20110524

Agenda

  • Review ACTION points from previous meeting
  • Oneiric Development
  • Ubuntu Server Team Events
  • Weekly Updates & Questions for the QA Team (hggdh)

  • Weekly Updates & Questions for the Kernel Team (smb)

  • Weekly Updates & Questions from the Ubuntu Community

  • Open Discussion

Minutes

Meeting Actions

  • All: spec peer reviews

Oneiric Development

Weekly Updates & Questions for the Kernel Team (smb)

smb reminded the team about his email asking about iscsitarget.

Weekly Updates & Questions from the Ubuntu Community

cp1 asked what we might do to better keep up with security updates. He feels we were slow with the last exim update, particularly compared to debian. jdstrand, kees, and dholbach came back with suggestions:

  • kees pointed us to http://people.canonical.com/~ubuntu-security/cve/main.html

  • jdstrand informed us that as part of the security-o-community blueprint, 10-15 packages per month will be put up for community contributions.
  • dholbach pointed out that if you are aware of an embargoed issue and have a patch, you can file a private security bug.

Agree on next meeting date and time

Next meeting will be on Tuesday, May 31st at 16:00 UTC in #ubuntu-meeting.

Log

        [17:05] <hallyn> #startmeeting
[17:05] <MootBot> Meeting started at 11:05. The chair is hallyn.
[17:05] <MootBot> Commands Available: [TOPIC], [IDEA], [ACTION], [AGREED], [LINK], [VOTE]
[17:05] <RoAkSoAx> o/
[17:05] <Daviey> \o
[17:05] <hallyn> oh no, my clipboard isn't working, this is gonna be a slow one
[17:05] <SpamapS> already on oneiric? ;)
[17:05] <robbiew> oh man...don't get me started
[17:06] <Daviey> oneiric is rocking.
[17:06] <hallyn> [TOPIC] Review ACTION items from previous meeting
[17:06] <MootBot> New Topic:  Review ACTION items from previous meeting
[17:06] <hallyn> no items?
[17:06] <Daviey> don't think there was
[17:06] <hallyn> [TOPIC] Oneiric Development
[17:06] <MootBot> New Topic:  Oneiric Development
[17:07] <Daviey> Review blueprints!
[17:07] <Daviey> Thanks everyone who filed their blueprints already.
[17:07] <Daviey> This Thursday is feature definition freeze
[17:07] <Daviey> This means that they should all be squared away by then.
[17:07] <Daviey> We really, really need peer reviews
[17:07] <RoAkSoAx> mine are waiting review
[17:07] <Daviey> (open to everyone in ~ubuntu-server)
[17:07] <RoAkSoAx> :)
[17:08] <SpamapS> ugh..
[17:08] <Daviey> RoAkSoAx, I thought i sent you a mail asking some questions yesterday? :)
[17:08] <hallyn> action?
[17:08]  * SpamapS needs to finish boot-experience spec.. :-P
[17:08] <zul> i would like some reviews as well
[17:08] <RoAkSoAx> Daviey: uhmmmmmmm I didn't receive anything
[17:08] <RoAkSoAx> :S
[17:08] <Daviey> Blueprints are the most important outcome of this week, really.
[17:08] <hallyn> [ACTION] All: spec peer reviews
[17:08] <MootBot> ACTION received:  All: spec peer reviews
[17:09] <RoAkSoAx> Daviey: maybe you forgot to clic send :D
[17:09]  * Daviey checks
[17:09] <robbiew> what
[17:09] <robbiew> no
[17:09] <robbiew> I got iut
[17:09] <robbiew> it
[17:09] <hallyn> Daviey: for the meeting notes, what's that link again to get the list of server specs?
[17:09] <Daviey> RoAkSoAx, Subject: Infrastructure power management (server-o-infra-power) ?
[17:10] <smoser> what does "spec peer reviews" mean ?
[17:10] <Daviey> anyway, we'll take that out of band.
[17:10] <robbiew> hallyn:  https://blueprints.launchpad.net/sprints/uds-o?searchtext=server-o
[17:10] <smoser> where would i do such a thing ?
[17:10] <robbiew> sort by spec name
[17:10] <Daviey> smoser, Question the implementation, and direction.
[17:10] <hallyn> thx
[17:10] <smoser> where?
[17:10]  * Daviey will send a post to ubuntu-server ml today with further details.
