On Sun, Nov 28, 2010 at 10:01:20PM +0100, Luc Verhaegen wrote: > On Wed, Nov 24, 2010 at 06:40:54PM +1000, Dave Airlie wrote: > > > > We could probably better define this sort of things, again fd.o has > > been a pretty haphazard setup based on volunteer time and effort, but > > again hopefully we can get some escalation procedures in place that > > are less public. > > > > Dave. > > In fact, more visibility is what is needed, not less! > > Just like with the fundamental change that happened with the X.org > board earlier this year: we need to know who is doing what, before we > can trust it. > > In my very first email i asked who all had root access to the fd.o > machines. I haven't got an answer to that yet. > > From irc, the day after this broke out, i saw that ajax and daniels > suspended their own fd.o root accounts, but keep their x.org accounts? > Why only fd.o and not X.org? Why only suspension and not taking away > this access? > > Is this really how people want to run a free software project? Where > only political affiliation means that your code is safe? > > And WTF, searching through my irc log, i dug up this: > > --- Day changed Fri Nov 19 2010 > ... > 04:13 < alanc> someone leave a git repo writable by too many people? > http://cgit.freedesktop.org/xorg/driver/xf86-video-radeonhd/commit/?h=spigot > 04:14 < cjb> looks like a perfectly normal ajax commit to me > 04:14 < alanc> except he usually signs his as ajax, not > r...@jerkcity.com > 04:15 < cjb> was kidding :) > 04:15 < alanc> not that I'm disagreeing with the new autogen.sh there, > given it was the only commit in the last 6 months, but it would be more > useful on master > 04:17 < mjg59> I'm not sure that that branch has always been there > > WTF? Alan, why did you not act on this? Why didn't you mail > adm...@fd.o? Why are you spending your time bashing me for blowing this > open, and not talking to the admins, while all you did was 1) put this > on irc 2) shrug and walk away. > > Do you find this acceptable behaviour for the secretary of the X.org > board? > > Since i am pasting irclog, attached is more irc log, showing several > people at their best (including me). > > Luc Verhaegen.
Now with an actual log attached. Luc Verhaegen
--- Day changed Tue Nov 23 2010 <before the email> ... 13:02 < libv> ok, which wanker pulled this: http://cgit.freedesktop.org/xorg/driver/xf86-video-radeonhd/commit/?h=spigot 13:03 < arekm> lol 13:04 < scarabeus> i likes 13:04 < libv> well, either there's some idiot with rather severe fd.o access 13:04 < libv> or there is a security issue 13:07 < libv> i would rather expect that those people capable of doing this, would be above this ... <And now after:> ... 16:04 < mattst88> oh man, people out to get libv again 16:06 < libv> mattst88: heh. 16:06 < libv> mattst88: would you really trust your code to fd.o when you know that those with root access pull such stunts? 16:07 < mattst88> I suppose that it's more of a prank than anything serious. 16:07 < libv> mattst88: this is definitely not a prank 16:07 < mjg59> Somebody used an inappropriate process to mark an unmaintained project as deprecated 16:07 < mjg59> Which is worthy of criticism, but 16:07 < libv> mjg59: and the difference is... marketing... right? 16:07 < mjg59> I'm not trying to justify the way it was done 16:08 < mattst88> of course it is a prank, they made a silly branch in the repository. They didn't delete code. (Unless I'm missing something) 16:08 < ajax> it's not like git has securty anyway 16:08 < ajax> forging COMMITTER_EMAIL is trivial 16:08 < libv> mattst88: how would you have root do this to your repos? 