Summary: 1) New Signing Keys
The EPEL buildsystem was not a system infiltrated during the breakin. There did not seem to be any evidence that the keys were taken. However, since the other keys were updated, it is probably a good idea for us to update the signing keys. mmcgrath will talk with stickster about what would be needed or prudent to do. 2) Koji/Bodhi status No status change on getting koji/bodhi updated to allow for RHEL packages in it safely. Plague server is now on new hardware and new system. Should work for the time being. 3) EPEL Sig meeting -- EPEL marketing There were several meetings at and after the Red Hat Summit.. the topic of how to better market it will be discussed onlist with quaid 4) EPEL Sig meeting -- Layered products (sub-repos) This needs to be discussed more on list to see what is needed, and how to better deal with products that need newer packages than RHEL provides. -- Stephen J Smoogen. -- BSD/GNU/Linux How far that little candle throws his beams! So shines a good deed in a naughty world. = Shakespeare. "The Merchant of Venice"
**** BEGIN LOGGING AT Mon Sep 15 11:00:24 2008 Sep 15 11:00:24 * Now talking on #fedora-meeting-2 Sep 15 11:00:24 * Topic for #fedora-meeting-2 is: Channel is used by various Fedora groups and committees for their regular meetings | Note that meetings often get logged | For questions about using Fedora please ask in #fedora | See http://fedoraproject.org/wiki/Communicate/FedoraMeetingChannel for meeting schedule Sep 15 11:00:24 * Topic for #fedora-meeting-2 set by stickster at Mon Sep 8 15:32:37 2008 Sep 15 11:01:44 * smooge has changed the topic to: EPEL Sig meeting -- Meeting rules at http://www.fedoraproject.org/wiki/Extras/Schedule/MeetingGuidelines -- Init process Sep 15 11:01:56 * knurd ([EMAIL PROTECTED]/thl) has joined #fedora-meeting-2 Sep 15 11:02:06 * mmcgrath ([EMAIL PROTECTED]) has joined #fedora-meeting-2 Sep 15 11:02:46 * nirik ([EMAIL PROTECTED]) has joined #fedora-meeting-2 Sep 15 11:03:02 * SmootherFrOgZ ([EMAIL PROTECTED]) has joined #fedora-meeting-2 Sep 15 11:03:16 * nirik is here Sep 15 11:03:25 * mmcgrath word Sep 15 11:03:37 <smooge> helloand we are off Sep 15 11:03:46 * Jeff_S ([EMAIL PROTECTED]/staff/Jeff-S) has joined #fedora-meeting-2 Sep 15 11:03:55 * knurd here Sep 15 11:04:21 * smooge likes to remind everyone that the schedule for todays meeting as well as a list of all open tasks could be found on the wiki... if someone updated it (which I didnt.. cause I suckage) Sep 15 11:05:40 <smooge> ok topic 1 Sep 15 11:05:59 * smooge has changed the topic to: EPEL Sig meeting -- Do we need to make new signing keys? Sep 15 11:06:09 * nirik doesn't think so. Sep 15 11:06:13 <smooge> So all the cool kids got new signing keys last week Sep 15 11:06:15 * schlobinux_1 ([EMAIL PROTECTED]) has joined #fedora-meeting-2 Sep 15 11:06:34 * Jeff_S has no relevant information Sep 15 11:06:36 * nirik also doesn't have any details on exactly what happened in the compromise, so could be wrong. Sep 15 11:06:55 <nirik> mmcgrath: any thoughts on that? epel keys were on another system from the fedora ones. Sep 15 11:06:58 <mmcgrath> hmm Sep 15 11:07:06 * knurd afk for 5 minutes, sorry Sep 15 11:07:10 <mmcgrath> yeah the epel keys were on another system. Sep 15 11:07:13 <smooge> knurd, np Sep 15 11:07:39 <Jeff_S> mmcgrath: another not-compromised system? :) Sep 15 11:07:44 <smooge> so the question is.. even if they were on another system.. do we feel that the chain of trust would be better served with a new signing key Sep 15 11:08:08 <mmcgrath> smooge: yeah I think thats whats best to focus on. Sep 15 11:08:26 <Jeff_S> I