fesco
LOGS
17:01:04 <mhroncok> #startmeeting FESCO (2021-05-11)
17:01:04 <zodbot> Meeting started Tue May 11 17:01:04 2021 UTC.
17:01:04 <zodbot> This meeting is logged and archived in a public location.
17:01:04 <zodbot> The chair is mhroncok. Information about MeetBot at http://wiki.debian.org/MeetBot.
17:01:04 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic.
17:01:04 <zodbot> The meeting name has been set to 'fesco_(2021-05-11)'
17:01:07 <mhroncok> #meetingname fesco
17:01:07 <zodbot> The meeting name has been set to 'fesco'
17:01:10 <mhroncok> #chair nirik, ignatenkobrain, decathorpe, zbyszek, sgallagh, mhroncok, dcantrell, cverna, Conan_Kudo, Pharaoh_Atem, Son_Goku, King_InuYasha, Sir_Gallantmon, Eighth_Doctor
17:01:10 <zodbot> Current chairs: Conan_Kudo Eighth_Doctor King_InuYasha Pharaoh_Atem Sir_Gallantmon Son_Goku cverna dcantrell decathorpe ignatenkobrain mhroncok nirik sgallagh zbyszek
17:01:12 <mhroncok> #topic init process
17:01:16 <dcantrell> .hello2
17:01:17 <zodbot> dcantrell: dcantrell 'David Cantrell' <dcantrell@redhat.com>
17:01:18 <mhroncok> .hello churchyard
17:01:19 <nirik> morning
17:01:21 <zodbot> mhroncok: churchyard 'Miro Hrončok' <mhroncok@redhat.com>
17:01:22 <Eighth_Doctor> .hello ngompa
17:01:23 <cverna> Hello
17:01:23 <zodbot> Eighth_Doctor: ngompa 'Neal Gompa' <ngompa13@gmail.com>
17:01:36 <Eighth_Doctor> I'm not going to be able to stick around for long, I've got to prep to head out
17:01:39 <decathorpe> good evening
17:01:51 <Eighth_Doctor> vaccine time soon!
17:01:55 * mhroncok has a slight water emergency in the bathroom, will give you 5 minutes to finsih "init process", sorry about that
17:02:10 <sgallagh> .hello2
17:02:11 <zodbot> sgallagh: sgallagh 'Stephen Gallagher' <sgallagh@redhat.com>
17:04:10 <mhroncok> emergency fixed. we have quorum. zbyszek will be ~10 minutes late
17:04:41 <mhroncok> #topic #2597 F35 Change: Debuginfod By Default
17:04:51 <mhroncok> .fesco 2597
17:04:54 <zodbot> mhroncok: Issue #2597: F35 Change: Debuginfod By Default - fesco - Pagure.io - https://pagure.io/fesco/issue/2597
17:05:08 <fche> .hello2
17:05:10 <zodbot> fche: fche 'Frank Ch. Eigler' <fche@redhat.com>
17:05:15 <mhroncok> we have some bike-shedding about the lanfing page in the ticket :D
17:05:20 <fche> Hi, sorry this is back on the agenda again.
17:05:40 <mhroncok> and what we approved the last time was not  accepted upstream
17:05:46 <fche> the bigger question is the warning message, yeah.'
17:06:19 <mhroncok> I suggest we continue designing this on the mailing list and come back to the ticket with some specific proosal that can be re-approved
17:06:38 <mhroncok> but if somebody wants to vote for some different thing, I ma open for suggestions
17:06:50 * nirik hasn't read the new comments.
17:06:58 <mhroncok> I do not however want to design technical solution on fesco meetings, nor fesco tickets, I don't think it it the proper forum
17:07:20 * sgallagh agrees
17:07:23 * fche agrees, but y'all are requesting the warning message, and elfutils is upstream is wanting to know -where-
17:07:33 <fche> ie. what is the minimum amount/place of warning you would accept
17:07:39 <mhroncok> nirik: tl;dr the solution with one time warnign was rejected in the upstream library
17:07:46 <nirik> I don't see a problem with the wiki page... but we could do a static page if someone writes it
17:07:54 <nirik> ok.