16:08 < libv> like to even 16:08 < tmzt_dg2root> but you need ssh though don't you? 16:08 < tmzt_dg2root> so it has to be somebody 'trusted' 16:09 < mattst88> libv, I wouldn't, no doubt. I'm not justifying it. 16:09 < mjg59> libv: If a project is unmaintained then leaving it buildable rather than marking it as deprecated is irresponsible 16:09 < libv> mjg59: radeonhd hasn't been part of the release for two or more years now 16:09 < libv> mjg59: remember the big flame war with amongst others, you, me and daniels 16:10 < tmzt_dg2root> it's still the only non atom ati code? or is that avivo 16:10 < mjg59> libv: Yet it's still in the repo and people keep building it and getting confused 16:10 < libv> heh, avivo is still listed as part of ohloh 16:10 < libv> mjg59: mshopf make some updates to it in may 16:10 < mjg59> libv: So it's unmaintained 16:10 < libv> mjg59: but this does not take away from the core fact 16:11 < libv> mjg59: so stop diverting from that. 16:11 < mjg59> I refer you to my previous statement 16:11 < mjg59> I don't think there's any reasonable justification for the way it was done 16:11 * mattst88 looks at what he's started, and is sad 16:12 < tmzt_dg2root> so, serious question, is there a way to set CC to build.sh so I don't have to patch it? 16:12 < libv> this is not some banal prank, this is a serious breach of trust in the whole of fd.o 16:13 < mattst88> I wonder how long it'll be until phoronix has an article up. 16:13 < ajax> they do. 16:13 < ajax> drama -> pageviews -> dolla 16:13 < mattst88> you're fucking kidding me 16:14 * mattst88 facepalms 16:14 < libv> mattst88: i poked michael the second i sent an email 16:14 < libv> mattst88: like so many, you fail to see how useful michael really is. 16:14 < jcristau> libv should clearly get paid by phoronix for the drama 16:14 < tmzt_dg2root> yeah there's some good articles 16:15 < mattst88> libv, for spreading news to people who don't really understand it? 16:15 < krh> jcristau: maybe he does 16:15 < tmzt_dg2root> the first article on wayland was two years ago 16:15 < libv> jcristau: no, the guy who has more forum posts, you know, the same guy who is supposed to get free software developers documentation about graphics hardware, he should be paid by phoronix 16:15 < libv> more forum posts than the owner 16:17 < mattst88> at least half the time, he's the only reason that site should exist 16:17 < libv> and besides, how many people here know that michael filed a solid proposal for the next XDS/XDC during toulouse still? 16:17 < libv> mattst88: that's your view. 16:17 < mattst88> hah, of course it is. 16:17 < tmzt_dg2root> and listenable video? 16:18 < libv> tmzt_dg2root: feel free to drag a camera along to X events and tape them yourself instead 16:19 < tmzt_dg2root> hah, I just strain and process with -af volume=10:1 16:19 < tmzt_dg2root> and mostly it works 16:19 < tmzt_dg2root> it's awesome that he does it in the first place ... <unrelated discussion, which included further participation from ajax> ... --- Day changed Wed Nov 24 2010 ... 00:24 < MostAwesomeDude> Man, that rhd thread. 00:24 < MostAwesomeDude> Do we need a PSA about the dangers of drunk committing ... 00:39 <@alanc> can daniels or anholt or ajax or anyone with root on git.fd.o please invesitgate the damn commit and show it wasn't someone cracking root so we can shut that whole thread up? ... 01:14 < krh> alanc: nice dose of common sense in that thread ... 03:02 < tmzt_dg2root> libv: just use a minimal/restricted shell for git access, and limit root to people that reeally need it for maintainance 03:04 < gisburn> libv: that only works if people can't break out of the restricted shell jail. bash in restricted mode is notoriously unsecure 03:04 < gisburn> (but I have no clue how secure "dash" in restricted mode is and for ksh93 you need at least ksh93 version 't+' to be on the safe side) 03:06 < tmzt_dg2root> I wonder how the big git hosters do it 03:06 < tmzt_dg2root> resolving keys and not using user acounts at all I think 03:06 < gisburn> tmzt_dg2root: usually chroot. 03:08 < gisburn> tmzt_dg2root: "typical" solution us to use something like "Jails", "zones" (e.g. Solaris) or even a virtual machine and access data filesystems via r/w via NFS, possibly even kerberised and let '/' an$ 03:12 < mue_> it was no hack though 03:12 < tmzt_dg2root> https://github.com/epeli/subssh 03:16 < tmzt_dg2root> okay, so that script just matches the username in the key, it's not based on a hash or anything else ... 