20080206

This is the 18th meeting of the ServerTeam, starting at 21:06 UTC and finishing at 22:58 UTC

Agenda

  • Review ACTION points from previous meeting.
  • Bacula package inclusion/exclusion - Aaron Kincer
  • Ubuntu Developer Week - Mathias Gug

  • Review each section of the ServerTeam/Roadmap.

  • Agree on next meeting date and time.

Minutes

Review ACTION points from previous meeting

ACTION: mathiaz to send an email about the mentoring program proposal to ubuntu-server.

Bacula package inclusion/exclusion in main

mathiaz clarified that the subject of this discussion was *not* to drop bacula from the ubuntu archive, but rather if it was worth writing a MIR to get it included into main.

zul listed three points that need to be addressed in order to increase the chances of getting bacula into main:

  1. there were alot of unanswered bug reports from debian
  2. there were a couple of security updates that never got addressed
    • by the debian maintainer until recently.
  3. the number of depends it has in universe

mathiaz suggested that it may worth investing time to maintain bacula as it's a valuable backup solution for SMBs. The Debian maintainer is opened to cooperating with Ubuntu.

Point 2 refers to the fact that the default installation of bacula uses clear text password visible on the command line. It was noted that bacula supports other way to pass database credentials. This is a packaging issue that could be fixed by using a .my.cnf file for the bacula user by default.

zul listed the six build dependencies that are in universe. 2 are needed to build the bacula GUI. Some packaging work is needed to not build the GUI in the bacula package. The other problematic dependency is dbconfig, which should be dropped if bacula goes into main.

As a conclusion, it seems that there is some packaging work needed on bacula to get it ready for inclusion into main. Upstream developers were present during the meeting and showed interest in cooperating with Ubuntu.

ACTION: ivoks to look into bacula packaging issue to get it into good shape for main.

Ubuntu Developer Week

mathiaz mentioned that daniel holbach is preparing the Ubuntu Developer Week [1] and asked if the Server Team wanted to hold a session during the event.

soren already volunteered to talk about virtualization. He is in the process of defining what should be the content. Ideas and suggestions are welcomed.

mathiaz asked about running a session giving an overview of the Server Team in order to attract new contributors. ivoks suggested to present how development is done, where help is needed, what are we good at, and a list of things we wanted to do, but weren't able to accomplish due to lack of manpower. nxvl added that it would be a good moment to announce the mentoring program if it's operational by then.

[1]: https://wiki.ubuntu.com/UbuntuDeveloperWeek/Prep

ACTION: mathiaz will schedule a general session about ubuntu-server during the Ubuntu Developer week.

SNI support in Apache

mathiaz reported that enabling sni in apache requires a rebuilt of openssl, which is unlikely to happen so close to FeatureFreeze. Thus this task has been deferred to Hardy+1.

SASL integration

ivoks and lamont agreed that the way to implement SASL support is via a postinst script in the Mail Server task in tasksel.

ACTION: : ivoks to update the tasksel patch for SASL support.

ScottK is also hoping to get amavisd-new in main before FeatureFreeze and then update the Mail Server task to also install amvisd-new.

cleaning db4.{2,3,4,5} from the archive

ScottK stated that db4.2 is unlikely to get dropped from the archive in Hardy as it's still needed by openldap2.4. db{3,4,5} require less work and seem doable for Hardy. This work can be done after FeatureFreeze.

ACTION: ScottK to update the Roadmap to list db4.3, 4.4 and 4.5 as targets for archive removal.

Virtualization in Hardy

soren reported that he's worked out the last bits needed to have a feature-complete virtualization solution for Hardy (namely dnsmasq and netcat for qemu+ssh support).

mathiaz asked for more widespread testing of the virtualization stack. nijaba added that testing on VMWare ESX was also needed. thaalton said he could scheduled some tests of hardy on his VMWare ESX platform.

ACTION: tjaalton to test hardy on vmware ESX.

Windows integration

dendrobates has been packaging likewise-open and the result is available in his PPA [2]. mathiaz and zul started to review the package in order to get it included in universe, which should happen before FeatureFreeze.

[2]: https://launchpad.net/~dendrobates/+archive.

RAID1-LVM installation

ivoks mentioned that supporting raid1-lvm in the installer requires some work: getting partman-auto-raid into main and writing a recipe for it.

ACTION: ivoks to update the Roadmap wrt the RAID1-LVM installation.

State of UFW

jdstrand announced that he added ipv6 support to ufw and thus ufw is feature complete for Hardy.

DRBD in main

zul said that drbd has been included in linux-ubuntu-modules. ivoks will write the MIR for drbd-utils to get it moved into main.

Agree on next meeting date and time

Next meeting will be on Wednesday, February 13th at 21:00 UTC in #ubuntu-meeting.