don't see the need Sep 15 11:08:49 >quaid< you available for #fedora-meeting-2? Sep 15 11:08:52 * nirik doesn't have enough info to say if a new key is needed or not. Sep 15 11:08:58 <mmcgrath> We rebuilt _every_ fedora host just to be safe. And I'm actually happy that EPEL's buildsys is actually now on hardware thats underwarranty and a more modern OS :) Sep 15 11:09:12 <nirik> I would say we should start doing per dist keys with 6 tho... instead of just one key... Sep 15 11:09:13 <smooge> so EPEL is no longer at Duke? Sep 15 11:09:32 <mmcgrath> nope, its at serverbeach. Sep 15 11:09:43 <Jeff_S> riding the waves at serverbeach Sep 15 11:09:46 <mmcgrath> nirik: yeah, Fedora's going to go that way as well, I think EPEL should follow suit. Sep 15 11:09:49 <Jeff_S> nirik: +1 for that Sep 15 11:09:58 <smooge> where-ever that is.. I just get nagios about them Sep 15 11:10:03 <mmcgrath> smooge: let me talk with stickster about this a bit. Leave it up for discussion for next weeks meeting. Sep 15 11:10:38 <smooge> mmcgrath, ok. I believe that it also ties into another item which RH people have been looking at which is better marketing EPEL. Sep 15 11:11:07 <mmcgrath> yeah Sep 15 11:11:09 <smooge> ok keep open for next meeting. Sep 15 11:11:22 <smooge> next topic? Sep 15 11:11:30 * smooge has changed the topic to: EPEL Sig meeting -- Koji/Bodhi status (please real soon, please) Sep 15 11:11:44 <SmootherFrOgZ> hm... :) Sep 15 11:11:50 <smooge> the guy who can answer this is chairing another meeting I think. Sep 15 11:12:24 <nirik> well, I think last I heard one of the mike's was working on patches, but no idea after that... Sep 15 11:12:36 <mmcgrath> I beat those guys up as best I could. Sep 15 11:12:38 <smooge> yeah.. I have seen just snippets of email Sep 15 11:12:45 <SmootherFrOgZ> same Sep 15 11:12:51 <mmcgrath> but AFAIK, not a bit (literally) of progress has been made. Sep 15 11:12:52 * nirik tries to remember who it was... mbonnet? Sep 15 11:12:56 <mmcgrath> yeah Sep 15 11:13:21 <smooge> Ok, I am going to say that we are coming to the time of punting. Sep 15 11:13:33 <mmcgrath> and our intern's summer intership has ended during that time. He's still on doing a bit of work but doesn't have nearly enough time to do something like this I'm afriad Sep 15 11:13:56 <nirik> smooge: punting to what tho? Sep 15 11:14:03 <smooge> plague2 Sep 15 11:14:07 <smooge> :P Sep 15 11:14:17 <mmcgrath> If someone takes up plague, like say Centos. I'd say stick with it. Sep 15 11:14:18 <mmcgrath> seriously Sep 15 11:14:34 <mmcgrath> but no one's taken it up so we're just in a horrible place where new upstream just isn't that interested in us and old upstream doesn't exist Sep 15 11:14:40 <Jeff_S> mmcgrath: sounds like centos is leaning towards koji, but that's up in the air AFAIK Sep 15 11:14:46 <nirik> yeah, rock meet hard place. Sep 15 11:14:53 <smooge> The centos guys are waiting for someone inside of RH to say plague's theres (last time I talked with kbsingh) Sep 15 11:15:10 <nirik> we could also go to centos packages in koji? :) Sep 15 11:15:32 <smooge> ... wonders if he dropped another ball... Sep 15 11:15:38 <mmcgrath> smooge: if they fork and rename it, I'd switch to the fork :) Sep 15 11:15:50 <nirik> why rename? Sep 15 11:15:51 <smooge> hmmm Sep 15 11:16:04 <mmcgrath> not sure who owns the copyright plague Sep 15 11:16:11 <smooge> nirik, un-registered trademark Sep 15 11:16:16 <nirik> fun. Sep 15 11:16:26 <mmcgrath> why not plague5 :) Sep 15 11:16:31 <Jeff_S> ... Sep 15 11:16:32 <smooge> mmcgrath, tempting Sep 15 11:16:48 <smooge> Well I always wanted t a project to own Sep 15 11:17:19 <Jeff_S> so if we can't get the RH support to make changes to koji, does that open the door to using centos packages within koji? Sep 15 11:17:21 * nirik notes that rpmfusion is still using plague too. Sep 15 11:17:49 <SmootherFrOgZ> nirik: for now :) Sep 15 11:17:57 <smooge> nirik, and rpmrepo Sep 15 11:18:07 <nirik> Jeff_S: yeah, dunno... but if we start working on doing so, would that light any fires? :) Sep 15 11:18:16 <smooge> or whatever the axel/dag/centosguys/sci-linguys one is called Sep 15 11:18:19 <Jeff_S> nirik: probably... only one way to find out :) Sep 15 11:19:30 <smooge> ok so the status is: 1) Koji/bodhi is still dead-in-water. 2) plague is looking for an owner. 3) we need to fire something across the bow one way or another Sep 15 11:19:43 <nirik> we could request tags and importing of centos packages in koji... Sep 15 11:19:44 * knurd is back, in case you need me Sep 15 11:20:02 <smooge> knurd, rpmfusion still using plague? for how long? Sep 15 11:20:18 <Jeff_S> I don't have high hopes for plague getting any development love Sep 15 11:20:18 <SmootherFrOgZ> smooge: i think a topic on plague ownership could be interesting though Sep 15 11:20:20 <smooge> or could I have asked SmootherFrOgZ and didn't know Sep 15 11:20:41 <knurd> smooge, I'd say "for the near future" and "until somebody is willing to set up koji and bodhi" Sep 15 11:20:43 <smooge> Jeff_S, where can I find the code base Sep 15 11:21:01 <Jeff_S> smooge: hmmm, it was hosted in cvs on fedora somewhere Sep 15 11:21:03 <smooge> eg where is current plague upstream? Sep 15 11:21:03 <knurd> maybe "for the near future" might mean two or three years in the end; but maybe a year or less Sep 15 11:21:23 <smooge> knurd, thats good enough for me. +/- an epoch :) Sep 15 11:21:29 <Jeff_S> smooge: "upstream" is relative seeing as how I don't think anyone is touching it Sep 15 11:21:30 <SmootherFrOgZ> smooge: actually, i've some main server on my side where koji is set up and i plan to make some work and bind them to rpmfusion and make some tries Sep 15 11:21:45 <SmootherFrOgZ> but note that, i'll not stop plague for those tests Sep 15 11:22:08 * nirik should setup koji here... keep meaning to do so sometime. Sep 15 11:22:11 <smooge> Jeff_S, there have been some commits and arguments between David Gilmore and Micheal Schwendt somewhere last week. Sep 15 11:22:21 <smooge> sorry I mispelled his name. Sep 15 11:22:56 <mmcgrath> Dennis :) Sep 15 11:23:12 <smooge> Dennis and S. last name.. shoot I am the suck today Sep 15 11:23:35 <nirik> yeah, I think esentially plague upstream is the fedora cvs. Sep 15 11:23:55 <SmootherFrOgZ> yeah Sep 15 11:23:57 <smooge> Schwendt is the correct spelling for posterity Sep 15 11:24:21 <smooge> nirik, ok I am going to check it out and see if I can get on the 'membership/owning' list and see what I can do Sep 15 11:24:24 <smooge> thansk Sep 15 11:24:30 * mbonnet ([EMAIL PROTECTED]) has joined #fedora-meeting-2 Sep 15 11:24:37 <Jeff_S> smooge: huh, what's that mean? Sep 15 11:24:57 <nirik> smooge: so you will try and get someone to own it and maintain it? or you are willing to do that yourself? Sep 15 11:25:11 <nirik> hey mbonnet. Sep 15 11:25:33 <nirik> mbonnet: any news/progress on koji for epel patches/changes? Sep 15 11:25:47 <smooge> I am going to 1 find someone to own/maintain it or b) be the official guy to take patches from people outside of RH (eg what the rpmrepo guys are doing) into it Sep 15 11:26:06 <Jeff_S> smooge: fwiw, I think I have commit access there -- at least I did at one point Sep 15 11:26:24 <mbonnet> nirik: not recently. I think it's gotten pushed down the priority