[17:10] <smoser> in the whiteboard ?
[17:10] <Daviey> smoser, on the whiteboard.
[17:10] <smoser> what a messy place for such a thing. I have no suggestion for anything better.
[17:11] <smoser> but conversations there are just about impssible to follow.
[17:11] <robbiew> fwiw,  all approved blueprints can be found here: http://blueprints.launchpad.net/~ubuntu-server/+specs?role=assignee
[17:11] <RoAkSoAx> Daviey: no nothign... didn't receive anything.. that bluprint is being driven by Arnaud from Eaton btw
[17:11] <hallyn> [LINK] http://blueprints.launchpad.net/~ubuntu-server/+specs?role=assignee
[17:11] <MootBot> LINK received:  http://blueprints.launchpad.net/~ubuntu-server/+specs?role=assignee
[17:11] <hallyn> [LINK] https://blueprints.launchpad.net/sprints/uds-o?searchtext=server-o
[17:11] <MootBot> LINK received:  https://blueprints.launchpad.net/sprints/uds-o?searchtext=server-o
[17:11] <RoAkSoAx> Daviey: cause it is not powernap :), but rather NUT
[17:11] <Daviey> RoAkSoAx, Yeah, i was asking input - i'll send it again.
[17:12] <RoAkSoAx> Daviey: cool ;)
[17:12] <Daviey> That is all from me..
[17:12] <Daviey> ta
[17:12] <hallyn> [TOPIC] Ubuntu Server Team Events
[17:12] <MootBot> New Topic:  Ubuntu Server Team Events
[17:13] <hallyn> anything new coming up?
[17:13] <hallyn> i intend to be at first part of plumber's for security mini-conf
[17:13] <Daviey> Nothing exciting comes to mind... i think we are all still resting.
[17:13] <Daviey> hallyn, Oh - interesting.. we all look forward to the blog post covering that.
[17:13] <hallyn> moving on, then
[17:14] <hallyn> [TOPIC] Weekly Updates & Questions for the QA Team (hggdh)
[17:14] <MootBot> New Topic:  Weekly Updates & Questions for the QA Team (hggdh)
[17:14] <hallyn> hggdh: around?
[17:15] <hallyn> ok, moving on
[17:15] <hallyn> [TOPIC] Weekly Updates & Questions for the Kernel Team (smb)
[17:15] <MootBot> New Topic:  Weekly Updates & Questions for the Kernel Team (smb)
[17:15] <hallyn> smb: hey
[17:15] <smb> hello
[17:15] <smb> Just one reminder about my asking about iscsitarget to be only userspace dkms for oneiric.
[17:16] <smb> I think it should be ok as it is imo not required for installation or boot
[17:16] <hallyn> any questions for smb?
[17:16]  * smb wonders whether he got moderated out of server-ml
[17:16] <hallyn> huh
[17:16] <Daviey> smb, no - i waved you through
[17:17] <smb> Daviey, Ta. :)
[17:17] <hallyn> ok, moving on then
[17:17] <smb> (actually meant still stuck in the moderation queue)
[17:17] <smb> ok with me
[17:17] <hallyn> Daviey: want an action to push that through? :)
[17:17] <hallyn> [TOPIC] Weekly Updates & Questions from the Ubuntu Community
[17:18] <MootBot> New Topic:  Weekly Updates & Questions from the Ubuntu Community
[17:18] <Daviey> hmm
[17:18] <Daviey> hallyn / smb: i passed your message through the queue when you sent it.
[17:18] <cp1> I wanted to ask about how we might do a better job with security updates.  For example the last exim update was kind of slow compared to Debian, and if I had known about it earlier I could have helped patch it and get it out sooner. In that case some people at exim.org knew about the issue about a month ahead of time.  So how can we improve issues like that?
[17:19] <smb> Daviey, Understood that. Just thought my initial question was not put the right way
[17:19] <hallyn> does the security team have a list of pending security updates, for volunteers to look through?
[17:19] <hallyn> jdstrand: ^
[17:20] <Daviey> non embargoed ones, i guess.
[17:20] <Daviey> I don't know that you can split bugs by server, and security in launchpad easily.
[17:20] <kees> hallyn: yes: http://people.canonical.com/~ubuntu-security/cve/main.html
[17:20] <hallyn> [LINK] http://people.canonical.com/~ubuntu-security/cve/main.html