IRC LOGS

  • before its mention

Started logging meeting in #ubuntu-meeting
[21:06:20] <mathiaz> So the agenda for today is: https://wiki.ubuntu.com/ServerTeam/Meeting
[21:06:35] <mathiaz> akincer: are you around for some time ?
[21:06:45] <akincer> For at least an hour
[21:06:48] <akincer> more if need be
[21:06:52] <mathiaz> akincer: ok.
[21:07:00] <mathiaz> [TOPIC] Review ACTION points from previous meeting.
[21:07:09] <mathiaz> https://wiki.ubuntu.com/MeetingLogs/Server/20080130
[21:07:41] <mathiaz> I talked with dholbach about the mentoring program
[21:08:05] <mathiaz> I was about to send an email to ubuntu-server with a proposal but it didn't reach the top of my todo list yet.
[21:08:21] <faulkes-> ok
[21:09:00] <mathiaz> I've got some ideas and will write down a proposal taking into account suggestion made by ScottK2, dholbach and other during the last meeting.
[21:09:25] <mathiaz> [ACTION] mathiaz to send an email about the mentoring program proposal to ubuntu-server
[21:10:36] <mathiaz> I think all the other actions have been done
[21:10:50] <ScottK> I need to follow up on mine
[21:10:52] <mathiaz> and their results should be discussed during this meeting
[21:11:03] <ScottK> OK. I can do it later
[21:11:22] <mathiaz> [TOPIC] Bacula package inclusion/exclusion
[21:11:32] <mathiaz> So zul sent an email to ubuntu-server about bacula.
[21:11:53] <mathiaz> zul: could you give a short list of the reason of the rejection ?
[21:12:09] <zul> sure basically there a couple of reasons
[21:12:26] <zul> 1. there were alot of unanswered bug reports from debian
[21:12:52] <zul> 2. there were a couple of security updates that never got addressed by the debian maintainer until recently
[21:13:04] <zul> 3. the number of depends it has in universe
[21:14:06] <akincer> By couple, do you mean few?
[21:14:08] <zul> to adress point #2 more in detail basically bacula uses the mysql passwords on the command line for processing data etc
[21:14:27] <akincer> Couldn't resist :)
[21:14:30] <nijaba> Aaron in ML: "isn't this a problem if and only if default and less secure (or bad) configurations are used and/or the database server powering Bacula is a shared system with non-trusted users?
[21:14:32] <nijaba> "
[21:14:59] <mathiaz> just to make things clear, the subject of this rejection is *not* to drop bacula from the ubuntu archive.
[21:15:12] <mathiaz> bacula will still be available for ubuntu users.
[21:15:21] <akincer> And my understanding is, and someone interject if it is flawed is that you only need to create a .my.cnf file to address the security issue. Couldn't be much simpler
[21:15:26] <jdstrand> zul: how are those passwords sent-- shell script?
[21:15:38] <zul> jdstrand: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=446809 for more detail
[21:15:39] <ubotu> Debian bug 446809 in bacula-director-mysql "CVE-2007-5626 unauthorized disclosure of information via clear-text passwords used in command line arguments" [Important,Open]
[21:15:54] <dendrobates> are passwords on the command line required?
[21:15:56] <dvl> no
[21:16:08] <ivoks> i think that can be overriden with better packaging
[21:16:19] <ivoks> as someone said .my.cnf
[21:16:23] <akincer> Since this is, in effect, an issue with how external programs interface with Mysql and not a product of Bacula itself, one need only read up on Mysql security to know that
[21:16:40] <jdstrand> zul: thanks
[21:17:01] <mathiaz> zul: IIUC the default installation of bacula would use clear text password
[21:17:17] <zul> correct AFAIK
[21:17:25] <dvl> mathiaz: only for database backup, not for anything else.
[21:17:33] <mathiaz> zul: so to address the security concern, the bacula package should be modified to use a different way to handle passowrd.
[21:17:41] <nijaba> is it dues to packaging or to logic?
[21:17:46] <zul> correct
[21:17:49] <nijaba> *due
[21:17:50] <ivoks> packaging
[21:17:56] <mathiaz> nijaba: it's a packaging issue.
[21:17:57] <nijaba> can we fix it?
[21:17:59] <ivoks> cause mysql knows about my.cnf
[21:18:03] <ivoks> so, why not use it?
[21:18:26] <akincer> Seems perfectly logical and prudent
[21:18:31] <ivoks> maybe generate random password, put it in bacula's home and that's it
[21:18:43] <nijaba> but in any case that leave 2 & 3. Would they be enough all by themselves
[21:18:45] <nijaba> ?
[21:18:48] <zul> basically Im looking at ways to do that
[21:18:58] <mathiaz> zul: great.
[21:19:03] <mathiaz> so about point 2
[21:19:20] <mathiaz> ah no point 2 is the security issue
[21:19:21] <nijaba> err, meant 1 & 3
[21:19:31] <mathiaz> point 1 is debian maintainer not responsive
[21:19:59] <dvl> any other option to relying upon debian packages?
[21:20:00] <mathiaz> zul: is the maintainer opened to ubuntu cooperation ?
[21:20:01] <akincer> I am not in a position to address that, is anyone else?
[21:20:07] <ScottK2> Unless someone on the team is willing to step up and really focus on this package.
[21:20:09] <zul> mathiaz: yes he is
[21:20:38] <nijaba> zul: so in what isn't he responsive?
[21:20:41] <jdstrand> 1 and 2 are linked really
[21:20:52] <zul> however since the package is in universe there hasnt been alot of interactioin between him and ubuntu developers
[21:20:53] <dendrobates> regardless, it is unlikely that this will be worked out by FF.
