15:20:29 <aday> #startmeeting Workstation WG (2020-04-21)
15:20:29 <zodbot> Meeting started Fri Apr 24 15:20:29 2020 UTC.
15:20:29 <zodbot> This meeting is logged and archived in a public location.
15:20:29 <zodbot> The chair is aday. Information about MeetBot at http://wiki.debian.org/MeetBot.
15:20:29 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic.
15:20:29 <zodbot> The meeting name has been set to 'workstation_wg_(2020-04-21)'
15:20:29 <aday> #meetingname workstation
15:20:29 <aday> #chair cmurf
15:20:29 <aday> 
15:20:29 <zodbot> The meeting name has been set to 'workstation'
15:20:29 <zodbot> Current chairs: aday cmurf
15:20:29 <aday> #topic Rollcall
15:20:29 <aday> 
15:20:31 <aday> #info present: cmurf, aday, neal, tpopela, halfline, poettering, feborges, mcatanza, kalev, mclasen, bcotton, owen, dusty
15:20:34 <aday> #info regrets:
15:20:36 <aday> #info missing:
15:20:38 <aday> 
15:20:40 <aday> #topic Approve of minutes 7 Apr
15:20:44 <aday> #link https://meetbot.fedoraproject.org/fedora-meeting-2/2020-04-14/workstation.2020-04-14-10.57.html
15:20:47 <aday> #agreed No objections - approved.
15:20:49 <aday> #topic Approve minutes of 14 April
15:20:51 <aday> #link https://meetbot.fedoraproject.org/fedora-meeting-2/2020-04-21/workstation.2020-04-21-13.07.html
15:20:54 <aday> #agreed Deferred until next week
15:20:56 <aday> #topic Announcements
15:20:58 <aday> #topic Red Hat Summit next week
15:21:00 <aday> Any availability impact? Neal can't make it.
15:21:02 <aday> #agreed We'll go ahead with the meeting on the 28th
15:21:04 <aday> #info Chris has requested that LVFS collect info on TPM versions.
15:21:07 <aday> #topic Encryption of user data (excludes system)
15:21:08 <aday> #link https://pagure.io/fedora-workstation/issue/82
15:21:10 <aday> #info Background docs: https://systemd.io/HOME_DIRECTORY/ , https://systemd.io/USERDB_AND_DESKTOPS/
15:21:15 <aday> Lennart speaks.
15:21:17 <aday> The vision is to enable a fully secure OS without needing extra plumbing other than systemd.
15:21:19 <aday> Wants credentials to be the user's credentials - all locked to the TPM (as opposed to having a separate password for encryption).
15:21:22 <aday> The Systemd side is mostly there.
15:21:24 <aday> TPM integration isn't done yet.
15:21:26 <aday> One goal is to avoid presenting a password prompt during early boot.
15:21:28 <aday> Recovery keys are not provided yet, but are on the roadmap; there are questions about the text input aspect of this that need to be resolved. Help with design would be welcome. Windows uses 42 decimal digits. Implementing it should be straightforward.
15:21:32 <aday> Things that will behave differently with homed - disk assignment and storage the backend. For the latter, various options can be used: LUKS, ext4 encryption, BTRFS. Lennart favours LUKS. ext4 encryption is great but not a good fit for home encryption. BTRFS can shrink online but would Fedora want to use it?
15:21:36 <aday> It would be interesting to expose security tokens in GNOME - support for Yubikeys - would be a great emphasis. (Seems to be the direction things are heading in.)
15:21:39 <aday> Locking volumes on suspend - encryption keys remain in memory when suspended - allows reading the key. homed handles this; the problem is that the lock screen runs from the session - it needs to run outside the user context. GNOME and GDM would need to change how they handle lock screens - have GDM do the lock screen rather than the shell. It's probably the right thing to do anyway - auth should always happen in a privileged context.
15:21:46 <aday> Ray: GDM can already do this - it's not a lot of work. One UI challenge is how to do the transition smoothly between GDM and the shell.
15:21:49 <aday> Summary: 5 things that need integration - recovery key, ui for FIDO2 (https://en.wikipedia.org/wiki/FIDO2_Project), suspend support, volume resizing.
15:21:52 <aday> What are the performance implications? It's slower, but the difference is so small that it doesn't matter. Chris supplied some basic benchmarking results: https://docs.google.com/spreadsheets/d/1b-y2WVrQK4ijo1TS5aRe0QROSf8CU3ckTiPQ_8evGR0/edit?usp=sharing .
15:21:56 <aday> Some talk about network user accounts and the relationship to homed.
15:21:58 <aday> Ray: accountsservice allows logging into an old session - we need the ability to have metadata about network users in a FreeIPA instance.
15:22:01 <aday> Lennart: could GDM save the data itself?
15:22:03 <aday> Ray wants to avoiding falling back to another API; would prefer to get rid of accountsservice.
15:22:05 <aday> Various discussion about sssd, accountsservice, accounts daemon... (some relevant background here - https://systemd.io/USERDB_AND_DESKTOPS/ )
15:22:08 <aday> Ray: we get the list of users on the login screen from accounts daemon - includes both local and remote users. This also uses sidecar data. Seems like there's a solution to work around this.
15:22:11 <aday> Owen: password recovery is critical and we need to thoroughly design and test this. The other user interactions are important - resizing, etc. Locking to a TPM - we don't want people to lose data due to a broken motherboard.
15:22:17 <aday> Matthias: what's the main selling point of homed? Lennart: encryption done properly. Part of this is token support.
15:22:20 <aday> Neal: interested in possibilities around user data backup and restore.
15:22:22 <aday> #info Lennart spoke to the working group about homed and how it could be used for encryption.
15:22:24 <aday> #info The WG will need to decide which storage backend to use.
15:22:26 <aday> #info There are 5 outstanding things that need integration work: recovery keys, UI for FIDO2 (https://en.wikipedia.org/wiki/FIDO2_Project), secure suspend, volume resizing (for user creation).
15:22:29 <aday> #topic Workstation Live image is oversize
15:22:31 <aday> #link https://pagure.io/fedora-workstation/issue/140
15:22:33 <aday> Two initial proposals - bump the limit to either 4.7 GB and 4.0 GB.
15:22:35 <aday> #info The image size increased because animated backgrounds were added
15:22:37 <aday> Matthias: we shouldn't be blowing up the image size at the last minute
15:22:39 <aday> Kalev: QA knew about the addition and asked if we should reject the addition; Michael approved it on the basis that animated backgrounds are good.
15:22:44 <aday> Michael: there have been various small issues with the backgrounds, which caused it to be delayed. It is possibly too late to be adding them now.
15:22:47 <aday> Neal: asks why the background artwork arrived so late in the cycle. Ben: the design team will be changing the schedule so the artwork is ready earlier.
15:22:50 <aday> Allan: questions whether an upper limit is the best approach for managing the size of the install media - someone should be monitoring what's in there.
15:22:53 <aday> #agreed Reject the animated backgrounds package for F32 (proposed by Michael, no objections)
15:22:55 <aday> #action Return to the general question of monitoring the size of the install media
15:22:57 <aday> #topic Blocking on user switching
15:22:59 <aday> #link https://pagure.io/fedora-workstation/issue/139
15:23:01 <aday> #agreed Deferred.
15:23:03 <aday> #endmeeting