[17:20] <MootBot> LINK received:  http://people.canonical.com/~ubuntu-security/cve/main.html
[17:20] <dholbach> Daviey, package sets!
[17:20] <hallyn> kees: thanks
[17:20] <jdstrand> hallyn: yes, it is incorporated into the sponsoring list and patch piloting. that said, we will be offering up 10-15 packages a month for people to contribue to, as part of the security-o-community bp
[17:21] <kees> hallyn: and if you want to watch specific package, http://people.canonical.com/~ubuntu-security/cve/
[17:21] <ScottK> If you are aware of an embargoed issue and have a patch, you can file a private security bug with it so the security team can get a running start at it.
[17:21] <ScottK> cp1: ^^^
[17:21] <jdstrand> hallyn: this is of course all in addition to what kees just mentioned
[17:21] <ScottK> I've done this a number of times and it's worked out nicely.
[17:21] <hallyn> jdstrand: ScottK: dholbach: thanks :)
[17:22] <hallyn> cp1: maybe you can convert that to an rss feed :)
[17:22] <cp1> My problem is I wasn't aware of it early enough.
[17:23] <kees> cp1: if you want to watch exim4 specifically, this works: http://people.canonical.com/~ubuntu-security/cve/pkg/exim4.html
[17:23] <hallyn> Right, whatever form the list takes - or if you watch one of the many CVE lists - you do simply need to watch it or have a running search for exim
[17:23] <cp1> CVE tagging isn't always helpful, for example mhonarc has some issues now and the bug in lauchpad doesn't have the CVE's associated with it.
[17:23] <hallyn> just have a cronjob scrape it daily and check for diffs...
[17:24] <hallyn> So we need to do a better job with taggin?
[17:24] <Daviey> yah.. more stuff to do :)
[17:25] <hallyn> cp1: let's discuss anything further in #ubuntu-hardened
[17:25] <hallyn> moving on,
[17:25] <hallyn> [TOPIC] Open Discussion
[17:25] <MootBot> New Topic:  Open Discussion
[17:25] <hallyn> any?
[17:25] <Daviey> Blueprints, Blueprints and Blueprints
[17:25] <Daviey> :)
[17:26] <SpamapS> BadgersBadgersBadgers
[17:26]  * RoAkSoAx hates university's wifi network :)
[17:26] <hallyn> I'm hoping to fill in the packaging requests for all spice related packages before i slip away
[17:26] <ttx> RoAkSoAx: switch :)
[17:26] <SpamapS> hallyn: do not go quietly into the night
[17:26] <RoAkSoAx> ttx: can't... I'm gonna be here for the rest of the day
[17:26] <ScottK> hallyn: You know what packaging requests get you, right?
[17:26] <RoAkSoAx> :(
[17:26] <ScottK> hallyn: With a packaging request and a package you've created then you'll get a package.
[17:27] <hallyn> ScottK: not sure i follow
[17:27] <Daviey> 1. Packaging Request
[17:27] <Daviey> 2. Package
[17:27] <Daviey> 3 Profit!
[17:28] <RoAkSoAx> Daviey: 3. Upload
[17:28] <Daviey> We've solved it.
[17:28] <RoAkSoAx> 4. Profit
[17:28] <hallyn> yeah, i did them out of order...
[17:28] <hallyn> dat be how i roll
[17:28] <Daviey> Thanks for the meeting hallyn .
[17:28] <hallyn> [TOPIC] Announce next meeting date and time
[17:28] <MootBot> New Topic:  Announce next meeting date and time
[17:28] <SpamapS> One more topic.. any pies in the face planned for UDS-P ?
[17:29] <hallyn> Tuesday, May 31st 2011 16:00 UTC
[17:29] <ScottK> hallyn: Just filing package requests almost never results in an actual package being created.
[17:29] <zul> SpamapS:  yeah thats what motivates me ;)
[17:29] <hallyn> ScottK: i just want the permission to upload them to universe :)
[17:29] <hallyn> ScottK: you're just telling me i need to do the packaging, right?
[17:29] <ScottK> hallyn: No packaging bug is needed for that.
[17:29] <ScottK> yes.
[17:29] <SpamapS> hallyn: quick end it before it grows another head!
[17:29] <hallyn> #endmeeting

MeetingLogs/Server/20110524 (last edited 2011-05-25 02:16:28 by serge-hallyn)