#mageia-meeting log

19:02:07 <misc> #startmeeting
19:02:07 <Inigo_Montoya> Meeting started Tue Oct  5 19:02:07 2010 UTC.  The chair is misc. Information about MeetBot at http://wiki.debian.org/MeetBot.
19:02:07 <Inigo_Montoya> Useful Commands: #action #agreed #help #info #idea #link #topic.
19:02:18 <misc> #meetingname Founders meeting
19:02:18 <Inigo_Montoya> The meeting name has been set to 'founders_meeting'
19:02:36 <misc> #chair ennael misc
19:02:36 <Inigo_Montoya> Current chairs: ennael misc
19:02:56 <misc> ok so first item on agenda, the forum
19:03:00 <misc> #topic forum
19:03:06 <misc> maat: it is up to you
19:03:15 <maat> ok
19:03:19 <ennael> I asked maat to attend and make a quick summary
19:03:33 * maat will be quick
19:03:46 <maat> ennael provided the hardware
19:03:59 <misc> ie ?
19:04:03 <ennael> dedibox
19:04:23 <maat> installed with mandriva up to date
19:04:33 <maat> we had just to install forum part
19:04:38 <misc> what version of dedibox, a v3 ?
19:04:39 <maat> we did this with ash
19:05:15 <maat> dunno
19:05:28 <rtp> misc: afair, yes, it's a v3
19:05:28 <ennael> yep v3
19:05:33 <rapsys> ennael: the packaging of 2010.1 is correct ?
19:05:51 <ennael> yep except we cannot use extended partitions ;)
19:06:02 <misc> #info forum.mageia.org is up, setup by maat and ashledombos, on a dedibox v3 provided by ennael
19:06:05 <rapsys> ok, sorry for offtopic question
19:06:40 <maat> we used a cascading dev-> test -> production architecture with git
19:07:06 <maat> and we installed phpBB from the upstream git repository
19:07:20 <misc> #info phpbb is coming from git
19:07:38 <maat> so we'll be able to follow phpBB team patches easily
19:07:55 <maat> and test them before updating the production forum
19:08:14 <maat> the mageia navbar is installed
19:08:23 <misc> which is ?
19:08:35 <maat> and a cool skin has been chosen and installed by ash
19:09:00 <maat> which is copied from mageia.org (thanks to rda)
19:09:31 <maat> the forum structure and basic rights have been set up
19:09:47 <maat> and DNS http://forum.mageia.org has been pushed
19:10:11 <ahmad78> <maat> the mageia navbar is installed
19:10:11 <ahmad78> <misc> which is ?
19:10:31 <ennael> the 2 menu lines in top of web pages
19:10:41 <ennael> well the first one in that case
19:10:44 <maat> (the vhost answers too to forums.mageia.org but i dont know if it's planned to push tis also)
19:11:03 <maat> s/tis/this/
19:11:12 <misc> i would also ask who take care of the server, and what are the next part of the plan
19:11:26 <maat> so i think we can open it for testing
19:11:35 <coling> canonical names are best, if anything then a 301 redirect only.
19:12:09 <ahmad78> maat: you need to read what's being posted/asked here too ^ :)
19:12:32 <maat> ^^
19:12:50 <ahmad78> maat: <misc> i would also ask who take care of the server, and what are the next part of the plan
19:13:01 <maat> yes
19:13:14 <ennael> on server side
19:13:18 <maat> for the server i guess ennael has got plans
19:13:25 <ennael> dedibox is temporary location
19:13:26 <blingme> I am a bit late to the meeting ... reading backscroll
19:13:31 * misc wanted toknow what is the structure but the server is 403 at the moment
19:13:33 <coincoin> hello al
19:13:35 <coincoin> all
19:13:37 <ennael> so that we can provide forums as soon as possible
19:13:52 <maat> for the forum part of plan
19:14:01 <ennael> some days ago MLO contacted me
19:14:05 <misc> #info dedibox is temporary
19:14:07 <blingme> do we want any ldap auth for forum now, or later, or not at all?
19:14:12 <ennael> and proposed to host official forums
19:14:12 <maat> we need to recruit a few moderators
19:14:30 <ennael> they are buying quite a nice server
19:14:32 <misc> maat: who wil take care of this, if you already know ?
19:14:41 <ennael> and will provide most part of it for mageia
19:14:47 <misc> ennael: official for all community ?
19:14:50 <neoclust_laptop> blingme: would be nice to use ldap to use only one login/pass for all ( forum, reviewboard, ... )
19:15:02 <ennael> misc: yes as it was explained kind of portal
19:15:11 <blingme> I have updated some info on wanted apps and ldap support: http://mageia.org/wiki/doku.php?id=directory
19:15:14 <ennael> misc: with links to all existng forums
19:15:22 <maat> for moderator team building we can take the task with ash
19:15:37 <misc> blingme: well, can you keep it for the next topic :) ?
19:15:43 <maat> and perhaps also support team
19:15:55 <misc> #action maat ashledombos recruit moderator team
19:16:03 <maat> lol
19:16:19 <maat> quick to fire ^^
19:16:37 <coling> SSO would be nice for sure.
19:16:37 <misc> #info MLO ( http://www.mandrivalinux-online.org/ ) will provides official forums for all community
19:16:49 <blingme> didn't read the agenda, but we may want to decide whether to delay forum launch by a few days to get single auth (forum, bugzilla etc.) in place
19:17:11 <ennael> blingme: how long would it take?
19:17:20 <ennael> estimation
19:17:40 <blingme> well, initial ldap is up, the rest depends on what we need (e.g. user registration, password recovery etc.)
19:17:52 * misc show the panel "no side tracking"
19:18:42 <ennael> well it's linked to the date we will open forums
19:18:54 <ennael> so let say we will open forum when ldap is ready
19:18:58 <blingme> is there a current target date?
19:19:03 <ennael> to avoid migration later
19:19:03 <blingme> for forum
19:19:10 <guillomovitch> oï
19:19:13 <ennael> blingme: they are ready
19:19:31 <misc> so we officialy decide to have ldap sso for forum ?
