=== vladk|offline is now known as vladk === vladk is now known as vladk|offline === vladk|offline is now known as vladk === vladk is now known as vladk|offline === vladk|offline is now known as vladk === zequence_ is now known as zequence === cjwatson_ is now known as cjwatson === s1aden is now known as sladen === Quintasan is now known as Doktorant_R4k === Doktorant_R4k is now known as Quintasan === brendand_ is now known as brendand === shuduo is now known as shuduo_afk [15:00] * bdmurray looks around [15:01] I believe I'm that chair today, do we take attendance first or anything? [15:02] hi [15:02] bdmurray: I think we've got quorum so it's fine to just start the meeting [15:02] * xnox O/ [15:02] Do you mind chairing in your first meeting? [15:02] The agenda from the last meeting hasn't been cleared yet, unfortunately [15:02] I think I can sort it out [15:03] \o [15:03] ok [15:03] #startmeeting Ubuntu DMB [15:03] Meeting started Mon Apr 7 15:03:16 2014 UTC. The chair is bdmurray. Information about MeetBot at http://wiki.ubuntu.com/meetingology. [15:03] Available commands: action commands idea info link nick === meetingology changed the topic of #ubuntu-meeting to: Ubuntu Meeting Grounds | Calendar/Scheduled meetings: http://fridge.ubuntu.com/calendar | Logs: https://wiki.ubuntu.com/MeetingLogs | Meetingology documentation: https://wiki.ubuntu.com/meetingology | Ubuntu DMB Meeting | Current topic: [15:03] #topic Review of previous action items === meetingology changed the topic of #ubuntu-meeting to: Ubuntu Meeting Grounds | Calendar/Scheduled meetings: http://fridge.ubuntu.com/calendar | Logs: https://wiki.ubuntu.com/MeetingLogs | Meetingology documentation: https://wiki.ubuntu.com/meetingology | Ubuntu DMB Meeting | Current topic: Review of previous action items [15:04] It doesn't look like there were any previous action items, as the one on the agenda seems to be a holdover, correct? === Darkwing_ is now known as Darkwing [15:04] No. I think at least some of that needed to be done after the last meeting. [15:04] stgraber would know if it's all done, in any case. [15:05] I think everything was done [15:05] okay, great. [15:06] moving on then [15:07] #topic Per Package Uploader Application: Benjamin Kerensa === meetingology changed the topic of #ubuntu-meeting to: Ubuntu Meeting Grounds | Calendar/Scheduled meetings: http://fridge.ubuntu.com/calendar | Logs: https://wiki.ubuntu.com/MeetingLogs | Meetingology documentation: https://wiki.ubuntu.com/meetingology | Ubuntu DMB Meeting | Current topic: Per Package Uploader Application: Benjamin Kerensa [15:08] I don't see bkerensa here, but I've pinged him. [15:08] Could swap to stokachu & come back [15:09] okay, let's do that then [15:09] #topic Ubuntu Core dev application: Adam Stokes === meetingology changed the topic of #ubuntu-meeting to: Ubuntu Meeting Grounds | Calendar/Scheduled meetings: http://fridge.ubuntu.com/calendar | Logs: https://wiki.ubuntu.com/MeetingLogs | Meetingology documentation: https://wiki.ubuntu.com/meetingology | Ubuntu DMB Meeting | Current topic: Ubuntu Core dev application: Adam Stokes [15:09] stokachu: Are you ready? [15:11] Hmm [15:12] utc/summer-time hiatus? [15:13] well, if that was the case, they'd have been here an hour ago [15:13] so probably not [15:13] * xnox ponders australia... two hours late or something like that?! [15:13] Makes it a short meeting. [15:13] they are not in southern hemispheres though, i think. [15:13] Maybe we should email candidates a reminder? [15:14] I think if they can't manage to remember, they've earned the result they get. [15:14] We can roll them over to two weeks from now. [15:14] The agenda for that meeting is empty ATM anyway. [15:15] Maybe they should be 2nd in case anybody else applies [15:15] Bit unfortunate if anyone wants to apply today for the next meeting [15:15] Ho hum [15:15] #topic AOB === meetingology changed the topic of #ubuntu-meeting to: Ubuntu Meeting Grounds | Calendar/Scheduled meetings: http://fridge.ubuntu.com/calendar | Logs: https://wiki.ubuntu.com/MeetingLogs | Meetingology documentation: https://wiki.ubuntu.com/meetingology | Ubuntu DMB Meeting | Current topic: AOB [15:15] That's