OLPC:Volunteer Infrastructure Group/2008-09-23
Action Items
17:40 <@hhardy> ACTION ITEM: lfaraone to chair committee on single-signon options 17:53 <@hhardy> ACTION ITEM: find a volunteer to triage and characterize existing sysadmin tickets and come up with a useable list of custom fields to use 17:58 <@hhardy> ACTION ITEM: hhardy to set up shared calendar for Big Sister monitor scheduling
Agenda
17:16 <@hhardy> Proposal for single-signon to websites (ffm) 17:16 <@hhardy> SAGE ethics statement as a requirement for VIG membership proposal http://www.sage.org/ethics/ethics_vert.pdf 17:16 <@hhardy> Redeploying weka, owl, swan, awk to W-91 ASAP 17:16 <@hhardy> New rt instance on awk 17:16 <@hhardy> TSM backups 17:16 <@hhardy> DB triage and hot backups 17:16 <@hhardy> RT status (adric) 17:16 <@hhardy> Big sister monitoring and maintainence 17:16 <@hhardy> new business
single signon
17:17 -!- hiro [~439f0534@66.90.73.223] has joined #olpc-admin 17:18 -!- kimquirk [~kimquirk@wireless-56.media.mit.edu] has joined #olpc-admin 17:18 < isforinsects> I summon the mighty Arugula! 17:18 <@hhardy> lfaraone, wherefore art thou? 17:18 -!- CanoeBerry [CanoeBerry@1cc-dhcp-250.media.mit.edu] has joined #olpc-admin 17:19 <@hhardy> he was going to talk to us about openid 17:19 <@hhardy> give him 1 minute then we will table that 17:19 < adric> I think appointing a committee to investigate OpenID and SSO to report back _after_ G1G1 would be a lovely idea. 17:19 < adric> I might be willing to make sandwiches or a pot roast for that. 17:19 < CanoeBerry> :) 17:20 <@hhardy> another idea which has been booted around is supporting FAS 17:20 -!- is4 [~isforinse@dhcp-47-140.media.mit.edu] has joined #olpc-admin 17:20 < adric> which acronym is that? 17:20 < CanoeBerry> Fetal Alcohol Syndrome 17:20 < gregdek> Fedora Account System. 17:20 < gregdek> I presume. :) 17:20 < is4> == Proposal for single signon / Open-id == 17:20 < adric> Is that off F'd directory server? 17:20 <@hhardy> https://admin.fedoraproject.org/accounts/ 17:20 < gregdek> Although I am a strong supporter of Fetal Alcohol Syndrome as well. 17:20 < CanoeBerry> ;) 17:20 < adric> oops, F's *sooowwwy* 17:21 -!- isforinsects [~isforinse@wireless-87.media.mit.edu] has quit [Read error: Connection reset by peer] 17:21 < adric> Formal motion to appoint investiagtory subcommitee. 17:21 < is4> Seconded 17:21 <@hhardy> who will be on the committee? 17:21 < is4> Nominate adric 17:21 < adric> Luke, at least :) 17:21 * adric declines, politely. 17:22 < is4> and gregdek the Mighty Arugula 17:22 < CanoeBerry> If regarding OpenID and SSO, I'd like to participate, if from a distance. 17:22 < is4> ...that's a hard word to spelll... 17:22 -!- Ian_Daniher [~it@69.61.230.246] has joined #olpc-admin 17:22 < adric> Do we need abot named after the vegetable so we can tab-complete that in here? 17:22 < is4> CanoeBerry, really? There are privacy concerns, I though you were generally against it. 17:23 < adric> Motion to make CanoeBerry baliff of the subcommittee. 17:23 < CanoeBerry> Next topic? 17:23 < adric> s/baliff/sergant at arms/ 17:24 < gregdek> So...
SAGE ethics statement as a requirement for VIG membership proposal
< gregdek> ...what's the question again?