[21:21:34] <akincer> If I may, I believe it would be worth it. There are some very attractive features Bacula has that just work
[21:21:36] <jdstrand> it sounds like if we wanted it, it would have to basically be maintained by ubuntu until the dm became more active
[21:21:44] <mathiaz> a side question: Does MIR report need to be accepted before FF ?
[21:22:07] <mathiaz> jdstrand: I don't think that the DM is not inactive.
[21:22:16] <dendrobates> I believe so, but an exception can be requested.
[21:22:36] <mathiaz> It's just that the way he works doesn't necessarly fit the ubuntu workflow.
[21:22:51] <mathiaz> He tends to work on bugs by batch, every few months.
[21:23:23] * jdstrand equated lots of unanswered bug reports and slow security response with not super active, but doesn't know the dm of the package..
[21:23:45] <jdstrand> (or the package)
[21:23:52] <mathiaz> A point I'd like to add wrt to 1 is that bacula may be a good solution - so it may be worth taking some responsbility in maintaining the package
[21:24:19] <nijaba> mathiaz: for 5 years?
[21:24:34] <mathiaz> nijaba: it's that - or no solution at all
[21:24:35] <akincer> mathiaz: I'm an IT Manager and I can tell you that for me, it's worth it
[21:24:50] <nijaba> akincer: thanks for this... very valuable
[21:24:53] <mathiaz> nijaba: If we want to support tape backup, I don't see another package (except amanda)
[21:25:12] <ivoks> well, does anyone does any serious backup without bacula? :)
[21:25:17] <mathiaz> I've used both amanda and bacula and I was very satisfied with bacula
[21:25:20] <nijaba> what about mondo? Have not had time to look...
[21:25:24] <akincer> bacula does tapes just fine
[21:25:41] <zul> ivoks: alot of people do
[21:25:43] <mathiaz> nijaba: I'm not sure that mondo supports tape
[21:26:07] <mathiaz> zul: well - you can always write you own script with tar
[21:26:12] <ivoks> :)
[21:26:29] <dendrobates> large shops will almost always use commercial products.
[21:26:34] <mathiaz> But I think that bacula is a good solution if we want to support tapes.
[21:26:36] <zul> mathiaz: that could work ;)
[21:26:50] <nijaba> dendrobates: non FOSS oriented one, yes.
[21:26:57] <akincer> mathiaz: Nice until someone asks for a file whose name they don't quite remember nor what folder it's in
[21:27:02] <dendrobates> yes. Legato and such
[21:27:07] <soren> dendrobates: If they do so because they want to, fine. If they do it because we can't provide them with a free alternative, that makes me cry :(
[21:27:22] <nijaba> soren: thanks :)
[21:27:43] <mathiaz> akincer: you refer to tar scripts, right ?
[21:27:49] <soren> dendrobates: I see what you're saying, but if we want to change that...
[21:27:53] <akincer> yep
[21:27:55] <tjaalton> bacula seems very interesting.. saying this as one who has purchased netvault years ago :)
[21:28:15] <tjaalton> commercial ones are very expensive
[21:28:27] <dendrobates> I'm not saying we don't need a F/OSS backup solution
[21:28:37] <nijaba> I beleive we need both anyway, in the end
[21:28:48] <mathiaz> so to keep things moving, what about point 3 - number of depends in universe
[21:28:51] <mathiaz> ?
[21:28:58] <mathiaz> zul: what's the list ?
[21:29:10] <zul> mathiaz: at least 6
[21:29:11] <akincer> I have yet to find a compelling reason to use a commercial backup package over Bacula and I've worked with several
[21:29:12] <mathiaz> zul: or at least an overview
[21:29:44] <zul> dbconfig qwt libraries wdwidgets sqllite sqllite3
[21:29:57] <ivoks> mtx
[21:29:57] <zul> these are the direct ones
[21:30:04] <zul> mtx is already in main
[21:30:12] <ivoks> oh, sorry
[21:30:16] <mathiaz> akincer: agreed. My point is that point 1 could be addressed as - bacula is a good backup solution so it's worth investing time to support it and cooperate with debian.
[21:30:20] <soren> zul: sqlite3 shouldbe in main, too.
[21:30:34] <nijaba> is sqllite a hard requirement or an option?
[21:30:37] <akincer> mathiaz: Gotcha. I figured the big issue would be deps anyway
[21:30:38] <dvl> option
[21:30:41] <mathiaz> nijaba: it's an option.
[21:30:43] <soren> Oh, it's not.
[21:31:06] <dvl> sqlite is used by default if you do not select one of MySQL/PostgreSQL
[21:31:10] <soren> Ah, the source package is.
[21:31:14] <mathiaz> you need a database to run bacula - and you can use mysql, postgresql or sqlite
[21:31:18] <nijaba> so if it is an option, agin it is a packaging issue
[21:31:34] <dendrobates> If we feel that this is that important, zul could work on this and we can get an exception to get it in after FF.
[21:31:38] <mathiaz> nijaba: yes. dependencies are mostly packaging issues.
[21:31:47] <dvl> QWT is only required for the GUI part of Bacula, BAT
[21:31:55] <mathiaz> dvl: yes.
[21:32:07] <mathiaz> so the GUI portion could stay in universe.
[21:32:11] <dvl> full disclosure, I'm a Bacula developer.
[21:32:12] <mathiaz> I've never used it
[21:32:17] <akincer> and as I understand it, you can do that part on the desktop separate anyway
[21:32:24] <dvl> correct
[21:32:27] <akincer> BAT rocks
[21:33:06] <dendrobates> dvl: are you the debian mainrtainer
[21:33:06] <mathiaz> zul: wdwidgets ?
[21:33:14] <dvl> dendrobates: no
