/srv/irclogs.ubuntu.com/2016/04/26/#ubuntu-meeting-2.txt

infinityAgenda says I'm the chair, but it also says the meeting is two weeks ago.  Did I forget to update the wiki, or did I forget to attend?15:57
slangasekI don't think two weeks ago counted as a meeting15:58
slangasekyou can have a mulligan15:58
infinityHaving a quick "break" before we start.15:58
mdeslaur\o15:58
mdeslaurhi kees15:59
keeshola!16:00
infinity#startmeeting Tech Booooooooard!16:00
meetingologyMeeting started Tue Apr 26 16:00:53 2016 UTC.  The chair is infinity. Information about MeetBot at http://wiki.ubuntu.com/meetingology.16:00
meetingologyAvailable commands: action commands idea info link nick16:00
infinity#topic Action (action, ACTION, this Sunday only!) review16:01
infinityWe'll start with mine.  maas stuff still not done.  docker is in progress, discussion about TB size is completed and Mark's response was "do what you think is best", so I think we're down to 5.  I'll inform dholbach so he doesn't announce 6 winners.16:02
infinityslangasek: juju SRU?16:02
slangasekthat's juju SRU exception documentation, yes? carry over16:03
infinityCarried.16:03
slangasekon the subject of maas sru, we have https://bugs.launchpad.net/ubuntu/+source/maas/+bug/1509147 now16:03
infinity#topic mailing list review16:03
infinityslangasek: Yup.  With release behind me, I'll tackle MAAS stuff and make some sense of it.16:04
infinityMailing list seems full of resolved issues and election things, nothing interesting.16:04
infinity#topic community bugs16:04
infinityNein.16:04
infinityNada.16:05
infinityZip.16:05
infinity#topic next chair16:05
infinityNext chair is a mystery, as the election should be done by then, but assuming we get reelected, it's kees.16:05
slangasekfwiw the "resolution" of the request for php7.0 mre was to punt it to the sru team, who have no formal meetings or clear process for getting these things done16:05
stgraberinfinity: election is over, we are all re-elected16:05
slangasekso while the TB has delegated that back to the SRU team, I'm not sure it hasn't left Nish in limbo16:05
infinitystgraber: Oh.  Did I miss the mail?16:05
stgraberinfinity: so new TB is same as old TB, minus pitti16:05
slangasekinfinity: apparently :)16:06
stgraberour membership has been renewed on LP till May 201816:06
* infinity wonders where that email went.16:06
keesyay chairing16:06
slangasektechnical-board@lists.ubuntu.com16:06
infinityNot to u-d-a or tb...16:06
infinityOh.16:07
infinityAttached to an old thread.16:07
infinityNaughty.16:07
infinityWell, congrats us!16:07
infinityNext chair is kees, then. :P16:07
mdeslaurhehe16:07
keeswoo!16:07
infinityWith Marc backup.16:07
mdeslaurack16:07
slangasekyes, it was a surprising result from a dark horse candidate16:08
infinity#topic AOB16:08
slangasekyes AOB16:08
slangasekI think I suggested last time that we should double-check post-election that this meeting time is still good for the board16:08
infinitySo, since we have a renewed term, anyone have AOAOB to discuss?  Plans?16:08
mdeslaurnot sure if this is tech board worthy, but I'd like to discuss what the output of ubuntu-support-status should be16:09
infinityIt's the same board, minus pitti, though I think pitti was the reason we had this specific time.16:09
infinityFWIW, I'm used to this time now, and changing will confuse me. :P16:09
keesstgraber: what's your TZ?16:09
stgraberthis time works fine for me, but I'd be happy to move it later if it helps some folks16:09
infinitykees: He's eastern, except when not.16:09
stgraberkees: eastern16:09
stgrabereastern but working pacific-ish hours usually16:09
keesi'm ok keeping this, but ok to move too16:09
slangasekinfinity: yes, and we have not had perfect attendance at this time slot16:09
infinityThe entire board is between pacific and eastern now.16:10
infinitySo we could certainly move it a bit.16:10
mdeslaurthis meeting is during my usual lunch hour, but I don't mind keeping it or moving it16:10
infinityWell, we all sound pretty wishy-washy. :)16:10
slangasekI'm fine either way; just wanted to raise the question because I wasn't sure the time was working for everyone else16:10
infinityWould we prefer easten afternoon to make it later for Pacific/Mountain?16:11
keesdeadlocked already!16:11
