FDSCo Meeting 2008-04-23 IRC log

Wed Apr 30 15:49:44 UTC 2008

HTML log here:

http://fedoraproject.org/wiki/DocsProject/SteeringCommittee/Meetings/Minutes/IRCLog20080423

11:08 < quaid> <meeting>
11:08 -!- quaid changed the topic of #fedora-meeting to: FDSCo mtg - http://fedoraproject.org/wiki/DocsProject/SteeringCommittee/Meetings#Agenda
11:08 < quaid> going to go through a quick rundown
11:08 < quaid> even though not sure anyone is here :)
11:09  * quaid waits exactly one minute to 18:10.20
11:09 -!- jsmith [n=jsmith at 72.21.36.138] has joined #fedora-meeting
11:09  * jsmith is here... at least in theory
11:09 < quaid> word
11:09 < jsmith> I'm juggling projects at the moment
11:09 < quaid> a few more seconds
11:10  * quaid is a juggle
11:12 -!- J5_ [n=quintice at nat/redhat/x-e216423445de749b] has joined #fedora-meeting
11:13  * quaid back from network drop, sry
11:13 -!- quaid changed the topic of #fedora-meeting to: FDSCo mtg - Installation Guide (IG)
11:14 < quaid> stickster has been doing some work on this
11:14 < quaid> all other work and EvilBob are MIA at this point
11:15 < quaid> going to send a request today to the list to get all hands on the IG and the UG from now
11:15 < quaid> anyone with anything else?
11:15  * quaid waits 30 seconds
11:15 < Southern_Gentlem> quaid i will get Evilbob on the IG this week
11:16 < quaid> Southern_Gentlem: thx; the concern is we don't know what was or was not done by his IG writing team
11:16 < quaid> so we're likely to duplicate or overcome that work
11:16 < quaid> which was, btw, why I argued for *all* that work to happen in regular irc, mailing list, and CVS
11:17 < quaid> but, good lord, yes, all hands are needed :)
11:17  * quaid prepares to move on topic-wise ...
11:17 -!- quaid changed the topic of #fedora-meeting to: FDSCo mtg - Update on other active content work
11:18 < quaid> User Guide -- finishing for F9, keep momentum going
11:18 < quaid> UG -- F8 finish, has to be put behind IG work now
11:18 < quaid> SMG -- couf passed on the XML work, now we need to get that bad boy published
11:19  * quaid ponders if jsmith wants to learn that particular trivia
11:19 < quaid> Sec G - sparks has been working on it, post F9 draft target
11:19 < quaid> AG - post f9 release draft target
11:20 < quaid> release notes -- were going to do some updates from the wiki to the POT but none of us followed through, we need to decide quickly if we are going to mess with that or not
11:20 < jsmith> quaid: Yeah, couf told me he gave me an A+ on it...  I'm still in shock
11:20 < quaid>   -- above discussion on list?
11:20 < jsmith> Yeah, push it to the list
11:20 < quaid> jsmith: eh, if you know DocBook it's not hard of a task :)
11:20 < quaid> ok, any more on that ol' content what is active?
11:21 < jsmith> Not that I can think of...
11:21 < jsmith> What exactly is involved in publishing the SMG?  It got branched for the PackageKit update, right?
11:22 < jsmith> Did the PackageKit updates ever get put into DocBook?
11:22 < Southern_Gentlem> define SMG please
11:23 < Southern_Gentlem> IG is install guide UG is User Guide
11:23 < jsmith> SGM is the Software Management Guide
11:23 < Southern_Gentlem> ty and AG is?
11:23 < quaid> Admin GUide
11:23 < jsmith> (formerly the yum-software-management guide)
11:23 < quaid> sry for TLA fever :)
11:24 < quaid> jsmith: most likely no on the PK changes
11:24 < quaid> jsmith: publishing is ...