19:19:50 <guillomovitch> sso ?
19:19:55 <misc> single sign on
19:19:58 <blingme> well, single username/password
19:20:00 <guillomovitch> you need cas for this
19:20:10 <maat> we could just open forum for testing purpose
19:20:12 <guillomovitch> ldap just bring you central authentication
19:20:19 <misc> guillomovitch: yup, i was wrong
19:20:25 <ennael> yep central authentication
19:20:26 <blingme> most apps we need now support ldap, not all support CAS
19:20:34 <misc> so we want central auth for forums too
19:20:38 <ennael> yep
19:20:43 <maat> that would allow moderators and support team to start playing
19:21:04 <misc> maat: well, are you ready to take care of a migration later ?
19:21:09 <maat> once ldap is ok we reset forum
19:21:19 <maat> and we connect
19:21:23 <misc> #agreed ldap will be used for forum
19:21:24 <ennael> I don't think it's a good idea
19:21:30 <ennael> people are waiting for it
19:21:34 <Nanar> what does mean "reset" for forum ?
19:21:41 <Nanar> are data lost ?
19:21:41 <maat> if the rule is well known of those who play during the test phase
19:21:43 <ennael> we will have tons of messages and users for sure
19:21:54 <maat> that would not be a probelm
19:22:07 <ahmad78_> (posting about what in the forum? there's not releases out yet)
19:22:14 <ennael> I find you a bit too optimistic
19:22:17 <Nanar> personnaly I do think people can survive w/o forum at time
19:22:23 <ennael> ahmad78_: no need for it :)
19:22:25 <misc> ahmad78_: see -discuss :)
19:22:29 <Nanar> and wait central auth
19:22:41 <ennael> blingme: any ETA? even rough one
19:22:42 <erwan_taf> Nanar: +1
19:22:44 <ahmad78_> misc: same wars, different battle grounds??
19:22:52 <blingme> well, ldap is working ... the pieces we need are web interface to register in ldap
19:23:10 <Nanar> exept forum is the way to eliminate mail from -dev and -discuss
19:23:14 <blingme> for now I can create accounts manually for people who want to test ldap auth on forum
19:23:30 <guillomovitch> another being to brutally unsubscribe people
19:23:38 <guillomovitch> oops, sorry
19:23:47 <ennael> plf methods :)
19:23:53 <maat> ^^
19:23:57 <ahmad78_> Nanar: :)
19:23:59 <misc> blingme: i forget, does that mean that all account will be in ldap ?
19:24:13 <Nanar> ennael: we don't have the patent for this
19:24:18 <Nanar> well
19:24:22 <blingme> misc: I haven't tested the ldap support in various software ....
19:24:39 <blingme> but, I think any contributor would probably prefer one account
19:24:47 <blingme> e.g. even between bugzilla and forum
19:24:51 <Nanar> is it possible to bind forum over the current ldap ?
19:24:53 <misc> yeah, but for non contributers, how would it work ?
19:24:54 <blingme> for forum-only people, not sure
19:25:01 <blingme> Nanar: not sure
19:25:30 <misc> anyway, i guess we can ask to maat and ashledombos to look at it with buchan ?
19:25:57 <maat> 'course you can ask :)
19:26:09 <blingme> so, how about we point forum at ldap and test it ourselves for a day?
19:26:13 <wobo> from my experience at mdv one account for all is best, forum-only users can grow up to be bugzilla reporters, etc.
19:26:23 <misc> because i do not want to spend half a hour on the topic :/
19:26:30 <erwan_taf> wobo: +1
19:26:37 <ennael> ok
19:26:37 <coincoin> +1
19:26:39 <coincoin> :)
19:26:44 <maat> wobo +1
19:26:49 <ennael> let say maat, ash and blingme will work on it
19:26:51 <ahmad78_> wobo: (bugzilla accounts were separate afaik in mdv)
19:27:03 <wobo> ahmad78: no
19:27:06 <ennael> would be nice to have some comments let say tomorrow evening ?
19:27:19 <ennael> ahmad78: was my accounts
19:27:26 <boklm> not on bugzilla ?
19:27:32 <ahmad78> not on bugzilla
19:27:45 <ahmad78> my.mandriva credentials don't work in bugzilla
19:27:51 <erwan_taf> anyway, that's a good target to keep in mind
19:28:32 <ahmad78> (we should wait for blingme's test results)
19:28:46 <ennael> yep
19:28:52 <Nanar> well, we're on th way to redo mdv
19:28:55 <misc> ok so let's say buchan and maat do a test, and we discut later
19:29:02 <maat> ok for me
19:29:08 <ennael> deadline?
19:29:17 <misc> 3 days ?
19:29:22 <misc> next meeting ?
19:29:49 <ennael> blingme, maat: is that ok?
19:29:59 <maat> ennael: ok for me
19:30:23 <maat> the weekend i can give more time
19:30:36 <misc> well, then next week ?
19:30:42 <maat> yup
19:31:10 <misc> #action blingme maat test forum and ldap integration for next week
19:31:22 <ennael> what about mail gateway?
19:31:32 <ennael> we have test in progress with tux99
19:31:51 <ennael> he is splitting tools which is imho not a very good thing
19:31:57 <misc> i would postpone this for the moment
19:31:59 <coling> I think mail gateway will be left until later from what I read? Don't think it's needed to be discussed here and now.
19:32:16 <ennael> yes but we should give a position
19:32:19 <misc> we cannot prevent anyone from setting forum
19:32:24 <ennael> sure
19:32:46 <misc> ennael: well, what are our options ?
19:32:50 <maat> +1 for splitting tools not being a very good thing
19:33:08 <ennael> misc: not much
19:33:12 <maat> but a gateway brings problems
19:33:39 <ennael> ok let see that a bit later but this will have to dealt with
19:33:48 <ennael> at least tested or give answers
19:33:49 <maat> yup
19:33:54 <wobo> yes
19:34:25 <misc> #info postpone discussion about forum/ml gateway
19:34:57 <misc> ok so nothing to add on this topic ?
