Re: Unteralterbach (was: Re: clarify FTP master delegation?)
This one time, at band camp, Daniel Pocock said: Reading the thread, it appears that people have some hope that this would actually be considered as a package, e.g. if they remove the images that are technically illegal An outsider looking at that discussion - and not finding anything in our policies specifically rejecting content in this category - might unfortunately form the opinion that the chances of Debian accepting this package are higher than they actually are. I am of the opinion that, far and away, the thing most likely to confuse outsiders into thinking this sort of thing might be suitable for Debian is the amount of serious engagement with this subject. Gentle emails saying thanks for thinking of Debian, but no thanks, this isn't for us and then leaving it be would make the subject die much quicker, and generate far less of the negative publicity you fear, than this protracted, nonsensical debate. Maybe my original subject line (about FTP master delegation) didn't quite hit the target, but does anybody think there is an appropriate place to document Debian's rejection of such content slightly more firmly so that even if the package is never formally uploaded (and therefore never formally rejected), it can be said that this package was definitely not within Debian policies? Could the FTP masters send an email on that thread clarifying this, a preemptive reject? I don't think they need to. They don't declare that we don't manufacture cars, deal in conflict diamonds, send people into space or any of a number of other things that might be interesting to some people but lie outside of, and distract from, our goal. The ftp team has rejected far less distracting software in the past. I have every reason to believe they will continue to do the good job they have done in the past. Can we stop talking about this now and go back to doing what we do best? Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: clarify FTP master delegation?
This one time, at band camp, Daniel Pocock said: My impression is that the type of issue currently under discussion is not adequately specified in the FTP master delegation, it leaves the FTP masters to do more work on something that is actually quite complicated and has far-reaching ramifications for the project. It also means the FTP masters are in a situation where whatever they do, some people will feel they either did the wrong thing or some people will feel the FTP masters were wrong to make any decision without the project having a policy on the matter. Is there a problem with letting them get on with the job that they do? I'm sure they have the authority, the responsibility, and the common sense to do the right thing. Sorry if I'm not upset enough. I could write a letter to the Daily Mail if it'll help. Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Debian services and Debian infrastructure
This one time, at band camp, Olivier Berger said: Stephen Gran sg...@debian.org writes: This one time, at band camp, Olivier Berger said: But that's another problem, about communicating with DSA early enough... and I'm not sure I know where to find the right contact point / procedure ATM. Is it unclear how to contact DSA? Or is there some other part of it that is unclear? I think that https://wiki.debian.org/Teams/DSA is OK, but maybe https://dsa.debian.org/ should be improved ? I'm probably too close - what do you see as lacking? We take patches: http://anonscm.debian.org/gitweb/?p=mirror/dsa-wiki.git Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Debian services and Debian infrastructure
Hi, This one time, at band camp, Olivier Berger said: Hi. So IMHO the availability of cloud VMs for people to experiment with (and with root privileges), and on debian.net would be a plus. Now, of course that doesn't mean that the prototypes installed there will be ready for production on DSA managed machines runing stable and with of course every dependencies in real packages. This. I'd like to think about/document repeatable patterns for developers working on applications for deployment on debian systems. I suspect what is going on here is that, until relatively recently, we saw (roughly speaking) the same 20 or 30 people involved in infrastructure development efforts around the project, and there have been an awful lot of unspoken assumptions and things that we've never written down because everyone involved pretty much knew where things are. Looked at from a certain point of view, it's good that we're having these discussions, and even the misunderstandings. It means that new people are getting involved, and we need to help them a bit more. I'd also like to see new people work with us and/or existing teams a bit to learn the existing idioms instead of assuming it's ok to make up new ones, but maybe that's hoping for too much. I'm not sure how to encourage new people looking to get involved while simultaneously discouraging this idea that it's a good idea to go away and develop in isolation - that's been a development anti-pattern for a long time, and shouldn't still be something we need to bang on about. But that's another problem, about communicating with DSA early enough... and I'm not sure I know where to find the right contact point / procedure ATM. Is it unclear how to contact DSA? Or is there some other part of it that is unclear? I'm still not sure if posting on debian-services-admin@l.d.o is a potential way to make sure some educated colleagues (even DSA members) will be able to advice, review, and generally help service prototypes become production-ready. It's a good start. I think the team follows this list. -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: [Proposal] GR: Selecting the default init system for Debian
This one time, at band camp, Paul Tagliamonte said: I'd like to raise the objection that the TC hasn't done their job yet, and while the TC has done a great job of getting *true* technically grounded facts out yet, we've not let the process work. Let the TC do their work. They're coming up on a vote, and they may even suggest a GR. This GR is premature. Seconded. Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Debian services and Debian infrastructure
This one time, at band camp, Lucas Nussbaum said: [...] single mail shot with no follow up. Well, it's been a bit over 2 weeks, and you haven't posted a follow up. This doesn't feel like a conversation to me. I understand you're busy, but it feels very much like you're not actually interested in engaging. I find that slightly demoralizing. Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Debian services and Debian infrastructure
This one time, at band camp, Lucas Nussbaum said: Hi, On 21/01/14 at 13:11 +, Stephen Gran wrote: This one time, at band camp, Lucas Nussbaum said: [...] single mail shot with no follow up. Well, it's been a bit over 2 weeks, and you haven't posted a follow up. This doesn't feel like a conversation to me. I understand you're busy, but it feels very much like you're not actually interested in engaging. I find that slightly demoralizing. I'm not sure of what you would like me to follow up on? I've just re-checked, and emails from you in that thread did not include a single question. I didn't think it was a QA session, I thought it was a discussion. You asked several questions, none of which had a completely concrete answer in the thread, although several people offered opinions. Even a mail saying, ok, I take this discussion to mean I should stop talking to DSA and pay for a development environment somewhere would have been useful. I for one didn't take this mail thread to have reached that conclusion. Generally, I agree with everything that has been said in that thread (minor snarky comments from Joerg on m68k and 'real unrealistic requirements', but I didn't think it was worth replying to them). For example, I fully agree that we should try hard to host 'important' services on Debian hardware. Also, I don't think that anybody disagrees that we have a problem with 'speculative' services (as you put it, or 'services development' as I put it). DSA cannot and should not provide hosting for all Debian-related services being developed, as you wrote yourself: I don't think jumping straight to a solution that puts all of the responsibility for every idea for a service in Debian on DSA shoulders is either the only way to go or even a good way to go. There are plenty of bad ideas that should be allowed to wither on the vine, and there are always going to be services that have been designed in such a way as to be difficult to integrate into DSA-managed infrastructure. We are, after all, a reasonably small team of volunteers. Pretending that we can support an infinite number of services or an infinite variety of designs is just going to end in disappointment for someone. I think there's quite a range of options between DSA can't host everything under the sun and I'll go set up a private parallel development environment out of project funds without any further discussion. Now, of course, I'm very disappointed that nobody from DSA is interested in acting as a gateway between service developers and hosting solutions outside of Debian infrastructure that would be suitable for services in development and experimental/maturing services. In my eyes, that would have been a win-win situation, by putting DSA in the perfect position to be aware of emerging services, and to interact early with service maintainers. But, well, I cannot force anyone to do work that they don't want to do. So, I offered at one point to set up an openstack private cloud for DDs to use for service development and so on. I got almost as enthusiastic a response to that as we got to kerberos, AFS, and now MQ. I decided to let it go instead of putting lots of energy into something that no one would use. That sort of thing can be revisited if it's actually interesting for people. I'm not sure what you picture when you talk about us acting as a gateway. Perhaps you could elaborate on that. I'm not keen on playing script monkey to set up machines for people - I'd much rather that interested people be able to do that for themselves. If you just want us to be a point of contact for people developing new services, I think we've said several times that we'd like to be just that. However, it sounded pointless to argue on that if there is no concrete offer to host Debian's services being developed outside of Debian infrastructure. So, since that discussion, I've been talking to a few hosting providers, and two of them have offered to support Debian with free resources (on their clouds) for Debian development. Since I think that avoiding vendor lock-in is a must, I'd like to make sure that we can get a third one on board before working out further details. That will include deciding how allocation of such resources happen, and where discussion about this should happen. My first choice would be to use debian-services-admin@ for that, but of course that will be your decision as I don't want to 'pollute' the list with traffic you are not interested in. No, that's precisely the sort of thing the list is for, I thought - it's not a private list for DSA or anything. Not sure where the word pollute or its scare quotes have come from, but it sure feels hostile. I'll assume you don't mean it that way. I have some operational questions about this cloud setup, since it seems you've delegated running Debian owned machines to us and then gone and got some that you don't want
Re: Debian services and Debian infrastructure
This one time, at band camp, Lucas Nussbaum said: On 21/01/14 at 15:07 +, Stephen Gran wrote: I think there's quite a range of options between DSA can't host everything under the sun and I'll go set up a private parallel development environment out of project funds without any further discussion. I don't know who you are quoting here, but I never said that I would go set up a private parallel development environment out of project funds. I think I might not have said that clearly enough or something, since I did not accuse you of doing that. We've very nearly finished cleaning up an awful lot of misunderstanding and lost good will from various donors because many Joe DDs asked for donations in the name of the project and then used it for a personal development platform without coordinating anything with us. I'd rather not start that up again. I am nervous that your plans to start handing out VMs with no DSA involvement means that in a few years, we'll have a few dozen owned VMs that no one ever bothered to clean up costing us good will with these hosters. I assume you have plans to prevent that, but as you didn't talk to us I can't know them yet. I also know from experience that we will be the people contacted in the event of trouble, and if we have no idea what is going on in these environments, it wastes time and effort. What I'm doing currently is what I wrote in the mail you replied to: However, it sounded pointless to argue on that if there is no concrete offer to host Debian's services being developed outside of Debian infrastructure. So, since that discussion, I've been talking to a few hosting providers, and two of them have offered to support Debian with free resources (on their clouds) for Debian development. Since I think that avoiding vendor lock-in is a must, I'd like to make sure that we can get a third one on board before working out further details. That is, *explore the possiblity* to get *free* resources for Debian development. Great. I'm happy you've been successful soliciting donations. I'm less happy about the decision to run with it instead of talking about it. If we can avoid spending DSA's time on a private OpenStack Cloud by getting free resources, and solve the problem of providing a development infrastructure that way, I really think that this is the way to go. That is something that might have been interesting to discuss, if only we had had a discussion. I have some operational questions about this cloud setup, since it seems you've delegated running Debian owned machines to us and then gone and got some that you don't want us to run. I'm not sure what to do with that disjuncture. I don't know what you are talking about. Where did I got some Debian owned machines that I don't want DSA to run? Are these resources being given to Debian or to lucas? I thought you meant you were getting this stuff for Debian? If they're given to Debian, are they not Debian machines? Not that I'm saying we have to run them, but I'm saying that you seem to have made the decision about how this is going without talking to the team that you delegated to do exactly this job. Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Please give a summary (Was: Debian services and Debian infrastructure)
