Monday, 2014-09-15

*** jraim_ has joined #openstack-security00:07
*** mgagne has joined #openstack-security00:08
*** mgagne is now known as Guest7273900:09
*** jraim has quit IRC00:13
*** Guest6936 has quit IRC00:13
*** jraim_ is now known as jraim00:13
*** salv-orlando has quit IRC00:14
openstackgerritDeepti Navale proposed a change to openstack/security-doc: Included info about Federated Identity
*** nini1 has joined #openstack-security01:25
*** nini1 has quit IRC01:30
*** dmccowan has quit IRC02:56
*** jraim has quit IRC05:10
*** jraim_ has joined #openstack-security05:12
*** PRabyte has joined #openstack-security05:23
*** PRabyte has left #openstack-security06:00
*** jamielennox is now known as jamielennox|away07:49
*** jamielennox|away is now known as jamielennox08:03
*** jraim_ has quit IRC08:05
*** jraim_ has joined #openstack-security08:05
*** salv-orlando has joined #openstack-security08:10
*** jamielennox is now known as jamielennox|away08:28
openstackgerritAndreas Jaeger proposed a change to openstack/security-doc: Sentence rewording CH. 41 - Hardening the Virtualization Layers
*** zlmao has joined #openstack-security08:53
*** zlmao has quit IRC10:05
openstackgerritTim Kelsey proposed a change to openstack/security-doc: Adding OSSN-0027 - Neutron ARP cache poisoning vulnerability.
*** Krast has joined #openstack-security10:34
*** Krast has quit IRC10:35
*** _amrith_ is now known as amrith11:31
*** dmccowan has joined #openstack-security12:18
*** dmccowan has quit IRC12:23
*** dmccowan has joined #openstack-security12:24
*** bknudson has quit IRC13:15
*** jamielennox|away is now known as jamielennox13:25
*** jamielennox is now known as jamielennox|away13:27
*** paulmo has joined #openstack-security13:42
*** nkinder has joined #openstack-security13:48
*** jimhoagland has joined #openstack-security13:51
*** bknudson has joined #openstack-security13:52
*** jimhoagland has quit IRC14:14
*** dmccowan has quit IRC14:19
*** tmcpeak has joined #openstack-security14:24
*** dmccowan has joined #openstack-security14:35
*** voodookid has joined #openstack-security14:35
*** gabriela has joined #openstack-security14:43
*** voodookid has quit IRC14:51
*** voodookid has joined #openstack-security14:52
*** voodookid has quit IRC14:57
*** jraim_ has quit IRC15:04
*** jraim has joined #openstack-security15:06
*** gabriela has left #openstack-security15:10
*** jimhoagland has joined #openstack-security15:11
*** jraim has quit IRC16:17
*** jraim has joined #openstack-security16:18
*** jimhoagland has quit IRC16:18
*** gabriela has joined #openstack-security16:45
*** gabriela has left #openstack-security16:46
*** bdpayne has joined #openstack-security16:53
*** ChanServ sets mode: +o bdpayne16:57
*** openstackgerrit has quit IRC18:32
*** openstackgerrit has joined #openstack-security18:32
*** ZiG has joined #openstack-security19:05
*** amrith is now known as _amrith_19:11
*** voodookid has joined #openstack-security19:26
*** voodookid has quit IRC19:28
*** voodookid has joined #openstack-security19:28
*** voodookid has quit IRC19:33
*** jraim has quit IRC20:00
*** jraim has joined #openstack-security20:00
*** tmcpeak has quit IRC20:01
*** nkinder has quit IRC20:24
*** tmcpeak has joined #openstack-security20:41
*** dmccowan has quit IRC21:07
*** nkinder has joined #openstack-security21:08
*** paulmo has quit IRC21:13
tmcpeaknkinder: tis a magic day, actually did some work *not* on master today21:24
nkindertmcpeak: woohoo!21:25
*** ZiG has quit IRC21:29
*** dmccowan has joined #openstack-security21:32
*** dmccowan_ has joined #openstack-security21:35
*** dmccowan has quit IRC21:37
*** dmccowan_ is now known as dmccowan21:37
chair6now i gotta work on that habit too..21:45
tmcpeakit's actually painful21:45
tmcpeaknow I have two branches21:45
tmcpeakat some point I need to get rid of one21:45
tmcpeakor I'm going to aggregate junk21:45
