#ubuntu-meeting log

15:31 <cpaelzer> #startmeeting Weekly Main Inclusion Requests status
15:31 <meetingology> Meeting started at 15:31:10 UTC.  The chair is cpaelzer.  Information about MeetBot at https://wiki.ubuntu.com/meetingology
15:31 <meetingology> Available commands: action, commands, idea, info, link, nick
15:31 <cpaelzer> Ping for MIR meeting - didrocks joalif slyon sarnold cpaelzer jamespage ( eslerm dviererbe )
15:31 <cpaelzer> slyon and eslerm were already saying hi - o/
15:31 <cpaelzer> #topic current component mismatches
15:31 <cpaelzer> Mission: Identify required actions and spread the load among the teams
15:31 <cpaelzer> #link https://people.canonical.com/~ubuntu-archive/component-mismatches-proposed.svg
15:31 <cpaelzer> #link https://people.canonical.com/~ubuntu-archive/component-mismatches.svg
15:31 <jamespage> going to have to send my apologies - sorry
15:31 <cpaelzer> ok
15:31 <cpaelzer> we'll give you some todo then jamespage :-P
15:32 <cpaelzer> more content than last time
15:32 <cpaelzer> nullboot now shows up there
15:32 <cpaelzer> it has a case
15:32 <cpaelzer> https://bugs.launchpad.net/ubuntu/+source/nullboot/+bug/1965115
15:32 <cpaelzer> that is almost a year old
15:33 <cpaelzer> But other than a bit more info on testing
15:33 <cpaelzer> which now that it is meant to be used might be easier
15:33 <cpaelzer> this ought to be ready
15:33 <joalif> o/
15:33 <eslerm> \o/
15:34 <cpaelzer> slyon: I think you might want to ping internally that this might be soon promoted?
15:34 <slyon> yes, I'll double-check this
15:34 <sarnold> good morning
15:35 <eslerm> hi Seth o/
15:35 <cpaelzer> I updated the bug slyon
15:35 <cpaelzer> this looks easy to be fully completed
15:35 <cpaelzer> in proposed we have more
15:35 <cpaelzer> but mostly old usual suspects
15:36 <cpaelzer> mirespace: will you let us know when libcryptx-perl is ready for now (without the algorithm that is badly implemented)?
15:36 <cpaelzer> if anyone here is curious, we found a compromise how to go on with https://bugs.launchpad.net/ubuntu/+source/libcryptx-perl/+bug/2046154
15:36 <cpaelzer> TL;DR get is completed (the whole stack) with all, except ed25519
15:36 <mirespace> yes, I will do ... not touched since the steps sgreement, sorry
15:37 <cpaelzer> go for a ed25519 implementation as wrapper around the supported openssl
15:37 <mirespace> yes
15:37 <cpaelzer> and then add that to Ubuntu
15:37 <cpaelzer> next new in mismatches is "designate"
15:37 <cpaelzer> wantin python-edgegrid and ndg-httpsclient
15:37 <cpaelzer> never heard of this
15:37 <cpaelzer> I'm sure this will haunt me and it is a server package ...
15:38 <cpaelzer> oh no, it is openstack
15:38 <eslerm> (I'm behind in comments in the bug for libcryptx-perl, apologize, discussion looks good)
15:38 <cpaelzer> thanks eslerm
15:38 <cpaelzer> jamespage: I assume you need to pick this up later designate -> python-edgegrid and ndg-httpsclient will need to be looked at
15:39 <cpaelzer> to make a decision to promote or change dependencies
15:39 <cpaelzer> #topic New MIRs
15:39 <cpaelzer> Mission: ensure to assign all incoming reviews for fast processing
15:39 <cpaelzer> #link https://bugs.launchpad.net/ubuntu/?field.searchtext=&orderby=-date_last_updated&field.status%3Alist=NEW&field.status%3Alist=CONFIRMED&assignee_option=none&field.assignee=&field.subscriber=ubuntu-mir
15:39 <cpaelzer> wow
15:39 <cpaelzer> there are 5 new in there
15:39 <cpaelzer> cryptx goes back to mirespace until this change has happend
15:39 <cpaelzer> I'll update the bug
15:40 <cpaelzer> The rest are things we knew are coming
15:40 <slyon> so I could probably take wsl-pro-service, as the others are from foundations
15:40 <cpaelzer> yeah
15:40 <joalif> I could take trace-cmd
15:41 <cpaelzer> thanks assigned
15:41 <joalif> but no promises it'll be ready by next week, I'm already working on another 2 mirs
15:41 <cpaelzer> yeah
15:41 <cpaelzer> fair
15:41 <cpaelzer> I'll take libtracefs
15:41 <cpaelzer> and as usual didrocks is fine to get one scheduled (at least that was the deal so far)
15:42 <cpaelzer> which I'll do with libtraceevent
15:42 <cpaelzer> TBH I'm also not yet entirely sure when I'll get to mine
15:42 <cpaelzer> surely not before Friday and even then ...