17:24 < is4> http://www.sage.org/ethics/ethics_vert.pdf 17:24 < is4> lfaraone, isn't here so we're tabling it. 17:24 -!- hhardy changed the topic of #olpc-admin to: SAGE ethics statement as a requirement for VIG membership proposal 17:24 < hiro> what is VIG? 17:24 < is4> We're the VIG 17:24 < CanoeBerry> Ethics make you rich, I read it in the Wall Street Journal earlier this week, so I'm buying. 17:24 < adric> This is, Hiro 17:24 <@hhardy> Volunteer Infrastructure Group 17:25 < adric> CanoeBerry: Ouch. 17:25 <@hhardy> aka infrastructure-gang 17:25 < is4> Very Interesting Gang 17:25 < CanoeBerry> Seriously-- the WSJ had a piece titled exactly that ;) 17:25 <@hhardy> oi vey 17:25 < adric> Not having reviewed that Ethics statement lately, I'm in favour of this idea. 17:26 <@hhardy> http://www.sage.org/ethics/ 17:26 <@hhardy> please take a few minutes, it is short 17:26 < is4> It's similar to the Code of Behavior at Ubuntu. People sign it with their gpg key to become Ubuntuneros 17:26 < is4> I'm for it. 17:26 <@hhardy> I am proposing this as our VIG code of conduct 17:27 <@hhardy> I like the idea of gpg signing it 17:27 < adric> Okay, read, agree. (Sorry, the PDF link threw me off before) 17:28 < is4> It's a shame you can't/dont sign files with pub/private ssh keys. It could become part of the process of providing your public key for various servers 17:28 < adric> Oh, well, sure. Should I generate an @l.o key ? 17:28 < is4> signing the document to verify your key 17:28 <@hhardy> adric: sure 17:28 <@hhardy> any objections? 17:29 <@hhardy> ok done Kim has approved
Redeploying weka, owl, swan, awk to W-91 ASAP
17:30 < is4> == Redeploying weka, owl, swan, awk to W-91 ASAP == 17:30 <@hhardy> w-91 is the MIT colo 17:31 <@hhardy> weka is the new build server 17:31 <@hhardy> owl is dev/crank mirror 17:31 <@hhardy> swan is pedal mirror 17:32 <@hhardy> owl and swan can be general purpose machiens when they arent being used as hot backups 17:32 <@hhardy> awk is a new machine to contain the private rt instance 17:32 <@hhardy> and also a mirror for our chinese server 17:32 <@hhardy> I propose to do the move the weekend following the upcoming one 17:33 <@hhardy> I need to install awk yet 17:33 <@hhardy> and systematize my mirroring hack into a script and maybe an init state 4 to bring services up and down nicely 17:33 <@hhardy> there might be use for one or two volunteers in the boston area to help physically move the stuff 17:34 <@hhardy> the closet at 1cc is probably at the limits of what the power supply will tolerate and also it is very crowded and noisy in there 17:35 <@hhardy> we need to use the rack space at MIT before someone else slips in 17:35 <@hhardy> questions/comments?
