From Fedora Project Wiki
| mmcgrath | OMGWTFBBQ? | 10:59 |
|---|---|---|
| spevack | ok folks... welcome to the "public" room of the latest Fedora Board IRC meeting. | 11:00 |
| Jeff_S | mmcgrath: yes | 11:00 |
| spevack | As often, I will be your moderator. | 11:00 |
| spevack | My job is to feed the questions you guys have into the moderated room, and the Board will answer them. | 11:00 |
| spevack | I'm not sure if they have any agenda items to discuss today. | 11:00 |
| stickster | Welcome everyone | 11:01 |
| spevack | but at some point they will be ready for questions, so just fire away, and when the Board is ready, i'll paste them into their channel | 11:01 |
| spevack | hi stickster | 11:01 |
| * mmcgrath waves at sir stickster | 11:01 | |
| vallor | spevack: I'm sure one of the questions on everybody's mind is the status of "Infrastructure" -- and are the rumors true that the bogusly-signed openssh packages were trojaned? | 11:01 |
| * spevack wonders why mmcgrath never addressed him as "sir" :) | 11:01 | |
| spevack | vallor: that question is now at the top of the queue | 11:02 |
| vallor | thank you :) | 11:02 |
| -!- zcat [n=zcat@pdpc/supporter/active/zcat] has joined #fedora-board-public | 11:02 | |
| lwnjake | spevack: also, when might we find out more about exactly what happened to the infrastructure | 11:03 |
| nirik | related question: any news/eta on more details from the investigation being released? | 11:03 |
| lwnjake | heh | 11:03 |
| * spevack notes everything | 11:03 | |
| nirik | jinx. ;) | 11:03 |
| * ricky is around | 11:03 | |
| bryan_kearney1 | spevack: I would like to get feedback on the AOS Trademark request | 11:03 |
| -!- bjornts [n=nmabs@bts.uib.no] has joined #fedora-board-public | 11:03 | |
| bryan_kearney1 | spevack: if that diverges into "Should Fedora Require SELinux" that is cool | 11:04 |
| rdieter | spevack: another hard ball, why wasn't the board informed of anything? (afaik, they're as much uninformed as anyone). | 11:04 |
| rdieter | or so says mr. spoleeba | 11:04 |
| -!- hibana [n=inetpro@unaffiliated/hibana] has joined #fedora-board-public | 11:04 | |
| -!- mdomsch [n=Matt_Dom@cpe-70-124-62-55.austin.res.rr.com] has joined #fedora-board-public | 11:05 | |
| -!- jwilliam [n=jwilliam@jwilliam.dsl.xmission.com] has quit [Client Quit] | 11:05 | |
| * spevack adds all of these to the queue | 11:05 | |
| -!- mdomsch [n=Matt_Dom@cpe-70-124-62-55.austin.res.rr.com] has left #fedora-board-public ["Leaving"] | 11:05 | |
| mmcgrath | spevack: you're king spevack thats why :) | 11:05 |
| spevack | mmcgrath: :) | 11:05 |
| -!- jwilliam [n=jwilliam@jwilliam.dsl.xmission.com] has joined #fedora-board-public | 11:06 | |
| inode0 | less touchy I think question: why no new installation media? seems a large pain to install systems with keys that we need to replace after installation?! | 11:06 |
| rdieter | inode0: that's not a board question, imo, and was addressed in rel-eng meetings. In short, way way way more work. I don't think it's been ruled out, but the time to do that would be prohibitive. | 11:07 |
| nirik | inode0: because that doesn't help any of the already burned media out there, and for doing something like 9.1 there would be export approval/legal to go thru (I think) | 11:07 |
| inode0 | rdieter: I'm happy to get answers here whether the board hears the question or not | 11:08 |
| spot | nirik: you're right on the spot there. ;) | 11:08 |
| * nirik nods. Happy to provide more info anytime inode0. ;) | 11:08 | |
| nirik | spot: cool. I love it when I am right. ;) | 11:09 |
| * spevack has all the questions asked so far queued up | 11:09 | |
| inode0 | is the first question about redhat packages or fedora packages btw? | 11:10 |
| spevack | vallor: ^^^ see inode0's comment | 11:10 |
| nirik | it would have to be about RHEL packages... | 11:11 |
| nirik | which the board wouldn't likely be able to answer, but hey, I am not them, so lets see what they say. ;) | 11:11 |
| vallor | spevack: I think it would be a bit unusual for the board not to (at least) recognize the impact of the "crisis" (mdomsch's article's term), on the Fedora community, including questions necessary for an informed assessment of our own systems' integrity. | 11:12 |
| spevack | vallor: sure. i'm not disagreeing with that. just asking for clarification about whether you were referring to RHEL or Fedora ssh packages | 11:14 |
| vallor | I'm referring to anything and everything in the incident where systems that were compromised -- and if that flows slightly into RHEL space, I think it is only prudent to explain that part of the incident, too. | 11:16 |
| spevack | ok | 11:16 |
| vallor | er, where systems were compromised * | 11:16 |
| inode0 | clarification: is this an open town hall style meeting for the board to hear concerns and comments from the community or is there a list of appropriate topics I am not aware of? | 11:16 |
| spevack | inode0: you can ask anything you want, as far as i am concerned. | 11:16 |
| spevack | or make any statement you want. | 11:16 |
| spevack | that's the point | 11:17 |
| vallor | inode0: I'm not working from any list, if that's what you mean -- I just have some concerns, which are shared by other Fedora users that I have contact with, incl. colleagues in our local LUG | 11:18 |
| -!- tburke [n=tburke@nat/redhat/x-30bb7f9baa61c32c] has joined #fedora-board-public | 11:18 | |
| bryan_kearney1 | spevack: this is the SELinux issue | 11:18 |
| spevack | tburke: you'll want to join #fedora-board-meeting also | 11:18 |
| spevack | bryan_kearney1: go ahead. | 11:19 |
| * vallor has to point out that his company posts any and all problems that it faces on its front web page | 11:19 | |
| -!- asdfasdf [n=________@201-213-177-15.net.prima.net.ar] has joined #fedora-board-public | 11:19 | |
| spevack | we will feed all the questions in to the Board, don't worry. | 11:19 |
| spevack | bryan_kearney1: did you have another question? | 11:20 |
| bryan_kearney1 | i would like to see this discussiong occur | 11:21 |
| bryan_kearney1 | right now, I have a trademark request DOA becuase of this | 11:21 |
| spevack | bryan_kearney1: ah... your AOS question is an SELinux issue | 11:21 |
| * spevack connects the threads based on f-a-b posts | 11:21 | |
| spevack | bryan_kearney1: i got it now | 11:21 |
| bryan_kearney1 | I gave up for F10 | 11:21 |
