Re: Report from DSA Team Sprint in Oslo
]] Filipus Klutiero Hi, Tollef Fog Heen wrote: ]] Filipus Klutiero It is concerning that we no longer receive enough hardware donations to meet our needs. I can only encourage these improvements to donations pages. Specifically, if we lack any significant hardware, let's add it tohttp://www.debian.org/misc/hardware_wanted.en.html I don't think it's particularly concerning. Relying on donated hardware rather than buying hardware ourself ties our hands with regards to what kind of hardware we end up with. By buying hardware, we get the hardware we want, at the time we want. I agree that imposing ourselves to rely exclusively on donations would be a constraint. Clearly, buying hardware ourselves gives us the optimal result in a sense, but it's also most costly, and money is one of our constraints. In my experience, when asking big companies for money for freedesktop.org, it was not particularly hard to get fairly big donations with little effort. I think there are two important points to note in that regard though: We had a concrete goal (both in terms of «we need X» and «we are going to do Y with the money») and we solicited the donations, we didn't rely on somebody coming up with the idea that maybe they would want to give money to freedesktop.org. I was not really thinking about stopping to buy hardware, but rather to increase the hardware we're donated (and if we get enough, perhaps reduce our hardware acquisitions). I imagine that lots of our hardware needs are not too specific and can be accomplished by a variety of machines. I would think donated hardware could be used to address general needs, and the needs which donations failed to cover could be bought. If somebody donates the hardware that exactly matches our specs, I don't think we're going to complain, but the servers are both fairly costly and we often have requirements such as «HP DL460c» (a HP blade server, since we have a HP blade chassis) where getting a donation of some IBM, Sun or Dell blade won't work, as we don't have the chassis and even if we're donated a chassis, getting people to host them takes a bit of work, since they're big. That example is one of the more generic ones, often we'll want it to have X amount of memory, Y CPUs of some minimum number of cores and speed and Z GB of disk space, across some number of disks or SSDs. Getting donations like that means lots of interaction with a donor and doesn't often happen. Also, the kind of «hardware donations» we already get is good pricing on the equipment we buy, which isn't really a donation as such, but still means we spend less on hardware. [...] Hardware companies from which we accept donations should find it interesting to be entitled to claim that Debian uses their machines. So I think we should first make it clear that the hardware we need most is servers. (And we need bandwidth too) Hosting and bandwidth is donated today already, and it seems like our bandwidth requirements are very low, so it's really just about rack space, power and cooling. I am curious about what share of our hardware needs come from the need to support specific architectures. Perhaps even how much money and time DSA spends on each architecture. We so far only have numbers for our services, where the cost of an extra architecture is fairly small. Sorry, what do you mean by our services? ftp-master.debian.org, packages.debian.org, lists.debian.org, etc. Basically everything but buildds and porter boxes. As for time spent, we don't track that at all. Yeah :-| Why the :-|? I see no point in asking people to track how much time they spend on DSA tasks. If somebody wants to, they're of course free to, but this is something we do for fun, not as a job. [...] So, I don't know. I'm not much aware of our budget, but it seems Wikimedia's income in money donations (around 30 million USD / year) can't be compared to ours, and that probably makes its hardware procurement a lot easier their Debian's. A less different organization might be more interesting for comparison. For reference: Their budget is multiple magnitudes bigger than our HW budget. -- Tollef Fog Heen UNIX is user friendly, it's just picky about who its friends are -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/87obr690o6@qurzaw.varnish-software.com
Re: Report from DSA Team Sprint in Oslo
On Thu, Apr 5, 2012 at 10:40 AM, dE . wrote: Maybe someone from the UK can provide a Raspberry PI. That probably wouldn't be useful. According to folks on IRC, the armhf buildds are i.MX53 QuickStart boards, they're quite a bit faster than the Pi and our armel buildd's are 1Ghz ARMV5 Marvell developer boards with 1.5G of RAM and also have native SATA, also making them faster than the Pi. -- bye, pabs http://wiki.debian.org/PaulWise -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/caktje6gmyfq0hxbvranxjrk85bzorw2wwxyw5-zd29oh+ja...@mail.gmail.com
Re: Report from DSA Team Sprint in Oslo
On Thu, Apr 05, 2012 at 03:21:11PM +0800, Paul Wise wrote: On Thu, Apr 5, 2012 at 10:40 AM, dE . wrote: Maybe someone from the UK can provide a Raspberry PI. That probably wouldn't be useful. According to folks on IRC, the armhf buildds are i.MX53 QuickStart boards, they're quite a bit faster than the Pi and our armel buildd's are 1Ghz ARMV5 Marvell developer boards with 1.5G of RAM and also have native SATA, also making them faster than the Pi. For reference, I'm in contact with the Raspberry Pi folk, who are keen to do things with Debian. If anyone wants hardware, drop me a mail! Neil -- signature.asc Description: Digital signature
Re: Report from DSA Team Sprint in Oslo
Neil McGovern ne...@debian.org writes: For reference, I'm in contact with the Raspberry Pi folk, who are keen to do things with Debian. If anyone wants hardware, drop me a mail! Are you in a position to press for hardware specification that will allow wholly free-software Debian on Raspberry Pi? My understanding is that currently the hardware requires some number of non-free firmware blobs. -- \ “The fact that I have no remedy for all the sorrows of the | `\ world is no reason for my accepting yours. It simply supports | _o__) the strong probability that yours is a fake.” —Henry L. Mencken | Ben Finney pgpyednshmbaU.pgp Description: PGP signature
Re: Report from DSA Team Sprint in Oslo
On Thu, Apr 05, 2012 at 09:19:50PM +1000, Ben Finney wrote: Neil McGovern ne...@debian.org writes: For reference, I'm in contact with the Raspberry Pi folk, who are keen to do things with Debian. If anyone wants hardware, drop me a mail! Are you in a position to press for hardware specification that will allow wholly free-software Debian on Raspberry Pi? My understanding is that currently the hardware requires some number of non-free firmware blobs. No. I can't see that happening. The core SoC is a broadcom solution, and that requires blobs to make it work. If anyone knows someone in Broadcom that can drive this forward that'd be great, but until then it's not likely to happen :( Neil -- signature.asc Description: Digital signature