list by recent events Sep 15 11:26:24 <Jeff_S> but I think plague is a sinking ship... we should get off Sep 15 11:27:10 * dgilmore ([EMAIL PROTECTED]/dgilmore) has joined #fedora-meeting-2 Sep 15 11:27:30 <nirik> mbonnet: ;( so no eta? Sep 15 11:27:56 <mbonnet> nirik: sorry, not at the moment Sep 15 11:28:27 <smooge> Jeff_S, ok.. kbsingh/johnny had been really interested in it this spring... so my info is old Sep 15 11:28:57 <smooge> either way even if it is a sinking ship.. its the one we are on until something comes along. Sep 15 11:29:03 <smooge> I heard brew is pretty nice :) Sep 15 11:29:07 <Jeff_S> smooge: kbsingh was talking the other day about trying out koji (should it be easier to install than it was a year ago) Sep 15 11:29:33 <smooge> ah ok. I will resink with him Sep 15 11:29:34 <nirik> http://cvs.fedoraproject.org/viewvc/extras-buildsys/?root=fedora&pathrev=Plague-0_4_5 Sep 15 11:29:49 <smooge> dgilmore, are you still a big consumer of plague or is OLPC moving to koji/ Sep 15 11:30:00 <nirik> mbonnet: ok, how about the idea of importing centos now and building against it until the patches/changes are in koji for rhel building? Sep 15 11:30:33 <dgilmore> smooge: olpc never used plague Sep 15 11:30:33 <mbonnet> nirik: that would work, but that's not my decision Sep 15 11:30:48 <dgilmore> nirik: we cant do that Sep 15 11:30:49 <smooge> dgilmore, ah ok.. I am really confused then Sep 15 11:30:59 <dgilmore> nirik: its been discussed many times in the past Sep 15 11:31:16 <dgilmore> smooge: and im not at OLPC any more Sep 15 11:31:18 <nirik> dgilmore: yeah, so I have heard in the past... althought it's never been clear to me who has nixed it. Sep 15 11:31:50 <smooge> dgilmore, ah ok Sep 15 11:31:53 <knurd> nirik, I'm one of those that really dislikes the idea Sep 15 11:31:58 <nirik> so, status frustrating quo... shall we move on, since we can't do anything about this topic any? Sep 15 11:32:05 <smooge> dgilmore, that would explain some of the emails . Sep 15 11:32:10 <smooge> nirik, yes Sep 15 11:32:26 <knurd> as it creates trouble furing 4.x -> 4.(x-1) timeframes and because it might be problematic when we start building for RHEL6 Sep 15 11:32:28 <nirik> knurd: yeah, I can sure see reasons not to, but I just want to try and do something... it's anoying to keep stalling here with no changes. Sep 15 11:32:48 <smooge> I would changing frustrating to fucking but I ahvent had my cofffee Sep 15 11:32:59 <knurd> nirik, but chaging back and forth between RHEL, centos and RHEL will really look odd for users and contributers Sep 15 11:33:23 <knurd> and might create problems for EL users Sep 15 11:33:23 * smooge has changed the topic to: EPEL Sig meeting -- EPEL marketing Sep 15 11:34:00 <smooge> Ok I have this on our agenda, but the people who were talking about this with RH aren't here. Sep 15 11:34:14 <Jeff_S> so we'll just do nothing until koji finally supports our needs? Sep 15 11:34:31 <nirik> Jeff_S: seems so Sep 15 11:34:51 <knurd> Jeff_S, +1, as long as there is no pressing need to switch Sep 15 11:35:01 <knurd> s/as long/at least as long/ Sep 15 11:35:15 <smooge> ok so status report on current build system: Sep 15 11:35:26 <smooge> 1) mmcgrath/dgilmore rebuilt it on new hardware. Sep 15 11:35:32 <smooge> 2) it still uses plague Sep 15 11:36:11 * nirik nods Sep 15 11:36:30 <dgilmore> smooge: its using current plague thats in EPEL-testing + some patching to make it run Sep 15 11:36:42 <smooge> 3) we have no current ETA for moving forward Sep 15 11:37:38 * schlobinux_ ([EMAIL PROTECTED]) has joined #fedora-meeting-2 Sep 15 11:37:38 <smooge> 4) I am going to make sure plague