Hi, Thank you for summarizing it so well. I've been struggling with this and getting probably unnecessarily angry about it, so you have done a much more balanced job than I was likely to. Don't you have enough flamewars to be in the middle of :) Cheers, This one time, at band camp, Ian Jackson said: Andreas Tille writes (Please give a summary (Was: Debian services and Debian infrastructure)): as a random reader I have the feeling that this thread is about a conflict between DSA members and DPL. For me all these mails do not make the slightest sense and it would help if someone could give a summary what you are talking about and if possible give some example what you think is OK and what not. AFAICT the DPL (and perhaps some other people) have been offered the opportunity to obtain donated cloud hosting. That is, VMs which would be hosted by the cloud provider for free but administered by Debian folk. That's nice and a thing we might want to take advantage of. (In my day job with the Xen Project, we make extensive use of VM hosting graciously donated by Rackspace, for example.) Lucas seems to be intending to mediate these offers to interested DDs (who have Debian-related uses for a VM) directly, with the apparent expectation that those DDs would end up administering those VMs directly in an ad hoc manner. DSA haven't been involved or informed (until now). I can see at least three problems with this, which have been mentioned in this and previous threads: Firstly, there is the prospect that bad things would happen to these VMs. For example, they might get compromised; or access to them could be lost when the invididual DDs who had been running them leave or go on vacation. This would be bad for the project, and of course it's bad for DSA because in such a situation DSA would be asked about these VMs and expected to fix it but have no access to or knowledge about them. Secondly, there is the risk that there would be no coherent way to retire these VMs when they are no longer needed. When we take on ongoing donated resources like that, there should be a mechanism for ensuring that the project knows about them, can periodically check that they're still being used and needed, etc. Thirdly, it increases the risk of services being developed in a way that would make them hard to deploy on DSA-managed infrastructure. Developers of services would benefit from early contact with DSA to understand at least in general terms how to make a readily deployable and maintainable online service. Fourthly, it appears to be inconsistent with the DPL's DSA delegation, which specifically delegates to DSA the sysadmin responsibility for all of Debian's systems (which clearly ought to include these VMs). This whole affair is a nontrivial social problem because it gives the impression that the DPL lacks confidence in DSA, and vice versa. -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Debian services and Debian infrastructure
This one time, at band camp, Wouter Verhelst said: Op 05-01-14 14:28, Joerg Jaspert schreef: On 13446 March 1977, Lucas Nussbaum wrote: I'm worried that this situation is harmful for the project. Yes, seperate development with different requirements than the production environment is harmful. It's a lesson that every larger company with an IT Department goes through at some point - and it's the same for our project. You need a development environment that is build and handled the same way as the production environment. Sure you need to evolve that, it may not stand still, with new requirements coming along, but you need to do that in close work with the people maintaining the production one, to ensure that the way thinks evolve is actually something that can be mirrored in the area it is intended to be run later. (Alternatively you can have a free-for-all run development and then get a third env, in which you then try to get to run the new release in a (newer version of the) production env). Since DSA is using puppet extensively ATM, wouldn't it be better to have a documented procedure on how to set up a VM or chroot or similar environment that uses DSA's puppet recipes to set up a development instance? That way, people can make changes where necessary (while obviously understanding these changes may or may not be acceptable), don't have to worry about making a mistake and killing someone else's machine (after all, it's their own machine), etc. If you prefer to run your own VM or chroot but want it to look like a DSA machine as much as possible, we do have public documentation on how we set things up. Our puppet is public: http://git.debian.org/?p=mirror/dsa-puppet.git As are our new machine setup notes: https://dsa.debian.org/howto/new-machine/ https://dsa.debian.org/howto/puppet-setup/ We're usually happy to merge patches. Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Debian services and Debian infrastructure
about (early development of a service), people can probably live with that level of insecurity, and can probably also manage day to day sysadmin issues on their own. I think everyone in the team would be happy to help people with specific how is apache configured issues, of course. Having responsibility for those services, and doing things like account management are much less interesting. That said, we are very interested in finding sponsors similar to bytemark who are prepared to provide hardware (servers and storage) for expanding our ganeti clusters. We're happy to provide VMs to people if/when they ask for them, subject to the need and purpose (ie, people should get VMs from a provider for their own non-Debian projects, people should provide their own resources for package maintenance, etc.). Q3. What should be our definition of official services? [ The debian.org DNS domain name is often associated with official services, whereas the debian.net DNS domain name is often associated with unofficial services. Besides the d.o/d.n distinction, I'm not aware of another definition of official services in Debian ] Even if this is highly preferable, I don't think that official services (.d.o services) should necessarily be running on Debian hardware managed by DSA, provided that: - the service is clearly useful and used - the service has a sustainable maintainance model (active team + instructions on how to contribute, run a local copy, etc. + DFSG-free) - the service's design does not raise security or scalability concerns I think you attach excessive importance to the TLD of a service. I doubt that most of our users would notice if the service was in the debian.xxx domain, to be honest, but the difference between .org and .net is certainly something I doubt casual people to be even vaguely interested in. We prefer that services not supported by DSA be accommodated in debian.net so as to empower the service owners to have full control of the DNS entry for service.debian.net. Conversely, we prefer that service in debian.org be supported by DSA. We wish to avoid confusion (and the per-service wiki page can help). Finally, please note that there are a number of debian.net services hosted on Debian infrastructure. Cheers, -- - | ,''`. Stephen Gran | | : :' : sg...@debian.org | | `. `' Debian user, admin, and developer | | `- http://www.debian.org | - signature.asc Description: Digital signature
Re: a SIP or XMPP service for debian.org
This one time, at band camp, Daniel Pocock said: On 22/12/13 10:52, Martin Zobel-Helas wrote: On Sun Dec 22, 2013 at 10:44:08 +0100, Daniel Pocock wrote: I've started a wiki on this topic, it provides a detailed plan from start to finish: https://wiki.debian.org/UnifiedCommunications/DebianDevelopers As one of the leading free software projects and given Debian's particularly outspoken attitude that we do not rely on third party free services there are compelling reasons to try and finally implement this entirely using our own packages and infrastructure. * do people generally agree with it? * would the DSA team be willing to provide and support the underlying infrastructure for this or have it on any existing servers? zobel@kvasir ~ % ldapsearch -LLL -x -H ldap://db.debian.org -b ou=hosts,dc=debian,dc=org '(host=cilea)' purpose dn: host=cilea,ou=hosts,dc=debian,dc=org purpose: voip.debian.{net,org} zobel@kvasir ~ % For more details, please contact Phil Hands. I've had some ongoing discussions with Phil but ultimately, like SMTP for debian.org, these things would need to be formally accepted by DSA at some point. Sure. I think maybe this is turning into some sort of comic loop. The understanding on the DSA side, as far as I'm aware, is that the VOIP setup on cilea is still a bit fragile and not ready for wider deployment. If that's not the case, letting us know that it's ready for widespread adoption would be a good start. If it is the case, I think we're expecting the people interested in VOIP for debian to make it ready for prime time before anything else happens. If you/fil/whoever else is involved have a different deployment strategy, I think we'd like to hear about it. Amongst other things, Phil commented on the password situation but it is ultimately up to the LDAP administrator to decide whether H(A1) hashed passwords are supported and whether they can be accessed by these processes. I don't think we want to use regular LDAP bind, if we can help it. For some other things, we've introduced servicePassword (we have a sudo password field and so on). Is it possible to do a similar thing for VOIP? cilea.debian.org is just one host located in Europe - it is good to start with. Once it is all running, the TURN processes would probably need to be set up in additional regions - are we likely to have resources for that or is this something that would take resources away from other initiatives? We have hosting in several places. Depending on how much resource these servers need and how difficult the deployment is, I can't imagine it should be an impossible problem. Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: The tell me if I'm being stupid statement
Hi, This one time, at band camp, Paul Tagliamonte said: Howdy folks, As some of the more observent folks will notice, I've updated my sig to include a ref to the following GPG signed document: http://people.debian.org/~paultag/conduct-statement.txt The template is up at: http://people.debian.org/~paultag/conduct/conduct-statement.txt I know it's only a small gesture, but it'd be really neat if we talked about doing this on a slightly more wide-spread scale. Since I'm loud and post a lot, I figure I'll lease some ad-time to the document in my sig. If you feel the same way, feel free to sign it yourself. Or enforce it on me. Or whatever. Nice one. I like the idea. I've always felt that people should be free to tell me either publically or privately, but possibly making it more clear would be a good thing. Either that, or I'd get so many mails telling me I'm being stupid I wouldn't get anything else done :) Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Code of Conduct: picking up
This one time, at band camp, Thorsten Glaser said: «Malware, short for malicious software, is software used to disrupt See. This isn’t software. It is a perfectly valid string of Unicode characters. You clearly missed the editorial changes vote. -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Possibly moving Debian services to a CDN