17:08:02 * mhroncok doesn't think tht landing page is a blocking issue
17:08:18 <fche> mhroncok, so the technical solution is being requested here, so not sure what we can do on a mailing list
17:08:26 <fche> except ping-pong more possible solutions for up-down votes?
17:08:38 <zbyszek> I'm here.
17:08:44 <mhroncok> ping pong discussion, ideas, brianstorm... whatever we do on the ticket
17:09:33 <fche> ok, the ticket has the outstanding request to advise us/upstream? as to the minimum placement / timing of a warning message
17:09:51 <fche> ie., profile.d-only one received negative feedback on the ticket
17:10:02 <mhroncok> I don't like it either, honestly
17:10:10 <fche> ditto
17:10:14 <zbyszek> Yeah.
17:10:31 <fche> anything we can do to make y'all comfortable enough with no warning at all?   like what kind of release notes or something?
17:10:58 <mhroncok> I am out of ideas
17:11:04 <nirik> note in the description of the package? but many won't see that.
17:11:17 <zbyszek> Frankly, at this point I think this should be opt-in. Just advertise it very widely.
17:11:21 <mhroncok> nirik: how many poeple read descriptions of packages?
17:11:41 <mhroncok> maybe we can do a poll about approval withotu nay warning to see where we stand?
17:11:44 <nirik> mhroncok: well, people often do before they install them... but yeah, if already installed low
17:11:46 <mhroncok> *without any
17:12:00 <zbyszek> Maybe even have gdb spout an advertisement of the package, like it does for 'dnf debuginfo-install'.
17:12:12 <fche> (right but gdb is not the only client, there are dozens)
17:12:45 <zbyszek> Yeah, but it's just this kind of thing where if you know about it, it's enough.
17:13:11 <fche> yup, but we don't know which tool the user's going to encoutner first; that's what the library patch would have caught, if not vetoed
17:13:14 <zbyszek> So basically by having it in gdb and maybe two other popoular clients, 99% of people who do debugging would know.
17:13:17 <nirik> I think it's fine to just enable... I guess that doesn't have enough votes tho
17:13:24 <mhroncok> let's count votes for "on by default, no consent/explicit warning on the screen when running it"
17:13:34 <nirik> mhroncok: +1
17:13:58 <zbyszek> How many people are here to vote?
17:14:06 <sgallagh> mhroncok: +1
17:14:18 <sgallagh> zbyszek: We have a quorum
17:14:52 <nirik> we used to also have a policy of not voting on things where there were comments right before the meetings... but I guess we never codified that.
17:15:22 <mhroncok> nirik: this vote is mostly to see if we need to discuss this any further
17:15:44 <nirik> yeah... sounds like it's just me tho. :)
17:15:51 <mhroncok> zbyszek, decathorpe, dcantrell, Eighth_Doctor ?
17:16:08 <Eighth_Doctor> +1
17:16:16 <dcantrell> +1 from me
17:16:19 <zbyszek> -0
17:16:38 <mhroncok> I am ready to abstain, but if I'd be the only one to block it, I might say +1
17:16:43 <decathorpe> I'm +0
17:16:54 <zbyszek> Sorry, but I think that a) this opens up a hole, b) this hole is not unavoidable, since signatures could be arranged.
17:17:15 <mhroncok> anything "could be arranged"
17:17:24 <mhroncok> but perfect is the enemy of good
17:17:36 <mhroncok> we have +4
17:17:38 <fche> could we sweeten the offer by offering to work with the gdb team to add a warning?
17:17:49 <fche> (best effort, cannot commit they'll take it)
17:17:51 <mhroncok> fche: that works for me
17:18:01 <zbyszek> I.e. I'd rather see a slower roll-out, maybe with additional safeguargds implemented in the future, allowing a worry-free full enablement, rather then pushing for making this fully automatic right now.
17:18:08 <mhroncok> +1 and as always, we can revisit before beta
17:18:16 <sgallagh> mhroncok: +1 to what?
