#mageia-forums log

17:56:26 <doktor5000__> #startmeeting
17:56:26 <Inigo_Montoya> Meeting started Fri Oct 19 17:56:26 2012 UTC.  The chair is doktor5000__. Information about MeetBot at http://wiki.debian.org/MeetBot.
17:56:26 <Inigo_Montoya> Useful Commands: #action #agreed #help #info #idea #link #topic.
17:56:55 <doktor5000__> #topic status quo of forums
17:57:07 <doktor5000__> #chair marjavanWaes maat Guest86593
17:57:07 <Inigo_Montoya> Current chairs: Guest86593 doktor5000__ maat marjavanWaes
17:57:15 <marjavanWaes> :)
17:57:19 <doktor5000__> #info Guest86593 = isadora
17:57:27 <doktor5000__> ok, what about the current forum situation? what has been decided regarding "outsourcing" the forums ?
17:57:39 <maat> So for this part
17:57:46 * doktor5000 is running for some food
17:58:13 <maat> we had a discussion during last coucil meeting
17:58:14 <marjavanWaes> doktor5000: the last thing i heard, was that we'd get a VM, but stay inside forums.mageia.org
17:58:28 <maat> but without the feedback of Oliver
17:58:42 <maat> they postponed it
17:59:12 <maat> so we will re-talk about that in council
17:59:25 <maat> dunno it it will be next or later
17:59:40 <marjavanWaes> and before there was a message from boklm that that same VM could first be used for the Brazilian forums
17:59:56 <maat> i expressed my concern about users needing to relog or deal with several passwords
18:00:06 <maat> phone sorry
18:00:10 <Guest86593> maat: what about reasoning for postponing?
18:00:12 <marjavanWaes> maat: np
18:01:29 <marjavanWaes> Guest86593: obgr_seneca was going to work something out, I may remember wrongly now, I think it was something that was needed to make it possible for users to use the same password when the forums would move to that VM
18:02:20 <Guest86593> marjavanWaes: thank you marja
18:03:19 <marjavanWaes> Guest86593: moving the forums to that VM would make it possible for the forum admin to get full access to the forums, so make it easier to do patches and upgrades
18:04:10 <Guest86593> marjavanWaes: sounds reasonable
18:04:46 <marjavanWaes> did anyone hear from the Brazilians, since I left for my time-out?
18:05:19 <Guest86593> marjavanWaes: no not here
18:06:33 <marjavanWaes> when I wrote to Otto that I presumed no data would get lost, if we weren't very fast, he didn't react to that sentence
18:07:49 <Guest86593> marjavanWaes: probably passed his attention? nevertheless important enough question
18:08:30 <marjavanWaes> IIRC he only wrote they suffered from lack of bandwidth...... but since he didn't confirm what I presumed, maybe better to ask again
18:09:12 <Guest86593> marjavanWaes: you know how terrible communication can be, maybe better try another shot
18:10:09 <maat> back
18:10:16 <maat> sorr
18:10:18 <maat> y
18:10:24 <Guest86593> maat: np ;)
18:10:48 <maat> <Guest86593> maat: what about reasoning for postponing? <-- let me answer
18:10:52 <marjavanWaes> maat: np, I think doktor5000 is still running for his food
18:11:29 <Guest86593> marjavanWaes: he must have eaten all the fridge
18:11:29 <maat> the major reason for everything is that sysadmins guys want to keeps people passwords safe
18:11:38 <marjavanWaes> Guest86593: :)
18:11:44 <maat> and for that i can only agree
18:12:10 <maat> forum system at the moment keeps a hash of the passwords
18:12:16 <maat> a complicated hash
18:12:41 <maat> but if they let others access to database or machine
18:12:54 <maat> and if one of us is eveil
18:13:24 <maat> there is a risk that the hersaid evil guy breaks a number of passwords
18:13:41 <maat> including those of sysadmins who logged in on the forum
18:14:10 <marjavanWaes> ah, I never thought of that last line
18:14:27 <maat> iphone gin
18:14:33 <marjavanWaes> maat: np
18:14:33 <maat> phone again
18:14:55 <Guest86593> maat: thanks for your explanation
18:15:57 <marjavanWaes> so now those hashes are protected by the current setup
18:16:18 <Guest86593> maat: but is there any idea at sysadmin for a workaround
18:16:40 * doktor5000 is back, sorry also headed in between to ... somewhere else which comes after food
18:17:08 <marjavanWaes> doktor5000: welcome :)
18:17:48 <doktor5000> maat: those hashes, are those direct md5 hashes of the passwords, unsalted?