| bryan_kearney1 | but in reality, we need to either enforce a minimal set of technologies | 11:21 |
| bryan_kearney1 | and define it | 11:21 |
| bryan_kearney1 | or keep opinions to our selves | 11:22 |
| -!- asdfasdf [n=________@201-213-177-15.net.prima.net.ar] has left #fedora-board-public ["Leaving"] | 11:22 | |
| * spevack updates the question list | 11:23 | |
| vallor | what is f-a-b -- fedora-admin-board ? | 11:23 |
| -!- cyban [n=cyban@69.104.44.220] has joined #fedora-board-public | 11:23 | |
| spevack | fedora-advisory-board | 11:23 |
| rdieter | f.. advisory board (list) | 11:23 |
| vallor | spevack: ah, thank you :) | 11:23 |
| -!- Half_Life [n=Angel@202.92.51.88] has quit [Client Quit] | 11:24 | |
| vallor | are they talking about some kind of export restriction for SELinux? | 11:26 |
| vallor | like it used to be with crypto? | 11:27 |
| inode0 | vallor: my question wasn't related to your concerns which are perfectly appropriate | 11:27 |
| vallor | (U.S. export restriction, I mean) | 11:27 |
| bryan_kearney1 | notting... the net result wa no approval | 11:28 |
| nirik | vallor: no, its about spins that disable selinux being able to say they are "Fedora" | 11:28 |
| bryan_kearney1 | wa == was | 11:28 |
| -!- JonRob [n=JonRob@88-109-157-176.dynamic.dsl.as9105.com] has joined #fedora-board-public | 11:29 | |
| vallor | nirik: thanks, didn't know what that was about | 11:29 |
| * lmacken yawns | 11:29 | |
| lmacken | SELinux should *always* be enabled by default for Fedora spins, imo. | 11:29 |
| lmacken | fixing selinux bugs is not hard. | 11:30 |
| * nirik notes that in the FESCo meeting it was talked about making spins meet the release criteria | 11:30 | |
| aa6e | How many times has SELinux saved your bacon vs how many times caused grief? | 11:30 |
| bryan_kearney1 | nirik: the issue is we did, and SELinux being enabled is not part of the criteria | 11:31 |
| bryan_kearney1 | although folks feel it should | 11:31 |
| bryan_kearney1 | if it it a criteria, define it | 11:31 |
| * nirik nods | 11:31 | |
| vallor | well, regarding the SELinux question, would it work to require it to be enabled, but give them a large knob, with which to easily turn it off? | 11:31 |
| * inode0 is not aware of selinux saving his bacon ever - but uses it anyway | 11:31 | |
| nirik | QA/ReleaseCriteria is the link BTW. | 11:31 |
| -!- Shambuku [n=dhyatt@64.88.170.36] has joined #fedora-board-public | 11:32 | |
| -!- jds2001 [n=jds2001@fedora/jds2001] has joined #fedora-board-public | 11:32 | |
| * lmacken gets dejavu from 4 years ago | 11:32 | |
| lmacken | so, the question is -- why do you need to disable it ? | 11:33 |
| * nirik wonders if the board will get to any questions today or will keep rehashing. ;) | 11:33 | |
| bryan_kearney1 | sorry | 11:33 |
| bryan_kearney1 | lmacken: wierd cases with appliance building and deploying | 11:33 |
| -!- herlo [n=clints@209.41.92.72] has joined #fedora-board-public | 11:34 | |
| zcat | this selinux thing -- it only applies if you call the spin "Fedora" proper? so for something like "Eeedora" (where selinux is diabled) it wouldn't apply? | 11:34 |
| nirik | zcat: yeah, it's trademark usage... so something can use the Fedora name/brand. | 11:34 |
| jds2001 | correct. | 11:34 |
| lmacken | bryan_kearney1: boot and use the spin in permissive -- then file a bug with the denials. | 11:35 |
| jds2001 | I thought fesco already dealt with this piece of it, since it was brought to our attention. | 11:35 |
| bryan_kearney1 | lmacken: that is what I ended up doing, but in theory if you use the spin and build it with disabled there could be issues | 11:35 |
| * rdieter wonders if the board is going to get to the good/juicy stuff anytime soon. :) | 11:35 | |
| ongolaBoy | rdieter:be patient ;) | 11:36 |
| * inode0 wonders if the juicy bit is saying they (a) don't know or (b) can't comment at this time anyway | 11:36 | |
| -!- vwbusguy [n=scott@65.113.76.226] has joined #fedora-board-public | 11:37 | |
| vallor | spevack: Sir, quick point of order -- is there an actual "chief executive" in charge of the Fedora project -- someone with a final veto power -- or is this all being handled by committee? | 11:38 |
| * vallor confesses he doesn't know | 11:38 | |
| nirik | bryan_kearney1: is this f9 or f10? | 11:38 |
| vwbusguy | I'd like to know what security changes in regard to the repos / updates and stuff, if any other than the key change, if it hasn't been discussed yet | 11:38 |
| bryan_kearney1 | nirik: f10 | 11:39 |
| spevack | vallor: The Fedora Project Leader has that power. FPL | 11:39 |
| nirik | bryan_kearney1: should work to have it enabled. What errors did you see? | 11:39 |
| vallor | spevack: thank you | 11:39 |
| spevack | vallor: no problem | 11:39 |
| spevack | vallor: that is stickster | 11:40 |
| bryan_kearney1 | nirik: lemme get you the info | 11:40 |
| vallor | okay, thank you | 11:40 |
| mmcgrath | The beef! Where is it? | 11:40 |
| bryan_kearney1 | nirik: In this, I am a bit of a spokesdude | 11:40 |
| nirik | bryan_kearney1: ok, no worries... as far as I know it should work. I would say for sure file bugs... | 11:41 |
| nirik | dwalsh is a bug fixing fiend. | 11:41 |
| bryan_kearney1 | nirik: will do | 11:41 |
| vwbusguy | spevack, I had one | 11:41 |
| vwbusguy | spevack, I'd like to know what security changes in regard to the repos / updates and stuff, if any other than the key change, if it hasn't been discussed yet | 11:41 |
| inode0 | spevack: vwbusguy asked one too | 11:41 |
| quaid | bryan_kearney1: dude, sorry if you got burned on the trademark stuff and F10 features :/ | 11:41 |
| bryan_kearney1 | quaid: no issues... | 11:42 |
| bryan_kearney1 | quaid: I really just want approval for 10 | 11:42 |
| -!- goeran [n=goeran@ua-83-227-168-100.cust.bredbandsbolaget.se] has joined #fedora-board-public | 11:42 | |
| spevack | vwbusguy: i'll add that too | 11:42 |
| vwbusguy | spevack, thanks | 11:42 |
| bryan_kearney1 | quaid: if the end result is getting a list documented, that is a great outcome | 11:42 |
| ongolaBoy | what is NDA please ? | 11:43 |
| spevack | ongolaBoy: NDA is a non-disclosure-agreement | 11:43 |
| ongolaBoy | thx spevack | 11:43 |
| spevack | http://en.wikipedia.org/wiki/Non-disclosure_agreement | 11:43 |
| * rdieter isn't liking the answer, if you can't trust your board, then you're sol. | 11:44 | |
| -!- deegee [n=deegee@unaffiliated/deegee] has joined #fedora-board-public | 11:44 | |