This one time, at band camp, Simon Paillard said: Hi, On Sat, Oct 19, 2013 at 11:07:05PM +0200, Martin Zobel-Helas wrote: On Wed Oct 16, 2013 at 21:01:08 +0200, Simon Paillard wrote: On Wed, Oct 16, 2013 at 07:54:04PM +0100, Stephen Gran wrote: This one time, at band camp, Simon Paillard said: [..] * Our (mirrors@d.o) is to have http.d.n made official so that we can have an instance like on each continent, then use GeoDNS, like security.d.o mirrors, to achieve 2 goals: avoid SPOF, be closer to users. in long term, i would like to get rid of our GeoDNS setup. I guess you have a rationale for this ? Which issues do you have with GeoDNS ? The major design problem is that it points you to a mirror that is close to your DNS server, rather than a mirror that is close to you. Also, it doesn't actually point you to the closest mirror, just a mirror on the same continent as you (unless you're in Africa or Asia, in which case oh well). This is sometimes good enough (as is the case for Europe, and mostly the case for America), but probably not for South America, where peering arrangements between countries can actually be worse than links to somewhere further away like the US. Anyway, I've gotten the sense that this conversation has now completed the entire Debian pattern of: I have an idea that might make things better No!!! You are worse than Hitler I give up So I'm probably going to stop posting about it now. Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Possibly moving Debian services to a CDN
This one time, at band camp, Ian Jackson said: I don't see a clear explanation of what the motivation is to switch to a commercial CDN. Can you clarify ? That will help us understand what we would be giving up if we decline to make this change. There are probably several having to do with effort and effectiveness, but I'll just share one story that's been ongoing. At debconf in Spain, I spoke with several people about the idea of putting in a security mirror in the vicinity of China. We are still talking about this, and users in China have made do with .. I don't know what in the meantime. Getting things closer to our users makes things nicer for them - time to first byte can be appalling when viewing our web page from some parts of the world, especially when on a mobile device. Time to first byte matters less when downloading large packages, but again, if we can get caching with large bandwidth, it's a better experience for the end users. I count at least a dozen d.o machines that are nothing but mirrors of one thing or another, and we still don't have very good coverage. There are lots and lots of subdomains (lintian, popcon, people, etc) that are in basically one place. That's a single point of failure, and also, half the time, on the far side of the world from our users. Sure, we could add more mirror machines, and we could make more and more mirror infrastructure and build our own CDN. At some point, though, it makes sense to me to say, other people already do this really well. We can carry on the way we are, but I think we'll lose out on improving throughput for our end users, getting close to users in parts of the world that have been difficult for us to find hardware or hosting, and reduce the workload on DSA while making more services more available. I understand your concerns about privacy, although I think they are perhaps unrealistic. You're asking, in a world where security services tap uplink cables and passively record metadata about all traffic, for me to get upset about whether someone logs an IP or not. Once the transit is proven to be unsafe, the endpoints no longer matter, in my mind. That being said, I don't think that at least the first iteration of this should force anyone off of their preferred mirror. I don't think we want to rush into this, and I don't think we want to throw out all the work we've done already to make our home-brewed CDN. I think we can let them coexist for a while, and see how we do. We have had one report that someone gets better throughput off of their existing mirror than they do from one of the CDNs offering their support. If we get better coverage for a small number of users and worse coverage for most of our existing users, that's clearly not a tradeoff worth making. I guess what I'm saying is, I can see lots of ways that this can make things better. Right now, we don't have any metrics about the tradeoffs, all we have are emotional responses. I'd like to start trying, so we can collect those metrics and make an informed decision. We can always say, thanks but no thanks later, right? Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Possibly moving Debian services to a CDN
This one time, at band camp, Raphael Geissert said: They do require a bit more work as they can not be added to the mirrors master list - they are dumb caching proxies that can not guarantee the consistency of the view of the archive they provide. Here's where I disagree with Russ as a piece of software is needed to address that, it's not all about the network. That's mostly because we're not actually 'using' them now - we're just allowing them to cache. Most CDNs have a decache mechanism of some sort or other that we could use on mirror pulses, or we could tune the cache headers to actually make it possible for CDNs to do the right thing, etc. They're currently more work than machines that actually have the files on disk because we treat them the same way, not because they are actually worse, if you see what I mean. Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Possibly moving Debian services to a CDN
This one time, at band camp, Simon Paillard said: Hi, We already have a network of almost 400 packages mirrors around the world. Using http.d.n, provides the CDN layer (not as much as optimal as anycast), so we don't need to sort ourselves peering issues etc. The mirrors do a very good job of being near to our users in most cases (we have had some difficulty with things like security mirror coverage, but that's not your issue). I know many people are happy with http.d.n, but you have to understand that it's not the same thing at all as a CDN - it's a single host, and it's in a single location. Time to first byte will still suffer if you're coming from Australia. We can do a home-brewed CDN -- that, after all, is what the various services referenced in the original message are. But one of the commercial CDNs will have better performance and better load distribution than one can do with software-only solutions without the peering setup and data center distribution. * Commercial CDN have no knowledge of debian archive datamodel and constraints, which leads to inconsistency (and consequently hash sum dismatch). Or this would imply just disabling caching for problematic files, or change apt/dak so that the archive is less impacted by synchro atomicity issues. Or do things like set long cache time on all files, and invalidate the cache on the metadata files once sync is complete. There are ways to solve those issues, just as there are ways to solve them when we're transferring them with rsync. * My own experience is different, http.d.n redirects to ftp2.fr, which i got 10,2Mo/s, while cloudfront.d.n (Amazon) gives 5Mo/s. This is an important data point. If cloudfront is outperformed by our current mirror infrastructure, it becomes less appealing. After all, we're trying to make things better, not worse. Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Possibly moving Debian services to a CDN
This one time, at band camp, Joey Hess said: Ultimately, we are of the opinion that the content delivery problem is a solved one But apparently not one solved by free software included in Debian. Perhaps it's worth avoiding using it if that will help encourage the development of libre alternatives. As others have pointed out, this isn't the problem at all. However, if this is a topic that interests you, you could have a look at the software requirements for mirror operators that we currently have. Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
DSA Team Meeting minutes from 20130809 1530Z on #debian-admin/OFTC
Agenda DSA meeting 2013-08-09 * Roll call Present: tfheen, zumbi, weasel, sgran Absent with regrets: - paravoid Absent without regrets: luca, zobel Things discussed: * Completed projects: - debian.org mail move status (tfheen, sgran) MX moved, mail forwarding work complete. * Ongoing projects: - debian.org mail move status (tfheen, sgran) Bulk of work done (as above). Follow up projects: - new LDAP field for mail forwarding with suffix. - move mail for more domains to front-end mxes. - openstack (sgran) Version investigation ongoing - template work to be done in a VM before putting on a blade. - disks for beethoven (weasel, zobel) we added new disks. backplane still broken after several attempts to replace it. vendor wants us to mail in the box. I think we should do it, and I started to move backup elsewhere (backuphost.d.o at bytemark). If alioth has nothing left on beethoven they care about I think we can zero the disks and organize shipping etc. - action item sgran - check that alioth doesn't need anything from - beethoven action item sgran: get backups of vasks working - disks for bytemark (tfheen) 4T disks only get recognized as 2.2T disks. Try to get 2T disks instead. one to test, then the rest. - ns4 move away from orff (weasel) no progress. need to investigate bind autosigning as way to ditch current pile of scripts and make upgrade less painful - CDN plan (tfheen) rsync still unsolved. lots of ideas, known problems, but no concrete progress. - ARM OOB status (zumbi) serial console everywhere but ancina. no remote power yet. - ARM Calxeda nodes plan/roadmap (zumbi) debian boots. no OOB (that's probably bad). questionable connectivity. unclear how to proceed - shipping of cyclades console servers two arrived at zobel's. both work. two arrived at weasel's. one broken one of zobel's is going to man-da - beethoven OOB (weasel): openvpn set up on one of the mips. console server arrived (see above). cables getting delivered soon. PDU purchased and arrived. appears to be DOA. need to get it replaced or verify it is not in fact broken. - debdelta (tfheen) In communication with admin. Needs VM for debdelta generation, rest goes to the static network. - codesearch (tfheen) little progress. Need to install service * other business - saens disk canibalize old-senfl/rore for disks. have them shipped to saens. - small items budget * New projects without owner o SSOT (single source of truth) [possibly luca post ud] sgran to mail ideas around. needs proper planning. maybe tfheen too. o ravel move no takers yet - identify services on ravel - inform service owners - move services = Other business = o RT triage/call for help (as always) trial of metric based system with beer-based penalties o stabile disk filling up weasel to look = Next meeting = September 13, 2013 Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Doing something about should remain private forever emails
This one time, at band camp, Charles Plessy said: Le Tue, Jun 18, 2013 at 10:49:55PM +0200, Raphael Geissert a écrit : At present, new DDs can access emails that were sent to -private years ago. People who might (or might not) be a member of the project and sent an email may not necessarily agree to that. Or a less controversial example: put simply, if an unauthorised person gets a hand on master.d.o there is no hope for those messages. Hi Raphael and everybody, couldn't we first have a split of the list into: So, who's going to do this work? While they're reading every single message sent to the list over the last decade and a half, wouldn't it make more sense to just honor the GR than to make up more work that nobody is ever going to do? This was precisely the problem with the GR in the first place - it was a somebody should really do that statement, and Debian has never worked that way. Just sayin' Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: when/how DDs can use the Debian name
This one time, at band camp, Daniel Pocock said: There are many places where a DD may have an opportunity to use the Debian name in a public sense. However, I just want to seek some clarification about this I don't think we have any guidelines, and I don't think we want to write completely proscriptive guidelines about this, do we? For example, if somebody is talking at some non-Debian IT event, and they need to specify their organisation and position on their profile could they simply put: Organisation: Debian Position: Debian Developer or is this a privilege that is only reserved for office holders and potentially the DPL's delegates? It's certainly not reserved. Maybe some common sense - is there some reason to use Debian's name? I would personally feel like it was inappropriate to use Debian's name to lend weight to a talk/paper/argument I was making when that talk/paper/argument wasn't actually about Debian. I would also feel it inappropriate to go somewhere and state that I represented Debian in any way except the narrow areas of the project where I participate. On the other hand, if I was going to an IT conference and not going in relation to my paid job, I might put my role as something about Debian, just to have something on my nametag and to give people an idea of the sorts of things I'm interested in. These are my feelings, and are not the result of a hasty conversation in a smoke-filled back room by members of the Cabal. TINC. -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: ditching the official use logo?
