From Fedora Project Wiki
Fedora Packaging Committee Meeting of {2007-05-08}
Present
- AxelThimm (
thimm
) - JasonTibbitts (
tibbs
) - RalfCorsepius (
racor
) - ToshioKuratomi (
abadger1999
) - VilleSkyttä (
scop
)
Note: Many members were en route to or at the Red Hat Summit and so there were insufficient members for a quorum.
Writeups
The following drafts have been accepted by FESCO and are to be written into the guidelines:
- Two PHP proposals: http://fedoraproject.org/wiki/PackagingDrafts/PHP (the first two items only: PECL Extensions and Versioned BuildRequires in Macros Section)
- Ruby Gems guidelines: http://fedoraproject.org/wiki/PackagingDrafts/RubyGems
Votes
There were no votes made as a quorum was not present.
Other Discussions
The following additional items were discussed; see the logs for full details.
- Some progress on http://fedoraproject.org/wiki/PackagingDrafts/UsersAndGroups; we will probably vote on this next week.
IRC Logs
[12:00] * tibbs|h here [12:00] *** You are now known as tibbs. [12:00] * tibbs here too [12:03] * scop here [12:03] * thimm her [12:04] * abadger1999 here [12:04] <racor> half here [12:07] <tibbs> Doesn't look good. [12:07] <abadger1999> Is this summit week? [12:08] <tibbs> I think so. [12:09] <tibbs> Did everyone at least block out the times that are good or bad for them on the wiki page? [12:09] <thimm> Well, we're 5 people, do we want to continue the meeting? [12:09] <-- lutter has left this server ("Leaving."). [12:09] <tibbs> Well, it was almost six there. [12:12] * abadger1999 fills in his times. Same as the last time we did this. [12:12] <thimm> Does anyone want to report on progress on any item om GuidelinesTodo? [12:13] <tibbs> It's too bad we won't be able to look at the emacs guidelines, but perhaps they need to stew for a bit longer anyway. [12:13] <tibbs> If anyone has ratify items, they're all writeups now as FESCo had no complaints. [12:14] <scop> I find it strange that nobody has commented on PackagingDrafts/UsersAndGroups in two weeks [12:14] <thimm> I think we should make a phony decision to test whether anyone notices with the current scheme [12:14] <thimm> "All specfiles need to be written in big 5" ... [12:14] <tibbs> Well, I reported it to FESCo and asked for input. [12:14] <thimm> scop: I thought you wanted to finish it up, it looked very good up to what was posted. [12:15] <tibbs> The problem is that the complainers won't come out of the woodwork until we've already voted. [12:15] <tibbs> They they'll say that we're railroading the draft through. [12:15] <thimm> What's "railroading"? [12:16] <tibbs> Forcing something through ignoring opposition. [12:16] <scop> well, http://www.redhat.com/archives/fedora-packaging/2007-April/msg00199.html [12:16] <tibbs> A train is rather hard to stop, after all. [12:17] <scop> I think I'll reply to that one saying that since there were no comments, we're preparing to ratify the current draft [12:17] <thimm> scop: At first I thought that should cover everything including static setups [12:17] <tibbs> Yes, indicate that we'll vote next Tuesday. [12:17] <tibbs> Is there a sense that the current draft will pass? [12:17] <thimm> scop: And it even made a lot of sense [12:18] <tibbs> One problem is the "collection of past random notes" bit. [12:18] <tibbs> Is that supposed to become part of the draft, or is it something separate? [12:19] <thimm> I think it's Ville's raw note collection [12:19] <scop> there's some value in some of those bits [12:19] <scop> actually, I think most of it is from Enrico [12:19] <tibbs> Right; the question is whether any of it needs to make it into the draft somehow. [12:19] <scop> more like future directions or enhancement ideas [12:19] <tibbs> Either as rationale or examples or something. [12:20] <scop> I'd leave them mostly out of the draft [12:20] <thimm> I hope the semi-static stuff is part of the past, not the future ;) [12:20] <racor> frankly, I stopped reading at the very moment I read UserRegistry [12:20] <thimm> :) [12:20] <racor> also, the %hint stuff doesn't seem helpful to me [12:20] <thimm> That's the semi-static stuff in a sheep's disguise ;) [12:20] <racor> I guess you are aware that multiple package can share users [12:21] <thimm> I like the "Dynamically mapped users and groups" even for static entries [12:22] <thimm> Whenever we need a static entry like for the 60ish packages we currently use it just put it in "setup" [12:22] <scop> thoughts where the leftover bits that aren't part of the draft should be moved? [12:22] <tibbs> I have to agree that the "just build your own setup package" route seems better and better to me. [12:23] <scop> I'd rather not just bluntly remove them [12:23] <racor> furthermore, I am missing a statement on uid/gid ranges for "local use" and "network wide use" [12:23] <tibbs> Just append "Notes" to the name of the draft and move them there? [12:23] <thimm> http://fedoraproject.org/wiki/PackagingDrafts/UsersAndGroupsBrainstorming [12:23] <tibbs> racor: Does that distinction exist now? [12:24] <thimm> racor: see item 3 [12:24] <racor> tibbs: Somehow, -r created ids are always local [12:25] <racor> tibbs: network wide, no, no