Re: Re: Report from DSA Team Sprint in Oslo
Hi Tollef, ]] Filipus Klutiero Hi, Tollef Fog Heen wrote: ]] Filipus Klutiero It is concerning that we no longer receive enough hardware donations to meet our needs. I can only encourage these improvements to donations pages. Specifically, if we lack any significant hardware, let's add it tohttp://www.debian.org/misc/hardware_wanted.en.html I don't think it's particularly concerning. Relying on donated hardware rather than buying hardware ourself ties our hands with regards to what kind of hardware we end up with. By buying hardware, we get the hardware we want, at the time we want. I agree that imposing ourselves to rely exclusively on donations would be a constraint. Clearly, buying hardware ourselves gives us the optimal result in a sense, but it's also most costly, and money is one of our constraints. In my experience, when asking big companies for money for freedesktop.org, it was not particularly hard to get fairly big donations with little effort. I think there are two important points to note in that regard though: We had a concrete goal (both in terms of «we need X» and «we are going to do Y with the money») and we solicited the donations, we didn't rely on somebody coming up with the idea that maybe they would want to give money to freedesktop.org. OK. So maybe keep philanthropic support in mind, but also take a note about philomercantilism :-) I was not really thinking about stopping to buy hardware, but rather to increase the hardware we're donated (and if we get enough, perhaps reduce our hardware acquisitions). I imagine that lots of our hardware needs are not too specific and can be accomplished by a variety of machines. I would think donated hardware could be used to address general needs, and the needs which donations failed to cover could be bought. If somebody donates the hardware that exactly matches our specs, I don't think we're going to complain, but the servers are both fairly costly and we often have requirements such as «HP DL460c» (a HP blade server, since we have a HP blade chassis) where getting a donation of some IBM, Sun or Dell blade won't work, as we don't have the chassis and even if we're donated a chassis, getting people to host them takes a bit of work, since they're big. That example is one of the more generic ones, often we'll want it to have X amount of memory, Y CPUs of some minimum number of cores and speed and Z GB of disk space, across some number of disks or SSDs. Getting donations like that means lots of interaction with a donor and doesn't often happen. I don't think big hardware companies will find a server's cost problematic (assuming it delivers value). I imagine lack of memory doesn't diminish much the value we get from what we were given. However, I'm afraid an unwanted format will, indeed :-/ If we're looking for very specific hardware though, targeted campaigns probably won't work better. Unless you meant a fundraising campaign with a specific hardware goal and money target, thermometer kind of campaign. Or going to knock on the doors of companies. Also, the kind of «hardware donations» we already get is good pricing on the equipment we buy, which isn't really a donation as such, but still means we spend less on hardware. Great; thanks for sharing. [...] Hardware companies from which we accept donations should find it interesting to be entitled to claim that Debian uses their machines. So I think we should first make it clear that the hardware we need most is servers. (And we need bandwidth too) Hosting and bandwidth is donated today already, and it seems like our bandwidth requirements are very low, so it's really just about rack space, power and cooling. Great... another reason to revise the donations pages then :-) I am curious about what share of our hardware needs come from the need to support specific architectures. Perhaps even how much money and time DSA spends on each architecture. We so far only have numbers for our services, where the cost of an extra architecture is fairly small. Sorry, what do you mean by our services? ftp-master.debian.org, packages.debian.org, lists.debian.org, etc. Basically everything but buildds and porter boxes. As for time spent, we don't track that at all. Yeah :-| Why the :-|? I see no point in asking people to track how much time they spend on DSA tasks. If somebody wants to, they're of course free to, but this is something we do for fun, not as a job. Oh, sorry for the confusion. I was talking about our hardware needs in general, not just for services currently provided by DSA. I see that DSA doesn't manage many buildds and porter boxes, so it must not have much architecture-specific needs. By the way, I would also like to see more services transferred to DSA. [...] Thank you again for this report, but since there are
Re: Re: Report from DSA Team Sprint in Oslo
Thank you Tollef, Tollef Fog Heen wrote: ]] Filipus Klutiero It is concerning that we no longer receive enough hardware donations to meet our needs. I can only encourage these improvements to donations pages. Specifically, if we lack any significant hardware, let's add it tohttp://www.debian.org/misc/hardware_wanted.en.html I don't think it's particularly concerning. Relying on donated hardware rather than buying hardware ourself ties our hands with regards to what kind of hardware we end up with. By buying hardware, we get the hardware we want, at the time we want. I agree that imposing ourselves to rely exclusively on donations would be a constraint. Clearly, buying hardware ourselves gives us the optimal result in a sense, but it's also most costly, and money is one of our constraints. I was not really thinking about stopping to buy hardware, but rather to increase the hardware we're donated (and if we get enough, perhaps reduce our hardware acquisitions). I imagine that lots of our hardware needs are not too specific and can be accomplished by a variety of machines. I would think donated hardware could be used to address general needs, and the needs which donations failed to cover could be bought. Additionally, we can solicit both smaller and larger donations than the exact size of the machines we are looking for, since we can join and split donations as we wish to better match what we need. Right. Just to be clear, I'm not suggesting to stop soliciting money donations. But from this report, I get the impression that the most welcome hardware donations would be from hardware companies sponsoring Debian with new hardware. I imagine such companies have enough advertisement budgets to give at least one server. And if they really want to give more, we could offer them to give another server :-) Or to complete with a money donation. Hardware companies from which we accept donations should find it