what happens, I guess [15:16] Okay, is there anything else? [15:16] well if people show up in 1 hour maybe we could still reconvene... [15:16] I'm actually not working / on holiday today [15:17] and I still made it to the meeting on time ;-) [15:18] Since there's nothing else then let's wrap up the meeting. [15:18] #endmeeting === meetingology changed the topic of #ubuntu-meeting to: Ubuntu Meeting Grounds | Calendar/Scheduled meetings: http://fridge.ubuntu.com/calendar | Logs: https://wiki.ubuntu.com/MeetingLogs | Meetingology documentation: https://wiki.ubuntu.com/meetingology [15:18] Meeting ended Mon Apr 7 15:18:49 2014 UTC. [15:18] Minutes: http://ubottu.com/meetingology/logs/ubuntu-meeting/2014/ubuntu-meeting.2014-04-07-15.03.moin.txt [15:19] Intense meeting [15:21] bdmurray: excellent chairing =) [15:22] bdmurray: sorry im here [15:22] probably to late [15:22] damnit [15:23] bdmurray: Laney: ScottK: micahg: ping ^ [15:23] Still here. [15:23] Cool [15:23] Just settled down for a nap too [15:24] we are still within normal 1h slot for the meeting =) [15:24] bdrung: around? =) [15:25] I'm still here [15:26] bdmurray: restart the meeting? =) [15:26] * bdmurray looks for restart command [15:26] start it again [15:26] that was a joke ;-) [15:26] #startmeeting Ubuntu DMB [15:26] Meeting started Mon Apr 7 15:26:47 2014 UTC. The chair is bdmurray. Information about MeetBot at http://wiki.ubuntu.com/meetingology. [15:26] Available commands: action commands idea info link nick === meetingology changed the topic of #ubuntu-meeting to: Ubuntu Meeting Grounds | Calendar/Scheduled meetings: http://fridge.ubuntu.com/calendar | Logs: https://wiki.ubuntu.com/MeetingLogs | Meetingology documentation: https://wiki.ubuntu.com/meetingology | Ubuntu DMB Meeting | Current topic: [15:26] #topic Ubuntu Core dev application: Adam Stokes === meetingology changed the topic of #ubuntu-meeting to: Ubuntu Meeting Grounds | Calendar/Scheduled meetings: http://fridge.ubuntu.com/calendar | Logs: https://wiki.ubuntu.com/MeetingLogs | Meetingology documentation: https://wiki.ubuntu.com/meetingology | Ubuntu DMB Meeting | Current topic: Ubuntu Core dev application: Adam Stokes [15:26] From service manpage restart is stop, start =))))))))) [15:27] hi, thanks guys for restarting for me [15:27] stokachu: Could you introduce yourself, your work, and your application? [15:28] Hi, I've been working for Canonical doing a Sustaining Engineering role and recently moving into Solutions Engineer concentrating on juju, maas, and our most recent project cloud installer [15:28] one sec lemme get the app link [15:28] https://wiki.ubuntu.com/AdamStokes/CoreDevApplication [15:29] For those of us that don't work at Canonical, sustaining/solutions engineering doesn't mean much. [15:29] as stated in the application ive been using Ubuntu for roughly 3 years and Fedora prior to that for 7 years [15:29] Susstaining engineering revolved around maintaining the quality and stability of the existing product lines [15:30] inlucding Base OS, Kernel maintenance, and Cloud technologies such as Juju [15:30] stokachu: mostly on LTS releases only? [15:30] Sustaining rarely did new feature enhancements or new package appication [15:30] Yea our main focus was LTS releases [15:30] however when we sent a patch we did it for all supported Relesaes [15:30] releases* [15:31] In solutions engineering we are kind of a R&D department [15:31] where we work on upstream enhancements with focus in maas, juju, and hpc [15:32] Usually, people apply for MOTU, before core-dev. How it's somewhat unusual to see someone going for core-dev as their first entry point into ubuntu-dev. [15:32] as for outside of the canonical realm i've successfully submitted the package sosreport in the Debian archive via the mentors program [15:32] which was handled from scratch until upload [15:32] I am currently a Ubuntu contributing developer [15:33] ScottK: ^ [15:33] when time permits ive done package merges from debian into X ubuntu release [15:33] participated in +1 maintenance [15:34] Right, but that's not part of ubuntu-dev (that's people with upload rights) [15:34] What do you imagine you'll be mainly