| ivazquez | Yeah, I don't like the paranoia much either. | 11:44 |
| vallor | rdieter: agreed | 11:44 |
| rdieter | fwiw, maybe for future boards, they *should* have a NDA | 11:44 |
| * nirik isn't sure that would help any | 11:45 | |
| ricky | I think the implication is that the board wasn't involved | 11:45 |
| ricky | In the sense of: "People in the board that were involved were involved for different reasons" | 11:45 |
| vallor | rdieter: may be, for security matters -- what they need is to develop and publish a security plan that everyone can agree to | 11:45 |
| rdieter | vallor: that too, of course. | 11:46 |
| -!- deegee [n=deegee@unaffiliated/deegee] has quit [Read error: 104 (Connection reset by peer)] | 11:46 | |
| JonRob | vallor +1 | 11:46 |
| -!- gregdek [n=gdk@h161071.upc-h.chello.nl] has joined #fedora-board-public | 11:46 | |
| * ricky switches rooms | 11:48 | |
| * jds2001 has a formal relationship with RHT and is under NDA - not that it helped me in this situation (nor should it have, I had no reason to know). | 11:49 | |
| vallor | rdieter: sounds like they've brought up having an incident response plan -- I guess I have to wonder is there a security group developing such a plan...and should the board have a private mailing list (ONLY FOR INITIAL SECURITY INCIDENTS), where they can have full disclosure with each other? | 11:49 |
| JonRob | vallor: i believe there is already a private list for the board | 11:49 |
| vallor | rdieter: I'm a big proponent of transparency, but I understand the need to keep mum in an initial security response | 11:49 |
| -!- abadger1999 [n=abadger1@65.78.187.8] has joined #fedora-board-public | 11:50 | |
| jds2001 | there's a private list already. | 11:50 |
| vallor | k, just wondered | 11:50 |
| -!- deegee [n=deegee@unaffiliated/deegee] has joined #fedora-board-public | 11:50 | |
| lwnjake | spevack: we still haven't heard when we will hear more ... | 11:51 |
| skvidal | lwnjake: b/c we don't know | 11:52 |
| * nirik didn't think his and lwnjake's question was really answered. ;) | 11:52 | |
| -!- deegee [n=deegee@unaffiliated/deegee] has left #fedora-board-public ["Konversation terminated!"] | 11:52 | |
| lwnjake | nirik: exactly | 11:52 |
| rdieter | vallor: mum is fine, but I expected that our *elected/community* representatives would have at least been kept in the know | 11:52 |
| nirik | skvidal: ok, is there at least an idea or who thats gating on? ie, the investigation is still on-going? or ? | 11:52 |
| tc1415 | rdieter: i would prefer everyone or noone tbh | 11:52 |
| skvidal | the investigation is still ongoing | 11:53 |
| rdieter | tc1415: I guess we disagree then | 11:53 |
| spevack | nirik: i will note that | 11:53 |
| nirik | ok. fair enough. And no ETA (ballpark) on it? | 11:53 |
| skvidal | nirik: it's like asking a private detective when they think they'll find your kidnapped daughter | 11:53 |
| skvidal | we don't know | 11:54 |
| * ricky returns | 11:54 | |
| nirik | ok. | 11:54 |
| rdieter | skvidal: lie? :) exactly 3.4 days, no problem. | 11:54 |
| skvidal | rdieter: yes, in no more than 1439.4 days | 11:54 |
| skvidal | give or take half a decade | 11:54 |
| rdieter | or simply say, *we don't know*, which afaik, hasn't actually been said (officially). | 11:54 |
| vallor | spevack: please relate my thanks to f13 :) | 11:55 |
| lmacken | mmcgrath: did you say you were going to start the incident response plan ? | 11:55 |
| * lmacken recalls saying he would help | 11:55 | |
| gregdek | GIMME BACK MY SON!!! | 11:55 |
| spevack | gregdek: -1 (Troll) | 11:55 |
| qwer | Is there anything administrators of Fedora systems need to to to avoid a similar break-in? | 11:55 |
| mmcgrath | lmacken: yeah its on my docket but at this point still months out so if you wanted to get started don't let me stop you. | 11:55 |
| lmacken | cool. I'm going to go on a SOP writing binge right now (IDS, SELinux, Incident response)) | 11:56 |
| vwbusguy | spevack, I didn't mean to imply secrecy with the repo changes, just curious as to an ongoing strategy | 11:56 |
| vallor | gregdek: "You can have your son back, just as soon as we've debriefed him...you'll see him in, say, another month..." | 11:56 |
| spevack | *** any other follow-ups on security/infrastructure stuff? otherwise, when they break, i will move on to the other questions *** | 11:57 |
| aa6e | gregdek: ,,, after the election... | 11:57 |
| tburke | rdieter: isn't "its an ongoing investigation" the same as saying "we dont' know" | 11:57 |
| qwer | Is there anything administrators of Fedora systems could do to avoid a similar break-in? | 11:57 |
| jds2001 | spot: no, but plenty of other companies have had to deal with it :) | 11:58 |
| jds2001 | though +1 | 11:58 |
| rdieter | tburke: fine, then *say so*. If it's not said explicitly, folks make their own (often incorrect assumptions) | 11:59 |
| vallor | qwer: leave SELinux turned on? (thread mash-up) ... but seriously, do we know when updates will start happening again for F9? I guess knowing the roadblocks to that would allay some fears that this is a huge problem, that is still ongoing... ? | 11:59 |
| bjornts | The information problemswith the infrastructurre breach point right back at RedHaaat. They have the power. Is there a channel to voice our concern witth the beaaahaviouuuur of Redhat in this matter? | 11:59 |
| jds2001 | vallor: updates are flowing | 11:59 |
| vallor | jds2001: hmm | 11:59 |
| jds2001 | d'oh, maybe not a new fedora-release to point you to em | 12:00 |
| lmacken | vallor: selinux would not have prevented this incident | 12:00 |
| -!- SMParrish [n=quassel@cpe-069-134-255-095.nc.res.rr.com] has joined #fedora-board-public | 12:00 | |
| rdieter | bjornts: legal stuff sucks, what else is there to say? | 12:00 |
| vallor | jds2001: so there's a fedora-release rpm that I gotta grab to get updates moving again? | 12:01 |
| herlo | So the patches that have been made and fixes that were applied to the infrastructure, did they help in solving this issue? | 12:01 |
| bryan_kearney1 | spevack: one edit, I would like to get an updown on the second request | 12:01 |
| bryan_kearney1 | AOS is Appliance Operating System | 12:01 |
| jds2001 | vallor: it will be pushed to the old repos soonish | 12:01 |
| herlo | I mean, what's to stop someone from doing this sort of break-in again? | 12:01 |