19:35:10 <maat> nope
19:35:20 <ennael> maat: can you send a mail on -discuss
19:35:21 <wobo> Question: what about multilanguage, localisation, integration/redirection of/to other language forums?
19:35:27 <ennael> to update status of this task
19:35:36 <ennael> wobo: this will be included
19:35:49 <wobo> ok
19:36:02 <maat> ennael: yup but now i'm late so i have to get afk
19:36:06 <ennael> yep
19:36:09 <maat> post a little bit later
19:36:21 <misc> ok so next topic : datacenter and server
19:36:23 <maat> ha this i can answer
19:36:27 <misc> #topic datacenter
19:36:31 <misc> so ennael ?
19:37:03 <maat> wobo: the mageia navbar will be added with a forums part including local and communities forums
19:37:13 <maat> (work in progress)
19:37:22 <wobo> maat: ok
19:37:25 <maat> /end of forum part i think
19:37:28 <maat> bye all
19:37:35 <ennael> ok about datacenter
19:37:40 <ennael> I spoke with rapsys today
19:38:08 <ennael> it seems his manager finally decided to bypass first proposal
19:38:22 <misc> ie, to bypass ?
19:38:23 <ennael> meaning he wants us to contact free foundation before doing anything
19:38:34 * ennael looking for the word
19:39:02 <ennael> it was first planned that dedibox part of the company would host us for 1 year
19:39:12 <ennael> waiting for  free foundation applying
19:39:24 <ennael> am I clear enough ?
19:39:32 <blingme> sorry, had connectivity problems, just back ... waiting for backlog
19:40:00 <ahmad78> his boss rejected the idea, and you're negotiating from beginnig?
19:40:02 <Nanar> "free foundation" = ours (mageia org) or misunderstood ?
19:40:11 <ennael> Free foundation
19:40:13 <ahmad78> Nanar: free.fr, IINM
19:40:17 <misc> Nanar: nope, the foundation of the Free FAI
19:40:20 <Nanar> ok ok
19:40:20 <ennael> ok
19:40:34 <ennael> so I send an email to chairman of Free foundation
19:40:42 <Nanar> ah this "Free" :)
19:40:48 <rtp> sent ? :)
19:40:49 <ennael> and got a reply within 1/2h
19:40:53 <ennael> sent yes
19:41:01 <misc> woot
19:41:03 <ennael> so it's fast
19:41:18 <misc> good
19:41:21 <ennael> they are just waiting for some information about servers and electric consumption
19:41:34 <ennael> so we should be able to get answer quickly
19:41:54 <wobo> Who is Fraa FAI?
19:41:58 <misc> #info Free Foundation is ok to hosting us, they are waiting on information about servers and power consumption
19:42:02 <ennael> so damsweb is working on getting information
19:42:02 <wobo> s/Fraa/Free
19:42:09 <misc> wobo: free.fr, FAI being ISP in french
19:42:11 <Nanar> wobo: french ISP
19:42:13 <ennael> we should send it tomorrow
19:42:16 <wobo> ok
19:42:17 <ennael> morning
19:42:29 <misc> #action damsweb send information to free tomorow morning
19:42:38 <Nanar> wobo: also know as Proxad company
19:42:39 <ennael> I will let you know as soon as we have final answer
19:42:44 <misc> good
19:42:49 <wobo> Nanar: thx
19:42:59 <ennael> btw we asked for 16U
19:43:03 <ennael> to be hosted
19:43:08 <misc> #info we applied for 16 U
19:43:27 <guillomovitch> no more hosting at rapsys's work ?
19:43:38 <ennael> well it should be in same datacenter
19:43:46 <ennael> but under foundation hat
19:44:05 <ennael> rapsys is responsible of preparing all material things
19:44:06 <coling> That was the longer term aim anyways so this just shortcuts the process IIRC.
19:44:11 <misc> yeah, a different sticker on the rack
19:44:15 <ennael> coling: yep
19:44:21 <ennael> which is not that bad
19:44:26 <coling> Indeed.
19:45:02 <misc> so next topic, current point on what we have for servers ?
19:45:22 <ennael> yep
19:45:28 <misc> #topic current servers
19:45:31 <ennael> so we have 2 VMs in Gandi
19:45:41 <ennael> for ldap and some web apps
19:45:57 <ennael> MLO server for forums, temporary on my dedibox
19:46:05 <ennael> then servers we got
19:46:10 <misc> #info 2 virtual machine have been setup at gandi.net, for ldap, web applications, and hosting of irc bot
19:46:15 <ennael> damsweb: can you summarize that point ?
19:46:21 <misc> #info MLO will provides a server for forum
19:46:34 <misc> #info a dedibox v3 is used for forum at the moment
19:47:04 <t_m_b> when will MLO server be online ?
19:47:14 <misc> good question
19:47:21 <ennael> seems in coming 2 weeks
19:47:24 <misc> and who will take care of it, where it will be hosted
19:47:32 <ennael> they need to rack it and buy more disks
19:47:36 <ennael> yep
19:47:51 <ennael> we should list it in wiki page
19:48:36 <misc> #info mlo server will be delivered in 2 weeks, need to be racked and more disks
19:48:52 <misc> #action ennael add MLO server on the wiki page
19:49:06 <ennael> it's a brand new one so we should be ok for some time
19:49:21 <misc> well, where will it be hosted, and who will manage it ?
19:49:31 <ennael> Nfrance in Toulouse
19:49:43 <ennael> one of the MLO admin works there
19:49:51 <ennael> so he will have direct access on it
19:49:57 <ennael> I will add all this in wiki
19:49:58 <misc> what happen if he change job :/
19:50:24 <ennael> that's the question indeed but at least we can start with it I guess
19:51:20 <wobo> IMHO this is a bit insecure if depending on one single person
19:51:56 <ennael> otherwise we will have to migrate it on servers in Free datacenter
19:52:02 <misc> yup but better than nothing, and we have will some months in case of problem
19:52:22 <guillomovitch> as the computer in an english lab managed by some good friend of Stefan ?