11:24  * quaid gets URL
11:24 -!- LetoT1 [n=paul at bofh.xelerance.com] has joined #fedora-meeting
11:25 -!- JSchmitt [n=s4504kr at fedora/JSchmitt] has joined #fedora-meeting
11:25 < quaid> jsmith: anyway, I can show you after the meeting; that is, discuss it later out of the meeting :)
11:26 < jsmith> Fair enough
11:26 -!- quaid changed the topic of #fedora-meeting to: FDSCo mtg -- AOB
11:26 < jsmith> I don't know what else to discuss without the other folks here
11:26 < quaid> in that we are almost done :)
11:26 -!- quaid changed the topic of #fedora-meeting to: FDSCo mtg -- All Other Business (AOB)
11:26 < quaid> 'zactly
11:26 < quaid> http://fedoraproject.org/wiki/EditingFedoraRedhatCom
11:26 < quaid> that's the evil that we do to get published still
11:26 < quaid> it's actually a bit like the other websites
11:27 < quaid> we check in changes and tag them LIVE
11:27 -!- DanseMakabre [i=pat at bobo.ds5.agh.edu.pl] has joined #fedora-meeting
11:27 < quaid> it's all PHP includes to build the pages, with the rendering done and pushed as static HTML
11:27 -!- SmootherFrOgZ [n=Smoother at linagoraberri.pck.nerim.net] has quit [Remote closed the connection]
11:28 < jsmith> Gotcha
11:28 < quaid> ok, with nothing more ...
11:28  * jsmith votes for ending the meeting
11:28 -!- mether_ [n=ask at nat/redhat-in/x-2972959aedb2ba42] has quit ["Ex-Chat"]
11:28 < quaid> it is so
11:29 < quaid> 5
11:29 < Southern_Gentlem> +1
11:29 < quaid> 4
11:29 < quaid> 3
11:29 < quaid> 2
11:29 < quaid> 1
11:29 < quaid> </meeting>
11:29  * quaid syncs irclogs and posts this easy one
11:29 < jsmith> So let it be written, so let it be done!
11:29 -!- quaid changed the topic of #fedora-meeting to: Channel is used by various Fedora groups and committees for their regular meetings | Note that meetings often get logged | For questions about using Fedora please ask in #fedora | See http://fedoraproject.org/wiki/Communicate/FedoraMeetingChannel for meeting schedule
11:30 -!- letoams [n=paul at bofh.xelerance.com] has quit [Read error: 113 (No route to host)]
11:31 -!- JSchmitt [n=s4504kr at fedora/JSchmitt] has quit ["Konversation terminated!"]
11:32 -!- mether [n=ask at fedora/mether] has joined #fedora-meeting
11:41 -!- Sparks [n=sparks at fedora/Sparks] has joined #fedora-meeting
11:49 -!- fbijlsma [n=fbijlsma at pd907c9d7.dip0.t-ipconnect.de] has quit [Read error: 110 (Connection timed out)]
11:51 < quaid> I would like to announce to this channel
11:51 < quaid> that I am just a bit stupid
11:51 < quaid> and we will have the actual FDSCo meeting at the *scheduled* time, which is in 10 minutes
11:51 < quaid> if no one new shows up, then we'll just accept the work done previously :)
11:53 < jsmith> quaid: Consider that a "George Bush"-style preemptive meeting
11:54 -!- fbijlsma [n=fbijlsma at pd907c9d7.dip0.t-ipconnect.de] has joined #fedora-meeting
11:57 < Sparks> quaid: I'm here! I'm here!
11:57 < quaid> jsmith: "I meant to do that"
11:57 < quaid> it was a test
11:57 < quaid> to see if you were awake
11:58 < jsmith> "Had this been an actual meeting, this tone would have been followed by emergency instructions"
11:58 < Sparks> Hey, I can do that in my sleep
11:58 < Sparks> :)
11:58 < Sparks> jsmith: HAHAHA
11:58  * jsmith can fix servers in his sleep... which is really scary
11:58 < Sparks> I think I've been asleep while attempting to fix servers... Just ask my boss.