working on in the Ubuntu archive? [15:34] ScottK: however, I went straight from contributing developer -> core dev. So there have been cases like that before. Also looking at stokachu's upload history most of the uploads that got sponsored for him are for "main" packages. [15:34] My main focus will be our cloud products such as Maas, Juju, and Cloud installer [15:34] * Laney doesn't think going straight for core-dev is a problem in itself if there's experience and that's where the interests/intention to contribute is [15:34] curtin [15:35] Where main package contributions come into play will be against those that are depending on by the stated cloud products [15:35] dhcp, bind, etc [15:35] xnox: I know it's happened, it's just not usual. [15:36] ive worked with xnox and bdmurray on a few occasions related to packaging and userspace maintenance work [15:36] stokachu: with your change in teams and responsibilities has your focus shifted from SRUs to the development release? [15:37] bdmurray: yea my focus won't be SRU at this time [15:37] primarily due to team sizes/resources etc [15:37] CTS would still handle the SRU's for products i will directly work on [15:37] CTS? [15:37] canonical technical services [15:37] the department where Sustaining Engineering resides [15:38] ScottK: sorry i dont intentially mean to automatically assume everyone knows canonical [15:38] Let's try and make it through the rest of the meeting without any references to the Canonical org chart. [15:38] sure [15:39] What do you think of the process for landing maas/juju development efforts into Ubuntu? [15:39] They aren't in line with the rest of development processes [15:40] stokachu: your application seems to be missing the "Things I could do better" section. Is that deliberate? [15:40] As in feature freezes tend to not apply to them, however, I feel they should [15:40] bdmurray: there is a one liner which states Increase my productivity by stream lining my work items for the different projects I am involved in. [15:40] and by increasing productivity I mean adhearing to the processes defined by Ubuntu [15:41] stokachu: Feature freeze does apply. They just ignore it and ask for an FFe every time. [15:41] reduce back and forth [15:41] stokachu: MAAS & juju testing is loosely integrated with ubuntu release cycle. Past three releases co-incided with Openstack summits and there was nobody available (and had hardware) to execute end-to-end MAAS testing, and it hasn't been tested regularly during the development cycle. In your opinion, how can this be improved? [15:41] (thus critical bugs were discovered more-or-less during release weeks) [15:41] xnox: So CI is definitely a big issue in my eyes [15:42] we shouldnt be releasing products that do not 100% pass tests and have a huge percentage of coverage [15:42] Having a release schedule that's aligned to Ubuntu's would help. [15:42] For juju in particular it would be beneficial to stick to not making breaking changes in minor releases [15:42] Also maas release 1.5 which is way to close to the 14.04 release [15:43] to be audited and signed off on [15:43] released* [15:43] Making sure codebases are green before doing releases is a pet peeve of mine [15:44] But, maas and juju teams do realize the pitfalls [15:44] and are actively changing their processes and increasing testing [15:44] They are in the right direction so I strongly believe those aligned processes with Ubuntu will be seen in the near future [15:45] stokachu: ok. Slightly different question: What should one do when updating a library, that removes one function from its ABI? [15:46] xnox: ifa function is removed the symbol tables would need to be updated to reflect that [15:47] among a version bump and possible rebuilds of affected packages [15:48] * bdrung_work arrives [15:48] stokachu: how would you find out list of affected packages? [15:50] xnox: running a rdepends to see which version of the library is used [15:50] using ldd will also give you the library version used [15:50] stokachu: ok. There is also "reverse-depends" command, that I find is often faster (it uses pregenerated caches) [15:50] no more questions from me. [15:51] Does anybody