interesting to be entitled to claim that Debian uses their machines. So I think we should first make it clear that the hardware we need most is servers. (And we need bandwidth too) I am curious about what share of our hardware needs come from the need to support specific architectures. Perhaps even how much money and time DSA spends on each architecture. We so far only have numbers for our services, where the cost of an extra architecture is fairly small. Sorry, what do you mean by our services? As for time spent, we don't track that at all. Yeah :-| I figured that one non-profit with needs similar to ours was Wikimedia. And Wikimedia has thought about donations, so their strategy should be interesting. It turns out that Wikimedia doesn't really solicit hardware donations... In fact, it's more busy offering its hardware. It accepts some hardware donations though, and these seem to make a fair difference: So what is the main message of the statements? What is the big picture? The Wikimedia Foundation's financial situation is strong. Revenue has exceeded the mid-year plan. This is primarily due to another strong online fundraiser campaign, including the engagement of Global Collect as an additional payment processor that allowed us to receive donations in a greater number of local currencies. Spending is below plan due primarily to slower hiring, recruiting expenses, and the timing of the capital expenditures for servers purchase. A portion of the total planned capital expenditures will not be spent and reallocated since we received 40 donated servers from Cisco. http://upload.wikimedia.org/wikipedia/foundation/6/62/Mid_Year_Financials_FY_11-12_FAQs.pdf So, I don't know. I'm not much aware of our budget, but it seems Wikimedia's income in money donations (around 30 million USD / year) can't be compared to ours, and that probably makes its hardware procurement a lot easier their Debian's. A less different organization might be more interesting for comparison. For reference: [2012-04-04 11:43:04] chealer hi. sorry for being offtopic, but does Wikimedia sollicit hardware donations, and if so, where does it do that? [2012-04-04 11:44:45] saper chealer: I think it's the other way around: http://blog.wikimedia.org/c/hardware/ [2012-04-04 11:47:11] chealer saper: right, I saw that, which surprised me a bit. I was thinking Wikimedia could sollicit donations of new hardware from hardware companies [2012-04-04 11:47:47] chealer (and then perhaps give them away when they're out of warranty / replaced) [2012-04-04 11:47:51] chealer thanks though [2012-04-04 11:48:08] saper I don't know that [2012-04-04 11:48:16] saper I guess new hardware can be donated [2012-04-04 11:48:22] ^demon I don't think we actively seek out hardware donations. But we have accepted them from time to time. [2012-04-04 11:49:07] RobH Hiay [2012-04-04 11:49:10] RobH hiya even [2012-04-04 11:49:45] RobH chealer: We do accept donations of new hardware, as long as
Re: Report from DSA Team Sprint in Oslo
On 04/02/12 22:59, Filipus Klutiero wrote: Thanks for this report Luca. Thanks to the whole DSA for having this meeting, and for your tremendous work in general. Luca Filipozzi wrote: Historically, Debian's hardware requirements have been met through the generous donation of new and used equipment by individuals and organizations. This is no longer true and the consequence of this is that we must find alternate means by which to refresh our infrastructure. This is becoming an acute issue as the majority of our machines are now very old and long out of warranty; they are sometimes quite constrained and/or are starting to fail. We have developed a Five Year Plan [1] whereby all service-hosting hardware should be under warranty at any given time. As part of this, we are planning a five year refresh cycle and the goal is then for no hardware to be more than five years old. Although our work on the Five Year Plan has focussed on hardware hosting services such as ftp-master, lists, wiki, etc., the Debian Project Leader has asked us to augment the Plan to address buildd/porter hardware. That said, an ongoing concern for DSA is our ability to source hardware for our various architectures. We will work with the various teams to identify commercial sources for hardware and to define the supportability of the various architectures. The Debian System Administration team is keen to ensure that we can maintain the Project's ability to target our operating system for various architectures. This means understanding and mitigating the risk presented by un-sourceable architectures. A clear outcome of our work on the Five Year Plan is an understanding that hardware has now become one of the biggest expense categories for Debian. If we are to be successful in implementing a five-year refresh cycle, we will need improve our philanthropic support. We need to revamp and probably merge our sponsorship and donations pages. We need to support both targeted campaigns addressing specific goals (a particular piece of hardware, say) as well as annual giving. We need to provide donors with visibility into how we have used funds donated to date and with information regarding our future needs. We propose that Debian requires something like the FreeBSD Foundation's sponsorship page [2] and we are prepared to take a significant role in addressing this requirement. It is concerning that we no longer receive enough hardware donations to meet our needs. I can only encourage these improvements to donations pages. Specifically, if we lack any significant hardware, let's add it to http://www.debian.org/misc/hardware_wanted.en.html I am curious about what share of our hardware needs come from the need to support specific architectures. Perhaps even how much money and time DSA spends on each architecture. http://db.debian.org/machines.cgi is now huge. I'm enjoying very much the Status column's current discretion :-) Maybe someone from the UK can provide a Raspberry PI. -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4f7d0624.2020...@gmail.com
Re: Report from DSA Team Sprint in Oslo
On sam., 2012-03-31 at 15:54 -0700, Russ Allbery wrote: That way, US Debian Developers could ignore the whole export control issue because they were uploading it to a host still in the US and the project handled the notification automatically on their behalf when the packages went to our world-wide mirrors. By the way, what about people outside of US with their respective export control issues? Regards, -- Yves-Alexis signature.asc Description: This is a digitally signed message part
Re: Report from DSA Team Sprint in Oslo