gets the loving it needs til bodhi/koji. Even if thats just watching patch commits Sep 15 11:38:10 <dgilmore> smooge: FWIW plague has seen more activity in the last month than the last 2 years Sep 15 11:38:19 <smooge> And I think we are 'done' with this topic til next week. Sep 15 11:39:29 <smooge> dgilmore I figured as much. Best place for me to learn perl, lisp, python or whatever its written in ;) Sep 15 11:39:37 <smooge> ok EPEL marketing Sep 15 11:39:54 <dgilmore> smooge: python Sep 15 11:40:26 <smooge> There was been some questions about how EPEL is branded, can be branded, looks to be branded? Sep 15 11:41:03 <nirik> quaid was looking at that, right? Sep 15 11:41:17 <smooge> What does EPEL mean? How do you pronounce it (I seem to pronounce it like a fruit, others pronounce it like an EEP.) Sep 15 11:42:15 * mmcgrath is HORRIBLE with branding Sep 15 11:42:21 <smooge> nirik, yes. I think it was mmcgrath, stahnma, quaid, and me on a conference call with the RH marketing people on ideas of what does EPEL 'mean' and what would be a way to make a 'message' for it in line with other RH/Fedora 'projects'. Sep 15 11:42:46 * nirik is also horrible with that... Sep 15 11:43:29 <smooge> we all are horrible with it except maybe mpdehaan. mizmo is of course good at it. Sep 15 11:44:42 <smooge> so anyway, we had some emails, conference calls, and they were going to present some ideas to us in late August.. but I guess everyone got a little busy with something else Sep 15 11:45:40 <smooge> so I am pinging people and trying to see if we can come up with some ideas Sep 15 11:46:13 <mmcgrath> yeah, I don't actually know who took the lead on that in RH Sep 15 11:46:52 <smooge> Chris Grams and Jennifer Venable? Sep 15 11:47:03 <smooge> and Greg. Sep 15 11:49:16 * smooge has changed the topic to: EPEL Sig meeting -- Layered products (sub-repos) Sep 15 11:50:22 <smooge> Ok this is an action item stahnma wanted.. so I think I am talking for him Sep 15 11:51:21 <smooge> Ok there are a lot of open-sourceproducts that RH has that might make good EPEL stuff... but some parts won't. In the case of spacewalk, we could import some of the packages, but not all of spacewalk because it replaces some core EL-4/5 packages with its updated ones. Sep 15 11:51:59 <smooge> The same with dogtag, RHDS, IDS-via-audit, etc Sep 15 11:52:18 <mmcgrath> Long term some of these issues can be fixed if we guide them. But short term what can be done? Sep 15 11:53:05 <SmootherFrOgZ> note that spacewalk still depends on oracle Sep 15 11:53:14 * schlobinux_1 has quit (Read error: 110 (Connection timed out)) Sep 15 11:53:50 <smooge> SmootherFrOgZ, even if it did not.. it has certain requirements that need newer packages than what EL-5 comes with. Sep 15 11:53:51 <nirik> so whats the proposal here? one subrepo for testing? or one per each product thats trying to get into epel? or ? Sep 15 11:54:19 <mmcgrath> yeah, I'm conflicted there. Sep 15 11:54:27 <smooge> nirik, that is where I am a little lost myself and I think we will need stahnma to talk more about when he gets back from vmworld Sep 15 11:54:33 <mmcgrath> Though at the end of the day I don't think we should be enablers :) Sep 15 11:54:39 <SmootherFrOgZ> smooge: +1, also rhn-push, does spacewalk team plan to bring something new than that ? Sep 15 11:54:47 <mmcgrath> I think a single testing repo where we can throw stuff that has broken deps perhaps? Sep 15 11:55:08 <nirik> yeah, but what good does that do over just removing it until it's fixed? Sep 15 11:55:10 <smooge> guys.. lets not focus on the oracle part. Sep 15 11:55:32 <smooge> the oracle part is a full stop. Sep 