11:58 < jsmith> Back when I was managing umpteen thousand servers, I could wake up, walk downstairs, log into the VPN, fix a server, go back to bed, and not remember in the morning
11:59 < jsmith> My wife would ask "Why did the pager go off last night?" and I'd be like "What are you talking about?"
11:59 < jsmith> But sure enough, I fixed the server and even sent out an email explaining what I fixed
11:59 < jsmith> Go figure...
11:59 < quaid> Sleepadmin
11:59 < Sparks> Yik4ed
11:59 < quaid> jsmith: freaking spooky!
11:59 < Sparks> uh...  Yikes
12:00 < jsmith> quaid: Apparently I could do the same with changing baby diapers as well...
12:00 < quaid> oh, that one I understand
12:00 < jsmith> Just watch out... I might wake up and convert wiki to docbook in the middle of the night ;-)
12:01 < quaid> I used to have such a hard time coming out of a dream
12:01 < quaid> I remember once changing a diaper while dreaming I was wrestling with a rogue operating system
12:01 < quaid> ok, let's do it ... again
12:01 -!- quaid changed the topic of #fedora-meeting to: FDSCo mtg redux -- roll call
12:01 < quaid> the trick is ...
12:01 < quaid> if it's the same people, we can just ratify the last hour :)
12:02 < quaid> the irclog from before is in f-docs-l
12:02 < Sparks> EricChristensen
12:02 < jsmith> JaredSmith
12:02 < quaid> http://www.redhat.com/archives/fedora-docs-list/2008-April/msg00090.html
12:02 < quaid> KarstenWade semi-here
12:02 < quaid> ok, so ...
12:03 < quaid> Sparks: do you see anything in that irclog you have a question about, comment on, etc.?
12:03  * Sparks reads the previous meeting's notes
12:03 < jsmith> Sparks: Can you also bring us up to speed on the current status of the SMG?
12:04 -!- quaid changed the topic of #fedora-meeting to: FDSCo mtg redux -- discuss !meeting log, wait for people to show up a bit late until 1910
12:04 < quaid> jsmith: ah, thx
12:04 < quaid> specifically, the PackageKit changes, do we need to get those into XML?
12:04 < Sparks> Um, I think I can talk on the SMG and the CryptoGuide
12:04 < jsmith> Cool.
12:05  * Sparks pulls up RH Bugzilla to pull some notes
12:05 < Sparks> Okay, I'm ready whenever the firing squad assembles
12:06 < jsmith> Fire!
12:06 < quaid> oh, go ahead
12:06 < Sparks> Okay...
12:06 < quaid> we're just going to make sure we don't close too soon, but with things to discuss :)
12:06 < Sparks> SMG.  The only thing left was to add the PackageKit documentation which I had started but hadn't gotten enough info to finish.
12:07 < Sparks> RahulSundaram volunteered to finish up the documentation and thus ticket # 430765 was assigned to him.
12:07 < Sparks> That was on 02Apr.
12:08 < Sparks> I haven't heard anything else on the SMG since.
12:08 < quaid> I don't recall ...
12:08  * quaid checks commit stream
12:08 < quaid> http://www.redhat.com/archives/fedora-relnotes-content/2008-April/thread.html
12:09 < quaid> it's Docs/Drafts/SoftwareManagementGuide?
12:09 < quaid> oh, darn
12:09 < quaid> sorry, that list doesn't watch Docs/Drafts/
12:09 < Sparks> Looking at what little I wrote for PackageKit it doesn't look like it has been touched.
12:09 < quaid> ok
12:10 < Sparks> http://fedoraproject.org/wiki/Docs/Drafts/SoftwareManagementGuide/PackageKit
12:10 < quaid> so the issue is we need someone with expertise?
12:10 < quaid> or just access to the application?
12:10 < Sparks> Both
12:10 < Sparks> I have access to the application but with it still being developed it is hard to pin down the documentation.
12:11 < jsmith> Well, what's going into F9 should be pretty much frozen, right?
12:11 < Sparks> I think Rahul was supposed to write something for the Release Notes?
