From msloretta.tioiela at live.com Sun Mar 2 17:39:08 2008 From: msloretta.tioiela at live.com (Loretta TIOIELA) Date: Sun, 2 Mar 2008 18:39:08 +0100 Subject: This week important topics concerns In-Reply-To: <20080229013329.D28A261939C@hormel.redhat.com> References: <20080229013329.D28A261939C@hormel.redhat.com> Message-ID: Dears, All my apologies for missing the last meeting. Regarding: .Fedora-infrastructure-list Digest, Vol 21, Issue 37 : FAS KEYRING AND SUBKEYS IMPLEMENTATION vs PUBLIC KEYSERVER: Could i have an update on the status of FAS keyring ? In the last meeting of the 28th of Feb.,Mike mentionned that they have been able to get FAS2 ready for pre-beta release but does this also means that you have included last suggestion about using subkeys for contributor public keys management ? .Fedora-infrastructure-list Digest, Vol 21, Issue 39 : MAILMAN LIST NAME POLICY Personally, I prefer @lists. .Fedora-infrastructure-list Digest, Vol 21, Issue 40 MEETING OF THE 28TH OF FEBRUARY TOPICS: TICKET 421: FINDING SPACE FOR SECONDARY ARCH'S WORTH OF FEDORA OFFICIAL MIRROR SPACE TICKET 347: SET LOCALTIME ON ALL SERVERS TO UTC TICKET 365: MAILMAN LIST NAME POLICY SET UP TICKET 395: AUDIO STREAMING OF FEDORA BOARD CONFERENCE CALLS TICKET 398: ELFUTILS 'MONOTONE' (mnt) ERROR TICKET 399: DAMNED LIES SET UP CHANGES: MOVE CRONNED UPDATE-STATS TO A SEPARATE App SERVER NO TICKET: XEN2 INSTABILITIES NO TICKET: FAS2 OUT OF MEETING: TROUBLE TO COMMIT TO NEW CVS REPOSITORY FOR libvirt LOCALIZATION No comment except let me know if i can help ;) Kindly Loretta _________________________________________________________________ Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/ From ricky at fedoraproject.org Sun Mar 2 20:26:13 2008 From: ricky at fedoraproject.org (Ricky Zhou) Date: Sun, 2 Mar 2008 15:26:13 -0500 Subject: This week important topics concerns In-Reply-To: References: <20080229013329.D28A261939C@hormel.redhat.com> Message-ID: <20080302202613.GA9140@Max.nyc1.dsl.speakeasy.net> On 2008-03-02 06:39:08 PM, Loretta TIOIELA wrote: > FAS KEYRING AND SUBKEYS IMPLEMENTATION vs PUBLIC KEYSERVER: > Could i have an update on the status of FAS keyring ? > In the last meeting of the 28th of Feb.,Mike mentionned that they have > been able to get FAS2 ready for pre-beta release but does this also > means that you have included last suggestion about using subkeys for > contributor public keys management ? We've been using subkeys.pgp.net exclusively for FAS2 since the beginning, and I'm pretty sure that we'll be sticking to this. As for the contributor keyring, it'll definitely be a nice thing to have, but we won't be targetting that for the first release, at least. Thanks, Ricky -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From tchung at fedoraproject.org Mon Mar 3 08:36:04 2008 From: tchung at fedoraproject.org (Thomas Chung) Date: Mon, 3 Mar 2008 00:36:04 -0800 Subject: Fedora Project Wiki down? Message-ID: <369bce3b0803030036m56073002nc558acdd0b5d420@mail.gmail.com> Hey Fedora Infrastructure Team, Is Fedora Project wiki down right now? (It's around 12:30 AM here in California) I'm consistently getting: "Service Temporarily Unavailable" I guess I'll have to postpone the next issue of FWN until tomorrow morning. :) Regards, -- Thomas Chung http://fedoraproject.org/wiki/ThomasChung From tchung at fedoraproject.org Mon Mar 3 08:57:14 2008 From: tchung at fedoraproject.org (Thomas Chung) Date: Mon, 3 Mar 2008 00:57:14 -0800 Subject: Fedora Project Wiki down? In-Reply-To: <369bce3b0803030036m56073002nc558acdd0b5d420@mail.gmail.com> References: <369bce3b0803030036m56073002nc558acdd0b5d420@mail.gmail.com> Message-ID: <369bce3b0803030057g756c5d5aya58f648736831c8d@mail.gmail.com> On Mon, Mar 3, 2008 at 12:36 AM, Thomas Chung wrote: > Hey Fedora Infrastructure Team, > Is Fedora Project wiki down right now? (It's around 12:30 AM here in California) > I'm consistently getting: "Service Temporarily Unavailable" > I guess I'll have to postpone the next issue of FWN until tomorrow morning. :) It was my local ISP acting up in the evening. After resetting router and restarting network service, I'm ok now. Sorry about the false alarm :) Regards, -- Thomas Chung http://fedoraproject.org/wiki/ThomasChung From paulo.banon at googlemail.com Mon Mar 3 09:03:26 2008 From: paulo.banon at googlemail.com (Paulo Santos) Date: Mon, 3 Mar 2008 10:03:26 +0100 Subject: Fedora Project Wiki down? In-Reply-To: <369bce3b0803030057g756c5d5aya58f648736831c8d@mail.gmail.com> References: <369bce3b0803030036m56073002nc558acdd0b5d420@mail.gmail.com> <369bce3b0803030057g756c5d5aya58f648736831c8d@mail.gmail.com> Message-ID: <7a41c4bc0803030103v5e0ec436t31d5978f81156f1d@mail.gmail.com> Thomas, The wiki was actually acting up. I graceful restarted the httpd in app2 and its better now, while still a bit slow :) Paulo On Mon, Mar 3, 2008 at 9:57 AM, Thomas Chung wrote: > On Mon, Mar 3, 2008 at 12:36 AM, Thomas Chung > wrote: > > Hey Fedora Infrastructure Team, > > Is Fedora Project wiki down right now? (It's around 12:30 AM here in > California) > > I'm consistently getting: "Service Temporarily Unavailable" > > I guess I'll have to postpone the next issue of FWN until tomorrow > morning. :) > > It was my local ISP acting up in the evening. > After resetting router and restarting network service, I'm ok now. > Sorry about the false alarm :) > Regards, > -- > Thomas Chung > http://fedoraproject.org/wiki/ThomasChung > > _______________________________________________ > Fedora-infrastructure-list mailing list > Fedora-infrastructure-list at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list > -------------- next part -------------- An HTML attachment was scrubbed... URL: From nicu_fedora at nicubunu.ro Mon Mar 3 09:11:07 2008 From: nicu_fedora at nicubunu.ro (Nicu Buculei) Date: Mon, 03 Mar 2008 11:11:07 +0200 Subject: Fedora Project Wiki down? In-Reply-To: <369bce3b0803030057g756c5d5aya58f648736831c8d@mail.gmail.com> References: <369bce3b0803030036m56073002nc558acdd0b5d420@mail.gmail.com> <369bce3b0803030057g756c5d5aya58f648736831c8d@mail.gmail.com> Message-ID: <47CBC0AB.8080303@nicubunu.ro> Thomas Chung wrote: > On Mon, Mar 3, 2008 at 12:36 AM, Thomas Chung wrote: >> Hey Fedora Infrastructure Team, >> Is Fedora Project wiki down right now? (It's around 12:30 AM here in California) >> I'm consistently getting: "Service Temporarily Unavailable" >> I guess I'll have to postpone the next issue of FWN until tomorrow morning. :) > > It was my local ISP acting up in the evening. > After resetting router and restarting network service, I'm ok now. > Sorry about the false alarm :) It looks like it was a real alarm, I also got "503 - service unavailable" earlier today (~1 hour ago). Now it seems to work. -- nicu :: http://nicubunu.ro :: http://nicubunu.blogspot.com Cool Fedora wallpapers: http://fedora.nicubunu.ro/wallpapers/ Open Clip Art Library: http://www.openclipart.org my Fedora stuff: http://fedora.nicubunu.ro From jonathan.roberts.uk at googlemail.com Mon Mar 3 14:07:36 2008 From: jonathan.roberts.uk at googlemail.com (Jonathan Roberts) Date: Mon, 3 Mar 2008 14:07:36 +0000 Subject: Fedora Project Wiki down? In-Reply-To: <47CBC0AB.8080303@nicubunu.ro> References: <369bce3b0803030036m56073002nc558acdd0b5d420@mail.gmail.com> <369bce3b0803030057g756c5d5aya58f648736831c8d@mail.gmail.com> <47CBC0AB.8080303@nicubunu.ro> Message-ID: <3263b11b0803030607y45361d1h56f3113652319244@mail.gmail.com> On 03/03/2008, Nicu Buculei wrote: > Thomas Chung wrote: > > On Mon, Mar 3, 2008 at 12:36 AM, Thomas Chung wrote: > >> Hey Fedora Infrastructure Team, > >> Is Fedora Project wiki down right now? (It's around 12:30 AM here in California) > >> I'm consistently getting: "Service Temporarily Unavailable" > >> I guess I'll have to postpone the next issue of FWN until tomorrow morning. :) > > > > It was my local ISP acting up in the evening. > > After resetting router and restarting network service, I'm ok now. > > Sorry about the false alarm :) > > > It looks like it was a real alarm, I also got "503 - service > unavailable" earlier today (~1 hour ago). Now it seems to work. I've been seeing a lot of 503 - service unavailable" messages over the past 3-4 days, and the wiki has seemed a lot slower than usual. Sorry I can't help diagnose any more than that! Best wishes, Jon From jonathan.roberts.uk at googlemail.com Mon Mar 3 14:08:13 2008 From: jonathan.roberts.uk at googlemail.com (Jonathan Roberts) Date: Mon, 3 Mar 2008 14:08:13 +0000 Subject: Fedora Project Wiki down? In-Reply-To: <3263b11b0803030607y45361d1h56f3113652319244@mail.gmail.com> References: <369bce3b0803030036m56073002nc558acdd0b5d420@mail.gmail.com> <369bce3b0803030057g756c5d5aya58f648736831c8d@mail.gmail.com> <47CBC0AB.8080303@nicubunu.ro> <3263b11b0803030607y45361d1h56f3113652319244@mail.gmail.com> Message-ID: <3263b11b0803030608o2650b2a1o795f4eff92ba6096@mail.gmail.com> On 03/03/2008, Jonathan Roberts wrote: > On 03/03/2008, Nicu Buculei wrote: > > Thomas Chung wrote: > > > On Mon, Mar 3, 2008 at 12:36 AM, Thomas Chung wrote: > > >> Hey Fedora Infrastructure Team, > > >> Is Fedora Project wiki down right now? (It's around 12:30 AM here in California) > > >> I'm consistently getting: "Service Temporarily Unavailable" > > >> I guess I'll have to postpone the next issue of FWN until tomorrow morning. :) > > > > > > It was my local ISP acting up in the evening. > > > After resetting router and restarting network service, I'm ok now. > > > Sorry about the false alarm :) > > > > > > It looks like it was a real alarm, I also got "503 - service > > unavailable" earlier today (~1 hour ago). Now it seems to work. > > > I've been seeing a lot of 503 - service unavailable" messages over the > past 3-4 days, and the wiki has seemed a lot slower than usual. Sorry > I can't help diagnose any more than that! > Oh, and I should have mentioned several of those have been today, so it seems like whatever is the problem hasn't gone away... Jon From mmcgrath at redhat.com Mon Mar 3 14:24:34 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Mon, 3 Mar 2008 08:24:34 -0600 (CST) Subject: Fedora Project Wiki down? In-Reply-To: <47CBC0AB.8080303@nicubunu.ro> References: <369bce3b0803030036m56073002nc558acdd0b5d420@mail.gmail.com> <369bce3b0803030057g756c5d5aya58f648736831c8d@mail.gmail.com> <47CBC0AB.8080303@nicubunu.ro> Message-ID: On Mon, 3 Mar 2008, Nicu Buculei wrote: > Thomas Chung wrote: > > On Mon, Mar 3, 2008 at 12:36 AM, Thomas Chung > > wrote: > > > Hey Fedora Infrastructure Team, > > > Is Fedora Project wiki down right now? (It's around 12:30 AM here in > > > California) > > > I'm consistently getting: "Service Temporarily Unavailable" > > > I guess I'll have to postpone the next issue of FWN until tomorrow > > > morning. :) > > > > It was my local ISP acting up in the evening. > > After resetting router and restarting network service, I'm ok now. > > Sorry about the false alarm :) > > It looks like it was a real alarm, I also got "503 - service unavailable" > earlier today (~1 hour ago). Now it seems to work. > Anyone interested in hitting the moin developers with a clue stick feel free. Its a lost cause now but boy oh boy am I sick and tired of hearing of our wiki. -Mike From mmcgrath at redhat.com Mon Mar 3 16:17:54 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Mon, 3 Mar 2008 10:17:54 -0600 (CST) Subject: Fedora Project Wiki down? In-Reply-To: <3263b11b0803030608o2650b2a1o795f4eff92ba6096@mail.gmail.com> References: <369bce3b0803030036m56073002nc558acdd0b5d420@mail.gmail.com> <369bce3b0803030057g756c5d5aya58f648736831c8d@mail.gmail.com> <47CBC0AB.8080303@nicubunu.ro> <3263b11b0803030607y45361d1h56f3113652319244@mail.gmail.com> <3263b11b0803030608o2650b2a1o795f4eff92ba6096@mail.gmail.com> Message-ID: On Mon, 3 Mar 2008, Jonathan Roberts wrote: > On 03/03/2008, Jonathan Roberts wrote: > > On 03/03/2008, Nicu Buculei wrote: > > > Thomas Chung wrote: > > > > On Mon, Mar 3, 2008 at 12:36 AM, Thomas Chung wrote: > > > >> Hey Fedora Infrastructure Team, > > > >> Is Fedora Project wiki down right now? (It's around 12:30 AM here in California) > > > >> I'm consistently getting: "Service Temporarily Unavailable" > > > >> I guess I'll have to postpone the next issue of FWN until tomorrow morning. :) > > > > > > > > It was my local ISP acting up in the evening. > > > > After resetting router and restarting network service, I'm ok now. > > > > Sorry about the false alarm :) > > > > > > > > > It looks like it was a real alarm, I also got "503 - service > > > unavailable" earlier today (~1 hour ago). Now it seems to work. > > > > > > I've been seeing a lot of 503 - service unavailable" messages over the > > past 3-4 days, and the wiki has seemed a lot slower than usual. Sorry > > I can't help diagnose any more than that! > > > > Oh, and I should have mentioned several of those have been today, so > it seems like whatever is the problem hasn't gone away... I'll try moving it too our other app server and see if that helps at all. -Mike From mmcgrath at redhat.com Tue Mar 4 17:36:39 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Tue, 4 Mar 2008 11:36:39 -0600 (CST) Subject: Wiki changes Message-ID: I'm making some more wiki tweaks today, if you're a regular wiki user please stop by #fedora-admin and let me know how its going. Basically I'm allowing more processes to run but for a shorter amount of time. This will cause the longer running threads to be killed much sooner and should free up resources for the normal day-to-day stuff that has been suffering over the last couple of weeks. I'm looking into why we've had more timeouts recently though I suspect its because the release is close, more people are editing and using the wiki. Please let me know what your experiences are with the wiki over the next couple of days. -Mike From tchung at fedoraproject.org Tue Mar 4 19:44:15 2008 From: tchung at fedoraproject.org (Thomas Chung) Date: Tue, 4 Mar 2008 11:44:15 -0800 Subject: Wiki changes In-Reply-To: References: Message-ID: <369bce3b0803041144h479faa4cgde30c989b40ec5d9@mail.gmail.com> On Tue, Mar 4, 2008 at 9:36 AM, Mike McGrath wrote: > I'm making some more wiki tweaks today, if you're a regular wiki user > please stop by #fedora-admin and let me know how its going. Basically I'm > allowing more processes to run but for a shorter amount of time. This > will cause the longer running threads to be killed much sooner and should > free up resources for the normal day-to-day stuff that has been suffering > over the last couple of weeks. I'm looking into why we've had more > timeouts recently though I suspect its because the release is close, more > people are editing and using the wiki. > > Please let me know what your experiences are with the wiki over the next > couple of days. > > -Mike I already see the difference. Thank you Mike! -- Thomas Chung http://fedoraproject.org/wiki/ThomasChung From mmcgrath at redhat.com Wed Mar 5 15:30:53 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Wed, 5 Mar 2008 09:30:53 -0600 (CST) Subject: Announcing FAS2 Tests! Message-ID: Well, we've been working on it for a long time and even with a last minute core technology change FAS2 is ready for testing and almost ready for deployment. What is FAS2 you ask? Its the second iteration of the Fedora Accounts System. It's based off of TurboGears and has so many standards and future expandability I won't even go into that here. What I will say is that we'd like everyone to come test it before we deploy it in the next week or two. The test site is at: https://publictest10.fedoraproject.org/accounts/ This system is completely separate from the current running system so feel free to come in, setup a test account, or 2 or 10, and groups. If you'd like admin or sponsor access to a group just stop by #fedora-admin and ask for it and someone will set you up. What are features to look forward to in FAS2? * Online help system * Translations (the systems there but without translations currently) * JSON Interface * More comprehensive client for shell access * Easier to sign the CLA * OpenID interface (work in progress) * Much less developer-centeric interface To get your own local install going just run: yum install git-core git clone git://git.fedorahosted.org/git/fedora-infrastructure.git/ cd fedora-infrastructure.git/fas vi README If you have any bugs to report please send them to: https://fedorahosted.org/fas2/ We're also taking feature requests though they will likely not make it into the initial deployment. Happy hacking! From a.badger at gmail.com Wed Mar 5 16:24:36 2008 From: a.badger at gmail.com (Toshio Kuratomi) Date: Wed, 05 Mar 2008 08:24:36 -0800 Subject: Announcing FAS2 Tests! In-Reply-To: <307f12af0803050748r7e409889hcb1581069e851b60@mail.gmail.com> References: <307f12af0803050748r7e409889hcb1581069e851b60@mail.gmail.com> Message-ID: <47CEC944.9050405@gmail.com> Magyar Zolt?n wrote: > Hi! > > After creating a new user and logging in, I get a 404 error page, with > the following url: > http://publictest10.fedoraproject.org/accounts/accounts/ > > > 404 Not Found > > The path '/accounts/' was not found. > > Page handler: "The path '/accounts/' was not found." > Traceback (most recent call last): > File "/usr/lib/python2.4/site-packages/cherrypy/_cphttptools.py", line 121, in _run > > self.main() > File "/usr/lib/python2.4/site-packages/cherrypy/_cphttptools.py", line 256, in main > page_handler, object_path, virtual_path = self.mapPathToObject(path) > File "/usr/lib/python2.4/site-packages/cherrypy/_cphttptools.py", line 326, in mapPathToObject > > raise cherrypy.NotFound(objectpath) > NotFound: 404 > > Looks like the second 'accounts/' is not needed, after deleting, it > works fine, I'm logged in. > How did you get to that page? Was it: 1) Hit https://publictest10.fedoraproject.org/accounts/ 2) Click on login on the page itself. 3) Login 4) It redirects you to /accounts/accounts ? I ask because I haven't been able to replicate this yet. -Toshio -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: OpenPGP digital signature URL: From jonathan.roberts.uk at googlemail.com Wed Mar 5 16:29:39 2008 From: jonathan.roberts.uk at googlemail.com (Jonathan Roberts) Date: Wed, 5 Mar 2008 16:29:39 +0000 Subject: Announcing FAS2 Tests! In-Reply-To: <47CEC944.9050405@gmail.com> References: <307f12af0803050748r7e409889hcb1581069e851b60@mail.gmail.com> <47CEC944.9050405@gmail.com> Message-ID: <3263b11b0803050829r3d480838g1d47a8295cf893f3@mail.gmail.com> > How did you get to that page? > > Was it: > 1) Hit https://publictest10.fedoraproject.org/accounts/ > 2) Click on login on the page itself. > 3) Login > 4) It redirects you to /accounts/accounts ? > > I ask because I haven't been able to replicate this yet. I've replicated it. Used this address to login: http://publictest10.fedoraproject.org/accounts/login Can confirm that removing the 2nd accounts fixed it :) Best wishes, Jon > > > -Toshio > > > _______________________________________________ > Fedora-infrastructure-list mailing list > Fedora-infrastructure-list at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list > > > From admin at arcnetworks.biz Wed Mar 5 16:54:25 2008 From: admin at arcnetworks.biz (Anand Capur) Date: Wed, 5 Mar 2008 11:54:25 -0500 Subject: Announcing FAS2 Tests! In-Reply-To: <3263b11b0803050829r3d480838g1d47a8295cf893f3@mail.gmail.com> References: <307f12af0803050748r7e409889hcb1581069e851b60@mail.gmail.com> <47CEC944.9050405@gmail.com> <3263b11b0803050829r3d480838g1d47a8295cf893f3@mail.gmail.com> Message-ID: <5d66540b0803050854s2f4ee794ub6dc9253be4a1b9a@mail.gmail.com> On 3/5/08, Jonathan Roberts wrote: > > > How did you get to that page? > > > > Was it: > > 1) Hit https://publictest10.fedoraproject.org/accounts/ > > 2) Click on login on the page itself. > > 3) Login > > 4) It redirects you to /accounts/accounts ? > > > > I ask because I haven't been able to replicate this yet. > > > I've replicated it. Used this address to login: > > http://publictest10.fedoraproject.org/accounts/login > > Can confirm that removing the 2nd accounts fixed it :) Yeah, I got that error too :D -------------- next part -------------- An HTML attachment was scrubbed... URL: From admin at arcnetworks.biz Wed Mar 5 17:09:19 2008 From: admin at arcnetworks.biz (Anand Capur) Date: Wed, 5 Mar 2008 12:09:19 -0500 Subject: Announcing FAS2 Tests! In-Reply-To: <5d66540b0803050854s2f4ee794ub6dc9253be4a1b9a@mail.gmail.com> References: <307f12af0803050748r7e409889hcb1581069e851b60@mail.gmail.com> <47CEC944.9050405@gmail.com> <3263b11b0803050829r3d480838g1d47a8295cf893f3@mail.gmail.com> <5d66540b0803050854s2f4ee794ub6dc9253be4a1b9a@mail.gmail.com> Message-ID: <5d66540b0803050909w7c285ec9i1a63cd4adfc23cbb@mail.gmail.com> Oh noes! 503 error XD. The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later. -Anand -------------- next part -------------- An HTML attachment was scrubbed... URL: From admin at arcnetworks.biz Wed Mar 5 17:18:11 2008 From: admin at arcnetworks.biz (Anand Capur) Date: Wed, 5 Mar 2008 12:18:11 -0500 Subject: Announcing FAS2 Tests! In-Reply-To: <5d66540b0803050909w7c285ec9i1a63cd4adfc23cbb@mail.gmail.com> References: <307f12af0803050748r7e409889hcb1581069e851b60@mail.gmail.com> <47CEC944.9050405@gmail.com> <3263b11b0803050829r3d480838g1d47a8295cf893f3@mail.gmail.com> <5d66540b0803050854s2f4ee794ub6dc9253be4a1b9a@mail.gmail.com> <5d66540b0803050909w7c285ec9i1a63cd4adfc23cbb@mail.gmail.com> Message-ID: <5d66540b0803050918v2a258ca4x2262eab1d249485@mail.gmail.com> Yey? :D A bug! I got this when trying to add a group with. Name: acapur-test1a Display: acapur-test1a Owner: acapur Type: tracking Needs Sponsor: no Self-Removal: no Must Belong To: (Blank) Join Message: Testing No Sponsor, No Self Removal No Must Belong To Page handler: > Traceback (most recent call last): File "/usr/lib/python2.4/site-packages/cherrypy/_cphttptools.py", line 121, in _run self.main() File "/usr/lib/python2.4/site-packages/cherrypy/_cphttptools.py", line 264, in main body = page_handler(*virtual_path, **self.params) File "", line 3, in create File "/usr/lib/python2.4/site-packages/turbogears/identity/conditions.py", line 242, in require return fn(self, *args, **kwargs) File "", line 3, in create File "/usr/lib/python2.4/site-packages/turbogears/controllers.py", line 200, in validate return errorhandling.run_with_errors(errors, func, *args, **kw) File "/usr/lib/python2.4/site-packages/turbogears/errorhandling.py", line 110, in run_with_errors return func(self, *args, **kw) File "", line 3, in create File "/usr/lib/python2.4/site-packages/turbogears/controllers.py", line 361, in expose output = database.run_with_transaction( File "", line 5, in run_with_transaction File "/usr/lib/python2.4/site-packages/turbogears/database.py", line 405, in sa_rwt retval = func(*args, **kw) File "", line 5, in _expose File "/usr/lib/python2.4/site-packages/turbogears/controllers.py", line 378, in mapping, fragment, args, kw))) File "/usr/lib/python2.4/site-packages/turbogears/controllers.py", line 405, in _execute_func output = errorhandling.try_call(func, *args, **kw) File "/usr/lib/python2.4/site-packages/turbogears/errorhandling.py", line 72, in try_call return func(self, *args, **kw) File "/srv/fedora-infrastructure/fas/fas/group.py", line 175, in create session.flush() File "/usr/lib/python2.4/site-packages/sqlalchemy/orm/scoping.py", line 98, in do return getattr(self.registry(), name)(*args, **kwargs) File "/usr/lib/python2.4/site-packages/sqlalchemy/orm/session.py", line 764, in flush self.uow.flush(self, objects) File "/usr/lib/python2.4/site-packages/sqlalchemy/orm/unitofwork.py", line 215, in flush flush_context.execute() File "/usr/lib/python2.4/site-packages/sqlalchemy/orm/unitofwork.py", line 437, in execute UOWExecutor().execute(self, tasks) File "/usr/lib/python2.4/site-packages/sqlalchemy/orm/unitofwork.py", line 927, in execute self.execute_save_steps(trans, task) File "/usr/lib/python2.4/site-packages/sqlalchemy/orm/unitofwork.py", line 944, in execute_save_steps self.execute_per_element_childtasks(trans, task, False) File "/usr/lib/python2.4/site-packages/sqlalchemy/orm/unitofwork.py", line 967, in execute_per_element_childtasks self.execute_element_childtasks(trans, element, isdelete) File "/usr/lib/python2.4/site-packages/sqlalchemy/orm/unitofwork.py", line 971, in execute_element_childtasks self.execute(trans, [child], isdelete) File "/usr/lib/python2.4/site-packages/sqlalchemy/orm/unitofwork.py", line 927, in execute self.execute_save_steps(trans, task) File "/usr/lib/python2.4/site-packages/sqlalchemy/orm/unitofwork.py", line 942, in execute_save_steps self.save_objects(trans, task) File "/usr/lib/python2.4/site-packages/sqlalchemy/orm/unitofwork.py", line 933, in save_objects task.mapper._save_obj(task.polymorphic_tosave_objects, trans) File "/usr/lib/python2.4/site-packages/sqlalchemy/orm/mapper.py", line 1106, in _save_obj c = connection.execute(statement.values(value_params), params) File "/usr/lib/python2.4/site-packages/sqlalchemy/engine/base.py", line 846, in execute return Connection.executors[c](self, object, multiparams, params) File "/usr/lib/python2.4/site-packages/sqlalchemy/engine/base.py", line 897, in execute_clauseelement return self._execute_compiled(elem.compile(dialect=self.dialect, column_keys=keys, inline=len(params) > 1), distilled_params=params) File "/usr/lib/python2.4/site-packages/sqlalchemy/engine/base.py", line 909, in _execute_compiled self.__execute_raw(context) File "/usr/lib/python2.4/site-packages/sqlalchemy/engine/base.py", line 918, in __execute_raw self._cursor_execute(context.cursor, context.statement, context.parameters[0], context=context) File "/usr/lib/python2.4/site-packages/sqlalchemy/engine/base.py", line 962, in _cursor_execute self._handle_dbapi_exception(e, statement, parameters, cursor) File "/usr/lib/python2.4/site-packages/sqlalchemy/engine/base.py", line 944, in _handle_dbapi_exception raise exceptions.DBAPIError.instance(statement, parameters, e, connection_invalidated=is_disconnect) ProgrammingError: (ProgrammingError) column "needs_sponsor" is of type boolean but expression is of type integer HINT: You will need to rewrite or cast the expression. 'INSERT INTO groups (id, name, display_name, owner_id, group_type, needs_sponsor, user_can_remove, prerequisite_id, joinmsg) VALUES (%(id)s, %(name)s, %(display_name)s, %(owner_id)s, %(group_type)s, %(needs_sponsor)s, %(user_can_remove)s, %(prerequisite_id)s, %(joinmsg)s)' {'display_name': 'acapur-test1a', 'name': 'acapur-test1a', 'needs_sponsor': 0, 'prerequisite_id': None, 'user_can_remove': 1, 'joinmsg': 'Testing No Sponsor, No Self Removal, No "Must Belong To"', 'id': 1145L, 'group_type': 'tracking', 'owner_id': 1122} -------------- next part -------------- An HTML attachment was scrubbed... URL: From ricky at fedoraproject.org Wed Mar 5 17:18:10 2008 From: ricky at fedoraproject.org (Ricky Zhou) Date: Wed, 5 Mar 2008 12:18:10 -0500 Subject: Announcing FAS2 Tests! In-Reply-To: <5d66540b0803050909w7c285ec9i1a63cd4adfc23cbb@mail.gmail.com> References: <307f12af0803050748r7e409889hcb1581069e851b60@mail.gmail.com> <47CEC944.9050405@gmail.com> <3263b11b0803050829r3d480838g1d47a8295cf893f3@mail.gmail.com> <5d66540b0803050854s2f4ee794ub6dc9253be4a1b9a@mail.gmail.com> <5d66540b0803050909w7c285ec9i1a63cd4adfc23cbb@mail.gmail.com> Message-ID: <20080305171810.GC16254@Max.nyc1.dsl.speakeasy.net> On 2008-03-05 12:09:19 PM, Anand Capur wrote: > Oh noes! 503 error XD. The server is temporarily unable to service your > request due to maintenance downtime or capacity problems. Please try again > later. Sorry about that, we're pushing updates pretty often, which means that TG gets restarted a lot. Whenever somebody hits the site before TG has fully started, we get 503s. If you get one, try again in a few seconds (I'll pretty much restart httpd/clear the timeout whenever I see it). Thanks for testing, Ricky -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From thinklinux.ssh at gmail.com Wed Mar 5 17:19:03 2008 From: thinklinux.ssh at gmail.com (susmit shannigrahi) Date: Wed, 5 Mar 2008 22:49:03 +0530 Subject: Announcing FAS2 Tests! In-Reply-To: <3263b11b0803050829r3d480838g1d47a8295cf893f3@mail.gmail.com> References: <307f12af0803050748r7e409889hcb1581069e851b60@mail.gmail.com> <47CEC944.9050405@gmail.com> <3263b11b0803050829r3d480838g1d47a8295cf893f3@mail.gmail.com> Message-ID: While on http://publictest10.fedoraproject.org/accounts/group/list/A* clicking on "Home" gives 500 internal error. Output attached. Not replicated. -- Regards, Susmit. ====================================== ssh 0x86DD170A http://www.fedoraproject.org/wiki/SusmitShannigrahi ====================================== -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: error_500.txt URL: From admin at arcnetworks.biz Wed Mar 5 17:20:08 2008 From: admin at arcnetworks.biz (Anand Capur) Date: Wed, 5 Mar 2008 12:20:08 -0500 Subject: Announcing FAS2 Tests! In-Reply-To: <20080305171810.GC16254@Max.nyc1.dsl.speakeasy.net> References: <307f12af0803050748r7e409889hcb1581069e851b60@mail.gmail.com> <47CEC944.9050405@gmail.com> <3263b11b0803050829r3d480838g1d47a8295cf893f3@mail.gmail.com> <5d66540b0803050854s2f4ee794ub6dc9253be4a1b9a@mail.gmail.com> <5d66540b0803050909w7c285ec9i1a63cd4adfc23cbb@mail.gmail.com> <20080305171810.GC16254@Max.nyc1.dsl.speakeasy.net> Message-ID: <5d66540b0803050920yf6ffd9l877083fdd1c3826d@mail.gmail.com> Another One XD. When I try to apply to the fedorabugs group. (I tried to apply to test, and it worked fine, then fedorabugs again and it gave me this. it seems to be an issue with certain groups. 500 Internal error The server encountered an unexpected condition which prevented it from fulfilling the request. Page handler: > Traceback (most recent call last): File "/usr/lib/python2.4/site-packages/cherrypy/_cphttptools.py", line 121, in _run self.main() File "/usr/lib/python2.4/site-packages/cherrypy/_cphttptools.py", line 264, in main body = page_handler(*virtual_path, **self.params) File "", line 3, in apply File "/usr/lib/python2.4/site-packages/turbogears/identity/conditions.py", line 242, in require return fn(self, *args, **kwargs) File "", line 3, in apply File "/usr/lib/python2.4/site-packages/turbogears/controllers.py", line 200, in validate return errorhandling.run_with_errors(errors, func, *args, **kw) File "/usr/lib/python2.4/site-packages/turbogears/errorhandling.py", line 110, in run_with_errors return func(self, *args, **kw) File "", line 3, in apply File "/usr/lib/python2.4/site-packages/turbogears/controllers.py", line 361, in expose output = database.run_with_transaction( File "", line 5, in run_with_transaction File "/usr/lib/python2.4/site-packages/turbogears/database.py", line 411, in sa_rwt session.commit() File "/usr/lib/python2.4/site-packages/sqlalchemy/orm/scoping.py", line 98, in do return getattr(self.registry(), name)(*args, **kwargs) File "/usr/lib/python2.4/site-packages/sqlalchemy/orm/session.py", line 544, in commit self.transaction.commit() File "/usr/lib/python2.4/site-packages/sqlalchemy/orm/session.py", line 250, in commit self._prepare_impl() File "/usr/lib/python2.4/site-packages/sqlalchemy/orm/session.py", line 234, in _prepare_impl self.session.flush() File "/usr/lib/python2.4/site-packages/sqlalchemy/orm/session.py", line 764, in flush self.uow.flush(self, objects) File "/usr/lib/python2.4/site-packages/sqlalchemy/orm/unitofwork.py", line 215, in flush flush_context.execute() File "/usr/lib/python2.4/site-packages/sqlalchemy/orm/unitofwork.py", line 437, in execute UOWExecutor().execute(self, tasks) File "/usr/lib/python2.4/site-packages/sqlalchemy/orm/unitofwork.py", line 927, in execute self.execute_save_steps(trans, task) File "/usr/lib/python2.4/site-packages/sqlalchemy/orm/unitofwork.py", line 942, in execute_save_steps self.save_objects(trans, task) File "/usr/lib/python2.4/site-packages/sqlalchemy/orm/unitofwork.py", line 933, in save_objects task.mapper._save_obj(task.polymorphic_tosave_objects, trans) File "/usr/lib/python2.4/site-packages/sqlalchemy/orm/mapper.py", line 1106, in _save_obj c = connection.execute(statement.values(value_params), params) File "/usr/lib/python2.4/site-packages/sqlalchemy/engine/base.py", line 846, in execute return Connection.executors[c](self, object, multiparams, params) File "/usr/lib/python2.4/site-packages/sqlalchemy/engine/base.py", line 897, in execute_clauseelement return self._execute_compiled(elem.compile(dialect=self.dialect, column_keys=keys, inline=len(params) > 1), distilled_params=params) File "/usr/lib/python2.4/site-packages/sqlalchemy/engine/base.py", line 909, in _execute_compiled self.__execute_raw(context) File "/usr/lib/python2.4/site-packages/sqlalchemy/engine/base.py", line 918, in __execute_raw self._cursor_execute(context.cursor, context.statement, context.parameters[0], context=context) File "/usr/lib/python2.4/site-packages/sqlalchemy/engine/base.py", line 962, in _cursor_execute self._handle_dbapi_exception(e, statement, parameters, cursor) File "/usr/lib/python2.4/site-packages/sqlalchemy/engine/base.py", line 944, in _handle_dbapi_exception raise exceptions.DBAPIError.instance(statement, parameters, e, connection_invalidated=is_disconnect) ProgrammingError: (ProgrammingError) plpython: function "bugzilla_sync" failed DETAIL: plpy.SPIError: plpy.execute() takes a sequence as its second argument -Anand 'INSERT INTO person_roles (person_id, group_id, role_type, role_status, internal_comments, sponsor_id, approval) VALUES (%(person_id)s, %(group_id)s, %(role_type)s, %(role_status)s, %(internal_comments)s, %(sponsor_id)s, %(approval)s)' {'internal_comments': None, 'role_status': 'unapproved', 'sponsor_id': None, 'person_id': 1122, 'approval': None, 'group_id': 1116, 'role_type': 'user'} -------------- next part -------------- An HTML attachment was scrubbed... URL: From thinklinux.ssh at gmail.com Wed Mar 5 17:22:47 2008 From: thinklinux.ssh at gmail.com (susmit shannigrahi) Date: Wed, 5 Mar 2008 22:52:47 +0530 Subject: Announcing FAS2 Tests! In-Reply-To: <47CEC944.9050405@gmail.com> References: <307f12af0803050748r7e409889hcb1581069e851b60@mail.gmail.com> <47CEC944.9050405@gmail.com> Message-ID: 2008/3/5 Toshio Kuratomi : > Magyar Zolt?n wrote: > > Hi! > > > > After creating a new user and logging in, I get a 404 error page, with > > the following url: > > http://publictest10.fedoraproject.org/accounts/accounts/ > > > > > > 404 Not Found > > > > The path '/accounts/' was not found. > > > > Page handler: "The path '/accounts/' was not found." > > Traceback (most recent call last): > > File "/usr/lib/python2.4/site-packages/cherrypy/_cphttptools.py", line 121, in _run > > > > self.main() > > File "/usr/lib/python2.4/site-packages/cherrypy/_cphttptools.py", line 256, in main > > page_handler, object_path, virtual_path = self.mapPathToObject(path) > > File "/usr/lib/python2.4/site-packages/cherrypy/_cphttptools.py", line 326, in mapPathToObject > > > > raise cherrypy.NotFound(objectpath) > > NotFound: 404 > > > > Looks like the second 'accounts/' is not needed, after deleting, it > > works fine, I'm logged in. Exactly same. -- Regards, Susmit. ====================================== ssh 0x86DD170A http://www.fedoraproject.org/wiki/SusmitShannigrahi ====================================== From thinklinux.ssh at gmail.com Wed Mar 5 17:27:52 2008 From: thinklinux.ssh at gmail.com (susmit shannigrahi) Date: Wed, 5 Mar 2008 22:57:52 +0530 Subject: Announcing FAS2 Tests! In-Reply-To: <5d66540b0803050920yf6ffd9l877083fdd1c3826d@mail.gmail.com> References: <307f12af0803050748r7e409889hcb1581069e851b60@mail.gmail.com> <47CEC944.9050405@gmail.com> <3263b11b0803050829r3d480838g1d47a8295cf893f3@mail.gmail.com> <5d66540b0803050854s2f4ee794ub6dc9253be4a1b9a@mail.gmail.com> <5d66540b0803050909w7c285ec9i1a63cd4adfc23cbb@mail.gmail.com> <20080305171810.GC16254@Max.nyc1.dsl.speakeasy.net> <5d66540b0803050920yf6ffd9l877083fdd1c3826d@mail.gmail.com> Message-ID: Invite a new community member! Clicking on "send" gives 500 Internal error The server encountered an unexpected condition which prevented it from fulfilling the request. Page handler: > Traceback (most recent call last): File "/usr/lib/python2.4/site-packages/cherrypy/_cphttptools.py", line 121, in _run self.main() File "/usr/lib/python2.4/site-packages/cherrypy/_cphttptools.py", line 264, in main body = page_handler(*virtual_path, **self.params) File "", line 3, in sendinvite File "/usr/lib/python2.4/site-packages/turbogears/identity/conditions.py", line 242, in require return fn(self, *args, **kwargs) File "", line 3, in sendinvite File "/usr/lib/python2.4/site-packages/turbogears/controllers.py", line 200, in validate return errorhandling.run_with_errors(errors, func, *args, **kw) File "/usr/lib/python2.4/site-packages/turbogears/errorhandling.py", line 110, in run_with_errors return func(self, *args, **kw) File "", line 3, in sendinvite File "/usr/lib/python2.4/site-packages/turbogears/controllers.py", line 361, in expose output = database.run_with_transaction( File "", line 5, in run_with_transaction File "/usr/lib/python2.4/site-packages/turbogears/database.py", line 405, in sa_rwt retval = func(*args, **kw) File "", line 5, in _expose File "/usr/lib/python2.4/site-packages/turbogears/controllers.py", line 378, in mapping, fragment, args, kw))) File "/usr/lib/python2.4/site-packages/turbogears/controllers.py", line 418, in _execute_func return _process_output(output, template, format, content_type, mapping, fragment) File "/usr/lib/python2.4/site-packages/turbogears/controllers.py", line 86, in _process_output fragment=fragment) File "/usr/lib/python2.4/site-packages/turbogears/view/base.py", line 129, in render return engine.render(**kw) File "/usr/lib/python2.4/site-packages/genshi/template/plugin.py", line 104, in render return self.transform(info, template).render(**kwargs) File "/usr/lib/python2.4/site-packages/genshi/core.py", line 154, in render return encode(generator, method=method, encoding=encoding) File "/usr/lib/python2.4/site-packages/genshi/output.py", line 45, in encode output = u''.join(list(iterator)) File "/usr/lib/python2.4/site-packages/genshi/output.py", line 274, in __call__ for kind, data, pos in stream: File "/usr/lib/python2.4/site-packages/genshi/output.py", line 519, in __call__ for kind, data, pos in stream: File "/usr/lib/python2.4/site-packages/genshi/output.py", line 679, in __call__ for kind, data, pos in chain(stream, [(None, None, None)]): File "/usr/lib/python2.4/site-packages/genshi/output.py", line 459, in __call__ for ev in stream: File "/usr/lib/python2.4/site-packages/genshi/core.py", line 212, in _ensure for event in stream: File "/usr/lib/python2.4/site-packages/genshi/template/markup.py", line 252, in _include for event in stream: File "/usr/lib/python2.4/site-packages/genshi/template/markup.py", line 322, in _match content = list(self._include(content, ctxt)) File "/usr/lib/python2.4/site-packages/genshi/template/markup.py", line 252, in _include for event in stream: File "/usr/lib/python2.4/site-packages/genshi/template/markup.py", line 297, in _match for event in stream: File "/usr/lib/python2.4/site-packages/genshi/template/markup.py", line 286, in _strip event = stream.next() File "/usr/lib/python2.4/site-packages/genshi/template/markup.py", line 242, in _exec for event in stream: File "/usr/lib/python2.4/site-packages/genshi/template/base.py", line 411, in _eval ctxt): File "/usr/lib/python2.4/site-packages/genshi/template/base.py", line 421, in _eval result = data.evaluate(ctxt) File "/usr/lib/python2.4/site-packages/genshi/template/eval.py", line 136, in evaluate return eval(self.code, _globals, {'data': data}) File "/srv/fedora-infrastructure/fas/fas/templates/group/invite.html", line 11, in