[21:33:17] <akincer> full disclosure: I invited him to make sure I didn't say something untrue
[21:33:18] <zul> mathiaz: wxwidgets2.6
[21:33:31] <mathiaz> zul: ok - that's also part of the GUI then.
[21:33:46] <mathiaz> zul: but it may be needed to build the package.
[21:33:58] <zul> correct..
[21:34:12] <zul> we need to look at it more closely
[21:34:23] <mathiaz> zul: yes
[21:34:23] <ScottK> You may have to split the source package then. I'm pretty sure you don't want wxwidgets in Main.
[21:34:30] <dendrobates> dvl: you were included on the mail exchange though. What is upstreams opinion here?
[21:34:32] <mathiaz> and for dbconfig, it should be dropped.
[21:34:38] <dvl> dendrobates: I was on that email.
[21:35:37] <dvl> dendrobates: Upsteam opinion: we're keen to work with Ubuntu, we have lots of Ubuntu users and if there's anything I can do to push/prod/poke people to do stuff, let me know. Not sure if that's the type of opinion you were asking for.
[21:35:40] <mathiaz> So it seems that point 3 could be adressed by doing some packaging work.
[21:36:07] <mathiaz> dvl: it's always good to have upstream opinions.
[21:36:14] <nijaba> anyone up for it?
[21:36:30] <mathiaz> jdstrand: do you have any question wrt to security/support for 5 years from upstream ?
[21:36:33] <dendrobates> dvl: that is the one. I wanted to know if you were willing to work with us to ensure our concerns are aleviated.
[21:36:39] <dvl> mathiaz: If there are specific things you want an opinion on, ask me a direct question. :)
[21:36:52] <jdstrand> mathiaz: I have not reviewed the package
[21:37:09] <mathiaz> jdstrand: I meant more about general policy
[21:37:10] <zul> nijaba: i guess that would be me
[21:37:12] <dvl> dendrobates: Yep, if anyone from ubuntu wants to email me directly, I can raise the issues with the rest of the Bacula team. We're an easy going lot.
[21:37:28] <jdstrand> I do have concerns about the debian maintainer not being particularly active, but interms of security updates, as long as upstream is responsive, then things should be ok
[21:37:52] <akincer> I would also add that I have yet to go to #bacula with a question that wasn't answered pretty quickly
[21:37:58] <mathiaz> dvl: how long do you tend to support an existing version ?
[21:38:00] <dvl> jdstrand: Bugs in Bacula, whether security or not, are handled pretty quickly.
[21:38:19] <nijaba> and how long for a given version?
[21:38:22] <dvl> mathiaz: We started back porting bugs some time ago, but we prefer people to upgrade if they can.
[21:38:32] <dvl> nijaba: no specific time period.
[21:38:53] <nijaba> dvl: until next version or later?
[21:39:02] <dvl> nijaba: later.
[21:39:11] <tjaalton> dvl: what about running different versions on the network, like having an older server and clients with a newer bacula
[21:39:24] <jdstrand> dvl: your bug tracking requires an account to view?
[21:39:35] <dvl> tjaalton: policy is that older clients should always work with newer servers
[21:39:47] <ralfgr> To view bug reports, you can log in as anonymous/anonymous.
[21:39:53] <tjaalton> dvl: but not the other way around?
[21:39:53] <dvl> jdstrand: anonymous/anonymous works
[21:40:15] <jdstrand> dvl: :)
[21:40:24] <dvl> tjaalton: a newer server will work with an older client so long as the server does not use the newer feature. This is under control of the sysadmin.
[21:40:47] <tjaalton> dvl: I mean a newer client with an older server :)
[21:40:55] <dvl> tjaalton: Noted. Same issue.
[21:41:01] <dvl> tjaalton: It'll work.
[21:41:06] <tjaalton> ok, cool
[21:41:22] <mathiaz> Ok. So to summarize
[21:41:34] <mathiaz> it seems that the main problems are packaging issues
[21:41:34] <dvl> tjaalton: what does not work is using a newer server with an older client and expecting the older client to understand new features.
[21:41:56] <mathiaz> rather than an architectural or logic problem.
[21:42:16] <ivoks> when is FF?
[21:42:30] <nijaba> Feb 14
[21:42:35] <nijaba> Valentine's day :)
[21:42:38] <faulkes-> excuse the question, FF?
[21:42:46] <zul> FF = feature freeze
[21:42:46] <nijaba> Feature Freeze
[21:42:52] * faulkes- nods
[21:42:53] <tjaalton> dvl: that's understandable, I was just concerned that the server usually run an older version so what would happen there
[21:42:53] <dendrobates> mathiaz: we need to ensure that security fixes will be backported for a long enough time.
[21:42:54] <faulkes-> thanks
[21:43:00] <tjaalton> +s
[21:43:37] <mathiaz> dendrobates: right.
[21:43:39] <jdstrand> dendrobates, mathiaz: fwiw, there have been 2 CVEs-- one is the command line password
[21:43:42] <akincer> Surely this can be arranged
[21:43:53] <dendrobates> last FF was my wifes birthday, she is going to think I'm making excuses.
[21:43:57] <dvl> tjaalton: usually it is the server that is upgraded more often than the client. My server is 2.2.8, my windows client is 2.0.3...
[21:44:11] <ivoks> jdstrand: that last one we can eliminate...
[21:44:21] <jdstrand> ivoks: exactly
[21:44:25] <mathiaz> so any action on this ?
[21:44:32] <akincer> dendrobates: That's why you arrange to celebrate on a different day without giving this as the reason :)
[21:44:40] <ivoks> i'll work on bacula tonight
[21:44:45] <mathiaz> someone needs to look at the packaging issues
[21:44:48] * soren hugs ivoks