This one time, at band camp, Charles Plessy said: Hello everybody, I think it would be good to discontinue the Debian Official Use Logo if we agree that it is causing more problems than it solves. I don't agree. -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: alioth is down (again)
This one time, at band camp, Didier Raboud said: Le dimanche, 29 janvier 2012 14.15:55, Stephen Gran a écrit : Hello, Unfortunately, one of the pair of machines providing the alioth service (vasks.debian.org) won't power on. We are working on it, and apologize for any inconvenience caused. Hi Stephen (CC'ing debian-project), thanks for those emergency notices. Though, according to [0], shouldn't those annoucements be sent to debian-infrastructure-announce too/instead? My impression is that d-i-a is a useful list for reaching teams and developers within debian that rely on debian infrastructure to do their work. That was not my target audience with this email. My target audience was the much larger set of people who do development work on one of the thousands of projects hosted on alioth. Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: DEBIAN WEB PAGE
This one time, at band camp, Alex Mearakishvili said: Hello :) Hi, I'm web designer (not professional, but not beginner) and will be glad to create nice design for your DEBIAN web page for free. you can use it if you will like it :) tell me your thought about it please. There is a team of people that maintain and work on the web site. It is best to contact them at debian-...@lists.debian.org. P.S. I'm from Georgia, Tbilisi and sorry for my VERY BAD english :D Don't worry, it's far better than my Georgian :) Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Debian Maintainers Keyring changes
This one time, at band camp, Debian FTP Masters said: The following changes to the debian-maintainers keyring have just been activated: invalid-uid Full name: ungeneratable user id um? -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: handling of guest accounts on debian.org machines
This one time, at band camp, Tollef Fog Heen said: ]] Peter Palfrader Hi, | At the recent DSA meeting in Munich, this issue was identified and | we propose the following procedure: | | DMs and people in the NM process who need temporary access to an | architecture can contact NM Front Desk. People who are neither may | request an account if they find a DD to sponsor their request. The | sponsor would collect the information, verify it and forward the request | to DSA. Are you thinking of applying the same procedure for non-DSA-admined porter boxes? (At least for avr32, I'd be happy with it being so, it just means less work for me. :-) It's all LDAP driven, so if the porter box is in LDAP, then yes, I think that's sensible. Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: DSA meeting (Munich 3/9/10)
This one time, at band camp, Tollef Fog Heen said: ]] Stephen Gran Hi Stephen, First, I'd like to say thanks to all of you for maintaining the debian.org infrastructure. As a fellow sysadmin, I know how little visibility we have, except when things go wrong. | - monitoring: The DSA monitoring environment currently is reasonably | successful. However, it only monitors hosts on their IPv4 addresses. Now that | IPv6 is fairly widely deployed, we need to begin monitoring hosts on their IPv6 | addresses as well. We discussed how to implement this as well as other small | improvements to the management of our monitoring in general. Do you have any thoughts on monitoring of «associated machines»? I'm thinking of Alioth and perhaps non-DSA-managed porter boxes. Being able to piggy-back on your monitoring setup might be worthwhile, but requires you to be willing to do the legwork to make it possible. I'm of course thinking of having alerts sent to the local admin rather than DSA. So far we're not, but that doesn't mean we can't. There are a few hurdles to overcome (we configure nrpe via puppet, we have a few cronjobs that output files that we then monitor, and so on) that will need to be overcome before something like that makes sense. Maybe we can brainstorm about this a little and see if we can come up with something that makes sense for «associated machines»? Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
DSA meeting (Munich 3/9/10)
Hello all, This past weekend, several DSA (Stephen Gran, Peter Palfrader and Martin Zobel-Helas) met in Munich to talk about some of the issues facing DSA. We discussed the following issues: - userdir-ldap (the Debian account management system): Most of the changes needed here are programmatic ones, rather than admin as such, but streamlining this code base would help to eliminate some of the slow downs in handling less common requests. - configuration management system: This is currently provided by puppet. It is largely working, but we need to resurrect our development environment to make it less painful to test intrusive changes. - mail setup: This is also largely working. There may be some user-invisible changes coming (moving which hosts provide front-end MX services and the like) as well as some user-visible changes. We are considering moving information about team aliases (specifically spam scanning) into LDAP so that we can more easily export the information to front end MX relays. This would allow us to simplify mail handling by concentrating the complicated parts onto fewer machines, and would potentially allow for using CPU cycles for things like spamassassin instead of pesky things like user processes. - monitoring: The DSA monitoring environment currently is reasonably successful. However, it only monitors hosts on their IPv4 addresses. Now that IPv6 is fairly widely deployed, we need to begin monitoring hosts on their IPv6 addresses as well. We discussed how to implement this as well as other small improvements to the management of our monitoring in general. - hardware: There was a long and fruitful discussion about the state of DSA maintained hardware. We have a large number of machines approaching end of vendor support for the hardware, and we have begun planning the migration of affected services to newer hardware or virtual machines, as well as beginning plans to extend warranties and so on for important services that can not or do not need to be migrated at present. - DMUP (Debian Machine Usage Policy): We agreed that the DMUP should itself be simplified to contain only the intent, moving the guidelines to a seperate file that can more easily be kept up to date as technologies and perceptions of acceptable netizen behavior change over time. - accounts: There were several discussions around various aspects of account handling, from how to handle guest accounts (that is, people who are not DDs or DMs, but need access to things like porter machines for Debian work they are doing) as well as DM access to project resources. This has resulted in a draft policy for arranging access to project resources for non-DDs. - automation: Several fairly esoteric issues centered around resource management and automation of time-wasting activities were discussed, most of which will be user invisible. Where cooperation with team activity will be required for automation, most of the discussions have begun already. We also began discussions of our strategy for upgrading the estate to Squeeze. Finally, and most importantly, we went for drinks and dinner with local Debian folk. Thank you very much to all for your hospitality! -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Merkel going away
This one time, at band camp, Mike Hommey said: On Sun, Sep 05, 2010 at 10:36:16AM +0100, Stephen Gran wrote: Hi, merkel.debian.org, aka nm.debian.org, qa.debian.org, etc., has become increasingly unstable over the past few months. Due to upcoming changes in the hosting for all the machines hosted at Fort Collins, we have decided to ask the hoster to leave it turned off when they move the other machines. When will that happen? I have stuff running on merkel that would need relocation. It will be roughly a month before anything happens. Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: debian-private declassification team (looking for one)
This one time, at band camp, martin f krafft said: also sprach Stefano Zacchiroli lea...@debian.org [2010.05.22.1706 +0200]: I've been reminded [1] that we're still pending implementation of the General Resolution entitled Declassification of debian-private list archives [2]. According to the GR outcome, the DPL should « delegate one or more volunteers to form the debian-private declassification team ». Such a team will review -private posts older than 3 years, starting from the posting date of 01/01/2006, and declassify them (or not) according to the rules expressed in the GR text. I'll be happy to do so, but I need the volunteers first :-) How about making archive chunks available e.g. at monthly periods and telling people they have 2 months to voice objections before the stuff is simply disclosed. Those people who don't want their stuff disclosed are the ones that should be doing the work, no? Given that that's not the process we voted on, no. Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Proposed changes to the Debian Machine Usage Policy (DMUP)
This one time, at band camp, Jeremiah Foster said: So it seems like there are two processes here; expulsion and deletion. Expulsion is a political process, deletion is a technical process. One entity may have authority over the expulsion and another over the deletion. Am I right in assuming that the DAM is in charge of the expulsion process and the DSA is in charge of deletion? Nothing is deleted, but s/deletion/locking/g would be correct, yes. Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
RFH: maintenance of porter chroots
Hello all, DSA routinely gets requests to install/remove/etc packages in the various porter chroots. We also maintain the chroots themselves, doing routine cleanups, upgrades, reporting bugs in packages that hose chroots, etc. We're looking for interested porters to take on this work. We feel you are better placed to be a point of contact for people having trouble with their packages on your architecture of choice, and we'd like to give you access to work on blockers without having to waste time going through the round trip time of requesting things from us. We'd like a named list of people who will look after each set of architecture chroots. Assuming we get a list for each architecture, we'll be back in touch to discuss specifics of handover and so on. (If I've missed any porter lists that would be interested in being copied on this, apologies and please forward it on) Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: IPv6 troubleshooting help needed
This one time, at band camp, Andre Felipe Machado said: Hello, I am being unable to update systems (security and volatile) both at home and at work (Brasil). At work is very critical issue, as it is a Debian Partner, in the course of deploying Debian systems across Brasil federal key government agencies. A security mistake now will cost years of convincing effort... Can you send the output of `mtr security.debian.org`? The same for volatile would be helpful as well. Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: snapshot.debian.{net,org} and spending Debian money
This one time, at band camp, Andreas Tille said: Hi, more than a year ago it was announced that snapshot.debian.net has trouble with disk capacity[1]. Some ideas were expressein in blogs and even some rumor was there that we might have snapshot.debian.org in some months[2]. Since this time more than 13 monthes went without that I was able to notice any progress. I have not read all the mails about how to spend Debian money but if you ask me money would be very reasonably spent if this service would be back and running quickly. Work is progressing, and it's already mostly functional. We're not taking it live just yet. Peter will know more details than I do, but I'm under the impression we're mostly waiting for a multi-TB sync from .jp to finish. Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: DAM and NEW queues processing
This one time, at band camp, Bernd Zeimetz said: Don Armstrong wrote: On Wed, 24 Jun 2009, Steve Langasek wrote: Ok - then I guess my problem is that the list of names included in these is so non-notable (and is empty most weeks anyway...) that it doesn't register at all with me. Would it be enough to just have a special automated mail congratulating new developers on -newmaint (or modify the subject of this mail to congratulate them?) I'd be happy to modify the cronjob to send such mails to -project, if the interest is large enough. Does anybody want to come up with a proper wording? When we (DSA) add an account with the ud-ldap tools, it already sends an automated email to the new DD. It could also potentially mail -project or something with some simple template. The downside of doing it that way is we have none of the NM process information available. Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: DAM and NEW queues processing
This one time, at band camp, Lucas Nussbaum said: I've been advocating people too early (i.e, I've advocated people so that they could start NM, while in the meantime, I wouldn't have advocated them for DM). The reason is that the unassigned applicants list is huge, so, when considering whether you should advocate someone or not, you basically have to wonder whether the person will behave well when he gets an AM in 6 months. It all depends on the meaning of the advocacy. Does it mean I believe that X is ready to be a DD now (which would be stupid, since X will wait at least a year before becoming a DD) or I believe that X is ready to start the NM process. Thank you for adding to other people's workload sifting through applicants who aren't yet ready. Maybe you should do some work in the areas you're complaining about? -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Who uses @packages.d.o mail?
This one time, at band camp, Jonathan Wiltshire said: The debian-l10n-english team, and perhaps others, use this domain to keep the maintainer in the loop during Smith English-language reviews and the subsequent translations. This one time, at band camp, Adeodato Simó said: I use it all the time when eg. reassigning a bug (reassign mails are supposed to be CC'ed to the destination maintainers), rather than go up and look who's listed as maintainer and uploader and CC them all. These are the sort of helpful answers that make it clear that people do at least sporadically use the service. I didn't see anything useful in the week of logs I reviewed, but activity like that described above is probably reasonably 'spiky' and I'm not surprised I missed it. It sounds like the service should probably stay open. I would have been happy to restrict something that is only a spam attractor, but if it's more than that, than I'm happy people find it a useful service. If the teams who do use it think it can still be useful and be restricted, that's a discussion I still think is worth having, but I don't think we need to rush towards it. Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Who uses @packages.d.o mail?