File "/usr/lib/python2.4/site-packages/genshi/template/eval.py", line 261, in lookup_name val = cls.undefined(name) File "/usr/lib/python2.4/site-packages/genshi/template/eval.py", line 356, in undefined raise UndefinedError(key, owner=owner) UndefinedError: "group" not defined -- Regards, Susmit. ====================================== ssh 0x86DD170A http://www.fedoraproject.org/wiki/SusmitShannigrahi ====================================== From ricky at fedoraproject.org Wed Mar 5 17:44:56 2008 From: ricky at fedoraproject.org (Ricky Zhou) Date: Wed, 5 Mar 2008 12:44:56 -0500 Subject: Announcing FAS2 Tests! In-Reply-To: <5d66540b0803050918v2a258ca4x2262eab1d249485@mail.gmail.com> References: <307f12af0803050748r7e409889hcb1581069e851b60@mail.gmail.com> <47CEC944.9050405@gmail.com> <3263b11b0803050829r3d480838g1d47a8295cf893f3@mail.gmail.com> <5d66540b0803050854s2f4ee794ub6dc9253be4a1b9a@mail.gmail.com> <5d66540b0803050909w7c285ec9i1a63cd4adfc23cbb@mail.gmail.com> <5d66540b0803050918v2a258ca4x2262eab1d249485@mail.gmail.com> Message-ID: <20080305174456.GD16254@Max.nyc1.dsl.speakeasy.net> On 2008-03-05 12:18:11 PM, Anand Capur wrote: > Yey? :D A bug! I got this when trying to add a group with. > Name: acapur-test1a > Display: acapur-test1a > Owner: acapur > Type: tracking > Needs Sponsor: no > Self-Removal: no > Must Belong To: (Blank) > Join Message: Testing No Sponsor, No Self Removal No Must Belong To Good catch - we changed the type to a boolean in the DB and didn't fix it in our controller. Should be corrected now. Thanks, Ricky -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From ricky at fedoraproject.org Wed Mar 5 17:58:00 2008 From: ricky at fedoraproject.org (Ricky Zhou) Date: Wed, 5 Mar 2008 12:58:00 -0500 Subject: Announcing FAS2 Tests! In-Reply-To: References: <307f12af0803050748r7e409889hcb1581069e851b60@mail.gmail.com> <47CEC944.9050405@gmail.com> <3263b11b0803050829r3d480838g1d47a8295cf893f3@mail.gmail.com> Message-ID: <20080305175800.GE16254@Max.nyc1.dsl.speakeasy.net> On 2008-03-05 10:49:03 PM, susmit shannigrahi wrote: > While on http://publictest10.fedoraproject.org/accounts/group/list/A* > clicking on "Home" gives 500 internal error. > > Output attached. Not replicated. Oops, this is my fault - I edited controllers.py and made it different from what's actually in git - this should be resolved now. Thanks, Ricky -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From ricky at fedoraproject.org Wed Mar 5 17:59:56 2008 From: ricky at fedoraproject.org (Ricky Zhou) Date: Wed, 5 Mar 2008 12:59:56 -0500 Subject: Announcing FAS2 Tests! In-Reply-To: References: <307f12af0803050748r7e409889hcb1581069e851b60@mail.gmail.com> <47CEC944.9050405@gmail.com> <3263b11b0803050829r3d480838g1d47a8295cf893f3@mail.gmail.com> <5d66540b0803050854s2f4ee794ub6dc9253be4a1b9a@mail.gmail.com> <5d66540b0803050909w7c285ec9i1a63cd4adfc23cbb@mail.gmail.com> <20080305171810.GC16254@Max.nyc1.dsl.speakeasy.net> <5d66540b0803050920yf6ffd9l877083fdd1c3826d@mail.gmail.com> Message-ID: <20080305175956.GF16254@Max.nyc1.dsl.speakeasy.net> On 2008-03-05 10:57:52 PM, susmit shannigrahi wrote: > Invite a new community member! Clicking on "send" gives Thanks! Forgot to pass a variable for sendpass, but that should be added in a bit. Ricky -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From thinklinux.ssh at gmail.com Wed Mar 5 19:17:00 2008 From: thinklinux.ssh at gmail.com (susmit shannigrahi) Date: Thu, 6 Mar 2008 00:47:00 +0530 Subject: Announcing FAS2 Tests! In-Reply-To: <20080305175956.GF16254@Max.nyc1.dsl.speakeasy.net> References: <307f12af0803050748r7e409889hcb1581069e851b60@mail.gmail.com> <47CEC944.9050405@gmail.com> <3263b11b0803050829r3d480838g1d47a8295cf893f3@mail.gmail.com> <5d66540b0803050854s2f4ee794ub6dc9253be4a1b9a@mail.gmail.com> <5d66540b0803050909w7c285ec9i1a63cd4adfc23cbb@mail.gmail.com> <20080305171810.GC16254@Max.nyc1.dsl.speakeasy.net> <5d66540b0803050920yf6ffd9l877083fdd1c3826d@mail.gmail.com> <20080305175956.GF16254@Max.nyc1.dsl.speakeasy.net> Message-ID: http://publictest10.fedoraproject.org/accounts/group/list Table :results field :Status Clicking on "i" icon gives error 404!!!! Screenshot attatched. -- Regards, Susmit. ====================================== ssh 0x86DD170A http://www.fedoraproject.org/wiki/SusmitShannigrahi ====================================== -------------- next part -------------- A non-text attachment was scrubbed... Name: Screenshot.png Type: image/png Size: 171278 bytes Desc: not available URL: From ricky at fedoraproject.org Wed Mar 5 19:25:10 2008 From: ricky at fedoraproject.org (Ricky Zhou) Date: Wed, 5 Mar 2008 14:25:10 -0500 Subject: Announcing FAS2 Tests! In-Reply-To: References: <307f12af0803050748r7e409889hcb1581069e851b60@mail.gmail.com> <47CEC944.9050405@gmail.com> <3263b11b0803050829r3d480838g1d47a8295cf893f3@mail.gmail.com> <5d66540b0803050854s2f4ee794ub6dc9253be4a1b9a@mail.gmail.com> <5d66540b0803050909w7c285ec9i1a63cd4adfc23cbb@mail.gmail.com> <20080305171810.GC16254@Max.nyc1.dsl.speakeasy.net> <5d66540b0803050920yf6ffd9l877083fdd1c3826d@mail.gmail.com> <20080305175956.GF16254@Max.nyc1.dsl.speakeasy.net> Message-ID: <20080305192510.GG16254@Max.nyc1.dsl.speakeasy.net> On 2008-03-06 12:47:00 AM, susmit shannigrahi wrote: > http://publictest10.fedoraproject.org/accounts/group/list > > Table :results > field :Status > Clicking on "i" icon gives error 404!!!! Whoops, fixed the hardcoded URL. Thanks, Ricky -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From ricky at fedoraproject.org Wed Mar 5 19:32:09 2008 From: ricky at fedoraproject.org (Ricky Zhou) Date: Wed, 5 Mar 2008 14:32:09 -0500 Subject: Announcing FAS2 Tests! In-Reply-To: References: <307f12af0803050748r7e409889hcb1581069e851b60@mail.gmail.com> <47CEC944.9050405@gmail.com> Message-ID: <20080305193209.GH16254@Max.nyc1.dsl.speakeasy.net> On 2008-03-05 10:52:47 PM, susmit shannigrahi wrote: > 2008/3/5 Toshio Kuratomi : > > Magyar Zolt?n wrote: > > > Hi! > > > > > > After creating a new user and logging in, I get a 404 error page, with > > > the following url: > > > http://publictest10.fedoraproject.org/accounts/accounts/ > > > > > > > > > 404 Not Found > > > > > > The path '/accounts/' was not found. > > > > > > Page handler: "The path '/accounts/' was not found." > > > Traceback (most recent call last): > > > File "/usr/lib/python2.4/site-packages/cherrypy/_cphttptools.py", line 121, in _run > > > > > > self.main() > > > File "/usr/lib/python2.4/site-packages/cherrypy/_cphttptools.py", line 256, in main > > > page_handler, object_path, virtual_path = self.mapPathToObject(path) > > > File "/usr/lib/python2.4/site-packages/cherrypy/_cphttptools.py", line 326, in mapPathToObject > > > > > > raise cherrypy.NotFound(objectpath) > > > NotFound: 404 > > > > > > Looks like the second 'accounts/' is not needed, after deleting, it > > > works fine, I'm logged in. > > Exactly same. I'm not sure why we're running into this now, but I think it might be fixed now (used redirect('.') instead of redirect('/')). Thanks, Ricky -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From thinklinux.ssh at gmail.com Wed Mar 5 20:30:21 2008 From: thinklinux.ssh at gmail.com (susmit shannigrahi) Date: Thu, 6 Mar 2008 02:00:21 +0530 Subject: Announcing FAS2 Tests! In-Reply-To: <20080305192510.GG16254@Max.nyc1.dsl.speakeasy.net> References: <307f12af0803050748r7e409889hcb1581069e851b60@mail.gmail.com> <3263b11b0803050829r3d480838g1d47a8295cf893f3@mail.gmail.com> <5d66540b0803050854s2f4ee794ub6dc9253be4a1b9a@mail.gmail.com> <5d66540b0803050909w7c285ec9i1a63cd4adfc23cbb@mail.gmail.com> <20080305171810.GC16254@Max.nyc1.dsl.speakeasy.net> <5d66540b0803050920yf6ffd9l877083fdd1c3826d@mail.gmail.com> <20080305175956.GF16254@Max.nyc1.dsl.speakeasy.net> <20080305192510.GG16254@Max.nyc1.dsl.speakeasy.net> Message-ID: [Feature] Should not "Apply for a new group" point to complete list of groups? That will make finding a group easier. If one does not know which particular group he/she wants to join, right now he/she has to click all the letters !!!! Also "Group list" should point to the alphabetic list instead of the whole list. Whats say? -- Regards, Susmit. ====================================== ssh 0x86DD170A http://www.fedoraproject.org/wiki/SusmitShannigrahi ====================================== From mmcgrath at redhat.com Wed Mar 5 20:37:52 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Wed, 5 Mar 2008 14:37:52 -0600 (CST) Subject: Announcing FAS2 Tests! In-Reply-To: References: <307f12af0803050748r7e409889hcb1581069e851b60@mail.gmail.com> <3263b11b0803050829r3d480838g1d47a8295cf893f3@mail.gmail.com> <5d66540b0803050854s2f4ee794ub6dc9253be4a1b9a@mail.gmail.com> <5d66540b0803050909w7c285ec9i1a63cd4adfc23cbb@mail.gmail.com> <20080305171810.GC16254@Max.nyc1.dsl.speakeasy.net> <5d66540b0803050920yf6ffd9l877083fdd1c3826d@mail.gmail.com> <20080305175956.GF16254@Max.nyc1.dsl.speakeasy.net> <20080305192510.GG16254@Max.nyc1.dsl.speakeasy.net> Message-ID: On Thu, 6 Mar 2008, susmit shannigrahi wrote: > [Feature] > > Should not "Apply for a new group" point to complete list of groups? > That will make finding a group easier. > If one does not know which particular group he/she wants to join, right now > he/she has to click all the letters !!!! > > Also "Group list" should point to the alphabetic list instead of the whole list. > > Whats say? > This is actually a symptom of another problem I've been bouncing around in my head and have been unable to figure out. Groups in FAS could be a whole team, or a subgroup of the team or just a tracker. For example "fedorabugs" is a group but not one that meets up for meetings or anything. "sysadmin" is a group, we meet here and people work as part of the team to get something done. sysadmin-web is a sub group of that group that works just on the servers. >From the point of view of someone new to Fedora I have no idea how to get that kind of point across. The closest I came was to put in the help and in the about section to get to know the teams first before applying. Like asking someone to marry you, its best to know the answer before you ask the question and apply. I'm open to ideas on this though I suspect the best answer is to better beef up this page - http://fedoraproject.org/join-fedora and what it links to. -Mike From thinklinux.ssh at gmail.com Wed Mar 5 20:54:43 2008 From: thinklinux.ssh at gmail.com (susmit shannigrahi) Date: Thu, 6 Mar 2008 02:24:43 +0530 Subject: Announcing FAS2 Tests! In-Reply-To: References: <307f12af0803050748r7e409889hcb1581069e851b60@mail.gmail.com> <5d66540b0803050909w7c285ec9i1a63cd4adfc23cbb@mail.gmail.com> <20080305171810.GC16254@Max.nyc1.dsl.speakeasy.net> <5d66540b0803050920yf6ffd9l877083fdd1c3826d@mail.gmail.com> <20080305175956.GF16254@Max.nyc1.dsl.speakeasy.net> <20080305192510.GG16254@Max.nyc1.dsl.speakeasy.net> Message-ID: > This is actually a symptom of another problem I've been bouncing around in > my head and have been unable to figure out. Groups in FAS could be a > whole team, or a subgroup of the team or just a tracker. For example > "fedorabugs" is a group but not one that meets up for meetings or > anything. > > "sysadmin" is a group, we meet here and people work as part of the team to > get something done. sysadmin-web is a sub group of that group that works > just on the servers. What is the problem? To let people know about functional details of a group? If so, may be a "i" besides group name will help. -- Regards, Susmit. ====================================== ssh 0x86DD170A http://www.fedoraproject.org/wiki/SusmitShannigrahi ====================================== From thinklinux.ssh at gmail.com Wed Mar 5 20:56:27 2008 From: thinklinux.ssh at gmail.com (susmit shannigrahi) Date: Thu, 6 Mar 2008 02:26:27 +0530 Subject: Announcing FAS2 Tests! In-Reply-To: References: <307f12af0803050748r7e409889hcb1581069e851b60@mail.gmail.com> <20080305171810.GC16254@Max.nyc1.dsl.speakeasy.net> <5d66540b0803050920yf6ffd9l877083fdd1c3826d@mail.gmail.com> <20080305175956.GF16254@Max.nyc1.dsl.speakeasy.net> <20080305192510.GG16254@Max.nyc1.dsl.speakeasy.net> Message-ID: Clicking on "New group" on the left hand side list gives 500 Internal error The server encountered an unexpected condition which prevented it from fulfilling the request. Page handler: > Traceback (most recent call last): File "/usr/lib/python2.4/site-packages/cherrypy/_cphttptools.py", line 121, in _run self.main() File "/usr/lib/python2.4/site-packages/cherrypy/_cphttptools.py", line 264, in main body = page_handler(*virtual_path, **self.params) File "", line 3, in new File "/usr/lib/python2.4/site-packages/turbogears/identity/conditions.py", line 242, in require return fn(self, *args, **kwargs) File "", line 3, in new File "/usr/lib/python2.4/site-packages/turbogears/controllers.py", line 361, in expose output = database.run_with_transaction( File "", line 5, in run_with_transaction File "/usr/lib/python2.4/site-packages/turbogears/database.py", line 405, in sa_rwt retval = func(*args, **kw) File "", line 5, in _expose File "/usr/lib/python2.4/site-packages/turbogears/controllers.py", line 378, in mapping, fragment, args, kw))) File "/usr/lib/python2.4/site-packages/turbogears/controllers.py", line 418, in _execute_func return _process_output(output, template, format, content_type, mapping, fragment) File "/usr/lib/python2.4/site-packages/turbogears/controllers.py", line 86, in _process_output fragment=fragment) File "/usr/lib/python2.4/site-packages/turbogears/view/base.py", line 129, in render return engine.render(**kw) File "/usr/lib/python2.4/site-packages/genshi/template/plugin.py", line 104, in render return self.transform(info, template).render(**kwargs) File "/usr/lib/python2.4/site-packages/genshi/template/plugin.py", line 149, in transform return super(MarkupTemplateEnginePlugin, self).transform(data, template) File "/usr/lib/python2.4/site-packages/genshi/template/plugin.py", line 109, in transform template = self.load_template(template) File "/usr/lib/python2.4/site-packages/genshi/template/plugin.py", line 91, in load_template return self.loader.load(templatename) File "/usr/lib/python2.4/site-packages/genshi/template/loader.py", line 203, in load encoding=encoding) File "/usr/lib/python2.4/site-packages/genshi/template/markup.py", line 75, in __init__ loader=loader, encoding=encoding, lookup=lookup) File "/usr/lib/python2.4/site-packages/genshi/template/base.py", line 322, in __init__ raise TemplateSyntaxError(e.msg, self.filepath, e.lineno, e.offset) TemplateSyntaxError: not well-formed (invalid token): line 34, column 81 (/srv/fedora-infrastructure/fas/fas/templates/group/new.html, line 34) -- Regards, Susmit. ====================================== ssh 0x86DD170A http://www.fedoraproject.org/wiki/SusmitShannigrahi ====================================== From ricky at fedoraproject.org Wed Mar 5 21:06:23 2008 From: ricky at fedoraproject.org (Ricky Zhou) Date: Wed, 5 Mar 2008 16:06:23 -0500 Subject: Announcing FAS2 Tests! In-Reply-To: References: <20080305171810.GC16254@Max.nyc1.dsl.speakeasy.net> <5d66540b0803050920yf6ffd9l877083fdd1c3826d@mail.gmail.com> <20080305175956.GF16254@Max.nyc1.dsl.speakeasy.net> <20080305192510.GG16254@Max.nyc1.dsl.speakeasy.net> Message-ID: <20080305210623.GJ16254@Max.nyc1.dsl.speakeasy.net> On 2008-03-06 02:26:27 AM, susmit shannigrahi wrote: > Clicking on "New group" on the left hand side list gives > > > 500 Internal error > > The server encountered an unexpected condition which prevented it from > fulfilling the request. Ahh! Fixed the typo responsible. Thanks, Ricky -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From admin at arcnetworks.biz Wed Mar 5 21:09:05 2008 From: admin at arcnetworks.biz (Anand Capur) Date: Wed, 5 Mar 2008 16:09:05 -0500 Subject: Announcing FAS2 Tests! In-Reply-To: References: <307f12af0803050748r7e409889hcb1581069e851b60@mail.gmail.com> <5d66540b0803050854s2f4ee794ub6dc9253be4a1b9a@mail.gmail.com> <5d66540b0803050909w7c285ec9i1a63cd4adfc23cbb@mail.gmail.com> <20080305171810.GC16254@Max.nyc1.dsl.speakeasy.net> <5d66540b0803050920yf6ffd9l877083fdd1c3826d@mail.gmail.com> <20080305175956.GF16254@Max.nyc1.dsl.speakeasy.net> <20080305192510.GG16254@Max.nyc1.dsl.speakeasy.net> Message-ID: <5d66540b0803051309i86d521o833b2f8ed3d6ac03@mail.gmail.com> On 3/5/08, susmit shannigrahi wrote: > > [Feature] > > Should not "Apply for a new group" point to complete list of groups? > That will make finding a group easier. > If one does not know which particular group he/she wants to join, right > now > he/she has to click all the letters !!!! > > Also "Group list" should point to the alphabetic list instead of the whole > list. > > Whats say? > > -- > Regards, > Susmit. You can click the all button/tab @ the end. to see a listing of all the groups. -Anand -------------- next part -------------- An HTML attachment was scrubbed... URL: From thinklinux.ssh at gmail.com Wed Mar 5 21:13:47 2008 From: thinklinux.ssh at gmail.com (susmit shannigrahi) Date: Thu, 6 Mar 2008 02:43:47 +0530 Subject: Announcing FAS2 Tests! In-Reply-To: <5d66540b0803051309i86d521o833b2f8ed3d6ac03@mail.gmail.com> References: <307f12af0803050748r7e409889hcb1581069e851b60@mail.gmail.com> <5d66540b0803050909w7c285ec9i1a63cd4adfc23cbb@mail.gmail.com> <20080305171810.GC16254@Max.nyc1.dsl.speakeasy.net> <5d66540b0803050920yf6ffd9l877083fdd1c3826d@mail.gmail.com> <20080305175956.GF16254@Max.nyc1.dsl.speakeasy.net> <20080305192510.GG16254@Max.nyc1.dsl.speakeasy.net> <5d66540b0803051309i86d521o833b2f8ed3d6ac03@mail.gmail.com> Message-ID: > You can click the all button/tab @ the end. to see a listing of all the > groups. > -Anand Hi, Thanks, missed it. [ more bug] http://publictest10.fedoraproject.org/accounts/group/list/A* "Create group" under "Create New Group" searches instead of pointing to the form. -- Regards, Susmit. ====================================== ssh 0x86DD170A http://www.fedoraproject.org/wiki/SusmitShannigrahi ====================================== From mmcgrath at redhat.com Wed Mar 5 22:00:30 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Wed, 5 Mar 2008 16:00:30 -0600 (CST) Subject: Wiki changes In-Reply-To: References: Message-ID: On Tue, 4 Mar 2008, Mike McGrath wrote: > I'm making some more wiki tweaks today, if you're a regular wiki user > please stop by #fedora-admin and let me know how its going. Basically I'm > allowing more processes to run but for a shorter amount of time. This > will cause the longer running threads to be killed much sooner and should > free up resources for the normal day-to-day stuff that has been suffering > over the last couple of weeks. I'm looking into why we've had more > timeouts recently though I suspect its because the release is close, more > people are editing and using the wiki. > > Please let me know what your experiences are with the wiki over the next > couple of days. > In case anyone is curious, we are seeing a drop in 503's on the wiki from our change yesterday. We had a spike this morning but that was my tests and puppet conflicting and has been fixed. I'm going to run this test again in a few days to see how it looks on a longer timeline. http://mmcgrath.fedorapeople.org/HttpCodes.png <-- pretty graph -Mike From thinklinux.ssh at gmail.com Thu Mar 6 14:29:25 2008 From: thinklinux.ssh at gmail.com (susmit shannigrahi) Date: Thu, 6 Mar 2008 19:59:25 +0530 Subject: Announcing FAS2 Tests! In-Reply-To: References: <307f12af0803050748r7e409889hcb1581069e851b60@mail.gmail.com> <20080305171810.GC16254@Max.nyc1.dsl.speakeasy.net> <5d66540b0803050920yf6ffd9l877083fdd1c3826d@mail.gmail.com> <20080305175956.GF16254@Max.nyc1.dsl.speakeasy.net> <20080305192510.GG16254@Max.nyc1.dsl.speakeasy.net> <5d66540b0803051309i86d521o833b2f8ed3d6ac03@mail.gmail.com> Message-ID: Well, "Create new group" gives an error if there is a "_" or a "." in group name. For example creating "susmit_test" or "susmit.test" gives Error! The following error(s) have occured with your request: * name: The input is not valid Is it a bug or error checking? -- Regards, Susmit. ====================================== ssh 0x86DD170A http://www.fedoraproject.org/wiki/SusmitShannigrahi ====================================== From mark at wormgoor.com Thu Mar 6 14:50:34 2008 From: mark at wormgoor.com (Mark Wormgoor) Date: Thu, 06 Mar 2008 15:50:34 +0100 Subject: Announcing FAS2 Tests! In-Reply-To: References: Message-ID: <47D004BA.5000508@wormgoor.com> Found a bug. Requesting a password for a nonexisting user - email combination will lead to a 500 internal server error. URL: https://publictest10.fedoraproject.org/accounts/user/sendpass Output: 500 Internal error The server encountered an unexpected condition which prevented it from fulfilling the request. Page handler: > Traceback (most recent call last): File "/usr/lib/python2.4/site-packages/cherrypy/_cphttptools.py", line 121, in _run self.main() File "/usr/lib/python2.4/site-packages/cherrypy/_cphttptools.py", line 264, in main body = page_handler(*virtual_path, **self.params) File "", line 3, in sendpass File "/usr/lib/python2.4/site-packages/turbogears/controllers.py", line 361, in expose output = database.run_with_transaction( File "", line 5, in run_with_transaction File "/usr/lib/python2.4/site-packages/turbogears/database.py", line 405, in sa_rwt retval = func(*args, **kw) File "", line 5, in _expose File "/usr/lib/python2.4/site-packages/turbogears/controllers.py", line 378, in mapping, fragment, args, kw))) File "/usr/lib/python2.4/site-packages/turbogears/controllers.py", line 405, in _execute_func output = errorhandling.try_call(func, *args, **kw) File "/usr/lib/python2.4/site-packages/turbogears/errorhandling.py", line 72, in try_call return func(self, *args, **kw) File "/srv/fedora-infrastructure/fas/fas/user.py", line 373, in sendpass person = People.by_username(username) File "/srv/fedora-infrastructure/fas/fas/model.py", line 115, in by_username return cls.query.filter_by(username=username).one() File "/usr/lib/python2.4/site-packages/sqlalchemy/orm/query.py", line 832, in one raise exceptions.InvalidRequestError('No rows returned for one()') InvalidRequestError: No rows returned for one() Powered by CherryPy 2.3.0 From message20200 at yahoo.fr Thu Mar 6 17:17:50 2008 From: message20200 at yahoo.fr (ballout merouene) Date: Thu, 6 Mar 2008 18:17:50 +0100 (CET) Subject: header intact Message-ID: <635381.44853.qm@web25602.mail.ukl.yahoo.com>
Envoy? avec Yahoo! Mail.
Une boite mail plus intelligente. -------------- next part -------------- An HTML attachment was scrubbed... URL: From jonstanley at gmail.com Thu Mar 6 19:47:08 2008 From: jonstanley at gmail.com (Jon Stanley) Date: Thu, 6 Mar 2008 14:47:08 -0500 Subject: Mailman list for triage - special requirements Message-ID: John Poelstra and I were just thinking about a mailing list for watching incoming bugs. Unfortunately, I don't know that there's the right combination of checkboxes in Bugzilla to just get mail about new bugs. However, filtering based on mail header could get that - every new bugmail that Bugzilla sends has a header of "X-Bugzilla-Changed-Fields: New" that could be filtered on. The question is whether or not mailman is capable of filtering based on arbitrary header values. Note that this question doesn't mean we'll actually do this, we're still mulling over whether or not it's actually a good idea at all (and input on that front is welcomed too!). However, we want to know if it's technically possible or how much effort would be needed to accommodate the request. Thanks! -Jon From notting at redhat.com Thu Mar 6 19:54:02 2008 From: notting at redhat.com (Bill Nottingham) Date: Thu, 6 Mar 2008 14:54:02 -0500 Subject: Mailman list for triage - special requirements In-Reply-To: References: Message-ID: <20080306195402.GB19414@nostromo.devel.redhat.com> Jon Stanley (jonstanley at gmail.com) said: > John Poelstra and I were just thinking about a mailing list for > watching incoming bugs. Unfortunately, I don't know that there's the > right combination of checkboxes in Bugzilla to just get mail about new > bugs. However, filtering based on mail header could get that - every > new bugmail that Bugzilla sends has a header of > "X-Bugzilla-Changed-Fields: New" that could be filtered on. > > The question is whether or not mailman is capable of filtering based > on arbitrary header values. Note that this question doesn't mean > we'll actually do this, we're still mulling over whether or not it's > actually a good idea at all (and input on that front is welcomed > too!). However, we want to know if it's technically possible or how > much effort would be needed to accommodate the request. Why is this better than a RSS feed or similar? Bill From mmcgrath at redhat.com Thu Mar 6 21:05:04 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Thu, 6 Mar 2008 15:05:04 -0600 (CST) Subject: Announcing FAS2 Tests! In-Reply-To: References: <307f12af0803050748r7e409889hcb1581069e851b60@mail.gmail.com> <20080305171810.GC16254@Max.nyc1.dsl.speakeasy.net> <5d66540b0803050920yf6ffd9l877083fdd1c3826d@mail.gmail.com> <20080305175956.GF16254@Max.nyc1.dsl.speakeasy.net> <20080305192510.GG16254@Max.nyc1.dsl.speakeasy.net> <5d66540b0803051309i86d521o833b2f8ed3d6ac03@mail.gmail.com> Message-ID: On Thu, 6 Mar 2008, susmit shannigrahi wrote: > Well, "Create new group" gives an error if there is a "_" or a "." in > group name. > For example creating "susmit_test" or "susmit.test" gives > > > Error! > > The following error(s) have occured with your request: > > * name: The input is not valid > > > Is it a bug or error checking? > Thats both actually. We ran across that yesterday ourselves. Basically if you try to create a group without valid characters (for a while "-" wasn't valid) It'd throw that error. Which really doesn't describe what the problem is. We're working to make this more descript (it turns out this particular issue is more complex then it seems. In the meantime I might just add better help next to that field. -Mike From mmcgrath at redhat.com Thu Mar 6 21:10:24 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Thu, 6 Mar 2008 15:10:24 -0600 (CST) Subject: Announcing FAS2 Tests! In-Reply-To: <47D004BA.5000508@wormgoor.com> References: <47D004BA.5000508@wormgoor.com> Message-ID: Just fixed this problem in the upstream repo. Might take a bit before we get it to the testing site. -Mike On Thu, 6 Mar 2008, Mark Wormgoor wrote: > > Found a bug. > Requesting a password for a nonexisting user - email combination will lead to > a 500 internal server error. > > URL: https://publictest10.fedoraproject.org/accounts/user/sendpass > Output: > > 500 Internal error > The server encountered an unexpected condition which prevented it from > fulfilling the request. > > Page handler: 0x119a0c10>> > Traceback (most recent call last): > File "/usr/lib/python2.4/site-packages/cherrypy/_cphttptools.py", line 121, > in _run > self.main() > File "/usr/lib/python2.4/site-packages/cherrypy/_cphttptools.py", line 264, > in main > body = page_handler(*virtual_path, **self.params) > File "", line 3, in sendpass > File "/usr/lib/python2.4/site-packages/turbogears/controllers.py", line 361, > in expose > output = database.run_with_transaction( > File "", line 5, in run_with_transaction > File "/usr/lib/python2.4/site-packages/turbogears/database.py", line 405, in > sa_rwt > retval = func(*args, **kw) > File "", line 5, in _expose > File "/usr/lib/python2.4/site-packages/turbogears/controllers.py", line 378, > in > mapping, fragment, args, kw))) > File "/usr/lib/python2.4/site-packages/turbogears/controllers.py", line 405, > in _execute_func > output = errorhandling.try_call(func, *args, **kw) > File "/usr/lib/python2.4/site-packages/turbogears/errorhandling.py", line > 72, in try_call > return func(self, *args, **kw) > File "/srv/fedora-infrastructure/fas/fas/user.py", line 373, in sendpass > person = People.by_username(username) > File "/srv/fedora-infrastructure/fas/fas/model.py", line 115, in by_username > return cls.query.filter_by(username=username).one() > File "/usr/lib/python2.4/site-packages/sqlalchemy/orm/query.py", line 832, > in one > raise exceptions.InvalidRequestError('No rows returned for one()') > InvalidRequestError: No rows returned for one() > Powered by CherryPy 2.3.0 > > _______________________________________________ > Fedora-infrastructure-list mailing list > Fedora-infrastructure-list at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list > From mmcgrath at redhat.com Thu Mar 6 21:14:36 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Thu, 6 Mar 2008 15:14:36 -0600 (CST) Subject: puppet 0.24.2 Message-ID: Beware! Don't do it! puppet 0.24.2 has been released and is in epel testing, which means if you yum update a machine... it'll get picked up. And it doesn't work with our setup. The 0.24.2 puppet nodes are not compatable with 0.24.1 puppet masters. I (or someone) will need to test some things before doing this upgrade. -Mike From smooge at gmail.com Thu Mar 6 21:20:19 2008 From: smooge at gmail.com (Stephen John Smoogen) Date: Thu, 6 Mar 2008 14:20:19 -0700 Subject: puppet 0.24.2 In-Reply-To: References: Message-ID: <80d7e4090803061320x5c130809ye0142148d22069db@mail.gmail.com> On Thu, Mar 6, 2008 at 2:14 PM, Mike McGrath wrote: > Beware! Don't do it! > > puppet 0.24.2 has been released and is in epel testing, which means if you > yum update a machine... it'll get picked up. And it doesn't work with our > setup. The 0.24.2 puppet nodes are not compatable with 0.24.1 puppet > masters. > > I (or someone) will need to test some things before doing this upgrade. Ouch. That's uhm not a minor update :). Well it could be worse (... plunges through cfengine minor update changes..) -- Stephen J Smoogen. -- CSIRT/Linux System Administrator How far that little candle throws his beams! So shines a good deed in a naughty world. = Shakespeare. "The Merchant of Venice" From poelstra at redhat.com Thu Mar 6 21:28:21 2008 From: poelstra at redhat.com (John Poelstra) Date: Thu, 06 Mar 2008 13:28:21 -0800 Subject: Mailman list for triage - special requirements In-Reply-To: <20080306195402.GB19414@nostromo.devel.redhat.com> References: <20080306195402.GB19414@nostromo.devel.redhat.com> Message-ID: <47D061F5.2030402@redhat.com> Bill Nottingham said the following on 03/06/2008 11:54 AM Pacific Time: > Jon Stanley (jonstanley at gmail.com) said: >> John Poelstra and I were just thinking about a mailing list for >> watching incoming bugs. Unfortunately, I don't know that there's the >> right combination of checkboxes in Bugzilla to just get mail about new >> bugs. However, filtering based on mail header could get that - every >> new bugmail that Bugzilla sends has a header of >> "X-Bugzilla-Changed-Fields: New" that could be filtered on. >> >> The question is whether or not mailman is capable of filtering based >> on arbitrary header values. Note that this question doesn't mean >> we'll actually do this, we're still mulling over whether or not it's >> actually a good idea at all (and input on that front is welcomed >> too!). However, we want to know if it's technically possible or how >> much effort would be needed to accommodate the request. > > Why is this better than a RSS feed or similar? > > Bill > Mostly different work styles and how you approach your "work". A lot of people work from email as a task list. I tend to approach a lot of tasks in "batches" where I collect work items, address them, and cross them off a list. If the folder is empty I know I am up to date. I would agree an RSS reader could fill the same function. This is different than opening a web browser and manually querying bugzilla to locate "work items".... push vs. pull information flow. John From jonstanley at gmail.com Thu Mar 6 22:04:42 2008 From: jonstanley at gmail.com (Jon Stanley) Date: Thu, 6 Mar 2008 17:04:42 -0500 Subject: Mailman list for triage - special requirements In-Reply-To: <20080306195402.GB19414@nostromo.devel.redhat.com> References: <20080306195402.GB19414@nostromo.devel.redhat.com> Message-ID: On Thu, Mar 6, 2008 at 2:54 PM, Bill Nottingham wrote: > Why is this better than a RSS feed or similar? Good question - as John said below, different people prefer different workflows. For those that might like RSS, there's the shiny new: http://feeds.feedburner.com/f7-new-7days http://feeds.feedburner.com/f8-new-7days http://feeds.feedburner.com/rawhide-new-7days Enjoy! From ricky at fedoraproject.org Thu Mar 6 23:10:46 2008 From: ricky at fedoraproject.org (Ricky Zhou) Date: Thu, 6 Mar 2008 18:10:46 -0500 Subject: Meeting Log - 2008-03-06 Message-ID: <20080306231046.GL16254@Max.nyc1.dsl.speakeasy.net> 15:01 -!- mmcgrath changed the topic of #fedora-meeting to: Infrastructure -- Come one come all. Who's here? 15:02 < gkrpan> <-- here 15:02 < mmcgrath> Alrighty guys, who's around? 15:02 * yingbull is here. 15:02 * f13 15:02 * iWolf lurks while he kicks his tape library 15:02 * daMaestro here 15:02 * whitenoise here (only for listen :P) 15:03 * skvidal is 15:03 * alleycat sits quitely in a corner 15:03 * jwb is here just in case 15:03 -!- jmbuser [n=jmbuser at 195.229.24.83] has left #fedora-meeting ["Time to go"] 15:03 -!- alleycat is now known as wolfy 15:04 < mmcgrath> alrighty then, lets talk tickets 15:04 -!- mmcgrath changed the topic of #fedora-meeting to: Infrastructure -- Tickets 15:04 < mmcgrath> .tiny https://fedorahosted.org/fedora-infrastructure/query?status=new&status=assigned&status=reopened&group=milestone&keywords=%7EMeeting&order=priority 15:04 < zodbot> mmcgrath: http://tinyurl.com/2hyyz6 15:04 < mmcgrath> .ticket 421 15:04 < zodbot> mmcgrath: #421 (Fedora Mirror Space) - Fedora Infrastructure - Trac - https://fedorahosted.org/projects/fedora-infrastructure/ticket/421 15:04 < mmcgrath> So it looks like we'll be able to do our test releases then blow them away. 15:04 < f13> some good news on that front 15:04 * lmacken is here 15:04 < mmcgrath> which will allow us to host the secondary arch ia64. 15:05 < f13> I'm still trying to suck all the content down to Westford 15:05 < mmcgrath> f13: do you just want me to leave moving those bits around to you? 15:05 * jcollie is here 15:05 < f13> mmcgrath: yeah, once I have them sucked down, I'll send out some announcements and a week later blow away all the old content. 15:05 < mmcgrath> solid. How soon do you think we can give a thumbs up to the ia64 guys? And how are we going to be configuring a sync of that content? 15:06 < f13> mmcgrath: dgilmore will be setting up a timed rsync from their content to the netapp via releng1 15:06 < f13> I hope in 2 weeks~ we can start picking up their content 15:06 < mmcgrath> dgilmore: what subnet are they on? 15:07 -!- smooge [n=smooge at canopus.unm.edu] has joined #fedora-meeting 15:07 < mmcgrath> ehh, we can work out the specifics there when the time comes. 