[21:44:49] <ivoks> and try to fix couple of packaging bugs
[21:44:52] <dvl> ivoks: contact me here if you need anything
[21:44:54] <ivoks> including that mysql one
[21:44:57] <dvl> or dan@langille.org
[21:45:06] <dendrobates> ivoks: isn't it already night for you?
[21:45:07] <tjaalton> dvl: heh
[21:45:22] <ivoks> dendrobates: yeah, and i have exam tomorrow... but FF is to close
[21:45:29] <mathiaz> [ACTION] ivoks to look into bacula packaging issue to get it into good shape for main
[21:45:33] <dvl> tjaalton: server upgrade is just one box... people tend to lag on upgrading clients.
[21:45:44] <jdstrand> the other one was patched in 13 days of discovery (insecure temp files)
[21:45:49] <ivoks> dvl: ack
[21:45:54] <mathiaz> ivoks: I think bacula needs to be merge from debian.
[21:46:12] <zul> it does 2.2.8 is sitting there since the end of january
[21:46:14] <mathiaz> ivoks: so you could try to address the mentionned issue while doing the merge
[21:46:21] <ivoks> mathiaz: i'll take a good look at it
[21:46:31] <mathiaz> ivoks: great ! thanks
[21:46:36] <ScottK> ivoks: I'd also look to splitting the client and server into two source packages to minimize the number of build depends you need to drag into Main.
[21:46:48] * nijaba hugs ivoks
[21:47:07] <mathiaz> Let's move on.
[21:47:10] <mathiaz> [TOPIC] Ubuntu Developer Week
[21:47:11] * dendrobates gives ivoks permission to fail his exam.
[21:47:24] <soren> Ok go.
[21:47:30] <akincer> Thanks for the time everyone. I have to go do some work now
[21:47:36] <ivoks> dendrobates: woho! :)
[21:47:41] <mathiaz> As you may know, there will be a Ubuntu Developer Week soon.
[21:47:47] <mathiaz> thanks akincer
[21:48:02] <nijaba> thanks to the bacula guys :)
[21:48:07] <dvl> :)
[21:48:24] <mathiaz> so the question is whether we want to have a session specific to the server team
[21:48:33] <mathiaz> if so, what would be the content ?
[21:48:40] <nijaba> when is it?
[21:48:51] <mathiaz> the current schedule is here: https://wiki.ubuntu.com/UbuntuDeveloperWeek/Prep
[21:49:02] <mathiaz> 18/02 to 22/02
[21:49:17] <akincer> mathiaz: You're welcome
[21:50:21] <mathiaz> I wouldn't mind running a session, but I'd like to have some input on what I can talk about.
[21:50:40] <nijaba> soren: would a virtualization class be a good topic for devs?
[21:50:48] <soren> nijaba: I hope so. I scheduled one.
[21:50:53] <mathiaz> I don't think the topic should be about packaging server application.
[21:51:02] <faulkes-> well, from a content view, I'd have to ask, how familiar are people with the server side of ubuntu
[21:51:05] <nijaba> duh
[21:51:11] <sommer> mathiaz: how about upcoming features?
[21:51:15] <soren> nijaba: dendrobates promised he'd help me come up with stuff to talk about.
[21:51:20] <ivoks> maybe one about ubuntu-server in general?
[21:51:25] <ivoks> we need some publicity :)
[21:51:27] <zul> mathiaz: how about an intro to the server team
[21:51:31] <nijaba> soren: I can second him on this
[21:51:33] <faulkes-> that was my thinking
[21:51:36] <mathiaz> ivoks: right.
[21:51:46] <dendrobates> one on security would be nice.
[21:51:59] <mathiaz> about feature, I don't think it's relevant as the target audience is about potential contributors
[21:52:03] <mathiaz> it's not about users.
[21:52:16] <sommer> ah, good call
[21:52:24] <mathiaz> so presenting new features is not really the point.
[21:52:33] <mathiaz> unless to get people on board for testing.
[21:52:56] <faulkes-> well, intro to ubuntu-server, goals/objectives, team members, etc
[21:52:58] <nijaba> what about one on OpenLDAP 2.4?
[21:53:02] <mathiaz> soren: what do you plan to talk about during your virtualization session ?
[21:53:11] <ivoks> i suggest an insight in how development is done, where we need help, what are we good... it would be great if all of us could come...
[21:53:13] <mathiaz> nijaba: you mean - using it ?
[21:53:14] <soren> Don't know.
[21:53:14] <soren> 22:51:15 < soren> nijaba: dendrobates promised he'd help me come up with stuff to talk about.
[21:53:17] <soren> :)
[21:53:48] <mathiaz> soren: what about using the new virtualization stuff in hardy in your developement work ?
[21:53:58] <dendrobates> I think we need kvm testers, so one thing would be a kvm tutorial using libvirt and virtio.
[21:54:08] <boredandblogging> someone email me when plans are finalized so I can put it in the UWN
[21:54:12] <mathiaz> soren: how to use different vm to have different distro ready to use
[21:54:24] <soren> That could work.
[21:54:29] <mathiaz> soren: for bug triaging, feature development and package testing.
[21:54:37] <nijaba> we need some test on ubuntu-vm-builder as well :)
[21:54:40] <soren> Let's discuss this after the meeting. We don't want to reveal all of it now.
[21:54:43] <soren> Noone will show up.
[21:55:15] <dendrobates> boredandblogging: you want to know what our topics are?
[21:55:56] <boredandblogging> dendrobates: looking at the prep wiki page, just a paragraph summary on the purpose and who should attend would be great
[21:56:12] <nxvl_work> oh crap i forgot the meeting
[21:56:30] <mathiaz> boredandblogging: you man wanna ask dholbach about this
[21:56:42] <mathiaz> boredandblogging: he is the grand master of ceremony for the whole week