This one time, at band camp, Joey Hess said: Some packages even emit it at runtime: Other packages, including reportbug --kudos, BUGBASH, and debconf-updatepo directly send mail there. Good to know. Anyway, this feels like it may be a false optimisation to me. You know that p,d.o gets 1000 spams a day, but you don't know how many spams a day are sent directly to each of the email addresses that p.d.o forwards to. My suspicion is that each *individual* package maintainer email address could easily be getting 1000 spams a day. If on average one or two more spam come through p.d.o, that's very minor. Unless spam coming through p.d.o is somehow harder to filter? Oh, no, it's nothing like that. It's just low hanging fruit while we think about how to make the rest of it better. Part of the reason people get 1000 spams a day is because we have so many routes to a maintainers inbox, and each of them add up. I know this one isn't the biggest target out there, but it looked, with admittedly only an hour or so's review, to be one of the easy ones. Anyway, I think it's clear the service is popular, so EOT from me. -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
forums.debian.net enabled
Good news, everybody! After a little quick scrambling, we now have some new victims^Wvolunteers to admin forums.debian.net. They have repaired and upgraded the forums install, and DSA have now reenabled it. Enjoy! -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Project machines upgrade
Hello everyone, We're finally getting close enough to the Lenny release that we're going to start upgrading some of the infrastructure machines to Lenny. As always, we'll try to minimize periods of downtime, and we will announce them on debian-infrastructure-announce before beginning an upgrade process. We will be testing all the public services running on each machine after the upgrade, but we ask those of you who have better knowledge of a particular service, or scripts running on a given host, to test after the upgrade of that host. If you experience any problems after an upgrade (and you've checked that it's not just a problem with your code ;), please don't hesitate to ask for assistance at the usual places. Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Results of the Lenny release GR
This one time, at band camp, Adeodato Simó said: * Robert Millan [Sun, 11 Jan 2009 08:22:58 +0100]: Currently, the only solution I see is that we ask the developers what they think, and hold another vote. Yes, I'm realizing myself there is not going to be another way. :-( Proposal: hand Robert Millan a nice cup of STFU. Seconded. -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Results of the Lenny release GR
This one time, at band camp, Steve McIntyre said: If things go much further we'll end up with enough seconds to force a vote to hand Robert Millan a nice cup of STFU. I'm hoping that's not what anybody actually wants, but I can also understand why some people might be feeling that way. Dato didn't sign his proposal mail, so this can't be a valid GR proposal, AIUI. All I meant was that I second the feeling, rather than a formal proposal. -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Discussion: Possible GR: Enhance requirements for General Resolutions
This one time, at band camp, MJ Ray said: Joerg Jaspert jo...@debian.org wrote: Many DDs ignore -project and even most stuff on -vote unless/until it looks likely to get enough seconds, don't they? You're the one making the assertion, I think the onus is on you to prove it. The discussion so far on this topic has, to my mind, suggested the opposite reading. We've seen postings from several people who don't normally post to -vote (and they've been fairly uniformly in support of the ideas being proposed, at a glance), which suggests to me that we have more lurkers than you are assuming. Here's a summary list of concerns I mentioned in other emails:- 1. 2Q is unjustified and excessive; I did justify it. If you cant find 30 people out of 1000 that are in the project, why bother 1000 to vote on it?. Why 30? Why not 130? Why not 300? The particular number is unjustified. I personally would be happy with a higher number, but 30 is a conservative first start. Would you be happier if the suggestion was 4Q or 10Q? I'm not good at interpreting complex constitutions, but I think a GR could pass with (3Q/2)+1 votes preferring it to Further Discussion. Requiring more seconds than votes in support seems a bit unusual, to put it mildly. Is there any other voting system that has that? Basic math says that in the described two way vote, if an option wins by 1.5Q, and the vote needs 3Q to be quorate, the number of people who have voted for the option is 2.25Q, which is more than the proposal. I don't think this is an argument against the proposal, unless I'm mistaking what you're talking about. What about the other two concerns: the obvious spoiler effect; and defending proposals during the discussion period? The 'obvious' spoiler effect - is that the idea that proposals with no supporters probably won't make it to a GR? That's a feature. Why is defending an option you are proposing a problem, and how is it worsened by increasing the number of required seconds over the current situation? If anything, it seems like increasing the number of required seconds means an incentive to have a wider discussion before proposing the GR, which if anything will widen the opportunity to build consensus, and if consensus can't be reached, make it possible to create a few compromises that people could live with before pretending we can resolve our difference in 2 weeks with a vote looming. -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Discussion: Possible GR: Enhance requirements for General Resolutions
This one time, at band camp, Stephen Gran said: Basic math says that in the described two way vote, if an option wins by 1.5Q, and the vote needs 3Q to be quorate, the number of people who have voted for the option is 2.25Q, which is more than the proposal. I don't think this is an argument against the proposal, unless I'm mistaking what you're talking about. Eh, ignore this. It was based on a (mis)memory of a requirement for the vote as a whole to have 3Q voters. The way devotee currently works, it seems each option needs 3Q to pass quorum requirements. This means that it's not 2.25Q who voted for the option, but a minimum of 3Q. I'm still not sure how this helps your argument, but I thought I'd mention I was wrong in my first reading. -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Discussion: Possible GR: Enhance requirements for General Resolutions
This one time, at band camp, Chris Waters said: I am also offended at the suggestion that ranking FD highly means you can't accept compromise. I'm sorry if you feel offended, but that's exactly what FD is supposed to mean. The only reason to vote FD is if you can't compromise on any of the options on the ballot. -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Discussion: Possible GR: Enhance requirements for General Resolutions
This one time, at band camp, Kalle Kivimaa said: Joerg Jaspert jo...@debian.org writes: a) The constitution gets changed to not require K developers to sponsor a resolution, but floor(2Q). [see §4.2(1)] This would mean that you need almost as many sponsors as is required for the quorum (2Q vs 3Q). I think that is too much. I think floor(Q) sponsors would be a more appropriate number. That just means that the number of people who think the vote is even worth having is not that different to the number of votes required to make it valid. That's probably not all that bad a thing, IMHO. -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Spamming the World through Open Debian Mailinglists (Re: lists.debian.org has received bounces from you)
This one time, at band camp, Cord Beermann said: Hallo! Du (Jeroen Massar) hast geschrieben: And yes, my SMTP server and those of a lot of other people will CORRECTLY refuse to accept mail classified as spam and correctly give a 500 SMTP error code as the server will refuse to deliver it. according to RfC2822 Chapter 3.3 blocking because of Content is discouraged. begin pedantry RFC2822, section 3.3, is about date/time formats. I suspect you mean RFC2821, section 3.3, which does not quite say that. It says: the DATA command should fail only [...] or if the server determines that the message should be rejected for policy or other reasons. It goes on to say: Server SMTP systems SHOULD NOT reject messages based on perceived defects in the RFC 822 or MIME [12] message header or message body. So, while we are discouraged from rejecting based on poorly formatted MIME, MTA admins are by no means discouraged from rejecting mail at DATA time in general for site policy reasons. /pedantry I know this is a semi-religious topic with lots of arguments on each side, so I'll stop here before I make any comments on the relative merits of either opinion. I just wanted to point out that the actual text doesn't quite say that. -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Where are the mails to my debian.org address?
This one time, at band camp, Oohara Yuuma said: [please Cc: to me because I am not subscribed to this list] Can anyone tell me what is happening on my debian.org e-mail address (ooh...@debian.org)? About a month ago most of the mails from that address disappeared. Now the only mails I receive from it are those from the debian-private mailing list, which is strange considering all the spams on the internet. I can't even receive the mail I send to ooh...@debian.org. I don't think this is a wrong configuration of mail forwarding. The mail from cha...@db.debian.org says emailForward: ooh...@libra.interq.or.jp, which is a working address. Not for master: 2008-12-12 10:15:36 1L9wEW-000347-0H == ooh...@libra.interq.or.jp R=dnslookup T=remote_smtp defer (-45): SMTP error from remote mail server aft er MAIL FROM:ooh...@debian.org: host mx.members.interq.or.jp [210.157.1.30]: 450 5.7.1 70.103.162.29: 450 You have been blocked for sending S PAM or similar. I personally think it's good manners to accept the mail you asked to be forwarded to you, but I understand that not everyone runs their own mailserver, and that this is sometimes impractical. Debian has to do a better job about forwarding spam (and we are, slowly) but there's not much we can do about good mail we can't deliver. Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: More frequent dinstall runs and mirror pushes
This one time, at band camp, Frans Pop said: On Friday 05 December 2008, Joerg Jaspert wrote: as the subject says, we are planning to increase the frequency of dinstall[1] runs. Our current plan is to have 4 runs a day, switching From the current [07|19]:52 schedule to the new [01|07|13|19]:52 schedule. All times are in UTC. Please be aware that mirror syncs are known to break new installations because metadata (checksums) is temporarily inconsistent or because package lists do not match available packages. It's possible this only happens for mirrors that don't use the right set of tools for their updates, but it is a real issue. Increasing mirror syncs will increase random installation failures. This has been largely addressed with rewrites of the sync scripts. Whether or not a given mirror will switch to the new version is a different matter, of course. Cheers, -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Member distributions and popularity
This one time, at band camp, Martin Schulze said: Err? What exactly are you proposing? I think he's saying we should be more like Java, so that we can run on no platforms at all, and this is expected behavior. Right now, people actually expect Debian to work on their hardware. If we could partner with an enterprise solution, we could resolve these misguided preconceptions. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: call for seconds: on firmware
This one time, at band camp, Manoj Srivastava said: On Sat, Nov 15 2008, Adeodato Simó wrote: | We as Developers at large continue to trust our release team to follow | all these goals, and therefor encourage them to continue making | case-by-case-decisions as they consider fit, and if necessary | authorize these decisions. Also, this one should not be voted together with the rest, since it's an orthogonal issue. This not /exclusively/ a solution for the problem for Lenny. We can ask the proposer of this option what he thinks, if you don't agree it should be split out. While some of the proposals have longer lasting effects than just the current release, they are still related: for example, the proposal singled out above, if passed, would make proposal 5 moot, and invalidate proposal 1. It's not possible to express the full set of relations in a single winner vote, as far as I can tell. It might be someone's vote to say 'none of this non-free crap in the archive ever' and simultaneously say 'but the release team does have the authority to downgrade these bug reports if they need to'. Unless I've missed something and we're planning on having a multi winner vote, -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: NEW queue
This one time, at band camp, Ana Guerrero said: Oh right, I am still surprised some people continue reading after the line: - need to be able to deal with all the existing team members :) in the same email. snip The sad part here is they^whe had to send a mail asking people to work there and adding such crappy caveats. Do you really honestly believe that people should join a team when they can't get along with the existing members. Do you really honestly believe that saying that the ability to get along is expected is a bad thing? Pretending that there exists this limitless pool of people who want to do really tedious work and be insulted for their effort except that Ganneff selfishly keeps them out is both wishful thinking and less than helpful. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: NEW queue
This one time, at band camp, Clint Adams said: On Sun, Oct 26, 2008 at 07:04:47PM +, Stephen Gran wrote: Do you really honestly believe that people should join a team when they can't get along with the existing members. Do you really honestly believe that saying that the ability to get along is expected is a bad thing? Pretending that there exists this limitless pool of people who want to do really tedious work and be insulted for their effort except that Ganneff selfishly keeps them out is both wishful thinking and less than helpful. There have existed pools of people who refused to work with James Troup, Ryan Murray, Anthony Towns, and Martin Schulze. It is no stretch of the imagination to assume the same will be true of similar people now and in future. That's fine - there will always be some people who can't work together. Even for these boogeymen that the conspiracy nuts use to scare prospective NMs into eating their broccoli, there were still plenty of people who have managed to work with them over the years. I don't think I've argued that everyone can and should work together. I just mentioned that if the pool of people willing to do annoyingly tedious work in exchange for being insulted regularly on mailing lists was that large, we should have seen more applicants. The mistake, however, is presupposing that any person or particular subset of people has the right to mandate which particular set of social exclusions exists solely on the basis of the positions or powers that may be held. This is the foundation which eventually leads to the cronyism that Manoj so despises. What I gather from this overwrought verbiage is that you don't think groups of people should be able to choose to work together on the part of Debian that interests them? -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: package maintainer contact lists and their posting policy
This one time, at band camp, Luk Claes said: Jonas Meurer wrote: As I think that the current situation is not acceptable, I suggest that alioth admins overwrite the current posting policy for pkg-grub-devel. Wrong, alioth admins should make sure the default is sane, but they shouldn't overwrite current policies unless requested/acked by the listmaster or project admin IMHO. With my alioth-adm hat on, I'm going to say I agree with Luk. I don't see the point of overriding a maintainer about how they handle their project, especially when I know they are active in the project. I also agree that the list should not be subscriber only, but you can't force people to act sanely. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: infrastructure team procedures (fifth edit)
It seems to me that after sam's emails this morning, this proposal is frankly unnecessary. Does your proposal bring anything that sam's emails didn't? It's clear that at least one DPL feels that the DPL is already empowered to do the things you are proposing. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: infrastructure team procedures (fifth edit)
This one time, at band camp, Josip Rodin said: Ad hoc interventions are just that. We need to have a crack at solving the underlying problem, and that means trying to stop depending on a myriad of unknown variables. My point was that your proposal, underneath quite a bit of verbiage, in the end only gives the DPL the power to add new members to existing teams. Since that is apparently already allowed, does your proposal actually change the relationship between the DPL and the teams? It doesn't seem like it to me. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: dopewars do we need such a game in debian distribution?