17:18:18 <fche> zbyszek, would love to work with you on the mailing list to figure ut how
17:18:35 <mhroncok> +1 to my proposal above, "on by default, no consent/explicit warning on the screen when running it"
17:18:52 <sgallagh> OK, just wanted clarity, since it came right after zbyszek's suggestion of slowing the roll-out.
17:19:30 <mhroncok> that is +5,2,-0, correct?
17:20:31 <sgallagh> That matches my count
17:21:02 <zbyszek> fche: ack. I'll write up my thoughts and hopefully we can come up with some proposals.
17:21:02 <zbyszek> (But I don't think it's realistic to do this for F35… So it's not relevant for this vote.)
17:21:11 <fche> zbyszek, got it
17:21:12 <mhroncok> #agree Change is approved as originally proposed to FESCo (+5,2,-0)
17:21:33 <sgallagh> And thank you fche for sticking with it; I know this has been a slog
17:21:39 <fche> thanks all, I'll try to push your concerns to the respective upstreams :)
17:21:42 <sgallagh> fche++
17:21:42 <zodbot> sgallagh: Karma for fche changed to 1 (for the current release cycle):  https://badges.fedoraproject.org/tags/cookie/any
17:21:44 <mhroncok> #info if there are problems, fesco can revert this decision in the future (true for all fesco's decision, but wanted to be explicit here)
17:21:49 <fche> absolutely
17:22:09 <mhroncok> #action fche to do their best to add a warning to at least gdb
17:22:46 <mhroncok> #action zbyszek to continue the discussion on how to make this safer (on the mailing list)
17:23:11 <mhroncok> anything else for this one?
17:23:51 <mhroncok> right...
17:23:59 <mhroncok> #action fche to make sure this is loud enough in the release notes / announcements etc.
17:24:13 <fche> will use all caps
17:24:18 <mhroncok> :D
17:24:27 <nirik> and don't forget <blink>
17:24:31 <mhroncok> #topic #2598 F35 Change: Package information on ELF objects
17:24:38 <mhroncok> .fesco 2598
17:24:39 <zodbot> mhroncok: Issue #2598: F35 Change: Package information on ELF objects - fesco - Pagure.io - https://pagure.io/fesco/issue/2598
17:25:03 * zbyszek is here
17:25:22 <mhroncok> I ahven't read zbyszek's long comment form 5 hours ago
17:25:27 <mhroncok> *from
17:25:30 <mhroncok> *haven't
17:26:32 * nirik either.
17:26:37 <mhroncok> is there something to discuss? there has not been many votes/opinions in the ticket
17:26:51 <dcantrell> I also need to get caught up on the most recent comment
17:27:31 <zbyszek> tl;dr: there were doubts about interaction with CoW. It's hard to qualify precisely since both sides are not implemented, but I think the effect should be negligible.
17:28:06 <sgallagh> I'll be completely honest and say that I don't know enough to feel comfortable voting. So I'll be 0
17:28:09 <mhroncok> there is a specific proposal at the end of the comment: "maybe we can provisionally  enable this, to see if it really works out as expected and get some  measurable impact statistics. And if it turns out that it breaks CoW  significantly, we can reconsider."
17:28:10 <decathorpe> zbyszek: is this CoW as in the rpm cow plugin, or cow as in btrfs file system?
17:29:05 <zbyszek> The first. The second should be generally fine.
17:30:07 <nirik> I thought that had been postponed...
17:30:22 <decathorpe> well ... if the file changes when it wouldn't have, wouldn't that impact btrfs too?
17:30:35 <decathorpe> particularly if there are snapshots?
17:31:10 <zbyszek> decathorpe: proportionally to the file size. So basically you get one page modified, and the fs should be able to deal with that pretty well.
17:31:45 <Eighth_Doctor> I'm going to have to leave now
17:31:52 <Eighth_Doctor> but I'm still -1 to this change
17:32:30 <Eighth_Doctor> I think zbyszek underestimates how much of a problem it is to stamp every ELF binary with NEVRA data
17:32:33 <decathorpe> yeah I'm wary as well. it just introduces much more file changes during updates
17:32:43 <zbyszek> So far nobody has shown that repeated builds of packages in Fedora result in bit-identical ELF files. If anything, with flto by default and frequent gcc updates, it's very unlikely to be true.