[21:57:23] <dendrobates> guys, I have to go.
[21:57:32] <ivoks> dendrobates: take care
[21:57:41] * mathiaz waves at dendrobates
[21:57:45] <soren> dendrobates: o/
[21:57:47] <dendrobates> Ok, s�t i gang!
[21:57:54] <soren> :)
[21:58:05] <faulkes-> mathiaz: how comfortable do you feel with ivoks suggested topics, I think they are fairly good ones to address
[21:58:48] <faulkes-> both from a presentation pov but also a bit of publicity to get others involved
[21:58:54] <mathiaz> faulkes-: yes - A general introduction to the server team
[21:59:12] <mathiaz> the whole point of the week is to get more people onboard.
[21:59:24] <ivoks> right
[21:59:33] <ivoks> so don't give talks about stuff we did
[21:59:39] <ivoks> but about stuff we need and didn't do
[21:59:41] <ivoks> :)
[21:59:47] <mathiaz> So my initial thoughts was to go over the GettingInvolved and Roadmpa pages and answer question
[21:59:59] <boredandblogging> mathiaz: sure, I'll email dholbach
[22:00:43] <mathiaz> And maybe by that time, we'll have something for mentoring.
[22:01:10] <nxvl_work> i think it would be a great place to introduce the mentoring program, if we have one planed by the date
[22:01:34] <mathiaz> [ACTION] mathiaz will schedule a general session about ubuntu-server during the Ubuntu Developer week.
[22:01:50] <nijaba> thanks for taking care of it mathiaz
[22:02:15] <mathiaz> [TOPIC] Review each section of the ServerTeam/Roadmap.
[22:02:18] <faulkes-> I'm more than happy to review material you want to present, as a new person to the group, I can probably give some good suggestions on what you write up
[22:02:36] <faulkes-> mathiaz: if that's of interest to you prior to your presentation
[22:02:39] <mathiaz> faulkes-: excellent. I'll ping you somehow.
[22:02:56] <mathiaz> faulkes-: I was about to ask you about the mentoring program also - but that's for later.
[22:03:39] <mathiaz> On the apache front,
[22:03:50] <mathiaz> apache 2.2.8 has been synced from debian.
[22:04:25] <mathiaz> I talked to slangasek about building openssl with tlsext enabled. It's seems to need some work
[22:04:33] <mathiaz> and needs to be coordinated with debian.
[22:04:44] <mathiaz> so I'm not sure we'll get it done before FF
[22:04:49] <nijaba> tood bad for SNI :(
[22:05:04] <mathiaz> without it, SNI cannot be enabled in apache2.
[22:05:30] <mathiaz> so I think we'll have to defer SNI support for apache2 to the next release.
[22:05:41] <nijaba> right...
[22:06:26] <mathiaz> there are around 490 packages that would need to be rebuilt we need to transition openssl
[22:07:05] <soren> ...if we bump the soname.
[22:07:14] <mathiaz> ivoks: state of SASL ?
[22:07:28] <mathiaz> soren: right. There are some disscussion whether this is required or not.
[22:07:32] <ivoks> mathiaz: i got feedbeck from lamont
[22:07:49] <ivoks> mathiaz: i suggest we wrap it up and patch the tasksel
[22:07:55] <mathiaz> soren: but I don't think we'll have time before FF
[22:08:09] <ivoks> mathiaz: i don't recommend patching postfix's init script
[22:08:14] <soren> mathiaz: I would even say that I'm quite sure we won't have time before FF.
[22:09:02] <mathiaz> ivoks: so we'd use a postinst script in the mail server task in tasksel.
[22:09:08] <ivoks> mathiaz: right
[22:09:19] <mathiaz> ivoks: do you have something ready for this ?
[22:09:29] <ivoks> http://launchpadlibrarian.net/10629598/tasksel.diff
[22:09:36] <ivoks> it's maybe old
[22:09:54] <ivoks> but basicaly, that's it
[22:11:02] <ivoks> changes include postfix with sasl over dovecot, maildir and tweaked dovecot and postfix for better compatibility
[22:11:17] <lamont> (sounds right)
[22:12:02] <mathiaz> ivoks: great. Have you checked wether the patch applies to the current version of tasksel ?
[22:12:16] <ivoks> mathiaz: no, i'll do that tonight
[22:12:44] <ivoks> could someone apply it before it gets outdated again? :D
[22:12:46] <mathiaz> ivoks: great. Could you attach the new patch to the bug and subscribe u-main-sponsor ?
[22:12:55] <ivoks> sure
[22:13:08] <mathiaz> ivoks: well - it will to get in before FF, which is one week
[22:13:30] <mathiaz> [ACTION]: ivoks to update the tasksel patch for SASL support
[22:14:03] <mathiaz> ScottK: how far is libdb4.2 from being dropped from the archive ?
[22:15:25] <ScottK> Hu
[22:15:28] <ScottK> Hi even
[22:15:33] <ScottK> It's not.
[22:15:47] <ScottK> openldap still needs it
[22:15:55] <ScottK> It's looking more like Hardy +1.
[22:16:07] <ScottK> 4.3, 4.4, and maybe 4.5 are reasonable targets.
[22:16:24] <mathiaz> ScottK: right - it's blocked on openldap working with db4.6.
[22:16:25] <ScottK> So I'm going to update the wiki page to look at those instead.
[22:16:31] <ScottK> Exactly.
[22:16:33] <mathiaz> ScottK: excellent !
[22:16:47] <ScottK> The other blocker I've run into is libdb4.x-ruby
[22:16:58] <ScottK> The upstream for that only supports up to 4.4.
[22:17:19] <ScottK> I've uploaded a libdb4.6-ruby which is in bin new right now.
[22:17:24] <mathiaz> [ACTION] ScottK to update the Roadmap to list db4.3, 4.4 and 4.5 as targets for archive removal.
[22:17:40] <ScottK> It works in my testing equivalently to 4.3/4.4 except transactions.
[22:17:49] <mathiaz> ScottK: so 4.3 and 4.5 are good candidates ?
[22:17:57] <ScottK> And 4.4