15:08 < mmcgrath> f13: anything else on that front? If not we'll move on. 15:09 < f13> I don't think so. 15:09 < mmcgrath> k, next item 15:09 < mmcgrath> .ticket 365 15:09 < zodbot> mmcgrath: #365 (mailman setup (project/hosted)) - Fedora Infrastructure - Trac - https://fedorahosted.org/projects/fedora-infrastructure/ticket/365 15:09 < mmcgrath> jcollie: AFAIK we're done and ready for this, is that correct? 15:09 < mmcgrath> If so after the meeting I'll kick it off by starting a smolt-devel list :) 15:09 < jcollie> well, i gotta reconfigure for lists.fh.o but otherwise yeah 15:09 < mmcgrath> jcollie: how much work will that be? 15:10 < lmacken> I'll keep an eye on the audit logs on collab1 to see if selinux breaks anything 15:10 < jcollie> not too much i think... looking into it now 15:10 -!- giarc_w [i=hidden-u at gnat.asiscan.com] has joined #fedora-meeting 15:10 * dgilmore is here 15:11 < dgilmore> mmcgrath: the box that we will sync from is 209.132.176.105 15:11 < mmcgrath> jcollie: excellent. let me know when you think its ready. 15:11 < mmcgrath> dgilmore: that won't work I don't think. 15:11 < mmcgrath> .dns koji.fedoraproject.org 15:11 < zodbot> mmcgrath: 209.132.176.98 15:11 < mmcgrath> yeah, I don't think our internal network will be able to get to that IP address. 15:11 < mmcgrath> maybe though. 15:12 < mmcgrath> ahh, looks like we can. 15:12 < dgilmore> mmcgrath: i tested yesterday and i was able to connect to it via rync from releng1 15:12 < mmcgrath> ok. no worries there then. 15:12 < mmcgrath> jcollie: anything else? 15:13 < mmcgrath> alrighty, moving on :) 15:13 < mmcgrath> .ticket 395 15:13 < zodbot> mmcgrath: #395 (Audio Streaming of Fedora Board Conference Calls) - Fedora Infrastructure - Trac - https://fedorahosted.org/projects/fedora-infrastructure/ticket/395 15:13 < mmcgrath> skvidal: dgilmore: I forget, do you guys remember if there was a deadline or target date for this set by the board? 15:13 < skvidal> none 15:13 < dgilmore> mmcgrath: ASAP 15:14 < skvidal> dgilmore: or as late as possible 15:14 < dgilmore> but its not pressing 15:14 < mmcgrath> buhahahah 15:14 < skvidal> there isn't a deadline 15:14 < skvidal> when it is possible is good 15:14 < mmcgrath> so as soon as someone has time to get it setup. 15:14 < dgilmore> yep 15:14 < skvidal> but I do not think we said 'drop other things to do it' 15:14 < skvidal> dgilmore: ? 15:14 < mmcgrath> Ok. so here's the goal for that as far as I see it. 15:14 < dgilmore> skvidal: no dropping of other things 15:14 < skvidal> dgilmore:okay, you and I have a very different way of conveying that :) 15:14 < dgilmore> irc worked fairly well and we will use that until asterisk is ready 15:14 < mmcgrath> We've been waiting on FAS2 as a blocker for some things. A soon as its out the door (hopefully next week) I have a feeling there's going to be a mad rush to get the wiki migrated. 15:14 < dgilmore> skvidal: my bad sorry 15:15 < skvidal> dgilmore: no, just different 15:15 < mmcgrath> Additionally we've built a little buffer in the back of our minds to have asterisk integration with FAS2. 15:15 < mmcgrath> Does anyone here want to take on that task? 15:15 < mmcgrath> There's 2 issues at stake. 15:15 < mmcgrath> 1) is the town hall meetings 15:15 < mmcgrath> and 2) is the finalization of our asterisk setup. 15:16 < mmcgrath> jcollie is working on 1) and has made some good progress but I don't think it will be viable until 2) is complete. 15:16 < dgilmore> mmcgrath: im willing to work on it with jcollie and jsmith 15:16 < mmcgrath> if no one has the time right now we'll just postpone it till next week. 15:16 < mmcgrath> dgilmore: excellent. 15:16 < jcollie> i've got a bit of time... 15:16 * mmcgrath looks for a ticket real quick. 15:16 < jcollie> as far as FAS<->asterisk i think it's best if we just generate the asterisk configs from a FAS2 dump 15:16 -!- mpdehaan [n=mpdehaan at nat/redhat/x-778d50d1dc8d8e9a] has joined #fedora-meeting 15:17 < dgilmore> jcollie: :) we can chat about it this arvo 15:17 < dgilmore> jcollie: :) most likely yeah 15:17 < mpdehaan> can I sneak "public cobbler server" into the agenda? :) 15:17 < mmcgrath> yeah I can't find it yet 15:17 < jcollie> i don't think we want to get into asterisk "realtime" 15:17 < mmcgrath> mpdehaan: we'll open the floor at the end, thats a good time :) 15:18 < mpdehaan> cool 15:18 < mmcgrath> jcollie: I was thinking about that too. Long term though it'd be awesome to see some sort of openid integration with asterisk. thats another story though. 15:18 < mmcgrath> dgilmore: ok, would you mind creating a ticket, putting me, jcollie and jsmith on the cc? 15:18 < jcollie> openid is web-only afaik 15:19 < mmcgrath> jcollie: I've heard about some people doing what I call "strange things" with it though :) never know. 15:19 < mmcgrath> alrighty, next item 15:19 < mmcgrath> .ticket 398 15:19 < zodbot> mmcgrath: #398 (elfutils `monotone' (mtn) error) - Fedora Infrastructure - Trac - https://fedorahosted.org/projects/fedora-infrastructure/ticket/398 15:19 < mmcgrath> jcollie: thanks for brining this up. I aparently missed rolands comment about it not being able to do anonymous checkouts. 15:20 < mmcgrath> Long story short guys, in order to use a monotone repo, you have to have write access of some kind. 15:20 < mmcgrath> lame? yes. very. 15:20 < mmcgrath> in the meantime I've suggested rsync as an option 15:20 < jcollie> i think we need to put a hold on any new monotone repos 15:20 < mmcgrath> jcollie: what did you think of that? 15:20 < jcollie> kinda lame 15:20 < mmcgrath> very lame 15:20 < jcollie> but i guess it'd work 15:21 < mmcgrath> it works for our "openess" rule, but its very lame. 15:21 < mmcgrath> I'm going to check and open a bug with the mtn developers. 15:21 < mmcgrath> ok, anyone have anything else on that? 15:21 < daMaestro> +1 to bugging upstream to support r/o access ;-) 15:22 < f13> oh god, that's terrible. 15:22 < f13> fwiw, "upstream" == RH employee I think 15:22 < f13> or at one time that was true 15:22 < mmcgrath> funny. 15:22 < mmcgrath> Alrighty, so thats the end of the tickets. one item I want to discuss since the release is on its way is the number of open tickets still with a F9 milestone on them. 15:23 < mmcgrath> .tiny https://fedorahosted.org/fedora-infrastructure/query?status=new&status=assigned&status=reopened&milestone=Fedora+9 15:23 < zodbot> mmcgrath: http://tinyurl.com/25vzyu 15:23 < mmcgrath> It seems like there's a lot there, and there is, but much of it is already being worked on and a few of them are related to FAS2. 15:23 < dgilmore> mmcgrath: will do 15:23 < mmcgrath> One bit thats still up there that doesn't have an owner is the final move to postfix on bastion and adding spam headers. 15:24 < mmcgrath> jcollie helpped move all the rest of our boxes to postfix so they're all set. Bastion is the final one. Any takers? 15:24 < mmcgrath> .ticket 333 15:24 < zodbot> mmcgrath: #333 (Add spam headers to bastion (smtp)) - Fedora Infrastructure - Trac - https://fedorahosted.org/projects/fedora-infrastructure/ticket/333 15:24 < mmcgrath> .ticket 54 15:24 < zodbot> mmcgrath: #54 (Postfix Server) - Fedora Infrastructure - Trac - https://fedorahosted.org/projects/fedora-infrastructure/ticket/54 15:24 < mmcgrath> wow, 54. long time ago. 15:24 * ricky gets here 15:24 < mmcgrath> ricky: word up? 15:24 < dgilmore> mmcgrath: 54 we had a box up and were waiting on bits to drop in epel 15:25 * dgilmore let that slip from mind 15:25 < dgilmore> :( 15:25 * mmcgrath wonders if that box is still around somewhere. 15:25 < dgilmore> if it is xen1 or xen2 15:25 < mmcgrath> dgilmore: no worries. It seemed like a really big deal when we first started talking about it but then things changed and it just wasn't a big deal anymore. 15:25 -!- MrBawb [i=abob at guppy.drown.org] has joined #fedora-meeting 15:25 < mmcgrath> but spam headers are a service we should be providing to our users. 15:26 < mmcgrath> we'll talk about that next time. 15:26 < mmcgrath> moving on 15:26 -!- mmcgrath changed the topic of #fedora-meeting to: Infrastructure -- FAS2 15:26 < mmcgrath> So this is about ready to go. I'm finalizing some of the shell creation scripts. 15:26 < mmcgrath> we still need to test to verify apache can auth against our new password hash. 15:27 < ricky> I somehow doubt it. 15:27 < ricky> Apache's idea of md5 is a very custom combination of md5 hashes. 15:27 < mmcgrath> ricky: yeah, thats my concern too. If nothing else we'll have to add another field to the db with an apache hash field. 15:27 < mmcgrath> or use pam or something. 15:27 < mmcgrath> there's options there so we're not screwed or anything but its the one last bit that we haven't really looked at. 15:28 < mmcgrath> I suspect next week will be very interesting. 15:28 < ricky> Yeah. Trac's the main use, right? 15:28 < mmcgrath> ricky: yeah, but we also use it with nagios, cacti and a couple of other places I think. 15:29 -!- inode0 [n=inode0 at fedora/inode0] has left #fedora-meeting [] 15:29 < ricky> Aha, OK. Nice apache integration would be best, then. 15:29 < mmcgrath> other then that we're a go for next week. I'm going to get a feel for what my weeks going to look like with pycon and all but I'm hoping early next week for a deploy. 15:29 < mmcgrath> then spending the rest of that week and next fixing any bugs that show up. 15:30 < mmcgrath> has everyone here had a chance to look at it? Any concerns? 15:30 < f13> if you break my ability to get the beta out, I'll hurt you (: 15:31 < ricky> This might be a slightly lower priority at the moment, but I'd be nice to mizmo/the art team about polishing it up a bit. 15:31 < ricky> **it'd 15:31 < abadger1999> mmcgrath: Are we going to stick it on app3/4/5 or a new set of app servers? 15:31 < ricky> In terms of features, the main thing left is email verification, and we've made good progress on that. 15:32 < mmcgrath> abadger1999: actually I'm going to put it on its own set of servers. I think this round it will be worth it to have a separation between sysadmin-web and the keys to the castle :) 15:32 < abadger1999> Sounds good. 15:32 < mmcgrath> we recently got another xen box (as in installed yesterday) 8 procs 32G ram. 15:32 < ricky> Nice. 15:33 < mmcgrath> We'll be moving some stuff off of xen2 on to it and dedicating xen2 entirely to releng and build related things. 15:33 < mmcgrath> the new box is xen7, proxy2 is on it now. I'm going to let it run for a few days under load and make sure its good to go. 15:34 < mmcgrath> alrighty. so thats all I've got that I really wanted to talk about. 15:34 < mmcgrath> ricky and toshio are amazing. Thought I'd get that out of the way too. I expect to say it a few more times before this whole thing is over :) 15:34 -!- mmcgrath changed the topic of #fedora-meeting to: Infrastructure -- Open Floor 15:34 < ricky> How will we be handling FAS2 deployment? Making it an RPM? 15:34 * mpdehaan raises hand 15:35 < mmcgrath> ricky: yeah, we'll have an rpm to deploy. both a client and server. 15:35 < mpdehaan> I would like to bring up the public Cobbler server idea. If you guys can get me a virt instance that is publically accessible that is pretty much all I need. 15:35 * ricky just mentions that for the TODO - abadger1999's probably the expert on python packaging 15:35 < mpdehaan> and can maintain it for life from there 15:35 < mmcgrath> .announce We've had a burp on one of our servers, some web services (wiki) and koji will be down for a moment. 15:35 < zodbot> Announcement from my owner (mmcgrath): We've had a burp on one of our servers, some web services (wiki) and koji will be down for a moment. 15:35 < mmcgrath> mpdehaan: ok so here's the thing 15:36 < mmcgrath> we don't really do stuff like that "a cobbler server" thats maintained by a person. 15:36 < mpdehaan> well, team then 15:36 < abadger1999> ricky: You seem to the model doing what you want so I'll start work on packaging. 15:36 < abadger1999> Oops. Right after bugzilla sync :-( 15:36 < mmcgrath> if you're going to have a web service (like transifex for example) you'll have to partner or join the sysadmin-web team and convince one of them to bring it up on a public test. 15:36 < mmcgrath> once its through with the testing we'll need to move it to production and create an SOP for it so we can all admin it and stuff. 15:37 < ricky> abadger1999: Great- thanks a lot! 15:37 < mpdehaan> yeah, so I need to join who and it's not a RFR but something else? 15:37 < mmcgrath> the RFR is fine, its what we'll reference when we have questions and things about the service. 15:37 < mpdehaan> so where do I join sysadmin-web-team and who is "convince who" ? 15:37 < mmcgrath> convince someone on the team to help you. 15:38 < mpdehaan> ok, so where's that? 15:38 < mpdehaan> as far as help goes, I'm willing to set it up and write all the docs for how to maintain it and clone it, etc 15:39 < mmcgrath> mpdehaan: https://admin.fedoraproject.org/accounts/dump-group.cgi?group=sysadmin-web 15:39 < mmcgrath> also 15:39 < mmcgrath> http://fedoraproject.org/wiki/Infrastructure/FIGs when dgilmore brings the wiki back up. 15:39 < mpdehaan> ok I may harass Seth then 15:39 < skvidal> oh dear 15:39 < skvidal> what? 15:39 < mmcgrath> Is anyone here interested in sponsoring mpdehaan ? 15:40 < skvidal> I'll do it 15:40 < mmcgrath> mpdehaan: he's on the team so yeah, you could nag him. 15:40 < mpdehaan> thank you 15:40 < mmcgrath> solid. 15:40 < skvidal> what did I just volunteer for? 15:40 < skvidal> :) 15:40 * skvidal kids 15:41 < mmcgrath> heh 15:41 < mmcgrath> I've got one other thing I'd like to discuss 15:41 < mmcgrath> I have some wiki edits and changes I'd like to request, is anyone here interested in getting those in and done? 15:41 < mmcgrath> its a partial re-org and clean up. it'd be a good way to get involved for people that don't typically work with Infrastructure. 15:41 < dgilmore> skvidal: you volunteered to feed us all for a month 15:41 < mmcgrath> .title http://fedoraproject.org/wiki/Infrastructure/FIGs 15:42 < zodbot> mmcgrath: Infrastructure/FIGs - Fedora Project Wiki 15:42 < mmcgrath> mpdehaan: ^^^ its up 15:42 < mmcgrath> jima: you around 15:42 < skvidal> dgilmore: excellent, hope you like vegetarian food :) 15:42 < dgilmore> skvidal: im down with that 15:42 < gkrpan> mmcgrath: what all is involved in the edits/changes? 15:42 < abadger1999> Mm mm roasted tomatoes and matzo ball soup. 15:43 < mmcgrath> gkrpan: well, we've got this RFR section that is kind of out dated. I'd like people to start using tickets now that we have a ticketing system. 15:43 < mmcgrath> so I want someone to go through all the RFR's, close them or move them to a ticket (after contacting the author first) 15:43 -!- geroldka [n=Gerold at fedora/geroldka] has quit "Leaving" 15:43 < spoleeba> mmcgrath, please tell me you have a something in mind next that can use the acronym NEWTONS 15:43 < mmcgrath> I'd also like someones eyes to look over the GettingStarted page and make sure it still makes sense. 15:43 < gkrpan> well, I am trying to become familiar with things, and have always (unfortunately) been good with documentation, so I'd be willing to give it a shot 15:44 < skvidal> abadger1999: heh 15:44 < mmcgrath> spoleeba: I'll see what I can do. 15:44 < mmcgrath> gkrpan: can you drop me an email mmcgrath at redhat.com ? 15:44 < gkrpan> sure can 15:44 < mmcgrath> gkrpan: excellent, thank you very much. 15:44 < mmcgrath> alrighty, so thats all that I have. Does anyone have anything else? If not we'll close the meeting in 30 15:45 < ricky> Are we ready for upgrading FC6 boxes? 15:46 < ricky> As in, what is that still blocking on? 15:46 < f13> I don't want to bump releng1 during the beta freeze cycle 15:46 < mmcgrath> ricky: yeah. Someone from the web team needs to verify that transifex runs correctly on app4. I'm pretty sure it does. 15:46 < mmcgrath> then we can destroy app3. 15:46 < f13> but after beta is released, I want to bump releng1 -> releng2 15:46 < mmcgrath> after that its just test servers and releng1. 15:46 < mmcgrath> 15:46 < mmcgrath> so that will be taken care of. 15:46 < f13> but I'm seeing some selinux issues I need to sort out first in some testing here 15:47 < ricky> mmcgrath: OK, I'll mention that to glezos - would testing on publictest3 be fine as well? 15:47 < ricky> Er, actually, that shouldn't matter. 15:47 < mmcgrath> ricky: 15:47 < mmcgrath> Anyone have anything else? 15:48 < mmcgrath> we'll close in 30 15:49 -!- mmcgrath changed the topic of #fedora-meeting to: Infrastructure -- Meeting closed! 15:49 < mmcgrath> thanks for coming everyone. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From mmcgrath at redhat.com Fri Mar 7 01:32:17 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Thu, 6 Mar 2008 19:32:17 -0600 (CST) Subject: puppet 0.24.2 In-Reply-To: <80d7e4090803061320x5c130809ye0142148d22069db@mail.gmail.com> References: <80d7e4090803061320x5c130809ye0142148d22069db@mail.gmail.com> Message-ID: On Thu, 6 Mar 2008, Stephen John Smoogen wrote: > On Thu, Mar 6, 2008 at 2:14 PM, Mike McGrath wrote: > > Beware! Don't do it! > > > > puppet 0.24.2 has been released and is in epel testing, which means if you > > yum update a machine... it'll get picked up. And it doesn't work with our > > setup. The 0.24.2 puppet nodes are not compatable with 0.24.1 puppet > > masters. > > > > I (or someone) will need to test some things before doing this upgrade. > > Ouch. That's uhm not a minor update :). Well it could be worse (... > plunges through cfengine minor update changes..) In fairness to the puppet guys I talked to them about it and they said it should be considered a bug, just one that slipped into the release. -Mike From poelstra at redhat.com Fri Mar 7 04:05:23 2008 From: poelstra at redhat.com (John Poelstra) Date: Thu, 06 Mar 2008 20:05:23 -0800 Subject: Mailman list for triage - special requirements In-Reply-To: References: <20080306195402.GB19414@nostromo.devel.redhat.com> Message-ID: <47D0BF03.5070607@redhat.com> Jon Stanley said the following on 03/06/2008 02:04 PM Pacific Time: > On Thu, Mar 6, 2008 at 2:54 PM, Bill Nottingham wrote: > >> Why is this better than a RSS feed or similar? > > Good question - as John said below, different people prefer different > workflows. For those that might like RSS, there's the shiny new: > > http://feeds.feedburner.com/f7-new-7days > http://feeds.feedburner.com/f8-new-7days > http://feeds.feedburner.com/rawhide-new-7days > > Enjoy! > This work REALLY well and it is really nice being able to scroll through the list of bugs and look for summaries I think I can triage! I know bugzilla has RSS capabilities, but I'd never looked into them before. I'd vote for dropping the email idea. What is the advantage of using feedburner? One thing I immediately like about it is that the URL is not a mile long like bugzilla queries. John From thinklinux.ssh at gmail.com Fri Mar 7 20:07:12 2008 From: thinklinux.ssh at gmail.com (susmit shannigrahi) Date: Sat, 8 Mar 2008 01:37:12 +0530 Subject: Announcing FAS2 Tests! In-Reply-To: References: <47D004BA.5000508@wormgoor.com> Message-ID: Another one... The click through cla is signed, but the home page shows "cla not signed". Should not it read "click through cla only" or something similar? Screenshots attached. -- Thanks and Regards, Susmit. ====================================== ssh 0x86DD170A http://www.fedoraproject.org/wiki/SusmitShannigrahi ====================================== -------------- next part -------------- A non-text attachment was scrubbed... Name: 2.png Type: image/png Size: 130912 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: 1 Type: application/octet-stream Size: 104996 bytes Desc: not available URL: From thinklinux.ssh at gmail.com Fri Mar 7 20:09:31 2008 From: thinklinux.ssh at gmail.com (susmit shannigrahi) Date: Sat, 8 Mar 2008 01:39:31 +0530 Subject: Announcing FAS2 Tests! In-Reply-To: References: <47D004BA.5000508@wormgoor.com> Message-ID: oops.. attached wrong screenshots. On Sat, Mar 8, 2008 at 1:37 AM, susmit shannigrahi wrote: > Another one... > > The click through cla is signed, but the home page shows "cla not signed". > Should not it read "click through cla only" or something similar? > > Screenshots attached. -- Thanks and Regards, Susmit. ====================================== ssh 0x86DD170A http://www.fedoraproject.org/wiki/SusmitShannigrahi ====================================== -------------- next part -------------- A non-text attachment was scrubbed... Name: 2.png Type: image/png Size: 130912 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: 1.png Type: image/png Size: 107326 bytes Desc: not available URL: From admin at arcnetworks.biz Fri Mar 7 20:33:54 2008 From: admin at arcnetworks.biz (Anand Capur) Date: Fri, 7 Mar 2008 15:33:54 -0500 Subject: Announcing FAS2 Tests! In-Reply-To: References: <47D004BA.5000508@wormgoor.com> Message-ID: <5d66540b0803071233k3c0738bcw592eda5947ff4ee3@mail.gmail.com> On 3/7/08, susmit shannigrahi wrote: > > oops.. attached wrong screenshots. > > On Sat, Mar 8, 2008 at 1:37 AM, susmit shannigrahi > > wrote: > > > Another one... > > > > The click through cla is signed, but the home page shows "cla not > signed". > > Should not it read "click through cla only" or something similar? > > > > Screenshots attached. > > > > -- > Thanks and Regards, > Susmit. It has to be approved first. It works fine on my account. -Anand -------------- next part -------------- An HTML attachment was scrubbed... URL: From ricky at fedoraproject.org Fri Mar 7 20:46:37 2008 From: ricky at fedoraproject.org (Ricky Zhou) Date: Fri, 7 Mar 2008 15:46:37 -0500 Subject: Announcing FAS2 Tests! In-Reply-To: References: <47D004BA.5000508@wormgoor.com> Message-ID: <20080307204637.GS16254@Max.nyc1.dsl.speakeasy.net> On 2008-03-08 01:37:12 AM, susmit shannigrahi wrote: > Another one... > > The click through cla is signed, but the home page shows "cla not signed". > Should not it read "click through cla only" or something similar? > > Screenshots attached. Ah, thanks - it should be changed to be more specific now. As a side note, we might not have the click-through CLA enabled at the time of launch (I'm not sure what we've heard from Legal about this so far). Thanks, RIcky -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From thinklinux.ssh at gmail.com Sat Mar 8 02:55:15 2008 From: thinklinux.ssh at gmail.com (susmit shannigrahi) Date: Sat, 8 Mar 2008 08:25:15 +0530 Subject: Announcing FAS2 Tests! In-Reply-To: <20080307204637.GS16254@Max.nyc1.dsl.speakeasy.net> References: <47D004BA.5000508@wormgoor.com> <20080307204637.GS16254@Max.nyc1.dsl.speakeasy.net> Message-ID: Trying to log in now gives error 500 (check for click through cla ?? most probably) 500 Internal error The server encountered an unexpected condition which prevented it from fulfilling the request. Page handler: > Traceback (most recent call last): File "/usr/lib/python2.4/site-packages/cherrypy/_cphttptools.py", line 121, in _run self.main() File "/usr/lib/python2.4/site-packages/cherrypy/_cphttptools.py", line 264, in main body = page_handler(*virtual_path, **self.params) File "", line 3, in home File "/usr/lib/python2.4/site-packages/turbogears/controllers.py", line 361, in expose output = database.run_with_transaction( File "", line 5, in run_with_transaction File "/usr/lib/python2.4/site-packages/turbogears/database.py", line 405, in sa_rwt retval = func(*args, **kw) File "", line 5, in _expose File "/usr/lib/python2.4/site-packages/turbogears/controllers.py", line 378, in mapping, fragment, args, kw))) File "/usr/lib/python2.4/site-packages/turbogears/controllers.py", line 418, in _execute_func return _process_output(output, template, format, content_type, mapping, fragment) File "/usr/lib/python2.4/site-packages/turbogears/controllers.py", line 86, in _process_output fragment=fragment) File "/usr/lib/python2.4/site-packages/turbogears/view/base.py", line 129, in render return engine.render(**kw) File "/usr/lib/python2.4/site-packages/genshi/template/plugin.py", line 104, in render return self.transform(info, template).render(**kwargs) File "/usr/lib/python2.4/site-packages/genshi/core.py", line 154, in render return encode(generator, method=method, encoding=encoding) File "/usr/lib/python2.4/site-packages/genshi/output.py", line 45, in encode output = u''.join(list(iterator)) File "/usr/lib/python2.4/site-packages/genshi/output.py", line 274, in __call__ for kind, data, pos in stream: File "/usr/lib/python2.4/site-packages/genshi/output.py", line 519, in __call__ for kind, data, pos in stream: File "/usr/lib/python2.4/site-packages/genshi/output.py", line 679, in __call__ for kind, data, pos in chain(stream, [(None, None, None)]): File "/usr/lib/python2.4/site-packages/genshi/output.py", line 459, in __call__ for ev in stream: File "/usr/lib/python2.4/site-packages/genshi/core.py", line 212, in _ensure for event in stream: File "/usr/lib/python2.4/site-packages/genshi/template/markup.py", line 252, in _include for event in stream: File "/usr/lib/python2.4/site-packages/genshi/template/markup.py", line 322, in _match content = list(self._include(content, ctxt)) File "/usr/lib/python2.4/site-packages/genshi/template/markup.py", line 252, in _include for event in stream: File "/usr/lib/python2.4/site-packages/genshi/template/markup.py", line 297, in _match for event in stream: File "/usr/lib/python2.4/site-packages/genshi/template/markup.py", line 286, in _strip event = stream.next() File "/usr/lib/python2.4/site-packages/genshi/template/markup.py", line 242, in _exec for event in stream: File "/usr/lib/python2.4/site-packages/genshi/template/base.py", line 398, in _eval for kind, data, pos in stream: File "/usr/lib/python2.4/site-packages/genshi/template/base.py", line 448, in _flatten for event in self._flatten(substream, ctxt): File "/usr/lib/python2.4/site-packages/genshi/template/base.py", line 447, in _flatten substream = _apply_directives(substream, ctxt, directives) File "/usr/lib/python2.4/site-packages/genshi/template/base.py", line 256, in _apply_directives stream = directives[0](iter(stream), ctxt, directives[1:]) File "/usr/lib/python2.4/site-packages/genshi/template/directives.py", line 386, in __call__ if self.expr.evaluate(ctxt): File "/usr/lib/python2.4/site-packages/genshi/template/eval.py", line 136, in evaluate return eval(self.code, _globals, {'data': data}) File "/srv/fedora-infrastructure/fas/fas/templates/home.html", line 26, in ${_('Click-through CLA')} (${_('GPG Sign it!')}) File "/usr/lib/python2.4/site-packages/genshi/template/eval.py", line 261, in lookup_name val = cls.undefined(name) File "/usr/lib/python2.4/site-packages/genshi/template/eval.py", line 356, in undefined raise UndefinedError(key, owner=owner) UndefinedError: "personal" not defined -- Thanks and Regards, Susmit. ====================================== ssh 0x86DD170A http://www.fedoraproject.org/wiki/SusmitShannigrahi ====================================== -- Thanks and Regards, Susmit. ====================================== ssh 0x86DD170A http://www.fedoraproject.org/wiki/SusmitShannigrahi ====================================== From ricky at fedoraproject.org Sat Mar 8 03:04:07 2008 From: ricky at fedoraproject.org (Ricky Zhou) Date: Fri, 7 Mar 2008 22:04:07 -0500 Subject: Announcing FAS2 Tests! In-Reply-To: References: <47D004BA.5000508@wormgoor.com> <20080307204637.GS16254@Max.nyc1.dsl.speakeasy.net> Message-ID: <20080308030407.GX16254@Max.nyc1.dsl.speakeasy.net> On 2008-03-08 08:25:15 AM, susmit shannigrahi wrote: > Trying to log in now gives error 500 (check for click through cla ?? > most probably) Ah, thanks! When I copy/pasted the CLA stuff, I ended up referring to the "personal" variable, which didn't exist there. This should be fixed now. Thanks, Ricky -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From mmcgrath at redhat.com Sat Mar 8 17:38:20 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Sat, 8 Mar 2008 11:38:20 -0600 (CST) Subject: proxy2 Message-ID: Forgot to mention proxy2 has been re-installed. If you try to ssh to it and you get a key notification, thats why. -Mike From mmcgrath at redhat.com Sat Mar 8 18:36:26 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Sat, 8 Mar 2008 12:36:26 -0600 (CST) Subject: But 429469 Message-ID: In our efforts to track down https://bugzilla.redhat.com/429459 I've disabled all iscsi on xen2. Some of those guests have been moved elsewhere, and some of them have been converted to local storage. Please do not enable iscsi on xen2 without coordinating it and making sure we're not in the middle of something on that ticket. -Mike From frankc.fedora at gmail.com Sat Mar 8 21:20:19 2008 From: frankc.fedora at gmail.com (Frank Chiulli) Date: Sat, 8 Mar 2008 13:20:19 -0800 Subject: But 429469 In-Reply-To: References: Message-ID: On Sat, Mar 8, 2008 at 10:36 AM, Mike McGrath wrote: > In our efforts to track down https://bugzilla.redhat.com/429459 I've > disabled all iscsi on xen2. Some of those guests have been moved > elsewhere, and some of them have been converted to local storage. > > Please do not enable iscsi on xen2 without coordinating it and making sure > we're not in the middle of something on that ticket. > > -Mike > > _______________________________________________ > Fedora-infrastructure-list mailing list > Fedora-infrastructure-list at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list > Is that the right ticket? 429459's title is "Sound should be turned off on locked screens" Frank From linux at elfshadow.net Sat Mar 8 21:31:17 2008 From: linux at elfshadow.net (Jeffrey Tadlock) Date: Sat, 8 Mar 2008 16:31:17 -0500 Subject: But 429469 In-Reply-To: References: Message-ID: <10e0a9b00803081331u112aeae7o55346145f1cba32c@mail.gmail.com> On Sat, Mar 8, 2008 at 4:20 PM, Frank Chiulli wrote: > On Sat, Mar 8, 2008 at 10:36 AM, Mike McGrath wrote: > > In our efforts to track down https://bugzilla.redhat.com/429459 I've > > disabled all iscsi on xen2. Some of those guests have been moved > > elsewhere, and some of them have been converted to local storage. > > Is that the right ticket? 429459's title is "Sound should be turned > off on locked screens" This is the right link: https://bugzilla.redhat.com/show_bug.cgi?id=429469 The subject line had the right BZ# though. ~Jeffrey From mmcgrath at redhat.com Sat Mar 8 22:18:31 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Sat, 8 Mar 2008 16:18:31 -0600 (CST) Subject: But 429469 In-Reply-To: <10e0a9b00803081331u112aeae7o55346145f1cba32c@mail.gmail.com> References: <10e0a9b00803081331u112aeae7o55346145f1cba32c@mail.gmail.com> Message-ID: On Sat, 8 Mar 2008, Jeffrey Tadlock wrote: > On Sat, Mar 8, 2008 at 4:20 PM, Frank Chiulli wrote: > > On Sat, Mar 8, 2008 at 10:36 AM, Mike McGrath wrote: > > > In our efforts to track down https://bugzilla.redhat.com/429459 I've > > > disabled all iscsi on xen2. Some of those guests have been moved > > > elsewhere, and some of them have been converted to local storage. > > > > Is that the right ticket? 429459's title is "Sound should be turned > > off on locked screens" > > This is the right link: > > https://bugzilla.redhat.com/show_bug.cgi?id=429469 > > The subject line had the right BZ# though. > I'm losing it, should have been 'bug' should have been number 429469 -Mike From mmcgrath at redhat.com Sun Mar 9 22:49:11 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Sun, 9 Mar 2008 17:49:11 -0500 (CDT) Subject: Host DOWN alert for gateway! (fwd) Message-ID: Was anyone on these boxes when this happened or by chance caused it? The outage was very short probably less than a minute, I'm digging through lots and such but I thought I'd ask. I think it was a network issue or possibly OpenVPN as bastion never actually was down. -Mike ---------- Forwarded message ---------- Date: Sun, 9 Mar 2008 21:30:02 GMT From: Nagios Monitoring User To: mmcgrath at redhat.com Subject: Host DOWN alert for gateway! ***** Nagios ***** Notification Type: PROBLEM Host: gateway State: DOWN Address: gateway.vpn.fedoraproject.org Info: PING CRITICAL - Packet loss = 100% Date/Time: Sun Mar 9 21:30:02 UTC 2008 From wtogami at redhat.com Mon Mar 10 05:18:33 2008 From: wtogami at redhat.com (Warren Togami) Date: Mon, 10 Mar 2008 01:18:33 -0400 Subject: Rename cvsextras during FAS2 switch? Message-ID: <47D4C4A9.3050208@redhat.com> Hi folks, I am wondering, might it be a good time to s/cvsextras/packager/ during the move to FAS2? It might be an opportune time because everything will be down anyway? I am just afraid if we don't do it now we might still have it a year from now. =) Just a thought. Warren From mmcgrath at redhat.com Mon Mar 10 13:28:34 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Mon, 10 Mar 2008 08:28:34 -0500 (CDT) Subject: Rename cvsextras during FAS2 switch? In-Reply-To: <47D4C4A9.3050208@redhat.com> References: <47D4C4A9.3050208@redhat.com> Message-ID: On Mon, 10 Mar 2008, Warren Togami wrote: > Hi folks, > > I am wondering, might it be a good time to s/cvsextras/packager/ during the > move to FAS2? It might be an opportune time because everything will be down > anyway? > > I am just afraid if we don't do it now we might still have it a year from now. > =) > > Just a thought. > I'm fine with that but I'll have too much other stuff going on to own that tasks (fix what it breaks) anyone else up to it? -Mike From mikeb at redhat.com Mon Mar 10 14:53:20 2008 From: mikeb at redhat.com (Mike Bonnet) Date: Mon, 10 Mar 2008 10:53:20 -0400 Subject: Rename cvsextras during FAS2 switch? In-Reply-To: <47D4C4A9.3050208@redhat.com> References: <47D4C4A9.3050208@redhat.com> Message-ID: <1205160801.16551.0.camel@burren.boston.redhat.com> On Mon, 2008-03-10 at 01:18 -0400, Warren Togami wrote: > Hi folks, > > I am wondering, might it be a good time to s/cvsextras/packager/ during > the move to FAS2? It might be an opportune time because everything will > be down anyway? > > I am just afraid if we don't do it now we might still have it a year > from now. =) Didn't this change get deferred earlier because of the amount of documentation that would need to be updated? From dimitris at glezos.com Tue Mar 11 00:54:44 2008 From: dimitris at glezos.com (Dimitris Glezos) Date: Tue, 11 Mar 2008 02:54:44 +0200 Subject: Rename cvsextras during FAS2 switch? In-Reply-To: <47D4C4A9.3050208@redhat.com> References: <47D4C4A9.3050208@redhat.com> Message-ID: <6d4237680803101754i7d2155d1t8dbe52c99fa04f65@mail.gmail.com> On Mon, Mar 10, 2008 at 7:18 AM, Warren Togami wrote: > Hi folks, > > I am wondering, might it be a good time to s/cvsextras/packager/ during > the move to FAS2? It might be an opportune time because everything will > be down anyway? > > I am just afraid if we don't do it now we might still have it a year > from now. =) Same for cvsl10n to l10n/translator. -d -- Dimitris Glezos Jabber ID: glezos at jabber.org, GPG: 0xA5A04C3B http://dimitris.glezos.com/ "He who gives up functionality for ease of use loses both and deserves neither." (Anonymous) -- From opensource at till.name Tue Mar 11 13:15:50 2008 From: opensource at till.name (Till Maas) Date: Tue, 11 Mar 2008 14:15:50 +0100 Subject: another issue to fix with the FAS2 switch: Kojis ssl certificate Message-ID: <200803111415.54527.opensource@till.name> Hiyas, now that everyone needs to change his password, can we now also deploy the new certifcate for koji? This will make it possible to verify whether or not one can trust the certificate for koji and the ticket[1] is now 7 months old, i.e. about a full Fedora release cycle. Therefore I guess there won't be a better time than now. Regards, Till [1] https://fedorahosted.org/fedora-infrastructure/ticket/88 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 827 bytes Desc: This is a digitally signed message part. URL: From mmcgrath at redhat.com Tue Mar 11 16:19:53 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Tue, 11 Mar 2008 11:19:53 -0500 (CDT) Subject: Rename cvsextras during FAS2 switch? In-Reply-To: <6d4237680803101754i7d2155d1t8dbe52c99fa04f65@mail.gmail.com> References: <47D4C4A9.3050208@redhat.com> <6d4237680803101754i7d2155d1t8dbe52c99fa04f65@mail.gmail.com> Message-ID: On Tue, 11 Mar 2008, Dimitris Glezos wrote: > On Mon, Mar 10, 2008 at 7:18 AM, Warren Togami wrote: > > Hi folks, > > > > I am wondering, might it be a good time to s/cvsextras/packager/ during > > the move to FAS2? It might be an opportune time because everything will > > be down anyway? > > > > I am just afraid if we don't do it now we might still have it a year > > from now. =) > > Same for cvsl10n to l10n/translator. > It doesn't seem anyone claimed this so it looks like it won't get done. Man we need more people around, there's a ton of stuff that just isn't getting done. -Mike From dennis at ausil.us Tue Mar 11 16:22:20 2008 From: dennis at ausil.us (Dennis Gilmore) Date: Tue, 11 Mar 2008 11:22:20 -0500 Subject: another issue to fix with the FAS2 switch: Kojis ssl certificate In-Reply-To: <200803111415.54527.opensource@till.name> References: <200803111415.54527.opensource@till.name> Message-ID: <200803111122.30131.dennis@ausil.us> On Tuesday 11 March 2008, Till Maas wrote: > Hiyas, > > now that everyone needs to change his password, can we now also deploy