=== sarnold_ is now known as sarnold === pushkarnk1 is now known as pushkarnk [15:30] hiho [15:30] hi o/ [15:30] hey o/ [15:31] #startmeeting Weekly Main Inclusion Requests status [15:31] Meeting started at 15:31:10 UTC. The chair is cpaelzer. Information about MeetBot at https://wiki.ubuntu.com/meetingology [15:31] Available commands: action, commands, idea, info, link, nick [15:31] Ping for MIR meeting - didrocks joalif slyon sarnold cpaelzer jamespage ( eslerm dviererbe ) [15:31] slyon and eslerm were already saying hi - o/ [15:31] #topic current component mismatches [15:31] Mission: Identify required actions and spread the load among the teams [15:31] #link https://people.canonical.com/~ubuntu-archive/component-mismatches-proposed.svg [15:31] #link https://people.canonical.com/~ubuntu-archive/component-mismatches.svg [15:31] going to have to send my apologies - sorry [15:31] ok [15:31] we'll give you some todo then jamespage :-P [15:32] more content than last time [15:32] nullboot now shows up there [15:32] it has a case [15:32] https://bugs.launchpad.net/ubuntu/+source/nullboot/+bug/1965115 [15:32] -ubottu:#ubuntu-meeting- Launchpad bug 1965115 in nullboot (Ubuntu) "[MIR] nullboot" [Undecided, In Progress] [15:32] that is almost a year old [15:33] But other than a bit more info on testing [15:33] which now that it is meant to be used might be easier [15:33] this ought to be ready [15:33] o/ [15:33] \o/ [15:34] slyon: I think you might want to ping internally that this might be soon promoted? [15:34] yes, I'll double-check this [15:34] good morning [15:35] hi Seth o/ [15:35] I updated the bug slyon [15:35] this looks easy to be fully completed [15:35] in proposed we have more [15:35] but mostly old usual suspects [15:36] mirespace: will you let us know when libcryptx-perl is ready for now (without the algorithm that is badly implemented)? [15:36] if anyone here is curious, we found a compromise how to go on with https://bugs.launchpad.net/ubuntu/+source/libcryptx-perl/+bug/2046154 [15:36] -ubottu:#ubuntu-meeting- Launchpad bug 2046154 in libcryptx-perl (Ubuntu) "[MIR] libcryptx-perl (libmail-dkim-perl dependency)" [Undecided, New] [15:36] TL;DR get is completed (the whole stack) with all, except ed25519 [15:36] yes, I will do ... not touched since the steps sgreement, sorry [15:37] go for a ed25519 implementation as wrapper around the supported openssl [15:37] yes [15:37] and then add that to Ubuntu [15:37] next new in mismatches is "designate" [15:37] wantin python-edgegrid and ndg-httpsclient [15:37] never heard of this [15:37] I'm sure this will haunt me and it is a server package ... [15:38] oh no, it is openstack [15:38] (I'm behind in comments in the bug for libcryptx-perl, apologize, discussion looks good) [15:38] thanks eslerm [15:38] jamespage: I assume you need to pick this up later designate -> python-edgegrid and ndg-httpsclient will need to be looked at [15:39] to make a decision to promote or change dependencies [15:39] #topic New MIRs [15:39] Mission: ensure to assign all incoming reviews for fast processing [15:39] #link https://bugs.launchpad.net/ubuntu/?field.searchtext=&orderby=-date_last_updated&field.status%3Alist=NEW&field.status%3Alist=CONFIRMED&assignee_option=none&field.assignee=&field.subscriber=ubuntu-mir [15:39] wow [15:39] there are 5 new in there [15:39] cryptx goes back to mirespace until this change has happend [15:39] I'll update the bug [15:40] The rest are things we knew are coming [15:40] so I could probably take wsl-pro-service, as the others are from foundations [15:40] yeah [15:40] I could take trace-cmd [15:41] thanks assigned [15:41] but no promises it'll be ready by next week, I'm already working on another 2 mirs [15:41] yeah [15:41] fair [15:41] I'll take libtracefs [15:41] and as usual didrocks is fine to get one scheduled (at least that was the deal so far) [15:42] which I'll do with libtraceevent [15:42] TBH I'm also not yet entirely sure when I'll get to mine [15:42] surely not before Friday and even then ... [15:42] but we now have one each [15:42] and the list is drained [15:43] \o/ [15:43] BTW trace-cmd and related are part of the many MIRs to be expected that I mentioned last week [15:43] around debug/perf tooling to be available more easily [15:43] yes, there are more in the works at foundations [15:43] #topic Incomplete bugs / questions [15:43] Mission: Identify required actions and spread the load among the teams [15:43] #link https://bugs.launchpad.net/ubuntu/?field.searchtext=&orderby=-date_last_updated&field.status%3Alist=INCOMPLETE_WITH_RESPONSE&field.status%3Alist=INCOMPLETE_WITHOUT_RESPONSE&field.subscriber=ubuntu-mir [15:44] only one somewhat recent [15:44] jpeg-xl [15:44] that is yet incomplete and marked that way by jbicha [15:44] so no need to act on that