17:32:44 <mhroncok> zbyszek: so, assuming python has ~100 ELF .so files and I change one text file
17:33:22 <mhroncok> (ignore for the time being that the .so files often changed because of toolchain updates and assume they are stable)
17:33:22 <Eighth_Doctor> zbyszek: the Qubes folks are implementing reproducibility in Fedora now
17:33:48 <zbyszek> Eighth_Doctor: I'm very much aware and I'm cooperating with them.
17:34:22 <nirik> but this shouldn't be affected by that right? I mean if you are trying to reproduce an exact build you would put the same ENVR in it?
17:34:33 <dcantrell> to me it feels like a suboptimal approach.  the main reason for this appears to be that we need the RPM db locally to resolve build-ids to package names.  but since containers wipe /var/lib/rpm, we can't do that.  so the solution is to put the NEVRA in ELF metadata?
17:34:39 <dcantrell> that feels like the wrong approach
17:34:44 <zbyszek> Eighth_Doctor: reproducibility in this sense is not really relevant: it doesn't mean that things stop changing, but instead that with an identical buildroot you get indentical output. A completely different proposition.
17:34:47 <Eighth_Doctor> containers don't wipe the rpmdb
17:34:51 <Eighth_Doctor> nobody is wiping the rpmdb
17:34:53 * nirik suggests this needs more list discussion
17:34:59 <dcantrell> nirik++
17:34:59 <zodbot> dcantrell: Karma for kevin changed to 7 (for the current release cycle):  https://badges.fedoraproject.org/tags/cookie/any
17:35:02 <mhroncok> the change page syas containers wipe rpmdb
17:35:07 <Eighth_Doctor> they don't
17:35:11 <dcantrell> Eighth_Doctor: yeah, I'm reading off the change page
17:35:13 <Eighth_Doctor> nobody wipes the rpmdb for anything
17:35:14 <mhroncok> I ave never seen that hapen
17:35:22 <Eighth_Doctor> because it's dumb to wipe the rpmdb
17:35:30 <mhroncok> well, dumb things happen
17:35:38 <zbyszek> People who build custom containers certainly do that.
17:35:40 <nirik> all the time. :)
17:35:40 <Eighth_Doctor> yeah, but we don't produce anything where we do that
17:35:41 <mhroncok> zbyszek: what real life problem does this actually solve?
17:35:49 <dcantrell> ok, assuming Eighth_Doctor is right and the rpmdb lives in a container then why do we need NEVRA data in the ELF metadata?
17:35:50 <sgallagh> Plenty of Dockerfiles exist that wipes out /var/lib/rpm
17:36:09 <zbyszek> mhroncok: 1. non-rpm distros, and running "foreign" containers
17:36:14 <sgallagh> We don't ship containers without the rpmdb, but plenty of deployed apps remove it
17:36:16 <zbyszek> 2. custom built binaries
17:36:49 <mhroncok> I don't understand how non-rpm distros and custom built binaries are affected by our rpm-build environment :/
17:37:01 <dcantrell> I was just going to ask that
17:37:01 <zbyszek> 3. general ease of use, nicer then buildinfo which needs queries to resolve.
17:37:11 <sgallagh> mhroncok: We can easily identify that someone is NOT using the supported version
17:37:20 <sgallagh> (That's my guess as to the value, anyway)
17:37:51 <zbyszek> Well, some people run "foreign" on Fedora, some people run Fedora on those foreing distros. So this is about making this universal and easy to use.
17:38:14 <mhroncok> zbyszek: how?
17:38:51 <mhroncok> when we start embed the nevra into our packages, how does that make using ubuntu-built files on Fedora (or vice versa) any better?
17:38:56 <dcantrell> handling people running Fedora built packages on foreign distros feels like an intractable problem--or at least one out of scope for Fedora
17:39:47 <mhroncok> I ma all in for makign that nicer for them, but not at the cost of making things more coplex for Fedora users instead
17:40:10 * nirik notes it's 15min on this topic.
