Tuesday, 2015-09-01

*** sdake_ has joined #openstack-security		00:08
*** sdake has quit IRC		00:11
*** sdake has joined #openstack-security		00:18
*** sdake_ has quit IRC		00:21
*** sdake_ has joined #openstack-security		00:48
*** sdake__ has joined #openstack-security		00:50
*** sdake has quit IRC		00:50
*** sdake_ has quit IRC		00:53
*** daniela has joined #openstack-security		00:53
daniela	hola	00:53
*** daniela has left #openstack-security		00:53
*** sdake__ is now known as sdake		00:54
*** daniela has joined #openstack-security		00:54
*** daniela has left #openstack-security		00:55
*** sigmavirus24_awa is now known as sigmavirus24		01:00
*** daniela has joined #openstack-security		01:02
*** daniela has left #openstack-security		01:03
*** daniela has joined #openstack-security		01:04
*** dave-mccowan has quit IRC		01:04
*** daniela has left #openstack-security		01:18
*** bknudson has quit IRC		02:24
*** daniela has joined #openstack-security		03:13
daniela	hola	03:14
*** daniela has left #openstack-security		03:15
*** elo1 has joined #openstack-security		03:34
*** timkennedy1 has joined #openstack-security		03:47
*** timkennedy has quit IRC		03:47
*** sigmavirus24 has quit IRC		03:48
*** sigmavirus24 has joined #openstack-security		03:52
*** sigmavirus24 is now known as sigmavirus24_awa		03:59
*** markvoelker has joined #openstack-security		04:00
*** markvoelker_ has joined #openstack-security		04:02
*** markvoelker has quit IRC		04:04
*** elo1 has quit IRC		04:08
*** ccneill has joined #openstack-security		04:41
*** ccneill has quit IRC		04:50
*** jhfeng has joined #openstack-security		05:01
*** alex_klimov has joined #openstack-security		05:17
*** alex_klimov has quit IRC		05:26
*** markvoelker_ has quit IRC		05:53
*** sdake_ has joined #openstack-security		06:05
*** sdake has quit IRC		06:08
*** sdake has joined #openstack-security		06:13
*** sdake_ has quit IRC		06:15
openstackgerrit	Stanislaw Pitucha proposed openstack/anchor: Add documentation for validators https://review.openstack.org/219152	06:21
*** shohel has joined #openstack-security		06:25
openstackgerrit	Stanislaw Pitucha proposed openstack/anchor: Add OID support to extensions validator https://review.openstack.org/219158	06:44
*** b10n1k_ has quit IRC		06:46
*** alex_klimov has joined #openstack-security		07:02
*** alex_klimov has quit IRC		07:10
openstackgerrit	OpenStack Proposal Bot proposed openstack/security-doc: Updated from openstack-manuals https://review.openstack.org/218555	07:15
*** alex_klimov has joined #openstack-security		07:56
*** shohel has quit IRC		08:18
*** shohel has joined #openstack-security		08:24
*** shohel has quit IRC		09:00
*** el8 has joined #openstack-security		09:03
*** el8 has left #openstack-security		09:04
*** quie has joined #openstack-security		09:26
*** quie has quit IRC		09:31
*** dave-mccowan has joined #openstack-security		10:06
*** shohel has joined #openstack-security		10:42
*** h00327910__ has quit IRC		10:43
*** shohel has quit IRC		11:05
*** alex_klimov has quit IRC		11:17
*** flow has joined #openstack-security		11:39
*** flow has quit IRC		11:40
*** alex_klimov has joined #openstack-security		11:51
*** salv-orlando has quit IRC		12:14
*** salv-orlando has joined #openstack-security		12:22
*** salv-orl_ has joined #openstack-security		12:23
*** salv-orlando has quit IRC		12:26
*** salv-orlando has joined #openstack-security		12:33
*** salv-orl_ has quit IRC		12:37
*** sigmavirus24_awa is now known as sigmavirus24		12:51
*** salv-orlando has quit IRC		13:04
*** sdake has quit IRC		13:17
*** sdake has joined #openstack-security		13:21
*** sigmavirus24 is now known as sigmavirus24_awa		13:24
*** jhfeng has quit IRC		13:31
*** sigmavirus24_awa is now known as sigmavirus24		13:39
*** edmondsw has joined #openstack-security		13:47
*** zul has quit IRC		13:56
*** alex_klimov has quit IRC		13:56
*** zul has joined #openstack-security		13:56
*** shohel has joined #openstack-security		13:59
*** yaya has joined #openstack-security		14:04
*** quie has joined #openstack-security		14:09
*** jmckind has joined #openstack-security		14:11
*** jhfeng has joined #openstack-security		14:11
*** shohel has quit IRC		14:13
*** dave-mccowan has quit IRC		14:13
*** shohel has joined #openstack-security		14:19
*** alex_klimov has