| -!- JonRob [n=JonRob@88-109-157-176.dynamic.dsl.as9105.com] has quit [Client Quit] | 12:01 | |
| spevack | bryan_kearney1: write exactly what you want me to paste ;) | 12:01 |
| jds2001 | vallor: i know that content is seeded to mirrors already | 12:01 |
| bjornts | rdieter: Legal is one thing. I cannot free myself from suspecting that a lot more could have beenn released without legal problems.... | 12:01 |
| vallor | jds2001: thanks I wasn't aware of that | 12:02 |
| -!- aa6e [n=ewing@69.183.146.76] has quit [Client Quit] | 12:02 | |
| rdieter | bjornts: you can suspect all you want... doesn't make it true. | 12:02 |
| bryan_kearney1 | spevack: AOS spin is still awaiting trademark approval, with selinux enabled (--permissive). We need additional feedback | 12:02 |
| bryan_kearney1 | spot, I understand | 12:02 |
| bryan_kearney1 | spot: I made changes per the feedback I got, and have gotten no new feedback | 12:02 |
| bjornts | rdieter: True. But nothing indicates that it's false either - and that is part of the problem. | 12:03 |
| rdieter | bjornts: law enforcment (and lawyers) really don't like it when folks involved in an ongoing investigation, talk publically about details. sad, but true. | 12:04 |
| vallor | rdieter: I think relying on a "law enforcement attitude" is inimical to the goals of the Fedora project -- particularly, the attitude of "don't worry, we know what's best" is especially frustrating | 12:06 |
| -!- kikker46 [n=kikker46@83.101.24.155] has quit ["leaving"] | 12:06 | |
| bjornts | rdieter: Of course they don't. And I realise they had to hold back. But they were holding back to the point where Fedora users kneew they might have a problem but no clue what, RH users were llikely to have a problem but had no idea. | 12:06 |
| jds2001 | vallor: frustrating, but necessary when law enforcement is likely involved. | 12:06 |
| BB|AtWork | spevack what beer is the boards favorite! :) | 12:07 |
| bjornts | rdieter. Thus setting themselves up for serious legal problems if customers/users had been burned | 12:07 |
| rdieter | vallor, bjornts : no... other... option. period. | 12:07 |
| spevack | BB|AtWork: heh | 12:07 |
| bryan_kearney1 | stickster: I appreciate that, which is why we went back to turning it back on. No need to force hte SELInux discussion now. | 12:07 |
| bryan_kearney1 | stickster: but, still need this to get the F10 Feature done | 12:07 |
| jds2001 | quaid: question is clear.... | 12:08 |
| bryan_kearney1 | i like the secondary mark | 12:08 |
| tc1415 | in my opinion, not that it matters, if, for any reason, you _imply_ that the Package Collection may be compromised, you from that moment have a duty of care to say *there and then* _why_ you are implying that | 12:09 |
| bryan_kearney1 | i like "Powered By Fedora" | 12:09 |
| vallor | jds2001: having had experience with law enforcement and security incidents (including the 1998 "pentagon hacker" situation), I know that LE likes to throw lids on things that don't need lids -- for instance, not disclosing what happened doesn't help, since the bad guys _do_ know what happened, which means the bad guys have more info than the good guys! | 12:09 |
| * vwbusguy really likes "Powered by Fedora" and would like it even more if Fedora would package a separate secondary artwork rpm | 12:09 | |
| vallor | (to put it in simple terms) | 12:09 |
| jds2001 | vwbusguy: secondary artwork rpm is there. | 12:09 |
| vwbusguy | like a fedora-logos-OEM.noarch.rpm | 12:09 |
| bryan_kearney1 | vwbusguy: +1 | 12:09 |
| jds2001 | vwbusguy: generic-logos | 12:10 |
| bryan_kearney1 | jds2001: no.. those are anti-logos | 12:10 |
| * jds2001 hasn't actually looked at them :) | 12:10 | |
| bryan_kearney1 | jds2001: the same logos, with Fedora Gimp'ed out | 12:10 |
| jds2001 | yeah, the artwork team could probably work on the secondary logos after we figure out stickster's two other questions :) | 12:12 |
| vwbusguy | yeah, as much as possible it would be neat to have a powered by Fedora logo | 12:12 |
| vwbusguy | I like "powered by fedora" a lot better than "based on", because it implies more of the credit to Fedora | 12:13 |
| bryan_kearney1 | stickster: where?? | 12:13 |
| vwbusguy | and less ambiguity as to what the OEm would be giving the customer | 12:13 |
| bryan_kearney1 | quaid.. why secondary? | 12:14 |
| bryan_kearney1 | selinux is enabled, just permissive | 12:14 |
| vallor | rdieter vallor, bjornts : no... other... option. period. <--- "That is not an argument." | 12:14 |
| quaid | bryan_kearney1: talking about the disabled version | 12:14 |
| inode0 | powered by and based on imply two very different things to me | 12:14 |
| quaid | bryan_kearney1: also, permissive hasn't passed releng review :D | 12:15 |
| bryan_kearney1 | quaid: sorry | 12:15 |
| zcat | "Powered by Fedora*" <small>*selinux-neutered edition</small> | 12:15 |
| quaid | bryan_kearney1: trying to figure out what would happen if you didn't get main mark approval | 12:15 |
| quaid | bryan_kearney1: IMO, secondary mark is going to be good enough for a lot of stuff if we market it correctly. | 12:15 |
| rdieter | vallor: ok, option 2: disobey law-enforcment/lawyers, and blab anyway, risk imprisonment, getting sued. better? | 12:15 |
| spot | i can't go back to prison. | 12:16 |
| bryan_kearney1 | quaid: I will be pragmatic... I just want one tiny feature in F10 | 12:16 |
| jds2001 | stickster: we came up with the same thing IIRC - releng+spin SIG, come back when you have something :) | 12:16 |
| vallor | somehow, I don't think the situation is that black/white ... i.e., false choice fallacy | 12:16 |
| bryan_kearney1 | quaid: at this rate, I dont know if I can make it | 12:16 |
| rdieter | vallor: don't assume | 12:16 |
| vallor | but why not explain to the men and women in blue the special needs of the Fedora community, and find out what other piece of info can be disclosed | 12:16 |
| quaid | bryan_kearney1: in terms of FESCo approval for the feature? | 12:17 |
| bryan_kearney1 | no FESCo approved the Feature, Spin SIG Approved the SPIN | 12:17 |
| bryan_kearney1 | Need Board Trademark Approval | 12:17 |
| quaid | bryan_kearney1: so the timing is possible with the end-of-month target for TM stuff | 12:18 |
| rdieter | vallor: good luck with that. :) | 12:18 |
| bjornts | rdieter: Either you were privvy to the discusssionns with LE, or you are assuming. Which is it? | 12:18 |