Thanks for this report Luca. Thanks to the whole DSA for having this meeting, and for your tremendous work in general. Luca Filipozzi wrote: Historically, Debian's hardware requirements have been met through the generous donation of new and used equipment by individuals and organizations. This is no longer true and the consequence of this is that we must find alternate means by which to refresh our infrastructure. This is becoming an acute issue as the majority of our machines are now very old and long out of warranty; they are sometimes quite constrained and/or are starting to fail. We have developed a Five Year Plan [1] whereby all service-hosting hardware should be under warranty at any given time. As part of this, we are planning a five year refresh cycle and the goal is then for no hardware to be more than five years old. Although our work on the Five Year Plan has focussed on hardware hosting services such as ftp-master, lists, wiki, etc., the Debian Project Leader has asked us to augment the Plan to address buildd/porter hardware. That said, an ongoing concern for DSA is our ability to source hardware for our various architectures. We will work with the various teams to identify commercial sources for hardware and to define the supportability of the various architectures. The Debian System Administration team is keen to ensure that we can maintain the Project's ability to target our operating system for various architectures. This means understanding and mitigating the risk presented by un-sourceable architectures. A clear outcome of our work on the Five Year Plan is an understanding that hardware has now become one of the biggest expense categories for Debian. If we are to be successful in implementing a five-year refresh cycle, we will need improve our philanthropic support. We need to revamp and probably merge our sponsorship and donations pages. We need to support both targeted campaigns addressing specific goals (a particular piece of hardware, say) as well as annual giving. We need to provide donors with visibility into how we have used funds donated to date and with information regarding our future needs. We propose that Debian requires something like the FreeBSD Foundation's sponsorship page [2] and we are prepared to take a significant role in addressing this requirement. It is concerning that we no longer receive enough hardware donations to meet our needs. I can only encourage these improvements to donations pages. Specifically, if we lack any significant hardware, let's add it to http://www.debian.org/misc/hardware_wanted.en.html I am curious about what share of our hardware needs come from the need to support specific architectures. Perhaps even how much money and time DSA spends on each architecture. http://db.debian.org/machines.cgi is now huge. I'm enjoying very much the Status column's current discretion :-) -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4f79e1e7.30...@gmail.com
Re: Report from DSA Team Sprint in Oslo
]] Filipus Klutiero It is concerning that we no longer receive enough hardware donations to meet our needs. I can only encourage these improvements to donations pages. Specifically, if we lack any significant hardware, let's add it to http://www.debian.org/misc/hardware_wanted.en.html I don't think it's particularly concerning. Relying on donated hardware rather than buying hardware ourself ties our hands with regards to what kind of hardware we end up with. By buying hardware, we get the hardware we want, at the time we want. Additionally, we can solicit both smaller and larger donations than the exact size of the machines we are looking for, since we can join and split donations as we wish to better match what we need. I am curious about what share of our hardware needs come from the need to support specific architectures. Perhaps even how much money and time DSA spends on each architecture. We so far only have numbers for our services, where the cost of an extra architecture is fairly small. As for time spent, we don't track that at all. -- Tollef Fog Heen UNIX is user friendly, it's just picky about who its friends are -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/87bon9al1t@qurzaw.varnish-software.com
Re: Report from DSA Team Sprint in Oslo
On 12803 March 1977, Russ Allbery wrote: I think some of this has since gotten simpler and I heard some rumors that the US was giving up on even the notification requirement for export of open source software, but I haven't been following the details closely. We don't send the notices to them anymore, but we store them all, so/as they could come and ask for them all. And technically it would need to be just the NEW queue in the US, but thats not entirely easy to do. -- bye, Joerg [...] when an Idea and a developer get laid, code awakes to the world, then a Debian package is made and pulled in the unstable distribution[...] -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/87k41z1ot4@gkar.ganneff.de
Re: Report from DSA Team Sprint in Oslo
I'm curious why ftp-master needs to be hosted in the US. (please CC me) -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CAA77j2A29k=gt5yez109extvzzv1nnt730bp6u9rgjnkfzh...@mail.gmail.com
Re: Report from DSA Team Sprint in Oslo
Tshepang Lekhonkhobe tshep...@gmail.com writes: I'm curious why ftp-master needs to be hosted in the US. (please CC me) Historically, the US has obnoxious export control restrictions which, due to a lawsuit by Dan Bernstein, were forced into being partially waived for open source software on free speech grounds. But only partially waived; it was still necessary to notify the US government of every export of open source software from the US that may contain crypto code. Thankfully, though, the way in which that notification had to be done was suitable for automation. ftp-master was therefore located in the US because we took advantage of the NEW chokepoint to submit the required automated notification to the US government of a new piece of software that was being exported. That way, US Debian Developers could ignore the whole export control issue because they were uploading it to a host still in the US and the project handled the notification automatically on their behalf when the packages went to our world-wide mirrors. I think some of this has since gotten simpler and I heard some rumors that the US was giving up on even the notification requirement for export of open source software, but I haven't been following the details closely. -- Russ Allbery (r...@debian.org) http://www.eyrie.org/~eagle/ -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/87obrc1ivm@windlord.stanford.edu
Re: Report from DSA Team Sprint in Oslo
Thanks for the explanation; makes me curious how other distros/projects handle this? -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CAA77j2BoJ0oYsiHGYXeZLh-vpUGshihqcK=y7qr-n4u7zrr...@mail.gmail.com
Re: Report from DSA Team Sprint in Oslo
On Tue, Mar 27, 2012 at 04:40:47PM +0200, Tollef Fog Heen wrote:
It'll be of the form of a mail, once a year where you put an X next to
the group memberships you'd like to keep and send it back, gpg-signed,
or similar, so I don't really think we'll bother with differentiating
between dangerous and innocent groups.