slangasekdoes anyone care about the time enough to run a doodle poll?16:11
stgraberwe could push it by a couple of hours16:11
infinityI prefer morning meetings so they don't break up my day, but then I run the risk of missing them when I've had an insomniac night.  *shrug*16:11
infinityBasically, I can't win. :P16:11
infinitySo, I leave it to the PST/EST people to fight out, if they care enough to do so.16:12
slangasekdoes anyone care about the time enough to run a doodle poll?16:12
slangasekif not then the meeting can stay where it is16:12
mdeslaurit can stay16:12
stgraberI don't :)16:12
infinity#vote does anyone care?16:12
meetingologyPlease vote on: does anyone care?16:12
meetingologyPublic votes can be registered by saying +1, +0 or -1 in channel, (for private voting, private message me with 'vote +1/-1/+0 #channelname)16:12
slangasekthough if we moved the meeting, we might manage to get rid of that -2 suffix on the channel ;)16:12
infinity-116:12
meetingology-1 received from infinity16:12
slangasek+016:12
meetingology+0 received from slangasek16:12
stgraber-116:12
meetingology-1 received from stgraber16:12
mdeslaur+016:12
meetingology+0 received from mdeslaur16:12
infinitykees: Register carefactor? :P16:13
kees-116:13
meetingology-1 received from kees16:13
infinity#endvote16:13
meetingologyVoting ended on: does anyone care?16:13
meetingologyVotes for:0 Votes against:3 Abstentions:216:13
meetingologyMotion denied16:13
infinityThe motion to not care carries.16:13
mdeslaurlaziness prevails16:14
mdeslaur:)16:14
infinitymdeslaur: So, support-status....16:14
infinitymdeslaur: Retroactively fixing this is hard and potentially harmful (requires careful diffing of the archive when we ever do anything stupid like republish the release pocket).16:14
infinityBut we could, if there was enough pressure to do so.16:14
infinityWe could also band-aid it by making the tool just do an "if in main == status == same_as_base-files" or something. :P16:15
infinityIf the tool is deemed the "correct" way for people to determine status.16:15
mdeslaurI was thinking of just doing main/universe for < xenial, and for xenial doing if main == same_as_base-files16:16
slangasekI certainly don't consider it deprecated, in spite of the unfortunate bit-rotting that had happening16:16
slangasekhappened16:16
kees(i thought my delegates would handle that that vote)16:16
mdeslaurI don't think the seeds were accurate for precise to trusty16:17
mdeslaursorry, precise to wily16:17
infinitymdeslaur: So, it's called UBUNTU-support-status, not CANONICAL-support-status, thus yor main/universe split isn't correct.16:17
infinityMaybe we should determine what the tool's actually supposed to tell people.16:17
keesdidn't we just create a manual file back in dapper time?16:17
mdeslaurinfinity: right, but do you want to republish the stable releases?16:17
mdeslauror, alternatively, we could bundle a manual file with the tool for the stable releases16:17
infinitymdeslaur: My point was that lots of stuff in universe for precise/trusty (correctly) lists itself as supported due to flavour LTSes.16:17
slangasekinfinity: per my comment on thread, I don't think letting flavors claim LTS "support" without any sort of CVE tracking is particularly honest16:18
mdeslaurinfinity: yes, but I don't think the seeds are right16:18
infinitySure they are.16:18
infinityThe seeds are correct, it's how we're interpreting them in LP that isn't what you expect.16:18
mdeslauryes, that's what I meant16:18
mdeslauryou're nitpicking :)16:18
mdeslaurok, let me investigate and I'll come up with a proposal16:19
infinityFWIW, this is the current logic: http://bazaar.launchpad.net/~ubuntu-archive/ubuntu-archive-publishing/trunk/view/head:/scripts/maintenance-check.py16:19
mdeslaurslangasek: we did have a web page that tracked cves for flavour supported packages...I don't know if it's still alive though16:19
infinitySo, you can see we pick up desktop, server, and some supported seeds.  The bug is that we don't take *all* supported seeds (hence, we don't get all of main).16:20
mdeslaurwhich we should16:20
infinityThe universe bits are accurate, it's just main that isn't, due to some confusion about the desktop/server split meaning that !desktop and !server got short times.16:20