| vallor | rdieter: Sir, an attitude that you won't consult with the lawyers, or the LE, implies that the task might need to be delegated...if you are unwilling to check it for yourself, and for the benefit of the Fedora community? | 12:18 |
| bjornts | rdieter: Nott that I'm not ready to agree to disagree with you by now. :) | 12:19 |
| herlo | spevack: Not sure if this is applicable to the previous discussoin in the board but, So the patches that have been made and fixes that were applied to the infrastructure, did they help in solving this issue? | 12:19 |
| herlo | I mean, what's to stop someone from doing this sort of break-in again? | 12:19 |
| bryan_kearney1 | quaid: Beta Freeze is 2mrw, yes? | 12:19 |
| quaid | bryan_kearney1: yes ... | 12:19 |
| rdieter | herlo: investigation is still ongoing... | 12:19 |
| quaid | but if the Feature is approved,that is unrelated to putting the TM on a spin | 12:19 |
| vwbusguy | I'll try to get some time and submit logo ideas to the fedora artwork team | 12:20 |
| herlo | rdieter: sure, I get that | 12:20 |
| bryan_kearney1 | quaid: unless me enabling SELInux is required _and_ causes issues (dont know if it will) | 12:20 |
| rdieter | herlo: and all that is said, is that they can't say more. :) | 12:20 |
| vwbusguy | But I need guidelines first | 12:20 |
| herlo | rdieter: I'm more interested in what updates/patches they've already put in place (even if they were already planned changes) | 12:20 |
| inode0 | herlo: I don't think anyone has suggested that the problem could be fixed with a patch | 12:20 |
| herlo | rdieter: no, you miss th epoint | 12:21 |
| vwbusguy | Let's please not make the Vista Capable vs Vista Premium Ready. We need to be clear and specific with this in a way that isn't confusing to end users, not just OEMs. | 12:21 |
| herlo | inode0: no, wasn't suggesting that either, just wondering what we can do if anything to secure our boxes now, while we wait | 12:21 |
| jds2001 | lol spot | 12:21 |
| quaid | bryan_kearney1: I'm just trying to sort out the urgencies and timing | 12:21 |
| bryan_kearney1 | quaid: to be honest, it raised my risk level | 12:22 |
| bryan_kearney1 | quaid: but not 10 100% | 12:22 |
| quaid | bryan_kearney1: I don't see that the TM process is holding back your feature being in F10, and I'm unclear if a TM approval process affects the Feature process. | 12:22 |
| bryan_kearney1 | whoops but not to 100% | 12:22 |
| rdieter | herlo: I get the point, but asking for more details, when they're not allowed to give any, means.. well... | 12:22 |
| vallor | herlo: well, you know what? Unless I hear more information, I'm going to have to assume they don't know how the bad guys broke in. That's the only rational reason I can come up with why folks are unwilling to talk to Red Hat legal, as well as LE, to disclose at least that -- in otherwords, it would seem "there is no 'there' there" :( | 12:22 |
| bryan_kearney1 | quaid: without TM approval, the SPIN will not be hosted | 12:22 |
| tc1415 | vallor: +1 | 12:22 |
| bryan_kearney1 | quaid: which is part of the Feature | 12:22 |
| herlo | rdieter: wasn't asking for those sorts of details, more interested in *how* to protect my boxen | 12:22 |
| lwnjake | vallor: that seems very plausible | 12:23 |
| * spot remembers an old quote about assumptions | 12:23 | |
| rdieter | something about an ass. | 12:23 |
| spot | it involves a donkey and tijuana. | 12:23 |
| spot | wait, that was college. | 12:23 |
| spot | never mind. | 12:23 |
| inode0 | herlo: why do you think you need to do more is my question? | 12:23 |
| tc1415 | spot: an absense of information forces us to assume | 12:23 |
| quaid | bryan_kearney1: I'll have to look again at the entanglements, but the Feature could be removed later before release, yes, if it failed to meet the final marks. | 12:23 |
| spot | tc1415: oh, i know. | 12:23 |
| quaid | bryan_kearney1: but here is what is confusing me: | 12:23 |
| bryan_kearney1 | quaid: well.. removal is not my goal here | 12:24 |
| tc1415 | and speculation is _always_ more damaging than the real thing | 12:24 |
| quaid | let's say I make a feature called "Easily enable/disable SELinux from a panel button" | 12:24 |
| * herlo wants to be sure that the changes implemented at fedora infrastructure are ones he should implement. I'm sure there are common security issues that everyone takes care of, but I'm more interested in the edge cases like this one | 12:24 | |
| spot | tc1415: yes, so by all means, continue speculating. :) | 12:24 |
| herlo | I'm just trying to see if there's anything viable to do while waiting for the final information, that is all | 12:25 |
| inode0 | speculation is the nature of scientific thought - perfectly normal human behavior | 12:25 |
| quaid | bryan_kearney1: understood; but the battle over SELinux usage doesn't affect your feature being approved _right_now_, so that means the timing is dependent on the TM process being finished. | 12:25 |
| tc1415 | inode0: precisly! and spot: i intend to | 12:25 |
| rdieter | herlo: many breakings are due to social engineering and/or insider jobs too. what of it? | 12:25 |
| lmacken | what's wrong with system-config-selinux ? | 12:25 |
| jds2001 | stickster: dont bend poelcat's arm too much, it might break like mine did :) | 12:25 |
| * herlo goes back to teaching security | 12:25 | |
| -!- BB|AtWork [n=karl@adsl-99-2-230-230.dsl.pltn13.sbcglobal.net] has left #fedora-board-public ["Leaving"] | 12:25 | |
| -!- jwilliam [n=jwilliam@jwilliam.dsl.xmission.com] has left #fedora-board-public [] | 12:25 | |
| quaid | lmacken: sorry, it's a point I'm making :) | 12:25 |
| herlo | rdieter: I know that, I think my question came across as naive, it wasn't intended to sound that way | 12:25 |
| lmacken | quaid: ah | 12:25 |
| quaid | would my feature be blocked? | 12:26 |
| bryan_kearney1 | quaid: I believe that getting the spin into release engineering is held up by TM Approval | 12:26 |
| quaid | because of TM usage? | 12:26 |
| stickster | jds2001: o noez, no broken wings! | 12:26 |
| quaid | bryan_kearney1: OK | 12:26 |
| bryan_kearney1 | quaid: per kanarip, the process is SPIN->TM (Board) -> RELENG | 12:26 |
| spot | tc1415: if you're looking for outlandish topics to add to speculation, you can include "Theo De Raadt", "the plight of the Australian Thylacine" and "ipchains" | 12:26 |
| bryan_kearney1 | quaid: since the feature includes a spin, it is on the critical path | 12:26 |