04:23 < daniels> raster, antrik: fwiw, the n900 was sold through a few telcos, including vodafone in europe, optus in australia, etc. 04:28 < daniels> alanc: and it wasn't a hack at all, i logged in with danielsR. i've asked tollef to disable danielsR across fd.o. (i'd reply to the list, but don't have email access while i'm in .au this week.) 04:28 < daniels> libv: my apologies as well; i can't really defend it at all as it was a pretty gross misuse of fd.o 04:29 <@alanc> daniels: I think you and ajax need to get your stories straight 04:30 < ohsix> jerkcity ftw 04:30 < ajax> both are accurate 04:30 < ajax> we were in the same room 04:30 < ajax> i did the commit 04:30 < ohsix> GLAHGLHGHG 04:30 < ajax> his login though 04:30 <@alanc> I also think both of you giving up admin rights is a reward for you, not a punishment 8-/ 04:30 < ajax> in a sense, yes 04:30 <@alanc> punishment for everyone else 04:31 < ajax> but like i said, i'm not exactly feeling awesome about it or much of anything else 04:31 < ajax> so, you know. happy thanksgiving. 04:31 < daniels> heh, to some extent, but tollef is pretty on the ball these days 04:32 < daniels> i still have access to fruit & ldap, so i'm happy to do x.org account creation, or we could get you ldap access if you were feeling masochistic ;) 04:32 < ohsix> rands should run everything 04:33 < ajax> see, this is what i'm saying. 04:35 <@alanc> as far as X.Org is concerned, not having to shut down git access for a week or two to audit everything is a win - beyond that, it's up to fd.o management (which I assume is still just keithp) what to do about who has admin access 04:37 <@alanc> it does make me wonder if there's any way to enforce having reasonable signed-off-by in all commits, though anything we can mandate, root can subvert by disabling the hooks 04:37 < daniels> yeah, exactly 04:37 <@alanc> so that would just stop xgi & ast from committing 04:37 < daniels> heh 04:37 < ohsix> at least it was root@ :D could have been made to look like anything 04:38 < daniels> not that that'd be a huge loss tbh, but still 04:38 < airlied> the thing is git does the right thing 04:38 < airlied> you can't actually modify a git commit without someone noticing 04:38 < daniels> right 04:38 < airlied> addition to a repo don't matter a crap 04:39 <@alanc> yeah, enough of us have checked out repos we'd notice if we got errors about head not matching 04:39 < airlied> like really ajax should have done that commit without root and pushed it 04:39 < airlied> I for one would support that 04:39 < airlied> maybe "It's dead jim" -> "This project is deprecated" 04:39 < daniels> airlied: radeonhd isn't really an xorg project though, they do their own thing 04:39 < airlied> its not really any project anymore 04:39 < daniels> at the moment they're not part of xorg in anything but git repo name, so you have to go looking for it 04:40 <@alanc> doing it right would be putting a "needs maintainer" message in like the input drivers, and putting it in master, not a new branch 04:41 < whot> or merge it into the xserver tree :P 04:42 <@alanc> and I suppose one advantage of the single pusher model to xserver is that keith really notices when someone pushes something they shouldn't have to xserver itself 04:44 < whot> alanc: you get that in any well-maintained repo though 04:44 <@alanc> I certainly notice when there's a push by anyone other than me or Gaetan to apps/libs/proto modules 04:46 < whot> yeah, same with evdev/synaptics 04:46 <@alanc> and I know I've heard from vmware's maintainer when I pushed to that module without getting his review first 04:48 < daniels> i think this is the best argument i've yet seen for the gatekeeper model: 04:48 < daniels> dani...@annarchy:~%GIT_DIR=/srv/anongit.freedesktop.org/git/xorg/xserver.git git log --grep=Revert --pretty=oneline xorg-server-1.6.0..xorg-server-1.8.0 | wc -l 04:48 < daniels> 40 04:48 < daniels> dani...@annarchy:~% GIT_DIR=/srv/anongit.freedesktop.org/git/xorg/xserver.git git log --grep=Revert --pretty=oneline xorg-server-1.8.0..master | wc -l11 04:50 < whot> i'd say the number of reviewed-by tags is more telling. xserver development has slowed down in general since 1.6, at least when it comes to feature churn ... 