infinitymdeslaur: Anyhow, I'm not against republishing xenial-release if we have to.  It just requires great care.  I will flat out refuse to republish precise or trusty, though, so those would need some tool hackery to be "good enough".16:21
mdeslaurinfinity: let's say we fix that, is it worth republishing the release pocket, or should we just bundle a static list with the tool16:21
mdeslaurso you'd be ok with xenial-release, but for earlier we hack the tools, that's fine by me16:22
slangasekinfinity: let's ignore precise+trusty for now; I'm not sure the tool *runs* in all of those releases16:22
slangasek(that's how bad the bit rot was)16:22
mdeslaurthe nginx thread was trusty16:22
infinityslangasek: The original archive reorg plan had a way to designate *who* support came from, which would (somewhat) mitigate your concern, as people can adjust expectations based on "community" versus "canonical", but with the current setup, we can't do much be keep it muddy.16:22
infinitys/be keep/but keep/16:23
infinityIt may be slightly dishonest to claim lxde has 3y support when it's not the same support we provide for glibc, but it's equally dishonest to claim it's not supported when they committed to supporting it, so it's rock meets hard place.16:23
slangasekinfinity: well, as the TB what we can do is insist that flavors actually provide support in the way we mean it before granting them LTS status16:23
infinityslangasek: Sure, that's not unreasonable.16:24
slangasekwhich we have not done up to this point, at least for the meaning of support that I consider relevant16:24
mdeslaurwhen we say "9m" support for everything in universe that nobody has commited to supporting, isn't that a lie?16:24
slangasekI'm not asking to readjudicate all of that for 16.04, but I think we should put out a clearer standard for future LTS16:24
infinitymdeslaur: I know the CVE tracker needs a lot of manual garndening.  Is there a way to run it in a "good enough" mode for !canonical-supported stuff that just does an okay job of importing things, ish? :P16:24
infinitymdeslaur: So it's not extra workload for you, but the community people have a place to look?16:25
slangasekmdeslaur: sure, maybe unseeded should be 0 instead of 9?16:25
mdeslaurinfinity: we did have a web page for flavours, let me figure out what happened to it16:25
infinityunseeded is 0.16:25
mdeslaurslangasek: that's kind of what I'm thinking16:25
infinitymdeslaur: It would be a lie if that were the case, but it's not.16:25
slangasekinfinity: ah, ok16:26
stgraberwell, it's not 0, it's just not set (no Supported field), maybe we should actually set it to 0 too16:26
infinity(xenial-amd64)root@nosferatu:/home/adconrad# apt-cache show libc6 | grep ^Sup16:26
infinitySupported: 5y16:26
slangasekin that case, 9m for flavor-seeded-but-no-track-record-of-doing-security-support is probably an ok compromise16:26
infinity(xenial-amd64)root@nosferatu:/home/adconrad# apt-cache show thunar | grep ^Sup16:26
infinitySupported: 3y16:26
infinity(xenial-amd64)root@nosferatu:/home/adconrad# apt-cache show lazarus | grep ^Sup16:26
infinity(xenial-amd64)root@nosferatu:/home/adconrad#16:26
stgraberor "Supported: not"16:27
infinityWe could fill in the field, sure.  Empty == 0 historically, but meh.16:27
mdeslaurare flavours that didn't apply for lts actually supporting stuff for 9m?16:27
infinityThat's more bikeshedding than fixing any real problem, I think.16:27
slangasekagreed, -1 to bikeshedding16:27
infinitymdeslaur: There are no non-lts flavours.16:27
infinitymdeslaur: Anything you see with "9m" is due to the misfeature we're discussing, not flavours.16:28
infinitymdeslaur: Basically, it's listed in a supported seed that we don't consider for LTS length.16:28
infinityhttp://bazaar.launchpad.net/~ubuntu-archive/ubuntu-archive-publishing/trunk/view/head:/scripts/maintenance-check.py#L3616:29
infinityThose lists there are the ones that get LTS length.16:29
infinityAny other supported seeds are 9m.16:29
infinityThat's the bit we'd fix if we were to republish.16:29
infinityIt's a two-line change or so to get all of main in.16:29
mdeslaurSUPPORTED_SEEDS = ["all"]16:29
infinityYeah, SUPPORTED_SEEDS ends up being 9m.16:30
mdeslaurwho supports the supported seeds that aren't flavours, and aren't main16:30