19:52:39 <coincoin> back
19:52:39 <ennael> ?
19:52:48 <guillomovitch> who get suddenly inaccessible when the guy get angry about mdv
19:52:50 <misc> ennael: mdv used to have a mirror in warwick
19:53:04 <ennael> oh
19:53:15 <Nanar> yes
19:53:32 <wobo> that's what I meant
19:53:32 <Nanar> he offered a lot of ressources
19:53:45 <blingme> IMHO, the foundation needs to have legal agreements in place
19:53:58 <misc> s/foundation/association/ :)
19:54:06 <blingme> with anyone providing resources upon which the operation of the association depends
19:54:06 <misc> but yes, it would be better
19:54:25 <Nanar> I personnal think we can depend on company/foundation but not one guy
19:54:26 <guillomovitch> such as UPMC univercity ?
19:54:32 <guillomovitch> university ?
19:54:47 * ennael is lost :)
19:55:04 <misc> anyway, so nothing to add on current servers ?
19:55:18 <ennael> not for me
19:55:30 <misc> good, so next topic, ldap
19:55:41 <blingme> hmm, what is location of the different servers
19:55:52 <blingme> and, network topology between them
19:55:55 <misc> blingme: so far, 1 in paris, and 2 vm
19:56:00 <coincoin> blingme: willbe in thesame DC
19:56:01 <blingme> (which is of interest for next topic)
19:56:11 <misc> oh, for the next server
19:56:53 <misc> all physical server in the same DC in Paris, except the one of mlo in Toulouse, and the VM in a different hosting provider
19:56:58 <misc> #topic ldap setup
19:57:07 <misc> so blingme, up to you :)
19:57:20 <blingme> ok, so I have done the really basic work of setting up with mandriva-openldap-dit ....
19:57:33 <blingme> and created myself a test account, and done some basic tests
19:57:41 <blingme> and done some basic initial tuning
19:58:01 <blingme> so, the questions that come up now are:
19:58:08 <misc> #info basic ldap setup ( mandriva-openldap-dit ) and a test account was created on the first gandi vm ( svn.mageia.org )
19:58:23 <blingme> suffix dc=mageia,dc=org
19:58:50 <blingme> 1)who else needs accounts now, specifically for "LDAP Admin" or "Account Admin" role
19:59:17 <boklm> maybe people from sysadmin team ?
19:59:20 <blingme> 2)Should we stick with old mandriva cluster_*.sh scripts for managing contributor account privs etc.
19:59:27 <guillomovitch> I'd prefer to not have 15 different admin teams
19:59:48 <guillomovitch> I remember the 'who is taking care of this' nightmare with mdv
19:59:57 <Nanar> maybe it is the time to reply, let's see questions first
20:00:14 <blingme> 3)Do we aim for all contributor access (bugzilla, svn/build host, wiki) via LDAP or not?
20:00:15 <Nanar> it is _not_
20:00:40 <blingme> 4)If so, what means are we going to use to register users (and handle password recovery)
20:01:16 <neoclust> blingme: 3) i think yes
20:01:29 <blingme> btw, I have updated http://mageia.org/wiki/doku.php?id=directory with some information, but will try and restructure it a bit more
20:01:32 <neoclust> blingme: kde uses ldap a lot in its infrastructure
20:01:50 <blingme> neoclust: seems meego also
20:01:57 <neoclust> blingme: you can handle your own ldap infos tks to gosa
20:02:06 <neoclust> blingme: i think we should push it for us
20:02:21 * misc add back experience with gosa
20:02:21 <neoclust> blingme: with identity.mageia.org ( like identity.kde.org )
20:02:31 <ennael> misc: ?
20:02:32 <Nanar> blingme: do you have others question at time about ldap ?
20:02:33 <guillomovitch> thanks to acess control
20:02:40 <guillomovitch> gosa is just one editor
20:02:47 <blingme> I haven't used gosa recently, so I might have to try it again
20:02:53 <misc> ennael: 4 years ago at my job :)
20:02:54 <blingme> I think those are all the questions ...
20:02:56 <neoclust> blingme: btw kde sysadmin team accept to help us when needed
20:03:04 <ennael> yes but we need an easy interface for accounts creation
20:03:07 <boklm> misc: and what do you think about it ?
20:03:10 <ennael> equivalent of my.mandriva.com
20:03:17 <neoclust> blingme: from kde sysadmin team POV, this is the best decision they took
20:03:20 <misc> boklm: well, it was not easy to customize :/
20:03:22 <wobo> ennael: +1
20:03:31 <guillomovitch> users don't create accounts
20:03:33 <blingme> neoclust: a decision without central auth is always bad :-/
20:03:37 <guillomovitch> they just manage their information
20:03:45 <misc> but maybe we could answer to questions in the order
20:03:46 <guillomovitch> you don't need a fancy guy for creating account
20:03:46 <blingme> guillomovitch: but, users must be able to self-register
20:03:47 <neoclust> blingme: what do you mean ?
20:03:55 <misc> instead of having a mess like now
20:04:06 <ennael> blingme: that's what I meant indeed
20:04:08 <guillomovitch> to maintain packages, you would allow people to self register ?
20:04:08 <Nanar> in all case we'll need tools to allow users to manage it
20:04:23 <blingme> guillomovitch: no, contributor rights need to be assigned
20:04:24 <Nanar> and sysadmin to easilly manage with more power
20:04:26 <coling> Has anyone used phpldapadmin? It's quite nice. You can write templates etc. with it.
20:04:27 <neoclust> seems gosa handle this
20:04:31 <blingme> by sysadmin
20:04:44 <guillomovitch> the point was 'ldap, what for'
20:04:49 <blingme> coling: I am quite familiar with phpldapadmin, but the problem isn't for admins, it is for registering accounts etc.
20:05:02 <misc> #agreed we need to have a interface for user to change their information
20:05:03 <Nanar> coling: phpldapadmin is just a generic way to modify ldap
20:05:03 <guillomovitch> not 'what fancy tool should be used for managing undefined information by undefined people'
20:05:06 <coling> blingme, ah right sorry.