12:11 < quaid> well, what we see in Preview is going to be it
12:11 < jsmith> Can't we / shouldn't we document what's there?
12:11 < quaid> we can use that
12:12 < quaid> but
12:12 < quaid> the relnotes are just an overview
12:12 < quaid> and point to the SMG as canonical
12:12 < jsmith> Right...
12:12 < quaid> http://fedoraproject.org/wiki/Features/PackageKit
12:13 < quaid> under Documentation
12:13 < quaid> http://www.packagekit.org/pk-faq.html
12:13 < Sparks> The SMG as written today (and what I *THINK* made it into CVS) doesn't not address PackageKit but does address everything else.
12:13 < quaid> that's more of a reference, no how-to there
12:14 < Sparks> quaid: How much time do we have to develop this?
12:14 < quaid> 11 May?
12:14 < quaid> at the latest
12:14 < quaid> so we have time to give a final pre-publication once-over
12:15 < Sparks> Okay, I can try to write something up this week so that jsmith and you can look over it.
12:15 < quaid> ok, thanks!
12:15 < jsmith> w00t!
12:15 < Sparks> Did I just say that?
12:16 < quaid> yes, you did
12:16 < Sparks> Dang it!  I hate when I do that.
12:16 < quaid> doing an update of the xML from the wiki by hand should be trivial
12:16 < quaid> Sparks: take it to the list, get some additional help
12:16 < quaid> someone may know of existing something or somesuch
12:17  * Sparks never gets help from the list because he always takes the grunt jobs.
12:17 < quaid> true
12:17 < Sparks> :_)
12:17 < quaid> but always worth the traffic
12:17 < Sparks> True
12:18 -!- J5_ [n=quintice at nat/redhat/x-e216423445de749b] has quit ["Ex-Chat"]
12:19 -!- linuxlala [n=linuxlal at 122.162.116.130] has quit ["Leaving"]
12:19 < Sparks> Okay, that's all I got on SMG.  I can speak on the CryptoGuide
12:21 < quaid> ok
12:21 < quaid> aka ...
12:21 < quaid> Security Guide
12:22 < quaid> have you laid out a new structure to work from?
12:22  * quaid goes to look
12:22 < Sparks> So...  It was the CryptoGuide (which I personally think is a cool name) but got changed to the Privacy and Encryption Guide and is now called the Security Guide.
12:22 < Sparks> It starts at http://fedoraproject.org/wiki/Security_Guide/ for the "approved and released" side.
12:23 < Sparks> But the meat and potatoes are actually at http://fedoraproject.org/wiki/Docs/Drafts/CryptoGuide
12:24 < Sparks> Last weekend I churned some letters together and got the introduction rewritten, established a General Principles of Security chapter, and also wrote up how to do a secure installation.
12:25 < Sparks> Next is to do an overview of Encryption and then go into the different forms (data-at-rest, data-in-motion, etc).
12:25 < quaid> what is the Fedora Sec team interested in seeing?
12:25 < Sparks> a guide
12:25 < Sparks> :)
12:25 < quaid> and how do you feel about the balance of Fedora-specific to general sec info?
12:26 < Sparks> Actually, they want to see the encryption stuff written up so it is easily read and...
12:26 < Sparks> they wanted to see general things to do when setting up Fedora and using Fedora.
12:26 < quaid> right, if there is nothing appropriate that makes sense of it for people, no reason not to write it ourselves.
12:26 -!- nphilipp [n=nils at dslb-088-067-058-014.pools.arcor-ip.net] has quit ["Leaving"]
12:27 < Sparks> quaid: I think I have written everything to be as specific to Fedora as possible.
12:27 -!- GeroldKa [n=GeroldKa at fedora/geroldka] has joined #fedora-meeting
12:27 < quaid> Sparks: no worries, as long as you are having fun
12:28 < quaid> Sparks: another group we can put you in contact with, for content sources, ideas, and consumption, should be the Free IPA and Dogtag projects
12:28 < Sparks> I haven't completely fleshed out everything that I want to put into the doc but I'd like to get Chapters 1 through 3 approved and moved over to the public side before F9 being that people are being asked to go there for information on the Encryption.