| spot | oh yes, and fairies. | 12:27 |
| tc1415 | hey i like fairies.... | 12:27 |
| tc1415 | [/sarcasm] | 12:27 |
| spot | damn fairies. always all up in our internets, signing our packages. | 12:27 |
| -!- spevack [n=spevack@fedora/mspevack] has left #fedora-board-public [] | 12:27 | |
| bryan_kearney1 | i can haz pxedust? | 12:27 |
| rdieter | herlo: you're assuming a technical flaw, or security exploit existed, that required fixing. may or may not be true. still doesn't mean anyone that knows can/will comment. | 12:27 |
| quaid | bryan_kearney1: agreed, just making sure I understood the nature of the path | 12:28 |
| -!- stickster changed the topic of #fedora-board-public to: Next public Fedora Project Board meeting: TBA -=- Board/IRC | 12:28 | |
| vallor | well, thank you for relating what you felt comfortable with relating, spevack -- meanwhile, by not asking the tough questions, we remain in the dark...but at least stickster answered one question in pm, quote: I am in pretty much constant contact with the folks doing the investigation. | 12:28 |
| spot | rdieter: well, at least not communicating with useful data. | 12:28 |
| quaid | bryan_kearney1: I think you can argue with Spin that in this case, they need to temporarily waive the TM question, which happens to be dependent on ... Spins. | 12:28 |
| vallor | but the follow up question -- and the question that was asked more than once, was: do they know how the break-in happened, and is that hole now plugged? | 12:28 |
| bryan_kearney1 | quaid: will rel-eng buy that? | 12:28 |
| quaid | bryan_kearney1: so the spin can go through in time for the release schedule, with a final dependency on the TM approval | 12:29 |
| * rdieter is glad not to be on the board anymore. :) | 12:29 | |
| bryan_kearney1 | quaid: then I have to argue to have rel-eng spit out something which is not approved by the board | 12:29 |
| vallor | and even that, stickster won't answer. | 12:29 |
| bryan_kearney1 | quaid: I know how that will go | 12:29 |
| quaid | bryan_kearney1: I don't know, but it seems to me that by being willing to wander off map and risk grues, you get some special consideration :) | 12:29 |
| spot | vallor: dude, he can't answer. neither can i. | 12:29 |
| bryan_kearney1 | quaid: I would prefer no special consideration :) | 12:29 |
| spot | we're not going to risk prosecution for you. no offense. | 12:29 |
| stickster | Yeah, I mean, I love Fedora, but I also love living at home, with my wife and kids. | 12:30 |
| bryan_kearney1 | stickster: near carl's... yum | 12:30 |
| spot | the instant we can, we will. | 12:30 |
| lwnjake | spot: but that is exactly the problem, fully community distros would not face that | 12:30 |
| stickster | bryan_kearney1: I wasn't going to mention Carl's, but... yeah, sure. | 12:30 |
| quaid | lwnjake: not so | 12:30 |
| spot | lwnjake: they would if their hosting provider got hacked. | 12:30 |
| quaid | lwnjake: or do you refuse to show your driver's license when law enforcement requests it? | 12:30 |
| bryan_kearney1 | stickster: it should be G*d->Wife->Carls->Country | 12:30 |
| vallor | spot: Sir, you guys really need to go back to LE and legal and get permission to disclose that bit of information -- because if you can't answer that simple question in the affirmative, how do you think that feels to the end user? | 12:31 |
| -!- ivazquez [n=ivazquez@fedora/ignacio] has left #fedora-board-public ["I'm taking my ball and going home..."] | 12:31 | |
| lwnjake | hmm, skeptical | 12:31 |
| stickster | http://en.wikipedia.org/wiki/Carl%27s_Ice_Cream | 12:31 |
| quaid | spot: moreso, if you have a machine that is hosted by a provider or over broadband ISP, I bet the usage policy has some language about what they expect of you to do if you get cracked. | 12:31 |
| -!- goeran [n=goeran@ua-83-227-168-100.cust.bredbandsbolaget.se] has quit [Client Quit] | 12:31 | |
| lwnjake | we have seen plenty of community distributions be *much* more open when this kind of thing has occurred | 12:32 |
| spot | vallor: yep. we're trying, trust me. | 12:32 |
| quaid | lwnjake: it just depends on the situation | 12:32 |
| spot | lwnjake: it really really does depend on the situation. | 12:32 |
| quaid | lwnjake: in this case, it happens to be a first -- community + publicly traded company in the same cage | 12:32 |
| skvidal | lwnjake: no | 12:32 |
| tc1415 | spot: does that mean LE are telling you not to? as in _specifically_ "you must not disclose to the Fedora comunity who we now understand exist" | 12:32 |
| skvidal | lwnjake: this kind of thing never happened on any other distro | 12:33 |
| lwnjake | for which we have to take your word ... not that i question it, i believe you all have the best of intentions | 12:33 |
| bryan_kearney1 | stickster: If I send you 10 bucks, think you could get me a chocolate malt, extra malt? | 12:33 |
| spot | tc1415: it means there is an ongoing investigation and we can't comment on ongoing investigations. | 12:33 |
| lwnjake | skvidal: weren't some debian servers hacked a ways back? | 12:33 |
| tc1415 | lwnjake: yes they were | 12:33 |
| skvidal | lwnjake: was canonical also hacked? | 12:33 |
| lwnjake | quaid: *that* is the key piece of the puzzle | 12:33 |
| vallor | well, thank you gentlemen, I appreciate the efforts shown in this board meeting, and I would like to +1 the format -- very efficient. :) | 12:33 |
| skvidal | lwnjake: no, they weren't | 12:33 |
| spot | vallor: thanks for stopping by. | 12:34 |
| skvidal | lwnjake: which is where the issue explodes outward | 12:34 |
| stickster | vallor: We are here every month -- or at least we try our darnedest to be. | 12:34 |
| quaid | lwnjake: to be clear, I use the term 'cage' in a generic sense, not in the datacenter sense :) | 12:34 |
| spot | hey, we keep many of our best people in cages! :) | 12:34 |
| skvidal | lwnjake: if this had just involved fedora, then it would have been a different thing, most likely. | 12:34 |
| skvidal | lwnjake: but there was more to it and we had to talk together for better or worse | 12:34 |
| lwnjake | skvidal: most likely | 12:34 |
| lwnjake | it really reflects most poorly on Red Hat imo | 12:35 |
| skvidal | lwnjake: but saying 'in this situation' in reference to other distros is disengenuous | 12:35 |
| skvidal | b/c no other distro has ever had this situation | 12:35 |