[22:18:21] <ScottK> I haven't done a detailed analysis yet of all of them 4.3 looks totally doable.
[22:18:23] <mathiaz> ScottK: ah ok. Understood.
[22:18:40] <mathiaz> ScottK: how does this play with FF ?
[22:18:55] <ScottK> I don't think it does.
[22:19:10] <mathiaz> ScottK: great. So work on this can be done after FF.
[22:19:15] <ScottK> Yes.
[22:19:33] <mathiaz> ScottK: great ! Thanks for the update.
[22:19:38] <ScottK> For the Ruby situation, my thought is we keep libdb4.2-ruby and libdb4.6. If anything pops up needing transaction support, they can use the 4.2 one.
[22:20:03] <ScottK> Hopefully upstream will get sorted for hardy +1 so the 4.2 ruby lib can go away then too.
[22:20:47] <mathiaz> sommer: how is the domentation doing ?
[22:21:03] <sommer> mathiaz: pretty much the same as before
[22:21:16] <sommer> new upgrading subsection :)
[22:22:04] <mathiaz> sommer: great. How are you affected by FF ?
[22:22:44] <sommer> may need to get exceptions for the virtualization section, likewise-open integration, and bacula
[22:23:18] <sommer> I wouldn't think that would bee too much of an issue
[22:23:36] <sommer> I'll email the doc ml and see what the think
[22:23:40] <mathiaz> sommer: so there is the same kind of freeze on documentation starting from next thursday ?
[22:23:49] <sommer> mathiaz: yep
[22:23:55] <mathiaz> sommer: ok. good.
[22:23:57] <nijaba> sommer: isn't your milestone string freeze?
[22:24:01] <sommer> major new sections anyway
[22:24:24] <sommer> nijaba: mathew east proposed the new freeze schedule to help conentrate on qa
[22:24:36] <nijaba> sommer: thanks
[22:25:10] <mathiaz> soren: any update on the virtualization front ?
[22:25:23] <sommer> here are some more details: https://wiki.ubuntu.com/DocumentationTeam/ReleaseSchedule
[22:25:49] <soren> Yeah, I think I've managed to work out the last dependency I need for it to really shine.
[22:26:03] <soren> Now it just needs to land in the repository so I can start using it.
[22:26:18] <soren> Namely a usable version of dnsmasq and netcat.
[22:26:52] <soren> The former for providing DNS and DHCP services to virtual networks (yay), and the latter to enable qemu+ssh:// type URL's for libvirt. *Very* handy.
[22:27:06] <ivoks> very nice!
[22:27:24] <mathiaz> soren: seems great. And all should get in before FF ?
[22:27:42] <soren> mathiaz: All should get in before I stop working tomorrow.
[22:28:22] <mathiaz> soren: once it's in there, virtualization should be feature complete for hardy.
[22:28:25] <nijaba> ubuntu-vm-builder is feature complete on my side. I've checked in a new version to allow complex partitioning.
[22:28:46] <mathiaz> nijaba: awesome.
[22:29:05] <soren> mathiaz: Great!
[22:29:06] <nijaba> I hope soren can find 1 day to integrate before FF
[22:29:07] <mathiaz> Seems like all of the virtualization stuff is ready for more widespread testing
[22:29:51] <mathiaz> which other channels can we use to ask for more testing ?
[22:30:11] <soren> Planet ubuntu usually does the trick.
[22:30:16] <mathiaz> we've published something in UWN
[22:30:21] <nijaba> We need VMWare ESX testers
[22:30:55] <mathiaz> soren: may you could post another blog entry to make it on planet ubuntu ?
[22:31:08] <soren> mathiaz: That's what I meant :)
[22:31:32] <mathiaz> soren: ahh. I thought you were refering to your previous post.
[22:31:45] <soren> Oh. No :)
[22:32:20] <mathiaz> soren: And I think that your session during Ubuntu Dev Week can also be used to adverstise more testing.
[22:32:41] <soren> Right.
[22:32:47] <tjaalton> nijaba: you mean installing on an ESX virtual machine?
[22:32:52] <soren> Yes.
[22:32:59] <nijaba> tjaalton: yes
[22:33:05] <mathiaz> soren: and making sure that the release notes have a section about it.
[22:33:31] <soren> Yes, that has been neglected :(
[22:33:53] <tjaalton> ok, we have maybe 80 hosts running on ESX (mostly RHEL, Win), and I have a couple of hosts with dapper.. could try hardy now
[22:34:27] <nijaba> tjaalton: would be very kind of you
[22:34:51] <tjaalton> it's been on my list anyway
[22:35:09] <nijaba> tjaalton: specially JeOS
[22:36:23] <mathiaz> [ACTION] tjaalton to test hardy on vmware ESX
[22:36:32] <tjaalton> :)
[22:36:40] <ivoks> now you have to do it :D
[22:36:44] <mathiaz> next topic: windows integration
[22:36:46] * nijaba needs to run. Thanks a lot everyone
[22:36:46] <tjaalton> aww jeez
[22:36:51] <tjaalton> :)
[22:37:01] <soren> Yeah, you don't want to mess with MootBot.
[22:37:10] <soren> nijaba: See you tomorrow.
[22:37:16] <ivoks> nijaba: bye
[22:37:17] <mathiaz> dendrobates has been packaging it
[22:37:37] <mathiaz> zul and I've started to review it
[22:37:39] * nijaba waves
[22:37:49] <ivoks> mathiaz: is it good? :)
[22:37:49] <sommer> later nijaba
[22:37:50] <mathiaz> so it should be uploaded real soon now.
[22:37:58] * mathiaz waves back at nijaba
[22:38:33] <mathiaz> ivoks: so far yes.
[22:38:55] <mathiaz> ivoks: but I still need to get it tested in windows environment.
[22:39:13] <mathiaz> so I think that's all for the Roadmpa.
[22:39:19] <ivoks> umm...
[22:39:22] <ivoks> one more thing
[22:39:29] <ivoks> raid-lvm integration
[22:39:41] <mathiaz> ivoks: yes. it's still on there.
[22:39:43] <ivoks> as you can see, i didn't do a thing about it