This one time, at band camp, Christof Adams said: Hallo Francois, I am a long time user of debian. In the updating process i found the programm dopewars you maintain. As a user i much apreciate the work of volunteers like you in the packing and handling of the debian software packages. But do we really need a game like this in the debian distribution, given the casualties and problems which drugs, there use and the dealing cause. Please think over it and remove this package and others with comparable content. You might find other packages which deserve your time better. I think it is useful to remember that many people have different thresholds for what they find offensive or funny. So far, it has been Debian's policy to allow software into the distribution provided there is someone to maintain it (caveats about varying levels of maintainership aside). We are too broad a project to have a single set of values, and I think it wouldn't be all that useful to try to impose one. Just my thoughts, and thanks for your interest. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: dopewars do we need such a game in debian distribution?
This one time, at band camp, Nico Golde said: At least w3bfukk0r was not allowed to get into the archive because of its offensive name and hot-babe also never made its way into the archive. You mean they were actually rejected by the ftp-master's, or you mean the discussion convinced the maintainers not to upload? I honestly don't know for the first, and my impression for the second was that all the shouting convinced the prospective maintainer not to bother. I don't see giving up and being told no as the same things. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: porter boxes locked down
This one time, at band camp, Peter Palfrader said: (Similarly alioth's sshd has been disabled until the alioth admins can update their systems) This is now done. Normal access is reinstated. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: please explain this violence
This one time, at band camp, Eeric Evans said: blah blah This one time, at band camp, Jonathan Kermack said: blah blah Can you pick a nom de troll and stick to it please? It was tedious enough having to delete your rants unread, but now I have to read the first 3 words of each new fake name before I realize that it's the same nonsense. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Updated Debian Maintainers Keyring
This one time, at band camp, Anthony Towns said: When psql on merkel gets updated to a version that can load the dumps from ftp-master [...] Can we just open the postgres port on ftp-master to merkel, and grant read only access (over ssl if it makes people feel better)?. AFAIK the sarge client side will happily talk to the etch server side. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: do all of MJRs subjects sound like they were ripped from the Daily Mail? [was: Re: Is debian profiting from forced child labour?]
This one time, at band camp, Steve Langasek said: On Sun, Nov 04, 2007 at 07:21:55PM +, Stephen Gran wrote: This one time, at band camp, MJ Ray said: Also I assume Joerg Jaspert's reply is serious, even if I think it's mistaken - if someone produced a CD of our distribution that did globally-illegal activities by default and sold it labelled as official debian, I hope the project would act against them. Why do you hope that? What part of the DFSG leads you to believe we should? And illegal in what jurisdiction? The DFSG does not, and should not, control our licensing of the Debian trademarks. Of course not. However, it is the only set of principles that everyone here has agreed to. It is true that the DFSG and the Social Contract are the only principles for which there is an a priori consensus in Debian[1]. I find it distasteful that some people seem to use this very fact as an argument against taking ethical stances as a project on matters unrelated to software licensing, as if it's not even worth asking whether there are other points that we can agree on as a community. Indeed, I believe this attitude has contributed significantly to the more dysfunctional aspects of the Debian community. The wide variety of what can be considered ethical makes me feel that it's probably not worth it for things not directly related to software, or matters having to do with us getting along as a project and continuing to at least vaguely function. Personally, I find any form of coerced labor, be it child labor, slavery, or wage slavery, distasteful. This doesn't mean I find it interesting or useful to ask if the project will take a stand on any or all of them. There are better forums for those sorts of things, and groups better placed to make a difference in those struggles. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
do all of MJRs subjects sound like they were ripped from the Daily Mail? [was: Re: Is debian profiting from forced child labour?]
This one time, at band camp, MJ Ray said: Also I assume Joerg Jaspert's reply is serious, even if I think it's mistaken - if someone produced a CD of our distribution that did globally-illegal activities by default and sold it labelled as official debian, I hope the project would act against them. Why do you hope that? What part of the DFSG leads you to believe we should? And illegal in what jurisdiction? The restrictions on what distributions can be labelled as official debian are fairly tight: see http://www.debian.org/CD/faq/#whatlabel Yes: Note that you are allowed to use the Official designation only on CDs the image of which has a checksum that matches the one from the jigdo files of official releases. That has something to do with a random morality or legality in what sense? -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: notable Debian contributions in 2006
This one time, at band camp, Joerg Schilling said: If you believe you have time again, you should answer the questions I send you last year or admit that the claims from some Debian people against me and my projects are wrong. Or, better yet, we could all just stop feeding the troll. If he's actually serious that his 'work' is under a free license, then there is no problem. If he thinks there's a problem with a fork, then it's not a free license. QE fucking D. Can we all move on now? -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: X Windows...
This one time, at band camp, Dos Rios. said: Read the attached - at least the last lines. Visible links 1. file:///C:/Documents%20and%20Settings/Administrator/Desktop/DebianDo.c/DDocHtm/ch-basic_defs.en.html Thank you for being yet another person who runs a windows machine as administrator. I have all sorts of other things that occur to me to say, but really, I think I'll stop there. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Debian logos and trademarks
This one time, at band camp, Bastian Venthur said: Anthony Towns schrieb: Having a restrictive trademark license prevents people from using confusingly similar logos, while a DFSG-free copyright license allows people to make derivatives as long as they're not confusingly similar. And for the DFSG: Doesn't someone can only use it if we authorize it contradict to No Discrimination Against Fields of Endeavor and License Must Not Be Specific to Debian? Not really. Licensing it under the MIT license means anyone can use the image, fiddle bits, redistribute it, or do whatever with it. Having a trademark policy means that they can't use the image to claim to be Debian when they aren't. This is the part that everyone confuses when discussing trademarks using the paradigm we're familiar with from copyright discussions. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Debian Weekly News - November 28th, 2006
This one time, at band camp, MJ Ray said: Stephen Gran [EMAIL PROTECTED] wrote: Bill's apparently under the impression that Debian has either a legislative or an executive branch that exists and wields some power, and this idea has apparently made him grumpy. It's good for all of us that this idea doesn't actually exist. In a way, it does, whether or not you agree with it: DPL+most delegates are the executive This would certainly be true if the DPL had the power to veto decisions made by developers, or issue fiats, or any other traditional hallmark of power. Since the DPL doesn't have any of those powers, that assertion doesn't make any sense to me. It has been jokingly said that the DPL could be replaced with a mailbot that just replies That sounds like a good idea. Why don't you try it? DDs are the legislative That doesn't make sense, either. The legislature is a subset of the population, elected to act on behalf of the population. DDs are the population. secretary+some cttes are the authority I'm not sure what the 'authority' maps to in a traditional government, so I'm not sure what this means either. but that is a view not agreed by all and I've seen it debated on-list since at least 2002. Another way of viewing debian's governance is a democracy / guild / do-ocracy split (which I think appears in Biella Coleman's dissertation). This sort of interpretation seems more reasonable to me. It seems unhelpful to simply deny those views, as it's usually pretty clear what is meant. In the other world-view above, Bill Allombert seems unhappy with the guild deciding things previously done byq the democracy. Has that got better or worse since Vancouver? Did Vancouver mark a structural change? Any decision by any 'guild' or 'executive' or whatever you want to call it can be overruled by GR. I take the fact that no GR has passed as a sign that people are not that upset about it. Anyone feel like answering the point instead of abusing the viewer? Nice touch. Constructing a sentence that simultaneously dismisses the person you disagree with while crying foul that they're being dismissive is a nice rhetorical flourish. I'm sure it was helpful. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Debian Weekly News - November 28th, 2006
This one time, at band camp, Steve McIntyre said: On Tue, Dec 05, 2006 at 09:08:54PM +, Bill Allombert wrote: On Fri, Dec 01, 2006 at 01:00:46PM -0800, Russ Allbery wrote: The best thing that can be done to reconcile the conflicting concerns right now, as far as I'm concerned, would be for all of us to stop telling other people what to do. This would start by rescinding the Vancouver proposal, and generally not conflating executive and legislative power. What on earth are you babbling about? Bill's apparently under the impression that Debian has either a legislative or an executive branch that exists and wields some power, and this idea has apparently made him grumpy. It's good for all of us that this idea doesn't actually exist. Take care, -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: [AMENDMENT] Re: seconds searched for override of resolution 007 needed.