concept that I am aware about [12:25] <thimm> Unless they already exist in "setup" [12:25] <thimm> Have a network wide customized "setup" [12:26] <scop> I think it'll work no matter what method one uses to create them beforehand [12:26] <racor> thimm: even setup is only fedora-wide [12:27] <thimm> scop: I would make the "-d HOMEDIR, -s SHELL (often /sbin/nologin), and -c COMMENT options" mandatory [12:27] <thimm> racor: Not your own "setup" [12:27] <scop> thimm, agreed [12:27] <thimm> racor: You can predefine any entries matching your local setup in the "setup" package [12:28] <racor> thimm: doesn't matter if I could, nobody forces one to use it [12:28] <thimm> Why should you be forced? [12:28] <thimm> The idea is to be flexible enough to use the id you like [12:29] <racor> thimm: I use a traditional "-r is local" the rest in yp/nis approach [12:29] <thimm> Sorry, I misunderstood "local" [12:30] <thimm> Yes, I think system accounts should always be local, e.g. no NIS/LDAP, IMHO [12:30] <racor> I meant local in the sense of "machine-wide", in contrast to "unified uids/gids" across a network [12:30] <thimm> Unified uid/gid can be done w/o LDAP/NIS if you share the same "setup" across your network [12:30] <tibbs> I think our only concern is that packages create their UIDs below UID_MIN unless they already exist. [12:31] <racor> thimm: are you referring to the setup.rpm or to "setup" in the sense of "network setup" [12:31] <racor> ? [12:31] <thimm> "setup" = setup rpm package [12:32] <racor> OK, no misunderstanding. I've never actively used the setup.rpm but am using yp/nis hosted on an arbitrary OS [12:32] <-- [splinux] has left this server (Read error: 104 (Connection reset by peer)). [12:32] <thimm> That would work, too, but I wouldn't make that a recommended setup [12:33] <tibbs> The issue that comes up is when you're kickstarting a system; it's generally not hooked up to your network authentication system at that point. [12:33] <tibbs> Rebuilding setup is at least a way to force a UID at initial install time. [12:34] <tibbs> The alternative is some major hacking on anaconda. [12:34] <thimm> Maybe it isn't that much hacking [12:34] <thimm> But it would open a can of worms [12:35] <tibbs> Certainly more hacking than we as a committee are able to mandate, that's for sure. [12:35] <thimm> :) [12:35] <thimm> tibbs: Test for fesco reading the reports? [12:35] <thimm> "The fpc mandated anaconda to be rewritten in ruby following the new gems guidelines" [12:36] <scop> packages that create users should probably create and own the home dir specified for the user? [12:36] <thimm> Makes sense [12:36] <thimm> Although some are using "/" [12:37] <scop> hm [12:37] <racor> Hmm, my gut feeling isn't comforatble about "/" as home [12:38] <scop> ditto [12:38] <thimm> $ grep :/: /etc/passwd [12:38] <thimm> nobody:x:99:99:Nobody:/:/sbin/nologin [12:38] <thimm> dbus:x:81:81:System message bus:/:/sbin/nologin [12:38] <thimm> distcache:x:94:94:Distcache:/:/sbin/nologin [12:38] <thimm> nscd:x:28:28:NSCD Daemon:/:/sbin/nologin [12:38] <thimm> avahi:x:70:70:Avahi daemon:/:/sbin/nologin [12:38] <thimm> haldaemon:x:68:68:HAL daemon:/:/sbin/nologin [12:38] <thimm> rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin [12:39] <scop> some also have /bin and /sbin [12:39] <tibbs> Yes, I dislike / for any home directory, although I'm not sure what would be better. [12:40] <thimm> /tmp ? [12:40] <tibbs> I think that's worse. [12:40] <scop> yeah, .bash_history ... [12:40] <tibbs> Anyone can write there, after all, so who knows what kind of weird problems could crop up. [12:41] <tibbs> Something under /var/lib or /var makes more sense to me. [12:41] <tibbs> Or /var/empty, perhaps. [12:41] <scop> or /srv/[...] [12:41] <scop> I'll add something to the draft along these lines for next week [12:43] <thimm> .bash_history: None of the accounts other than mysql and psql ever log in [12:43] <tibbs> I guess the point is that it should be created specifically for that user and should have restrictive permissions. [12:43] <thimm> Like no shell? [12:44] <scop> thimm, su -s /bin/bash - foo [12:45] <tibbs> exit [12:45] <tibbs> Umm, wrong window. [12:45] <scop> :) [12:46] <tibbs> Just playing with su. [12:46] <tibbs> Anyway, anything else? [12:46] * scop has nothing [12:46] <thimm> Requires: initscript? [12:47] <scop> thimm, ? [12:47] <tibbs> I see no reason why that should be any different than Requires: filesystem [12:48] <thimm> See Matthias' post on list [12:48] <thimm> tibbs: see Enrico's reply [12:48] <tibbs> If it's going to be discussed on list I see no reason to even bring it up here, then. [12:50] <thimm> OK, if there's nothing else we could close early this week I guess [12:50] <thimm> but for the record: I really like Ville's draft, and he seems to miss some feedback :) [12:50] <scop> thanks [12:51] <scop> and I'm actually pleased that there hasn't been much feedback :) [12:51] <tibbs> There's a big flamewar buried in there somewhere. Keep trying; it will happen. [12:52] <scop> you're probably right [12:56] <scop> anyway, thanks everyone, I'll have to run now [12:56] <tibbs> Well, this should be an easy summary.