else have any questions? [15:51] xnox: is that different than the rdepends argument? [15:52] apt-rdepends? [15:52] or that may be recursive [15:52] If you have a library that needs a version bump, what packaging changes are needed? [15:53] stokachu: one is local, the other one uses remote cache. Otherwise basic functionality is about the same. But each has extra features lacking in the other tool. [15:53] ah ok good t oknow [15:53] Also reverse-depends -b will give you the reverse build-deps. [15:54] ScottK: changing the SONAME and corresponding name for the binary package [15:54] call ldconfig within postinst [15:54] hm.. what else [15:55] i think those are the main things [15:55] Other than sosreport and the things related to your work, what interests in Ubuntu development do you have? [15:56] im a big fan of KDE so I'd like to be more active in that area [15:56] maybe not so much the DE portion but its applications [15:57] I also enjoy blogging and talking about products/projects in a way that can benefit small businesses [15:58] wrt juju I have a interest in the "scaling down" part of the environment [15:59] Alright, is that all the questions? [16:01] #vote Adamd Stokes for Ubuntu Core Developer [16:01] Please vote on: Adamd Stokes for Ubuntu Core Developer [16:01] Public votes can be registered by saying +1, +0 or -1 in channel, (for private voting, private message me with 'vote +1/-1/+0 #channelname) [16:02] +1 [16:02] +1 received from xnox [16:02] +0 #clearly knows a lot, but straight to core-dev is a big jump - I would be more comfortable starting with PPU or maybe server dev. [16:02] +0 #clearly knows a lot, but straight to core-dev is a big jump - I would be more comfortable starting with PPU or maybe server dev. received from ScottK [16:02] +1 [16:02] +1 received from Laney [16:02] +1 [16:02] +1 received from stgraber [16:02] +1 [16:02] +1 received from bdmurray [16:02] micahg: bdrung [16:03] i still have to catch up. [16:03] ok, well no need anyway :-) [16:04] micahg had tentative +0 [16:05] #endvote [16:05] Voting ended on: Adamd Stokes for Ubuntu Core Developer [16:05] Votes for:4 Votes against:0 Abstentions:1 [16:05] Motion carried [16:05] sweet! [16:05] bdmurray: just noticed Adamd Stokes :) [16:05] well done ;-) [16:06] congrats [16:06] stokachu: sorry about that typo [16:07] bdmurray: its cool man [16:07] micahg: ScottK, promise not to let you down :) [16:07] stokachu: =) congrats. [16:07] thanks everyone :) [16:07] Okay, we already handled AOB in the previous meeting ;-) so I guess that's a wrap. [16:08] thanks again for your time and restarting the meeting [16:08] stokachu: congrats! [16:08] stokachu: The main thing is to ask when you're not sure. Core-dev means you have more ability to break things, it doesn't mean you're expected to know it all. [16:08] ScottK: i will definitely do that [16:08] stgraber: thanks! [16:08] The breaking part or the asking part? [16:08] #endmeeting === meetingology changed the topic of #ubuntu-meeting to: Ubuntu Meeting Grounds | Calendar/Scheduled meetings: http://fridge.ubuntu.com/calendar | Logs: https://wiki.ubuntu.com/MeetingLogs | Meetingology documentation: https://wiki.ubuntu.com/meetingology [16:08] Meeting ended Mon Apr 7 16:08:42 2014 UTC. [16:08] Minutes: http://ubottu.com/meetingology/logs/ubuntu-meeting/2014/ubuntu-meeting.2014-04-07-15.26.moin.txt [16:08] ;-) [16:08] stokachu: https://wiki.ubuntu.com/MOTU/New [16:09] might be useful, please add new tips that you come up with [16:10] bdmurray: now the joy of post meeting tasks [16:30] jdstrand: ping, mind a quick PM? [16:31] jose: I am about to step into a meeting. feel free to privmsg me, I read backscroll [16:31] thanks [16:35] \o [16:35] o/ [16:35] hello [16:36] hi! [16:36] #startmeeting [16:36] Meeting started Mon Apr 7 16:36:06 2014 UTC. The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology. [16:36] Available commands: action commands idea info link nick [16:36] The meeting agenda can be found at: [16:36] [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting [16:36] [TOPIC] Announcements === meetingology changed the topic of #ubuntu-meeting to: Announcements [16:36] apparmor ptrace