slangasekmdeslaur: there's no such thing?16:30
slangasekseeds are in main, or they're flavors16:30
slangasekmore precisely: seeds are the definition of the products, including the community flavors; and some of those seeds are also defined as main16:31
mdeslaurbut xenial universe is chock full of 9m16:31
infinitySo, I can whip up a change on dogfood for people to see what this would look like if I pull all the ubuntu/main seeds in.16:31
slangasekcurious16:31
mdeslaurwho's supporting those packages in xenial universe for 9m16:31
slangasekinfinity: does maintenance-check follow build-deps?16:31
slangasekthis could be fallout from archive reorg16:31
infinityslangasek: Oh, hrm.  It might.16:31
infinityThough it shouldn't.16:32
infinityOh.16:32
infinityBalls.16:32
infinityNo.16:32
infinityfollowing build-deps is a seed property.16:32
infinityAnd we only turned it off in *our* seeds.16:32
infinitySo flavours will get *their* build-deps recursed.16:32
infinityDerpy McDerpface.16:32
mdeslaurhehe16:33
infinityOkay, I think we might need to fiddle with this a bit on dogfood.16:33
infinityTwiddle seeds to stop doing recursion, twiddle maint-check to include the rest of ubuntu/platform supported, and regen and see how scary the diff is.16:33
slangasekinfinity: well, the first few 9m hits I find in universe are Task: ubunutstudio-audio, plus a -dbg package.  Those seem like a different issue from build-deps16:33
infinityslangasek: The studio ones seem entirely reasonable to be 9m.  They'd be in a studio seed that isn't desktop.16:34
slangasekinfinity: why is that reasonable?16:34
infinityAnd almost everyone has bugs where they don't include a supported: ALL MY TASKS bit in STRUCTURE.16:34
mdeslaurSupported: 9m16:35
mdeslaurTask: edubuntu-desktop-gnome16:35
infinityslangasek: Reasonable given the code, not reasonable as in "that's the desired output".16:35
slangasekinfinity: yes, so my question is what's the right way to fix those, given that no-follows-build-dep doesn't change it16:35
slangasekdo we expect anything seeded by an LTS flavor to get the LTS support length, the same as we expect for main?16:36
infinityslangasek: Oh, the way to fix those studio ones is to include all their seeds in supported in STRUCTURE (and same for all flavours... Indeed, that's our correct fix too)16:36
infinityslangasek: Yeah, I think that's what we want.16:36
slangasekok; I agree16:36
slangasekdoes mdeslaur ?16:36
mdeslauryes16:36
infinityOkay, this'll take some grinding on dogfood to work out a set of changes to maint-check and seeds and see if it turns out more correct.16:37
infinityBut I can take an action to play with that.16:37
slangaseksounds good16:37
infinityAnd then we can revisit if we want to republish or mangle tools.16:37
mdeslaurinfinity: let me know when you have something to look at16:37
infinityBut I think republishing will be the right answer.16:37
mdeslaurand I can take care of the tools, whatever we ultimately decide16:38
infinitymdeslaur: I think fudging the tools for precise/trusty will be fine.  There are no LTS precise flavours left, and only a couple of LTS trusty flavours soon, so meh.16:38
infinity#action infinity to play with seed/maint-check changes on dogfood to build a new xenial release pocket for support length auditing16:39
meetingologyACTION: infinity to play with seed/maint-check changes on dogfood to build a new xenial release pocket for support length auditing16:39
mdeslaurinfinity: ok, so the main/universe tool fudge I suggested earlier for precise and trusty would be ok?16:39
infinitymdeslaur: Well, either that, or "if main, same_as_base_files" ... Then you're not demoting universe things that do claim 3/5.16:40
slangaseknow, what's the action re: making sure flavors are accountable for security updates before we declare them LTS, which I believe today they are not?16:40
infinitymdeslaur: Since this bug/misfeature doesn't mean anything is listed as too long, only too short.16:40
mdeslaurassuming the supported tags in precise/trusty universe actually make sense, I'll have to look first16:40
infinityslangasek: We ask them to be accountable, enforcing that is harder.  But feel free to take an action to follow up on tooling available and educating them about their responsibilities.16:41