| tc1415 | indeed, and with that, good night everyone | 12:35 |
| lwnjake | skvidal: i disagree | 12:35 |
| skvidal | lwnjake: the debian event is not an analogue | 12:35 |
| skvidal | it does not match up at all | 12:35 |
| skvidal | there was no publicly held company involved | 12:36 |
| lwnjake | bingo | 12:36 |
| skvidal | so it doesn't match | 12:36 |
| lwnjake | my point is that a truly community distro would not have this problem | 12:36 |
| lwnjake | you just made that point for me, thanks ... | 12:36 |
| quaid | there is no such thing | 12:36 |
| skvidal | lwnjake: I'm not sure what game of gotcha you are playing | 12:36 |
| -!- tc1415 [i=blewis@fedora/tc1415] has left #fedora-board-public ["Off to eat pudding..."] | 12:36 | |
| quaid | in the sense of what you mean' | 12:36 |
| skvidal | lwnjake: but I'm not playing the game | 12:36 |
| quaid | but regardless | 12:36 |
| lwnjake | there's no gotcha ... | 12:36 |
| quaid | the point still works with "donated hosting provider who also got cracked" | 12:36 |
| quaid | s/cracked/attacked/ whatever | 12:37 |
| spot | damn. i thought this was lwn, not the reg. | 12:37 |
| -!- John5342 [n=John5342@user-54470a1c.wfd82a.dsl.pol.co.uk] has left #fedora-board-public ["Does anybody actually read these messages?"] | 12:37 | |
| spot | anyways. | 12:37 |
| stickster | I think lwnjake's point is that he has a specific definition of "community distro." It may not be the same as some other people's definition. | 12:37 |
| -!- spot [i=spot@redhat/spot] has left #fedora-board-public ["Leaving"] | 12:37 | |
| quaid | if $distro were at $hosting_provider that also happens to be owned by a publicly traded company, maybe they'd call $the_law, and we'd be having this same discussion about _them_ | 12:37 |
| -!- hibana [n=inetpro@unaffiliated/hibana] has left #fedora-board-public ["conversation brought to an end"] | 12:37 | |
| lwnjake | red hat legal has hung y'all out to dry ... | 12:38 |
| quaid | stickster: yes, but that stillw orks | 12:38 |
| lwnjake | that's my point ... and it is a personal one, not professional ... i am a longtime fedora user | 12:38 |
| quaid | attached on community distro + publicly held company == different situation than attack on community distro alone | 12:38 |
| lwnjake | exactly | 12:38 |
| quaid | wouldnt' matter which community distro | 12:38 |
| quaid | and Fedora matches the definition, yep | 12:39 |
| lwnjake | debian? | 12:39 |
| skvidal | lwnjake: here's an example | 12:39 |
| quaid | it happens the biggest community contributor is Red Hat | 12:39 |
| lwnjake | slackware? | 12:39 |
| quaid | which also owns the mark, etc. | 12:39 |
| skvidal | lwnjake: a debian server gets crack | 12:39 |
| skvidal | ed | 12:39 |
| skvidal | lwnjake: the cracker hosts A LOT of kiddie porn | 12:39 |
| skvidal | and terrorist documentation | 12:39 |
| quaid | good example | 12:39 |
| skvidal | the hosting provider gets a national security letter | 12:39 |
| skvidal | debian is down and out | 12:39 |
| skvidal | and not allowed | 12:39 |
| skvidal | AT ALL | 12:40 |
| skvidal | to speak about it | 12:40 |
| skvidal | would that be a failing of debian? | 12:40 |
| lwnjake | we can discuss scenarios all day, it doesn't change the fact that you folks can't even confirm whether you know how the intrusion occurred | 12:40 |
| skvidal | or would it be the fact that law is different | 12:40 |
| quaid | or did someone hang them out to dry? | 12:40 |
| vallor | quaid: I guess the chilling factor is folks' unwillingness to take these concerns (which are most likely held by everybody who care about the integrity of the software on their systems), to legal/LE, explaining that this isn't an "ordinary" break-in case, and that us starving dogs could sure use a bone :) | 12:40 |
| lwnjake | which makes me uncomfortable running the distribution ... | 12:40 |
| skvidal | vallor: unwillingness? | 12:41 |
| quaid | lwnjake: I thought all the "can't comment on an ongoing investigation" stuff covered that; why is that bad? | 12:41 |
| skvidal | vallor: seriously? do you think anyone has been unwilling? | 12:41 |
| stickster | vallor: I think that's probably not a valid characterization. | 12:41 |
| skvidal | vallor: do you think we haven't asked? | 12:41 |
| quaid | vallor: you assume that wasn't done, isn't being done, nor is not part of the discussion | 12:41 |
| skvidal | vallor: do you think we wenjoy this?! | 12:41 |
| lwnjake | quaid: because it comes from red hat legal or at least that is the perception | 12:41 |
| skvidal | lwnjake: and? | 12:41 |
| lwnjake | skvidal: i am sure you don't enjoy it and i am sure you folks have done everything you could to rectify the situation | 12:42 |
| skvidal | lwnjake: there is only one step which hasn't been taken yet | 12:42 |
| skvidal | no one has quit | 12:42 |
| skvidal | and even if someone did | 12:42 |
| skvidal | they STILL could not talk about it | 12:42 |
| vallor | skvidal, stickster, quaid: try to put yourself in my shoes -- I'm pretty much in the dark, and nobody will confirm to me that whatever hole there was is now plugged. I can't see why LE/legal wouldn't allow you to answer that question, given the special nature of the community affected | 12:43 |
| skvidal | so it would be a useless gesture | 12:43 |
| inode0 | observation: people expect a lot from Fedora because its community is exceptional ... and in this case Fedora's community success has led to unreasonable expectations | 12:43 |
| skvidal | vallor: every patch we've applied is public | 12:43 |
| rdieter | inode0: +1, totally. :) | 12:43 |
| jds2001 | inode0: +1 | 12:43 |
| skvidal | vallor: everything we have in terms of software, you have | 12:44 |
| skvidal | vallor: EVERYTHING | 12:44 |
| -!- ongolaBoy [n=willy@196.202.239.205] has left #fedora-board-public [""too much for me now""] | 12:44 | |
| skvidal | I cannot talk about the status of the intrusion - I can only comment on the systems I help maintain | 12:44 |
| vallor | skvidal: that's comforting to know...except, my software hasn't been updated since Aug. 12th... and early, a kind gentleman pointed out that there was some fedora-release rpm pending, which would swing us over to the newly-signed packages | 12:45 |
| skvidal | vallor: if you have a fedorapeople.org account | 12:45 |
| skvidal | log in | 12:45 |
| skvidal | run rpm -qa | 12:45 |
| skvidal | vallor: yes, that's been announced quite a bit | 12:45 |