Ooooh, interesting, that is a welcome change. Thanks for working on it!
--
Stefano Zacchiroli zack@{upsilon.cc,pps.jussieu.fr,debian.org} . o .
Maître de conférences .. http://upsilon.cc/zack .. . . o
Debian Project Leader... @zack on identi.ca ...o o o
« the first rule of tautology club is the first rule of tautology club »
signature.asc
Description: Digital signature
Re: Report from DSA Team Sprint in Oslo
]] Thijs Kinkhorst The collab-maint repository has been available to all DD's for a long while. We've been trying to get the secure-testing repository writable for all DD's, unfortunately the Alioth admins didn't have time to respond to that request yet, but the wish is certainly there. I thought Roland fixed that recently? If not, can you please try again and see if it works now? Thanks, -- Tollef Fog Heen UNIX is user friendly, it's just picky about who its friends are -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/87fwcu85xc@qurzaw.varnish-software.com
Re: Report from DSA Team Sprint in Oslo
]] Thijs Kinkhorst So I would advise to only make an effort to 'clean up' groups that have sufficiently 'dangerous' consequences attached to them. It'll be of the form of a mail, once a year where you put an X next to the group memberships you'd like to keep and send it back, gpg-signed, or similar, so I don't really think we'll bother with differentiating between dangerous and innocent groups. -- Tollef Fog Heen UNIX is user friendly, it's just picky about who its friends are -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/87boni85u8@qurzaw.varnish-software.com
Re: Report from DSA Team Sprint in Oslo
NB CCing SPI treasurer as a contact listed on the donations page (haven't spotted any point of contact on Debian's donation page) for possible comments On Thu, 22 Mar 2012, Stefano Zacchiroli wrote: On Wed, Mar 21, 2012 at 05:34:27PM -0400, Yaroslav Halchenko wrote: - automated regular (e.g. monthly) donations via paypal (e.g. how http://accessiblecomputingfoundation.org does it) That is already possible (although I'm not sure about the paypal part): when donating to SPI via clickandpledge, one could choose to split his donation in monthly batches. Given I'm well aware this feature is largely unknown (although some donors *do* use it), I encourage proposing patches to http://www.debian.org/donations to better advertise it. Decided to have a look finally (sorry -- never donated money to Debian myself yet) -- and as a new-comer I see multiple problems with Debian donation system as we have it ATM (some of the following items might not be easily fixable since need to be addressed by 3rd party clickandpledge.com). The quick summary -- donating to Debian is NOT AS SIMPLE AS IT COULD BE... and simplicity and accessibility was the point of my suggestion to make donations, of different caliber, easy for anyone. ATM to donate * I do need to spend some time to read/go through a few pages (debian donations, SPI donations - clickandpledge...) to get finally to the point where I could possibly donate my money... the whole path is probably around 6/7 web pages or so (if everything goes smooth), requires me to enter all my credentials, credit card # ... We should aim to reduce the burden and make it much easier by allowing to use payment providers which already might have users credentials so they might not even need to re-login to them at that point; e.g. paypal, amazon, ... * Debian is one (thanks that it starts with D so it is high enough in the list) among others on https://co.clickandpledge.com/advanced/default.aspx?wid=34115 There must be a dedicated page to avoid any possible confusion, avoid clicking through 1 more page. I understand it is useful in general to expose all those other projects under SPI, but imho it hurts Debian in this regard * A $40.00 minimum is needed for the recurring payment option doesn't sound appealing to me and ruins the whole idea of regular micro donations. I would not mind giving a project I like/use a cost of a coffee regularly each month, but I would think a bit longer if it equals my monthly charge for the broadband (just giving typical analogies) it might all be due to high credit-card transaction costs, but * Please do not attempt to donate to SPI via PayPal or a similar service. stated on the lengthy http://www.spi-inc.org/donations/ We should be able to allow donations via PayPal or a similar service with a direct link available on our (Debian) donations page or is there some showstopper I am not aware of? * also as long as I entered that unacceptably low donation this annoying dialog box with A $40.00 min... hunts me -- I can't go back to adjust amount, I am just doomed to close that tab and go back to starting url there manually or from http://www.debian.org/donations needs to be fixed on clickandpledge.com side I guess * blank Terms Conditions on checkout page is kinda confusing -- better not be there at all if nothing to say * not sure if intended to be like that (limit in length) or just a typo I understand that this charge will appear as Software in the PublicI on my credit card statement. -- =--= Keep in touch www.onerussian.com Yaroslav Halchenko www.ohloh.net/accounts/yarikoptic -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120322141851.gu22...@onerussian.com
Re: Report from DSA Team Sprint in Oslo
On Thu, Mar 22, 2012 at 10:18:51AM -0400, Yaroslav Halchenko wrote:
The quick summary -- donating to Debian is NOT AS SIMPLE AS IT COULD
BE... and simplicity and accessibility was the point of my
suggestion to make donations, of different caliber, easy for anyone.
