b504f7429-usb0.lease" pid=1168 comm="nm-dhcp-client." requested_mask="r" denied_mask="r" fsuid=0 ouid=0 | 16:51 |
| jdstrand | this requred /usr/lib/NetworkManager/nm-dhcp-client.action {} to need a new rule: | 16:51 |
| jdstrand | /var/lib/NetworkManager/*lease r, | 16:51 |
| jdstrand | someone in the #apparmor channel over the weekend saw something similar | 16:52 |
| jdstrand | and then I saw it this morning with my chromium-browser profile | 16:52 |
| jdstrand | it is my understanding that this was intentional, related to file delegation and that maybe at some point we want to make this configurable | 16:53 |
| jdstrand | I have some concerns that this is turned on atm. I didn't see it in any of the rather significant testing we did over the past weeks | 16:54 |
| jdstrand | is this from a new patch to the kernel? | 16:54 |
| sbeattie | ah, hrm, I hadn't seen that before either. | 16:54 |
| sbeattie | I'm not aware of it being a new patch, but jj is the one to answer that for sure. | 16:54 |
| tyhicks | a quick git blame points at "apparmor: revalidate open files at exec time" | 16:55 |
| tyhicks | it is one of the last few patches in jj's patch set | 16:55 |
| jdstrand | so that is in the kernels we tested | 16:55 |
| jdstrand | hmm | 16:56 |
| jdstrand | I find it really odd that I didn't see the nm one | 16:56 |
| tyhicks | I never saw it, either | 16:56 |
| sarnold | iirc this revalidation should only occur when a confined profile hands a fd across an exec to a different domain | 16:56 |
| tyhicks | it is due to fd's not being closed (or intentionally being passed) across exec | 16:56 |
| tyhicks | so there may be some paths in nm that close the fds and some that don't?? | 16:57 |
| sarnold | I believe unconfined -> exec -> confined is probably still not validated | 16:57 |
| jdstrand | sarnold: right that was my understanding too. nm ships 3 different profiles | 16:57 |
| jdstrand | sarnold: that is consistent with what I've seen and what was reported in #apparmor | 16:58 |
| sarnold | jdstrand: I -think- the revalidation used to occur at read() time (perhaps 'back in the day') -- this might have moved it forward to exec time to better label fds | 16:59 |
| jdstrand | I guess sanitized helper won't be affected cause if its wide file access (/** rwkl,) | 16:59 |
| jdstrand | but I worry about evince | 17:00 |
| jdstrand | I guess we can just keep an eye on it | 17:00 |
| jdstrand | what do other people think? | 17:00 |
| tyhicks | jdstrand: I did a `dmesg -C && sudo ./test-evince.py -v && dmesg | grep DENIED` and didn't see any denials | 17:00 |
| jdstrand | tyhicks: right, but I think if this occurs it will be less direct than that. eg, firefox opening evince, eveince opening firefox, etc | 17:01 |
| tyhicks | jdstrand: firefox opening evince does happen in test-evince.py, but I'm not sure about evince opening firefox | 17:02 |
| jdstrand | tyhicks: right, but in that test, firefox isn't confined, is it | 17:02 |
| jdstrand | ? | 17:02 |
| tyhicks | ah | 17:02 |
| tyhicks | probably not | 17:02 |
| tyhicks | good point | 17:02 |
| jdstrand | well, possibly good point. I don't know if it is a problem or now-- I was just surprised by these denials | 17:03 |
| jdstrand | s/now/not/ | 17:03 |
| tyhicks | yeah, I wasn't looking for delegation denials during my testing | 17:04 |
| jdstrand | me either-- I wasn't aware the patchset changed things | 17:05 |
| jdstrand | wrt delegation | 17:05 |
| jdstrand | well, anyway, I guess we can just keep an eye on it | 17:06 |
| jdstrand | Does anyone have any other questions or items to discuss? | 17:06 |
| * sbeattie takes a note to make sure delegation is exercised in the regression tests | 17:07 | |
| jdstrand | sbeattie: thanks | 17:08 |
| jdstrand | mdeslaur, sbeattie, tyhicks, sarnold, chrisccoulson: thanks! | 17:14 |
| jdstrand | #endmeeting | 17:14 |
| === meetingology changed the topic of #ubuntu-meeting to: Ubuntu Meeting Grounds | Calendar/Scheduled meetings: http://fridge.ubuntu.com/calendar | Logs: https://wiki.ubuntu.com/MeetingLogs | Meetingology documentation: https://wiki.ubuntu.com/meetingology | ||
| meetingology | Meeting ended Mon Apr 7 17:14:12 2014 UTC. | 17:14 |
| meetingology | Minutes: http://ubottu.com/meetingology/logs/ubuntu-meeting/2014/ubuntu-meeting.2014-04-07-16.36.moin.txt | 17:14 |
| mdeslaur | thanks jdstrand! | 17:14 |
| sbeattie | jdstrand: thank you! | 17:14 |
| sarnold | thanks jdstrand | 17:15 |
| === vladk is now known as vladk|offline | ||
| === ubott2 is now known as ubottu | ||
| === Ursinha_ is now known as Ursinha | ||
| === zoktar_ is now known as zoktar | ||
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!