05:59 < raster> daniels: i know. and i heard ity had like an 80% return rate or something for vodafone in the uk 05:59 < raster> wasnt desirned/geared to be sold thru a telco tho ... 06:10 < daniels> raster: i'm pretty sure you got your figures mixed up there 06:10 < ohsix> very mixed up ... 07:33 <@alanc> good lord, he's going to reply to every single damn email in the thread, isn't he? ... 08:14 < raster> daniels: thats what i heard - it was some horrendous return-rate 08:14 < raster> not because they were faulty 08:14 < raster> peolpe just didnt like it 08:14 < raster> like general-joe customers ... 09:22 < libv> alanc: heh. ... 10:01 < daniels> raster: i've heard that story, but it's definitely not about the n900 ... 10:32 < remi|work> whot, maybe commit numbers have gone down, but traffic on -devel with [PATCH] has definitely gone way up 10:32 < remi|work> no hard numbers, but I'm having a hard time reading all of -dev these days 10:32 < remi|work> it used to be a lot easier a couple months/years ago 10:33 < remi|work> not that I'm complaining, it probably means we're reviewing patches a *lot* more than we used to ... 17:14 < jcristau> mattst88: can we close that thread yet? 17:15 < mattst88> yes, I don't think it's worth responding to 17:15 < jcristau> i mean, if you're interested in more libv ranting, you can do that out of xorg@ 17:15 < jcristau> :) 17:15 < libv> hah. 17:15 < dottedmag> whoops. Hopefully not here. 17:16 < libv> next time it'll happen to you, and i'll stand there and downplay too. 17:16 < mattst88> libv, feel free to push garbage branches to -glint. 17:17 < libv> mattst88: from root with faked commiter id? 17:18 < mattst88> yeah, I don't particularly care as long as you don't actually interfere with anything. 17:18 < libv> ... anything you were or are involved with, right? 17:18 < KiBi> bleh, 20+ more mails since last time I looked at it. 17:19 < mattst88> libv, I'm saying that whatever ulterior motives you're suggesting people have for picking at you, you have ulterior motives for being as loud as possible about this. 17:20 < libv> mattst88: oh, those motives are quite clear to anyone 17:20 < mattst88> no, the other ones. 17:20 < libv> mattst88: they are the same ones that made me put my foot up the board elections in february 17:20 < libv> mattst88: oh, which are? 17:21 < mattst88> you knew who did it when you saw it. you 17:21 < mattst88> you're trying to twist the knife. 17:21 < libv> mattst88: i didn't know, i had my suspicions though 17:22 < libv> mattst88: the fact that i had some suspicion, doesn't make the event right, now does it? 17:22 < mattst88> no, i'm not claiming it was acceptable 17:23 < libv> but you are still downplaying. 17:24 < mattst88> an alternative perspective would be that you're overblowing it, but I don't think we'll ever agree. 17:25 < libv> true ... <unrelated> ... 17:50 < ohsix> wheres this thread, i can only find one mail 17:51 < vignatti> ohsix: http://lists.x.org/archives/xorg-devel/2010-November/015824.html 17:52 < ohsix> vignatti: ah ya that's the one, no replies on gmane to it though; thanks 17:52 < vignatti> ohsix: but this one following, is the only that matters actually: 17:52 < vignatti> http://lists.x.org/archives/xorg-devel/2010-November/015901.html 17:53 < vignatti> rest is just libv bitching around 17:54 < ohsix> right, thanks ... 20:04 < ohsix> hurr libv you insinuated they were on drugs :D 20:04 < ohsix> http://www.jerkcity.com/ ... <unrelated> ... --- Day changed Thu Nov 25 2010 ... <unrelated> ... 08:37 * alanc barely resists the temptation to include "Just remember boys and girls, git's all fun until somebody loses an eye or has to go to the emergency eye wash spigot." in the xeyes release announcement 08:47 < airlied> alanc: looses a root? :-) ... <unrelated> ... 22:16 < whot> alanc: hehe, nice xeyes announcement. you should have written "removal of various xeyesores" though :) 22:17 < whot> just to see if anyone notices ...
_______________________________________________ xorg-devel@lists.x.org: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