This one time, at band camp, Kurt Roeckx said: I want to amendment the following proposal: === START OF PROPOSAL === Definition: For the purpose of this resolution, the firmware mentioned below designates binary data included in some of the linux kernel drivers, usually as hex-encoded variables and whose purpose is to be loaded into a given piece of hardware, and be run outside the main memory space of the main processor(s). 0. This resolution overrides the resolution just voted (http://www.debian.org/vote/2006/vote_007). 1. We affirm that our Priorities are our users and the free software community (Social Contract #4); 2. We acknowledge that there is a lot of progress in the kernel firmware issue, both upstream and in the debian packaging; however, it is not yet finally sorted out. 3. We give priority to the timely release of Etch over sorting every bit out; for this reason, we will treat removal of problematic firmware as a best-effort process, and in no case add additional problematic material to the upstream released kernel tarball. 4. We allow inclusion of such firmware into Debian Etch, even if their license does not normally allow modification, as long as we are legally allowed to distribute them. 5. We further note that some of these firmware do not have individual license, and thus implicitly fall under the generic linux kernel GPL license. We will include these firmware in Debian Etch and review them after the release. Vendors of such firmware may wish to investigate the licensing terms, and make sure the GPL distribution conditions are respected, especially with regards to source availability. 6. We will include those firmware into the debian linux kernel package as well as the installer components (.udebs) used by the debian-installer. END OF PROPOSAL And replace the text with: BEGIN OF PROPOSAL We, the Debian project, find freeness that we want for firmware used by the kernel is an important question, and that we will have to deal with this. However, we think that we as a project need more time to deal with it, and having more general resolutions isn't going to solve this. Therefor we will not have another general resolution about firmware until after the release of etch and atleast 6 moths have passed since this general resolution. This does not mean we will not discuss this issue, or work on getting things better. END OF PROPOSAL Seconded. I'm open for suggestions on how to better word this. Something along the lines of for the love of God will you all just shut up for five minutes is probably out of the question, huh? -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Using money to fund real Debian work
This one time, at band camp, Denis Barbier said: On Tue, Oct 10, 2006 at 03:53:34PM -0400, Roberto C. Sanchez wrote: On Tue, Oct 10, 2006 at 08:50:39PM +0200, Denis Barbier wrote: On Sun, Oct 08, 2006 at 09:22:04PM -0400, Roberto C. Sanchez wrote: [...] The strange thing is that while I see lots of discussion about why people should or should not be allowed to fund particular developers to do particular things, I don't see any similar discussion about why people should or should not be allowed to spend their time working on the parts of Debian that interest them most. Program runs successfully here after dropping the 'assert (tine == money);' statement. Huh? I hate to be the one to break it to you, but many things life boil down to a question of time or money. Re-read my mail, I wrote that if you do not assert that time and money are equivalent resources, then your question has a trivial answer. If you want to keep this assertion as valid, you have to find another answer. In my world, I have to work full time in order to pay the bills, and this reduces the amount of time I have for things that are fun. Do things work differently in your world? If so, what are the emigration rules like? You don't even have to resort to the bible for time == money proofs - realtively modern philosophers like Marx say that money is frozen labor (i.e., worker's time). Or are you trying to say something I'm not seeing here? -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Using money to fund real Debian work
This one time, at band camp, Thibaut VARENE said: It's obvious giving money will affect someone's behaviour (allowing him/her to work full time on a project, for instance). And as action induces reaction, the moment there's someone which is given money, there will be two class of peoples: the ones who are given money, and those who aren't. How would those who aren't be unaffected by the fact that some are?? Ever heard of jealousy for one thing? I would argue that people feeling jealous need to get over themselves and grow up, but maybe that's just me. In my view, if I were involved in a given project, giving it a good part of my free (unpaid) time, and I were to see some other guy working on this very same project doing the same work I'm doing, I guess I wouldn't feel terribly well. Now if that guy were to do deep shit and if I had to walk behind him to collect his crap in order to keep the project in shape, I guess I would be extremely upset. Why on earth would Debian take crap work from someone just because they're paid for it? I would expect that we continue to accept people's contributions in the same way we do now. If the quality of it sucks too bad to keep around, we ditch it. Granted, the weeding out process could be better and faster, but it seems to me we usually find the really horrible stuff in fairly short order. Secondly, why would you clean up after someone just because they're paid? Stop working on that piece of the project, or deny them access to that piece of the project. This has happened before without money being involved, and I don't see why it shouldn't continue to be the case. You're making it sound like the introduction of a few paid workers turns Debian into a corporation where we have to take the output of paid projects. We really don't. If they turn out good work, then yay, Debian gets some good work out of it. If they churn out crap, then we ditch it and take away their svn access. So what? -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Using money to fund real Debian work
This one time, at band camp, Pierre Habouzit said: Le dim 8 octobre 2006 14:18, Raphael Hertzog a écrit : And if the comments associated to the project proposal indicate that there's some controversy in the idea behind the project, then the donor would be aware that there's a risk that the stuff doesn't get integrated into Debian proper. hahah, and you expect to find donors with that ? Actually, I would expect that this is quite possible. I wouldn't expect them to find enough donor's to provide full time work for several people on an ongoing basis, but that's not what this is about, AIUI. My concern is about money driving how decisions are taken or not. It always ends in bad technical solutions, so my fear is legitimate. Sorry, assertion failure detected. I think it's entirely likely that enough small scale donations could be gathered to allow some projects to be minimally funded for short periods without any of the sort of corporate silliness you describe entering in to the equation. If you're talking about orders of magnitude more money, then you're probably right, but I don't think anyone's talking about getting rich here. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Debian Powered Logo
This one time, at band camp, Yavor Doganov said: On Sat, 01 Jul 2006 10:04:51 +1000, Matthew Palmer wrote: I'm sure RMS would love to be associated with Ubuntu as a contributor. No, he would not. Ubuntu, as well as Debian, unfortunately, contain non-free software, and RMS has dedicated his life fighting against it. Hence the GFDL. /me ducks and runs for cover ... -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Call for a new DPL mediation ... This will be the only thread i will reply to in the next time about this issue.
This one time, at band camp, Goswin von Brederlow said: As long as the D-I team is a debian team the debian constitution holds. As such the DPL and a GR have certain powers. Can you point me to the relevant section of the constitution that says this? I see nothing that gives the DPL the power to disband a team maintaining a particular set of packages. I do understand that implicitly, the body has the power by way of GR to do damn near anything, but I don't see any mention of elected or delegated officials having the sort of power you're talking about. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Call for a new DPL mediation ... This will be the only thread i will reply to in the next time about this issue.
This one time, at band camp, Ean Schuessler said: Frans Pop wrote: Bah. That is a gross overexaggeration. No arch has been killed in d-i. d-i is, and will remain, perfectly capable of installing powerpc. As I've said before, there may be a temporary reduction in support (specifically for the lesser used subarchitectures), but there is absolutely no basis for claiming that powerpc support is being killed. That is where I have a spot of confusion. No one seems to deny the fact that Sven plays a critical role in producing the PPC port of the installer. It frames his antics in a different light if his contributions have been minimal. If he does very little for the project and makes this much noise then I can see why his elimination is sensible and even beneficial. Nobody plays a critical role in any piece of software development, sorry. If we let software development become about egos and who does what, we've lost to lunatics and idiots, and we might as well use one of the BSDs. I suppose it comes down to what a temporary reduction in support looks like. Ideally this staffing change should produce improved performance. Could you outline the improvements you expect to achieve through Sven's elimination and the timeframe they might arrive in? Do you have some specific people in mind who have committed to make #d-i a more productive group if Sven's presence is eliminated? The only sensible answer to timeline questions is and has always been, when we're done. Sooner if you send a patch I'm not trying to be mean, but sorry, this is just a non issue. If people need ppc subarch support, someone will step up and do the work. If noone steps up, we didn't need the support. QED. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Debian women: please pass away
This one time, at band camp, Steve Langasek said: On Sat, Jun 10, 2006 at 01:07:10AM +0200, Henning Makholm wrote: Scripsit martin f krafft [EMAIL PROTECTED] We have a strong suspicion of who the author is. Do we? It appears to me to be so stereotypical than any random troll who wanted to capitalize on certain recent events as a chaos-generator could have written it. It might even be a (stillborn) attempt at satire by someone != the one you allude to. Uh, I guess that the implication here is that the we know who is Jonathan Walther. FWIW, there's not much evidence to suggest it is, and lots of evidence to suggest it is not; this mailing list post (and matching ones sent today to the debian-women list, see the list archives) fit the modus operandi of a troll Debian Women has been dealing with on and off for quite a while, who goes by the name of mikeeusa, uses throw-away yahoo mail accounts, and appears to be a young male located in the US. The last part, at least, would rule out Jonathan. My first impression is that it is neither of these people. The original mikeeusa crapflood was coming from IP addresses in upstate NY/Canada, registered to optonline. This batch is (when not using tor) coming from addresses in Atlanta, Georgia, apparently. This trip on the loser-rant-mobile also has a different writing style than either of the others. It seems to me debian-women has found another impotent, friendless loser who can't find better things to do with his time. My suggestion is just to do the same as we did for mikeeusa, and block the addresses we know about, advise yahoo someone is using their machiens for hate mail, and watch him go away after a while. For the ones that sneak through the lists, well, that's why procmail exists. I have already contacted abuse@, FWIW, but I don't expect to hear anything back - I never did with mikeeusa at any rate, although he seems to have lost that address. Take care, -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Reforming the NM process
This one time, at band camp, Raphael Hertzog said: On Wed, 12 Apr 2006, Mike Hommey wrote: It's a pain to have to use gpg to discover who sponsored the upload. You already know that by looking at the GPG signature. If you read what I wrote (I just kept the relevant line) ... you will see that I know that. But it's a pain to have to grab the .changes file and run gpg on it. Just to pick one I happened to recently sponsor: http://qa.debian.org/[EMAIL PROTECTED] Mouse hover over any of the versions - it will tell you the uploader. This problem has already been solved. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: bet there are no senior citizen developers
This one time, at band camp, Michael Banck said: Hi Dan, On Thu, Mar 23, 2006 at 06:27:18AM +0800, Dan Jacobson wrote: Bet there are also few developers over 45 years old. Probably 99% young, male. Bet there is no web page with developer age demographics. Anyway, at 45 things get fuzzy, at least for me, so I admire those older developers. Please post non-development issues to debian-project next time. Or rethink whether your issue needs posting at all. This is Jidanni you're talking to. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Honesty in Debian (was Re: Amendment to GR on GFDL, and the changes to the Social Contract