tsm backups
17:36 < lfaraone> hhardy: I'm here. 17:36 < lfaraone> sorry. 17:36 <@hhardy> if someone wants to package a AMD-64 ubuntu package from the sources or alien from the fedora package that would be nice 17:37 -!- reubencaron [~reubenkca@dhcp-47-101.media.mit.edu] has joined #olpc-admin 17:38 <@hhardy> lfaraone lfaraone: in your absence we appointed a committee to study single sign-on options 17:38 < lfaraone> hhardy: I saw. Count me in. 17:38 <@hhardy> which will be you and me and who else? 17:38 < CanoeBerry> Me: we will study it to death (or almost ;) 17:39 <@hhardy> ok set a meeting time to follow up? 17:39 <@hhardy> lfaraone want to pick a time? or take it to email? 17:39 -!- reubencaron__ [~reubenkca@wireless-81.media.mit.edu] has joined #olpc-admin 17:40 <@hhardy> ACTION ITEM: lfaraone to chair committee on single-signon options
DB triage and hot backups
17:41 < adric> Offtopic: 2048 DSA/ElGamal ? 17:41 -!- reubencaron_ [~reubenkca@wireless-81.media.mit.edu] has quit [Read error: Connection reset by peer] 17:41 <@hhardy> I would deprecate dsa in favor of rsa 17:42 < is4> adric, chose a random number of bits, less likely to have rainbow tables pre-generated 17:42 <@hhardy> thus sayeth gnu 17:42 < is4> gnu{- 17:42 < lfaraone> hhardy: oh, then my privatekeys are screwed. 17:42 < adric> Wat we like RSA now? I can never keep up. 17:42 <@hhardy> lol 17:42 < is4> careful, if you say his name three times he appears and berates you for using base64... 17:42 < cjb> adric: yes, in fact :) 17:42 <@hhardy> we can take this after meeting 17:42 <@hhardy> lol 17:43 <@hhardy> if only he would update his sendmail... 17:43 < lfaraone> hhardy: email. 17:43 < adric> Indeed .. but I'm gen'ing a GnuPG key, so .. RSA really? 17:43 < lfaraone> hhardy: shall we make it a list, or simply a large CC block? 17:43 < cjb> five years ago RSA was patented and DSA was free, and now RSA is out of patent and DSA is broken. 17:43 <@hhardy> adric: yes 17:43 < cjb> (not broken, but more vulnerable than RSA.) 17:43 < adric> hhardy: Roger /OT 17:43 <@hhardy> I have an rsa license from MIT issued before RSA was formed :) 17:44 < lfaraone> cjb: so, what should I do vis-a-vis my GnuPG keys? (which are already signed by ppl) 17:44 <@hhardy> is4: has not had a chance it id and triage db 17:44 < cjb> lfaraone: no big deal, you can keep using them. 17:45 <@hhardy> lfaraone it is fine 17:45 <@hhardy> you should not sign with the same key you use to encrypt tho 17:45 <@hhardy> generally speaking 17:45 < lfaraone> hhardy: why not? 17:45 -!- reubencaron [~reubenkca@dhcp-47-101.media.mit.edu] has quit [Ping timeout: 480 seconds] 17:46 < adric> Sorry, I know it's my fault.. End tangent please? 17:46 <@hhardy> lfaraone... later 17:46 -!- hhardy changed the topic of #olpc-admin to: RT status 17:46 <@hhardy> adric: hows RT and the RT subgang going? 17:47 < is4> didn't you mention you had minions?> 17:47 < adric> Well, you may know better than I. I can update on some things.. 17:47 < adric> I might have minions, and they might be here. *waves* 17:48 < adric> Kim is working with management to get us some idea of what they need for categories and meta data, and then we'll need to comment on that and start implementation 17:48 < adric> I haven't heard anything on Spam lately .. 17:48 < adric> .. other than, you know, it's still coming in :) 17:49 <@hhardy> we have continued to blacklist the most repeat offenders 17:49 < CanoeBerry> i'm back..oops 17:49 <@hhardy> plus email for rt goes through brracuda now so mail to help@l.o etc goes through brracuda twice now 17:49 < adric> Twice? Is that better? 