18:17:56 <marjavanWaes> Guest86593: obgr_seneca was working on that.... and I think maât had a suggestion last tuesday
18:18:14 <doktor5000> in that case you could just google for the hashes and get the plaintext passwords ... :/
18:18:23 <marjavanWaes> doktor5000: ouch
18:19:04 <marjavanWaes> doktor5000: does that work for strong passwords, too, or only for real-word-passwords?
18:20:58 <doktor5000> marjavanWaes: that works for mostly all md5 hashes, not depending on the real password
18:21:08 <marjavanWaes> ouch
18:23:59 <Guest86593> doktor5000: no way of protecting against decryption?
18:26:34 <doktor5000> not using unsalted m5 hashes, as that is quite unsecure, or not using something md5-based for password hashes at all
18:26:47 <doktor5000> but we're drifting
18:27:27 <doktor5000> #info decision about forums "outsourcing" was postponed, will be discussed in next council meeting
18:27:49 <marjavanWaes> doktor5000: Guest86593: how are we currently doing on "difficult" users?
18:28:21 <Guest86593> marjavanWaes: i have no issues around
18:28:31 <marjavanWaes> or I should say: how are you doing, since I don't see many posts
18:28:32 <doktor5000> #action obgr_seneca is still looking for a way to securely store passwords, and to not keep hashes in forum db
18:28:39 <marjavanWaes> Guest86593: good to hear :)
18:29:36 <marjavanWaes> doktor5000: what is lemonldap? would that be a solution for the same problem?
18:30:14 <doktor5000> that is a solution for single sign-on via ldap ... maat, could you please explain in a few words?
18:30:35 <marjavanWaes> doktor5000: if he doesn't respond, he is still on the phone
18:31:06 <maat> back
18:31:08 <maat> so
18:31:23 <maat> where we partially disagree with sysadmins
18:31:55 <maat> they could live with users having to deal with several passwords
18:32:07 <maat> while i consider this would be not good for mageai
18:32:57 <maat> but we could use thigs like openid or lemonldap or cas
18:33:14 <maat> to add single sign on for our websites
18:33:37 <maat> then passwords would only remain in identidy server
18:34:17 <maat> and other websites would only get the information that the user in the session xxxxxxx is allowed to do soooooomething
18:34:28 <maat> sorry for the oooo keyboard problemmmmm
18:34:35 <marjavanWaes> ah, so the identity server is contacted whenever someone wants to sing on somewhere in mageia...... so it could be used for the blog, too
18:34:35 <doktor5000> np
18:34:51 <marjavanWaes> s/sing/sign/
18:34:57 <maat> the principle is that a user connecting
18:35:03 <maat> iow clicking on login
18:35:16 <maat> is bounced to identity
18:35:27 <maat> there he gives his login & password
18:35:37 <maat> the he is bounced back to forum
18:35:55 <marjavanWaes> OK
18:35:59 <maat> with something attached to him allowinnnnnngforum to know who he is
18:36:22 <maat> the processus is very light for users
18:36:58 <maat> they only ntice that the url between login form and forum is different
18:37:03 <maat> the nice part
18:37:09 <maat> is that once logged
18:37:22 <maat> if they go to bugzilla or wiki
18:37:31 <maat> they dont need to log in again
18:38:02 <Guest86593> logged in at once for the mageia-cloud
18:38:09 <maat> yep
18:38:13 <maat> that's the idea
18:38:25 <marjavanWaes> sounds great...... but I can perfectly understand that a too small sysadmin team doesn't look forward to doing this
18:38:35 <maat> very simple
18:38:58 <maat> and we have kharec in the community who worked on lemon ldap
18:39:03 <maat> and he packaged it for mageia
18:39:18 <maat> so even more simple
18:39:25 <marjavanWaes> ah, you mentioned him in the meeting
18:39:35 <maat> given that the plugins are already available for mediawiki and bugzilla
18:39:43 <maat> the biggest work would be for us
18:39:59 <maat> to create a phpbb connector
18:41:54 <marjavanWaes> maat: do you know what solution obgr_seneca is working on? lemonldap or something else?