Yes. I completely agree. Thanks a lot for your thorough review, it is
quite helpful.
But.
You won't change that by discussing the issue on a Debian Project
mailing list. Mailing the (generally very busy) SPI treasurer is a bit
better, but won't fix the issues either. Debian Project members who want
to help me fixing this have basically two options.
1) set up an organization $somwehere which makes as easy as you please
donating to Debian. Then convince the DPL that the organization is
efficient in dealing with money and get it enrolled as a Trusted
Organization.
2) get involved into SPI (which means a little more than mailing the SPI
treasurer) and makes the changes happen there.
Don't get me wrong and let me repeat: your review is much appreciated.
But I've grown weary of threads where we discuss how nice it would be
if SPI --- or another $trusted_organization FWIW --- would do this and
that for us.
SPI is a volunteer organization. Currently it offers us a specific set
of services. If we want different / better services we can ask (and we
have asked, or at least I have asked). But ultimately, as in many
volunteer organizations, the only sure way to make things change is to
make the change yourself. It's easy, just join SPI mailing lists,
discuss changes there, ... and volunteer to implement them. The SPI
board is full of nice people (a lot of them are Debian people, BTW)
ready to listen and, as it happens in every volunteer organization, in
need of help.
Oh, and let me conclude with another reason why mail like yours are very
helpful. It increase the awareness of how important Trusted Organization
are for Debian. I've beaten that drum repeatedly in the past 2 years,
with little success. I hope it will be even more effectively if others
join me ... or, better, join $trusted_organization :-)
Cheers.
--
Stefano Zacchiroli zack@{upsilon.cc,pps.jussieu.fr,debian.org} . o .
Maître de conférences .. http://upsilon.cc/zack .. . . o
Debian Project Leader... @zack on identi.ca ...o o o
« the first rule of tautology club is the first rule of tautology club »
signature.asc
Description: Digital signature
Re: Report from DSA Team Sprint in Oslo
On Tue, March 20, 2012 09:06, Tollef Fog Heen wrote: Shouldn't the various teams handling the group take care of managing them? Do they currently fail at that? I think we can say that yes, they generally fail at asking for people to be removed from groups. I'm still a member of webwml even though I don't think I've committed anything there since 2007 or so. I'm also apparently a qa member, though I can't even remember asking to be put in the group. :-) You may want do consider the extra 'powers' membership of specific groups brings. For example, I've hardly revoked any group membership in the past that serves to give commit access to a repository. Afterall, commit access is usually hardly dangerous: impact is small and inappropriate ones are easily reverted; and it usually helps everyone if someone can make a quick fix for something they ran into because they still have access. So I would advise to only make an effort to 'clean up' groups that have sufficiently 'dangerous' consequences attached to them. Cheers, Thijs -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/ea010f314e95dbb3d2dc24800b910567.squir...@wm.kinkhorst.nl
Re: Report from DSA Team Sprint in Oslo
On Wed, Mar 21, 2012 at 10:07:30AM +0100, Thijs Kinkhorst wrote: So I would advise to only make an effort to 'clean up' groups that have sufficiently 'dangerous' consequences attached to them. Then logically it would follow that the ones that don't should be gid 800 instead. -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120321121618.ga18...@scru.org
Re: Report from DSA Team Sprint in Oslo
On Wed, March 21, 2012 13:16, Clint Adams wrote: On Wed, Mar 21, 2012 at 10:07:30AM +0100, Thijs Kinkhorst wrote: So I would advise to only make an effort to 'clean up' groups that have sufficiently 'dangerous' consequences attached to them. Then logically it would follow that the ones that don't should be gid 800 instead. In some situations I'm talking about there was a slight advantage that upon ingress you could verify that prospective committers were aware of basic procedure. But this is indeed only a minor advantage and a case for gid 800 (or equivalent solutions) could certainly be made for anything that's easily reversible; and we can expect DD's not to go on a commit rampage that takes a lot of time to revert. The collab-maint repository has been available to all DD's for a long while. We've been trying to get the secure-testing repository writable for all DD's, unfortunately the Alioth admins didn't have time to respond to that request yet, but the wish is certainly there. Cheers, Thijs -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/b34ca52824cf986d67e3cec47587bdf3.squir...@wm.kinkhorst.nl
Re: Report from DSA Team Sprint in Oslo
On Wed, Mar 21, 2012 at 12:06:56AM +0100, Arno Töll wrote:
Having that said, I wonder if we should discuss the possibility to
pre-configure browser's search engines in order to provide Debian some
income by referrals.