joined #openstack-security		14:23
*** alejandrito has joined #openstack-security		14:26
*** alex_klimov has quit IRC		14:27
*** alex_klimov has joined #openstack-security		14:28
*** dave-mccowan has joined #openstack-security		14:28
*** voodookid has joined #openstack-security		14:39
*** shohel has quit IRC		14:51
*** dave-mccowan has quit IRC		14:51
*** sdake_ has joined #openstack-security		14:53
*** sdake has quit IRC		14:58
*** dave-mccowan has joined #openstack-security		14:58
*** yaya has quit IRC		14:58
*** bknudson has joined #openstack-security		14:59
*** daemontool_ has quit IRC		15:01
*** sdake_ is now known as sdake		15:06
*** dwyde has joined #openstack-security		15:08
*** ccneill has joined #openstack-security		15:11
*** salv-orlando has joined #openstack-security		15:13
*** yuanying has quit IRC		15:13
*** salv-orlando has quit IRC		15:18
*** salv-orlando has joined #openstack-security		15:19
*** quie has quit IRC		15:24
*** salv-orlando has quit IRC		15:26
*** yuanying has joined #openstack-security		15:30
*** jmckind has quit IRC		15:31
*** jmckind has joined #openstack-security		15:34
*** salv-orlando has joined #openstack-security		15:38
*** tmcpeak has joined #openstack-security		15:41
tmcpeak	sigmavirus24: around?	15:49
bknudson	when do we start?	15:50
tmcpeak	we're in here already bknudson	15:50
tmcpeak	you here?	15:50
tmcpeak	we start at 9 though	15:50
bknudson	tmcpeak: I'll head over.	15:50
tmcpeak	cool, see you in a bit	15:50
*** bknudson has quit IRC		15:50
*** sicarie has joined #openstack-security		15:55
*** austin987 has quit IRC		15:56
*** jian5397 has joined #openstack-security		15:58
sicarie	elmiko: ping	16:03
*** jmckind has quit IRC		16:03
*** sicarie has quit IRC		16:05
*** sdake_ has joined #openstack-security		16:05
*** hyakuhei has joined #openstack-security		16:05
sigmavirus24	tmcpeak: I am no	16:06
sigmavirus24	*now	16:06
*** sicarie has joined #openstack-security		16:06
tmcpeak	sigmavirus24: I'm confused about what he's saying we're doing wrong here	16:06
*** bknudson has joined #openstack-security		16:06
*** tkelsey has joined #openstack-security		16:06
tmcpeak	I'm ignorant on packaging :(	16:06
jian5397	pong	16:06
*** browne has joined #openstack-security		16:06
sigmavirus24	tmcpeak: so we have in setup.cfg a section that says `data_files =\n\tetc/bandit = bandit/config/bandit.yaml`	16:07
sigmavirus24	right?	16:07
sigmavirus24	or something like that roughly	16:07
tmcpeak	yep	16:07
sigmavirus24	So if you build a wheel and install it globally that makes /usr/local/etc/bandit/bandit.yaml	16:07
sigmavirus24	He's arguing that we're trying to replace him by making packaging decisions for config files	16:07
tmcpeak	yeah, that seems reasonable	16:07
sigmavirus24	He wants us to stop doing that	16:07
sigmavirus24	The gentoo package maintainer is already doing the right thing with this	16:08
tmcpeak	where does he want us to put it? you're installing something globally, seems like it should go there	16:08
sigmavirus24	In fact, the gentoo package maintainer says we're doing the right thing	16:08
sigmavirus24	tmcpeak: right, he wants us to not install a config file	16:08
sigmavirus24	at all	16:08
browne	i think data files are usually installed by the packager	16:08
sigmavirus24	To him the only people who matter are debian users and anyone not using linux with a package manager should fuck off and use a real operating system	16:08
sigmavirus24	(yes he's said that on other non openstack mailing lists)	16:08
*** sdake has quit IRC		16:09
sigmavirus24	browne: except this affects more than just linux users	16:09
tmcpeak	ugg, Daviey plays in this space also, right?	16:09
sigmavirus24	Daviey: is actually the bandit maintainer afaik	16:09
browne	sigmavirus24: true, i guess we claim support for mac os	16:09
sigmavirus24	browne: we do	16:09
sigmavirus24	We don't claim support for windows but what we do is simple enough at the moment that we effectively support it	16:09
sigmavirus24	So this also helps windows users (of which openstack has a few)	16:10
sigmavirus24	tl;dr I'm working on an openstack-spec to make this be the standard because gentoo and fedora maintainers seem to want consistency here and we can provide that through data_files	16:10