18:42:22 <maat> i guess it is openid
18:42:39 <maat> id federation more than simple sso
18:42:58 <maat> useful when there are several "sources" for users id creations
18:43:13 <maat> but more complex
18:44:11 <marjavanWaes> maat: do you have time to mail obgr_seneca about this?
18:44:20 <maat> an other option is that he's just looking at forum code to see if we can prevent phpbb from storing passwords
18:44:23 <maat> well
18:44:35 <maat> not real passwords but teirh hashes
18:44:40 <marjavanWaes> maat: in case he is still strugling
18:45:16 <maat> we could mail him the logs of this discussion
18:45:23 <maat> i'd be happy to help him
18:45:27 <marjavanWaes> maat: agreed
18:45:32 <maat> even if i don't have loads of time
18:46:08 <Guest86593> maat: constructive, thx
18:46:11 <marjavanWaes> #action marja will mail the logs of this meeting to obgr_seneca, so he will know maat is willing to help
18:48:20 <Guest86593> st3ve: welcome
18:49:12 <marjavanWaes> st3ve: good morning :)
18:49:21 <Guest86593> i'll return in some ten minutes, excusez moi
18:49:56 <marjavanWaes> about the brazilian forum, if we don't get that VM soon..... at least maat and I and jstephan have a mageia.* or mageia*.* domain
18:49:59 <marjavanWaes> Guest86593: np
18:50:25 <st3ve> hi all
18:50:27 <maat> yes
18:50:30 <st3ve> marjavanWaes: good to see you back
18:50:37 <marjavanWaes> should we find a temporary solution outside mageia.org for those guys?
18:50:45 <maat> but i hope we'll never get to such ends
18:50:48 <marjavanWaes> st3ve: thx
18:51:54 <maat> for the brazilian forum
18:51:56 <marjavanWaes> maat: me too, I'd rather only do it if there is really no other way..... and only temporarily for the brazilian forum (which is already outside mageia.org)
18:52:25 <marjavanWaes> maat: of course not for the DE and EN forums
18:52:25 <maat> i thinkwe could open an independant vm even if on the same hardware
18:52:42 <maat> to deal with urgency
18:53:03 <maat> then we could work on stadardization and sso
18:53:12 <maat> standardization
18:56:57 <marjavanWaes> maat: so forums team should have 2 vm's.... or is it easy to split one in two?
18:57:45 <maat> that would be 2 vm at first
18:57:56 <maat> unless we can have one vm with jails
18:58:04 <marjavanWaes> OK
18:58:09 <maat> which could be far better to save cpu
18:59:14 <marjavanWaes> #info to deal with suddenly added forums from outside mageia.org, forums team should have two vm's or one vm with jails
19:00:41 <maat> something like vserver for example
19:00:52 <maat> http://en.wikipedia.org/wiki/Linux-VServer
19:01:28 <Guest86593> *back again
19:01:28 <marjavanWaes> nice :)
19:01:35 <marjavanWaes> Guest86593: welcome back
19:01:43 <marjavanWaes> doktor5000: are you still around?