slangasekinfinity: "ask them to be accountable"> nack16:41
slangasekthere needs to be a burden of evidence here16:41
infinityslangasek: Some things (like security having to go through the security team) make the process suck.  We might be able to do better there, with a community security PPA or something.16:41
mdeslaurI'll take an action to look into the web page we had that listed open CVEs by flavour16:41
slangaseko16:42
slangasekk16:42
slangasekI'm fine with the Ubuntu Security team driving that reporting16:42
infinity#action mdeslaur to look into flavour CVE tracking16:42
meetingologyACTION: mdeslaur to look into flavour CVE tracking16:42
infinityYeah, I'm fine with them driving it, as long as they don't also spend time gardening it.16:42
infinitySo, it should be mostly automagic (even if that means it has a ton of false positives)16:42
slangasekif the Security Team doesn't have the time for that, though, I would say that we would need to put it to the flavors that they need to do this themselves16:42
infinitySadly, the way it's built, there's no way to give someone, say, SSO access to NACK an invalid CVE or something.16:43
infinityBut oh well.16:43
infinityOne step at a time.16:43
mdeslaura merge proposal works fine for now16:43
infinityCheck.16:43
infinitymdeslaur: So, once we nail down the exact correct logic for maint-check, the same seed sets should be used to divvy up the flavours.16:44
infinitymdeslaur: But we're diving into implementation here, so we can talk about that sort of thing later.16:44
mdeslauryes, perfect16:44
infinityI don't disagree that the flavours have done a poor job of being "as good as Canonical's security team", but we can probably meet in the middle.  I hope.16:45
slangasekI am not asking that the flavors be "as good as Canonical's security team"16:45
slangasekI am saying we should not be rubber-stamping a 5-year LTS for a flavor when there is no committment whatsoever to provide security support16:46
stgraberinfinity: once the seeds are updated, http://people.canonical.com/~stgraber/supported-packages/lists/ should show the list of packages we expect each flavor to look at16:46
infinityslangasek: Right, I know.16:46
infinitystgraber: Oh, right.  That magic thing.  That's what Marc should be looking at.16:46
infinitystgraber: The way that's built, can you pin shared responsibility on some things (like, studio/xu both owning xfce?)16:47
stgraberthat link above shows the list of packages that are unique to a given flavor (it knows what flavor depends on what other flavor)16:47
stgraberinfinity: we could change the logic to show that, though it'd then basically be straight germinate output16:47
mdeslauroh! nice16:47
infinitystgraber: Cause studio's LTS application said they intended to help with xubuntu, rather than just rely on xubuntu fixing it all for them.16:48
infinitystgraber: Well, not all flavours should report that way.  xu/studio are special. :)16:48
stgraberinfinity: ah, then we could change their config to say that it's not based on xubuntu, which would then include the xubuntu bits in their own list of packages too16:48
infinitystgraber: Most flavours should report in the way you do already, just the stuff they're uniquely responsible for.16:48
stgraberinfinity: changed the studio config, next run will have them maintain anything that's not supported by ubuntu, so that will mean the xubuntu bits they use will show up in their list16:49
infinityPerfect.16:49
infinityOkay.  I think we've exhausted this topic from the POV of the TB meeting.16:50
infinityAnd have given ourselves more work.  So, go us.16:50
slangasek:)16:50
mdeslaurhehe16:50
infinityI think we should definitely reopen the flavour conversation with all of the flavour leads, but perhaps we should hold off until we've checked our own tooling to see if we can offer them an olive branch while also chastising them.16:51
infinityCompliment sandwich style, as it were.16:51
slangasekinfinity: reopen for 16.04?16:51
slangasekI think 16.04 is done; TB has approved these and we have to own that now16:52
infinityslangasek: Well, yes, I think we want to make sure they're accountable for 16.04 updates.16:52
slangasekbut.. - yes, that16:52
infinityslangasek: We approved it, but what we approved is them actually taking responsibility.16:52