I don't think that's a bad thing and doable without much effort but
with a noticeable (huge?) gain virtually for free.
Coincidentally, I've been discussing for the past 10 days with a search
engine company that is interested in donating to Debian part of their
incomes that coming from Debian users. I plan to launch a separate
thread on -project on the subject, but it is pointless to do so before
we're sure that we can actually receive the donations (in terms of
bureaucratic requirements and cadence). I'm currently waiting for
feedback on this specific point from SPI. As soon as that aspect is
clarified, you'll hear back from me on this list, in more details.
Cheers.
--
Stefano Zacchiroli zack@{upsilon.cc,pps.jussieu.fr,debian.org} . o .
Maître de conférences .. http://upsilon.cc/zack .. . . o
Debian Project Leader... @zack on identi.ca ...o o o
« the first rule of tautology club is the first rule of tautology club »
signature.asc
Description: Digital signature
Re: Report from DSA Team Sprint in Oslo
regarding donations: I am wondering -- is there significant additional bureaucratic/infrastructural burden of adding additional relatively easy to engage into lines for micro-donations, e.g. - automated regular (e.g. monthly) donations via paypal (e.g. how http://accessiblecomputingfoundation.org does it) - Android market App (could be just for donations or actually ship Debian background/theme) Quite a few *Debian booth visitors ask on how to donate and we direct them to the website etc... I bet many forget/nevermind to mess with it later, so wouldn't it be nice just to carry qr-code's for paypal and Android Play Store so donating for them would be as easy as to point camera to it right on the spot... ? On Wed, 21 Mar 2012, Stefano Zacchiroli wrote: On Wed, Mar 21, 2012 at 12:06:56AM +0100, Arno Töll wrote: Having that said, I wonder if we should discuss the possibility to pre-configure browser's search engines in order to provide Debian some income by referrals. I don't think that's a bad thing and doable without much effort but with a noticeable (huge?) gain virtually for free. Coincidentally, I've been discussing for the past 10 days with a search engine company that is interested in donating to Debian part of their incomes that coming from Debian users. I plan to launch a separate thread on -project on the subject, but it is pointless to do so before we're sure that we can actually receive the donations (in terms of bureaucratic requirements and cadence). I'm currently waiting for feedback on this specific point from SPI. As soon as that aspect is clarified, you'll hear back from me on this list, in more details. Cheers. -- =--= Keep in touch www.onerussian.com Yaroslav Halchenko www.ohloh.net/accounts/yarikoptic -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120321213427.go22...@onerussian.com
Re: Report from DSA Team Sprint in Oslo
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, On 20.03.2012 02:23, Luca Filipozzi wrote: [,.] If we are to be successful in implementing a five-year refresh cycle, we will need improve our philanthropic support. We need to revamp and probably merge our sponsorship and donations pages. We need to support both targeted campaigns addressing specific goals (a particular piece of hardware, say) as well as annual giving. We need to provide donors with visibility into how we have used funds donated to date and with information regarding our future needs. Well said. I think that's a very good idea and basically in line with my suggestions from [1] to make Debian more attractive to sponsors. Having that said, I wonder if we should discuss the possibility to pre-configure browser's search engines in order to provide Debian some income by referrals. I don't think that's a bad thing and doable without much effort but with a noticeable (huge?) gain virtually for free. [1] 4f5e62bd.9060...@toell.net - -- with kind regards, Arno Töll IRC: daemonkeeper on Freenode/OFTC GnuPG Key-ID: 0x9D80F36D -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJPaQ2QAAoJEMcrUe6dgPNtE1cP/iYM5QIdF2ZdloUay4DBmJPb OedbtkYttqcMdUMN54yP4h44Vx4JvNZoIaNnuiVYOv0KGzgtzOS2aCIBbnxA/B36 My72Elgtmlo3CgkNnhJdGErVNP6QvsSFcolcT2Qf3CyT9zGZML8Tfzmg9VgJqDs/ RfEXxBwdPUaYxrlDVSEiHB02gxl0cX/q8ZZIXhGdxUMcYVzhvrpibEARxVjKH6BN I6KBX5rwRx2dwMR6Pb0t9uqdljZj2tWxL0NA6qFJ/lqogVqZzTP9scLJXXnWaCb7 UZPRwB9VsNwceEmX9raU9uithaDGX6BjgVp8a027KNYdZm+pPkJPx1dTfI/0ekft vHn8DSU/YwoKnBGBHnsru4L+fDOOJWJysQFCTAcmkAc90cm12k71RzpcICD5fHRn e2gteF3Sot+IyUaP8L/QkeY38ZU7MMFCdsvB77wuKwfBcZaIBVKJa60tdED91s2Q J5fngePHePGo6iwcFNuNBN51RI6ZvXbsOFQCoxF/Yf/xSjiYQNsyqvZyOh/kEpsh rQw3y8gmWRq1xfEp2aGNYtddq3mhEnSud3blPYgBvQvyx8k7t193sGOfFcr2jZK6 ssepkZoXX1pINYMI+TZsnKyn+N0E1RtFpzh3ypk+lIB/c7gy6EcKCLAG46LP6lrP yO9XjB8HiCvUC+/KlYdf =NaJu -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4f690d90.5000...@toell.net
Re: Report from DSA Team Sprint in Oslo
* Tollef Fog Heen tfh...@err.no [2012-03-20 09:06:50 CET]: ]] Yves-Alexis Perez So that means something like a signed mail based “shell-knocking”? DD would need to send a gpg-signed mail to (re)enable a shell on a chosen machine before he can use it? That's one possible way, we might also make it available on the LDAP update web form. The exact details have not been worked out. Actually I would hope for both ways. Some people don't carry around their GPG key (for good reasons) but change the ldap password (regularly) to be able to update stuff when needed. I guess both approaches would be useful for this specific case. And thanks for working on that -- I remember hearing from various people asking to disable their shell accounts over the years (especially in the discussions after the break-in back then ...), so it's nice to see this finally happening. :) Shouldn't the various teams handling the group take care of managing them? Do they currently fail at that? I think we can say that yes, they generally fail at asking for people to be removed from groups. I'm still a member of webwml even though I don't think I've committed anything there since 2007 or so. I'm also apparently a qa member, though I can't even remember asking to be put in the group. :-) Speaking of webwml, we probably will suspend people who don't respond to our relicensing questionaire for a start. ;) Thanks, Rhonda -- Fühlst du dich mutlos, fass endlich Mut, los | Fühlst du dich hilflos, geh raus und hilf, los| Wir sind Helden Fühlst du dich machtlos, geh raus und mach, los | 23.55: Alles auf Anfang Fühlst du dich haltlos, such Halt und lass los| -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120320233130.ga13...@anguilla.debian.or.at
