Weekly Scrum IRC Log: 2011-03-29
Tagged:
08:58 <@anarcat> alright, so we're 1 minute away from the scrum, but i'll start anyways :P 08:59 <@anarcat> i'm a bit in a rush since we're going to replace a switch at the datacenter in about an hour 08:59 <@mig5> np 08:59 <@anarcat> which could affect community.a.o momentarily 08:59 <@anarcat> we had a few issues with the server 08:59 <@anarcat> it was replaced with a spare recently and we diagnosed a problem with a corrupted bios 08:59 <@anarcat> our hw provider is running more tests and we hope to get the original server back online shortly 09:00 <@anarcat> as for actual dev 09:00 <@anarcat> i have worked on provisionacl recently and got it in good shape 09:00 <@anarcat> i hope to deploy it in production here this week and get rid of our ugly sudo -u aegir kludges we were giving to workers 09:00 < Aurorus> sounds interesting anarcat 09:00 <@anarcat> so now not only can worker access modules/ files/ etc without problems, but they can run drush commands as their regular user 09:01 <@anarcat> *plus* this gives access to the regular drush aliases 09:01 <@anarcat> although there are still warnings (fixed in drush 5 and drush 4-head) 09:01 <@anarcat> i'm working on having site aliases respect drush -i 09:01 <@anarcat> i have worked a lot on the debian packages too, they are mostly ready 09:02 < Aurorus> anarcat: Are there plans to allow the deletion of sites and platforms that fail verify? 09:02 <@anarcat> provision is packaged, and there's a meta-package for hostmaster that downloads provision 09:02 <@anarcat> i also want to get the debian packages finished this week and we'll update the docs accordingly 09:02 <@anarcat> hopefully we can ship 1.0 with debian 09:02 <@anarcat> i started coordination of the rc3 release, but we have a significant blocker with d.o that refuses to release hostmaster 09:03 <@anarcat> see http://drupal.org/node/1105824 09:03 <@anarcat> for the drush issues: http://drupal.org/node/1104450 and http://drupal.org/node/957182 09:04 <@anarcat> i am going to work more on security in the coming weeks, i plan to work two weeks in a retreat in the woods with internet access :) 09:04 <@anarcat> i will make sure we don't bootstrap evil modules so that allowing access to modules and themes is secure 09:04 <@anarcat> i'd like to release rc3 tomorrow 09:05 <@anarcat> i am thinking of starting work on the d7 port and ldap integration for 2.x during the next two weeks 09:05 <@anarcat> and koumbit has done its internal roadmap and we'll be working hard on 2.x for the summer 09:05 <@anarcat> i think that's pretty much it for me! 09:05 <@mig5> nice one. you have given yourself a lot of work as usual :) 09:05 <@anarcat> i am glad to see that crazy stuff darthsteven has been doing here :) http://www.computerminds.co.uk/articles/aegir-tasks-daemon 09:05 <@anarcat> i think it should be merged in 09:06 <@anarcat> well, if anyone wants to pick up rc3 or similar things, be my guest :) 09:06 <@mig5> i read that: i think the queue thing would be good in aegir, hopefully doesn't have too many dependencies? 09:06 <@anarcat> drush especially needs a lot of love - and we'll need to work with them for aegir 2.0, which i suspect will support only drush 5 or above 09:06 <@anarcat> mig5: seems to be standalone contrib! 09:06 <@mig5> ok cool 09:06 <@anarcat> it's just a ghetto php daemon :) 09:06 <@anarcat> what Vertice didn't want :) 09:06 <@mig5> i thought it deopeneded on some obscure launchd-like OSX daemon 09:07 <@mig5> but i admit i didn't read it thoroughly 09:07 <@anarcat> darthsteven: recommends supervisor, but it's just to keep the php script alive - you could use whatever you want 09:07 <@anarcat> hey, we could even use the cronjob to restart the daemon if it fails 09:07 <@mig5> anyway: not much from me, as usual. i basically encountered some significant stability issues with the master branch, and fixed it as best as I could, though I worry i broke some of your ideas there. http://drupal.org/node/1106768 09:08 <@mig5> i found the bug while writing my aegir build test in jenkins, which was exactly what it was designed to do (although it didn't literally fail the test :) ) 09:08 <@mig5> and that's the other main thing i've been toying with (jenkins), although it's at an early stage in terms of aegir tests. 