and signal mediation has landed on desktop and server. Touch images have the userspace and should have kernel updates next week. For anyone seeing apparmor denials in distro/click policy, please file bugs [16:36] oxide is now in main and in use on the touch images [16:37] [TOPIC] Weekly stand-up report === meetingology changed the topic of #ubuntu-meeting to: Weekly stand-up report [16:37] I'll go first [16:37] I'm in the happy place this week [16:37] I will be publishing the openjdk-6 update today [16:37] I'm also working with phonedations on the media-hub landing (apparmor policy updates) [16:38] and will be working on scopes apparmor policy this week [16:38] I have other updates assigned to me that I plan on picking up again [16:38] mdeslaur: you're up [16:38] I'm on triage this week [16:39] just published a couple of updates, and have some more in the PPA to test and release [16:39] the cve list is growing, so I'll be poking at that too [16:39] and I'm off on friday [16:39] that's it for me, sbeattie, you're up [16:39] I'm on apparmor again this week [16:40] I'm finishing up reviewing the user spaces patches for ptrace signals, to get them landed upstream. [16:40] As well as writing additional test cases for them. [16:41] I know jj made a couple of commits over the weekend, which caused the jenkins builds to fail, so I need to see what's up with that (I suspect a couple of files got missed being added in a commit) [16:41] and I also need to finish making travel arrangements for the upcoming sprint. [16:41] that's it for me [16:42] tyhicks: you're up [16:42] I'm currently working on fixing up some lightdm guest session denials [16:42] one is a new denial from the signals/ptrace ffe and the rest are pre-existing denials [16:43] I also need to do a small followup patch, at cboltz's request, around the aa.py test cases that I added [16:43] then I'm going to get caught up on what's been happening around kdbus LSM integration [16:43] I also need to book sprint travel [16:43] that's it for me [16:44] jj is out today [16:44] sarnold: that means you're up [16:44] I'm on community this week [16:44] I believe there is only one outstanding MIR left, glusterfs, to finish up this week [16:45] I want to upgrade to trusty before release, it'd be nice to participate in a pre-release circus :) [16:45] there's plenty of apparmor patches outstanding, I'd like to review some of those and get them checked in [16:45] +1 [16:46] and I haven't yet bookde sprint travel, so that'll be this week :) [16:46] I think that's me this week, chrisccoulson? :) [16:46] tyhicks: re pre-existing-- I'm not sure you have to fix everything up. I think there are several things that may have been left out on purpose [16:47] hi :) [16:47] jdstrand: I'll be sure to pass everything by you [16:47] sarnold: geez, might as well wait an extra couple of weeks and directly upgrade to U :P [16:47] right now, i'm fixing bug 1301341 [16:47] bug 1301341 in webbrowser-app "grooveshark playback has stopped functioning" [Undecided,Confirmed] https://launchpad.net/bugs/1301341 [16:47] i'm going to do another upload of oxide later with some other stuff in (file picker support) [16:48] mdeslaur :) [16:48] but other than that, i shall be mostly working on https://bugs.launchpad.net/oxide/ ;) [16:48] chrisccoulson: fyi, oxide got promoted this morning [16:49] i've got another update to do this week as well [16:49] jdstrand, thanks [16:49] i think that's me done [16:49] [TOPIC] Highlighted packages === meetingology changed the topic of #ubuntu-meeting to: Highlighted packages [16:49] The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. [16:49] See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. [16:50] http://people.canonical.com/~ubuntu-security/cve/pkg/gallery2.html [16:50] http://people.canonical.com/~ubuntu-security/cve/pkg/libjboss-cache3-java.html [16:50] http://people.canonical.com/~ubuntu-security/cve/pkg/jplayer.html [16:50] http://people.canonical.com/~ubuntu-security/cve/pkg/djbdns.html [16:50] http://people.canonical.com/~ubuntu-security/cve/pkg/pen.html [16:50] [TOPIC] Miscellaneous and Questions === meetingology changed the topic of #ubuntu-meeting