19:02:23 <doktor5000> marjavanWaes: yep
19:02:29 <marjavanWaes> good
19:03:21 <marjavanWaes> I doubt this is the correct time to ask anything of sysadmin team (about vserver, for instance)
19:04:01 <doktor5000> we should wait till after the discussion in council meeting ... IMHO
19:04:15 <doktor5000> to ask anything, that is
19:04:27 <marjavanWaes> doktor5000: yes, that seems a lot better...... so the Brazilians must wait
19:04:45 <doktor5000> actually i didn't like how this was handled last time, and the wording that Anne used ...
19:05:00 <maat> agreed
19:05:17 <maat> the goal is to make things easier for everybody
19:05:44 <marjavanWaes> doktor5000: I don't think she would have made you and maat chair, if she was still for 100% of the same opinion
19:06:58 <maat> Anne is in a very complex postition... all pression finishes on her shoulders
19:07:14 <marjavanWaes> maat: very true
19:07:19 <maat> and it's impossible to satisfy everybody
19:07:41 <maat> so whatever she decides there will be upset people :-(
19:08:22 <maat> i have to face that for the job
19:08:25 * marjavanWaes couldn't live with that, so it is good we have her
19:08:40 <marjavanWaes> maat: ouch
19:08:49 <maat> so she has all my respect & admiration
19:08:57 <marjavanWaes> :)
19:09:08 <maat> but i'd not accept her position even for a truck of gold
19:09:21 <marjavanWaes> lol
19:09:33 <marjavanWaes> nor would I
19:09:35 <maat> well
19:09:47 <maat> perhaps if it is a very big truck ^^
19:09:58 <marjavanWaes> grinz
19:10:15 <marjavanWaes> then you'd hire someone to do the job :)
19:10:21 <maat> lol
19:10:24 <maat> indeed !
19:10:27 <marjavanWaes> Is there more to discuss?
19:10:36 <doktor5000> well i know that also from work, you can't please everyone, but you can try to improve overall situation so everyone is maybe not happy, but a little happier
19:10:41 <maat> at the moment nope for big subjects
19:10:53 <Guest86593> marja: nothing
19:10:54 <maat> but we have started to let devs enter the team
19:10:57 <marjavanWaes> doktor5000: that is the best solution, when that is possible
19:11:08 <maat> did we have patches or things to review ?
19:11:35 <maat> doktor5000: yes but it's a tiring fulltime job :)
19:11:38 * marjavanWaes forgot to ask jstephan to join the meeting..... his nick is in #mageia-de
19:11:46 <maat> np
19:11:54 <maat> we'll see that with him next time :)
19:12:03 <doktor5000> maat: moderators group has still not been pruned of ohan and stef74 https://forums.mageia.org/en/memberlist.php?mode=group
19:12:13 <maat> yes
19:12:14 <doktor5000> maat: noone said such a job would be easy ...
19:12:17 <maat> i'm late on that
19:12:30 <maat> thans for the reminder
19:12:34 <maat> thanks
19:12:45 <maat> (keyboaaaard!)
19:12:55 <maat> :'-(
19:15:38 <maat> so perhaps it's time to end the meeting ok ?
19:15:45 <marjavanWaes> fine with me
19:15:47 <maat> marjavanWaes: Guest86593 doktor5000  ?
19:15:53 <maat> things to add ?
19:15:55 <Guest86593> fine with me too
19:15:58 <marjavanWaes> st3ve: ?
19:16:09 <maat> yep st3ve sorry :)
19:17:10 <st3ve> yep
19:17:31 <doktor5000> #endmeeting
19:17:37 <marjavanWaes> :)
19:17:46 <Guest86593> good night to all, ........enjoy life
19:17:50 <marjavanWaes> didn't it get logged?
19:17:57 <doktor5000> well, seems not
19:18:00 <doktor5000> #chair
19:18:02 <maat> fail of #endmeeting ?
19:18:07 <doktor5000> #endmeeting
19:18:16 <marjavanWaes> #endmeeting