sigmavirus24	Put another way, I'll -2 anything that breaks this for other users simply because zigo's doesn't want to fix something that should be trivial for him to fix as a downstream redistributor	16:11
tmcpeak	sigmavirus24: ok thanks for the clarity	16:12
sigmavirus24	tmcpeak: happy to help	16:12
tmcpeak	I really don't know anything about packaging	16:12
sigmavirus24	Be happy you don't	16:12
tmcpeak	:)	16:13
sigmavirus24	This isn't a particularly happy section of it for setuptools at the moment	16:13
tmcpeak	python packaging feels nasty in general, I've intentionally avoided it	16:13
sigmavirus24	tmcpeak: https://gitweb.gentoo.org/repo/gentoo.git/commit/dev-python/bandit?id=9be7f815a7287b0702923bd2df90006442532a3b	16:14
sigmavirus24	The second to last line is all zigo has to do	16:14
sigmavirus24	Or whatever the equivalent would be for debs	16:14
tmcpeak	sigmavirus24: ahh	16:16
tmcpeak	so I'm confused also, what is he trying to do? I thought Daviey is packaging it	16:16
tmcpeak	is he just not happy with the way it's being packaged?	16:16
sigmavirus24	tmcpeak: I think Daviey maybe didn't get around to updating the packaging for 0.13.2	16:17
sigmavirus24	And lintian complained and Zigo came to complain to us	16:17
tmcpeak	ahh ok, so if we push a new one, this will be resolved?	16:17
sigmavirus24	tmcpeak: why?	16:18
*** jmckind has joined #openstack-security		16:18
tmcpeak	I'm saying if we/Daviey/whoever repackages Bandit 0.13.2 for debian with that change you mentioned, is that going to resolve his concern?	16:19
sigmavirus24	tmcpeak: it should	16:19
sigmavirus24	That said, it's not our bug	16:19
tmcpeak	ok, since we have some time at the midcycle, maybe one of us will JFDI	16:20
*** sdake_ is now known as sdake		16:21
sigmavirus24	hah	16:23
sigmavirus24	hah	16:23
sigmavirus24	hah	16:23
sigmavirus24	Debian packaging is worse than python packaging so good luck with that	16:23
tmcpeak	:\|	16:23
tmcpeak	we need Daviey back...	16:24
Daviey	tmcpeak: checking in on my phone.. driving right now	16:25
Daviey	(not caught up on sxrollback)	16:25
tmcpeak	no text and drive Daviey :)	16:25
Daviey	traffic lights. :)	16:25
browne	dictation	16:25
Daviey	i have packaged the new one i think.. but not had it uploaded	16:26
Daviey	what did zigo complain about?	16:26
tmcpeak	Daviey: ahh awesome, have you followed along on the LP	16:26
Daviey	i need a TL;Dr :)	16:26
tmcpeak	we're installing config into /usr/etc/bandit	16:26
tmcpeak	or something	16:26
Daviey	green light	16:27
tmcpeak	allright, catch you in a bit	16:27
Daviey	oh i know that.. that was the whole reason i did thr appdirs stuff	16:27
tmcpeak	Daviey: ok so we just need the new package based on 0.13.2 and we should be gtg?	16:27
Daviey	getting it in broken early > getting it in perfect later	16:27
Daviey	release early, often etc	16:28
tmcpeak	yep, ok cool	16:28
Daviey	tmcpeak: yeah	16:28
tmcpeak	great, I'll note that in the LP bug	16:28
sigmavirus24	Daviey: zigo is complaining about lintian bugs	16:28
Daviey	talk later i/	16:28
sigmavirus24	bug 1490318	16:28
openstack	bug 1490318 in Bandit "bandit installs config file in /usr" [Undecided,Won't fix] https://launchpad.net/bugs/1490318	16:28
sigmavirus24	later Daviey	16:28
tmcpeak	Daviey: sounds good, thank you	16:30
*** alex_klimov has quit IRC		16:34
*** sicarie has left #openstack-security		16:39
*** hyakuhei has quit IRC		16:48
*** dwyde has quit IRC		16:48
*** hyakuhei has joined #openstack-security		16:48
tkelsey	elmiko: I remember something about password tests from yesterday, take a look at https://review.openstack.org/#/c/202582/ and see what you think	16:56
*** dwyde has joined #openstack-security		16:57
elmiko	tkelsey: ack, thanks	16:57
*** sdake_ has joined #openstack-security		17:06
*** sdake has quit IRC		17:06
*** sdake has joined #openstack-security		17:07
openstackgerrit	Merged openstack/anchor: Updated from global requirements https://review.openstack.org/218900	17:08
openstackgerrit	Brant Knudson proposed openstack/bandit: Update gitignore for coverage https://review.openstack.org/219363	17:09
*** sdake_ has quit IRC		17:10
openstackgerrit	Brant Knudson proposed openstack/bandit: Update gitignore for coverage https://review.openstack.org/219363	17:13
*** b10n1k_ has joined #openstack-security		17:22
openstackgerrit	Travis McPeak proposed openstack/bandit: Refactoring Unit Test Directories https://review.openstack.org/219373	17:22