to: Miscellaneous and Questions [16:50] I had one question [16:51] someone reported this denial to me in #ubuntu-devel: [13395.573516] type=1400 audit(1396873920.517:120): apparmor="DENIED" operation="file_inherit" profile="/usr/lib/NetworkManager/nm-dhcp-client.action" name="/var/lib/NetworkManager/dhclient-9a71cfcd-ec48-4ea2-9a72-928b504f7429-usb0.lease" pid=1168 comm="nm-dhcp-client." requested_mask="r" denied_mask="r" fsuid=0 ouid=0 [16:51] this requred /usr/lib/NetworkManager/nm-dhcp-client.action {} to need a new rule: [16:51] /var/lib/NetworkManager/*lease r, [16:52] someone in the #apparmor channel over the weekend saw something similar [16:52] and then I saw it this morning with my chromium-browser profile [16:53] it is my understanding that this was intentional, related to file delegation and that maybe at some point we want to make this configurable [16:54] I have some concerns that this is turned on atm. I didn't see it in any of the rather significant testing we did over the past weeks [16:54] is this from a new patch to the kernel? [16:54] ah, hrm, I hadn't seen that before either. [16:54] I'm not aware of it being a new patch, but jj is the one to answer that for sure. [16:55] a quick git blame points at "apparmor: revalidate open files at exec time" [16:55] it is one of the last few patches in jj's patch set [16:55] so that is in the kernels we tested [16:56] hmm [16:56] I find it really odd that I didn't see the nm one [16:56] I never saw it, either [16:56] iirc this revalidation should only occur when a confined profile hands a fd across an exec to a different domain [16:56] it is due to fd's not being closed (or intentionally being passed) across exec [16:57] so there may be some paths in nm that close the fds and some that don't?? [16:57] I believe unconfined -> exec -> confined is probably still not validated [16:57] sarnold: right that was my understanding too. nm ships 3 different profiles [16:58] sarnold: that is consistent with what I've seen and what was reported in #apparmor [16:59] jdstrand: I -think- the revalidation used to occur at read() time (perhaps 'back in the day') -- this might have moved it forward to exec time to better label fds [16:59] I guess sanitized helper won't be affected cause if its wide file access (/** rwkl,) [17:00] but I worry about evince [17:00] I guess we can just keep an eye on it [17:00] what do other people think? [17:00] jdstrand: I did a `dmesg -C && sudo ./test-evince.py -v && dmesg | grep DENIED` and didn't see any denials [17:01] tyhicks: right, but I think if this occurs it will be less direct than that. eg, firefox opening evince, eveince opening firefox, etc [17:02] jdstrand: firefox opening evince does happen in test-evince.py, but I'm not sure about evince opening firefox [17:02] tyhicks: right, but in that test, firefox isn't confined, is it [17:02] ? [17:02] ah [17:02] probably not [17:02] good point [17:03] well, possibly good point. I don't know if it is a problem or now-- I was just surprised by these denials [17:03] s/now/not/ [17:04] yeah, I wasn't looking for delegation denials during my testing [17:05] me either-- I wasn't aware the patchset changed things [17:05] wrt delegation [17:06] well, anyway, I guess we can just keep an eye on it [17:06] Does anyone have any other questions or items to discuss? [17:07] * sbeattie takes a note to make sure delegation is exercised in the regression tests [17:08] sbeattie: thanks [17:14] mdeslaur, sbeattie, tyhicks, sarnold, chrisccoulson: thanks! [17:14] #endmeeting === meetingology changed the topic of #ubuntu-meeting to: Ubuntu Meeting Grounds | Calendar/Scheduled meetings: http://fridge.ubuntu.com/calendar | Logs: https://wiki.ubuntu.com/MeetingLogs | Meetingology documentation: https://wiki.ubuntu.com/meetingology [17:14] Meeting ended Mon Apr 7 17:14:12 2014 UTC. [17:14] Minutes: http://ubottu.com/meetingology/logs/ubuntu-meeting/2014/ubuntu-meeting.2014-04-07-16.36.moin.txt [17:14] thanks jdstrand! [17:14] jdstrand: thank you! [17:15] thanks jdstrand === vladk is now known as vladk|offline === ubott2 is now known as ubottu === Ursinha_ is now known as Ursinha === zoktar_ is now known as zoktar