the > new certifcate for koji? This will make it possible to verify whether or > not one can trust the certificate for koji and the ticket[1] is now 7 > months old, i.e. about a full Fedora release cycle. Therefore I guess there > won't be a better time than now. > > Regards, > Till > > [1] https://fedorahosted.org/fedora-infrastructure/ticket/88 No, Because it will break user certs. To make it work would require that users all get entirely new server cert files. We need to redo our entire CA system. We also need to consider the ramifications for Secondary arches, deploying a new CA would require each and every Secondary arch to purchase a cert from the same CA. or somebody to purchase a cert that covered *.koji.fedoraproject.org from the same CA. we are looking at deploying the hub on a separate box from the frontend which would allow us to do what you are wanting but would not look after secondary arches. We currently use 2 different CA's in our setup. One that is used only for user certs and one that is used for the builders and frontend. I would like to move to a new Single CA setup. In this world when you import your fedora user cert for browser authentication you would automatically recognise the CA. though this would only be valid for Fedora contributors. right now we have up ia64.koji.fedoraproject.org and sparc.koji.fedoraproject.org in addition to koji.fedoraproject.org you can log into any of them using your fedora cert. We need to ensure that this is always the case. in addition we will soon have s390.koji.fedoraproject.org and eventually arm.fedoraproject.org and alpha.fedoraproject.org as well as any others that come along say mips/mips64, hppa, whatever arch someone wants to support. all of which we need to be able to provide authentication for users across all servers with one usercert. Please bring up ideas on redoing our CA infrastructure We need to start a project to do it. Im hope that Red Hat open sources Red Hat Certificate System soon as id like to evaluate it to see if it will work for us. the secondary arch hubs know about the user CA and have a cert from the builder CA and know about it as well. in addition they use their own 3rd CA for identifying the builders, kojira, garbage collection, etc Dennis -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part. URL: From bneijt at gmail.com Tue Mar 11 17:16:09 2008 From: bneijt at gmail.com (Bram Neijt) Date: Tue, 11 Mar 2008 18:16:09 +0100 Subject: Metalink support Message-ID: <46c2f4ab0803111016i23d7b5ave0a90aa4116d2c85@mail.gmail.com> Hi everybody, My name is Bram and I'm one of the developers the metalink tools project. I've heard that somebody tried to implement metalinks as part of the mirrormanager project and failed to get an agreable patch. I'm new to mirrormanager but I would like to see if I can find a way to help you guys with hosting metalinks in a usefull way. Even if it means it has to be done outside of the mirrormanager. Are there any opinions floating around about how metalinks could be implemented/created? Greetings, Bram PS I have some ideas, but as I'm new to this list I don't want to start dictating solutions. Feel free to invite me to do so ;-) From opensource at till.name Tue Mar 11 20:52:13 2008 From: opensource at till.name (Till Maas) Date: Tue, 11 Mar 2008 21:52:13 +0100 Subject: another issue to fix with the FAS2 switch: Kojis ssl certificate In-Reply-To: <200803111122.30131.dennis@ausil.us> References: <200803111415.54527.opensource@till.name> <200803111122.30131.dennis@ausil.us> Message-ID: <200803112152.17951.opensource@till.name> On Tue March 11 2008, Dennis Gilmore wrote: > On Tuesday 11 March 2008, Till Maas wrote: > > Hiyas, > > > > now that everyone needs to change his password, can we now also deploy > > the new certifcate for koji? This will make it possible to verify whether > > or not one can trust the certificate for koji and the ticket[1] is now 7 > > months old, i.e. about a full Fedora release cycle. Therefore I guess > > there won't be a better time than now. > > > > Regards, > > Till > > > > [1] https://fedorahosted.org/fedora-infrastructure/ticket/88 > > No, Because it will break user certs. To make it work would require that > users all get entirely new server cert files. We need to redo our entire > CA system. We also need to consider the ramifications for Secondary > arches, deploying a new CA would require each and every Secondary arch to > purchase a cert from the same CA. or somebody to purchase a cert that > covered *.koji.fedoraproject.org from the same CA. > > we are looking at deploying the hub on a separate box from the frontend > which would allow us to do what you are wanting but would not look after > secondary arches. How about making the hub (I assume this is only used by automated processes and not manually) listen on a different port than 443? Then the web interface could use the new well know certificate. The automated processes the internal ones, where imho using a own ca does not hurt. Also using a different port should be only a matter of configuring it once. The secondary arch instances could then use a cacert[0] certificate, which are free and are trusted by some browsers already for the web interface. > We currently use 2 different CA's in our setup. One that is used only for > user certs and one that is used for the builders and frontend. I would > like to move to a new Single CA setup. In this world when you import your > fedora user cert for browser authentication you would automatically > recognise the CA. though this would only be valid for Fedora contributors. Is this only about Koji or Fedoraprojet in general? Imho it is better to use a well known CA for the frontend (website) and an own one for internal stuff instead of using an own one for everything. Regards, Till [0] https://cacert.org -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 827 bytes Desc: This is a digitally signed message part. URL: From mikeb at redhat.com Tue Mar 11 21:16:15 2008 From: mikeb at redhat.com (Mike Bonnet) Date: Tue, 11 Mar 2008 17:16:15 -0400 Subject: another issue to fix with the FAS2 switch: Kojis ssl certificate In-Reply-To: <200803112152.17951.opensource@till.name> References: <200803111415.54527.opensource@till.name> <200803111122.30131.dennis@ausil.us> <200803112152.17951.opensource@till.name> Message-ID: <1205270175.4133.7.camel@localhost.localdomain> On Tue, 2008-03-11 at 21:52 +0100, Till Maas wrote: > On Tue March 11 2008, Dennis Gilmore wrote: > > On Tuesday 11 March 2008, Till Maas wrote: > > > Hiyas, > > > > > > now that everyone needs to change his password, can we now also deploy > > > the new certifcate for koji? This will make it possible to verify whether > > > or not one can trust the certificate for koji and the ticket[1] is now 7 > > > months old, i.e. about a full Fedora release cycle. Therefore I guess > > > there won't be a better time than now. > > > > > > Regards, > > > Till > > > > > > [1] https://fedorahosted.org/fedora-infrastructure/ticket/88 > > > > No, Because it will break user certs. To make it work would require that > > users all get entirely new server cert files. We need to redo our entire > > CA system. We also need to consider the ramifications for Secondary > > arches, deploying a new CA would require each and every Secondary arch to > > purchase a cert from the same CA. or somebody to purchase a cert that > > covered *.koji.fedoraproject.org from the same CA. > > > > we are looking at deploying the hub on a separate box from the frontend > > which would allow us to do what you are wanting but would not look after > > secondary arches. > > How about making the hub (I assume this is only used by automated processes > and not manually) listen on a different port than 443? Then the web interface > could use the new well know certificate. The automated processes the internal > ones, where imho using a own ca does not hurt. Also using a different port > should be only a matter of configuring it once. > The secondary arch instances could then use a cacert[0] certificate, which are > free and are trusted by some browsers already for the web interface. The Koji cli communicates with the hub for all operations, so it would require everyone to update their Koji config. In addition, I'm sure running ssl on a non-standard port would mess with some people's proxy/firewall setups. I don't think this is the best solution. From mmcgrath at redhat.com Tue Mar 11 21:21:36 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Tue, 11 Mar 2008 16:21:36 -0500 (CDT) Subject: another issue to fix with the FAS2 switch: Kojis ssl certificate In-Reply-To: <1205270175.4133.7.camel@localhost.localdomain> References: <200803111415.54527.opensource@till.name> <200803111122.30131.dennis@ausil.us> <200803112152.17951.opensource@till.name> <1205270175.4133.7.camel@localhost.localdomain> Message-ID: On Tue, 11 Mar 2008, Mike Bonnet wrote: > On Tue, 2008-03-11 at 21:52 +0100, Till Maas wrote: > > On Tue March 11 2008, Dennis Gilmore wrote: > > > On Tuesday 11 March 2008, Till Maas wrote: > > > > Hiyas, > > > > > > > > now that everyone needs to change his password, can we now also deploy > > > > the new certifcate for koji? This will make it possible to verify whether > > > > or not one can trust the certificate for koji and the ticket[1] is now 7 > > > > months old, i.e. about a full Fedora release cycle. Therefore I guess > > > > there won't be a better time than now. > > > > > > > > Regards, > > > > Till > > > > > > > > [1] https://fedorahosted.org/fedora-infrastructure/ticket/88 > > > > > > No, Because it will break user certs. To make it work would require that > > > users all get entirely new server cert files. We need to redo our entire > > > CA system. We also need to consider the ramifications for Secondary > > > arches, deploying a new CA would require each and every Secondary arch to > > > purchase a cert from the same CA. or somebody to purchase a cert that > > > covered *.koji.fedoraproject.org from the same CA. > > > > > > we are looking at deploying the hub on a separate box from the frontend > > > which would allow us to do what you are wanting but would not look after > > > secondary arches. > > > > How about making the hub (I assume this is only used by automated processes > > and not manually) listen on a different port than 443? Then the web interface > > could use the new well know certificate. The automated processes the internal > > ones, where imho using a own ca does not hurt. Also using a different port > > should be only a matter of configuring it once. > > The secondary arch instances could then use a cacert[0] certificate, which are > > free and are trusted by some browsers already for the web interface. > > The Koji cli communicates with the hub for all operations, so it would > require everyone to update their Koji config. In addition, I'm sure > running ssl on a non-standard port would mess with some people's > proxy/firewall setups. I don't think this is the best solution. > It's really not that we don't want to do this. It's a lot of work with high potential for breakage and annoyance to everyone and the benefit to most people is unclear. -Mike From dennis at ausil.us Tue Mar 11 21:32:48 2008 From: dennis at ausil.us (Dennis Gilmore) Date: Tue, 11 Mar 2008 16:32:48 -0500 Subject: another issue to fix with the FAS2 switch: Kojis ssl certificate In-Reply-To: <200803112152.17951.opensource@till.name> References: <200803111415.54527.opensource@till.name> <200803111122.30131.dennis@ausil.us> <200803112152.17951.opensource@till.name> Message-ID: <200803111632.58528.dennis@ausil.us> On Tuesday 11 March 2008, Till Maas wrote: > On Tue March 11 2008, Dennis Gilmore wrote: > > On Tuesday 11 March 2008, Till Maas wrote: > > > Hiyas, > > > > > > now that everyone needs to change his password, can we now also deploy > > > the new certifcate for koji? This will make it possible to verify > > > whether or not one can trust the certificate for koji and the ticket[1] > > > is now 7 months old, i.e. about a full Fedora release cycle. Therefore > > > I guess there won't be a better time than now. > > > > > > Regards, > > > Till > > > > > > [1] https://fedorahosted.org/fedora-infrastructure/ticket/88 > > > > No, Because it will break user certs. To make it work would require > > that users all get entirely new server cert files. We need to redo our > > entire CA system. We also need to consider the ramifications for > > Secondary arches, deploying a new CA would require each and every > > Secondary arch to purchase a cert from the same CA. or somebody to > > purchase a cert that covered *.koji.fedoraproject.org from the same CA. > > > > we are looking at deploying the hub on a separate box from the frontend > > which would allow us to do what you are wanting but would not look after > > secondary arches. > > How about making the hub (I assume this is only used by automated processes > and not manually) listen on a different port than 443? Then the web > interface could use the new well know certificate. The automated processes > the internal ones, where imho using a own ca does not hurt. Also using a > different port should be only a matter of configuring it once. > The secondary arch instances could then use a cacert[0] certificate, which > are free and are trusted by some browsers already for the web interface. if we use CACert we would have ship it in the browsers we supply. currently no browser shipped with fedora does and if we did such we would use it for all services. and would require changes to all users koji configs. people who are not using fedora would be in the same situation as they are now. AFAIK only CentOS ships browsers with CACerts root cert. > > We currently use 2 different CA's in our setup. One that is used only > > for user certs and one that is used for the builders and frontend. I > > would like to move to a new Single CA setup. In this world when you > > import your fedora user cert for browser authentication you would > > automatically recognise the CA. though this would only be valid for > > Fedora contributors. > > Is this only about Koji or Fedoraprojet in general? Imho it is better to > use a well known CA for the frontend (website) and an own one for internal > stuff instead of using an own one for everything. the user certs are used to authenticate the user for uploading new tarballs and koji/plague access. there is work underway to allow them to be used to authenticate for other fedora webapps also. Dennis -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part. URL: From mmcgrath at redhat.com Tue Mar 11 21:34:45 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Tue, 11 Mar 2008 16:34:45 -0500 (CDT) Subject: another issue to fix with the FAS2 switch: Kojis ssl certificate In-Reply-To: <200803111632.58528.dennis@ausil.us> References: <200803111415.54527.opensource@till.name> <200803111122.30131.dennis@ausil.us> <200803112152.17951.opensource@till.name> <200803111632.58528.dennis@ausil.us> Message-ID: On Tue, 11 Mar 2008, Dennis Gilmore wrote: > On Tuesday 11 March 2008, Till Maas wrote: > > On Tue March 11 2008, Dennis Gilmore wrote: > > > On Tuesday 11 March 2008, Till Maas wrote: > > > > Hiyas, > > > > > > > > now that everyone needs to change his password, can we now also deploy > > > > the new certifcate for koji? This will make it possible to verify > > > > whether or not one can trust the certificate for koji and the ticket[1] > > > > is now 7 months old, i.e. about a full Fedora release cycle. Therefore > > > > I guess there won't be a better time than now. > > > > > > > > Regards, > > > > Till > > > > > > > > [1] https://fedorahosted.org/fedora-infrastructure/ticket/88 > > > > > > No, Because it will break user certs. To make it work would require > > > that users all get entirely new server cert files. We need to redo our > > > entire CA system. We also need to consider the ramifications for > > > Secondary arches, deploying a new CA would require each and every > > > Secondary arch to purchase a cert from the same CA. or somebody to > > > purchase a cert that covered *.koji.fedoraproject.org from the same CA. > > > > > > we are looking at deploying the hub on a separate box from the frontend > > > which would allow us to do what you are wanting but would not look after > > > secondary arches. > > > > How about making the hub (I assume this is only used by automated processes > > and not manually) listen on a different port than 443? Then the web > > interface could use the new well know certificate. The automated processes > > the internal ones, where imho using a own ca does not hurt. Also using a > > different port should be only a matter of configuring it once. > > The secondary arch instances could then use a cacert[0] certificate, which > > are free and are trusted by some browsers already for the web interface. > > if we use CACert we would have ship it in the browsers we supply. currently > no browser shipped with fedora does and if we did such we would use it for > all services. and would require changes to all users koji configs. people > who are not using fedora would be in the same situation as they are now. > AFAIK only CentOS ships browsers with CACerts root cert. > Side note about this, I'm pretty sure if we do it we can't call "firefox" "firefox" anymore. -Mike From mmcgrath at redhat.com Wed Mar 12 03:27:58 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Tue, 11 Mar 2008 22:27:58 -0500 (CDT) Subject: FAS2 ships! Message-ID: FAS2 has shipped. Its getting a bit late in the evening so I'm not going ot enable the cron job qute yet so don't be surprised if your account information for shell access is stale until tomorrow morning. Most of our end users should be unaffected though. -Mike From Matt_Domsch at dell.com Wed Mar 12 03:46:31 2008 From: Matt_Domsch at dell.com (Matt Domsch) Date: Tue, 11 Mar 2008 22:46:31 -0500 Subject: Metalink support In-Reply-To: <46c2f4ab0803111016i23d7b5ave0a90aa4116d2c85@mail.gmail.com> References: <46c2f4ab0803111016i23d7b5ave0a90aa4116d2c85@mail.gmail.com> Message-ID: <20080312034631.GA15417@auslistsprd01.us.dell.com> On Tue, Mar 11, 2008 at 06:16:09PM +0100, Bram Neijt wrote: > Hi everybody, > > My name is Bram and I'm one of the developers the metalink tools > project. I've heard that somebody tried to implement metalinks as part > of the mirrormanager project and failed to get an agreable patch. > > I'm new to mirrormanager but I would like to see if I can find a way > to help you guys with hosting metalinks in a usefull way. Even if it > means it has to be done outside of the mirrormanager. > > Are there any opinions floating around about how metalinks could be > implemented/created? > > Greetings, > Bram > > PS I have some ideas, but as I'm new to this list I don't want to > start dictating solutions. Feel free to invite me to do so ;-) Rene Leonhardt looked into this in early February and had a start on it, but I haven't heard back in several weeks. -- Matt Domsch Linux Technology Strategist, Dell Office of the CTO linux.dell.com & www.dell.com/linux From thinklinux.ssh at gmail.com Wed Mar 12 07:44:55 2008 From: thinklinux.ssh at gmail.com (susmit shannigrahi) Date: Wed, 12 Mar 2008 13:14:55 +0530 Subject: ssh problem. Its me or the server ? Message-ID: Hi, I am trying to ssh into bastion.fedoraproject.org using my new public key. (id_dsa.pub) For this > I have created a new set of key. > Uploaded the public one by editing my fedora account. But whenever I am trying to connect the server returns permission denied. I have verified that my ip is not in deny list. Is there anything I missed? Or its some problem due to migration? (Unlikely) Is there any sync delay? The output is attached herewith. -- Regards, Susmit. ============================================= ssh 0x86DD170A http://www.fedoraproject.org/wiki/SusmitShannigrahi ============================================= -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: ssh.txt URL: From opensource at till.name Wed Mar 12 08:29:04 2008 From: opensource at till.name (Till Maas) Date: Wed, 12 Mar 2008 09:29:04 +0100 Subject: another issue to fix with the FAS2 switch: Kojis ssl certificate In-Reply-To: <200803111632.58528.dennis@ausil.us> References: <200803111415.54527.opensource@till.name> <200803112152.17951.opensource@till.name> <200803111632.58528.dennis@ausil.us> Message-ID: <200803120929.17828.opensource@till.name> On Tue March 11 2008, Dennis Gilmore wrote: > On Tuesday 11 March 2008, Till Maas wrote: > > How about making the hub (I assume this is only used by automated > > processes and not manually) listen on a different port than 443? Then the > > web interface could use the new well know certificate. The automated > > processes the internal ones, where imho using a own ca does not hurt. > > Also using a different port should be only a matter of configuring it > > once. > > The secondary arch instances could then use a cacert[0] certificate, > > which are free and are trusted by some browsers already for the web > > interface. > > if we use CACert we would have ship it in the browsers we supply. > currently no browser shipped with fedora does and if we did such we would > use it for all services. and would require changes to all users koji > configs. people who are not using fedora would be in the same situation > as they are now. AFAIK only CentOS ships browsers with CACerts root cert. The certificate for the currently used CA is not shipped within Fedora browsers, too. Otherwise I probably would not have noticed the certificate of Koji. Thererfore using cacert would be no regression this way. Btw. is it really needed that the client and server certificates are signed by the same CA? The apache docu only mentions in for SSLCACertificateFile only client authentication: http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslcacertificatefile Regards, Till -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 827 bytes Desc: This is a digitally signed message part. URL: From opensource at till.name Wed Mar 12 10:26:28 2008 From: opensource at till.name (Till Maas) Date: Wed, 12 Mar 2008 11:26:28 +0100 Subject: another issue to fix with the FAS2 switch: Kojis ssl certificate In-Reply-To: <200803111122.30131.dennis@ausil.us> References: <200803111415.54527.opensource@till.name> <200803111122.30131.dennis@ausil.us> Message-ID: <200803121126.35472.opensource@till.name> On Tue March 11 2008, Dennis Gilmore wrote: > On Tuesday 11 March 2008, Till Maas wrote: > > [1] https://fedorahosted.org/fedora-infrastructure/ticket/88 > > No, Because it will break user certs. To make it work would require that > users all get entirely new server cert files. We need to redo our entire Making the user adjust his koji config for this is afaics unavoidable, except when nothing is changed. To make future transitions easier, the ca could be bundled into the fedora-packager package, so that the ca is updated automatically when needed. > CA system. We also need to consider the ramifications for Secondary > arches, deploying a new CA would require each and every Secondary arch to > purchase a cert from the same CA. or somebody to purchase a cert that > covered *.koji.fedoraproject.org from the same CA. I do not see a reason for this, what does need this? According to the pyOpenSSL manual[1] the koji client can load several ca files to authenticate the server certificate, because the pem file that is loaded with load_client_ca can contain several certificates, e.g. the current one and the Equifax one. Regards, Till [1] http://pyopenssl.sourceforge.net/pyOpenSSL.ps -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 827 bytes Desc: This is a digitally signed message part. URL: From opensource at till.name Wed Mar 12 10:28:05 2008 From: opensource at till.name (Till Maas) Date: Wed, 12 Mar 2008 11:28:05 +0100 Subject: another issue to fix with the FAS2 switch: Kojis ssl certificate In-Reply-To: <200803120929.17828.opensource@till.name> References: <200803111415.54527.opensource@till.name> <200803111632.58528.dennis@ausil.us> <200803120929.17828.opensource@till.name> Message-ID: <200803121128.05689.opensource@till.name> On Wed March 12 2008, Till Maas wrote: > Btw. is it really needed that the client and server certificates are signed > by the same CA? Please ignore this question, what I wanted to ask is what I asked in the other mail I just wrote. Regards, Till -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 827 bytes Desc: This is a digitally signed message part. URL: From opensource at till.name Wed Mar 12 10:31:31 2008 From: opensource at till.name (Till Maas) Date: Wed, 12 Mar 2008 11:31:31 +0100 Subject: another issue to fix with the FAS2 switch: Kojis ssl certificate In-Reply-To: <200803121126.35472.opensource@till.name> References: <200803111415.54527.opensource@till.name> <200803111122.30131.dennis@ausil.us> <200803121126.35472.opensource@till.name> Message-ID: <200803121131.31842.opensource@till.name> On Wed March 12 2008, Till Maas wrote: > with > load_client_ca can contain several certificates, e.g. the current one and > the Equifax one. The relevant function here is load_verify_locations, not load_client_ca. Regards, Till -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 827 bytes Desc: This is a digitally signed message part. URL: From mmcgrath at redhat.com Wed Mar 12 16:04:42 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Wed, 12 Mar 2008 11:04:42 -0500 (CDT) Subject: ssh problem. Its me or the server ? In-Reply-To: References: Message-ID: On Wed, 12 Mar 2008, susmit shannigrahi wrote: > Hi, > > I am trying to ssh into bastion.fedoraproject.org using my new public > key. (id_dsa.pub) > For this > > > I have created a new set of key. > > Uploaded the public one by editing my fedora account. > > But whenever I am trying to connect the server returns permission denied. > I have verified that my ip is not in deny list. > > Is there anything I missed? Or its some problem due to migration? (Unlikely) > Is there any sync delay? > There is a sync delay. I'll be playing with multiple values, I've got fas2 set at a 15 minute sync right now everywher eexcept for cvs (which is still at an hour) -Mike From mmcgrath at redhat.com Wed Mar 12 16:06:06 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Wed, 12 Mar 2008 11:06:06 -0500 (CDT) Subject: FAS2 ships! In-Reply-To: References: Message-ID: On Tue, 11 Mar 2008, Mike McGrath wrote: > FAS2 has shipped. Its getting a bit late in the evening so I'm not going > ot enable the cron job qute yet so don't be surprised if your account > information for shell access is stale until tomorrow morning. > > Most of our end users should be unaffected though. > Side note about this! If your user gets deleted or removed from a group your home directory may get removed (moved to /tmp/fedora until tmpwatch gets it) This may have happened to your home directory during the migration. ** IF YOU HAVE SOMETHING VALUABLE IN YOUR HOME DIR - MAKE SURE IT IS STILL THERE ** -Mike From johnp at redhat.com Thu Mar 13 20:40:03 2008 From: johnp at redhat.com (John (J5) Palmieri) Date: Thu, 13 Mar 2008 16:40:03 -0400 Subject: MyFedora cross domain authentication issues Message-ID: <1205440803.5068.19.camel@localhost.localdomain> Hi guys, We just recently got a test instance up at publictest10 and I have started working on accessing resources as an authenticated user. There is a large issue here however since the browser's security model rightfully prevents us from doing requests such as this. There are several ways around this security all with their own pitfalls. The first one which I use is to have a proxy page which make the calls on the server which is not subject to the security concerns. The issue with this is it can't be authenticated and involves shipping data through an extra server. The second way is to use JSONP callback script injection. This one involves the json call returning data as a javascript callback which is then script injected into the page and eval'ed. This is extremely insecure as it allows the server to send back any javascript which is executed on the user's browser. I've tested this by sending an alert back from bohdi's 'list' call and it can display any data available to the browser. Another way which I am not sure is possible would be to do URL rewriting to make it look like all of our resources are coming from the same domain, e.g. http://myfedora.fedoraproject.org/bodhi would be rewritten to point to a bodhi instance. Though this might work if they were running under the same apache instance, I am pretty sure it would fall down if they were running on different servers. The last way, which I discussed with the Fas guys sometime back would be the ability to forward credentials from a proxy. This would require Fas support that I am pretty sure is not there yet. I'm not even sure how it would be implemented. In any case, there is the issue that needs to be solved. Any input would be great. -- John (J5) Palmieri From a.badger at gmail.com Thu Mar 13 22:59:40 2008 From: a.badger at gmail.com (Toshio Kuratomi) Date: Thu, 13 Mar 2008 17:59:40 -0500 Subject: MyFedora cross domain authentication issues In-Reply-To: <1205440803.5068.19.camel@localhost.localdomain> References: <1205440803.5068.19.camel@localhost.localdomain> Message-ID: <47D9B1DC.4070502@gmail.com> John (J5) Palmieri wrote: > Hi guys, > > We just recently got a test instance up at publictest10 and I have > started working on accessing resources as an authenticated user. There > is a large issue here however since the browser's security model > rightfully prevents us from doing requests such as this. There are > several ways around this security all with their own pitfalls. > > The first one which I use is to have a proxy page which make the calls > on the server which is not subject to the security concerns. The issue > with this is it can't be authenticated and involves shipping data > through an extra server. > > The second way is to use JSONP callback script injection. This one > involves the json call returning data as a javascript callback which is > then script injected into the page and eval'ed. This is extremely > insecure as it allows the server to send back any javascript which is > executed on the user's browser. I've tested this by sending an alert > back from bohdi's 'list' call and it can display any data available to > the browser. > > Another way which I am not sure is possible would be to do URL rewriting > to make it look like all of our resources are coming from the same > domain, e.g. http://myfedora.fedoraproject.org/bodhi would be rewritten > to point to a bodhi instance. Though this might work if they were > running under the same apache instance, I am pretty sure it would fall > down if they were running on different servers. > > The last way, which I discussed with the Fas guys sometime back would be > the ability to forward credentials from a proxy. This would require Fas > support that I am pretty sure is not there yet. I'm not even sure how > it would be implemented. > J5: Look at how jsonfas is implemented and tell me if that would for ths model. bzr branch bzr://bzr.fedorahosted.org/bzr/python-fedora/python-fedora-devel cd python-fedora-devel/fedora/tg/identity vim jsonfasprovider.py # Take a look at JsonFasIdentity -Toshio -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: OpenPGP digital signature URL: From frankc.fedora at gmail.com Fri Mar 14 03:26:18 2008 From: frankc.fedora at gmail.com (Frank Chiulli) Date: Thu, 13 Mar 2008 20:26:18 -0700 Subject: Password Migration Message-ID: Should the password migration associated with FAS2 be complete by now? I still have to use my old password on publictest1. Frank From mmcgrath at redhat.com Fri Mar 14 03:52:51 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Thu, 13 Mar 2008 22:52:51 -0500 (CDT) Subject: Password Migration In-Reply-To: References: Message-ID: On Thu, 13 Mar 2008, Frank Chiulli wrote: > Should the password migration associated with FAS2 be complete by now? > > I still have to use my old password on publictest1. > This one's on me, I've been putting the shell stuff off to make sure everyone else was all setup (figured our team could take it more :) Every time I got around to enabling it it was always near sleep time and I know better then to enable something then, especially if it involves... CRON!!! For sure though we'll have it back up tomorrow morning, the benchmarks I've done show that we'll be able to grow quite a bit beyond our current capacity (box checkin is the most taxing on FAS) before we bring it down, and even then once fas2 is up its quite a bit more. The system seems to scale pretty well as it turns out. -Mike From ricky at fedoraproject.org Fri Mar 14 04:26:20 2008 From: ricky at fedoraproject.org (Ricky Zhou) Date: Fri, 14 Mar 2008 00:26:20 -0400 Subject: Meeting Log - 2008-03-13 Message-ID: <20080314042620.GA5626@Max.nyc1.dsl.speakeasy.net> 16:01 -!- mmcgrath changed the topic of #fedora-meeting to: Infrastructure -- Meeting, who's here? 16:02 < ivazquez> Pong. 16:02 * nirik lurks in the background 16:02 -!- jmtaylor [n=jason at c-76-112-119-170.hsd1.mi.comcast.net] has joined #fedora-meeting 16:02 < mmcgrath> jmtaylor: yo, just getting started 16:03 < mmcgrath> skvidal: dgilmore: ping 16:03 -!- kambiz [n=kambiz at vorlon.oit.duke.edu] has joined #fedora-meeting 16:03 < skvidal> yah 16:03 < skvidal> in and out 16:03 * mmcgrath thinks RDU and Boston are having problems and pycon is going on right now so its quite possible lots of people won't be here today 16:03 * whitenoise 's around :P 16:03 < jmtaylor> mmcgrath: cool 16:04 < mmcgrath> alrighty, well we'll get started just the same 16:04 -!- mmcgrath changed the topic of #fedora-meeting to: Infrastructure -- tickets 16:04 < mmcgrath> .tiny https://fedorahosted.org/fedora-infrastructure/query?status=new&status=assigned&status=reopened&group=milestone&keywords=%7EMeeting&order=priority 16:04 < zodbot> mmcgrath: http://tinyurl.com/2hyyz6 16:05 < mmcgrath> .ticket 421 16:05 < zodbot> mmcgrath: #421 (Fedora Mirror Space) - Fedora Infrastructure - Trac - https://fedorahosted.org/projects/fedora-infrastructure/ticket/421 16:05 * dgilmore is here 16:05 < mmcgrath> AFAIK f13's handling the actual pushing of those bits around 16:05 < mmcgrath> f13: you here? 16:05 * mmcgrath guesses not 16:05 < jwb> he's missing at the moment 16:06 -!- ezq [n=ezq at host83.190-224-57.telecom.net.ar] has quit "leaving" 16:06 < mmcgrath> either way I think thats mostly taken care of, I'll remove the meeting tag from it. 16:06 -!- J5 [n=quintice at nat/redhat/x-16fc084f9202d358] has joined #fedora-meeting 16:06 -!- J5 [n=quintice at nat/redhat/x-16fc084f9202d358] has quit Client Quit 16:06 * ricky is here for ~5 minutes 16:06 < mmcgrath> ricky: yo 16:06 -!- J5 [n=quintice at nat/redhat/x-151d921351e45e15] has joined #fedora-meeting 16:06 < mmcgrath> jcollie isn't here so we'll skip ticket 395 16:06 < mmcgrath> .ticket 398 16:06 < zodbot> mmcgrath: #398 (elfutils `monotone' (mtn) error) - Fedora Infrastructure - Trac - https://fedorahosted.org/projects/fedora-infrastructure/ticket/398 16:07 < mmcgrath> not much new here, I submitted a bug upstream and they claim there's lots of ways to do what we suggest, none of which are very good. 16:07 < mmcgrath> so I'm keeping an eye on that but I haven't actually looked to implement anything and I don't think anyone else has either 16:07 < mmcgrath> so moving on 16:07 < mmcgrath> .ticket 446 16:07 < zodbot> mmcgrath: #446 (Possibility to add external links on spins page) - Fedora Infrastructure - Trac - https://fedorahosted.org/projects/fedora-infrastructure/ticket/446 16:07 < mmcgrath> this is a new one from today. 16:08 -!- abadger1999 [i=3ffaf10a at gateway/web/ajax/mibbit.com/x-cec616d81473dc45] has joined #fedora-meeting 16:08 < mmcgrath> I've got to be honest, I'm not to keen on this idea of linking to other places for stuff. It feels hackish and silly. 16:08 < mmcgrath> having said that, the spins policies aren't set in stone yet so the fr people don't have many options. 16:08 < mmcgrath> So reluctantly we may have to allow this through. 16:08 * glezos is around if needed 16:08 < mmcgrath> glezos: howdy 16:09 < mmcgrath> does anyone have any comments or questions about htat? 16:09 < mmcgrath> it will take some code changes on our spins page. 16:09 < ivazquez> What happens if the policy comes down that external links are not allowed, after we've placed it? 16:09 < mmcgrath> then we'll remove it. 16:09 < mmcgrath> I'll send a feeler to the FAB now as it will likely take us a little bit to get the scripts in order anyway 16:10 < mmcgrath> well, I would if I could get to my mailbox. 16:10 * mmcgrath makes post-it note 16:10 < ivazquez> Has this been posed to the people handling the spins policies? 16:10 < mmcgrath> ivazquez: nope, they've been discussing it on the fab though. 16:11 < mmcgrath> so they'll comment when I send the feeler. 16:12 < mmcgrath> skvidal: any word on the new spins box? I know you've been busy this week with yum stuff. 16:12 < dgilmore> id rather not link outside 16:12 < ivazquez> Likewise. 