tmcpeakI'm sure I'm just doing something stupid :D21:45
chair6once you've done the pull request, you should merge back into master locally i think?21:48
chair6hmmm .. not convinced about that, nkinder would know better :)21:48
nkindertmcpeak: after it's merged, 'git branch -d <working branch>'21:49
nkindertmcpeak: if this is github, you can delete the branch in the web UI21:49
tmcpeaknkinder: it's giving me a scary warning about the branch not being fully merged21:49
nkindertmcpeak: well, has it merged?21:50
nkindertmcpeak: i.e. - has your pull request been accepted?21:50
tmcpeaknkinder: yep21:50
nkindertmcpeak: if you're running 'git branch -d', you may need to go to master and do a 'git pull' first21:50
nkindertmcpeak: that way it can see that master has the same commit hash as your branch21:51
nkindergithub is different, as it's not your master but whoever's project you cloned21:51
tmcpeaknkinder: yep, that did it21:51
tmcpeaknkinder: needed to pull to master21:51
nkindertmcpeak: either way, if you're sure the work in that branch was merged, you can ignore that scary message21:51
nkindertmcpeak: yeah, that's what it compares against21:51
tmcpeaknkinder: cool21:52
tmcpeakthere goes my best excuse for not using a branch21:52
nkindertmcpeak: 'git branch -D <branch>' is the force option21:52
nkindertmcpeak: I replied to one of your comments in the 0027 review just a bit ago21:52
tmcpeaknkinder: oh yeah, saw that21:52
nkindertmcpeak: I want to make sure I understand what you meant21:53
nkinderwere you thinking of someone using nova style config with neutron around the firewall/arp rules?21:53
tmcpeaknkinder: well my understanding is that with drivers, you basically specify what you want done and then it's up to the driver to either implement it or not21:53
nkinderfrom what I could tell, that's all abstracted away under the covers, so there isn't any user config21:53
nkindertmcpeak: yeah, I was trying to see if that is possible but it didn't look like it21:54
tmcpeakso my thought was that maybe wherever you configure networking says "block ARP spoofing" but then Neutron just quietly ignores that21:54
tmcpeaknkinder: ok cool21:54
tmcpeaknkinder: if there is no config or way to see it, no worries21:54
nkindertmcpeak: well, I'm not an expert in this area, but I didn't see anything in the installs I was looking at (or by searching the docs)21:55
tmcpeaknkinder: I was kind of hoping we could outsource the answer to a neutron guy21:55
tmcpeakdo you know any we could just add to the review?21:55
chair6hey nkinder, i haven't seen any movement on the bandit -> stackforge thing yet .. any thoughts?22:03
chair6i think it was you that said friday was when these were normally posted..22:04
nkinderchair6: there was another new repo request that didn't make it through on Friday (yet no -1's)22:04
nkinderchair6: I'm wondering if infra was swamped due to the 30+ hour gate backlog22:04
nkinderchair6: you could always jump on #openstack-infra and ask22:04
chair6ahh cool .. i'll do that22:05
*** jamielennox|away is now known as jamielennox22:11
nkinderbdpayne: would you be able to review this OSSN?
* bdpayne is behind on reviews after being out last week22:14
nkinderbdpayne: it's one +2 away from publishing, which is the only reason I'm nagging :)22:14
bdpayneno worries, should I approve if I like it then?22:14
nkinderbdpayne: yeah, it's good to go if you don't spot any problems22:16
bdpaynenkinder approved22:18
nkinderbdpayne: thanks!22:18
nkinderbdpayne: and welcome back22:18
bdpaynethanks :-)22:18
*** bknudson has quit IRC22:21
openstackgerritA change was merged to openstack/security-doc: Adding note for OSSN-0020
chair6got one +2 on, now just waiting patiently on another openstack ci core reviewer for the second..23:04
tmcpeakchair6: awesome23:23

Generated by 2.14.0 by Marius Gedminas - find it at!