From Fedora Project Wiki

Fedora Release Engineering Meeting :: Monday 2008-10-20

Fedora 10 Snap 2

  • bittorrent went much better compared to Snap1
    • pre-seeders helped
  • 700 downloads so far
  • Finding that a little more time is needed to get bittorrent setup for good user experience
  • Last snapshot is Snapshot 3 this week before Final Development Freeze next week
  • DECISION:
    • Rel-eng approves adjusting snapshots to start on Wed to give extra time to stage/prepare the torrents
    • Moving on to FESCo for final approval, may happen in time for Snapshot 3

Signing Server

  • proposal: User:Mitr
    • basically, it's 1 dedicated server/VM guest to do the signatures, and 1 network server to help with security, interface with koji, etc.
  • Everyone should read proposal and give feedback before next week's meeting

IRC Transcript

f13 ping: notting jeremy spot lmacken rdieter wwoods poelcat 10:07
rdieter here 10:07
* notting is here 10:08
notting f13: so, the proposals and actions of rel-eng have now caused fedora-devel to be drowned by ... german sociopolitics. i commend you, that's impressive! 10:09
* poelcat here 10:09
f13 notting: not too often you can create an instant godwin's law break 10:10
f13 alright, lets get rolling 10:11
-!- f13 changed the topic of #fedora-meeting to: Fedora releng - Snapshot 2 10:11
f13 snapshot2 torrents went a lot better, because a few folks were able to help out with the seeding at the beginning 10:11
* lmacken rolls in 10:11
f13 I'm seeing over 700 downloads of the various snap2 offerings 10:12
f13 the biggest winner is the i686 live image with 259 downloads alone 10:12
f13 behind it was the i386 DVD with 151 10:13
jwb yay for XO 10:13
* lmacken had no luck with snap2 on his XO :( 10:13
f13 I still need to stage out the source isos so our seeders can pick it up and test 10:14
f13 and I'd really like to adjust the schedule as I proposed on list, start the snapshot attempts on Wed instead of Thu, that way if we fail wed, we try again thu and have thu night to stage/sync things up, and start torrenting on Friday 10:14
f13 staggering the torrent bring up seemed to help as well 10:14
f13 We've only got one more snapshot, and then a preview release which is just a snapshot by a different name. 10:15
f13 can we vote here on the proposal to move the snapshot day back by one? 10:16
f13 I'm +1 obviously 10:16
notting generally +1. sort of worried that it leads to spending most of the time snapshotting, with very little interim change time 10:17
f13 I think that's the price we pay by trying to make these snapshots public 10:19
f13 and by doing both live, and split, and DVD install media, with source 10:19
rdieter +1 10:19
f13 lmacken: jeremy spot ?? 10:23
lmacken +1 10:23
spot +1 10:26
f13 well, I guess that's enough voters. 10:29
f13 I'll run it through FESCo just to be sure. 10:29
f13 poelcat: Decision: Rel-eng approves adjusting snapshots to start on Wed to give extra time to stage/prepare the torrents. Moving on to FESCo for final approval, may happen in time for Snapshot 3 10:30
f13 Anybody else have anything on snapshot 2? 10:30
f13 ok, moving on 10:32
-!- f13 changed the topic of #fedora-meeting to: Fedora Releng - Signing Server 10:32
f13 There was a post just recently about a proposal for a signing server system, made by Miloslav Trmač 10:33
f13 I haven't had a chance to read it, but I would ask all of you interested to read and comment either in email or on the wiki discuss page 10:33
f13 User:Mitr is the current location of hte page 10:33
lmacken where was this posted to ? 10:33
mitr Just rel-eng. 10:34
mitr Sorry about posting it so late. 10:34
mitr Basically, it's 1 dedicated server/VM guest to do the signatures, and 1 network server to help with security, interface with koji, etc. 10:35
* jeremy is here now 10:36
f13 We don't need to discuss it right now, just save it as reading to do soon. 10:37
lmacken "Each user with access to the key has their own password, and the key passphrase is encrypted with user's password. When adding a new user, the key passphrase is decrypted using the key admin's password, and encrypted using the new user's password. " 10:37
lmacken that was my initial design from day 1 :) 10:38
lmacken part of, rather 10:38
* jeremy adds to his reading list 10:38
notting not really keen on the keys/passphrases being on a VM 10:38
lmacken this design looks pretty solid at a first glance 10:38
notting run it by some other security folks? looks reasonable. 10:39
mitr notting: You mean a physical computer would be preferred? 10:39
mitr Or something else? 10:40
jeremy mitr: physical computer at least gets rid of the "attack the host of the VM" problem 10:40
mitr right 10:40
f13 that's why I had it as a different physical computer in my rough draft 10:40
f13 and connecting via something other than network 10:41
jeremy but that then adds the risk of "hardware goes boom. now we have to have someone physically go to the colo and set up a new piece of hardware" 10:42
f13 sure 10:43
notting jeremy: if you can quickly replicate it on a VM in time of crisis, sure. but i don't think that's the default mode 10:43
jeremy anyway, I need to actually read more of what mitr wrote to give a sensible architecture critique 10:43
-!- f13 changed the topic of #fedora-meeting to: Fedora releng - Open Floor 10:46
f13 anybody got anything else to talk about, if not, it's back to the grind stone 10:46
f13 alright looks like no. 10:49

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!