16:12 < skvidal> mmcgrath: I'm waiting to make sure it stays up :) 16:12 < skvidal> it's been 7 days 16:13 < skvidal> I just want to make sure it's not keeling over like it was before 16:13 < skvidal> then we can move forward w/it 16:13 < mmcgrath> solid 16:13 < mmcgrath> Ok, moving on from tickets 16:13 -!- mmcgrath changed the topic of #fedora-meeting to: Infrastructure -- FAS2 16:14 < dgilmore> woohoo 16:14 < mmcgrath> So fas2 shipped, its been doing fine. we had an issue yesterday but couldn't trace it to fas specifically, just strangeness in the db connections filling up mostly with koji requests and the old account system. 16:14 < mmcgrath> could have been a migration bug 16:14 < ricky> Aww, I'm going to miss part of this :( 16:14 -!- abadger1991 [n=abadger1 at 63.250.241.10] has joined #fedora-meeting 16:15 < dgilmore> fas2 seems to have been recieved really well 16:15 < mmcgrath> ricky: no worriesl 16:15 < mmcgrath> all in all things went well, there's still a few outstanding issues, fedorapeople being one of them right now. 16:16 < dgilmore> mmcgrath: whats up with fedorapeople? 16:17 < mmcgrath> dgilmore: well the nssdb is messed up so no one hsa accounts on it. 16:17 < dgilmore> :( thats not fun 16:17 < dgilmore> so we have someone with local access fixing? 16:17 < mmcgrath> its a pretty easy thing to fix but a security 'feature' in fas is preventing me from doing it :) 16:17 < mmcgrath> dgilmore: I can still get i nand with a shell, its just this pesky meeting got in the way of me fixing it :) 16:18 -!- till__ [n=till at genius.kawo2.RWTH-Aachen.DE] has joined #fedora-meeting 16:18 < dgilmore> mmcgrath: i see so its not a big deal then 16:18 < mmcgrath> not a big deal. 16:18 < mmcgrath> just lots of little things here and there. 16:18 < dgilmore> one question i have with fas2 is setting up sandboxes 16:18 < mmcgrath> big thanks goes out to ricky and toshio. 16:18 < mmcgrath> dgilmore: shoot 16:19 < dgilmore> say i put up a sparc box like fedorapeople.org where contributors get ssh and mock access 16:19 < dgilmore> id rather tie it into fas 16:19 < skvidal> dgilmore: mock? you sure? 16:19 < stickster> mmcgrath: I hope to have final word to you soon on CLA stuff 16:19 < dgilmore> im sure dwmw2_gone would want to do the same for his ppc64 box 16:19 -!- tyll [n=till at genius.kawo2.RWTH-Aachen.DE] has quit Nick collision from services. 16:20 < mmcgrath> stickster: excellent. 16:20 < stickster> mmcgrath: The relevant legal eagle just got back to the office today after being gone a bit. 16:20 < dgilmore> skvidal: to all people to test builds on sparc 16:20 < mmcgrath> dgilmore: yeah, I've thought about this, jesse has a similar box in question. 16:20 < dgilmore> to allow 16:20 < mmcgrath> dgilmore: so here's the thing. In general I'd like to allow third parties to be able to access fas. I'm going to write up some guidelines first for us all to go over. 16:20 < mmcgrath> The main concerns being... 16:20 < mmcgrath> 1) password harvesting 16:20 < dgilmore> skvidal: not mock on fedorapeople but same set of accounts 16:20 < mmcgrath> 2) password harvesting :) 16:21 < mmcgrath> and the problem with mock is it allows you to get root on the box. 16:21 < dgilmore> mmcgrath: id be happy disabling password auth and only allowing ssh 16:21 -!- till__ is now known as tyll 16:21 < dgilmore> mmcgrath: i.e put in something fake for a passwd 16:21 < mmcgrath> dgilmore: but if someone ssh'd and forwarded their key there's still issues there. 16:22 < dgilmore> mmcgrath: true 16:22 < mmcgrath> so the anwser is yes, I'd like to do something like that. 16:23 < mmcgrath> but I'm not sure the right way to go about it at this time. 16:23 < mmcgrath> I suspect a good answer will be for users to somehow get temporary passwords setup and emaild to them from that box. 16:23 < mmcgrath> and disallowing key based auth. 16:23 < mmcgrath> we can talk more about that later. 16:24 < mmcgrath> and there's lesser levels of integration I'd like to be able to just offer without much effort to people, like the fedora unity folks, who may want to get group information. 16:24 < dgilmore> that could be a possibily 16:24 < mmcgrath> anyone have any other questions? 16:24 -!- sereinity [n=sereinit at mon69-3-82-235-39-70.fbx.proxad.net] has joined #fedora-meeting 16:24 < mmcgrath> alllrighty 16:25 -!- mmcgrath changed the topic of #fedora-meeting to: Infrastructure -- Me won't be here for much longer this month. 16:25 < mmcgrath> This is a notice to everyone. 16:25 < mmcgrath> I'm goin gto be gone, pretty much the rest of the month 16:25 < jeremy_> mmcgrath: that's not allowed! 16:25 < mmcgrath> either at pycon, training or in vegas towards the end of the month 16:25 < mmcgrath> jeremy_: but but but vegas!!!! 16:25 < jeremy_> mmcgrath: work! 16:25 < jeremy_> back to it! 16:25 -!- wwoods [n=wwoods at nat/redhat/x-4a06e36cb94bc1b3] has joined #fedora-meeting 16:25 -!- cra [n=cra at about/networking/255.255.255.4/cra] has joined #fedora-meeting 16:25 -!- gregdek [n=gdk at nat/redhat/x-e254f54b8dd98d7c] has joined #fedora-meeting 16:25 < mmcgrath> so I'll be peaking my head in, and checking my email. But during the day I'll largely be gone 16:26 -!- poelcat_ [n=poelcat at fedora/poelcat] has joined #fedora-meeting 16:26 * mmcgrath sees RDU is back online 16:26 < mmcgrath> so thats that really. 16:26 -!- mmcgrath changed the topic of #fedora-meeting to: Infrastructure -- Open Floor 16:26 < mmcgrath> who's got something else they'd like to discuss? 16:27 < dgilmore> how has xen2 been holding up 16:27 < mmcgrath> dgilmore: good question. 16:27 < mmcgrath> So xen2 16:27 * mmcgrath finds the bz number 16:27 < mmcgrath> .bug 429469 16:27 < buggbot> Bug https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=429469 low, low, rc, Mike Christie, NEW , Frequent reboots of servers after upgrading to RHEL5. 16:27 < zodbot> mmcgrath: Bug 429469: Frequent reboots of servers after upgrading to RHEL5. - https://bugzilla.redhat.com/429469 16:27 < mmcgrath> so this one bit us hard. 16:27 < mmcgrath> During the trouble shooting late last week I disabled all iscsi based guests. 16:28 < mmcgrath> either converting them to local disk or moving them somewhere else. 16:28 < mmcgrath> This seems to have stopped the box from rebooting. 16:28 < mmcgrath> *however* 16:28 < mmcgrath> xen1 rebooted on... monday I want to say. 16:28 < mmcgrath> and it took on 2 guests from xen2, noc1 and app4 I believe. 16:28 -!- poelcat_ [n=poelcat at fedora/poelcat] has quit Client Quit 16:28 < mmcgrath> so its possible one of those guests wsa causing problems. 16:28 < mmcgrath> its possible it was a fluke. 16:28 < mmcgrath> but we're keeping an eye on it just the same. 16:29 < mmcgrath> needless to say, xen2's been pretty solid all week. 16:29 -!- jeremy_ [n=katzj at MUCKLEY-THREE-NINETY-NINE.MIT.EDU] has quit "back to the other client" 16:29 < mmcgrath> so thats the latest on that 16:29 < mmcgrath> Anyone have anything else they'd like to discuss? 16:31 < gkrpan> <-- looking into the RFR process. Nothing to report on it yet. 16:31 < mmcgrath> gkrpan: solid 16:31 < mmcgrath> ok, well we'll close the meeting in 30 16:31 -!- abadger1999 [i=3ffaf10a at gateway/web/ajax/mibbit.com/x-cec616d81473dc45] has quit "http://www.mibbit.com ajax IRC Client" 16:31 -!- jlaska [n=jlaska at nat/redhat/x-2b60db71d7b3f708] has joined #fedora-meeting 16:32 < mmcgrath> 10 16:32 -!- mmcgrath changed the topic of #fedora-meeting to: Infrasturcture -- Meeting Closed! 16:32 < mmcgrath> thanks for coming everyone 16:32 < dgilmore> :) thanks 16:32 * mmcgrath gets back to the final bits of FAS2 and fixing fedorapeople. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From bneijt at gmail.com Fri Mar 14 10:23:36 2008 From: bneijt at gmail.com (Bram Neijt) Date: Fri, 14 Mar 2008 11:23:36 +0100 Subject: Metalink support In-Reply-To: <20080312034631.GA15417@auslistsprd01.us.dell.com> References: <46c2f4ab0803111016i23d7b5ave0a90aa4116d2c85@mail.gmail.com> <20080312034631.GA15417@auslistsprd01.us.dell.com> Message-ID: <46c2f4ab0803140323g61a39dv4cc6f2d2f3cd2fb1@mail.gmail.com> Hi everybody, Well, I've given it some thought and I think the following set-up might be a good idea: Once a month or just when you guys feel like it, run a small spider on the main mirroring server that generated .metalink files for every ISO image that has a SHA1SUMS file which mentions it's SHA1SUM. The spider can get the mirror list from parsing the MirrorManager page (public list if needed). That would give a light-weight and simple system which would easily allow for metalinks to be generated. I could write something like this in the public domain in a language of your choice (Ruby, Python, C++, Bash, SH, Make). Would something like that be possible for the current infrastucture? Would that be possible? Greets, Bram PS It's not the most beautiful solution, but Rene is already working on that. On Wed, Mar 12, 2008 at 4:46 AM, Matt Domsch wrote: > > On Tue, Mar 11, 2008 at 06:16:09PM +0100, Bram Neijt wrote: > > Hi everybody, > > > > My name is Bram and I'm one of the developers the metalink tools > > project. I've heard that somebody tried to implement metalinks as part > > of the mirrormanager project and failed to get an agreable patch. > > > > I'm new to mirrormanager but I would like to see if I can find a way > > to help you guys with hosting metalinks in a usefull way. Even if it > > means it has to be done outside of the mirrormanager. > > > > Are there any opinions floating around about how metalinks could be > > implemented/created? > > > > Greetings, > > Bram > > > > PS I have some ideas, but as I'm new to this list I don't want to > > start dictating solutions. Feel free to invite me to do so ;-) > > > Rene Leonhardt looked into this in early February and had a start on > it, but I haven't heard back in several weeks. > > -- > Matt Domsch > Linux Technology Strategist, Dell Office of the CTO > linux.dell.com & www.dell.com/linux > From johnp at redhat.com Fri Mar 14 15:02:19 2008 From: johnp at redhat.com (John (J5) Palmieri) Date: Fri, 14 Mar 2008 11:02:19 -0400 Subject: MyFedora cross domain authentication issues In-Reply-To: <47D9B1DC.4070502@gmail.com> References: <1205440803.5068.19.camel@localhost.localdomain> <47D9B1DC.4070502@gmail.com> Message-ID: <1205506939.3221.9.camel@localhost.localdomain> On Thu, 2008-03-13 at 17:59 -0500, Toshio Kuratomi wrote: > John (J5) Palmieri wrote: > > Hi guys, > > > > We just recently got a test instance up at publictest10 and I have > > started working on accessing resources as an authenticated user. There > > is a large issue here however since the browser's security model > > rightfully prevents us from doing requests such as this. There are > > several ways around this security all with their own pitfalls. > > > > The first one which I use is to have a proxy page which make the calls > > on the server which is not subject to the security concerns. The issue > > with this is it can't be authenticated and involves shipping data > > through an extra server. > > > > The second way is to use JSONP callback script injection. This one > > involves the json call returning data as a javascript callback which is > > then script injected into the page and eval'ed. This is extremely > > insecure as it allows the server to send back any javascript which is > > executed on the user's browser. I've tested this by sending an alert > > back from bohdi's 'list' call and it can display any data available to > > the browser. > > > > Another way which I am not sure is possible would be to do URL rewriting > > to make it look like all of our resources are coming from the same > > domain, e.g. http://myfedora.fedoraproject.org/bodhi would be rewritten > > to point to a bodhi instance. Though this might work if they were > > running under the same apache instance, I am pretty sure it would fall > > down if they were running on different servers. > > > > The last way, which I discussed with the Fas guys sometime back would be > > the ability to forward credentials from a proxy. This would require Fas > > support that I am pretty sure is not there yet. I'm not even sure how > > it would be implemented. > > > J5: Look at how jsonfas is implemented and tell me if that would for ths > model. > > bzr branch bzr://bzr.fedorahosted.org/bzr/python-fedora/python-fedora-devel > > cd python-fedora-devel/fedora/tg/identity > vim jsonfasprovider.py > # Take a look at JsonFasIdentity > > -Toshio It look promising though I am not totally sure how it works. Let me see if I get this right. At the start of the proxied request (basically just a TG controller in my domain which is called via JSON) I create a JsonFasIdentity and supply it with the user, username and password using the tg.identity object or is that the JsonFasIdentity? It will then set the correct cookies for the next link. I make my next JSON call to a FAS2 enabled resource like Bodhi and Bodhi treats me as if I was logged in? Is this correct? Do I call logout on the JsonFasIdentity object? Can this stand up to being called 10 times per page load for each query I need to make? If this works it will solve my issues. -- John (J5) Palmieri From mmcgrath at redhat.com Fri Mar 14 19:58:57 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Fri, 14 Mar 2008 14:58:57 -0500 (CDT) Subject: Metalink support In-Reply-To: <46c2f4ab0803140323g61a39dv4cc6f2d2f3cd2fb1@mail.gmail.com> References: <46c2f4ab0803111016i23d7b5ave0a90aa4116d2c85@mail.gmail.com> <20080312034631.GA15417@auslistsprd01.us.dell.com> <46c2f4ab0803140323g61a39dv4cc6f2d2f3cd2fb1@mail.gmail.com> Message-ID: On Fri, 14 Mar 2008, Bram Neijt wrote: > > Well, I've given it some thought and I think the following set-up > might be a good idea: > Once a month or just when you guys feel like it, run a small spider on > the main mirroring server that generated .metalink files for every ISO > image that has a SHA1SUMS file which mentions it's SHA1SUM. The spider > can get the mirror list from parsing the MirrorManager page (public > list if needed). > > That would give a light-weight and simple system which would easily > allow for metalinks to be generated. I could write something like this > in the public domain in a language of your choice (Ruby, Python, C++, > Bash, SH, Make). > > Would something like that be possible for the current infrastucture? > Would that be possible? > I've got to admit I'm not keen on anything here that doesn't start and end on our own servers. In what way, exactly, would this benefit Fedora? -Mike From a.badger at gmail.com Sat Mar 15 04:30:35 2008 From: a.badger at gmail.com (Toshio Kuratomi) Date: Fri, 14 Mar 2008 23:30:35 -0500 Subject: MyFedora cross domain authentication issues In-Reply-To: <1205506939.3221.9.camel@localhost.localdomain> References: <1205440803.5068.19.camel@localhost.localdomain> <47D9B1DC.4070502@gmail.com> <1205506939.3221.9.camel@localhost.localdomain> Message-ID: <47DB50EB.3040307@gmail.com> John (J5) Palmieri wrote: > On Thu, 2008-03-13 at 17:59 -0500, Toshio Kuratomi wrote: >> J5: Look at how jsonfas is implemented and tell me if that would for ths >> model. >> >> bzr branch bzr://bzr.fedorahosted.org/bzr/python-fedora/python-fedora-devel >> >> cd python-fedora-devel/fedora/tg/identity >> vim jsonfasprovider.py >> # Take a look at JsonFasIdentity >> >> -Toshio > > It look promising though I am not totally sure how it works. Let me see > if I get this right. At the start of the proxied request (basically just > a TG controller in my domain which is called via JSON) I create a > JsonFasIdentity and supply it with the user, username and password using > the tg.identity object or is that the JsonFasIdentity? It will then set > the correct cookies for the next link. I make my next JSON call to a > FAS2 enabled resource like Bodhi and Bodhi treats me as if I was logged > in? Is this correct? Do I call logout on the JsonFasIdentity object? > Can this stand up to being called 10 times per page load for each query > I need to make? > This is how jsonfasprovider works: 1) The user visits myfedora and enters a username/password to log in. 2) The login request uses jsonfasprovider to authenticate the user against fas. Fas allows the user and sends a cookie back to myfedora. 3) myfedora (still via jsonfasprovider) sets the cookie on the user's browser. This applies to myfedora because myfedora can use a similar method to send the user's authentication token to Bodhi. You'll inherit from BaseClient similar to what JsonFasIdentity does but targeted at Bodhi's location instead of FAS (Call it BodhiClient, for now). 1) Logged in user accesses myfedora 2) You instantiate a BodhiClient object. 3) You set or have BodhiClient set _sessionCookie with the visit_key (available from identity.current.visit_key) 4) You call or have BodhiClient send_request() to retrieve your data. (Remember to specify auth=True since the client needs to retrieve the data for the authenticated user.) 5) Operate on the data. So you are proxying the session cookie that the user sends to you to the actual server that is providing the information. -Toshio -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: OpenPGP digital signature URL: From dennis at ausil.us Sat Mar 15 05:11:50 2008 From: dennis at ausil.us (Dennis Gilmore) Date: Sat, 15 Mar 2008 00:11:50 -0500 Subject: fedorapeople.org notice Message-ID: <200803150011.59595.dennis@ausil.us> We had a bit of an oops on fedorapeople.org and had to restore some files from backup. We don't believe there was any actual data loss but its quite possible that some files you'd deleted are back. This A) puts some people over their quota and B) is annoying. Sorry for any confusion (this was a calamity of errors). For those of you in group A) just delete the files again :) Stop on by #fedora-admin if you have any questions. Fedora Admin Team -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part. URL: From skvidal at fedoraproject.org Sat Mar 15 05:46:24 2008 From: skvidal at fedoraproject.org (seth vidal) Date: Sat, 15 Mar 2008 01:46:24 -0400 Subject: fedorapeople.org notice In-Reply-To: <200803150011.59595.dennis@ausil.us> References: <200803150011.59595.dennis@ausil.us> Message-ID: <1205559984.1816.61.camel@cutter> On Sat, 2008-03-15 at 00:11 -0500, Dennis Gilmore wrote: > We had a bit of an oops on fedorapeople.org and had to restore some files from > backup. We don't believe there was any actual data loss but its quite > possible that some files you'd deleted are back. This A) puts some people > over their quota and B) is annoying. Sorry for any confusion (this was a > calamity of errors). > > For those of you in group A) just delete the files again :) > > Stop on by #fedora-admin if you have any questions. > As an additional item, If anyone needs a quota bump let anyone in the infrastructure know and we can bump it for you. Thanks, -sv From alessiogiovanni.baroni at gmail.com Sat Mar 15 15:24:33 2008 From: alessiogiovanni.baroni at gmail.com (Alessio Giovanni Baroni) Date: Sat, 15 Mar 2008 16:24:33 +0100 Subject: Introduction (As the 'Getting Started' on Wiki) Message-ID: I am a student of Computer Science at the RomaTre University (Rome, Italy). At end of the first level (in Italy the University is on 2 levels), I treated of Java applications for mobile devices. I know well the C language and Java; but also I know Python. I use Linux from 2001, and I used RedHat 8 / 9 and all Fedoras. For other informations, contact me. Thank you. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bneijt at gmail.com Sat Mar 15 16:06:48 2008 From: bneijt at gmail.com (Bram Neijt) Date: Sat, 15 Mar 2008 17:06:48 +0100 Subject: Metalink support In-Reply-To: References: <46c2f4ab0803111016i23d7b5ave0a90aa4116d2c85@mail.gmail.com> <20080312034631.GA15417@auslistsprd01.us.dell.com> <46c2f4ab0803140323g61a39dv4cc6f2d2f3cd2fb1@mail.gmail.com> Message-ID: <46c2f4ab0803150906w1a088a9p3264862f3380f770@mail.gmail.com> Oh, no, everything would be running on your own servers. You probably thought there would be an outside server involved because of the word "spider". I would just write some code, somebody with the right rights would have to run it. With spider, I meant a script that would parse the HTML from the mirrormanager, so the mirrormanager wouldn't need a patch. Everything would of course run on your servers. So the idea is: I write a script that uses a mirrorlist (which it gets from parsing the HTML, or in some other way) to generate .metalink files for all the .iso files on the mirror. The metalinks would just be placed on the mirror next to the .iso files. Because the script would not have to do anything computational intensive (SHA1 sums have already been calculated) it could be run at any time you guys feel like it. As I said above, I'd be happy to create the script, but somebody would have to say they would be willing to run it. I'm only asking: if I post the code, would anybody be able use it? Bram On Fri, Mar 14, 2008 at 8:58 PM, Mike McGrath wrote: > On Fri, 14 Mar 2008, Bram Neijt wrote: > I've got to admit I'm not keen on anything here that doesn't start and end > on our own servers. In what way, exactly, would this benefit Fedora? From cooly at gnome.eu.org Sat Mar 15 16:24:59 2008 From: cooly at gnome.eu.org (Lucian Langa) Date: Sat, 15 Mar 2008 18:24:59 +0200 Subject: intruduction Message-ID: <1205598299.3614.201.camel@mayday> My name is Lucian Langa and I am from Romania. Since 2000 I started to work as an system administrator. At the moment I'm working as an admin for a small company here in Romania. My job includes maintaining a bunch of linux servers mostly Redhat and Centos. As well as implementing linux-based hosting environments for some clients. I was also involved in developing and maintaining a clustered Web environment for a social network service provider. As for coding skills I know C, I am the author of a few evolution mail plugins and I am also involved in Fedora Packaging mantaining a few packages as well as packaging for Amateur Radio Sig. Other skills include PHP language, mysql, some Perl. Cheers! --lucian From cooly at gnome.eu.org Sat Mar 15 16:28:12 2008 From: cooly at gnome.eu.org (Lucian Langa) Date: Sat, 15 Mar 2008 18:28:12 +0200 Subject: Self-Introduction: Lucian Langa Message-ID: <1205598492.3614.206.camel@mayday> My name is Lucian Langa and I am from Romania. Since 2000 I started to work as an system administrator. At the moment I'm working as an admin for a small company here in Romania. My job includes maintaining a bunch of linux servers mostly Redhat and Centos. As well as implementing linux-based hosting environments for some clients. I was also involved in developing and maintaining a clustered Web environment for a social network service provider. As for coding skills I know C, I am the author of a few evolution mail plugins and I am also involved in Fedora Packaging mantaining a few packages as well as packaging for Amateur Radio Sig. Other skills include PHP language, mysql, some Perl. Cheers! --lucian From mmcgrath at redhat.com Sat Mar 15 21:16:12 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Sat, 15 Mar 2008 16:16:12 -0500 (CDT) Subject: Introduction (As the 'Getting Started' on Wiki) In-Reply-To: References: Message-ID: On Sat, 15 Mar 2008, Alessio Giovanni Baroni wrote: > I am a student of Computer Science at the RomaTre University (Rome, Italy). > At end of the first level (in Italy the University is on 2 levels), I > treated of Java applications > for mobile devices. > I know well the C language and Java; but also I know Python. > I use Linux from 2001, and I used RedHat 8 / 9 and all Fedoras. > Welcome, were you interested in participating in Fedora in general or just in Infrastructure? -Mike From mmcgrath at redhat.com Sat Mar 15 21:17:19 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Sat, 15 Mar 2008 16:17:19 -0500 (CDT) Subject: Self-Introduction: Lucian Langa In-Reply-To: <1205598492.3614.206.camel@mayday> References: <1205598492.3614.206.camel@mayday> Message-ID: On Sat, 15 Mar 2008, Lucian Langa wrote: > My name is Lucian Langa and I am from Romania. > Since 2000 I started to work as an system administrator. > At the moment I'm working as an admin for a small company here in > Romania. > My job includes maintaining a bunch of linux servers mostly Redhat and > Centos. As well as implementing linux-based hosting environments for > some clients. I was also involved in developing and maintaining a > clustered Web environment for a social network service provider. > As for coding skills I know C, I am the author of a few evolution mail > plugins and I am also involved in Fedora Packaging mantaining a few > packages as well as packaging for Amateur Radio Sig. > Other skills include PHP language, mysql, some Perl. > Hello Lucian! Welcome aboard, is there something specifically you're interested in doing? -Mike From jonstanley at gmail.com Sun Mar 16 04:46:35 2008 From: jonstanley at gmail.com (Jon Stanley) Date: Sun, 16 Mar 2008 00:46:35 -0400 Subject: FAS2->bugzilla permissions Message-ID: Hey guys - Folks in the fedorabugs group should get the fedora_contrib permission bit set in bugzilla - I sponsored a new person into fedorabugs this evening, and they don't seem to be picking up bugzilla permissions after several hours? Can someone check that the cron that does that is still functional with FAS2? Thanks! -Jon -- Jon Stanley Fedora Bug Wrangler jstanley at fedoraproject.org From a.badger at gmail.com Sun Mar 16 07:17:07 2008 From: a.badger at gmail.com (Toshio Kuratomi) Date: Sun, 16 Mar 2008 02:17:07 -0500 Subject: FAS2->bugzilla permissions In-Reply-To: References: Message-ID: <47DCC973.1090105@gmail.com> Jon Stanley wrote: > Hey guys - > > Folks in the fedorabugs group should get the fedora_contrib permission > bit set in bugzilla - I sponsored a new person into fedorabugs this > evening, and they don't seem to be picking up bugzilla permissions > after several hours? Can someone check that the cron that does that > is still functional with FAS2? > This was broken in two ways. 1) There is a script (export-bugzilla.py) which didn't get updated to use FAS2's bugzilla queue instead of the fedorausers database. Since the db schema is the same for that table, a quick port should be possible by just pointing the script at fas2 and adding a user/password that can read and delete from bugzilla_queue there. 2) There seems to be a problem in the triggers as the bugzilla_queue table in the database doesn't accurately reflect who was changed. I think I've fixed this portion. It's too late at night for me to be safely mucking around directly in the database right now but I'll check on #2, add the list of new approvals that Jon sent me, and update bugzilla via the script in #1 tomorrow. If everything looks good, I'll get the script to automatically running on an app server as well. -Toshio -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: OpenPGP digital signature URL: From alessiogiovanni.baroni at gmail.com Sun Mar 16 14:21:38 2008 From: alessiogiovanni.baroni at gmail.com (Alessio Giovanni Baroni) Date: Sun, 16 Mar 2008 15:21:38 +0100 Subject: Introduction (As the 'Getting Started' on Wiki) In-Reply-To: References: Message-ID: Fedora in general is ok!!! I like programming!!!! Thanks. 2008/3/15, Mike McGrath : > > On Sat, 15 Mar 2008, Alessio Giovanni Baroni wrote: > > > I am a student of Computer Science at the RomaTre University (Rome, > Italy). > > At end of the first level (in Italy the University is on 2 levels), I > > treated of Java applications > > for mobile devices. > > I know well the C language and Java; but also I know Python. > > I use Linux from 2001, and I used RedHat 8 / 9 and all Fedoras. > > > > > Welcome, were you interested in participating in Fedora in general or just > in Infrastructure? > > -Mike > > _______________________________________________ > Fedora-infrastructure-list mailing list > Fedora-infrastructure-list at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list > -------------- next part -------------- An HTML attachment was scrubbed... URL: From cooly at gnome.eu.org Sun Mar 16 16:21:00 2008 From: cooly at gnome.eu.org (Lucian Langa) Date: Sun, 16 Mar 2008 18:21:00 +0200 Subject: Self-Introduction: Lucian Langa In-Reply-To: References: <1205598492.3614.206.camel@mayday> Message-ID: <1205684460.3648.56.camel@mayday> Hello Mike, as I will gladly do anything that is requested here is a list of a few thins I'm interested in noc web/hosted releng test/devel --lucian On Sat, 2008-03-15 at 16:17 -0500, Mike McGrath wrote: > On Sat, 15 Mar 2008, Lucian Langa wrote: > > > My name is Lucian Langa and I am from Romania. > > Since 2000 I started to work as an system administrator. > > At the moment I'm working as an admin for a small company here in > > Romania. > > My job includes maintaining a bunch of linux servers mostly Redhat and > > Centos. As well as implementing linux-based hosting environments for > > some clients. I was also involved in developing and maintaining a > > clustered Web environment for a social network service provider. > > As for coding skills I know C, I am the author of a few evolution mail > > plugins and I am also involved in Fedora Packaging mantaining a few > > packages as well as packaging for Amateur Radio Sig. > > Other skills include PHP language, mysql, some Perl. > > > > Hello Lucian! Welcome aboard, is there something specifically you're > interested in doing? > > -Mike > > _______________________________________________ > Fedora-infrastructure-list mailing list > Fedora-infrastructure-list at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list > From fluhmann at gmail.com Mon Mar 17 03:34:48 2008 From: fluhmann at gmail.com (Jeremy Fluhmann) Date: Sun, 16 Mar 2008 22:34:48 -0500 Subject: Introduction - Jeremy Fluhmann Message-ID: <7f7c2d5e0803162034of568d71g8692e43643f6d1f8@mail.gmail.com> Hello, My name is Jeremy Fluhmann and I live in a small community 35 miles north of San Angelo, TX. I work (commute 45 minutes each way) at Angelo State University as a Technology Services Specialist. While the title is pretty ambiguous, I work in the IT department as part of the Infrastructure group. My job duties are that of a sysadmin. I help maintain the Windows servers, SAN, and our virtual infrastructure (VMware's ESX servers). Most (not all) of the linux boxes are currently maintained outside of our group (by people that used to be in the Infrastructure group), but we're moving towards bringing those back into our group and switching from Gentoo to Redhat. Great for me since it will allow me to go to some Redhat training, as I'm hoping to move into the main Linux admin role. My background is mainly in developing web-based management tools. I'm a Perl guy, so all of my stuff thus far has been Perl (along with the usual XHTML, CSS, and JavaScript). I've picked up a few Python books and have been wanting to take on a project to help make me learn Python. I've been running Ubuntu on my $work desktop and laptop for a little over a year and have previously worked with Fedora and Redhat systems at a previous job (developing web applications). I run a personal server at home and will likely be switching it over to Fedora. As far as community involvment, I ran YAPC::NA 2007 (Yet Another Perl Conference, North America) and am currently organizing an open source symposium (http://www.texasoss.org/). I also serve as Vice President of the Strategic Open Source SIG (a Special Interest Group of the Texas Computer Education Association) and am looking to organize an Open Source User Group in San Angelo. My interest in the group is with the sysadmin-tools, sysadmin-web, and sysadmin-noc groups. I hope to be able to give back as much as I take away from the group. Thanks! Jeremy -------------- next part -------------- An HTML attachment was scrubbed... URL: From Matt_Domsch at dell.com Mon Mar 17 05:14:15 2008 From: Matt_Domsch at dell.com (Matt Domsch) Date: Mon, 17 Mar 2008 00:14:15 -0500 Subject: Metalink support In-Reply-To: <46c2f4ab0803150906w1a088a9p3264862f3380f770@mail.gmail.com> References: <46c2f4ab0803111016i23d7b5ave0a90aa4116d2c85@mail.gmail.com> <20080312034631.GA15417@auslistsprd01.us.dell.com> <46c2f4ab0803140323g61a39dv4cc6f2d2f3cd2fb1@mail.gmail.com> <46c2f4ab0803150906w1a088a9p3264862f3380f770@mail.gmail.com> Message-ID: <20080317051415.GA21247@auslistsprd01.us.dell.com> On Sat, Mar 15, 2008 at 05:06:48PM +0100, Bram Neijt wrote: > Oh, no, everything would be running on your own servers. You probably > thought there would be an outside server involved because of the word > "spider". I would just write some code, somebody with the right rights > would have to run it. > > With spider, I meant a script that would parse the HTML from the > mirrormanager, so the mirrormanager wouldn't need a patch. Everything > would of course run on your servers. > > So the idea is: > I write a script that uses a mirrorlist (which it gets from parsing > the HTML, or in some other way) to generate .metalink files for all > the .iso files on the mirror. The metalinks would just be placed on > the mirror next to the .iso files. > > Because the script would not have to do anything computational > intensive (SHA1 sums have already been calculated) it could be run at > any time you guys feel like it. > > As I said above, I'd be happy to create the script, but somebody would > have to say they would be willing to run it. I'm only asking: if I > post the code, would anybody be able use it? You don't want to spider this data all over again (the HTML pages are really quite bare...) - you really want to get it from the MM database directly. I'd much prefer to see efforts aimed in that direction, than for a throwaway implementation that doesn't use the MM database. -Matt -- Matt Domsch Linux Technology Strategist, Dell Office of the CTO linux.dell.com & www.dell.com/linux From Matt_Domsch at dell.com Mon Mar 17 05:17:32 2008 From: Matt_Domsch at dell.com (Matt Domsch) Date: Mon, 17 Mar 2008 00:17:32 -0500 Subject: Introduction - Jeremy Fluhmann In-Reply-To: <7f7c2d5e0803162034of568d71g8692e43643f6d1f8@mail.gmail.com> References: <7f7c2d5e0803162034of568d71g8692e43643f6d1f8@mail.gmail.com> Message-ID: <20080317051732.GB21247@auslistsprd01.us.dell.com> On Sun, Mar 16, 2008 at 10:34:48PM -0500, Jeremy Fluhmann wrote: > Hello, > > My name is Jeremy Fluhmann and I live in a small community 35 miles north > of San Angelo, TX. I work (commute 45 minutes each way) at Angelo State > University as a Technology Services Specialist. While the title is pretty Welcome, glad to have another Texan on board. -- Matt Domsch Linux Technology Strategist, Dell Office of the CTO linux.dell.com & www.dell.com/linux From bneijt at gmail.com Mon Mar 17 13:19:20 2008 From: bneijt at gmail.com (Bram Neijt) Date: Mon, 17 Mar 2008 14:19:20 +0100 Subject: Metalink support In-Reply-To: <20080317051415.GA21247@auslistsprd01.us.dell.com> References: <46c2f4ab0803111016i23d7b5ave0a90aa4116d2c85@mail.gmail.com> <20080312034631.GA15417@auslistsprd01.us.dell.com> <46c2f4ab0803140323g61a39dv4cc6f2d2f3cd2fb1@mail.gmail.com> <46c2f4ab0803150906w1a088a9p3264862f3380f770@mail.gmail.com> <20080317051415.GA21247@auslistsprd01.us.dell.com> Message-ID: <46c2f4ab0803170619k4956b5ayde3f4d3777f80a1a@mail.gmail.com> So would I, but for what I've seen the SHA1 information is not part of the mirrormanager database. For any "good" implementation of metalinks in the mirrormanager, I would at least want trustworthy SHA1 information in the database otherwise the only advantage of using metalinks would be load balancing on your mirrors (which is already mostly fixed with MM). So for the end user, there is not much to gain if metalinks is implemented in the mirrormanager. The only solution for the SHA1 information I could think of was to implement a script on the main mirror which hosts the SHA1 files, which would mean not running on the server with the MM database, which would mean not having direct access to that database. Parsing HTML is pretty stupid, I agree, but there is probably a much cleaner way of getting the mirror list (I havn't worked with turbo gears before, so I couldn't find a view of the list I would want). Something like fedora-test-data/mirror-hosts-core.txt would be much better. Rene is still working on the MM patch, but without the SHA1 information, I'm not really sure it would be _my_ ideal solution. Greets, Bram On Mon, Mar 17, 2008 at 6:14 AM, Matt Domsch wrote: > You don't want to spider this data all over again (the HTML pages are > really quite bare...) - you really want to get it from the MM database > directly. I'd much prefer to see efforts aimed in that direction, > than for a throwaway implementation that doesn't use the MM database. > > -Matt > -- > > Matt Domsch > Linux Technology Strategist, Dell Office of the CTO > linux.dell.com & www.dell.com/linux From kanarip at kanarip.com Mon Mar 17 13:31:02 2008 From: kanarip at kanarip.com (Jeroen van Meeuwen) Date: Mon, 17 Mar 2008 14:31:02 +0100 Subject: Metalink support In-Reply-To: <46c2f4ab0803170619k4956b5ayde3f4d3777f80a1a@mail.gmail.com> References: <46c2f4ab0803111016i23d7b5ave0a90aa4116d2c85@mail.gmail.com> <20080312034631.GA15417@auslistsprd01.us.dell.com> <46c2f4ab0803140323g61a39dv4cc6f2d2f3cd2fb1@mail.gmail.com> <46c2f4ab0803150906w1a088a9p3264862f3380f770@mail.gmail.com> <20080317051415.GA21247@auslistsprd01.us.dell.com> <46c2f4ab0803170619k4956b5ayde3f4d3777f80a1a@mail.gmail.com> Message-ID: <47DE7296.4050706@kanarip.com> Bram Neijt wrote: > So would I, but for what I've seen the SHA1 information is not part of > the mirrormanager database. > > For any "good" implementation of metalinks in the mirrormanager, I > would at least want trustworthy SHA1 information in the database > otherwise the only advantage of using metalinks would be load > balancing on your mirrors (which is already mostly fixed with MM). > > So for the end user, there is not much to gain if metalinks is > implemented in the mirrormanager. The only solution for the SHA1 > information I could think of was to implement a script on the main > mirror which hosts the SHA1 files, which would mean not running on the > server with the MM database, which would mean not having direct access > to that database. > > Parsing HTML is pretty stupid, I agree, but there is probably a much > cleaner way of getting the mirror list (I havn't worked with turbo > gears before, so I couldn't find a view of the list I would want). > Something like fedora-test-data/mirror-hosts-core.txt would be much > better. > > Rene is still working on the MM patch, but without the SHA1 > information, I'm not really sure it would be _my_ ideal solution. > > Greets, > Bram > How about using: http://mirrors.fedoraproject.org/mirrorlist?path=pub/fedora/linux/releases/8/Fedora/i386/iso/Fedora-8-i386-DVD.iso instead of the HTML? Incorporating that in the .metalink, trusting Mirrormanager with managing whether that file is actually the file that is supposed to be there, and the metalink client doing a check-up on the chunks it has downloads and see if they match? Creating a metalink would then consist of: - getting the iso - verifying the sha1sum (so you don't start off on the wrong foot) - creating chunks and their sha1sum for use in a .metalink file - while/before the .metalink is being downloaded by a client, incorporate the mirrormanager results and trust mirrormanager to return the 1) right mirrors, 2) the right files, 3) the files with correct content. - optionally allow the .metalink to be created on-the-fly with all parameters mirrormanager has (&country=NL,DE,BE, but not &redirect=1) Does that sound like a good idea? Just my brain dump ;p Kind regards, Jeroen van Meeuwen -kanarip From johnp at redhat.com Mon Mar 17 13:51:38 2008 From: johnp at redhat.com (John (J5) Palmieri) Date: Mon, 17 Mar 2008 09:51:38 -0400 Subject: MyFedora cross domain authentication issues In-Reply-To: <47DB50EB.3040307@gmail.com> References: <1205440803.5068.19.camel@localhost.localdomain> <47D9B1DC.4070502@gmail.com> <1205506939.3221.9.camel@localhost.localdomain> <47DB50EB.3040307@gmail.com> Message-ID: <1205761898.5138.0.camel@localhost.localdomain> On Fri, 2008-03-14 at 23:30 -0500, Toshio Kuratomi wrote: > John (J5) Palmieri wrote: > > On Thu, 2008-03-13 at 17:59 -0500, Toshio Kuratomi wrote: > >> J5: Look at how jsonfas is implemented and tell me if that would for ths > >> model. > >> > >> bzr branch bzr://bzr.fedorahosted.org/bzr/python-fedora/python-fedora-devel > >> > >> cd python-fedora-devel/fedora/tg/identity > >> vim jsonfasprovider.py > >> # Take a look at JsonFasIdentity > >> > >> -Toshio > > > > It look promising though I am not totally sure how it works. Let me see > > if I get this right. At the start of the proxied request (basically just > > a TG controller in my domain which is called via JSON) I create a > > JsonFasIdentity and supply it with the user, username and password using > > the tg.identity object or is that the JsonFasIdentity? It will then set > > the correct cookies for the next link. I make my next JSON call to a > > FAS2 enabled resource like Bodhi and Bodhi treats me as if I was logged > > in? Is this correct? Do I call logout on the JsonFasIdentity object? > > Can this stand up to being called 10 times per page load for each query > > I need to make? > > > > This is how jsonfasprovider works: > > 1) The user visits myfedora and enters a username/password to log in. > 2) The login request uses jsonfasprovider to authenticate the user > against fas. Fas allows the user and sends a cookie back to myfedora. > 3) myfedora (still via jsonfasprovider) sets the cookie on the user's > browser. > > This applies to myfedora because myfedora can use a similar method to > send the user's authentication token to Bodhi. You'll inherit from > BaseClient similar to what JsonFasIdentity does but targeted at Bodhi's > location instead of FAS (Call it BodhiClient, for now). > > 1) Logged in user accesses myfedora > 2) You instantiate a BodhiClient object. > 3) You set or have BodhiClient set _sessionCookie with the visit_key > (available from identity.current.visit_key) > 4) You call or have BodhiClient send_request() to retrieve your data. > (Remember to specify auth=True since the client needs to retrieve the > data for the authenticated user.) > 5) Operate on the data. > > So you are proxying the session cookie that the user sends to you to the > actual server that is providing the information. > > -Toshio Win!!! I'll try to get this working soon. Thanks. -- John (J5) Palmieri From mmcgrath at redhat.com Mon Mar 17 13:50:46 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Mon, 17 Mar 2008 08:50:46 -0500 (CDT) Subject: Introduction - Jeremy Fluhmann In-Reply-To: <7f7c2d5e0803162034of568d71g8692e43643f6d1f8@mail.gmail.com> References: <7f7c2d5e0803162034of568d71g8692e43643f6d1f8@mail.gmail.com> Message-ID: On Sun, 16 Mar 2008, Jeremy Fluhmann wrote: > > My background is mainly in developing web-based management tools. I'm a > Perl guy, so all of my stuff thus far has been Perl (along with the usual > XHTML, CSS, and JavaScript). I've picked up a few Python books and have > been wanting to take on a project to help make me learn Python. I've been > running Ubuntu on my $work desktop and laptop for a little over a year and > have previously worked with Fedora and Redhat systems at a previous job > (developing web applications). I run a personal server at home and will > likely be switching it over to Fedora. > Welcom Jeremy, thanks for the introduction. We've had a lot of introductions over the last week (such a good thing!) Unfortunately I've been at pycon and am in training this week so I haven't been able to give much attention to anyone yet. So for those of you that haven't really heard from me feel free to stop by #fedora-admin and bug someone in there for stuff to do. https://fedorahosted.org/fedora-infrastructure/ is also a good place to start. Jeremy, how is your web design abilities? Do you have any work available we can look at? -Mike From Matt_Domsch at dell.com Mon Mar 17 14:26:46 2008 From: Matt_Domsch at dell.com (Matt Domsch) Date: Mon, 17 Mar 2008 09:26:46 -0500 Subject: ensuring an NFS dir mounted via puppet configs Message-ID: <20080317142646.GC14883@auslistsprd01.us.dell.com> app4 needs to have /pub be NFS-mounted, for the mirrormanager crawler to work correctly. I fixed this now and restarted the crawler. How can we configure puppet to make sure the right entry in /etc/fstab is present, and that /pub is mounted? Thanks, Matt -- Matt Domsch Linux Technology Strategist, Dell Office of the CTO linux.dell.com & www.dell.com/linux From a.badger at gmail.com Mon Mar 17 14:39:54 2008 From: a.badger at gmail.com (Toshio Kuratomi) Date: Mon, 17 Mar 2008 09:39:54 -0500 Subject: vacuum script to delete expired visits Message-ID: <47DE82BA.40309@gmail.com> We were having some problems cleaning out the session table because the script that was attempting to clean it out were hitting a foreign key constraint. I've fixed this so that deletes to the visit table now cascade to the visit_identity table. We should no longer see errors for this. -Toshio -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: OpenPGP digital signature URL: From tmz at pobox.com Mon Mar 17 15:52:28 2008 From: tmz at pobox.com (Todd Zullinger) Date: Mon, 17 Mar 2008 11:52:28 -0400 Subject: ensuring an NFS dir mounted via puppet configs In-Reply-To: <20080317142646.GC14883@auslistsprd01.us.dell.com> References: <20080317142646.GC14883@auslistsprd01.us.dell.com> Message-ID: <20080317155228.GS1503@inocybe.teonanacatl.org> Matt Domsch wrote: > app4 needs to have /pub be NFS-mounted, for the mirrormanager crawler > to work correctly. I fixed this now and restarted the crawler. > > How can we configure puppet to make sure the right entry in /etc/fstab > is present, and that /pub is mounted? Something like this should work: mount { "/pub": device => "nfshost:/path/to/pub", fstype => "nfs", ensure => "mounted", options => "defaults", atboot => true, } That will add the entry to /etc/fstab is it's missing and mount the filesystem if it's not mounted. See http://reductivelabs.com/trac/puppet/wiki/TypeReference#mount for docs. -- Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Does it follow that I reject all authority? Perish the thought. In the matter of boots, I defer to the authority of the boot-maker. -- Mikhail Bakunin -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 542 bytes Desc: not available URL: From tchung at fedoraproject.org Mon Mar 17 19:03:04 2008 From: tchung at fedoraproject.org (Thomas Chung) Date: Mon, 17 Mar 2008 12:03:04 -0700 Subject: FAS2 Home Page Feature Request Message-ID: <369bce3b0803171203y6cbd4984o17fcd7d51b6cd975@mail.gmail.com> Hey Infrastructure Team Would you please add "approve" link in the FAS2 Home page for "Todo queue"? It takes too long to view any group (specially 'ambassadors' group with over 300 members) and approve each request. Here is the screenshot http://tchung.fedorapeople.org/FAS2/FAS2_todo_queue.png Thank you. -- Thomas Chung http://fedoraproject.org/wiki/ThomasChung From mmcgrath at redhat.com Mon Mar 17 19:48:20 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Mon, 17 Mar 2008 14:48:20 -0500 (CDT) Subject: FAS2 Home Page Feature Request In-Reply-To: <369bce3b0803171203y6cbd4984o17fcd7d51b6cd975@mail.gmail.com> References: <369bce3b0803171203y6cbd4984o17fcd7d51b6cd975@mail.gmail.com> Message-ID: On Mon, 17 Mar 2008, Thomas Chung wrote: > Hey Infrastructure Team > Would you please add "approve" link in the FAS2 Home page for "Todo queue"? > It takes too long to view any group (specially 'ambassadors' group > with over 300 members) and approve each request. > > Here is the screenshot > http://tchung.fedorapeople.org/FAS2/FAS2_todo_queue.png > A) we're going to make that page searchable and not showing all members all the time B) having an approve link on the front page is a good idea C) Probably wouldn't be a bad idea to include an approve / remove link in the email directly -Mike From tchung at fedoraproject.org Mon Mar 17 19:54:42 2008 From: tchung at fedoraproject.org (Thomas Chung) Date: Mon, 17 Mar 2008 12:54:42 -0700 Subject: FAS2 Home Page Feature Request In-Reply-To: References: <369bce3b0803171203y6cbd4984o17fcd7d51b6cd975@mail.gmail.com> Message-ID: <369bce3b0803171254j1e253a03t588c2b17ef0c5ead@mail.gmail.com> On Mon, Mar 17, 2008 at 12:48 PM, Mike McGrath wrote: > > C) Probably wouldn't be a bad idea to include an approve / remove link in > the email directly That's even better. :) Thank you Mike. -- Thomas Chung http://fedoraproject.org/wiki/ThomasChung From jonstanley at gmail.com Mon Mar 17 21:05:40 2008 From: jonstanley at gmail.com (Jon Stanley) Date: Mon, 17 Mar 2008 17:05:40 -0400 Subject: FAS2 Home Page Feature Request In-Reply-To: <369bce3b0803171203y6cbd4984o17fcd7d51b6cd975@mail.gmail.com> References: <369bce3b0803171203y6cbd4984o17fcd7d51b6cd975@mail.gmail.com> Message-ID: On Mon, Mar 17, 2008 at 3:03 PM, Thomas Chung wrote: > Hey Infrastructure Team > Would you please add "approve" link in the FAS2 Home page for "Todo queue"? > It takes too long to view any group (specially 'ambassadors' group > with over 300 members) and approve each request. I've got ya beat with fedorabugs with over 500 :). One thing that Ricky mentioned to me is that to approve someone, you can just go to https://admin.fedoraproject.org/accounts/group/sponsor/ambassadors/. That will still load the full page when it's done, but you avoid having to do it twice. From fluhmann at gmail.com Mon Mar 17 22:18:15 2008 From: fluhmann at gmail.com (Jeremy Fluhmann) Date: Mon, 17 Mar 2008 17:18:15 -0500 Subject: Introduction - Jeremy Fluhmann In-Reply-To: References: <7f7c2d5e0803162034of568d71g8692e43643f6d1f8@mail.gmail.com> Message-ID: <7f7c2d5e0803171518j71352a7at5211775428816f50@mail.gmail.com> On Mon, Mar 17, 2008 at 8:50 AM, Mike McGrath wrote: > On Sun, 16 Mar 2008, Jeremy Fluhmann wrote: > > > > > My background is mainly in developing web-based management tools. I'm a > > Perl guy, so all of my stuff thus far has been Perl (along with the > usual > > XHTML, CSS, and JavaScript). I've picked up a few Python books and have > > been wanting to take on a project to help make me learn Python. I've > been > > running Ubuntu on my $work desktop and laptop for a little over a year > and > > have previously worked with Fedora and Redhat systems at a previous job > > (developing web applications). I run a personal server at home and will > > likely be switching it over to Fedora. > > > > Welcom Jeremy, thanks for the introduction. We've had a lot of > introductions over the last week (such a good thing!) Unfortunately I've > been at pycon and am in training this week so I haven't been able to give > much attention to anyone yet. So for those of you that haven't really > heard from me feel free to stop by #fedora-admin and bug someone in there > for stuff to do. https://fedorahosted.org/fedora-infrastructure/ is also > a good place to start. > > Jeremy, how is your web design abilities? Do you have any work available > we can look at? > I'm not too creative when it comes to the "look" of the layout, but I can make it do what I need, usually. Most of what I've worked on is internal (how convenient, right?). If you have an OpenID, you can try my OpenID testing - http://www.fluhmann.org/openid_test.cgi. If you have something you'd like me to try and then show you, I could do that. You can take a look at the Open Source Symposium site ( http://www.texasoss.org/), but it uses a CSS template from Andreas Viklund. I took the template and created the rest of my site utilizing Template Toolkit with Perl. I 'do' have a page that's not linked anywhere on the site that I made to keep up with a few e-mail contacts. Feel free to add yours ;-) - http://www.texasoss.org/contacts.cgi. It uses XMLHttpRequest, JSON, and some DOM manipulation. Thanks, Jeremy -------------- next part -------------- An HTML attachment was scrubbed... URL: From mmcgrath at redhat.com Tue Mar 18 00:49:30 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Mon, 17 Mar 2008 19:49:30 -0500 (CDT) Subject: Infrastructure Survey Message-ID: For those of you that have a moment, please see this ticket: https://fedorahosted.org/fedora-infrastructure/ticket/451 And in order of importance, list which bits of Infrastructure are most important to you and your team. Please remove systems which are trivially important, not important at all or that you don't use / know about. If there's services you'd like to see more in Fedora, please note that in the ticket. Thank you. -Mike From stickster at gmail.com Tue Mar 18 12:19:55 2008 From: stickster at gmail.com (Paul W. Frields) Date: Tue, 18 Mar 2008 08:19:55 -0400 Subject: Asterisk and Town Hall meeting Message-ID: <1205842795.25162.58.camel@localhost.localdomain> The Fedora Board should be doing another "town hall" style meeting on Tuesday April 1. (No fooling.) In March we postponed plans until then to use Asterisk and Gstreamer to provide some sort of listening capability for community members. (1) How is that going? (2) Can we plan to use that solution for the April 1 meeting? (3) If not, how can we schedule so as not to crunch the team around the F9 release timetable? -- Paul W. Frields http://paul.frields.org/ gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233 5906 ACDB C937 BD11 3717 http://redhat.com/ - - - - http://pfrields.fedorapeople.org/ irc.freenode.net: stickster @ #fedora-docs, #fedora-devel, #fredlug -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From mmcgrath at redhat.com Tue Mar 18 13:42:27 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Tue, 18 Mar 2008 08:42:27 -0500 (CDT) Subject: Asterisk and Town Hall meeting In-Reply-To: <1205842795.25162.58.camel@localhost.localdomain> References: <1205842795.25162.58.camel@localhost.localdomain> Message-ID: On Tue, 18 Mar 2008, Paul W. Frields wrote: > The Fedora Board should be doing another "town hall" style meeting on > Tuesday April 1. (No fooling.) In March we postponed plans until then > to use Asterisk and Gstreamer to provide some sort of listening > capability for community members. > > (1) How is that going? Blocking on manpower, proof of concept seemed good though. > (2) Can we plan to use that solution for the April 1 meeting? Not likely > (3) If not, how can we schedule so as not to crunch the team around the > F9 release timetable? > Depends on how much of a priority it is. I can help get asterisk in better shape for the town hall style meetings but it will be at the expense of the wiki migration. jcollie is the main contact (volunteer) on that and $DAYJOB prevents him from working on it full time (as dayjobs will do :) Dennis, what say you about looking in to getting this up and going? I'm not sure what your schedule looks like. -Mike From mmcgrath at redhat.com Tue Mar 18 13:48:15 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Tue, 18 Mar 2008 08:48:15 -0500 (CDT) Subject: Asterisk and Town Hall meeting In-Reply-To: References: <1205842795.25162.58.camel@localhost.localdomain> Message-ID: On Tue, 18 Mar 2008, Mike McGrath wrote: > On Tue, 18 Mar 2008, Paul W. Frields wrote: > > > The Fedora Board should be doing another "town hall" style meeting on > > Tuesday April 1. (No fooling.) In March we postponed plans until then > > to use Asterisk and Gstreamer to provide some sort of listening > > capability for community members. > > > > (1) How is that going? > > Blocking on manpower, proof of concept seemed good though. > > > (2) Can we plan to use that solution for the April 1 meeting? > > Not likely > Side note about this, I really do have to stick a formal complaint to the board (not in an angry way or anything). I've heard 3 different things about this from 3 different people on the board related to the timetable. Can you guys file official tickets from now on? It just seems that things change from meeting to meeting (as they will) but then that information doesn't trickle back down to the Infrastructure team so we're not sure what is expected of us and I'm not a fan of that. -Mike From jaredsmith at jaredsmith.net Tue Mar 18 13:53:56 2008 From: jaredsmith at jaredsmith.net (Jared Smith) Date: Tue, 18 Mar 2008 09:53:56 -0400 Subject: Asterisk and Town Hall meeting In-Reply-To: References: <1205842795.25162.58.camel@localhost.localdomain> Message-ID: <1205848436.4732.8.camel@hockey.jaredsmith.net> On Tue, 2008-03-18 at 08:42 -0500, Mike McGrath wrote: > On Tue, 18 Mar 2008, Paul W. Frields wrote: > > > The Fedora Board should be doing another "town hall" style meeting on > > Tuesday April 1. (No fooling.) In March we postponed plans until then > > to use Asterisk and Gstreamer to provide some sort of listening > > capability for community members. > > > > (1) How is that going? > > Blocking on manpower, proof of concept seemed good though. I'm happy to help out with this where I can, but I don't want to step on jcollie's toes, as he's done an excellent job so far. > > (3) If not, how can we schedule so as not to crunch the team around the > > F9 release timetable? > > > > Depends on how much of a priority it is. I can help get asterisk in > better shape for the town hall style meetings but it will be at the > expense of the wiki migration. jcollie is the main contact (volunteer) > on that and $DAYJOB prevents him from working on it full time (as dayjobs > will do :) > > Dennis, what say you about looking in to getting this up and going? I'm > not sure what your schedule looks like. Is there a ticket listing the things that still need to be done? Are there parts I can help with? -Jared From mmcgrath at redhat.com Tue Mar 18 13:55:08 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Tue, 18 Mar 2008 08:55:08 -0500 (CDT) Subject: Asterisk and Town Hall meeting In-Reply-To: <1205848436.4732.8.camel@hockey.jaredsmith.net> References: <1205842795.25162.58.camel@localhost.localdomain> <1205848436.4732.8.camel@hockey.jaredsmith.net> Message-ID: On Tue, 18 Mar 2008, Jared Smith wrote: > On Tue, 2008-03-18 at 08:42 -0500, Mike McGrath wrote: > > On Tue, 18 Mar 2008, Paul W. Frields wrote: > > I'm happy to help out with this where I can, but I don't want to step on > jcollie's toes, as he's done an excellent job so far. > jcollie, what do you say? Want a partner in crime? > > > > Dennis, what say you about looking in to getting this up and going? I'm > > not sure what your schedule looks like. > > Is there a ticket listing the things that still need to be done? Are > there parts I can help with? > There isn't. The whole asterisk formal implementation has been blocking on the accounts system (which, now that its shipped, isn't really blocking anymore). Basically though we need to tie it into the account system (via a plug-in for FAS2), then get the stuff jcollie has been working on for the town hall style meeting. We're going to have 2 asterisk servers so a rebuild of the first one, after we get it all puppet managed, will also be a requirement. -Mike From skvidal at fedoraproject.org Tue Mar 18 14:12:14 2008 From: skvidal at fedoraproject.org (seth vidal) Date: Tue, 18 Mar 2008 10:12:14 -0400 Subject: Asterisk and Town Hall meeting In-Reply-To: References: <1205842795.25162.58.camel@localhost.localdomain> Message-ID: <1205849534.9100.3.camel@cutter> On Tue, 2008-03-18 at 08:48 -0500, Mike McGrath wrote: > On Tue, 18 Mar 2008, Mike McGrath wrote: > > > On Tue, 18 Mar 2008, Paul W. Frields wrote: > > > > > The Fedora Board should be doing another "town hall" style meeting on > > > Tuesday April 1. (No fooling.) In March we postponed plans until then > > > to use Asterisk and Gstreamer to provide some sort of listening > > > capability for community members. > > > > > > (1) How is that going? > > > > Blocking on manpower, proof of concept seemed good though. > > > > > (2) Can we plan to use that solution for the April 1 meeting? > > > > Not likely > > > > Side note about this, I really do have to stick a formal complaint to the > board (not in an angry way or anything). I've heard 3 different things > about this from 3 different people on the board related to the > timetable. Can you guys file official tickets from now on? It just seems > that things change from meeting to meeting (as they will) but then that > information doesn't trickle back down to the Infrastructure team so we're > not sure what is expected of us and I'm not a fan of that. agreed. We shall make sure there's a ticket and update it. sorry, -sv From Matt_Domsch at dell.com Tue Mar 18 15:41:04 2008 From: Matt_Domsch at dell.com (Matt Domsch) Date: Tue, 18 Mar 2008 10:41:04 -0500 Subject: ensuring an NFS dir mounted via puppet configs In-Reply-To: <20080317155228.GS1503@inocybe.teonanacatl.org> References: <20080317142646.GC14883@auslistsprd01.us.dell.com> <20080317155228.GS1503@inocybe.teonanacatl.org> Message-ID: <20080318154104.GA17645@auslistsprd01.us.dell.com> On Mon, Mar 17, 2008 at 11:52:28AM -0400, Todd Zullinger wrote: > Matt Domsch wrote: > > app4 needs to have /pub be NFS-mounted, for the mirrormanager crawler > > to work correctly. I fixed this now and restarted the crawler. > > > > How can we configure puppet to make sure the right entry in /etc/fstab > > is present, and that /pub is mounted? > > Something like this should work: > > mount { "/pub": > device => "nfshost:/path/to/pub", > fstype => "nfs", > ensure => "mounted", > options => "defaults", > atboot => true, > } > > That will add the entry to /etc/fstab is it's missing and mount the > filesystem if it's not mounted. > > See http://reductivelabs.com/trac/puppet/wiki/TypeReference#mount for > docs. Thanks, I added this, hopefully it'll work. :-) -- Matt Domsch Linux Technology Strategist, Dell Office of the CTO linux.dell.com & www.dell.com/linux From stickster at gmail.com Tue Mar 18 22:01:09 2008 From: stickster at gmail.com (Paul W. Frields) Date: Tue, 18 Mar 2008 22:01:09 +0000 Subject: Asterisk and Town Hall meeting In-Reply-To: <1205849534.9100.3.camel@cutter> References: <1205842795.25162.58.camel@localhost.localdomain> <1205849534.9100.3.camel@cutter> Message-ID: <1205877669.4206.103.camel@localhost.localdomain> On Tue, 2008-03-18 at 10:12 -0400, seth vidal wrote: > On Tue, 2008-03-18 at 08:48 -0500, Mike McGrath wrote: > > On Tue, 18 Mar 2008, Mike McGrath wrote: > > > > > On Tue, 18 Mar 2008, Paul W. Frields wrote: > > > > > > > The Fedora Board should be doing another "town hall" style meeting on > > > > Tuesday April 1. (No fooling.) In March we postponed plans until then > > > > to use Asterisk and Gstreamer to provide some sort of listening > > > > capability for community members. > > > > > > > > (1) How is that going? > > > > > > Blocking on manpower, proof of concept seemed good though. > > > > > > > (2) Can we plan to use that solution for the April 1 meeting? > > > > > > Not likely > > > > > > > Side note about this, I really do have to stick a formal complaint to the > > board (not in an angry way or anything). I've heard 3 different things > > about this from 3 different people on the board related to the > > timetable. Can you guys file official tickets from now on? It just seems > > that things change from meeting to meeting (as they will) but then that > > information doesn't trickle back down to the Infrastructure team so we're > > not sure what is expected of us and I'm not a fan of that. > > agreed. We shall make sure there's a ticket and update it. > > sorry, I see: https://hosted.fedoraproject.org/fedora-infrastructure/ticket/309 That seems to be related, but not explaining the need, so I filed: https://hosted.fedoraproject.org/fedora-infrastructure/ticket/453 I've marked it as a F10 milestone because (1) I don't want to block y'all's wiki work, and (2) I think we can live with IRC until whenever this gets done. Cc'ing the board list FYI only. -- Paul W. Frields http://paul.frields.org/ gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233 5906 ACDB C937 BD11 3717 http://redhat.com/ - - - - http://pfrields.fedorapeople.org/ irc.freenode.net: stickster @ #fedora-docs, #fedora-devel, #fredlug -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From skvidal at fedoraproject.org Wed Mar 19 02:20:36 2008 From: skvidal at fedoraproject.org (seth vidal) Date: Tue, 18 Mar 2008 22:20:36 -0400 Subject: Asterisk and Town Hall meeting In-Reply-To: <20080318221154.GB5383@domsch.com> References: <1205842795.25162.58.camel@localhost.localdomain> <1205849534.9100.3.camel@cutter> <1205877669.4206.103.camel@localhost.localdomain> <20080318221154.GB5383@domsch.com> Message-ID: <1205893236.9100.18.camel@cutter> On Tue, 2008-03-18 at 16:11 -0600, Matt Domsch wrote: > On Tue, Mar 18, 2008 at 10:01:09PM +0000, Paul W. Frields wrote: > > I see: > > https://hosted.fedoraproject.org/fedora-infrastructure/ticket/309 > > > > That seems to be related, but not explaining the need, so I filed: > > https://hosted.fedoraproject.org/fedora-infrastructure/ticket/453 > > > > I've marked it as a F10 milestone because (1) I don't want to block > > y'all's wiki work, and (2) I think we can live with IRC until whenever > > this gets done. > > > > Cc'ing the board list FYI only. > > Agreed. As Seth noted, there's a way to do SIP -> telephony concall > dialin, so if we really really wanted a voice town hall, we could > arrange that on a telephony concall system until a fully SIP method > was available. > sip:*tollfreenumberhere at fwd.pulver.com I use it every week. -sv From ankit at redhat.com Wed Mar 19 05:40:38 2008 From: ankit at redhat.com (Ankitkumar Rameshchandra Patel) Date: Wed, 19 Mar 2008 11:10:38 +0530 Subject: FAS2 Home Page Feature Request In-Reply-To: References: <369bce3b0803171203y6cbd4984o17fcd7d51b6cd975@mail.gmail.com> Message-ID: <47E0A756.6060708@redhat.com> Jon Stanley wrote: > On Mon, Mar 17, 2008 at 3:03 PM, Thomas Chung wrote: > >> Hey Infrastructure Team >> Would you please add "approve" link in the FAS2 Home page for "Todo queue"? >> It takes too long to view any group (specially 'ambassadors' group >> with over 300 members) and approve each request. >> > > I've got ya beat with fedorabugs with over 500 :). > > One thing that Ricky mentioned to me is that to approve someone, you > can just go to https://admin.fedoraproject.org/accounts/group/sponsor/ambassadors/. > That will still load the full page when it's done, but you avoid > having to do it twice. > When I did https://admin.fedoraproject.org/accounts/group/sponsor/cvsl10n/mattr , it gave me "You can't sponsor mattr" even though I got the administrator Role for the cvsl10n group...? -- Regards, Ankit Patel http://www.indianoss.org/ -------------- next part -------------- An HTML attachment was scrubbed... URL: From bneijt at gmail.com Wed Mar 19 15:55:35 2008 From: bneijt at gmail.com (Bram Neijt) Date: Wed, 19 Mar 2008 16:55:35 +0100 Subject: Metalink support In-Reply-To: <47DE7296.4050706@kanarip.com> References: <46c2f4ab0803111016i23d7b5ave0a90aa4116d2c85@mail.gmail.com> <20080312034631.GA15417@auslistsprd01.us.dell.com> <46c2f4ab0803140323g61a39dv4cc6f2d2f3cd2fb1@mail.gmail.com> <46c2f4ab0803150906w1a088a9p3264862f3380f770@mail.gmail.com> <20080317051415.GA21247@auslistsprd01.us.dell.com> <46c2f4ab0803170619k4956b5ayde3f4d3777f80a1a@mail.gmail.com> <47DE7296.4050706@kanarip.com> Message-ID: <46c2f4ab0803190855i3734abeapa9a1c4c14cf24a18@mail.gmail.com> Yes it sounds like a nice idea and adding the chunk checksums is nice, but I doubt anybody on this list would like those checksums to be calculated on any of the infrastructure machines at fedora. And although I could easily run a service that would generate metalinks for you guys, I doubt anybody would like to incorporate it in the official site. Because the SHA1 is already known on the mirror, the updates of metalinks can be done very quickly (a script would just do some text parsing and posting) and it would allow it to easily create metalinks and even keep them up to date (say weekly?). Another option is to patch MM, but I think you should also include the SHA1 so that would mean you would have to place file metadata in the database. If you are going to do that, it might be easier to run Bouncer and use the already existing patch for that. Simply put: would a solution which runs outside of MM be acceptable? Bram On Mon, Mar 17, 2008 at 2:31 PM, Jeroen van Meeuwen wrote: > Bram Neijt wrote: > > So would I, but for what I've seen the SHA1 information is not part of > > the mirrormanager database. > > > > For any "good" implementation of metalinks in the mirrormanager, I > > would at least want trustworthy SHA1 information in the database > > otherwise the only advantage of using metalinks would be load > > balancing on your mirrors (which is already mostly fixed with MM). > > > > So for the end user, there is not much to gain if metalinks is > > implemented in the mirrormanager. The only solution for the SHA1 > > information I could think of was to implement a script on the main > > mirror which hosts the SHA1 files, which would mean not running on the > > server with the MM database, which would mean not having direct access > > to that database. > > > > Parsing HTML is pretty stupid, I agree, but there is probably a much > > cleaner way of getting the mirror list (I havn't worked with turbo > > gears before, so I couldn't find a view of the list I would want). > > Something like fedora-test-data/mirror-hosts-core.txt would be much > > better. > > > > Rene is still working on the MM patch, but without the SHA1 > > information, I'm not really sure it would be _my_ ideal solution. > > > > Greets, > > Bram > > > > How about using: > > http://mirrors.fedoraproject.org/mirrorlist?path=pub/fedora/linux/releases/8/Fedora/i386/iso/Fedora-8-i386-DVD.iso > > instead of the HTML? > > Incorporating that in the .metalink, trusting Mirrormanager with > managing whether that file is actually the file that is supposed to be > there, and the metalink client doing a check-up on the chunks it has > downloads and see if they match? Creating a metalink would then consist of: > > - getting the iso > - verifying the sha1sum (so you don't start off on the wrong foot) > - creating chunks and their sha1sum for use in a .metalink file > - while/before the .metalink is being downloaded by a client, > incorporate the mirrormanager results and trust mirrormanager to return > the 1) right mirrors, 2) the right files, 3) the files with correct content. > - optionally allow the .metalink to be created on-the-fly with all > parameters mirrormanager has (&country=NL,DE,BE, but not &redirect=1) > > Does that sound like a good idea? > > Just my brain dump ;p > > Kind regards, > > Jeroen van Meeuwen > -kanarip > > > > _______________________________________________ > Fedora-infrastructure-list mailing list > Fedora-infrastructure-list at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list > From Matt_Domsch at dell.com Wed Mar 19 20:16:43 2008 From: Matt_Domsch at dell.com (Matt Domsch) Date: Wed, 19 Mar 2008 15:16:43 -0500 Subject: Metalink support In-Reply-To: <46c2f4ab0803190855i3734abeapa9a1c4c14cf24a18@mail.gmail.com> References: <46c2f4ab0803111016i23d7b5ave0a90aa4116d2c85@mail.gmail.com> <20080312034631.GA15417@auslistsprd01.us.dell.com> <46c2f4ab0803140323g61a39dv4cc6f2d2f3cd2fb1@mail.gmail.com> <46c2f4ab0803150906w1a088a9p3264862f3380f770@mail.gmail.com> <20080317051415.GA21247@auslistsprd01.us.dell.com> <46c2f4ab0803170619k4956b5ayde3f4d3777f80a1a@mail.gmail.com> <47DE7296.4050706@kanarip.com> <46c2f4ab0803190855i3734abeapa9a1c4c14cf24a18@mail.gmail.com> Message-ID: <20080319201643.GE18550@auslistsprd01.us.dell.com> On Wed, Mar 19, 2008 at 04:55:35PM +0100, Bram Neijt wrote: > Yes it sounds like a nice idea and adding the chunk checksums is nice, > but I doubt anybody on this list would like those checksums to be > calculated on any of the infrastructure machines at fedora. And > although I could easily run a service that would generate metalinks > for you guys, I doubt anybody would like to incorporate it in the > official site. no, you wouldn't want to re-generate the checksums. MM has several components that run on different servers. The main turbogears-driven web site, and various helper applications such as that generate the /publiclist/ web pages, run on a server that has the master mirror NFS-mounted ro at /pub, so reading files from the file system, especially small files like the SHA1SUM files, is easy. > Because the SHA1 is already known on the mirror, the updates of > metalinks can be done very quickly (a script would just do some text > parsing and posting) and it would allow it to easily create metalinks > and even keep them up to date (say weekly?). > > Another option is to patch MM, but I think you should also include the > SHA1 so that would mean you would have to place file metadata in the > database. If you are going to do that, it might be easier to run > Bouncer and use the already existing patch for that. > > Simply put: would a solution which runs outside of MM be acceptable? Depends what "outside of MM" means. If it's yet another helper script that can make use of the MM database and local file system available files, sure, that's fine. If it's "run outside of Fedora infrastructure, then copy the data to Fedora infrastructure", no. Right now, the MM database doesn't have a table listing all the files anywhere in the file system. Nor do I want it to grow that if it's avoidable. I'm not opposed to adding a table to map Directory, ISO filename, and checksums, but since we can read and parse the SHA1SUM files directly, I don't think we'd need to keep that data in the database too. -- Matt Domsch Linux Technology Strategist, Dell Office of the CTO linux.dell.com & www.dell.com/linux From stickster at gmail.com Thu Mar 20 12:36:13 2008 From: stickster at gmail.com (Paul W. Frields) Date: Thu, 20 Mar 2008 08:36:13 -0400 Subject: Release day planning call Message-ID: <1206016573.20598.9.camel@localhost.localdomain> To f-infrastructure-l denizens: The release day planning group is going to crash this party, and bring a little traffic here, since you guys are intimately involved with the release day efforts, and also have been very good about tracking what you want to fix the next time around. Hopefully our group can take a lesson from that and improve many of the other constituent parts of the release process. There's some notes available on Gobby as "release-day-planning.txt" where we scribbled