Re: [FFmpeg-devel] trac backups
On Wed, Sep 13, 2023 at 11:05:23AM +0200, Jean-Baptiste Kempf wrote: > On Wed, 13 Sep 2023, at 01:33, Michael Niedermayer wrote: > >> Who else other than you has access to the infrastructure? > > > > all the root admins do > > but that isnt the problem, even if 100 more people had access > > the only way that was noticable it seems was if someone looked > > I disagree. The infrastructure is un-documented, and the people accessing it > are un-documented. Your reply isnt really related to the statment it follows Also it maybe sounds a little accusational. I just spoted the issue and fixed it and documented the issue here in public. So i get a "thanks for fixing the backups and thanks for the transparency" no, this is open source, so i get a mildly accusational reply Not even a "Where is the list of root admins" but a "the people accessing it are un-documented" are they ? the MAINTAINERS file lists teh admins, yes ubitux removed himself from it in MAINTAINERS and still has access which i think is good in case of an emergency and also thresh has access and is not listed in MAINTAINERS (he is more a last resort emergency and less a day to day admin). send a patch for MAINTAINERS if you feel the list is not good and what do you mean by infrastructure ? its a trac issue tracker in a VM, trac backup scripts written by beastd and a 2nd backup system setup by raz for all the ffmpeg infrastructure. what is missing and what do you want ? config files ? cronjobs ? making all that public is possible, if its a good idea for security and all i dont know. May i make a blunt suggestion, anyone who doesnt take the information in this mail and start writing/documenting the infrastructure should not complain its undocumented again in the future. > > This is a big problem. this really sounds more like a populistic statement than anything with the intend to improve a real problem. i mean you know, this is not a list of questions with the intend behind to document anything, its more finger-pointing. And somehow it feels like that pointing is going my way even though i havent writen or setup either backup system but it also would be deeply unfair to point to beastd or other admins here. Everyone did their best with the time they had available. So again if people want better documentation. First step i would suggest someone should volunteer to write that documentation. And then that person should start asking specific questions. Documentation does not write itself yet. thx [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB During times of universal deceit, telling the truth becomes a revolutionary act. -- George Orwell signature.asc Description: PGP signature ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
Re: [FFmpeg-devel] trac backups
On Wed, Sep 13, 2023 at 11:05 AM Jean-Baptiste Kempf wrote: > On Wed, 13 Sep 2023, at 01:33, Michael Niedermayer wrote: > >> Who else other than you has access to the infrastructure? > > > > all the root admins do > > but that isnt the problem, even if 100 more people had access > > the only way that was noticable it seems was if someone looked > > I disagree. The infrastructure is un-documented, and the people accessing > it are un-documented. > > This is a big problem. > +1 > > jb > -- > Jean-Baptiste Kempf - President > +33 672 704 734 > ___ > ffmpeg-devel mailing list > ffmpeg-devel@ffmpeg.org > https://ffmpeg.org/mailman/listinfo/ffmpeg-devel > > To unsubscribe, visit link above, or email > ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe". > ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
Re: [FFmpeg-devel] trac backups
On Wed, 13 Sep 2023, at 01:33, Michael Niedermayer wrote: >> Who else other than you has access to the infrastructure? > > all the root admins do > but that isnt the problem, even if 100 more people had access > the only way that was noticable it seems was if someone looked I disagree. The infrastructure is un-documented, and the people accessing it are un-documented. This is a big problem. jb -- Jean-Baptiste Kempf - President +33 672 704 734 ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
Re: [FFmpeg-devel] trac backups
On Wed, Sep 13, 2023 at 12:32:28AM +0200, Marvin Scholz wrote: > > > On 13 Sep 2023, at 0:13, Michael Niedermayer wrote: > > > Hi all > > > > our trac backups died 6 months ago > > i just noticed as i checked the backups before deleting spam with trac-admin > > backups are working again > > > > failure reason where expired gpg keys > > > > thx > > > > PS: yeah, iam slightly unhappy noone noticed this for 6 months > > Who else other than you has access to the infrastructure? all the root admins do but that isnt the problem, even if 100 more people had access the only way that was noticable it seems was if someone looked either at the backups (which happily where generated with size 0 per file) or the logs ive added a gpg --recv-key so until the key server gets killed by the NSA that might be avoided. Sadly gpg has no clean was to ignore key expiry also ive pinged beastd (who wrote the trac backup scripts and is in CC) and if he has no time, i guess ill have to look at why this was not more vissible and how to fix that ... But it seems theres no hurry theres also the more radical solution of just making the backups public as they are enrcypted anyway, it just doesnt feel like the first choice. But it would avoid several issues like not noticing this or other lost backups, ... thx -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB If a bugfix only changes things apparently unrelated to the bug with no further explanation, that is a good sign that the bugfix is wrong. signature.asc Description: PGP signature ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
Re: [FFmpeg-devel] trac backups
On 13 Sep 2023, at 0:13, Michael Niedermayer wrote: > Hi all > > our trac backups died 6 months ago > i just noticed as i checked the backups before deleting spam with trac-admin > backups are working again > > failure reason where expired gpg keys > > thx > > PS: yeah, iam slightly unhappy noone noticed this for 6 months Who else other than you has access to the infrastructure? > > -- > Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB > > When the tyrant has disposed of foreign enemies by conquest or treaty, and > there is nothing more to fear from them, then he is always stirring up > some war or other, in order that the people may require a leader. -- Plato > ___ > ffmpeg-devel mailing list > ffmpeg-devel@ffmpeg.org > https://ffmpeg.org/mailman/listinfo/ffmpeg-devel > > To unsubscribe, visit link above, or email > ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe". ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
[FFmpeg-devel] trac backups
Hi all our trac backups died 6 months ago i just noticed as i checked the backups before deleting spam with trac-admin backups are working again failure reason where expired gpg keys thx PS: yeah, iam slightly unhappy noone noticed this for 6 months -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB When the tyrant has disposed of foreign enemies by conquest or treaty, and there is nothing more to fear from them, then he is always stirring up some war or other, in order that the people may require a leader. -- Plato signature.asc Description: PGP signature ___ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