17:49 <@hhardy> not necessarily 17:50 <@hhardy> at worst, it is no worse 17:50 < dogi> hi 17:50 <@hhardy> dogi: hi 17:50 * dogi read back 17:50 <@hhardy> adric: anything further to report on rt? 17:50 < CanoeBerry> Categories are easy, Mel & I tried to force this to happen Monday, but Kim ran out of time. 17:50 <@hhardy> are there blocking issues? 17:51 < adric> hhardy: What's the word on the pre-work for the upgrade? 17:51 < CanoeBerry> It will happen next Monday. No biggie. 17:51 <@hhardy> we should come up with catagories for sysadmin tickets too 17:51 < adric> CanoeBerry: Cool, we can work on them next week then 17:51 <@hhardy> does someone want to triage and characterize the existing tickets to come up with a useable scheme? 17:51 <@hhardy> maybe cjl? 17:51 < CanoeBerry> Our Monday concludion: 17:51 < adric> Well that is a greater issue. Due to the way RT handles CustomFields, they can be shared, carefully 17:52 <@hhardy> I'd rather sysadmin used its own custom fields w/o reusing I think 17:52 < CanoeBerry> Conclusion: the main triage person should act as anthropolist. 17:52 <@hhardy> hey I have a degree in that! 17:52 <@hhardy> :) 17:52 < CanoeBerry> PPL like Sandy for help@l.o, people like Caryl for volunteer@l.o etc. 17:53 < CanoeBerry> Anyway that's next Monday's topic, let's move along. 17:53 <@hhardy> ACTION ITEM: find a volunteer to triage and characterize existing sysadmin tickets and come up with a useable list of custom fields to use 17:53 < adric> hhardy: Agree on sysadmin having it's own fields
Big sister monitoring and maintenance
17:54 <@hhardy> We need a big sister maintainer or two and a lsit of oncall peoples 17:54 -!- mchua [~mchua@pool-70-20-20-16.bstnma.fios.verizon.net] has joined #olpc-admin 17:55 <@hhardy> perhaps we should make a google calendar for VIG where we could set up the times for the oncall monitors 17:55 < CanoeBerry> Aside: adric told me 10 days ago we're waiting for new HW to install RT 3.8.1, is this true? 17:56 <@hhardy> CanoeBerry: not exactly 17:57 <@hhardy> I've been holding off on giving adric root on the rt instance on the assumption that the finance queue would be on our existing rt 17:57 <@hhardy> but per Kim I am moving that to a new machine and leaving the existing rt where it is 17:57 <@hhardy> once I have adric' 17:57 <@hhardy> s 17:57 < adric> Okay, looking for that upgrade work ticket .. 17:58 <@hhardy> signed ethics statement I'll talk to kim about giving him root on the rt instance 17:58 < CanoeBerry> I just invited mattva01 to join our conversation on RT here... (DC guy who's helped Luke, and hangs out on #rt !) 17:58 <@hhardy> ok 17:58 < lfaraone> hhardy: what's bigsyster? 17:58 <@hhardy> ACTION ITEM: hhardy to set up shared calendar for Big Sister monitor scheduling 17:58 < hiro> anything I miss that has to do something with me personally? 17:59 < cjb> hiro: Who are you? 17:59 < cjb> and what might have something to do with you personally? :) 17:59 < adric> CanoeBerry: Ah, ticket was merged: http://rt.laptop.org/Ticket/Display.html?id=20497 17:59 < hiro> I don't know, something in a small scale :P 17:59 -!- hiro is now known as Hiro2 17:59 <@hhardy> http://thinker.laptop.org/bigsis/ 17:59 <@hhardy> login: olpc 18:00 < Hiro2> is this better cjb? 18:00 <@hhardy> pw: a1abast3r12 18:00 < lfaraone> hhardy: this isn't a secure channel, btw. 18:00 <@hhardy> I am going to change it momentarily after meeting 18:01 < CanoeBerry> Aside for Hiro2: do care for RT20959, IE learning how XO's survive underwater? PM me.. 18:01 <@hhardy> thats a-one btw 18:02 <@hhardy> last saturday mock was down most of the day before mstone started investigating 18:02 < adric> hhardy: Which file to sign? The poster PDF? ;) 18:03 <@hhardy> send a message to olpc-admin saying you agree to follow the SAGE code of ethics and sign with your key how about? 