15:42 <cpaelzer> but we now have one each
15:42 <cpaelzer> and the list is drained
15:43 <cpaelzer> \o/
15:43 <cpaelzer> BTW trace-cmd and related are part of the many MIRs to be expected that I mentioned last week
15:43 <cpaelzer> around debug/perf tooling to be available more easily
15:43 <slyon> yes, there are more in the works at foundations
15:43 <cpaelzer> #topic Incomplete bugs / questions
15:43 <cpaelzer> Mission: Identify required actions and spread the load among the teams
15:43 <cpaelzer> #link https://bugs.launchpad.net/ubuntu/?field.searchtext=&orderby=-date_last_updated&field.status%3Alist=INCOMPLETE_WITH_RESPONSE&field.status%3Alist=INCOMPLETE_WITHOUT_RESPONSE&field.subscriber=ubuntu-mir
15:44 <cpaelzer> only one somewhat recent
15:44 <cpaelzer> jpeg-xl
15:44 <cpaelzer> that is yet incomplete and marked that way by jbicha
15:44 <cpaelzer> so no need to act on that for now
15:44 <cpaelzer> #topic Process/Documentation improvements
15:44 <cpaelzer> Mission: Review pending process/documentation pull-requests or issues
15:44 <cpaelzer> #link https://github.com/canonical/ubuntu-mir/pulls
15:44 <cpaelzer> #link https://github.com/canonical/ubuntu-mir/issues
15:45 <cpaelzer> as discussed I landed the PR of eslerm with slight modifications
15:45 <cpaelzer> there is a new one https://github.com/canonical/ubuntu-mir/pull/47
15:45 <eslerm> thank you
15:45 <cpaelzer> this one is trivial - I'll merge it unless there are objections
15:45 <cpaelzer> 5
15:45 <cpaelzer> 4
15:45 <cpaelzer> 3
15:45 <slyon> +1
15:45 <cpaelzer> no you have time
15:46 <cpaelzer> +1 as well
15:46 <cpaelzer> 2
15:46 <cpaelzer> 1
15:46 <cpaelzer> merged
15:46 <cpaelzer> #topic MIR related Security Review Queue
15:46 <cpaelzer> Mission: Check on progress, do deadlines seem doable?
15:46 <cpaelzer> Some clients can only work with one, some with the other escaping - the URLs point to the same place.
15:46 <eslerm> Security would like to add an apparmor profile/abstractions requirements for main
15:46 <cpaelzer> #link https://bugs.launchpad.net/~ubuntu-security/+bugs?field.searchtext=%5BMIR%5D&assignee_option=choose&field.assignee=ubuntu-security&field.bug_reporter=&field.bug_commenter=&field.subscriber=ubuntu-mir
15:46 <cpaelzer> #link https://bugs.launchpad.net/~ubuntu-security/+bugs?field.searchtext=[MIR]&assignee_option=choose&field.assignee=ubuntu-security&field.bug_reporter=&field.bug_commenter=&field.subscriber=ubuntu-mir
15:46 <cpaelzer> Internal link
15:46 <cpaelzer> - ensure your teams items are prioritized among each other as you'd expect
15:46 <cpaelzer> - ensure community requests do not get stomped by teams calling for favors too much
15:46 <cpaelzer> #link https://warthogs.atlassian.net/jira/software/c/projects/SEC/boards/594
15:46 <eslerm> for apparmor profiles, we oculd put this off until after 24.04
15:46 <cpaelzer> this has been discussed in the past
15:46 <eslerm> an apparmor profile will be required for authd
15:47 <cpaelzer> it was a "would be nice, but sometimes is impossibly hard" case
15:47 <cpaelzer> just like some others we had
15:47 <cpaelzer> I'm +1 on having such a rule
15:47 <cpaelzer> after all we keep having "add profiles" items every cycle
15:47 <cpaelzer> to get things added in the past isolated
15:47 <cpaelzer> but
15:47 <cpaelzer> I'd ask for some "not too easy, but there is a way out" kind of wording
15:47 <cpaelzer> if you happen to be providing the 1245676th package of the gnome stack
15:48 <eslerm> recently, the apparmor team has begun needing to write profiles (there is a new mandate) and it would be nice if owning or development teams owned that
15:48 <cpaelzer> then you can't be expected to be the one that makes all gnome isolated
15:48 <cpaelzer> for example
15:48 <cpaelzer> I've seen the updates on jira about adding apparmor
15:48 <eslerm> that type of wording works
15:48 <cpaelzer> and I smiled as - like I said - we do that almost every cycle for a while
15:48 <cpaelzer> but we had cases where you just can not predict the millions of ways something is used
15:49 <sarnold> so very true
15:49 <eslerm> I believe apparmor folks would be responsible to review, it would be reasonable
15:49 <cpaelzer> with a wording that is not too allowing but leaving a door open I'm ok
15:49 <cpaelzer> will you or the apparmor folks provide a PR on how they think
15:49 <eslerm> can do
15:49 <cpaelzer> we can then discuss until we reach a wording we believe that works
15:49 <cpaelzer> and the first few passing that will then tell us how possible or impossible that is
15:49 <eslerm> I wanted to start the discussion, and work on this mostly for 24.10
15:50 <cpaelzer> so epxect reviewing this in a while
15:50 <eslerm> thank you
15:50 <cpaelzer> ack on please not being applicable to 24.04 super late
15:50 <cpaelzer> thanks for the heads up
15:50 <cpaelzer> section wise we are in security
15:50 <cpaelzer> I see the training of people worked
15:50 <cpaelzer> plenty of new faces assigned in the in-progress column
15:50 <cpaelzer> a few TODO, but nothing in the far backlog
15:51 <cpaelzer> umm
15:51 <cpaelzer> eslerm: about SEC-2671
15:51 <cpaelzer> the LP item went to Won't Fix
15:51 <cpaelzer> and sarnold ^^
15:52 <cpaelzer> the dependency tree has been changed, this won't be needed
15:52 <cpaelzer> should it be removed from the security board as well?
15:52 <sarnold> nice :)
15:52 <eslerm> thanks for catching that, I'll move them
15:53 <cpaelzer> thanks
15:53 <cpaelzer> #topic Any other business?
15:53 <cpaelzer> nothing in addition to the above from me
15:53 <slyon> nothing
15:53 <sarnold> nothing
15:55 <cpaelzer> ok
15:55 <cpaelzer> then, enjoy your week!
15:55 <sarnold> thanks cpaelzer, all :)
15:55 <cpaelzer> #endmeeting