15 11:55:47 <mmcgrath> then its the "packages that replace base RHEL" problems which is also a broken dep problem. Sep 15 11:55:56 <smooge> yes.. Sep 15 11:56:23 <dgilmore> smooge: for spacewalk-0.3 im building the pieces on top of RHEL and EPEL Sep 15 11:56:54 <dgilmore> and as pieces get addeded there will be less in spacewalk repos until its all gone Sep 15 11:57:19 <dgilmore> smooge: and i need to look at dogtag and get it building in mock Sep 15 11:58:11 <smooge> the issue is that if RH's product strategy basically is going to be open-source products that replace core ones.. do we put those open source products in.. or just say thats for other repos to do? Sep 15 11:58:15 <nirik> so for these short term/temp repos for people who are working on getting things in, couldn't they just use fedorapeople or the like? or they need something more official? Sep 15 11:58:52 <dgilmore> nirik: they should do like spacewalk is doing. host repos somewhere themselves Sep 15 11:59:00 <nirik> yeah... Sep 15 11:59:37 <nirik> I think our policy of not replacing core packages is a good one. Unless we have a lot more folks helping or some really impressive need I don't see why we should change... Sep 15 12:00:13 <dgilmore> nirik: not replacing RHEL packages is a must. Sep 15 12:00:24 <knurd> dgilmore, +1 Sep 15 12:00:31 <dgilmore> where it gets murky i guess is layed products which are not core RHEL Sep 15 12:00:36 <dgilmore> layered Sep 15 12:00:37 <nirik> so, shall we revisit this when stanhma is around? Sep 15 12:00:58 <smooge> ok as long as there isnt a "why isn't EPEL hosting OpenSource builds of RH sub-products" from RH people Sep 15 12:01:09 <dgilmore> fedora-ds should be in EPEL as should spacewalk and dogtag Sep 15 12:01:22 <SmootherFrOgZ> +1 Sep 15 12:01:32 <dgilmore> if people want guaranteed support they buy that from Red Hat Sep 15 12:02:21 <dgilmore> the issue will be making sure that if someone had epel configured and brought support for RHDS that fedora-ds does not replace it Sep 15 12:03:08 <smooge> dgilmore, which brings up building 'sub-channels' but I think at some point its a problem with having outside repositories on your system. Sep 15 12:03:08 <dgilmore> spacewalk is making that hard. and im going to work on making sure its fixed Sep 15 12:03:20 <dgilmore> smooge: yeah Sep 15 12:04:50 <smooge> so pulp to the rescue for that Sep 15 12:05:02 <smooge> anyway.. Sep 15 12:05:26 * Jeff_S needs to leave in 5 min... Sep 15 12:05:27 <smooge> I think we have filled this channel with all the stuff 'worth' hearing Sep 15 12:05:44 <smooge> anyone have anything else? Sep 15 12:05:52 <smooge> meeting closed in 1 minute Sep 15 12:06:19 <smooge> 30 sec Sep 15 12:06:28 <Jeff_S> thanks everyone Sep 15 12:07:15 * smooge has changed the topic to: Channel is used by various Fedora groups and committees for their regular meetings | Note that meetings often get logged | For questions about using Fedora please ask in #fedora | See http://fedoraproject.org/wiki/Communicate/FedoraMeetingChannel for meeting schedule Sep 15 12:07:22 <nirik> oh... meeting next week right? not 2 weeks? Sep 15 12:07:25 <smooge> next week Sep 15 12:07:29 <smooge> 1500 UTC Sep 15 12:07:45 <nirik> ok. Sep 15 12:07:53 * nirik ([EMAIL PROTECTED]) has left #fedora-meeting-2 ("Client exiting") Sep 15 12:08:14 * Jeff_S ([EMAIL PROTECTED]/staff/Jeff-S) has left #fedora-meeting-2 Sep 15 12:08:54 * knurd ([EMAIL PROTECTED]/thl) has left #fedora-meeting-2 **** ENDING LOGGING AT Mon Sep 15 12:09:36 2008
_______________________________________________ epel-devel-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/epel-devel-list