12:28 < quaid> +1
12:28 < Sparks> quaid: I'm definately having fun with this one.
12:28 < jsmith> +1
12:28 < quaid> iirc, that content is pretty well vetted already, right?
12:28 < quaid> Ch 1 .. 3
12:29 < Sparks> Yeah, I want to talk about PKI (aka Dog Tag) in there too.
12:29 < quaid> yeah, those guys surely want some help with that content
12:29 < quaid> but also ..
12:29 < Sparks> The information is well vetted... BUT I want someone to look over it to 1) sanity check me, 2) grammar check me, and 3) make sure what I'm saying is what Fedora wants me to say.
12:30  * quaid looks
12:30 < quaid> Sparks: yeah, technical edit was my primary concern there
12:30  * Sparks drools over the thought of the Dog Tag project.
12:30 < quaid> you know there are existing docs, right?
12:30 < quaid> the question is, as usual, do we get access to them ...
12:30 < Sparks> What existing docs are you speaking of?
12:31 < quaid> Cert System docs
12:31 < Sparks> Hmmm
12:31 < quaid> + Directory Server docs
12:31 < quaid> not all relevant, but some
12:31 < quaid> http://www.redhat.com/docs/manuals/cert-system/
12:31 < quaid> http://www.redhat.com/docs/manuals/dir-server/
12:32 < Sparks> Hmmm... I'll have to look at those further.
12:32  * quaid was once-upon-a-time lead writer for that, when we started the conversion of the 3000+ pages from FrameMaker to HTML to XML
12:32 < Sparks> :)
12:33 < Sparks> Where does F8/F9 fall in with RHEL?  Is it closer to RHEL 5 than RHEL 4?
12:33 < quaid> yeah, it may not be relevant, who knows?
12:33 < quaid> well, sure, it's closer
12:33 < quaid> quite a bit
12:33 < quaid> but yeah, it's a hard thing to reference old RHEL content, which we have done on-and-off over the years
12:34 < Sparks> Okay.  That's good to know as most of the documentation that I'm referencing is designed for RHEL 5.
12:34 < quaid> right
12:34 < Sparks> True
12:34 < jsmith> brb
12:34 < Sparks> RH hasn't released a Security Guide for 5 yet.
12:36 < quaid> I think that content was rolled in to the Deployment Guide
12:36 < Sparks> So with that said, I think I'll be cleaning up the Encryption stuff later this week so it can go out the door.
12:36 < quaid> sweet
12:37 < Sparks> quaid: What's the possibility of rolling out a secure version of Fedora in the future?
12:37  * quaid thought that stuff was secure
12:37 < quaid> Sparks: make a spin?  or something different?
12:37 < Sparks> quaid: I'm guessing we'd probably take more heat than on the SELinux debate.
12:38 < quaid> Sparks: how so?
12:38 -!- quaid changed the topic of #fedora-meeting to: FDSCo mtg -- All Other Business (AOB)
12:38 < Sparks> Well...  There are a lot of things that could/should be done by the user to prevent malicious code or attackers from hacking you.  TCPWrappers, setting up human groups and using sudo, etc
12:39 -!- fcrippa [n=fcrippa at 83.225.29.232] has joined #fedora-meeting
12:39 < Sparks> Locking down partitions...
12:39 < quaid> and rather than telling them how, make a version that does it automatically
12:39 < Sparks> I could go on and on...  I'm only in chapter 2 of the DoD guide I'm using to harden three Fedora boxes right now and I was surprised at how much stuff there is.
12:39 < quaid> it sounds like a spin, to me
12:39 < Sparks> Well, I'd say do both.
12:40 < quaid> bunch of %post scripts?