17:40:15 <zbyszek> mhroncok: right now if a binary crashes in a container, you get the coredump. But if the program (or some libraries) were not from the distro, chances are that you cannot translate the build-id back to package version. With this, binaries are stamped with this information, and it helps in identifying them both on disk, and in coredump.s
17:40:52 <mhroncok> binaries not from the distro are stamped with what infromatione xactly?
17:41:05 <mhroncok> I thought we stamp the distro binaries
17:41:06 <zbyszek> Well, I think that "more complex for Fedora users" is vastly overstating the overhead.
17:41:31 <mhroncok> I might genuinly misunderstood the proposal
17:41:36 <decathorpe> Yeah I do not see how this solves any problem? Foreign binaries will still not have that information.
17:42:09 <zbyszek> Well, the same proposal would apply to foreign binaries wherever they are produced...
17:42:18 <mhroncok> let's say we build libfoo.so.5 in the foo-5-2.fc35 package
17:42:25 <zbyszek> Same as with build-id: with stamp our binaries, other interested parties stamp theirs.
17:42:36 <mhroncok> and soembody takes that libfoo.so.5 and runs it on gentoo and it crashes
17:42:58 <mhroncok> and in the coredump, they will be able to see "oh, this file is from Fedora, from the foo-5-2.fc35 package"
17:43:05 <zbyszek> mhroncok: yes
17:43:22 <mhroncok> ok and since nobody else is doing this, it only works this way
17:43:27 <mhroncok> not the other way around
17:43:45 <zbyszek> mhroncok: Also, if you build your foo-5-2.fc35.trial15 in mock, and then distribute one subpackage to another machine and lose the -debuginfo data.
17:43:49 <mhroncok> so for this to actually have the benefit both ways, there should be some kind of consensus between distros that this is a good idea
17:44:18 <mhroncok> zbyszek: the build-id is in the package
17:44:22 <zbyszek> mhroncok: exactly, and this is why we're doing it with some Debian people, and plan to have it in Fedora first, and then in other places later.
17:44:22 <mhroncok> zbyszek: not in the debuginfo
17:45:01 <zbyszek> Yes, the build-id is in the package, but on it's own it doesn't tell you anything. Unless you have very very good memory for long hexadecimal numbers.
17:45:08 <fche> or a debuginfod server :)
17:45:48 <mhroncok> ok, I see where you are going with this, but I still don'T see the benfit here, sorry
17:45:49 <zbyszek> Yes, if you managed to push your debuginfo data the server, this is not particularly useful.
17:46:10 <mhroncok> vote or punt?
17:48:30 <sgallagh> I think take a vote. If it doesn't clear the +5 hurdle, the default is to reject it.
17:48:35 * sgallagh is still 0, FWIW
17:48:40 <mhroncok> ok, let's vote
17:48:47 <nirik> I think it needs more discussion on list, but ok...
17:48:47 <mhroncok> Eighth_Doctor is -1
17:48:53 <mhroncok> I am 0
17:49:05 <dcantrell> -1
17:49:06 <decathorpe> -1
17:49:07 <zbyszek> +1 (as owner)
17:49:15 <cverna> I am 0 too
17:49:27 <sgallagh> OK, with three 0s and two -1s, this cannot pass.
17:49:47 <mhroncok> sgallagh: it can pass if somebody votes +3
17:49:49 <mhroncok> :D
17:49:53 <nirik> ha
17:50:14 <nirik> I guess I am 0 right now, since I haven't had time to read up on the latest discussion
17:50:15 <sgallagh> Proposal: The Change can be resubmitted with a more detailed and understandable "Benefit to Fedora" section
17:50:28 <mhroncok> #agree The change in the current form is rejected (+1,3,-2)
17:50:36 <zbyszek> sgallagh: thanks, it's appreciated.
17:50:38 <mhroncok> sgallagh: I was going to info something liek that
17:50:44 <zbyszek> I'll do that.
