CoredevApplication

Revision 27 as of 2017-11-27 14:08:53

Clear message


WORK IN PROGRESS


I, Andreas Hasenack, apply for Ubuntu Server Developer

Name

Andreas Hasenack

Launchpad Page

http://launchpad.net/~ahasenack

Wiki Page

https://wiki.ubuntu.com/AndreasHasenack

Who I am

I graduated in Electrical Engineering. Worked for a few years in a company in the aerospace industry, but in the civilian area, in a project about installing "black boxes" in trucks and buses to monitor several driving and engine parameters. I then came in contact with a customer who had a nice "intranet" (that's what it was called back then), with internal web sites and a big database backend (oracle). We had to do some development for them, but didn't have access to Oracle, and someone told me that I should try this thing called "linux", "postgresql" and "apache". I did, then installed it at home, and never looked back.

In 1998 I took a post-grad specialization course in the University (a degree higher than graduation, but below masters) in computer networks and went to work for Conectiva, the Brazilian Linux distribution, nowadays called Mandriva, where I stayed until 2008 doing lots of packaging work (RPM) and consulting for enterprise customers in the server area. My main area of expertise was email, authentication (kerberos, pam) and LDAP, and I also spent about half the time working in Conectiva's security team and doing security updates for the distro.

My Ubuntu story

Tell us how and when you got involved, what you liked working on and what you could probably do better.

My involvement

In 2008 I applied for a job in the Landscape team (https://landscape.canonical.com), and got hired as a QA engineer. I had never done any Debian packaging before, just had some ideas about how it worked, had grabbed a few packages here and there to inspect them, looked at patches, etc. apt-get wasn't a stranger, since Conectiva developed apt-rpm back in the day, and the concept of dependency resolution is the same everywhere.

Landscape has a client component, and that means a Debian package that gets installed on machines. It obviously needs to be QA'ed. So that's how I got exposed to Debian packaging "for real" that time.

In April 2017 I started working in the Ubuntu Server Team. That got me back in touch with my "Linux roots" (no pun intended) and immediately I started looking into my old friends kerberos, ldap, samba, etc and searching for bugs to fix. It is in the Ubuntu Server Team that I got introduced to the Debian Merge process, and how this team is looking into improving that process via the Git Ubuntu tooling.

Examples of my work / Things I'm proud of

My uploads. While I was working in the Landscape team, all my uploads were related to that. A clear change can be seen in May 2017 when I joined the Server Team. There were of course other bugs and fixes I worked on, but they were on the server part of Landscape which is a proprietary product. After that, we can see my tendency to work on authentication and LDAP.

  • landscape-client upload: caught a missing patch hunk (see comments #9 and #10) that prevented the fix from working. Updated the patch in my branch)

  • SRUs in general: I believe I'm good at coming up with good and simple test cases that anyone can follow by just copying and pasting commands. I really dislike SRUs whose testing section has just something like "setup an ldap server with kerberos authentication". That's way too heavy lifting for the tester. Here are some of my SRU examples:
    • SSSD: #1684295 worked with the reporter to get a crash file, then identified the issue, applied the upstream fix and came up with a much more simplified test case than the original environment. Reduced the scenario from multiple Active Directory servers to a localhost openldap instance with just a few entries and a single command to reproduce the segfault.

    • SSSD: #1664566 simple bug and fix, but testing it involves setting up SSSD with Kerberos 5, and some authorization source which is usually LDAP, but which I managed to avoid. The test case may look long, but it's detailed and has a simple step by step sequence.

    • pam-mysql: started as an "undefined symbol" bug (#1574900) which became something much more interesting (#1574911). Basically the libmysqlclient my_make_scrambled_password() function was unexported, then exported again but with different behavior. So we went from "undefined symbol" to segfaults. I came up with a patch that generates the same hash using openssl, which we already linked to. That MP also details the reasons for this approach and has detailed testing instructions, which were also used for the SRU itself.

    • libapache2-mod-auth-pgsql: #1698758 shows my approach to fixing bugs where I explain why the bug is happening and provide detailed test cases with step by step instructions to verify that the bug is fixed.

    • libvirt: #1707400 was an interesting bug to track down. It has 10 duplicates at the time of this writing and never had enough information to be properly diagnosed. I finally managed to reproduce it, and the whole story is explained in the SRU template.

    • openvpn-auth-ldap: (#1602813) two probably difficult services to setup and configure: openvpn (because of SSL certificates) and LDAP (because of, well, LDAP). This package had a segfault bug that was pretty simple to fix, but getting a simple test case up for people to validate the SRU sounded difficult. I think I managed to come up with a simple test case, though, that avoided the need of a populated LDAP server and still showed the segfault and verified that the fixed package didn't crash.

    • krb5: #1683237 was probably one of the most complex bugs to come up with a test case for. It requires setting up a kerberos and DNS server (bind9) with specific records in it. I still came up with a step by step guide, but it was quite long.

    • krb5: #1688121 had a simpler to setup test case, but a bit harder to analyze.

Areas of work

Let us know what you worked on, with which development teams / developers with whom you cooperated and how it worked out.

Things I could do better

When doing reviews, I find it hard to ask for changes when they could be seen as "nit picking". I cave in too quickly. Sometimes they are indeed "nit picking", but other times I feel like my request would improve the quality of a package or code. But then I think to myself "nah, I can do that myself later, let's unblock this MP".

Plans for the future

  • Add DEP8 tests to the packages I'm familiar with

General

What I like least in Ubuntu

Please describe what you like least in Ubuntu and what thoughts do you have about fixing it.

  • LTS bugs really pile up Sad :( I like doing SRUs, specially for LTSs, as that tells our users that we do care and we don't need them to keep updating to the latest and greatest version all the time.

  • Some packages have 3 "initscripts": sysv, upstart and systemd. Which one is used can be complicated to find out. For example, see #170312 c9 where just the "reload" action from /etc/init.d (SysV) was taken and all other actions came from systemd. That's because the systemd service file didn't define a reload method. This needs cleanup.


Comments

If you'd like to comment, but are not the applicant or a sponsor, do it here. Don't forget to sign with @SIG@.


Endorsements

As a sponsor, just copy the template below, fill it out and add it to this section.


TEMPLATE

== <SPONSORS NAME> ==
=== General feedback ===
## Please fill us in on your shared experience. (How many packages did you sponsor? How would you judge the quality? How would you describe the improvements? Do you trust the applicant?)

=== Specific Experiences of working together ===
''Please add good examples of your work together, but also cases that could have handled better.''
## Full list of sponsored packages can be generated here:
## http://ubuntu-dev.alioth.debian.org/cgi-bin/ubuntu-sponsorships.cgi?
=== Areas of Improvement ===