12:40 < quaid> well, ok, see, here is where this is on topic for Docs
12:40 < quaid> we've historically
12:40 < quaid> had a narrow vision and mission
12:40 < quaid> but have widened over time
12:40 < quaid> and like the rest of Fedora Project proper
12:40 < quaid> we can expand to be upstream of content
12:40 < quaid> and do big guides, etc.
12:41 < Sparks> Hmmm....  The DoD has a script that runs and tells you what is wrong with your system but I haven't seen one that will fix everything for you because you don't know what setting will break an existing system.
12:41  * quaid wonders where bastion-linux is these days
12:41  * Sparks sees this as a possible big guide
12:42 < quaid> Sparks: well, look at the content in the RHEL 5 Deployment Guide, see what you would re-use in such a Security Guide if oyu had it
12:43 < Sparks> Maybe it is just me but I read my logs every morning to see what's been going on.  I don't know if most people do that or not but if they do then they are probably a little concernes with security.
12:43  * Sparks looks for the Deployment guide.
12:43 < quaid> start at rh.com/docs
12:43 < Sparks> Got it
12:43 < quaid> logwatch++ too
12:43 < Sparks> :)
12:44  * quaid meant Bastille Linux but had a brain frack
12:44 -!- smooge [n=smooge at canopus.unm.edu] has quit ["-ENOCAFFEINE"]
12:45 < Southern_Gentlem> most admins consider tcpwrappers as a last resort
12:45 < Sparks> But it is the dumb things, like not using IPv6 but having it running, that allow an attacker to gain access to the system because of the default settings.
12:45 < Southern_Gentlem> Sparks, explain that
12:45 < quaid> Sparks: the IPv6 setting sounds like a bug or an f-devel-l discussion
12:46 < Southern_Gentlem> Sparks,  if there network doesnt support ip6 how are they at risk
12:47 < Sparks> The IPv6 thing is *unix wide
12:47 < Southern_Gentlem> no not all networks support ipv6
12:47 < Sparks> Because IPv6 allows for autoconfiguration and allows an attack vector to the networking stack.
12:48 < Sparks> true, however if you are using newer equipment (like a new switch) you have an attack vector because a lot of network switches will pass it along with the IPv4 packet.
12:49 < Southern_Gentlem> but i am talking on old switches which are still out there in force
12:49 < Sparks> You have a mitigating factor if your WAN connection doesn't support IPv6.  This wouldn't be so much of a problem for a home user.
12:49 < Southern_Gentlem> guess what? thats your main audience in fedora
12:49 < Sparks> But if Fedora was deployed in a larger setting then you could have a problem.
12:50 < Sparks> guess what, you don't know where Fedora is and what it is being used for.
12:50 < Sparks> I'm not saying that everyone should follow everything in the book, I'm saying that they should know where the information is and know how to use the information if they deem it necessary to secure their box.
12:51 < Sparks> I know of places where Fedora is used in a more... enterprise setting.
12:52 < Sparks> Not a problem.  I talked with the sysadmin and made sure he knew what docs he needed to consult so he could secure his system.
12:53 < Sparks> Anyway, the IPv6 thing was only an example.  There are lots of settings for passwords and using AIDE and securing your SSH that would be useful to most users, IMO.
12:55 < quaid> ok, I think we have wandered afar enough :)
12:55  * quaid is back from a distraction
12:56 < quaid> I'll trim back a bit and send out both logs asap
12:56 < quaid> anything else?
12:56 -!- JSchmitt [n=s4504kr at p54B11960.dip0.t-ipconnect.de] has joined #fedora-meeting
12:56 -!- fbijlsma [n=fbijlsma at pd907c9d7.dip0.t-ipconnect.de] has quit ["Leaving"]
12:56 < Sparks> Nothing here
12:56 -!- fbijlsma [n=fbijlsma at pd907c9d7.dip0.t-ipconnect.de] has joined #fedora-meeting
12:57 < Sparks> Where did jsmith go?
12:57 < quaid> ok
12:57 < quaid> </meeting>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-docs-list/attachments/20080430/1f742a27/attachment.sig>