This one time, at band camp, Nathanael Nerode said: Stephen Gran wrote: Do you really think that there is a magical difference depending on where you ship a file? It's not a magical difference. It's a documentation difference. And a very important one. There's a big difference between We'll have random non-free stuff mixed loosely into the free stuff, and Free stuff will be over here; non-free stuff will be over there. Er, what are you blabbering about? Non-free software needs to be in /usr/share/doc only? Or it needs to be in /nonfree on the mirrors? If you are actually arguing that putting non-free software into some isolated place on your filesystem makes any bit of difference, I can't see the point of your argument. I've said this before, but most people don't seem to get it. I do *not* believe that all software should be free. I believe that it should be trivial to *tell* whether a piece of software is free or not. Currently Debian makes this impossible. apt-cache policy `dpkg -S /path/to/file | awk -F: '{print $1}'` will tell you where the file came from, and whether it's free, if it's part of a deb. Or is this some sort of wedge tactic, intended to make a larger change down the road more acceptable by making a smaller one now? No, it's not. It really isn't. The whole reason why I started this thread is because most people seem to be arguing about a completely different issue from the one I care about most. I'm trying to make it clear what I'm actually talking about (and perhaps someone else will agree with me), because most people talking to me are arguing at cross-purposes. So, just to be clear, you are arguing that what you care about is putting non-free software that Debian distributes into a special place on the filesystem? The point of which is what exactly? Look, I am not trying to be rude, although I can understand that you may feel I am being so. We are in the middle of several rather heated debates about whether or not this or that thing is free, and you come along and propose that not only are we lying to users, but we should mandate the FHS location for non-free bits, but still ship them. What? -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Honesty in Debian (was Re: Amendment to GR on GFDL, and the changes to the Social Contract
This one time, at band camp, Nathanael Nerode said: As it is non-free stuff is squirrelled all over the Debian system. It may be seen as a sort of retreating, but I'd be so much happier if I knew that all non-free stuff was located strictly in the usr/share/doc/*/copyright and /usr/share/common-licences/* files, and wasn't infecting the rest of the system. This is a lot of noise for a no-op, AFAICT. Do you really think that there is a magical difference depending on where you ship a file? Or is this some sort of wedge tactic, intended to make a larger change down the road more acceptable by making a smaller one now? [your personal feud with the emacs maintainer snipped] So, Debian is being unthruthful to its users. No, I think the problem is that you have a very strange idea of what we are promising our users, based on some legalistic, over literal reading of the SC. It is clear that everything in Debian cannot be either %100 free or %100 software. We ship license texts, images, and all sorts of other things. If you are unable to read the SC to mean something sensible, that is frankly your problem. Incidentally, accusing people of lying because they have a more sensible interpretation than you is a strange way to attempt to influence people. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Discussion of bug #311683, default kde install shows porn
This one time, at band camp, Sven Luther said: On Sat, Jun 04, 2005 at 05:47:50PM -0400, Stephen Gran wrote: Yeah, random underage people in this context being the children of the KDE desktop using users. Would you like your child to be subject to porn while you are away and the screensaver is working ? You may not even notice. I find the 'save the children' cry to usually be a whine from parents too lazy to take the time to properly do the parenting themselves. If you are a parent, or are installing Debian for others who have children, and you are worried about this, take half a second and disable webcollage for them. I don't think it's the distibution's job to do that parenting for you, just as it is notthe jb of the cable TV operators to decide for you if porn can be shown in your house. If you don't want it, filter it. There are plenty of tools available. I also believe that this may subject distributors of debian/sarge cd to legal troubles. Let's not degenerate into FUD so quickly. It contains no images in and of itself. If webcollage will generate legal trouble for distributors, so would a graphical browser. Quick, let's drop mozilla so no one can look at a porn site. Good thinking. There is a world of difference, since mozilla needs active action to show porn, while this one is showed up to your face. A judge may well make no difference in this case between being shipped together with it, or it being automatically downloaded, and in any case the damage, with its possible wide ranging psychological consequences, will already have been done. So does webcollage. You have to open the KDE control center, find the screensaver subpart, enable the screen savers, and then select random. Or you could click on a link in an email and get taken to a porn site. Do you see a difference? I don't. The secnd case is actually easier, if anything. Do we really want to be responsible for that ? I don't want to, and i suggest all distributors boycott the sarge release if this is not fixed ASAP. That is so ridiculous it doesn't even deserve a civil reply. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - pgpEI4PRnTbvZ.pgp Description: PGP signature
Re: Discussion of bug #311683, default kde install shows porn
This one time, at band camp, R. Armiento said: Stephen Gran wrote: If it offends you, don't use it. If it offends your site, have site policy filter it. [...] Take a little responsibility for what you install on your computer already. The thing is, I *perfectly* agree with these statements. The bug here is just about that the current setup may make it a little too easy for people who will be offended by WebCollage to still accidently install and use it. It is sensible to both 1) keep things available for people who want to use them 2) help people avoid running things they do not wish to run. Don't you agree with this general principle? Because then the whole thing is just a grey-zone question about the balance between '1' and '2' in the specific case of WebCollage. And I suggest that putting it as basically the default screensaver on every kde-users desktop may be a little unbalanced towards '1'. You are missing the point. All that webcollage does is scrape images off the web. If the images are available to webcollage, they are also available to every browser we ship, and wget and curl and on and on. This means that a default install of Debian will allow users to surf porn sites (or get accidentally directed to one by clicking a seemingly innocuous link). So? You miss the point that no one really asked for this collage of web images. It was a feature of the default install of debian testing. If the user or I had known about WebCollage, we would have turned it off. The point of the bug report is that this is likely to apply to most workplaces. That is 1) people do not know about Webcollage 2) if they knew, they would turn it off. A default that most people turn off, is that a good default? ISTR that the default KDE setup does not activate the screensavers. It also doesn't pick random as the default. So this means people have to actively change the defaults and not have any enforced site policy to trigger this. Again, they asked webcollage to do what it does. Debian won't stop people from staring at the Sun until their eyes burn out either. Is that a grave, normal, or wishlist bug? Debian do not install the Sun as the default desktop wallpaper. If it did, and burt the eyes of new users, that would be reported as a grave bug. I rest my case. If Debian only shipped a package that contained the Sun, and it was up to the user to both enable it and stare at it, I would tag it wontfix or close it. The fact that the default rm as shipped in coreutils allows you to remove key pieces of your system, or that vi allows you to write offensive text, do not make them buggy packages. They only do what you tell them to do. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - pgpzWil5rQSDa.pgp Description: PGP signature
Re: Discussion of bug #311683, default kde install shows porn
This one time, at band camp, R. Armiento said: The issue is: 1. The WebCollage screensaver ...makes collages out of random images pulled off of the World Wide Web. It finds these images by doing random web searches The result is a screensaver that often shows sexually explicit images. So you are suggesting that a network that doesn't care enough one way or another about pornography to filter their web traffic will suddenly be exposed to naked people via a screensaver? What network do you work on that a screensaver is your first exposure to naughty bits? 2. The xscreensaver package contains the WebCollage screensaver, but places it among the screensavers that per default are not included in random screensaver. 3. KDE's random screensaver ignores xscreensavers settings about what screensavers should be included in random screensaver and randomize over all screensavers. Result: users of KDE with the 'random screensaver' setting eventually find their screens filled with sexually explicit content. And even if that should be fixed, users flipping through the screensavers risk being presented with sexual content in the screensaver preview window. This sounds like something for site policy, not Debian policy. It is most certainly not a bug. Were I the maintainer of the package, I would just close the report. You asked to get a collage of web images. Most of the web is porn sites. Therefor, you asked for porn. Feature, not bug, if you ask me. If you don't want porn, filter the traffic. Here is the bug link: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=%23311683 It may also be relevant that a similar discussion is taking place on the Fedora bug lists: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=139513 (with duplicate bugs: 139777, 149803, 140684) RedHat may care to cater to people too stupid to filter their web traffic. I certainly don't, and I hope that the maintainer of xscreensaver and kdelibs-bin don't either. If it offends you, don't use it. If it offends your site, have site policy filter it. Please, please, please, people, can we stop with the bugs about accidental exposure to something you don't want to see? Take a little responsibility for what you install on your computer already. Debian won't stop people from staring at the Sun until their eyes burn out either. Is that a grave, normal, or wishlist bug? -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - pgpzZql0qxpIh.pgp Description: PGP signature
Re: Advertising on Planet Debian
This one time, at band camp, Pascal Hakim said: On Thu, 2005-05-05 at 01:03 -0400, Stephen Gran wrote: This one time, at band camp, John H. Robinson, IV said: Pascal Hakim wrote: On Wed, 2005-05-04 at 13:46 +0200, Santiago Vila wrote: There's a whole bunch of messages in the junk folder that were caught by razor. * Are you already using greylisting? DSA seems to not like the idea of running a full DB on murphy. This restricts the kinds of greylisting we can do. This is something I'd like to move forward to, but will take a while. I wonder how difficult it would be to port the greylisting options to use SQLite. I am using a perl implementation from somewhere - it's the perl DBI stuff, so it should be fairly trivial. I can dig up where I got it if you like. Probably could even just do libdb stuff, I have no idea (haven't looked at the perl libraries for it and how much work it would be). Which greylisting daemon? This one, with a few local modifications: http://users.aber.ac.uk/auj/spam/ -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - pgpB1selK2X6s.pgp Description: PGP signature
Re: RedHat flaked out on me!!!!
This one time, at band camp, Matthew W. Sanders said: If I migrate all of my systems to Debian, you aren't going to drop support on me are you? What is the foreseeable future of support on your product? RedHat has me [EMAIL PROTECTED] Why would I want to upgrade to another one of their products after they sold me out? Please tell me If I buy a copy off the shelf I can update it for a while We do not offer paid support, the way Red Hat used to. That being said, I have a hard time imagining Debian disappearing in the forseeable future. Since this is a not-for-profit organization, we will not 'drop support' because it becomes unprofitable. So long as there are people willing to do the work, it will get done. PS Will you be my friend? Just now I have too many, and I'm trying to give some away. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - pgpIHT5GuyOd0.pgp Description: PGP signature
Re: question
This one time, at band camp, Thompson-Laurin, Harriet said: Hi, I am a systems analyst taking a course at the University of Phoenix on Unix. My teacher has assigned a project in which I need to obtain specific information about Debian. Although I searched your website, I wasn't able to find out if Debian runs on Pentium 4's. Specifically, I am to find information regarding Debian regarding: Cost None for the software or help, you might have to count the cost of your bandwidth or physical media (CDs etc), though. Market share I dunno - check the linux counter website for some guesstimates Hardware requirements There are lists of hardware that linux supports - I suggest google and the words linux hardware howto. They may be a couple of years out of date, though. File Processing ? Programming capabilities I can't think of a programming language that can't be used on Debian - there are probably some closed-shop languages around that I don't know, though. You have to bear in mind that linux has it's roots in the programmer/hacker world, so there are plenty available. There's a running joke that Windows comes with freecell, while linux comes with a compiler :) Availability of application software greater than 10,000 packages, all free, and installed and configured quite easily. User interface Choice between any of several gui's and the traditional *nix-like CLI I was able to find on your site that Debian works with the older Pentiums, but no reference to Pentium 4, so that is my primary concern. In this college case study, would the Pentium 4's need to be downgraded to Pentium 3's in order to run Debian? It runs on P-4's just fine. Take a look at linux.org for the kinds of hardware linux has been known to run on. Also www.debian.org/ports for the computer architecture debian has been ported to. Of course, any other information would be helpful. It does appear that there are quite a number of available application packages for Debian, from the website. I gather than the Unix/Linux/Debian marketshare in total is estimated at 5%, but I also need to obtain marketshare for just Debian by itself. Again, the linux counter site will be helpful. As will google. I don't mean to be rude, but google is immensely helpful for all of these sort of questions. Linux is probably the most-documented OS on-line - not all of it is well written, or up to date, but there is a discussion about linux and almost any topic you can think of, from desktop gaming to Server farms to pornography. HTH, -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - pgpLh3K0GwuWs.pgp Description: PGP signature