Report from DSA Team Sprint in Oslo
Comrades! We just finished a very productive Debian System Administration team sprint in Oslo, Norway. Five of the six current DSA members were present. We would like to thank Varnish Software for hosting us and providing food and drink. In addition, our thanks to the many donors [0] whose contributions have permitted the project to subsidize transportation and lodging. The goals of the meeting were to develop a long term plan for Debian's infrastructure, to review the current set of machines we maintain and the services we provide, and to formulate some policies and procedures regarding account and group management. In addition, we took the opportunity to coordinate issues which have been outstanding for a long time. This was the first time some of us met in person. [0]: http://www.debian.org/donations Hardware Sponsorships === Historically, Debian's hardware requirements have been met through the generous donation of new and used equipment by individuals and organizations. This is no longer true and the consequence of this is that we must find alternate means by which to refresh our infrastructure. This is becoming an acute issue as the majority of our machines are now very old and long out of warranty; they are sometimes quite constrained and/or are starting to fail. We have developed a Five Year Plan [1] whereby all service-hosting hardware should be under warranty at any given time. As part of this, we are planning a five year refresh cycle and the goal is then for no hardware to be more than five years old. Although our work on the Five Year Plan has focussed on hardware hosting services such as ftp-master, lists, wiki, etc., the Debian Project Leader has asked us to augment the Plan to address buildd/porter hardware. That said, an ongoing concern for DSA is our ability to source hardware for our various architectures. We will work with the various teams to identify commercial sources for hardware and to define the supportability of the various architectures. The Debian System Administration team is keen to ensure that we can maintain the Project's ability to target our operating system for various architectures. This means understanding and mitigating the risk presented by un-sourceable architectures. A clear outcome of our work on the Five Year Plan is an understanding that hardware has now become one of the biggest expense categories for Debian. If we are to be successful in implementing a five-year refresh cycle, we will need improve our philanthropic support. We need to revamp and probably merge our sponsorship and donations pages. We need to support both targeted campaigns addressing specific goals (a particular piece of hardware, say) as well as annual giving. We need to provide donors with visibility into how we have used funds donated to date and with information regarding our future needs. We propose that Debian requires something like the FreeBSD Foundation's sponsorship page [2] and we are prepared to take a significant role in addressing this requirement. [1]: http://en.wikipedia.org/wiki/Five-Year_Plans_for_the_National_Economy_of_the_Soviet_Union [2]: http://freebsdfoundation.org/donate/sponsors.shtml Hosting Virtualization In terms of hosting, Debian has been fortunate to have had the ability to host equipment with many different partners. At times, we have had hardware at more than 50 different locations! In recent years, we have started to reduce the number of locations, concentrating our equipment with a smaller set of hosting partners. Virtualization has come of age and we want to move most services into virtual machines, thus reducing the overall count of physical machines. VMs are easier to move between physical hosts and give us service separation without too much administrative or computational overhead. Another advantage of virtualization is it makes it easier to increase the availability of services. However, we recognize that there are services that will continue to need dedicated hardware due to resource requirements and, as such, we will not be able to move everything into VMs. Therefore, we will continue our consolidation efforts, focusing on 3-5 hosting locations. Some services have specific requirements as to where they can or should be hosted and we will, of course, consider such requirements when making any plans or decisions. For instance, ftp-master currently needs to be hosted in the US. As we further build out our VM infrastructure, we will attempt to address requests for new 'machines' through the deployment of a virtual machine rather than dedicated hardware. Service Changes === CDN: There are quite a few services which essentially provide static content but which are currently either not mirrored or mirrored on their own special mirror network. Examples include planet.d.o and www.d.o. We would like to consolidate this into what is essentially a Debian