notes. I'll post more from our meetings this week after our follow up later today; hopefully we'll have a better list of action items if needed. One surprise: Some of the attendees found it really useful to be able to say, "I need *X* earlier in the process," or, "It would be good if we had a few days' more time for " in an open forum with people who really know their part of the release process. In that sense, this was a little like a pre-F10 meeting, but there were plenty of areas we found that we can do for this cycle to make things come together nicely. Looking forward to talking to everyone today at noon! -- Paul W. Frields http://paul.frields.org/ gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233 5906 ACDB C937 BD11 3717 http://redhat.com/ - - - - http://pfrields.fedorapeople.org/ irc.freenode.net: stickster @ #fedora-docs, #fedora-devel, #fredlug -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From stickster at gmail.com Thu Mar 20 12:36:13 2008 From: stickster at gmail.com (Paul W. Frields) Date: Thu, 20 Mar 2008 08:36:13 -0400 Subject: Release day planning call Message-ID: <1206016573.20598.9.camel@localhost.localdomain> To f-infrastructure-l denizens: The release day planning group is going to crash this party, and bring a little traffic here, since you guys are intimately involved with the release day efforts, and also have been very good about tracking what you want to fix the next time around. Hopefully our group can take a lesson from that and improve many of the other constituent parts of the release process. There's some notes available on Gobby as "release-day-planning.txt" where we scribbled notes. I'll post more from our meetings this week after our follow up later today; hopefully we'll have a better list of action items if needed. One surprise: Some of the attendees found it really useful to be able to say, "I need *X* earlier in the process," or, "It would be good if we had a few days' more time for " in an open forum with people who really know their part of the release process. In that sense, this was a little like a pre-F10 meeting, but there were plenty of areas we found that we can do for this cycle to make things come together nicely. Looking forward to talking to everyone today at noon! -- Paul W. Frields http://paul.frields.org/ gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233 5906 ACDB C937 BD11 3717 http://redhat.com/ - - - - http://pfrields.fedorapeople.org/ irc.freenode.net: stickster @ #fedora-docs, #fedora-devel, #fredlug -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From mmcgrath at redhat.com Thu Mar 20 13:58:21 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Thu, 20 Mar 2008 08:58:21 -0500 (CDT) Subject: Release day planning call In-Reply-To: <1206016573.20598.9.camel@localhost.localdomain> References: <1206016573.20598.9.camel@localhost.localdomain> Message-ID: On Thu, 20 Mar 2008, Paul W. Frields wrote: > To f-infrastructure-l denizens: The release day planning group is going > to crash this party, and bring a little traffic here, since you guys are > intimately involved with the release day efforts, and also have been > very good about tracking what you want to fix the next time around. > Hopefully our group can take a lesson from that and improve many of the > other constituent parts of the release process. > > There's some notes available on Gobby as "release-day-planning.txt" > where we scribbled notes. I'll post more from our meetings this week > after our follow up later today; hopefully we'll have a better list of > action items if needed. > > One surprise: Some of the attendees found it really useful to be able to > say, "I need *X* earlier in the process," or, "It would be good if we > had a few days' more time for " in an open forum with > people who really know their part of the release process. In that > sense, this was a little like a pre-F10 meeting, but there were plenty > of areas we found that we can do for this cycle to make things come > together nicely. > > Looking forward to talking to everyone today at noon! > I won't be able to attend today as I'm in training all week, I've not heard for sure who from our team will be going though. Ping guys? who's going? -Mike From stickster at gmail.com Thu Mar 20 15:34:53 2008 From: stickster at gmail.com (Paul W. Frields) Date: Thu, 20 Mar 2008 11:34:53 -0400 Subject: Release day planning call In-Reply-To: References: <1206016573.20598.9.camel@localhost.localdomain> Message-ID: <1206027293.27516.77.camel@localhost.localdomain> On Thu, 2008-03-20 at 08:58 -0500, Mike McGrath wrote: > On Thu, 20 Mar 2008, Paul W. Frields wrote: > > > To f-infrastructure-l denizens: The release day planning group is going > > to crash this party, and bring a little traffic here, since you guys are > > intimately involved with the release day efforts, and also have been > > very good about tracking what you want to fix the next time around. > > Hopefully our group can take a lesson from that and improve many of the > > other constituent parts of the release process. > > > > There's some notes available on Gobby as "release-day-planning.txt" > > where we scribbled notes. I'll post more from our meetings this week > > after our follow up later today; hopefully we'll have a better list of > > action items if needed. > > > > One surprise: Some of the attendees found it really useful to be able to > > say, "I need *X* earlier in the process," or, "It would be good if we > > had a few days' more time for " in an open forum with > > people who really know their part of the release process. In that > > sense, this was a little like a pre-F10 meeting, but there were plenty > > of areas we found that we can do for this cycle to make things come > > together nicely. > > > > Looking forward to talking to everyone today at noon! > > > > I won't be able to attend today as I'm in training all week, I've not > heard for sure who from our team will be going though. Ping guys? who's > going? Ricky was on the call yesterday. I believe he said he'd be able to do at least part of it again today. You guys probably have your act together more than the rest of us, and I used some of your threads from f-a-b in the past as background. Yay Infrastructure! -- Paul W. Frields http://paul.frields.org/ gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233 5906 ACDB C937 BD11 3717 http://redhat.com/ - - - - http://pfrields.fedorapeople.org/ irc.freenode.net: stickster @ #fedora-docs, #fedora-devel, #fredlug -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From skvidal at fedoraproject.org Thu Mar 20 15:34:53 2008 From: skvidal at fedoraproject.org (seth vidal) Date: Thu, 20 Mar 2008 11:34:53 -0400 Subject: Release day planning call In-Reply-To: <1206027293.27516.77.camel@localhost.localdomain> References: <1206016573.20598.9.camel@localhost.localdomain> <1206027293.27516.77.camel@localhost.localdomain> Message-ID: <1206027293.9100.58.camel@cutter> On Thu, 2008-03-20 at 11:34 -0400, Paul W. Frields wrote: > On Thu, 2008-03-20 at 08:58 -0500, Mike McGrath wrote: > > On Thu, 20 Mar 2008, Paul W. Frields wrote: > > > > > To f-infrastructure-l denizens: The release day planning group is going > > > to crash this party, and bring a little traffic here, since you guys are > > > intimately involved with the release day efforts, and also have been > > > very good about tracking what you want to fix the next time around. > > > Hopefully our group can take a lesson from that and improve many of the > > > other constituent parts of the release process. > > > > > > There's some notes available on Gobby as "release-day-planning.txt" > > > where we scribbled notes. I'll post more from our meetings this week > > > after our follow up later today; hopefully we'll have a better list of > > > action items if needed. > > > > > > One surprise: Some of the attendees found it really useful to be able to > > > say, "I need *X* earlier in the process," or, "It would be good if we > > > had a few days' more time for " in an open forum with > > > people who really know their part of the release process. In that > > > sense, this was a little like a pre-F10 meeting, but there were plenty > > > of areas we found that we can do for this cycle to make things come > > > together nicely. > > > > > > Looking forward to talking to everyone today at noon! > > > > > > > I won't be able to attend today as I'm in training all week, I've not > > heard for sure who from our team will be going though. Ping guys? who's > > going? > > Ricky was on the call yesterday. I believe he said he'd be able to do > at least part of it again today. You guys probably have your act > together more than the rest of us, and I used some of your threads from > f-a-b in the past as background. Yay Infrastructure! I was there yesterday, too. I'll be there today, too. I believe. -sv From stickster at gmail.com Thu Mar 20 20:11:00 2008 From: stickster at gmail.com (Paul W. Frields) Date: Thu, 20 Mar 2008 16:11:00 -0400 Subject: Release day planning call In-Reply-To: <1206027293.9100.58.camel@cutter> References: <1206016573.20598.9.camel@localhost.localdomain> <1206027293.27516.77.camel@localhost.localdomain> <1206027293.9100.58.camel@cutter> Message-ID: <1206043860.27516.162.camel@localhost.localdomain> On Thu, 2008-03-20 at 11:34 -0400, seth vidal wrote: > On Thu, 2008-03-20 at 11:34 -0400, Paul W. Frields wrote: > > On Thu, 2008-03-20 at 08:58 -0500, Mike McGrath wrote: > > > On Thu, 20 Mar 2008, Paul W. Frields wrote: > > > > > > > To f-infrastructure-l denizens: The release day planning group is going > > > > to crash this party, and bring a little traffic here, since you guys are > > > > intimately involved with the release day efforts, and also have been > > > > very good about tracking what you want to fix the next time around. > > > > Hopefully our group can take a lesson from that and improve many of the > > > > other constituent parts of the release process. > > > > > > > > There's some notes available on Gobby as "release-day-planning.txt" > > > > where we scribbled notes. I'll post more from our meetings this week > > > > after our follow up later today; hopefully we'll have a better list of > > > > action items if needed. > > > > > > > > One surprise: Some of the attendees found it really useful to be able to > > > > say, "I need *X* earlier in the process," or, "It would be good if we > > > > had a few days' more time for " in an open forum with > > > > people who really know their part of the release process. In that > > > > sense, this was a little like a pre-F10 meeting, but there were plenty > > > > of areas we found that we can do for this cycle to make things come > > > > together nicely. > > > > > > > > Looking forward to talking to everyone today at noon! > > > > > > > > > > I won't be able to attend today as I'm in training all week, I've not > > > heard for sure who from our team will be going though. Ping guys? who's > > > going? > > > > Ricky was on the call yesterday. I believe he said he'd be able to do > > at least part of it again today. You guys probably have your act > > together more than the rest of us, and I used some of your threads from > > f-a-b in the past as background. Yay Infrastructure! > > I was there yesterday, too. I'll be there today, too. I believe. No snub intended! I just didn't catch on you were there yesterday; I just amended the notes to reflect your splendid presence. ;-) -- Paul W. Frields http://paul.frields.org/ gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233 5906 ACDB C937 BD11 3717 http://redhat.com/ - - - - http://pfrields.fedorapeople.org/ irc.freenode.net: stickster @ #fedora-docs, #fedora-devel, #fredlug -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From jeff at ocjtech.us Thu Mar 20 20:17:20 2008 From: jeff at ocjtech.us (Jeffrey Ollie) Date: Thu, 20 Mar 2008 15:17:20 -0500 Subject: Asterisk and Town Hall meeting In-Reply-To: <1205842795.25162.58.camel@localhost.localdomain> References: <1205842795.25162.58.camel@localhost.localdomain> Message-ID: <935ead450803201317m2648c61ap6c054c546fb8dc68@mail.gmail.com> On 3/18/08, Paul W. Frields wrote: > The Fedora Board should be doing another "town hall" style meeting on > Tuesday April 1. (No fooling.) In March we postponed plans until then > to use Asterisk and Gstreamer to provide some sort of listening > capability for community members. > > (1) How is that going? There's been a little work done since my PoC. Right now the big tasks are: 1) Getting FAS2 and Asterisk hooked up. I've started some work on that and am waiting for some feedback from Ricky, Toshio, and Mike. 2) Getting a IRC bot set up so that people can control the streaming. Again, I've started some work in this area but nothing's ready yet. > (2) Can we plan to use that solution for the April 1 meeting? I wouldn't count on it. I'd prefer to have some smaller-scale tests/demonstrations scheduled to work the kinks out before a full-scale town meeting. It'd also be nice to get flumotion set up so that we can live webcast the next fudcon. > (3) If not, how can we schedule so as not to crunch the team around the > F9 release timetable? jsmith and myself aren't that involved with the F9 release, so that shouldn't be a problem. Jeff From stickster at gmail.com Thu Mar 20 21:16:07 2008 From: stickster at gmail.com (Paul W. Frields) Date: Thu, 20 Mar 2008 21:16:07 +0000 Subject: Asterisk and Town Hall meeting In-Reply-To: <935ead450803201317m2648c61ap6c054c546fb8dc68@mail.gmail.com> References: <1205842795.25162.58.camel@localhost.localdomain> <935ead450803201317m2648c61ap6c054c546fb8dc68@mail.gmail.com> Message-ID: <1206047767.27516.196.camel@localhost.localdomain> On Thu, 2008-03-20 at 15:17 -0500, Jeffrey Ollie wrote: > On 3/18/08, Paul W. Frields wrote: > > The Fedora Board should be doing another "town hall" style meeting on > > Tuesday April 1. (No fooling.) In March we postponed plans until then > > to use Asterisk and Gstreamer to provide some sort of listening > > capability for community members. > > > > (1) How is that going? > > There's been a little work done since my PoC. Right now the big tasks are: > > 1) Getting FAS2 and Asterisk hooked up. I've started some work on > that and am waiting for some feedback from Ricky, Toshio, and Mike. > > 2) Getting a IRC bot set up so that people can control the streaming. > Again, I've started some work in this area but nothing's ready yet. > > > (2) Can we plan to use that solution for the April 1 meeting? > > I wouldn't count on it. I'd prefer to have some smaller-scale > tests/demonstrations scheduled to work the kinks out before a > full-scale town meeting. It'd also be nice to get flumotion set up so > that we can live webcast the next fudcon. > > > (3) If not, how can we schedule so as not to crunch the team around the > > F9 release timetable? > > jsmith and myself aren't that involved with the F9 release, so that > shouldn't be a problem. Jeff, thanks for the update. There's a ticket on this issue, into which I'll paste a link to this message. I've advised FAB that we should probably plan on IRC meetings for the near term. I'll revisit this post-F9 just to see if there's a timetable at that point. -- Paul W. Frields http://paul.frields.org/ gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233 5906 ACDB C937 BD11 3717 http://redhat.com/ - - - - http://pfrields.fedorapeople.org/ irc.freenode.net: stickster @ #fedora-docs, #fedora-devel, #fredlug -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From ricky at fedoraproject.org Thu Mar 20 21:21:42 2008 From: ricky at fedoraproject.org (Ricky Zhou) Date: Thu, 20 Mar 2008 17:21:42 -0400 Subject: Meeting Log - 2008-03-20 Message-ID: <20080320212142.GC1382@Max.nyc1.dsl.speakeasy.net> 16:04 < dgilmore> Hey all Infra Meeting 16:04 -!- dgilmore changed the topic of #fedora-meeting to: Fedora Infrastructure meeting 16:05 -!- jfluhmann [n=jfluhman at x170y234.angelo.edu] has joined #fedora-meeting 16:05 < dgilmore> ping ricky, skvidal, f13, Wakko666, jima, iWolf, anyone else i forgot 16:05 < skvidal> pong 16:05 * iWolf is here 16:05 < gkrpan> <- here 16:05 * Wakko666 waves. 16:06 < dgilmore> https://fedorahosted.org/fedora-infrastructure/query?status=new&status=assigned&status=reopened&group=milestone&keywords=~Meeting&order=priority 16:06 < dgilmore> meeting items 16:06 < dgilmore> .ticket 395 16:06 < zodbot> dgilmore: #395 (Audio Streaming of Fedora Board Conference Calls) - Fedora Infrastructure - Trac - https://fedorahosted.org/projects/fedora-infrastructure/ticket/395 16:07 < dgilmore> jcollie: how much work do you think is involved here? 16:07 < jcollie> hmm 16:07 < dgilmore> its not something thats critical to get done 16:07 < jcollie> once we get FAS2/Asterisk integrated, then we need to get a bot set up to control things 16:07 < dgilmore> but something we need to keep in mind 16:08 * f13 16:08 * mdomsch is here 16:08 -!- rharrison [n=rharriso at nat/cisco/x-c2500f1acaecb55c] has left #fedora-meeting ["Leaving"] 16:08 < jcollie> maybe 10-16 hours of someone's time... dunno... i'm not good at estimating that 16:08 < dgilmore> if anyone wants to help this would be a nice place to do some things 16:09 < dgilmore> jcollie: we are thinking of a module for SupyBot allowing people to book and control rooms right? 16:09 < jcollie> yes 16:09 < jcollie> i've got a prototype started 16:09 < dgilmore> so it would intrface with asterisks manager api 16:09 < dgilmore> :) 16:09 < jcollie> yes 16:10 < jcollie> it's called ursabot but it doesn't join any channels yet 16:10 -!- bpepple|lt [n=bpepple|@adsl-69-214-168-157.dsl.wotnoh.ameritech.net] has joined #fedora-meeting 16:10 < dgilmore> :) 16:10 < jcollie> the code is in my asterisk1 home dir if anyone wants to take a look 16:10 < dgilmore> i might try poke at it 16:10 < dgilmore> so lets move on 16:11 < dgilmore> .ticket 398 16:11 < zodbot> dgilmore: #398 (elfutils `monotone' (mtn) error) - Fedora Infrastructure - Trac - https://fedorahosted.org/projects/fedora-infrastructure/ticket/398 16:11 < dgilmore> so what to do here 16:11 -!- stickster_mtg is now known as stickster 16:11 < jcollie> i say we block any new monotone repos until the anonymous access issues get sorted out upstream 16:12 < jcollie> for now you can rsync the elfutils repo anonymously iirc 16:12 < f13> jcollie: do e really have other monotone users? 16:12 < jcollie> f13: not that i know of 16:12 < jcollie> so it may never become an issue 16:13 * jfluhmann is here 16:13 < f13> yeah 16:13 < f13> I don't expect them to be knocking down our door 16:13 < dgilmore> we probably should have insisted roland changed RCS 16:14 < dgilmore> but anyway not much eles here for now 16:14 < dgilmore> .ticket 446 16:14 < zodbot> dgilmore: #446 (Possibility to add external links on spins page) - Fedora Infrastructure - Trac - https://fedorahosted.org/projects/fedora-infrastructure/ticket/446 16:14 < dgilmore> no one owns this 16:15 < dgilmore> im somewhat against it 16:15 < dgilmore> but then again i also told mether that he should find local hosting for localised spins 16:15 < mether> unfortunately that is easier said that done 16:16 < dgilmore> I can see the want to put localised spins links somewhere 16:16 < iWolf> the concern is that we can't be certain of the validity of the spins if we post external links? i.e. it falls outside our circle of trust? 16:16 * jwb perks up 16:17 < dgilmore> but perhaps we could link to a wiki page that has all the laocalised torrents on it 16:17 < jwb> if something changes with the localized spins please let me know 16:17 < dgilmore> iWolf: somewhat yes 16:17 < dgilmore> jwb: in what way? 16:17 < jwb> as in, if they are going to get hosted at spins.fp.o 16:17 < Wakko666> i seem to remember mmcgrath mentioning the need for board involvement on this. i don't remember the details, though. 16:17 < jwb> i'm not producing anymore localized spins at the moment 16:18 < dgilmore> jwb: why not 16:18 < dgilmore> i thought we were hosting some 16:18 < mdomsch> +1 to wiki page listing them 16:18 < dgilmore> fedora-fr.org has a french spin they are self hosting 16:18 < jwb> we have 1 hosted now. that was before the spins issue was brought up to the board 16:19 < jwb> yes, i know 16:19 < mdomsch> +1 to spins.fp.o linking to the wiki page 16:19 < dgilmore> mdomsch: I think that should be ok 16:19 -!- abadger1999 [n=abadger1 at conference/pycon/x-7bf2f16291e110e7] has joined #fedora-meeting 16:19 -!- jmn [n=jmn at nat/redhat/x-ca09133ba144853c] has quit "Leaving." 16:20 < dgilmore> mdomsch: then we have have a disclaimer that the spinds are generated by local community people 16:20 < mdomsch> yep 16:20 < jwb> dgilmore, essentially we need agreement from Infrastructure, Rel-Eng, and the Board on how to handle spins before it's really going to go further 16:20 < jwb> spins hosted on spins.fp.o that is 16:20 < dgilmore> jwb: fair enough 16:20 < dgilmore> ok not much else here 16:20 < dgilmore> we have the three meeting items 16:20 < dgilmore> so Floor open 16:21 < f13> I wanted ot bring some thing up 16:21 < dgilmore> f13: shoot 16:21 < f13> I want to make infrastructure aware that I'm preparing a FESCo proposal on bringin the Jpackage team into our infrastructure, a la OLPC 16:21 < jcollie> that'd be cool 16:21 < f13> they have a need for good infrastructure, and we have a need for a closer and easier relationship with jpackage. 16:22 < f13> bringing them into our infrastructure accomlishes both of these needs, and opens up the door to many other benifits 16:22 < jcollie> would they still be able to do the nosrc rpms of the non-free bits? 16:22 < dgilmore> f13: i think its a great thing 16:23 < jwb> doesn't jpackage do non-free stuff? 16:23 < dgilmore> f13: however we really need that blade center installed first i think 16:23 < f13> the need for nosrc stuff goes out the door with openjdk 16:23 < dgilmore> jcollie: they would have to go. or be done outside of fedora 16:23 < f13> and they wouldn't be allowed to bring it into our infrastrucutre, adn they know that 16:23 < jwb> who's going to sponsor them? 16:23 < f13> dgilmore: we may need a number of things first, and that will be accounted in my proposal. 16:24 < f13> we don't need to accomplish this tomorrow, it can be a gradual thing. 16:24 < jwb> sorry, that's a FESCo question i gues 16:24 < dgilmore> f13: also we need more disk for cvs-int 16:24 < jwb> s 16:24 < f13> jcollie: I want to mentor a few of jpackage folks and get them setup as sponsors 16:24 < dgilmore> f13: that seems sane 16:24 < f13> dgilmore: or we need to actually prune lookaside cache. 16:24 < dgilmore> f13: i think we have always said we cant do that 16:25 < f13> which I call BS on, but *shrug* 16:25 < jcollie> could we just move the lookaside cache to a separate system? 16:25 < f13> anywho, I just want to make you guys aware that this is coming so that you aren't blindsided 16:25 < dgilmore> f13: as long as well can still retrive the source. then i guess its ok 16:25 < f13> the proposal will have language in it that it predicates upon Infrastructure being able to fulfill the need 16:26 < f13> dgilmore: we only need the source for the things we are still offering binaries for. 16:26 < jwb> i'm still confused 16:27 < f13> we may even be able to get them to donate some time/money/material to the Infrastructure cause. 16:27 < f13> jwb: how can I clarify? 16:27 < jwb> do OLPC have some other setup where their packages don't follow the fedora review process? 16:28 < dgilmore> f13: that is completely different to what mdomsch is trying to do with being able to recreate srpms 16:28 < jwb> or are they treated as "normal" packages, with a special OLPC branch? 16:28 < f13> jwb: no, the OLPC packages in the Fedora infrastructure have to follow our guidelines. 16:28 < dgilmore> jwb: they do and its not buit in Fedora 16:28 < f13> jwb: normal packages with olpc branch. Some don't have Fedora branches. 16:28 < f13> some do. 16:28 < jwb> so why wouldn't we just get all the jpackage packages into fedora? 16:28 < dgilmore> jwb: anything in fedora cvs must meet fedora guidelines 16:28 -!- kital [n=Joerg_Si at fedora/kital] has joined #fedora-meeting 16:29 < f13> dgilmore: not extremely. For that case, we only need to be able to recreate them of a certain age. Also, we can move the cruft to an archive box and not on our production scm instance clogging up resources. 16:29 < f13> but this is talk for another time. 16:29 < dgilmore> jwb: for there noarch packages that are useable on all distros i assume 16:29 < f13> jwb: because jpackage provides cross-distro builds of the packages at a different schedule than Fedora 16:29 < mdomsch> +1 to "archive box" 16:29 < mdomsch> there's a lot of stuff we'd like to hang onto, but not necessarily keep super-live... 16:29 < f13> jwb: Fedora and RHEL aren't the only jpackage consumers. 16:30 < jwb> so now we're turning into rPath? 16:30 < f13> no, we're providing an opensource development lab and compelling infrastructure for interesting opensource projects 16:30 < f13> jwb: they would be doing builds from their branch through our buildsystem, and then releasing them however they see fit 16:30 * jwb saves the rest for FESCo 16:31 < f13> jwb: but it'll be come much easier to get their updates into Fedora builds and vice versa. 16:31 < f13> jwb: I'd be happy to chat with you about it at any time. 16:31 < jwb> yeah, i might take you up on that 16:32 < mdomsch> as infrastructure team, I want to be careful about overcommitting and under-delivering 16:32 < mdomsch> but where we can offer assistance 16:32 < jwb> what he said 16:32 < mdomsch> I'd like to see us do so 16:32 < f13> nod 16:32 < jwb> we're at odds with other goals a bit i think 16:32 < mdomsch> and if we can get some resources from JPackage to help cover their needs plus a bit, great 16:33 < jwb> hm, not goals. intiatives 16:33 < mdomsch> f13, please include in your proposal to FESCo the resource estimates 16:33 < f13> mdomsch: I will be working on those next week. 16:33 < mdomsch> presuming JPackage has some 16:34 < f13> well, right now they have a box, with mock running on it 16:34 < f13> I think that's about it (: 16:34 < f13> but a good friend of mine was working on getting them more resources and a better buildsystem. I've kind of usurped that, so we might be able to get him to direct some of those donations our way 16:34 < f13> which don't help much when we don't have any frelling place to /put/ them :/ 16:36 < mdomsch> next topic? 16:36 < mdomsch> beta release on Tuesday, bits flowing to mirrors now 16:37 < dgilmore> mdomsch: :) 16:37 < dgilmore> f13: want to give a report on how the beta bits are flowing 16:37 < dgilmore> 'and how the changes have helped 16:38 < mdomsch> dgilmore, you mean reversing the streams 16:38 < mdomsch> ? 16:39 < f13> gaining control over the netapp has been invaluable 16:39 < f13> probably saved a good 3 to 5 days worth of delay this time around 16:39 < f13> mdomsch: do we have any idea how many mirrors have gotten the bits, or are getting the bits? 16:39 < dgilmore> mdomsch: yes, and us pushing bits rather than RH IS 16:39 -!- rdieter is now known as rdieter_away 16:40 < mdomsch> f13, not yet 16:40 < mdomsch> we'll know more tomorrow 16:40 < mdomsch> MM hasn't picked up the fact that the dir is open yet 16:40 < f13> k 16:40 < f13> I don't have access to a mirror to verify that the bits are open though. 16:40 < mdomsch> i do, and they are 16:41 < dgilmore> :) 16:41 < mdomsch> receiving file list ... done 16:41 < mdomsch> drwxr-x--- 4096 2008/03/19 16:52:18 9-Beta 16:41 < mdomsch> -rw-r--r-- 718 2008/03/17 10:31:50 9-Beta/.composeinfo 16:41 < mdomsch> drwxr-xr-x 4096 2008/03/19 16:50:46 9-Beta/Fedora 16:41 < mdomsch> ... 16:41 < dgilmore> ok anything else ? 16:42 < mdomsch> f13, are you going to do the .9-Beta hidden dir trick again in the future? 16:42 < mdomsch> that confused MM a bit 16:42 < mdomsch> because it can see .foo directories just fine 16:42 < f13> mdomsch: I don't have to, I could name it the final location and just ensure permissions are right. 16:42 < mdomsch> and thought the version was literally ".9-Beta" 16:42 < mdomsch> ok, please do the latter then 16:42 < f13> I wasn't going to leave it unlocked with a . in the name 16:43 < f13> but until I could ensure the permissions were doing what I hoped they would do I didn't want it obviously available to the world. 16:43 < mdomsch> sure 16:43 < f13> (having shell access to a mirror would help with this kind of thing) 16:43 < jwb> sekret 16:43 < mdomsch> f13, np, send ftp+fedora at redhat.com the IP of a box you want to claim as a rel-eng mirror 16:43 < mdomsch> and just rsync -va ... but with no dest, so all you get is the file listing :-) 16:44 < f13> mdomsch: good point, I should do that. 16:44 < mdomsch> sbathe isn't online atm 16:44 < mdomsch> she'll do it no problem 16:45 < mdomsch> ok, I"m out for the weekend - goodbye and good luck 16:45 -!- mdomsch [n=mdomsch at 70.124.62.55] has quit "Leaving" 16:45 < dgilmore> all right guys thanks very much 16:45 < f13> later. 16:45 -!- rdieter_away [n=rdieter at sting.unl.edu] has quit Read error: 104 (Connection reset by peer) 16:45 < dgilmore> wrapping up in 60 unless someone has something else to add 16:46 < dgilmore> 30 16:46 < dgilmore> 15 16:46 < dgilmore> done -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From roland at redhat.com Fri Mar 21 03:11:47 2008 From: roland at redhat.com (Roland McGrath) Date: Thu, 20 Mar 2008 20:11:47 -0700 (PDT) Subject: hello Message-ID: <20080321031147.0C11126F9A7@magilla.localdomain> Hi folks. I've joined the list and will apply for membership in sysadmin and sysadmin-hosted groups. I mostly want to hack on cobbling the mtn support into shape, and it seems easier to have access than to just keep bugging Mike all the time (no relation, by the way :-). I can't promise time to attend any scheduled meetings, and I don't have much spare time to work on worthy stuff in general. But if I have access, I will tend to fix random broken things in the middle of the night or weekend when I notice them rather than complain and wait til morning or Monday, and You Can Trust Me. I claim zero facility with web hooey implementation. Other than that, I can usually help fix or whip up scripts and whatnot in whatever language, and know plenty of random sysadminy crapola and arcane unixism that is occasionally useful. Thanks, Roland From Roberto.Quagliozzi at edftrading.com Fri Mar 21 04:00:51 2008 From: Roberto.Quagliozzi at edftrading.com (Roberto.Quagliozzi at edftrading.com) Date: Fri, 21 Mar 2008 04:00:51 +0000 Subject: I'm not here! Message-ID: I will be out of the office starting 21/03/2008 and will not return until 07/04/2008. I will only be checking my email sporadically during this period, if you have anything urgent, please call the helpdesk on x4999. ********************************************************************* This communication contains confidential information, some or all of which may be privileged. It is for the intended recipient only and others must not disclose, distribute, copy, print or rely on this communication. If an addressing or transmission error has misdirected this communication, please notify the sender by replying to this e-mail and then delete the e-mail. E-mail sent to EDF Trading may be monitored by the company. Thank you. EDF Trading Limited 80 Victoria Street, 3rd Floor, Cardinal Place, London, SW1E 5JL A Company registered in England No. 4255974. Switchboard: 020 7061 4000 EDF Trading Markets Limited is a member of the EDF Trading Limited Group and is authorised and regulated by the Financial Services Authority. VAT number: GB 735 5479 07 ********************************************************************* From stickster at gmail.com Fri Mar 21 16:23:58 2008 From: stickster at gmail.com (Paul W. Frields) Date: Fri, 21 Mar 2008 12:23:58 -0400 Subject: Release Day planning and notes Message-ID: <1206116638.23431.21.camel@localhost.localdomain> There's an overall page I've been using for capturing info about this effort. It probably deserves to be moved at some point after we solidify our efforts a little more. http://fedoraproject.org/wiki/PaulWFrields/ReleaseDay ?I took a snapshot of the notes we worked on in Gobby and captured them here: http://fedoraproject.org/wiki/PaulWFrields/ReleaseDay/Notes/20080319-20 I tried to be diligent about capturing action items but feel free to help scootch things around where they make sense. If we can capture all the action items for this over the next couple days, we can schedule a followup for a convenient date. -- Paul W. Frields http://paul.frields.org/ gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233 5906 ACDB C937 BD11 3717 http://redhat.com/ - - - - http://pfrields.fedorapeople.org/ irc.freenode.net: stickster @ #fedora-docs, #fedora-devel, #fredlug -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From mmcgrath at redhat.com Fri Mar 21 17:19:50 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Fri, 21 Mar 2008 12:19:50 -0500 (CDT) Subject: hello In-Reply-To: <20080321031147.0C11126F9A7@magilla.localdomain> References: <20080321031147.0C11126F9A7@magilla.localdomain> Message-ID: On Thu, 20 Mar 2008, Roland McGrath wrote: > Hi folks. I've joined the list and will apply for membership in sysadmin > and sysadmin-hosted groups. I mostly want to hack on cobbling the mtn > support into shape, and it seems easier to have access than to just keep > bugging Mike all the time (no relation, by the way :-). > > I can't promise time to attend any scheduled meetings, and I don't have > much spare time to work on worthy stuff in general. But if I have access, > I will tend to fix random broken things in the middle of the night or > weekend when I notice them rather than complain and wait til morning or > Monday, and You Can Trust Me. > > I claim zero facility with web hooey implementation. Other than that, I > can usually help fix or whip up scripts and whatnot in whatever language, > and know plenty of random sysadminy crapola and arcane unixism that is > occasionally useful. > Welcome Roland, its always nice to have another hosted admin around. Especially one that understands mtn so we'll give it a go. Make sure you're familiar with our: http://fedoraproject.org/wiki/Infrastructure/SOP/ Section, its mostly just so we don't step over eachothers toes but if you find something that needs to be added / changed. Please add it. Stop by #fedora-admin sometime early next week and I'll give you a quick look at how our hosted boxes are setup, puppet, etc. -Mike From mmcgrath at redhat.com Sat Mar 22 16:17:13 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Sat, 22 Mar 2008 11:17:13 -0500 (CDT) Subject: Outages and Koji Message-ID: We just had the longest buildsys outage we've had since I started (not happy). But the good news is we have lots of options to make sure this particular issue doesn't happen again. The problem: Is sort of a 3 fold issue. 