20:05:10 <ennael> http://mageia.org/wiki/doku.php?id=directory
20:05:12 <blingme> guillomovitch: one place for a contributor (of any type) account
20:05:19 <ennael> guillomovitch: listed here
20:05:38 <blingme> so I was thinking to allow users to register accounts
20:05:40 <coling> So will we need to write a frontend for registering our selves do you think?
20:05:58 <coling> e.g. my.mageia.org?
20:06:03 <blingme> which cold be used by them, without further interaction, for forum, wiki, bugzilla
20:06:06 <misc> well, if we plan to have central auth for bugzilla, wiki and so one, we need to have some way of people to create a account
20:06:06 <blingme> could*
20:06:10 <Nanar> I can probably quickly write a web over ldap
20:06:15 <Nanar> web app
20:06:21 * coling was thinking the same.
20:06:30 <Nanar> "quickly" have to be defined...
20:06:37 <blingme> then, if such a user wanted to contribute further, they would log a request/bug for more access
20:06:50 <coling> blingme, I think that makes sense.
20:07:05 <wobo> same as in mdv
20:07:07 <ennael> what about having some list of services to be chosen: ML interface, forums, bugzilla
20:07:12 <blingme> if e.g. packager requesting access to build hosts, member of 'Account Admins" adds posixAccount stuff
20:07:17 <ennael> you don't need to require access for it
20:07:18 <neoclust> blingme: https://identity.kde.org/     one advantage is they have a page to handle their infos
20:07:24 <ennael> you just choose to use it
20:07:45 <blingme> neoclust: yes, users would have the ability to update *some* of their information
20:07:51 <ennael> yep
20:07:52 <blingme> e.g. mail, cn, etc.
20:07:57 <boklm> ssh key ?
20:08:10 <blingme> boklm: hmm, maybe
20:08:15 <blingme> change passwords
20:08:48 <blingme> guillomovitch: any comment?
20:09:12 <guillomovitch> fine for me
20:09:22 <blingme> ennael: I think by default, anyone should get the basic "discuss" access, e.g. wiki, forum etc.
20:09:23 <misc> ok so we all agree that full ldap is the way to go, that we need a application to manage account, ie create, change type of account by admins
20:09:39 <coling> misc, yup
20:09:43 <blingme> any other access (svn, build host etc.) would need to be requested
20:10:01 <coling> I'd be happy to help out with web app development for this. I'd very much like it to be Zend Framework based tho'.
20:10:08 <Nanar> would be nice to have delegation
20:10:09 <blingme> also, we may consider openid provider backed on ldap
20:10:19 <blingme> coling: php-ldap sucks ....
20:10:20 <coling> (or if something existing is used, even better)
20:10:26 <Nanar> eg admin of a team can add a member
20:10:27 <blingme> no support for ldap controls
20:10:41 <blingme> php developers reject patches from OpenLDAP team adding them ....
20:10:51 <Nanar> perl ?
20:10:51 <blingme> so, perl or python
20:10:53 * blingme votes perl
20:11:03 <guillomovitch> I'd rather not develop something
20:11:11 <guillomovitch> but rather adapt something existing
20:11:18 <blingme> guillomovitch: sure, if there are
20:11:25 <ennael> what about creating new module for gosa for example
20:11:27 <guillomovitch> gosa, phpldapadmin, whatever
20:11:29 <ennael> or any other solution
20:11:33 <blingme> but, lets first decide what we need
20:11:37 <ennael> arf :)
20:11:51 * coling always quite liked the Zend Framework ldap stuff but each to their own.
20:12:00 <blingme> biggest and most visible piece is 1)user registration interface, 2)password recovery
20:12:30 <boklm> I have been able to register myself on identity.kde.org
20:12:32 <misc> #info requirement for account admin : user registration , password recovery
20:13:05 <boklm> so it seems user registration is possible with gosa
20:13:05 <blingme> now, the one bigger risk we have with doing this, is that there may be more exposure of accounts to hacking attempts
20:13:27 <blingme> so, I would prefer if we had some password policies for accounts with svn or build access
20:13:42 <blingme> maybe just lockout after x failed attempts for y minutes
20:13:45 <guillomovitch> don't allow passwords for svn or build access
20:13:46 <boklm> maybe, only ssh key access ?
20:13:53 <rtp> only ssh keys ?
20:13:58 <misc> well, this is maybe outside of the meeting, no ?
20:14:04 <blingme> guillomovitch: but, password may mean access to update ssh key in ldap via account management
20:14:09 <guillomovitch> yes
20:14:15 <misc> ie, can the exact technical discussion be discussed by ml ?
20:14:24 <guillomovitch> yep
20:14:52 <misc> so, blingme, guillomovitch, who else is interested ?
20:15:03 <boklm> me
20:15:05 <guillomovitch> people in admin teams
20:15:08 <ennael> _o/ for user interface
20:15:19 <guillomovitch> that's a sysadmin task to implement this
20:15:31 <ennael> but there are specs to be done
20:15:31 <misc> yup
20:15:38 <misc> yup too
20:15:49 <misc> so who want to take the task of writing a spec for this ?
20:16:02 <guillomovitch> I think the spec is quite clear from the discussion
20:16:15 <guillomovitch> allow to user to create their accout themselves
20:16:25 <misc> so that should not be a problem to write it down
20:16:26 <guillomovitch> and manage their personal information directly
20:16:35 <ennael> okok
20:16:59 <Nanar> for when this must be done ?
20:17:01 <guillomovitch> and keep authorization management for various admin groups
20:17:17 <ennael> but please plan some tests with end users
20:17:17 <coling> neoclust is the code for identity.kde.org available?
20:17:23 <ennael> to be sure it will be clear enough
20:17:25 <misc> i propose a spec for next meeting, sent to sysadm@mageia ?
20:17:36 <boklm> mageia-sysadm@mageia.org
20:17:53 <misc> boklm: shhh, let me use my advanced techinique of task avoidance
20:17:57 <boklm> :)
20:18:04 <ennael> :)
20:18:07 <misc> so, that doesn't solve "who want to write the spec"
20:18:23 <ennael> no specs it seems :)
20:18:33 <boklm> maybe it can be written on the wiki page ?
20:18:33 <neoclust> coling: yes let me ask :)
20:18:36 <guillomovitch> I just proposed 3 lines...
20:18:55 <misc> ok, so I will write the spec
20:19:09 <misc> #action misc write a spec for directory and web app
20:19:56 <boklm> blingme: could it be a problem if we have 20 000 users or more registered in ldap ?
20:20:04 <misc> #action send spec to sysadm, ennael, buchan and guillomovitch for review
20:20:21 <blingme> sorry, lost connection
20:20:42 <blingme> boklm: as long as we have ~512MB ram available dedicated to LDAP by then
20:20:42 <Nanar> 22:19:56 < boklm> blingme: could it be a problem if we have 20 000 users or more registered in ldap ?
20:20:53 <Nanar> oops
20:21:07 <Nanar> I thought you hadn't the message
20:21:13 <boklm> ok, we should be able to have more than 512MB of ram
20:21:29 <neoclust> coling: iirc this is here git://git.kde.org/sysadmin/ldap-user-manager
20:21:43 * coling is just looking at identity.kde.org... actually looks very nice. Would do 90% of what we need for the initial web interface...
20:21:43 <neoclust> coling: this is a better version of gosa done for kde
20:21:50 <misc> anyway, can we go on the next topic : mirror ( should be fast ), then voting/epoll ?
20:21:52 <t_m_b> any backup ldap ?
20:21:54 <neoclust> coling: tks i love you
20:22:14 <blingme> t_m_b: we should add at least one replica ...
20:23:00 <t_m_b> blingme: yeah, so we avoid single point of failure...
20:24:00 <misc> ok so nothing to add on ldap ( that was not said earlier or in the previous meeting ), can we go on next topic ?
20:24:14 <coling> yup
20:24:30 <neoclust> coling: kde sysadmin team  ( i repeat ) is OK and have proposed by themself to help us ;)
20:24:58 <guillomovitch> in exchange of dropping gnome for the distribution
20:25:00 <blingme> neoclust: can you send me/us some contact details?
20:25:07 <ennael> :)
20:25:11 <blingme> btw., who is our sysadmin team ?
20:25:18 <neoclust> guillomovitch: :)
20:25:28 <neoclust> blingme: which mail adress ?
20:25:39 * guillomovitch is not the sysadmin yeam
20:25:43 <misc> blingme: i will provides the name later
20:25:50 <blingme> neoclust: any (bgmilne at gmail ?)
20:25:59 <neoclust> blingme: ok i do this
20:26:11 <misc> ok so next topic
20:26:19 <misc> #topic mirror management
20:26:24 <misc> Nanar: what's new ?
20:26:32 <Nanar> about ?
20:26:35 <Nanar> :)
20:26:44 <Nanar> So rsync://rsync.mageia.org/mageia/ is setup
20:26:57 <Nanar> currently for test only on ryu.zarb.org
20:27:05 <Nanar> the tree will to move later
20:27:08 <Nanar> of course
20:27:21 <ennael> have
20:27:37 <misc> #info rsync.mageia.org is setup for testing purpose, will have to move later
20:27:43 <t_m_b> Any more Tier1 ?
20:27:48 <Nanar> Then 1st Tier1 is setup: rsync://distrib-coffee.ipsl.jussieu.fr/mageia/
20:28:24 <Nanar> and two people already provided mirrors over it
20:28:26 <misc> #info first tier1 is setup ( d-c )
20:28:56 <Nanar> I asked to ibliblio to become another Tier1
20:29:04 <misc> great the readme.mirror has more backups that the blogs
20:29:11 <Nanar> sent me question: bandwidth and size
20:29:16 <ennael> :)
20:29:29 <Nanar> waiting their reply
20:29:40 <Nanar> I will ask to others mirrors
20:30:01 <Nanar> the problem is I thik the size
20:30:19 <Nanar> as I sent to -discuss, in 3 years the tree will be around 700GB
20:30:42 <t_m_b> getting kernel.org as a Tier1 would spread nicely around the world
20:31:05 <Nanar> t_m_b: I am thinking to them
20:31:28 <Nanar> I prefer to wait instead asking to everyone and finally reject the offer
20:32:02 <t_m_b> why reject ?
20:32:23 <t_m_b> do you want to limit amount of Tier1 ?
20:32:23 <Nanar> if we ask to 20 mirrors and 20 reply "yes"...
20:32:28 <Nanar> yes
20:32:36 <rtp> t_m_b: hmm... kernel.org is mirroring distributions ?
20:32:47 <Nanar> rtp: yes, it does
20:33:27 <Nanar> I prefer limit Tier1 to not overload our server until I don't know the bandwidth we'll have, and the capacity of our server
20:33:55 <t_m_b> good point.
20:33:58 <Nanar> beside this I wrote this: http://distrib-coffee.ipsl.jussieu.fr/mageia-mirrors
20:34:16 <Nanar> this application allow to register new mirrors
20:34:37 <Nanar> perform basic checking, show beautifull maps, etc...
20:34:45 <Nanar> not finish but working
20:35:03 <Nanar> the apps will move later on our servers
20:35:13 <Nanar> Still to do things
20:35:26 <Nanar> 1) discuss the main tree structure on mirrors
20:35:26 <misc> #link http://distrib-coffee.ipsl.jussieu.fr/mageia-mirrors
20:35:37 <Nanar> 2) finding Tier1
20:35:44 <Nanar> 3) finding mirrors
20:35:51 <ennael> about Mageia mirrors database
20:35:55 <erwan_taf> I do have kernel.org contacts if needed
20:35:57 <blingme> Nanar: app running catalyst?
20:36:00 <Nanar> no emergency until we have nothing to push on the tree
20:36:10 <Nanar> blingme: perl + catalyst + pgsql
20:36:12 <ennael> do you plan to add form for contact mail and so on regarding mirror admin ?
20:36:42 <Nanar> ennael: more or less, I am also thinking security risk about this
20:36:56 <ennael> well we had some issues in mdv
20:37:04 <Nanar> ennael: at time I am more in favor of encouraging people to send mail
20:37:08 <ennael> as at the end we had no contact anymore with mirrors admin
20:37:18 <erwan_taf> Nanar: when we need the kernel.org, I know the webmaster
20:37:23 <Nanar> but also, do we need to know mirrors admin (except for Tier1) ?
20:37:25 <erwan_taf> that's a friend of I
20:37:36 <Nanar> erwan_taf: I keep a note
20:37:44 <ennael> Nanar: when you want to communciate on new releases updated on mirrors
20:37:48 <ennael> as an example
20:37:58 <ennael> or you plan to modify anything in tree
20:38:10 <Nanar> ennael: we'll probably have a mailing list, but cannot force to subscribe to it
20:38:13 <ennael> better to have it first than looking for contact after
20:38:35 <blingme> I think most mirror admins would want to provide a contact address
20:38:35 <guillomovitch> I'd rather avoid each subsystem responsible write his own application with his own prefered language and his own prefered database
20:38:41 <Nanar> I also don't want to have our list like "Centos" where there hundred of mail...
20:39:10 <blingme> will mirror monitoring be done, as at mdv?
20:39:16 <Nanar> yup
20:39:36 <Nanar> guillomovitch: send proposal, you could have commented on -discuss before too
20:39:52 <guillomovitch> I don't read discuss
20:40:12 * blingme isn't subscribed to discuss, only devel
20:40:15 <guillomovitch> and I don't have proposal
20:40:37 <guillomovitch> but I think the sysadmin team should give constraints/advices
20:40:46 <guillomovitch> for any kind of internal developement
20:41:31 <guillomovitch> before the development begin
20:41:52 <Nanar> ok, so I'll wait advice, and when they'll be done we'll see
20:42:04 <misc> Nanar: go ahead, advice from admin team :p
20:42:17 <blingme> guillomovitch: any guidelines on apps or languages or frameworks?
20:42:24 <guillomovitch> I dont' care
20:42:29 <guillomovitch> I won't manage them
20:42:42 <Nanar> I can wait but we'll need mirrors to start to the distributions
20:43:06 <guillomovitch> but I don't see the need of having both postgres and mysql databases, for instance
20:43:12 <Nanar> and so need a way to collect information
20:43:34 <misc> guillomovitch: well, if we reuse existing software, we will not have the choice
20:43:58 <misc> after all, why do we have mysql and ldap, while we could only put everything in mysql
20:44:10 <guillomovitch> that's not the same kind of tool
20:44:36 <misc> anyway, nothing to add on mirror ?
20:44:47 <Nanar> I'll stop to write it
20:45:02 <Nanar> and wait sys admin advices and we'll see
20:45:05 <blingme> as a mirror maintainer ....
20:45:13 <blingme> in the past
20:45:34 <blingme> if mirror monitoring is done, contact for mirror should be informed of mirror state changes
20:45:43 <guillomovitch> in a long long far away country
20:45:43 <blingme> or, it should be possible
20:46:15 <Nanar> blingme: it will if we agree to use my tools
20:46:37 <Nanar> blingme: just need to find a way secure it about email and co
20:46:55 <boklm> Nanar: what will this applications be doing ? managing a database of mirrors ?
20:47:03 <misc> boklm: yup
20:47:17 <Nanar> boklm: exactly
20:47:30 <guillomovitch> with hidden remote management features stuffed in (plf compliantà
20:47:38 <ennael> :)
20:47:39 <Nanar> nothing to add on this topic
20:47:46 <misc> ok so next topic
20:47:56 <misc> #topic election, epoll and related topic
20:48:14 <misc> so, i heard that epoll 2.0 was due yesterday :)
20:49:26 <misc> ennael: ?
20:49:31 <ennael> :)
20:49:36 <ennael> I did some test today
20:49:49 <ennael> was elected the best mum of the world by vote :)
20:49:57 <ennael> still some issues in translation
20:50:07 <guillomovitch> by how many people ? 3 ?
20:50:11 <ennael> but I will report it tomorrow
20:50:13 <ennael> 2
20:50:17 <ennael> shhhhhh
20:50:41 <Nanar> there is 2 kind of issue about translations:
20:50:50 <Nanar> - code still in french
20:51:01 <Nanar> - english not yet translated in .po
20:51:17 <misc> ie ?
20:51:18 <Nanar> fr.po
20:51:37 <Nanar> in 'C' if you see 'mon vote' it's in the app
20:51:49 <misc> ok so the code comments are in french, and french translation is in english ?
20:51:56 <Nanar> in 'fr' if you see "my poll" it's in the fr.po
20:52:08 <Nanar> no
20:52:15 <Nanar> apps imust be in english
20:52:28 <Nanar> and is now mostly in english
20:52:33 <misc> ok so anyway, soft is not ready, any ETA for the translation ?
20:53:22 <Nanar> soft is mostly ready and can be used
20:53:41 <wobo> as our translators say, unless they do not see the software there are too many unclear translation options
20:53:47 <Nanar> because not yet fully translated part are in "admin" section
20:54:06 <misc> well, can we setup a test instace with auto update from svn so people can test ?
20:54:19 <ennael> it's already done I guess
20:54:22 <ahmad78> I agree, seeing the application in action would ease translation proofreading
20:54:34 <ahmad78> & proofreading
20:54:35 <misc> then we just need to tell to people where to get it :)
20:54:36 <Nanar> http://forge.ipsl.jussieu.fr/epoll/demotrunk
20:54:47 <misc> Nanar: automatically updated ?
20:54:52 <Nanar> if you want play with it
20:54:55 <misc> #link http://forge.ipsl.jussieu.fr/epoll/demotrunk
20:54:56 <Nanar> misc: will do it
20:55:15 <misc> #action Nanar setup a auto update of the demo so translator can play with it
20:55:29 <misc> #action Nanar send the link to translator
20:55:54 <misc> ennael: where and who will take care of the official instance ?
20:56:08 <ennael> we should host it in one of our server
20:56:16 <ennael> this is adminsys job :)
20:56:31 <ennael> => boklm ?
20:56:32 <Nanar> (perl + catalyst + pgsql, to change)
20:56:45 <boklm> yes
20:56:50 <misc> ennael: yeah, but there is a trust issue
20:56:59 <ahmad78> Nanar: if possible, could you create a test poll too?
20:57:05 <ennael> misc: ?
20:57:15 <Nanar> ahmad78: do it yourself ? /o\ :)
20:57:31 <misc> ennael: ie, admins will be able to see who voted what, etc, afaik
20:57:32 <ahmad78> Nanar: ah, yes
20:57:47 <blingme> s/trust/privacy/ ?
20:57:49 <ennael> misc: you can encrypt data
20:57:56 <ennael> Nanar: ?
20:57:57 <boklm> will we do private or public votes ?
20:58:06 <misc> boklm: ie ?
20:58:07 <rtp> ennael: hmm... I guess you're asking for a 3.0 version ? :)
20:58:12 <ahmad78> Nanar: it'll send an email and all?
20:58:15 <Nanar> there's many way to know who vote what
20:58:44 <Nanar> but version 2 can encrytp ballot in DB
20:58:50 <ennael> rtp: nope :)
20:59:24 <Nanar> so until th software remain unchange, everything get secret
20:59:58 <Nanar> and everything is done to protect data
21:00:21 <misc> #action boklm setup epoll on a server
21:00:36 <misc> we need to have it ready for what date ?
21:00:56 <erwan_taf> Nanar: unless if many people can access the key isn't it ?
21:00:57 <Nanar> ahmad78: http://forge.ipsl.jussieu.fr/epoll/demotrunk/newpoll
21:01:09 <ennael> this will be needed for election inside each work group
21:01:17 <Nanar> erwan_taf: key is in db, protect by passphrase
21:01:18 <misc> ennael: so in 2 weeks ?
21:01:24 <ennael> the latest
21:01:28 <ahmad78> Nanar: yes, I figuered I can click the link that was staring me in the eye
21:01:46 <Nanar> erwan_taf: and even you can read ballot, there is not link between ballot and voters
21:02:17 <Nanar> ahmad78: you'll receiv a mail then
21:02:22 <misc> plf has a version were no one can read the ballot
21:02:30 <ennael> :)
21:02:32 <misc> you have to decide who won before
21:02:41 <ennael> I love this one :)
21:02:41 <Nanar> seems my english is unclear
21:03:21 <Nanar> if you stoll the key, you'll read ballot in clear, but nothing can indicated who posted it
21:03:51 <misc> #info epoll should be ready in 2 weeks
21:04:15 <erwan_taf> Nanar: but that could change the result of th poll isn't it ?
21:04:49 <Nanar> there's others detection to prevent changes
21:04:58 <misc> ok, apart from the details of epoll ( that could be discussed outside ), anything to add ?
21:05:09 <Nanar> each voters can check its ballot is present at end of the vote
21:05:20 <ennael> misc: give some pizza to Nanar to stop him :)
21:05:26 <misc> ( Nanar has a full 40 minutes speech on the subject, for those interested, it just cost one beer to make him start )
21:05:37 <rtp> :)
21:05:38 <Nanar> erwan_taf: http://forge.ipsl.jussieu.fr/epoll/raw-attachment/wiki/documentations/epoll.2.pdf
21:05:44 <Nanar> erwan_taf: about v1
21:06:10 <misc> ok so no topic to add ?
21:06:24 <ennael> 2h
21:06:26 <ennael> enough :)
21:06:32 <ennael> next meeting?
21:06:34 <misc> #topic next meeting
21:06:37 <misc> yup
21:07:00 <ennael> would be nice to focus this next meeting on organization
21:07:27 <misc> well, we can
21:07:43 <misc> just need to propose agenda so I do not have to invent it :)
21:07:52 <ennael> :)
21:08:01 <ennael> ok so when?
21:08:15 <misc> on monday next week ?
21:08:26 <Nanar> will be impossible for me
21:08:36 <Nanar> I'll be looking stars
21:08:49 <boklm> stars in the sky ?
21:08:56 <wobo> in his eyes
21:08:56 <Nanar> yup
21:09:07 <ennael> boklm: sky of diamonds ;)
21:09:08 <Nanar> no, in the sky
21:09:18 <misc> wobo: like 8.2 logo ?
21:09:21 <ennael> would it be possible to have one on friday for example?
21:09:31 <wobo> misc: LOL!
21:09:36 <ennael> :)
21:09:36 <guillomovitch> with lucy ?
21:09:37 <misc> ennael: i guess so
21:09:37 <boklm> :)
21:09:45 <ennael> guillomovitch: yep :)
21:09:45 <misc> i am not sure to be there, but I can try
21:09:49 <misc> so on friday ?
21:09:52 <Nanar> really: http://www.obs-hp.fr/welcome.shtml
21:09:53 <ennael> reference for old people ;)
21:10:09 <misc> friday, 18h UTC ?
21:10:13 <boklm> hmm, I'm old too ?
21:10:17 <Fredxx> ok
21:10:20 <ennael> boklm: you are :)
21:10:26 <boklm> :)
21:10:31 <t_m_b> misc: ok
21:10:40 <wobo> misc: ok
21:10:40 <erwan_taf> Nanar: very interesting
21:10:43 <misc> ennael: can you sent the agenda for thursday ?
21:10:48 <erwan_taf> Nanar: does MD5 strong enough ?
21:10:56 <erwan_taf> Nanar: looks like collisions exists
21:11:00 <ennael> misc: yep
21:11:15 <misc> #action ennael send agenda for thursday
21:11:19 <Nanar> erwan_taf: depends on which md5 you're talking about
21:11:30 <ennael> misc: can you please switch off Nanar ? :)
21:11:32 <misc> #info next meeting on friday, 18h UTC, same room
21:11:37 <ennael> anyway thanks guys
21:11:40 <misc> #endmeeting