| skvidal | vallor: on lwn in fact | 12:45 |
| vallor | by the way, I appreciate your willingness to discuss this | 12:46 |
| -!- daju [n=daju@unaffiliated/daju] has quit [Client Quit] | 12:46 | |
| -!- Jeff_S [n=jeff@osuosl/staff/Jeff-S] has left #fedora-board-public [] | 12:46 | |
| skvidal | I am only telling you what's already been disclosed | 12:46 |
| skvidal | all of the above is public knowledge | 12:46 |
| rdieter | I think it helps for people need to hear it, re-iterated, lathered/rinsed/repeated | 12:47 |
| quaid | rdieter: +1 | 12:47 |
| vallor | skvidal: so there's a link to this rpm somewhere in LWN? I haven't been reading LWN, I've been watching the fedora announce list :/ | 12:47 |
| lwnjake | hear what? | 12:47 |
| * inode0 reminds board members and other "Fedora consumed" parties that everyone else can't keep up with every meeting and other bit of "public information" about this | 12:47 | |
| rdieter | that almost made sense. | 12:47 |
| quaid | maybe we can get some new voices saying it, too | 12:47 |
| spoleeba | inode0, and we can? | 12:47 |
| stickster | vallor: http://www.redhat.com/archives/fedora-announce-list/2008-September/msg00006.html | 12:48 |
| stickster | And | 12:48 |
| spoleeba | inode0, how am I different than everyone else? | 12:48 |
| quaid | f-announce-l is the king | 12:48 |
| * vallor just pulled it up... | 12:48 | |
| skvidal | msg stickster I'm pretty sure I'm safe here but please tell me if I've said something I shouldn't have | 12:48 |
| skvidal | haha | 12:48 |
| lwnjake | so is the "official announcement" imminent? | 12:48 |
| skvidal | oh well | 12:48 |
| quaid | I am different now, for the first time in all my @redhat.com years, Fedora is my $dayjob | 12:49 |
| vallor | stickster: where is that announcement here? http://www.redhat.com/archives/fedora-announce-list/2008-September/thread.html | 12:49 |
| quaid | and I still can't keep up :) | 12:49 |
| ricky | vallor: Announcement of what? | 12:49 |
| inode0 | spoleeba: I have no idea how you are different than everyone else but I'm pretty sure you are. :) | 12:49 |
| spoleeba | inode0, im pretty sure im not | 12:49 |
| ricky | Your IRC nick ends with an 'a' | 12:50 |
| skvidal | ricky: and his nick has changed many times over the years | 12:50 |
| skvidal | :) | 12:50 |
| spoleeba | ricky, yes.. im not afraid to show my feminine side by using an irc name with a feminine spanish ending..i guess that does make me different | 12:50 |
| stickster | skvidal: YOU ARE SAFE | 12:50 |
| inode0 | spoleeba: I'm pretty sure I'm different than everyone else too | 12:50 |
| vallor | btw, someone should tell #fedora about this announcement, I've been assuming they would say something :/ | 12:50 |
| skvidal | stickster: thanks ;) | 12:51 |
| vallor | heck, I'll tell them | 12:51 |
| * ricky still doesn't know what new announcement is being discussed | 12:51 | |
| inode0 | my point was something else entirely though that I suspect was missed | 12:51 |
| vallor | ricky: http://www.redhat.com/archives/fedora-announce-list/2008-September/msg00006.html | 12:51 |
| ricky | There was fedora-announce-list, which was regularly spammed on #fedora | 12:51 |
| spoleeba | ricky, its jesse's 'we are almost there i promise' message from yesterday | 12:51 |
| stickster | vallor: Um, it's the fifth one down, indented slightly? | 12:52 |
| ricky | Aha, I don't think the last one was spammed :-) | 12:52 |
| ricky | (There was a script to post some of the earlier ones repeatedly) | 12:52 |
| lwnjake | so, do we expect the "more formal announcement" soon? | 12:52 |
| vallor | stickster: ah, missed that | 12:52 |
| stickster | vallor: We recommend all Fedora community members subscribe to fedora-announce-list | 12:52 |
| spoleeba | lwnjake, for an undisclosable value of soon.... sure | 12:52 |
| stickster | You should too, and then you'll get the email roughly the minute it comes out | 12:52 |
| skvidal | spoleeba: s/undisclosable/unknown/ | 12:53 |
| inode0 | lwnjake: I'd recommend not expecting that - less chance of being disappointed | 12:53 |
| spoleeba | skvidal, i actually know when.. i have a time machine | 12:53 |
| skvidal | excellent | 12:53 |
| lwnjake | perhaps " | 12:53 |
| lwnjake | We expect things to wrap up by the end of today | 12:53 |
| lwnjake | or early tomorrow. | 12:53 |
| spoleeba | skvidal, but i will not threaten the timeline by revealing the information | 12:53 |
| lwnjake | was a bit premature | 12:53 |
| jds2001 | vallor: [jstanley@rugrat 9]$ pwd | 12:53 |
| spoleeba | lwnjake, thanks | 12:53 |
| jds2001 | /mirror/fedora/updates/9 | 12:53 |
| jds2001 | [jstanley@rugrat 9]$ ls | 12:53 |
| jds2001 | i386 i386.newkey SRPMS SRPMS.newkey x86_64 x86_64.newkey | 12:53 |
| jds2001 | gack | 12:53 |
| skvidal | could you get me a newspaper from my birthday :) | 12:53 |
| spoleeba | lwnjake, in the future ill make sure we make statements even more speculative | 12:53 |
| jds2001 | oh well, that's what wass in the pastebin i was gonna paste. | 12:54 |
| spoleeba | lwnjake, and more abstract | 12:54 |
| spoleeba | lwnjake, because everyone loves it when we do that | 12:54 |
| stickster | spoleeba: Actually, they love it whether we do that, or not. | 12:54 |
| jds2001 | note that is my home mirror, and I have content signed with the new key. | 12:54 |
| jds2001 | I have seen it with my own two eyes. | 12:54 |
| vallor | I'm going to sign up for the announce list -- at least I'd be a little further along in figuring out what happened :) -- but I'll own that, I missed the update on the mailing list archive | 12:54 |
| spoleeba | jds2001, you should get more eyes... | 12:55 |
| stickster | vallor: The good news is, that list is normally only a handful of messages a week, so it's not going to jam your inbox with a lot of stuff. | 12:55 |
| stickster | But we try and put things there that are of general interest, to keep people informed. | 12:55 |
| jds2001 | spoleeba: I'll have them implanted in the back of my head :) | 12:55 |
| lwnjake | thanks all for the discussion ... gotta go ... | 12:55 |
| -!- lwnjake [n=jake@216.237.85.90] has quit [Read error: 104 (Connection reset by peer)] | 12:56 | |
| vallor | subscribed! :) | 12:58 |
| -!- inode0 [n=inode0@fedora/inode0] has quit [Client Quit] | 13:00 | |
| vallor | thank you, folks -- take care :) | 13:00 |
Generated by irclog2html.py 2.6 by Marius Gedminas - find it at mg.pov.lt!