09:08 <@anarcat> cool :) 09:08 <@mig5> but i think we could use it more and more 09:08 <@anarcat> that is freakin awesome 09:08 <@anarcat> can you paste urls for that here? 09:08 <@anarcat> i'm really lazy, nevermind :) 09:09 <@mig5> sure http://jenkins.greenbeedigital.com.au:8080/job/aegir%20install/ 09:09 <@mig5> i'd like to at least give you or other developers access to that properly, so you can run tests 09:09 <@mig5> at my expense :) 09:09 <@mig5> as i figure you might catch migressions, and do me a favour 09:09 <@mig5> :) 09:10 <@anarcat> haha 09:10 <@anarcat> well, in this case the regression was mine wasn't it ;) 09:10 <@mig5> no matter 09:10 <@mig5> one other thing: 09:10 <@mig5> i'm less worried than you re: drupal.org's issues in releasing hostmaster 09:10 <@mig5> i think it would be nice 09:10 <@mig5> but it's not a blocker in my opinion 09:10 <@anarcat> ok 09:10 <@mig5> as our design works around it already 09:11 <@anarcat> ... since we depend on git 09:11 <@mig5> yeah 09:11 <@anarcat> ok 09:11 <@anarcat> but the release.sh doesn't know that :p 09:11 <@mig5> ah, true :) 09:11 <@anarcat> so i almost released a broken rc3 here :) 09:11 <@mig5> don't worry, i broke rc2 09:11 <@mig5> but i ignored it :) 09:11 <@anarcat> eh 09:11 <@anarcat> ok 09:12 <@anarcat> so if you want to break^Wrelease rc3 tomorrow, or anytime, in fact, be my guest 09:12 <@mig5> don't want to make more work for us in the release.sh though. but, i'm afraid i'm still crippled with a 'don't wait for drupal.org to catch up with us' mentality :) 09:12 <@mig5> ok 09:12 <@anarcat> that's alright 09:13 <@anarcat> alright, anyone else? 09:13 <@mig5> i'll have some time, this time tomorrow 09:13 <@anarcat> omega8cc doesn't seem to be here, so i'll talk for her a little :) 09:13 <@anarcat> she found a vhost injection vulnerability in the alias 09:13 <@mig5> oh yeah 09:13 <@anarcat> it was fixed in head and I *think* i merged in stable 09:13 <@mig5> did the security team say anything? 09:13 <@anarcat> which is why i wanted to make a release 09:13 <@anarcat> yeah 09:13 <@anarcat> no embargo, just release 09:14 <@anarcat> since it's not a stable release, it's ok 09:14 <@mig5> ok 09:14 <@anarcat> so don't tag it as a security release either, because then it gets unpublished and all the shit 09:14 <@mig5> she has some nginx batch updates in the queue as well, since we never really test those ourselves, we should probably just roll them in 09:15 <@mig5> they missed rc2 already 09:15 <@mig5> http://drupal.org/project/issues?text=&projects=hosting%2C+provision%2C+... 09:15 <@anarcat> yup 09:15 <@anarcat> a good review of the needs review patches would be good, but not mandatory 09:15 <@anarcat> too bad we got that silly security issue otherwise that would have been 1.0 :P 09:15 <@mig5> oh well. i admit i didn't read the security vulnerability properly. how was it exploitable? 09:15 <@anarcat> darthsteven: please do submit a patch for that stuff, it seems like gold 09:15 <@mig5> i spose i could find the ticket 09:16 <@anarcat> oh and i think we should fix this too: http://drupal.org/node/1108810 09:16 <@anarcat> Files in sites/example.org/private are accessible. 09:16 <@mig5> yeah 09:16 <@anarcat> this is the security issue: http://drupal.org/node/1098304 09:16 <@anarcat> i thought the private files was already done 09:16 <@mig5> i thought we could stick it in the platform vhost 09:16 <@mig5> the deny all 09:16 <@mig5> his .htaccess is probably being ignored for that reason 09:17 <@mig5> in that we don't have AllowOverride 09:17 <@anarcat> yes, the .htaccess are ignored, on purpose 09:17 <@mig5> yep 09:17 <@anarcat> okay folks, i need to go! 09:17 <@mig5> so i thought we could inject that into the template ourselves 09:17 <@mig5> sound sane? 09:17 <@mig5> ok 09:17 <@anarcat> yep 09:17 <@mig5> have fun with your switch 09:17 <@mig5> cheers 09:17 <@anarcat> hehe i will :) 09:17 <@anarcat> ciao ciao
- Print entire section
- Login or register to post comments