for now [15:44] #topic Process/Documentation improvements [15:44] Mission: Review pending process/documentation pull-requests or issues [15:44] #link https://github.com/canonical/ubuntu-mir/pulls [15:44] #link https://github.com/canonical/ubuntu-mir/issues [15:45] as discussed I landed the PR of eslerm with slight modifications [15:45] there is a new one https://github.com/canonical/ubuntu-mir/pull/47 [15:45] -ubottu:#ubuntu-meeting- Pull 47 in canonical/ubuntu-mir "Update README.md -- security channel name" [Open] [15:45] thank you [15:45] this one is trivial - I'll merge it unless there are objections [15:45] 5 [15:45] 4 [15:45] 3 [15:45] +1 [15:45] no you have time [15:46] +1 as well [15:46] 2 [15:46] 1 [15:46] merged [15:46] #topic MIR related Security Review Queue [15:46] Mission: Check on progress, do deadlines seem doable? [15:46] Some clients can only work with one, some with the other escaping - the URLs point to the same place. [15:46] Security would like to add an apparmor profile/abstractions requirements for main [15:46] #link https://bugs.launchpad.net/~ubuntu-security/+bugs?field.searchtext=%5BMIR%5D&assignee_option=choose&field.assignee=ubuntu-security&field.bug_reporter=&field.bug_commenter=&field.subscriber=ubuntu-mir [15:46] #link https://bugs.launchpad.net/~ubuntu-security/+bugs?field.searchtext=[MIR]&assignee_option=choose&field.assignee=ubuntu-security&field.bug_reporter=&field.bug_commenter=&field.subscriber=ubuntu-mir [15:46] Internal link [15:46] - ensure your teams items are prioritized among each other as you'd expect [15:46] - ensure community requests do not get stomped by teams calling for favors too much [15:46] #link https://warthogs.atlassian.net/jira/software/c/projects/SEC/boards/594 [15:46] for apparmor profiles, we oculd put this off until after 24.04 [15:46] this has been discussed in the past [15:46] an apparmor profile will be required for authd [15:47] it was a "would be nice, but sometimes is impossibly hard" case [15:47] just like some others we had [15:47] I'm +1 on having such a rule [15:47] after all we keep having "add profiles" items every cycle [15:47] to get things added in the past isolated [15:47] but [15:47] I'd ask for some "not too easy, but there is a way out" kind of wording [15:47] if you happen to be providing the 1245676th package of the gnome stack [15:48] recently, the apparmor team has begun needing to write profiles (there is a new mandate) and it would be nice if owning or development teams owned that [15:48] then you can't be expected to be the one that makes all gnome isolated [15:48] for example [15:48] I've seen the updates on jira about adding apparmor [15:48] that type of wording works [15:48] and I smiled as - like I said - we do that almost every cycle for a while [15:48] but we had cases where you just can not predict the millions of ways something is used [15:49] so very true [15:49] I believe apparmor folks would be responsible to review, it would be reasonable [15:49] with a wording that is not too allowing but leaving a door open I'm ok [15:49] will you or the apparmor folks provide a PR on how they think [15:49] can do [15:49] we can then discuss until we reach a wording we believe that works [15:49] and the first few passing that will then tell us how possible or impossible that is [15:49] I wanted to start the discussion, and work on this mostly for 24.10 [15:50] so epxect reviewing this in a while [15:50] thank you [15:50] ack on please not being applicable to 24.04 super late [15:50] thanks for the heads up [15:50] section wise we are in security [15:50] I see the training of people worked [15:50] plenty of new faces assigned in the in-progress column [15:50] a few TODO, but nothing in the far backlog [15:51] umm [15:51] eslerm: about SEC-2671 [15:51] the LP item went to Won't Fix [15:51] and sarnold ^^ [15:52] the dependency tree has been changed, this won't be needed [15:52] should it be removed from the security board as well? [15:52] nice :) [15:52] thanks for catching that, I'll move them [15:53] thanks [15:53] #topic Any other business? [15:53] nothing in addition to the above from me [15:53] nothing [15:53] nothing [15:55] ok [15:55] then, enjoy your week! [15:55] thanks cpaelzer, all :) [15:55] #endmeeting [15:55] Meeting ended at 15:55:24 UTC. Minutes at https://ubottu.com/meetingology/logs/ubuntu-meeting/2024/ubuntu-meeting.2024-02-06-15.31.moin.txt [15:55] thanks all o/ [15:55] thanks! o/ [16:57] cpaelzer: fixed that mismatch - I was a bit over zealous in some patch housekeeping :) [17:56] hehe, thanks jamespage [22:26] hi, i have installed ubuntu dual-boot along windows 11. i deactivated security boot, and bitlocking. ubuntu seems to start up but is frozen. no software is loaded. any known solution? [22:27] mouse frozen either