[22:39:56] <mathiaz> ivoks: right - you've been busy with other things
[22:40:04] <ivoks> but i do know there is a package in universe
[22:40:11] <ivoks> partman-auto-raid
[22:40:25] <ivoks> so it should get into main, and then only thing needed is a recipe
[22:40:28] <mathiaz> ivoks: so the next step would be to write a MIR
[22:40:39] <ivoks> so if someone know partman recipes, please... *help* :)
[22:41:31] <mathiaz> ivoks: could you update the roadmap to add a list of things to needs to be done ?
[22:41:35] <tjaalton> ivoks: has the recipe format changed? IIRC it has been totally different from the normal format
[22:41:49] <ivoks> mathiaz: sure
[22:42:07] <ivoks> tjaalton: i didn't even know there's a 'normal format' :)
[22:42:21] <tjaalton> ivoks: ok :)
[22:42:32] <jdstrand> I'll also mention that I wrote the MIR for ufw today
[22:42:33] <mathiaz> [ACTION] ivoks to update the Roadmap wrt the RAID1-LVM installation
[22:42:51] <ivoks> uf... so many actions...
[22:43:19] <mathiaz> jdstrand: have you received more feedback about ufw ?
[22:43:25] <jdstrand> yes
[22:43:35] <jdstrand> couple of small things that I fixed
[22:43:42] <jdstrand> and I also finished ipv6
[22:44:04] <jdstrand> feedback so far has been positive
[22:44:22] <mathiaz> jdstrand: great ! So that another feature almost completed for hardy.
[22:44:45] <jdstrand> it should work well-- I find it quite easy to use :)
[22:44:53] <ivoks> there are rumors we'll have to go with ipv6 by the end of 2012
[22:45:04] <mathiaz> jdstrand: well... you wrote it - I hope so
[22:45:10] <jdstrand> ;P
[22:45:11] <ivoks> is hardy ready for that?
[22:45:34] <jdstrand> ivoks: in terms of firewalling, yes
[22:45:46] <ivoks> i meant more generally...
[22:46:00] <mathiaz> ivoks: well - that's a rather broad question.
[22:46:04] <jdstrand> (I figured, I was just being silly)
[22:46:19] <mathiaz> ivoks: the kernel should support it.
[22:46:27] <soren> ivoks: I've never used it, but I'm also not aware of anything in particular blocking it?
[22:46:27] <jdstrand> it does
[22:46:34] <mathiaz> ivoks: but I'm sure that are some application that are not
[22:46:55] <ivoks> i know that kernel does support it, but as mathiaz said, some apps don't
[22:47:01] <jdstrand> I am pretty sure all our server apps do
[22:47:03] <soren> IIRC fabbione has been caring for ipv6 since the very beginning.
[22:47:04] <jdstrand> OTOH
[22:47:05] <ivoks> well, we can fix them during the release...
[22:47:17] <jdstrand> (ie the ones on the server cd and tasksel)
[22:48:09] <ivoks> then just ignore me :D
[22:48:42] <mathiaz> [TOPIC] Any Other Business
[22:48:49] <mathiaz> someone wants to add something ?
[22:48:51] <ScottK2> Debian servers support IPv6 well, so we should be in good shape.
[22:49:03] <tjaalton> well, what about the patch for libpam-ldap?-)
[22:49:08] <ScottK2> mathiaz: MIR processing seems to have stalled.
[22:49:37] <mathiaz> ScottK2: pitti said he should start doing it next week
[22:49:40] <ivoks> zul: could you please tell me the state of drbd in hardy?
[22:49:49] <ivoks> zul: as a kernel module
[22:50:01] <mathiaz> ivoks: it's integrated in linux-ubuntu-modules
[22:50:06] <ScottK2> mathiaz: OK. I'm a little worried about the state of tasksel and FF. We still have more mail server work to do.
[22:50:11] <ivoks> it is? teriffic
[22:50:25] <ivoks> then i'll write up mir for drbd-utils
[22:50:31] <mathiaz> ivoks: it's been the case for a few weeks now.
[22:50:47] <ivoks> (i'm not running hardy on any of my machines :)
[22:50:57] <mathiaz> ivoks: you should ;)
[22:51:07] <ivoks> upgrading as we speek :)
[22:51:09] <tjaalton> ivoks: join us, dogfood is good :)
[22:51:50] <mathiaz> ScottK2: ivoks is planning to update the patch to integrate dovecot and postifx.
[22:52:46] <ivoks> we could extend it to amavis... but that could be maybe too much, cause of FF
[22:52:47] <ScottK> Right. I'd like to see about integrating amavisd-new too, but until the MIR is done ....
[22:53:02] <ScottK2> Yes. My exact concern
[22:53:51] <mathiaz> well on this point, we'll have to wait for amavis to get included into main.
[22:53:59] <ivoks> right
[22:54:02] <faulkes-> question, MIR?
[22:54:10] <ivoks> main inclusion report
[22:54:15] <mathiaz> faulkes-: Main Inclusion Report
[22:54:15] * faulkes- nods
[22:54:17] <faulkes-> thanks
[22:55:29] <mathiaz> [TOPIC] Agree on next meeting date and time.
[22:55:48] <mathiaz> So - to finish - same time, same place next week ?
[22:55:56] <faulkes-> sounds good to me
[22:55:58] <ivoks> ack
[22:56:02] <tjaalton> mathiaz: should I just upload a new libpam-ldap with that patch, or?
[22:56:03] <faulkes-> that puts it day before FF?
[22:56:22] <mathiaz> tjaalton: could you send you email to ubuntu-devel ?
[22:56:29] <tjaalton> sure
[22:56:38] <mathiaz> faulkes-: yes
[22:56:42] <tjaalton> more eyes
[22:56:57] <mathiaz> tjaalton: exactly
[22:57:05] * faulkes- nods
[22:57:42] <mathiaz> Next week, same time, same place.
[22:57:46] <mathiaz> Thanks all for joining.
[22:57:58] * jdstrand waves
[22:58:01] <mathiaz> Have a good week - see ya around :)
[22:58:03] <jdstrand> thanks mathiaz!
[22:58:17] <mathiaz> #endmeeting
Meeting ended.


CategoryScribesTeam CategoryTemplate

MeetingLogs/Server/20080206 (last edited 2008-08-06 17:00:58 by localhost)