1) NFS is running on the xen dom0 (will be fixed next week) 2) nfs lock is hanging and disallowing our clients to lock files 3) When it gets in this state a restart of nslock won't fix the problem, the port stays open so we have to restart the host. There's not much we can do about 2 or 3 except rely on upstream to fix the problem. Seth suggested that when we fix 1) we make it a RHEL4 box. I think this is probably the best solution. I'm also looking at other solutions for some of our other applications. Our environment isn't in terrible shape but I think it could be better. I'm looking at some different tools that might make things easier on us. I think our environment is ok but there's some apps that don't need to be load balanced, just more HA. And sometimes those apps are getting beaten up by apps that do need to be properly load balanced. I'm going to go through and see what some of our options are and I encourage those familiar with our environment to do the same. Some of our apps certainly need work (smolt especially) but I think there are things we can do as infrastructure members to mitigate risks and ensure we're seeing fewer outages. -Mike From mmcgrath at redhat.com Mon Mar 24 00:48:46 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Sun, 23 Mar 2008 19:48:46 -0500 (CDT) Subject: app2 rebuild Message-ID: hey guys, I'm going to rebuild app2 and stick some of our tg apps on there. Seth brought up an excellent point earlier in that our tg apps aren't really using any x86_64 code but the python objects they create can be 2-3x larger in memory. Since most of our performance issues with these apps is memory bloat (and ultimate swap) I'm going to build it as an i686 box. After a week or two we can compare memory footprints. I'd really like to get some benchmarks done to have some actual data to compare to but I just don't think I'll have time for it (if someone else wants to though I'd greatly appreciate it) I'm going to add app2 to the farm with some of our apps like smolt, mirrormanager and pkgdb. Then compare memory footprints after a week or so. Also, the last thing blocking us from app3 is getting mediawiki in EL-5 or in the infrastructure repo. If someone wants to get together and verify that the newest mediawiki in Fedora will build in EL-5 I'd greatly appreciate it (don't forget about the deps). -Mike From nicu_fedora at nicubunu.ro Mon Mar 24 11:32:01 2008 From: nicu_fedora at nicubunu.ro (Nicu Buculei) Date: Mon, 24 Mar 2008 13:32:01 +0200 Subject: FAS2: group membership policies Message-ID: <47E79131.1000301@nicubunu.ro> In the Art group we decided to enforce a set of rules (nothing special, a mailing list introduction and maybe a small task completion) for granting group membership to unknown people (I believe it is the same number for any other group: an important number of join requests from unknown people). For the time being I sent manually emails with a short introduction and an invitation to join the mailing list, but I wonder if there is a place in FAS2 (I believe there isn't but would be useful) where a group can write the membership rules and when someone wants to join the rules are presented in a friendly way. Somewhat unrelated: in the group lists (for example https://admin.fedoraproject.org/accounts/group/list/A*) there is a quick "Apply" link with an info icon, which points to an non-existent URL - https://admin.fedoraproject.org/accounts/group/about -- nicu :: http://nicubunu.ro :: http://nicubunu.blogspot.com Cool Fedora wallpapers: http://fedora.nicubunu.ro/wallpapers/ Open Clip Art Library: http://www.openclipart.org my Fedora stuff: http://fedora.nicubunu.ro From mmcgrath at redhat.com Mon Mar 24 13:29:35 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Mon, 24 Mar 2008 08:29:35 -0500 (CDT) Subject: FAS2: group membership policies In-Reply-To: <47E79131.1000301@nicubunu.ro> References: <47E79131.1000301@nicubunu.ro> Message-ID: On Mon, 24 Mar 2008, Nicu Buculei wrote: > In the Art group we decided to enforce a set of rules (nothing special, a > mailing list introduction and maybe a small task completion) for granting > group membership to unknown people (I believe it is the same number for any > other group: an important number of join requests from unknown people). > > For the time being I sent manually emails with a short introduction and an > invitation to join the mailing list, but I wonder if there is a place in FAS2 > (I believe there isn't but would be useful) where a group can write the > membership rules and when someone wants to join the rules are presented in a > friendly way. I had wanted something like this as well, we've got a 'group join' message perhaps we should change that to a 'group description message' or do people here think there is a need for both of those fields? -Mike From stickster at gmail.com Mon Mar 24 15:40:20 2008 From: stickster at gmail.com (Paul W. Frields) Date: Mon, 24 Mar 2008 15:40:20 +0000 Subject: CVS storage use Message-ID: <1206373220.3101.88.camel@localhost.localdomain> Matt Domsch mentioned the other day to the Board that CVS file system usage is at ~77%. How does that trend over time, and does that include the lookaside cache? Matt may have been working on answering these questions already, I just thought they would be of interest in a public thread.` -- Paul W. Frields http://paul.frields.org/ gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233 5906 ACDB C937 BD11 3717 http://redhat.com/ - - - - http://pfrields.fedorapeople.org/ irc.freenode.net: stickster @ #fedora-docs, #fedora-devel, #fredlug -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From dennis at ausil.us Mon Mar 24 15:55:51 2008 From: dennis at ausil.us (Dennis Gilmore) Date: Mon, 24 Mar 2008 10:55:51 -0500 Subject: CVS storage use In-Reply-To: <1206373220.3101.88.camel@localhost.localdomain> References: <1206373220.3101.88.camel@localhost.localdomain> Message-ID: <200803241055.59367.dennis@ausil.us> On Monday 24 March 2008, Paul W. Frields wrote: > Matt Domsch mentioned the other day to the Board that CVS file system > usage is at ~77%. How does that trend over time, and does that include > the lookaside cache? Matt may have been working on answering these > questions already, I just thought they would be of interest in a public > thread.` It includes the lookaside cache. which is 166G of the 181G used on the cvs filesystem. unfortunately we don't have historical graphing of the filesystem. Dennis -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part. URL: From nicu_fedora at nicubunu.ro Mon Mar 24 16:26:36 2008 From: nicu_fedora at nicubunu.ro (Nicu Buculei) Date: Mon, 24 Mar 2008 18:26:36 +0200 Subject: FAS2: group membership policies In-Reply-To: References: <47E79131.1000301@nicubunu.ro> Message-ID: <47E7D63C.6020106@nicubunu.ro> Mike McGrath wrote: > On Mon, 24 Mar 2008, Nicu Buculei wrote: > >> For the time being I sent manually emails with a short introduction and an >> invitation to join the mailing list, but I wonder if there is a place in FAS2 >> (I believe there isn't but would be useful) where a group can write the >> membership rules and when someone wants to join the rules are presented in a >> friendly way. > > I had wanted something like this as well, we've got a 'group join' message > perhaps we should change that to a 'group description message' or do > people here think there is a need for both of those fields? I can see some merits in having two separate fields (showing someone a long text is an incentive for him NOT to read) but I think we can manage with only one field, compose and format the text carefully. -- nicu :: http://nicubunu.ro :: http://nicubunu.blogspot.com Cool Fedora wallpapers: http://fedora.nicubunu.ro/wallpapers/ Open Clip Art Library: http://www.openclipart.org my Fedora stuff: http://fedora.nicubunu.ro From mmcgrath at redhat.com Mon Mar 24 16:31:29 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Mon, 24 Mar 2008 11:31:29 -0500 (CDT) Subject: CVS storage use In-Reply-To: <1206373220.3101.88.camel@localhost.localdomain> References: <1206373220.3101.88.camel@localhost.localdomain> Message-ID: On Mon, 24 Mar 2008, Paul W. Frields wrote: > Matt Domsch mentioned the other day to the Board that CVS file system > usage is at ~77%. How does that trend over time, and does that include > the lookaside cache? Matt may have been working on answering these > questions already, I just thought they would be of interest in a public > thread.` It does include lookaside cache which is planned on getting moved to our NFS share on the netapp. We haven't been trending it for very long but: https://admin.fedoraproject.org/cacti/graph.php?action=view&rra_id=all&local_graph_id=425 We're keeping an eye on it. cvs-int is planned on being rebuilt so its not so scary but that now won't likely happen until after F9 ships. -Mike From smooge at gmail.com Mon Mar 24 18:02:06 2008 From: smooge at gmail.com (Stephen John Smoogen) Date: Mon, 24 Mar 2008 12:02:06 -0600 Subject: app2 rebuild In-Reply-To: References: Message-ID: <80d7e4090803241102r71aa2134r119f85c4c4a3ba79@mail.gmail.com> On Sun, Mar 23, 2008 at 6:48 PM, Mike McGrath wrote: > hey guys, I'm going to rebuild app2 and stick some of our tg apps on > there. Seth brought up an excellent point earlier in that our tg apps > aren't really using any x86_64 code but the python objects they create can > be 2-3x larger in memory. Since most of our performance issues with these > apps is memory bloat (and ultimate swap) I'm going to build it as an i686 > box. After a week or two we can compare memory footprints. I'd really > like to get some benchmarks done to have some actual data to compare to > but I just don't think I'll have time for it (if someone else wants to > though I'd greatly appreciate it) > > I'm going to add app2 to the farm with some of our apps like smolt, > mirrormanager and pkgdb. Then compare memory footprints after a week or > so. > > Also, the last thing blocking us from app3 is getting mediawiki in EL-5 or > in the infrastructure repo. If someone wants to get together and verify > that the newest mediawiki in Fedora will build in EL-5 I'd greatly > appreciate it (don't forget about the deps). > Mediawiki in F-8 requires ocaml and some other stuff it looks like I am working through it. -- Stephen J Smoogen. -- CSIRT/Linux System Administrator How far that little candle throws his beams! So shines a good deed in a naughty world. = Shakespeare. "The Merchant of Venice" From dennis at ausil.us Tue Mar 25 23:04:16 2008 From: dennis at ausil.us (Dennis Gilmore) Date: Tue, 25 Mar 2008 18:04:16 -0500 Subject: Fedora CA Project Message-ID: <200803251804.21899.dennis@ausil.us> We have come to the realisation that this has to be done sooner rather than later. So i'm putting out a call for help and for feedback. We need to revamp the CA infrastructure used in Fedora. This is where Id like to see us go. Publish a Certificate Revocation list so that all apps can check for revoked certs Have users able to revoke their own cert Have user certs be revoked when they request a new cert Have admins able to create/revoke certs Their are 2 types of certificates currently handled by 2 CA's I really want to use a single CA for all: Type 1) user certs. used for plague/koji/cvs upload access. there is work underway to use these for other fedora web based apps also. Type 2) Builders, kojira, internal service authentication. Products to be evaluated: http://pki.fedoraproject.org/wiki/PKI_Main_Page https://www.openca.org/ http://ejbca.sourceforge.net/ Something custom FAS will need modification to work with the new framework. I also want to allow fedora-packager-setup to grab the cert directly rather than having the user manually do it. probably with a flag for when to get a new cert. All users will need to get new user certs when we make the change. as well as koji hub, all builders, koji garbage collection, bodhi, It would also be a good time to deploy ssl auth for other apps. We have a ticket https://fedorahosted.org/fedora-infrastructure/ticket/466 Please make suggestions for other apps we could use, also ideas for making the workflow better. So this is a brief overview of whats needed. Im going to open the floor for a week for open discussion on how we should best do this. Dennis -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part. URL: From katzj at redhat.com Tue Mar 25 23:26:59 2008 From: katzj at redhat.com (Jeremy Katz) Date: Tue, 25 Mar 2008 19:26:59 -0400 Subject: Fedora CA Project In-Reply-To: <200803251804.21899.dennis@ausil.us> References: <200803251804.21899.dennis@ausil.us> Message-ID: <1206487619.12158.11.camel@aglarond.local> On Tue, 2008-03-25 at 18:04 -0500, Dennis Gilmore wrote: > So this is a brief overview of whats needed. Im going to open the floor for a > week for open discussion on how we should best do this. I don't have the details[1], but we should ensure if we're fixing our certificate infrastructure that we do it in such a way that the serials on our certs are reasonable and that they can be used for things like signing mail. Jeremy [1] It was reported before and I can dig them up or go do some poking, but almost dinnertime now ;-) From skvidal at fedoraproject.org Tue Mar 25 23:33:04 2008 From: skvidal at fedoraproject.org (seth vidal) Date: Tue, 25 Mar 2008 19:33:04 -0400 Subject: Fedora CA Project In-Reply-To: <1206487619.12158.11.camel@aglarond.local> References: <200803251804.21899.dennis@ausil.us> <1206487619.12158.11.camel@aglarond.local> Message-ID: <1206487984.2450.6.camel@cutter> On Tue, 2008-03-25 at 19:26 -0400, Jeremy Katz wrote: > On Tue, 2008-03-25 at 18:04 -0500, Dennis Gilmore wrote: > > So this is a brief overview of whats needed. Im going to open the floor for a > > week for open discussion on how we should best do this. > > I don't have the details[1], but we should ensure if we're fixing our > certificate infrastructure that we do it in such a way that the serials > on our certs are reasonable and that they can be used for things like > signing mail. > Have we just setup an instance of the certificate server code rh just released? Alternatively (and I probably wouldn't recommend this for user certs) we could use/hack on certmaster to be able to handle these requests. it's definitely returning certs w/proper serials, etc. -sv From ricky at fedoraproject.org Tue Mar 25 23:37:37 2008 From: ricky at fedoraproject.org (Ricky Zhou) Date: Tue, 25 Mar 2008 19:37:37 -0400 Subject: Fedora CA Project In-Reply-To: <200803251804.21899.dennis@ausil.us> References: <200803251804.21899.dennis@ausil.us> Message-ID: <20080325233737.GC8871@Max.nyc1.dsl.speakeasy.net> On 2008-03-25 06:04:16 PM, Dennis Gilmore wrote: > Products to be evaluated: > > http://pki.fedoraproject.org/wiki/PKI_Main_Page > https://www.openca.org/ > http://ejbca.sourceforge.net/ > Something custom We took a quick look at some of these in IRC, and I'd personally prefer something that doesn't use LDAP for storage (since we didn't end up going with LDAP for FAS, and it seems like overkill for just the CA). I haven't looked too deeply yet, but I'm currently leaning towards something custom. Would certmaster possibly be a good project to work on for providing this kind of functionality? > FAS will need modification to work with the new framework. I also want to > allow fedora-packager-setup to grab the cert directly rather than having the > user manually do it. probably with a flag for when to get a new cert. Would you want to request this directly from the CA, or would that not be exposed (and it would all communicate through FAS?) If you want to go through FAS, I have something that should work starting from the next releases of python-fedora and FAS (and it'd just stay the same once we've modified FAS to talk to an external CA). Thanks, Ricky -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: From wakko666 at gmail.com Tue Mar 25 23:38:05 2008 From: wakko666 at gmail.com (Brett Lentz) Date: Tue, 25 Mar 2008 23:38:05 +0000 Subject: Fedora CA Project In-Reply-To: <200803251804.21899.dennis@ausil.us> References: <200803251804.21899.dennis@ausil.us> Message-ID: <1206488285.19058.72.camel@blentz> On Tue, 2008-03-25 at 18:04 -0500, Dennis Gilmore wrote: > Products to be evaluated: > > http://pki.fedoraproject.org/wiki/PKI_Main_Page > https://www.openca.org/ > http://ejbca.sourceforge.net/ > Something custom > So this is a brief overview of whats needed. Im going to open the floor for a > week for open discussion on how we should best do this. > > Dennis My vote is for EJBCA. It's very easy to use, and has fairly low administrative requirements. It's very easy to delegate capabilities. It's main dependencies are JBoss and Java, and uses OJDBC to connect to any SQL database. It's also capable of interacting with LDAP, if need be. It has built-in support for the usual alphabet soup of PKI services such as OCSP, SCEP, CMP, and auto-generates CRLs. If this is the route we go, I'm also happy to help set up an EJBCA instance. I also have experience with OpenCA and want to explicitly vote _against_ it. It's a pain to set up and use, and development as basically stagnated. (last release was 0.9.3-rc1 on Oct 2006, with RPMs for FC4) ---Brett. Many hands make light work. -- John Heywood From dennis at ausil.us Tue Mar 25 23:41:14 2008 From: dennis at ausil.us (Dennis Gilmore) Date: Tue, 25 Mar 2008 18:41:14 -0500 Subject: Fedora CA Project In-Reply-To: <1206487984.2450.6.camel@cutter> References: <200803251804.21899.dennis@ausil.us> <1206487619.12158.11.camel@aglarond.local> <1206487984.2450.6.camel@cutter> Message-ID: <200803251841.20639.dennis@ausil.us> On Tuesday 25 March 2008, seth vidal wrote: > On Tue, 2008-03-25 at 19:26 -0400, Jeremy Katz wrote: > > On Tue, 2008-03-25 at 18:04 -0500, Dennis Gilmore wrote: > > > So this is a brief overview of whats needed. Im going to open the > > > floor for a week for open discussion on how we should best do this. > > > > I don't have the details[1], but we should ensure if we're fixing our > > certificate infrastructure that we do it in such a way that the serials > > on our certs are reasonable and that they can be used for things like > > signing mail. We have to have proper serials to be able to revoke certificates so yes that is part of it. > Have we just setup an instance of the certificate server code rh just > released? > > Alternatively (and I probably wouldn't recommend this for user certs) we > could use/hack on certmaster to be able to handle these requests. > > it's definitely returning certs w/proper serials, etc. We have not set anything up yet but dogtag-pki is at pki.fedoraproject.org is the code that RH just released. its something that we should evaluate. Dennis -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part. URL: From katzj at redhat.com Wed Mar 26 02:16:29 2008 From: katzj at redhat.com (Jeremy Katz) Date: Tue, 25 Mar 2008 22:16:29 -0400 Subject: Fedora CA Project In-Reply-To: <20080325233737.GC8871@Max.nyc1.dsl.speakeasy.net> References: <200803251804.21899.dennis@ausil.us> <20080325233737.GC8871@Max.nyc1.dsl.speakeasy.net> Message-ID: <1206497789.12158.28.camel@aglarond.local> On Tue, 2008-03-25 at 19:37 -0400, Ricky Zhou wrote: > On 2008-03-25 06:04:16 PM, Dennis Gilmore wrote: > > Products to be evaluated: > > > > http://pki.fedoraproject.org/wiki/PKI_Main_Page > > https://www.openca.org/ > > http://ejbca.sourceforge.net/ > > Something custom > We took a quick look at some of these in IRC, and I'd personally prefer > something that doesn't use LDAP for storage (since we didn't end up > going with LDAP for FAS, and it seems like overkill for just the CA). Even not using LDAP for all of FAS, there's still a lot of things we could export from the db -> ldap to be more easily used and accessible. So I wouldn't discount LDAP just because it's not the backing store of FAS. > I haven't looked too deeply yet, but I'm currently leaning towards > something custom. Would certmaster possibly be a good project to work > on for providing this kind of functionality? Also, going off and building our own thing feels like it's going to be a long-term detriment. Some of the bits for proper CRLs and the like are not trivial and very important to get "right" Jeremy From jonstanley at gmail.com Wed Mar 26 02:29:55 2008 From: jonstanley at gmail.com (Jon Stanley) Date: Tue, 25 Mar 2008 22:29:55 -0400 Subject: Fedora CA Project In-Reply-To: <1206497789.12158.28.camel@aglarond.local> References: <200803251804.21899.dennis@ausil.us> <20080325233737.GC8871@Max.nyc1.dsl.speakeasy.net> <1206497789.12158.28.camel@aglarond.local> Message-ID: On Tue, Mar 25, 2008 at 10:16 PM, Jeremy Katz wrote: > Also, going off and building our own thing feels like it's going to be a > long-term detriment. Some of the bits for proper CRLs and the like are > not trivial and very important to get "right" Not that this matters for anything but coming from the guy who's sitting in the peanut gallery :), I *really* think that we should look long and hard at Dogtag. Perhaps it comes from where I work, but I'm a big proponent of eating our own dog food (or wearing our own dog tag, as it were :) ), They've already done the hard work. If it's not good enough for what we need it to do, what's to make us think that it'll be deployed *at all*? We should really attempt to repair any shortcomings that Dogtag has to make it usable. $0.000001 -Jon From cicero at insightbb.com Wed Mar 26 13:13:19 2008 From: cicero at insightbb.com (john) Date: Wed, 26 Mar 2008 09:13:19 -0400 Subject: introduction all around Message-ID: <47EA4BEF.1080001@insightbb.com> Hey everyone, My name is John Roman, and I suppose this is my introduction. I hope to be considered for membership in the infrastructure group but of couse, I'm not yet familiar enough with it. im lurking the #fedora-admin channel for now as nimbius. occasionally ill browse the ticketing system to get an idea of what infrastructure at Fedora does. I'm a 26 year old infrastructure engineer by trade with 3 years experience in Red Hat based systems. Ive worked one small shop, and one large shop. I've been a Fedora user since its inception and its taught me quite a bit about linux. Some of the things I enjoy doing most with fedora are high-availability clustering, building fiber channel LVM, and samba replacements for domain controllers. for reference, I am an active contributor in the sambawiki on active directory/samba integration. I want to join the infrastructure group because it will give me a chance to help the project, as well as learn more about an operating system that has been with me in one form or another for around 8 years. -------------- next part -------------- A non-text attachment was scrubbed... Name: cicero.vcf Type: text/x-vcard Size: 262 bytes Desc: not available URL: From mmcgrath at redhat.com Wed Mar 26 14:07:00 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Wed, 26 Mar 2008 09:07:00 -0500 (CDT) Subject: introduction all around In-Reply-To: <47EA4BEF.1080001@insightbb.com> References: <47EA4BEF.1080001@insightbb.com> Message-ID: On Wed, 26 Mar 2008, john wrote: > Hey everyone, > > My name is John Roman, and I suppose this is my introduction. I hope to be > considered for membership in the infrastructure group but of couse, I'm not > yet familiar enough with it. im lurking the #fedora-admin channel for now as > nimbius. occasionally ill browse the ticketing system to get an idea of what > infrastructure at Fedora does. > > > I'm a 26 year old infrastructure engineer by trade with 3 years experience in > Red Hat based systems. Ive worked one small shop, and one large shop. I've > been a Fedora user since its inception and its taught me quite a bit about > linux. Some of the things I enjoy doing most with fedora are > high-availability clustering, building fiber channel LVM, and samba > replacements for domain controllers. > > for reference, I am an active contributor in the sambawiki on active > directory/samba integration. > > I want to join the infrastructure group because it will give me a chance to > help the project, as well as learn more about an operating system that has > been with me in one form or another for around 8 years. > Welcome John, Make sure you come to our meetings if you can. Otherwise hanging out in #fedora-admin and participating when you see something interesting is good. -Mike From smooge at gmail.com Wed Mar 26 17:49:18 2008 From: smooge at gmail.com (Stephen John Smoogen) Date: Wed, 26 Mar 2008 11:49:18 -0600 Subject: Fedora CA Project In-Reply-To: References: <200803251804.21899.dennis@ausil.us> <20080325233737.GC8871@Max.nyc1.dsl.speakeasy.net> <1206497789.12158.28.camel@aglarond.local> Message-ID: <80d7e4090803261049h2741c959w66c2de78dac2b18a@mail.gmail.com> On Tue, Mar 25, 2008 at 8:29 PM, Jon Stanley wrote: > On Tue, Mar 25, 2008 at 10:16 PM, Jeremy Katz wrote: > > > Also, going off and building our own thing feels like it's going to be a > > long-term detriment. Some of the bits for proper CRLs and the like are > > not trivial and very important to get "right" > > Not that this matters for anything but coming from the guy who's > sitting in the peanut gallery :), I *really* think that we should look > long and hard at Dogtag. Perhaps it comes from where I work, but I'm > a big proponent of eating our own dog food (or wearing our own dog > tag, as it were :) ), They've already done the hard work. If it's > not good enough for what we need it to do, what's to make us think > that it'll be deployed *at all*? We should really attempt to repair > any shortcomings that Dogtag has to make it usable. > > $0.000001 I will add a US Dollar, a Brazillian and Canadian Dollar too.. and maybe a Zimbabwe dollar also. -- Stephen J Smoogen. -- CSIRT/Linux System Administrator How far that little candle throws his beams! So shines a good deed in a naughty world. = Shakespeare. "The Merchant of Venice" From Matt_Domsch at dell.com Wed Mar 26 20:58:51 2008 From: Matt_Domsch at dell.com (Matt Domsch) Date: Wed, 26 Mar 2008 15:58:51 -0500 Subject: download.fp.o -> proxies and redirects Message-ID: <20080326205851.GA9367@auslistsprd01.us.dell.com> The last step in completing the download.fp.o move onto the proxy servers is to remove the forced client redirect, and instead use a local rewrite rule and proxy pass, just as mirrors.fp.o/mirrorlist uses. I think this is right, but want extra eyeballs. Here's the diff. Index: rewrite.conf =================================================================== RCS file: /cvs/puppet/configs/web/download.fedoraproject.org/rewrite.conf,v retrieving revision 1.6 diff -u -r1.6 rewrite.conf --- rewrite.conf 19 Nov 2007 23:06:40 -0000 1.6 +++ rewrite.conf 26 Mar 2008 20:52:53 -0000 @@ -1,3 +1,12 @@ -RewriteEngine on -RewriteRule ^/(.+)$ http://mirrors.fedoraproject.org/mirrorlist?path=$1&redirect=1 [R=307,L] -RewriteRule ^/$ http://mirrors.fedoraproject.org/mirrorlist?path=pub/fedora/linux/&redirect=1 [R=307,L] + +RequestHeader set CP-Location /mirrormanager + + +RewriteEngine On +RewriteRule ^/(.*)$ balancer://mirrorsCluster//mirrorlist?path=$1&redirect=1 [P] +RewriteRule ^/$ balancer://mirrorsCluster//mirrorlist?path=pub/fedora/linux/&redirect=1 [P] + + +ProxyPassReverse / http://app3.fedora.phx.redhat.com +ProxyPassReverse / http://app4.fedora.phx.redhat.com +ProxyPassReverse / http://app5.vpn.fedoraproject.org and for reference, here's what mirrors.fp.o has this below. The interesting rule is the second rewriterule. RequestHeader set CP-Location /mirrormanager RewriteEngine On RewriteRule ^/publiclist(.*) balancer://mirrorsCluster//mirrorlists/publiclist/$1 [P] RewriteRule ^/mirrorlist(.*) balancer://mirrorsCluster//mirrorlist$1 [P] RewriteRule ^/(.*)$ balancer://mirrorsCluster//mirrorlists/$1 [P] RewriteRule ^/(.*) balancer://mirrorsCluster/$1 [P] ProxyPassReverse / http://app3.fedora.phx.redhat.com ProxyPassReverse / http://app4.fedora.phx.redhat.com ProxyPassReverse / http://app5.vpn.fedoraproject.org -- Matt Domsch Linux Technology Strategist, Dell Office of the CTO linux.dell.com & www.dell.com/linux From mmcgrath at redhat.com Thu Mar 27 17:27:45 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Thu, 27 Mar 2008 12:27:45 -0500 (CDT) Subject: download.fp.o -> proxies and redirects In-Reply-To: <20080326205851.GA9367@auslistsprd01.us.dell.com> References: <20080326205851.GA9367@auslistsprd01.us.dell.com> Message-ID: On Wed, 26 Mar 2008, Matt Domsch wrote: > + > +ProxyPassReverse / http://app3.fedora.phx.redhat.com > +ProxyPassReverse / http://app4.fedora.phx.redhat.com > +ProxyPassReverse / http://app5.vpn.fedoraproject.org > Go ahead and add one for app2 as well, its not live yet but will be soon. Otherwise I think that looked ok to me. -Mike From mmcgrath at redhat.com Fri Mar 28 01:58:05 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Thu, 27 Mar 2008 20:58:05 -0500 (CDT) Subject: Away for a few days Message-ID: Hey everyone. I'll be gone from Friday until Monday (back on Tuesday) on vacation... So no ignoring nagios emails :) -Mike From poelstra at redhat.com Sun Mar 30 04:30:31 2008 From: poelstra at redhat.com (John Poelstra) Date: Sat, 29 Mar 2008 21:30:31 -0700 Subject: sub-optimal torrent for F9 Snapshot 1 Message-ID: <47EF1767.4040607@redhat.com> I'm finding trying to get Friday's snapshot of Fedora 9 to be very sub-optimal... 62 hours estimated to go after already timing out once. I've got two peers and one seed :( I'll probably get it by time the next snapshot is ready :) Is this happening to others? Is this really a viable way to put out *weekly* snapshots? Is hosting jigdo templates a possibility? In my situation it would work well because I mirror the rawhide trees locally--yes I realize this begs the question of why I need the snapshot if I already mirror rawhide, but I'm curious if it fails to install for me just as rawhide has for the past three days. John From sundaram at fedoraproject.org Sun Mar 30 06:40:14 2008 From: sundaram at fedoraproject.org (Rahul Sundaram) Date: Sun, 30 Mar 2008 12:10:14 +0530 Subject: sub-optimal torrent for F9 Snapshot 1 In-Reply-To: <47EF1767.4040607@redhat.com> References: <47EF1767.4040607@redhat.com> Message-ID: <47EF35CE.3010302@fedoraproject.org> John Poelstra wrote: > I'm finding trying to get Friday's snapshot of Fedora 9 to be very > sub-optimal... 62 hours estimated to go after already timing out once. > I've got two peers and one seed :( I'll probably get it by time the > next snapshot is ready :) > > Is this happening to others? Yes. > Is this really a viable way to put out *weekly* snapshots? Nope. I canceled my download. My guess is that we need to do beta 1 beta 2 etc in quick successions instead of this to get enough number of downloads going and subsequent feedback hopefully. Rahul From yatiohi at ideopolis.gr Sun Mar 30 08:06:02 2008 From: yatiohi at ideopolis.gr (=?ISO-8859-7?Q?Christos_=D4rochalakis?=) Date: Sun, 30 Mar 2008 11:06:02 +0300 Subject: GSoC: Transifex-committer Message-ID: Hello, I am applying to Google Summer of Code for the Fedora Project. I am interested in writing a backend committer for Transifex (#tx-committer). Our plan is to seperate the commit proccess and have transifex interact with various remote committers through json or xml-rpc. You can find a more detailed description in the wiki page: http://fedoraproject.org/wiki/ChristosTrochalakis/GSoC/Tx-Committer Any ideas/questions are more than wellcome :) -Christos From kanarip at kanarip.com Sun Mar 30 08:33:26 2008 From: kanarip at kanarip.com (Jeroen van Meeuwen) Date: Sun, 30 Mar 2008 10:33:26 +0200 Subject: sub-optimal torrent for F9 Snapshot 1 In-Reply-To: <47EF1767.4040607@redhat.com> References: <47EF1767.4040607@redhat.com> Message-ID: <47EF5056.4010003@kanarip.com> John Poelstra wrote: > I'm finding trying to get Friday's snapshot of Fedora 9 to be very > sub-optimal... 62 hours estimated to go after already timing out once. > I've got two peers and one seed :( I'll probably get it by time the > next snapshot is ready :) > > Is this happening to others? > Not happening here, I'm adding another seed to the swarm - I see it's already uploading more then it's downloading, while it is still downloading. > Is this really a viable way to put out *weekly* snapshots? > No. ;-) > Is hosting jigdo templates a possibility? In my situation it would work > well because I mirror the rawhide trees locally--yes I realize this begs > the question of why I need the snapshot if I already mirror rawhide, but > I'm curious if it fails to install for me just as rawhide has for the > past three days. > The snapshots (torrent ISO images) should have an updates.img which should make them installable. Jigdo is a possibility in distributing the snapshots, but the downside is that at least one party, and preferably more then one, will need to keep hosting the slices; while on day 0 all slices are (or should be) in rawhide, on day 1 some packages might have been updated again and are thus not available anymore -unless some party keeps hosting the entire tree such as Fedora Unity does with their Re-Spins; 4 mirrors keep hosting all slices that come from the updates/ repository for as long as the Re-Spin is offered for downloading. Kind regards, Jeroen van Meeuwen -kanarip From a.badger at gmail.com Mon Mar 31 20:39:37 2008 From: a.badger at gmail.com (Toshio Kuratomi) Date: Mon, 31 Mar 2008 13:39:37 -0700 Subject: xen7 networking issue? Message-ID: <47F14C09.4030703@gmail.com> Someone just reported that the wiki was down and I thought xen7 might have crashed again. when I tried to ssh to it my connection timed out. ping xen7 was fine. I serial consoled in and then immediately tried to ssh to xen7 again. it worked. uptime showed that xen7 has been up since this morning and the app servers are all running, etc. There are no iscsi errors in /var/log/messages. Is there a possibility that we're experiencing some sort of networking issue with xen7? Maybe that issue is exacerbating the iscsi bug that causes our xen hosts to crash? -Toshio -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: OpenPGP digital signature URL: From jonstanley at gmail.com Mon Mar 31 21:57:54 2008 From: jonstanley at gmail.com (Jon Stanley) Date: Mon, 31 Mar 2008 17:57:54 -0400 Subject: xen7 networking issue? In-Reply-To: <47F14C09.4030703@gmail.com> References: <47F14C09.4030703@gmail.com> Message-ID: 2008/3/31 Toshio Kuratomi : > Someone just reported that the wiki was down and I thought xen7 might > have crashed again. when I tried to ssh to it my connection timed out. > ping xen7 was fine. I serial consoled in and then immediately tried > to ssh to xen7 again. it worked. uptime showed that xen7 has been up I've seen this on RHEL4 boxen for no apparent reason - no ssh or other network connectivity (I forget whether ping works or not), connect to serial console, login as root, and everything becomes fine again. I have no way to reproduce this, other than to say it happens occasionally. I wouldn't even know where to begin debugging it :( From mmcgrath at redhat.com Mon Mar 31 22:27:14 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Mon, 31 Mar 2008 17:27:14 -0500 (CDT) Subject: xen7 networking issue? In-Reply-To: <47F14C09.4030703@gmail.com> References: <47F14C09.4030703@gmail.com> Message-ID: On Mon, 31 Mar 2008, Toshio Kuratomi wrote: > Someone just reported that the wiki was down and I thought xen7 might have > crashed again. when I tried to ssh to it my connection timed out. ping xen7 > was fine. I serial consoled in and then immediately tried to ssh to xen7 > again. it worked. uptime showed that xen7 has been up since this morning and > the app servers are all running, etc. There are no iscsi errors in > /var/log/messages. > > Is there a possibility that we're experiencing some sort of networking issue > with xen7? Maybe that issue is exacerbating the iscsi bug that causes our xen > hosts to crash? > you can ssh to (for example) fas1 then ssh to xen7. I discovered that just before I left on Friday. This leads me to believe that something else on our network is using that IP. We'll have to look at the arp tables and see whats going on. The good news is this shouldn't affect the xen guests though, in theory, it is affecting the iscsi connection on xen7. xen1 and xen2 are the only hosts we've seen actually rebooting though xen7 is new. -Mike From mmcgrath at redhat.com Mon Mar 31 22:30:32 2008 From: mmcgrath at redhat.com (Mike McGrath) Date: Mon, 31 Mar 2008 17:30:32 -0500 (CDT) Subject: sub-optimal torrent for F9 Snapshot 1 In-Reply-To: <47EF1767.4040607@redhat.com> References: <47EF1767.4040607@redhat.com> Message-ID: On Sat, 29 Mar 2008, John Poelstra wrote: > I'm finding trying to get Friday's snapshot of Fedora 9 to be very > sub-optimal... 62 hours estimated to go after already timing out once. I've > got two peers and one seed :( I'll probably get it by time the next snapshot > is ready :) > > Is this happening to others? > > Is this really a viable way to put out *weekly* snapshots? > > Is hosting jigdo templates a possibility? In my situation it would work well > because I mirror the rawhide trees locally--yes I realize this begs the > question of why I need the snapshot if I already mirror rawhide, but I'm > curious if it fails to install for me just as rawhide has for the past three > days. Looks like this is actually releng's call as they decided to host jigdo for the last beta. I'm not sure if we ever got it actually working right though. -Mike From jkeating at redhat.com Mon Mar 31 23:59:19 2008 From: jkeating at redhat.com (Jesse Keating) Date: Mon, 31 Mar 2008 19:59:19 -0400 Subject: sub-optimal torrent for F9 Snapshot 1 In-Reply-To: <47EF1767.4040607@redhat.com> References: <47EF1767.4040607@redhat.com> Message-ID: <1207007959.29751.12.camel@localhost.localdomain> On Sat, 2008-03-29 at 21:30 -0700, John Poelstra wrote: > I'm finding trying to get Friday's snapshot of Fedora 9 to be very > sub-optimal... 62 hours estimated to go after already timing out once. > I've got two peers and one seed :( I'll probably get it by time the > next snapshot is ready :) > > Is this happening to others? > > Is this really a viable way to put out *weekly* snapshots? > > Is hosting jigdo templates a possibility? In my situation it would work > well because I mirror the rawhide trees locally--yes I realize this begs > the question of why I need the snapshot if I already mirror rawhide, but > I'm curious if it fails to install for me just as rawhide has for the > past three days. As I mentioned in other threads, jigdo requires that the slices be available via http somewhere. The amount if time we have to spin a snapshot and get it somewhere public for it to have any sort of relevance is pretty darn short, and trying to instasync a number of mirrors hasn't gone too well in the past, and those mirrors would just quickly become overloaded and not able to handle jigdo requests anyway. (there are those that would just http mirror things instead of using jigdo). So for the most reasonable turnaround time, we use torrent. We can upload isos in a matter of hours and start the torrent system. Theoretically I can seed as well as I just did the compose, and we might be able to seed a few other places that have fast access to the snapshot. We'll keep thinking of better ways to deliver the snapshots, it's just quite difficult to do something with fast turnaround /and/ have a way to spread the delivery load. -- Jesse Keating Fedora -- All my bits are free, are yours? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part URL: