# Fedora Quality Assurance Meeting
# Date: 2015-03-09
# Time: ** 15:00 UTC ** NOTE TIME CHANGE
(https://fedoraproject.org/wiki/Infrastructure/UTCHowto)
# Location: #fedora-meeting on irc.freenode.net
Greetings testers!
It's QA meeting time again! Daylight savings kicks in in North America
(at le
On 6 Mar 2015, at 23:49, Adam Williamson wrote:
On Fri, 2015-03-06 at 23:09 +0100, Björn Persson wrote:
I hope https://xkcd.com/936/will be among the inputs to that
discussion.
I'm fond of noting that pwquality has not yet blacklisted any variant
of correcthorsebatterystaple. I've been usi
On Fri, 2015-03-06 at 23:09 +0100, Björn Persson wrote:
> Adam Jackson wrote:
> > > > FESCO is prepared to work with anaconda and other stakeholders
> > > > to define security models for the various Fedora products. By
> > > > clarifying our needs we hope to avoid this kind of contention
> > >
> I have no
> clue why VNC passwords are limited/truncated to eight characters, but it
> seems like that limitation makes the protocol not worth supporting at
> all, let alone worth promoting in System Settings.
The only VNC authentication mechanism standardized in RFC 6143 uses the
password as a
On 6 March 2015 at 19:13, Michael Catanzaro wrote:
> On Fri, 2015-03-06 at 19:35 -0500, Miloslav Trmač wrote:
>
> Eh, well by my logic they are both so closely-related that it's nonsense
> to treat them differently... but that comment was more a wishful
> "somebody please fix VNC or rewrite histo
On Fri, 2015-03-06 at 19:35 -0500, Miloslav Trmač wrote:
> There is another very important case where this falls down: the computer is
> enrolled into AD/IPA and the password is used throughout the organization.
> Just looking at a local machine does not necessarily tell you what the needed
> p
On Fri, 2015-03-06 at 19:25 -0500, Miloslav Trmač wrote:
> The way we deploy LUKS, a single password guess takes one second on a
> comparable hardware, so the fuzz factor is not actually as large as it might
> seem.
Wow, I had no clue it was that good. OK, so making one guess at the user
account
On Fri, 2015-03-06 at 19:40 -0500, Miloslav Trmač wrote:
> Consider a client enrolled in AD/IPA.
I agree. We can meet both sets of goals with modifications to
libpwquality to allow a *dramatically* weaker default configuration, and
then a corporate deployment can set of pwquality.conf however it l
On 6 March 2015 at 17:11, Kevin Kofler wrote:
> Stephen John Smoogen wrote:
> > It is a two way street. You own the device. They make the OS. Each is
> > their own 'ball' if I am using your original metaphor appropriately. Each
> > sees the other as the field the ball gets played on. If you don't
> Note that in upstream bug #735578 I have failed to build consensus on
> any form of password strength checking, let alone the strict checking
> that is done by libpwquality, so there is little chance at this point of
> GNOME upstream adhering to any policy you come up with. The status quo
> is th
Hello,
> On Fri, 2015-03-06 at 12:00 -0700, Kevin Fenzi wrote:
> > * The workstation folks think this change could drive away some of
> > their potential users for not much gain. In their case, sshd is not
> > enabled/running and additional security for a device that sits in
> > your home isn
David Cantrell wrote:
> From what I'm reading in the meeting logs and the ticket comments, it
> appears the revert decision is basically a temporary solution and a more
> formal security policy will be discussed later. We had technical
> arguments in favor of the change originally, but I have yet
> On Fri, 2015-03-06 at 12:00 -0700, Kevin Fenzi wrote:
> > * The workstation folks think this change could drive away some of
> > their potential users for not much gain. In their case, sshd is not
> > enabled/running and additional security for a device that sits in
> > your home isn't wort
Hello,
> On Fri, Mar 06, 2015 at 09:43:33AM -0500, Adam Jackson wrote:
> > As resolved by FESCO in our meeting on 4 March 2015, FESCO requests that
> > anaconda revert a password behaviour change in the UI from F22,
> > restoring the "double-click to confirm weak password" behaviour from F21
> > an
Stephen John Smoogen wrote:
> It is a two way street. You own the device. They make the OS. Each is
> their own 'ball' if I am using your original metaphor appropriately. Each
> sees the other as the field the ball gets played on. If you don't like the
> field that your ball is playing on you are f
Hi!
On Fri, 2015-03-06 at 23:01 +0100, Björn Persson wrote:
> or if the attacker snuck into your room when you left it to fetch some
> coffee, and needs to unlock your console, implant a backdoor and sneak
> back out before you return, or otherwise can't reboot your computer
> because you would no
On Fri, 2015-03-06 at 15:14 -0600, Michael Catanzaro wrote:
> On Fri, 2015-03-06 at 12:00 -0700, Kevin Fenzi wrote:
> > * The workstation folks think this change could drive away some of
> > their potential users for not much gain. In their case, sshd is not
> > enabled/running and additional s
Adam Jackson wrote:
> > > FESCO is prepared to work with anaconda and other stakeholders to define
> > > security models for the various Fedora products. By clarifying our
> > > needs we hope to avoid this kind of contention in the future.
> >
> > The discussion for this might as well start now
I just tried to create an update for F-22, for the bliss package.
After pressing the "Save Update" button, the orange bar at the top
changed to the text in the subject line. A second push of the button
worked, but maybe somebody wants to take a look to see what happened
the first time. Regards,
-
Michael Catanzaro wrote:
> If the attacker is unskilled and doesn't know how to boot a live image,
or if the attacker snuck into your room when you left it to fetch some
coffee, and needs to unlock your console, implant a backdoor and sneak
back out before you return, or otherwise can't reboot you
On Thu, Feb 26, 2015 at 11:00 AM, Rex Dieter wrote:
> which package is this again? I can try experimenting a bit.
>
> The one that worked for me was lightdm, fwiw.
Oops, sorry, got distracted. It is polymake. That package has
multiple problems.
First, it invokes undefined behavior in one bit
On Fri, 2015-03-06 at 12:00 -0700, Kevin Fenzi wrote:
> * The workstation folks think this change could drive away some of
> their potential users for not much gain. In their case, sshd is not
> enabled/running and additional security for a device that sits in
> your home isn't worth the addi
hi
after the latest update (qt , systemd, ...) i have this problem
E: [pulseaudio] main.c: Starting the daemon failed.
no audio only some buzz or click
any ideas?
regards
gil
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code
On Fri, Mar 6, 2015 at 11:07 AM, Stephen John Smoogen wrote:
>> Do you acknowledge it's a historical fact that the user password for a
>> local device has been exclusively user domain? If no, give
>> counterfactual examples.
>>
>
> You need to dial back the dialogue a bit. The original email came
On Fri, 6 Mar 2015 10:52:34 -0500
David Cantrell wrote:
> From what I'm reading in the meeting logs and the ticket comments, it
> appears the revert decision is basically a temporary solution and a
> more formal security policy will be discussed later. We had
> technical arguments in favor of th
On Fri, Mar 06, 2015 at 08:08:58AM -0700, Kevin Fenzi wrote:
> On Fri, 6 Mar 2015 13:48:26 +
> "Richard W.M. Jones" wrote:
>
> > The other one was:
> >
> > Subject: pkgdb created branch 'el6' for the 'mingw-zlib' package
> >
> > But actually I think that was is correct, since that branch
On 02/24/2015 06:44 PM, Jerry James wrote:
How is this really supposed to be done? If I'm doing it the right
way, then the current method is broken.
%undefine _hardened_build
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Cod
On 6 March 2015 at 10:13, Chris Murphy wrote:
> On Fri, Mar 6, 2015 at 7:15 AM, Adam Jackson wrote:
>
> > So this entire thing is about you reading as a verb something clearly
> > syntactically an adjective? I'm not sure how I can respond to that.
>
>
> Do you acknowledge it's a historical fac
On Fri, Mar 6, 2015 at 7:15 AM, Adam Jackson wrote:
> So this entire thing is about you reading as a verb something clearly
> syntactically an adjective? I'm not sure how I can respond to that.
Do you acknowledge it's a historical fact that the user password for a
local device has been exclus
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
==
#fedora-meeting: Fedora Base Design Working Group (2015-03-06)
==
Meeting started by haraldh at 14:08:05 UTC. The full logs are
On Fri, 6 Mar 2015 11:31:45 -0500
Rich Mattes wrote:
> There's no planned f22 rebuild for gcc5, as f22 defaults to
> -D_GLIBCXX_USE_CXX11_ABI=0. These issues are cropping up in f23.
>
> There should probably be a mass rebuild for f23, and sooner rather
> than later as rawhide is currently a big
On Fri, Mar 6, 2015 at 11:04 AM, Pavel Alexeev
wrote:
> According to https://fedoraproject.org/wiki/Changes/GCC5 there no
> planned mass-rebuild for GCC5.
>
There's no planned f22 rebuild for gcc5, as f22 defaults to
-D_GLIBCXX_USE_CXX11_ABI=0. These issues are cropping up in f23.
There shoul
On Fri, 2015-03-06 at 10:52 -0500, David Cantrell wrote:
> I wish a formal distribution and/or per-variant security policy would come
> from FESCo (or a committee directed by FESCo) so we could resolve the
> concerns now and going forward. I don't see the revert decision as being a
> good step in
At the Fedora 22 Alpha Go/No-Go Meeting #2 that just occurred, it was
agreed to Go with the Fedora 22 Alpha by Fedora QA, Release Engineering
and Development.
Fedora 22 Alpha will be publicly available on Tuesday, March 10, 2015.
Meeting details can be seen here:
Minutes: http://bit.ly/17Y8Je5
Lo
Hello.
06.03.2015 16:51, Tomáš Smetana wrote:
> On Fri, 6 Mar 2015 14:11:03 +0100
> Michael Schwendt wrote:
>
>> On Fri, 06 Mar 2015 12:49:12 +0300, Pavel Alexeev wrote:
>>
>>> Hello.
>>>
>>> ImageMagick itself built in rawhide.
just go ahead an rebuild pfstools, please. I'll intervene onl
On Fri, Mar 06, 2015 at 09:43:33AM -0500, Adam Jackson wrote:
> As resolved by FESCO in our meeting on 4 March 2015, FESCO requests that
> anaconda revert a password behaviour change in the UI from F22,
> restoring the "double-click to confirm weak password" behaviour from F21
> and earlier.
From
On Fri, 6 Mar 2015 13:48:26 +
"Richard W.M. Jones" wrote:
> The other one was:
>
> Subject: pkgdb created branch 'el6' for the 'mingw-zlib' package
>
> But actually I think that was is correct, since that branch *was*
> created a little earlier than the email.
Yeah, so the problem is th
As resolved by FESCO in our meeting on 4 March 2015, FESCO requests that
anaconda revert a password behaviour change in the UI from F22,
restoring the "double-click to confirm weak password" behaviour from F21
and earlier.
As for how that's realized: I'm not picky. If it makes more sense from
a d
On Thu, 2015-03-05 at 13:10 -0700, Chris Murphy wrote:
> On Thu, Mar 5, 2015 at 8:41 AM, Adam Jackson wrote:
> > On Thu, 2015-03-05 at 00:45 +0100, Kevin Kofler wrote:
> >> What better solutions? What password I pick should be none of the
> >> installer's business.
> >
> > False. It's entirely re
On Thu, 2015-03-05 at 15:54 +, "Jóhann B. Guðmundsson" wrote:
>
> On 03/05/2015 03:52 PM, Adam Jackson wrote:
> > On Thu, 2015-03-05 at 09:06 +, "Jóhann B. Guðmundsson" wrote:
> >
> >> An typical outcome from a group of individuals that do not know what
> >> they are doing and are making d
On 6 March 2015 at 03:18, Kevin Kofler wrote:
> Tom Hughes wrote:
>> That may not be possible if the minimiser upstream is using is not, or
>> maybe even cannot be, packaged for Fedora.
>
> Unfortunately, the popular minifier JSMin is non-Free (it contains the "no
> evil" clause, see http://tanguy
On Fri, 6 Mar 2015 14:11:03 +0100
Michael Schwendt wrote:
> On Fri, 06 Mar 2015 12:49:12 +0300, Pavel Alexeev wrote:
>
> > Hello.
> >
> > ImageMagick itself built in rawhide.
>
> > > just go ahead an rebuild pfstools, please. I'll intervene only in
> > > the case something goes wrong.
> > F
On Fri, Mar 06, 2015 at 06:31:10AM -0700, Kevin Fenzi wrote:
> On Fri, 6 Mar 2015 13:22:43 +
> "Richard W.M. Jones" wrote:
>
> >
> > Like the ones attached (and not just for libguestfs, but for other
> > packages too). AFAIK no one is creating branches ..
>
> I saw the error about libguest
Hi,
I'm planning to become a Fedora packager so am introducing myself
here.
I started using Red Hat Linux in about 1996 or 1997 and have used
GNU/Linux for all my personal computers ever since (moving from RHL to
Fedora Core and then to Fedora). I've used a variety of unix-like
systems at work,
On Fri, 6 Mar 2015 13:22:43 +
"Richard W.M. Jones" wrote:
>
> Like the ones attached (and not just for libguestfs, but for other
> packages too). AFAIK no one is creating branches ..
I saw the error about libguestfs this morning and was going to
investigate.
I've filed:
https://fedoraho
On Fri, Mar 6, 2015 at 5:04 AM, Kevin Kofler wrote:
> I think we are much better off shipping the unhinted version then, letting the
> Freetype autohinter do its job.
Agreed. So that takes care of the question of including the HTML file
with the comparison of the two.
As far as the doc package i
Like the ones attached (and not just for libguestfs, but for other
packages too). AFAIK no one is creating branches ..
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-df lists dis
On Fri, 06 Mar 2015 12:49:12 +0300, Pavel Alexeev wrote:
> Hello.
>
> ImageMagick itself built in rawhide.
> > just go ahead an rebuild pfstools, please. I'll intervene only in the
> > case
> > something goes wrong.
> First attempt fails [1] with:
>
> pfsinimgmagick.opfsoutimgmagick.o: : In
perl-Text-Template users, please note the license tag was corrected
from (GPL+ or Artistic) to ((GPL+ or Artistic) and (GPLv2+ or
Artistic)).
-- Petr
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedorapr
On Fri, 06 Mar 2015 12:49:12 +0300
Pavel Alexeev wrote:
> Hello.
>
> ImageMagick itself built in rawhide.
> pfsinimgmagick.opfsoutimgmagick.o: : InIn functionfunction
> ``writeFrames(readFramesint(,int ,char* *char)**)': /builddir/'build:/
> BUILD/builddir/build/BUILD//pfstools-1.8.5/src/filefo
Hello.
ImageMagick itself built in rawhide.
05.03.2015 15:52, Tomáš Smetana wrote:
> On Thu, 05 Mar 2015 02:09:00 +0300
> Pavel Alexeev wrote:
>
>> Hello.
>>
>> I have long outstanding update of ImageMagick[1] and plan do it in
>> rawhide in 1-3 days.
> <...>
>
>> Affected packages needs to be r
Hi all,
The user: jorge 'Jorge Torres' is a member of the
fedorabugs group and as such, it is required that the email set in FAS (the one
mentioned above) corresponds to an account on bugzilla (in order to sync ACLs
from FAS to bugzilla).
In the case of Jorge, this is not the case, more over, wh
On Thu, Jan 29, 2015 at 10:37 AM, Michael Schwendt wrote:
>
> Dead and all builds obsoleted:
> --
> python-twisted-conch
> obsoleted by: python-twisted
> python-twisted-lore
> obsoleted by: python-twisted
> python-twisted-mail
> obsoleted by: python-twisted
On 05.03.2015 20:08, Stephen Gallagher wrote:
> On Thu, 2015-03-05 at 12:50 +0100, Harald Hoyer wrote:
>> THIS TIME at 14:00 UTC because of US summer time.
>>
>
> US doesn't go into Daylight Savings Time until Sunday, FYI.
Yeah, my bad... anyway, I would like to stick with that time for today.
--
As per the Fedora 22 schedule [1], Fedora 22 Alpha Release Candidate 3
(RC3) is now available for testing.
No, you didn't miss RC1 and RC2 - RC1 was aborted when we found a new
blocker soon after it was started, and the RC2 compose failed due to
some kind of conflict with the RC1 process. So RC
55 matches
Mail list logo