17:50:46 <mhroncok> #info The Change can be resubmitted with a more detailed and understandable "Benefit to Fedora" section
17:51:19 <mhroncok> #action zbyszek to resubmit with a more detailed and understandable "Benefit to Fedora" section
17:51:22 <sgallagh> I might also note that we're about to go into a FESCo election, so you may have different results with a new formulation of members.
17:51:48 <zbyszek> bcotton: we need to add one more question, quickly!
17:51:55 <mhroncok> :D
17:52:02 <mhroncok> #topic Next week's chair
17:52:10 <sgallagh> zbyszek: You joke, but I was actually about to suggest the saem
17:52:13 <bcotton> :-)
17:52:27 <sgallagh> It might be worthwhile information for the voting populace.
17:52:53 <mhroncok> the deadline is tmrw
17:52:58 <zbyszek> Nah, I think that the number of poeple who care about this is too small. I'll work on the "Benefit to Fedora" section.
17:53:03 <sgallagh> Yeah, too short-notice
17:53:09 <mhroncok> zbyszek: thanks
17:53:22 <mhroncok> any volunteers for the next week's chair?
17:53:31 <sgallagh> Thank you for doing that. If FESCo members aren't able to figure out why we'd want to do this, it's probably not clear enough.
17:53:47 <sgallagh> I look forward to understanding it better :)
17:54:05 <sgallagh> I'm not committing to anything next Tuesday; getting my second vaccine shot on Monday.
17:54:21 <zbyszek> sgallagh: nice!
17:55:05 <mhroncok> #action mhroncok will chair next meeting
17:55:09 <mhroncok> #topic Open Floor
17:55:38 <mhroncok> we have 4 candidates for fesco
17:55:51 <mhroncok> and we only have 4 seets
17:56:01 <mhroncok> *seats
17:56:08 * nirik goes to check if he was up.
17:56:21 <mhroncok> so if you want to make it less boring, think about nominating someone
17:56:37 <mhroncok> nirik: nah, you go with me :)
17:56:49 <sgallagh> cverna and ignatenkobrain have not indicated a desire to run for reelection this term.
17:56:55 <cverna> I won't be running again, I just can't commit the time and focus
17:57:06 <mhroncok> I think with igor, the reason is similar
17:57:15 <nirik> yeah, time is always a dear commodity.
17:57:15 <cverna> I ll get in trouble with my wife otherwise :P
17:57:18 <mhroncok> but I have not heard from him about the topic
17:57:23 <nirik> thanks for serving tho cverna!
17:57:49 <sgallagh> nirik: You could run again and get two +1 votes!
17:57:56 <mhroncok> :)
17:57:59 <nirik> har
17:58:25 <sgallagh> I actually planned to ask mboddu if he'd be interested in running.
17:58:33 <cverna> It was fun and learned a lot :) so thanks to you all
17:58:36 <sgallagh> (Then forgot until just now)
17:58:45 * mboddu reading back
17:58:59 <mhroncok> The period ends on 2021-May-12 at 23:59:59 UTC
17:59:03 <mhroncok> mboddu: run for fesco!
17:59:21 <mhroncok> mboddu: sgallagh wants some competition
17:59:30 <mboddu> sgallagh: Thanks, I need to look at it, I am interested :)
17:59:40 <cverna> mboddu++
17:59:40 <zodbot> cverna: Karma for mohanboddu changed to 2 (for the current release cycle):  https://badges.fedoraproject.org/tags/cookie/any
17:59:45 <mboddu> mhroncok: Haha, not against sgallagh :D
17:59:58 <sgallagh> mboddu: Currently there are four open seats and exactly four nominees
18:00:45 <sgallagh> mboddu: OK, you're interested so I'm nominating you :)
18:00:49 <mhroncok> :)
18:00:53 <mboddu> sgallagh: Thanks
18:00:59 <mhroncok> anything else for open floor?
18:01:45 <mhroncok> it's been an hour
18:01:46 <mhroncok> so...
18:01:56 <mhroncok> thanks for coming
18:01:56 <mboddu> sgallagh: If you are giving me more work, I will give you more work too ;)
18:02:11 <mhroncok> #endmeeting