18:03 < adric> hhardy: kk 18:03 < lfaraone> hhardy: again, public mailing lists... 18:03 < lfaraone> hhardy: IMHO, that list should be ala support-gang@l.o. 18:04 <@hhardy> there's nothing secret about saying you agree to follow code of ethics... 18:04 <@hhardy> it isnt a support gang list 18:04 <@hhardy> its infrastucture-gang list 18:04 <@hhardy> probably what you meant 18:04 < lfaraone> hhardy: ah, there's a infra-gang list? we have one? 18:04 <@hhardy> olpc-admin@lists.laptop.org 18:05 <@hhardy> http://lists.laptop.org/listinfo/olpc-sysadmin/ 18:06 <@hhardy> http://wiki.laptop.org/go/Infrastructure_gang 18:06 <@hhardy> sorry olpc-sysadmin@ etc. 18:07 -!- Matthew_ [~Matthew@c-69-143-107-37.hsd1.va.comcast.net] has joined #olpc-admin 18:07 < adric> mail sent *whoosh*
new business
18:08 -!- Matthew_ is now known as mattva02 18:08 <@hhardy> welcome mattva02 18:08 <@hhardy> please say a few words to introduce self 18:09 < mattva02> well I'm mattva01 from the support gang , though I'm not that active 18:09 <@hhardy> and you do rt? 18:10 < mattva02> yes 18:11 <@hhardy> adric: potential rt minion for you perhaps 18:11 < mattva02> well we are starting to use it at a much smaller scale at the Arlington Career Center 18:11 < mattva02> Having some dumb issues upgrading though :( 18:11 <@hhardy> we need to know about those I think 18:11 < lfaraone> mattva02: First I've heard of this project, you'll have to describe it to me later :) 18:11 <@hhardy> can you coordinate with adric pls? 18:12 <@hhardy> ok 4 minutes to time out, anything further? 18:13 < adric> mattva02: Please mail me or the list and I'll try and get you synced up. also wiki.laptop.org/go/RT 18:13 <@hhardy> http://wiki.laptop.org/go/Infrastructure_gang 18:14 < adric> hhardy: Did soemthing happen with Bigsis ? 18:15 <@hhardy> I took as an action item to post a google calendar to set up the rotation 18:15 <@hhardy> I will continue to own it till we get some maintainers 18:15 < CanoeBerry> Aside: I do hope all this talk of minions is tongue in cheek. The only person I ever rejected from the Support Gang insisted on talking about minions all the time, instead of doing real work.. 18:15 <@hhardy> last call, anything further? 18:16 <@hhardy> Minion is a term for favourites or protégés, especially those of a monarch or prince at a royal court. Unlike a henchman or lackey, although of subordinate rank to his patron a minion is likely to be of noble birth or to be raised to the nobility, and is more of a companion and confidant to him than a servant or bodyguard. 18:16 <@hhardy> no it isn't a joke, we actually mean to introduce titles of nobility and such :) 18:17 < is4> We reject Gods, Kings and Democracy! 18:17 <@hhardy> but point taken, its an inside joke at OLPC to some degree 18:17 <@hhardy> thanks folks, done for now! 18:17 < CanoeBerry> Just don't burn my ballot box plz.. 18:17 -!- Hiro2 [~439f0534@66.90.73.223] has quit [Quit: CGI:IRC (EOF)] 18:18 < adric> Haha. Minion is a joke because it implies I'm in charge :D 18:18 <@hhardy> you canadians, such touching faith in the appearence of democracy :) 18:18 < adric> It's a bit more like throwing treats in front of the direction I'd like the cats to go, and then climbing a tree. 18:18 <@hhardy> lol 18:18 <@hhardy> whereupon each cat grabs a treat and heads in its own direction 18:19 < CanoeBerry> Til next week, I'll take your treats. Over & out? 18:19 <@hhardy> cheers all 18:19 < adric> Cheers. 18:19 <@hhardy> ---END---