slangasekack ;)16:52
infinityslangasek: So, we need to make sure that's meaningful.16:52
infinityTo be fair, some do alright just by virtue of pushing new upstream point releases (ie: KDE).16:52
stgraberalso note that most of them only took 3y LTS this time around which is a bit more reasonable than the 5y a bunch of them had last time around16:52
infinityOthers could use a bit more of a shove.16:52
stgraberthe exception being Kylin IIRC16:53
infinityAnd some only ship like 20 unique packages, so their burden is low.16:53
infinityYeah, kylin is the only 5y, and 99% of kylin is Ubuntu.16:53
infinityWhich is the only reason I didn't shoot them down.16:53
slangasekfair16:53
stgraberwell, they apparently will be suppporting chromium for 5 years16:53
slangasekeven 3 years needs to mean something, though16:53
stgraberbut yeah besides that one, their delta seems fine16:54
infinityslangasek: Absolutely.  My 5y/3y criteria was about overlap commitment and staffing.16:54
infinityslangasek: The responsibility within the time period is obviously the same.16:54
infinity(We talked a few flavours into dropping to 3 due to staffing)16:54
infinityAnyhow.16:54
infinityWe're about to hit meeting end time for the first time in months.16:55
infinityWhich is scary.16:55
infinityBut potentially productive?  Yay.  We did a thing.16:55
stgraberit'd have been nice to do the LTS review for flavors before release week as I expect a bunch of them would have been tweaking their seeds to reduce the number of packages they end up being responsible for16:55
infinityWell, we planned to do a thing.16:55
stgraberbut that's something we'll have to do better for 18.04...16:55
slangasekyes16:55
stgraberI'd recommend we do the flavor approval before we hit feature freeze next time, leaves them time to shuffle bits around to reduce their package list16:55
mdeslaurstgraber: +116:56
slangasekwhen all is said and done let's write that down somewhere so we remember to do it in 1.5y time ;)16:56
infinitystgraber: Yeah.  Though, for most of them, the stuff they're supporting is "their DE", and not much to drop there.16:56
infinitystudio being a whacky outlier, but they love shipping every multimedia thing ever.16:56
stgraberinfinity: well, I'd have expected kylin to ditch evolution and chromium-browser, lubuntu to notice they were supporting ltsp and some other random bits, ... we fixed a bunch of those last minute in London, would have been nice not to have to do it so late :)16:57
infinitystgraber: Oh, yes, the ltsp thing was lolz.16:57
infinityAnd I fixed a bunch of kylin stuff due to their forked seeds.16:57
* mdeslaur spits coffee at mention of chromium-browser16:57
infinityBut I think that takes us to notice, not them. :(16:57
infinitykylin's seeds have been broken for 1.5y.16:57
stgrabermdeslaur: http://people.canonical.com/~stgraber/supported-packages/lists/ubuntukylin.xenial16:57
infinityThe part where no Kylin people even seemed to notice when I fixed their seeds implies that they never would have noticed they were broken either. :P16:58
mdeslaurok, can we wrap up?16:59
stgraberinfinity: well, we should absolutely point them at those package lists before granting them LTS status and have them confirm that they will do x years maintenance on all of those, I guess at that point they'll go "wth is package XYZ in our list?" and start fixing stuff to have a more reasonable list :)16:59
infinityYes!16:59
mdeslaurnot that I don't enjoy talking with you guys :)16:59
stgraberbut anyway, that's 18.04 talks at this point16:59
infinitystgraber: Agreed.16:59
stgrabermdeslaur: getting a bit hungry? :)16:59
infinitystgraber: We probably need to document community LTS processes in general somehow, but let's leave that for another meeting.16:59
mdeslaurstgraber: and dizzy :)16:59
infinity#topic AOAOB17:00
infinityGoing once.17:00
infinityGoing twice.17:00
infinity#endmeeting17:00
meetingologyMeeting ended Tue Apr 26 17:00:19 2016 UTC.17:00
meetingologyMinutes:        http://ubottu.com/meetingology/logs/ubuntu-meeting-2/2016/ubuntu-meeting-2.2016-04-26-16.00.moin.txt17:00
slangasekthanks!17:00
mdeslaurthanks everyone!17:00
stgraberthanks!17:01

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!