openstackgerrit	Merged openstack/bandit: Update gitignore for coverage https://review.openstack.org/219363	17:28
*** elo has joined #openstack-security		17:33
*** elo has quit IRC		17:40
openstackgerrit	Merged openstack/bandit: Refactoring Unit Test Directories https://review.openstack.org/219373	17:41
bknudson	https://etherpad.openstack.org/p/security-liberty-midcycle-bandit-tests	17:42
*** sicarie has joined #openstack-security		17:43
bknudson	https://etherpad.openstack.org/p/security-liberty-midcycle-bandit-tests	17:44
sicarie	thanks!	17:44
*** sigmavirus24 is now known as sigmavirus24_awa		17:54
openstackgerrit	Merged openstack/anchor: Move sample config for tests to one place https://review.openstack.org/207752	18:04
openstackgerrit	Merged openstack/anchor: Implement new API format https://review.openstack.org/190473	18:04
openstackgerrit	Merged openstack/anchor: Allow configurable signing backends https://review.openstack.org/201394	18:04
openstackgerrit	Merged openstack/anchor: Move all plugins to stevedore https://review.openstack.org/208311	18:05
openstackgerrit	Merged openstack/anchor: Add documentation for validators https://review.openstack.org/219152	18:05
*** hyakuhei has quit IRC		18:05
*** hyakuhei has joined #openstack-security		18:13
*** quie has joined #openstack-security		18:17
*** quie2 has joined #openstack-security		18:23
*** quie has quit IRC		18:23
*** LelouchV has joined #openstack-security		18:24
openstackgerrit	Merged openstack/security-doc: Updated from openstack-manuals https://review.openstack.org/218555	18:24
openstackgerrit	Michael McCune proposed openstack/bandit: Adding a check for call in call_args_count https://review.openstack.org/219395	18:47
*** sicarie has quit IRC		18:51
*** LelouchV has quit IRC		18:52
*** sicarie has joined #openstack-security		18:54
*** LelouchV has joined #openstack-security		18:54
*** salv-orlando has quit IRC		18:57
openstackgerrit	Brant Knudson proposed openstack/bandit: Rename core.test_config to test_bandit https://review.openstack.org/219402	18:58
openstackgerrit	Eric Brown proposed openstack/bandit: Remove unused test_basic.py https://review.openstack.org/219409	19:03
*** sigmavirus24_awa is now known as sigmavirus24		19:04
openstackgerrit	Michael McCune proposed openstack/bandit: Adding the key lookup to Context.call_args_string https://review.openstack.org/219410	19:05
*** salv-orlando has joined #openstack-security		19:06
*** tjt263 has quit IRC		19:06
*** LelouchV has quit IRC		19:07
*** sdake_ has joined #openstack-security		19:12
*** sdake has quit IRC		19:13
*** sdake has joined #openstack-security		19:13
*** sdake_ has quit IRC		19:18
*** sicarie has quit IRC		19:22
*** sicarie has joined #openstack-security		19:31
openstackgerrit	Merged openstack/bandit: Rename core.test_config to test_bandit https://review.openstack.org/219402	19:32
*** ccneill has quit IRC		19:34
*** raginbajin has quit IRC		19:34
*** goodygum has quit IRC		19:34
*** whydidyoustealmy has quit IRC		19:34
*** jmckind has quit IRC		19:34
*** ccneill has joined #openstack-security		19:34
*** raginbajin has joined #openstack-security		19:34
*** goodygum has joined #openstack-security		19:34
*** whydidyoustealmy has joined #openstack-security		19:34
*** whydidyoustealmy has quit IRC		19:35
*** whydidyoustealmy has joined #openstack-security		19:35
elmiko	tkelsey: https://review.openstack.org/#/c/181393/	19:37
*** jmckind has joined #openstack-security		19:38
tkelsey	elmiko: ty	19:41
openstackgerrit	Nathaniel Dillon proposed openstack/bandit: Add tests/unit/core/test_manager.py https://review.openstack.org/219426	19:45
*** sdake_ has joined #openstack-security		19:45
openstackgerrit	Merged openstack/bandit: Remove unused test_basic.py https://review.openstack.org/219409	19:46
*** ccneill has quit IRC		19:47
*** raginbajin has quit IRC		19:47
*** goodygum has quit IRC		19:47
*** sdake has quit IRC		19:49
*** sdake has joined #openstack-security		19:49
*** ccneill has joined #openstack-security		19:52
*** raginbajin has joined #openstack-security		19:52
*** goodygum has joined #openstack-security		19:52
*** sdake_ has quit IRC		19:53
*** sicarie has quit IRC		19:55
*** sicarie has joined #openstack-security		19:56
openstackgerrit	Eric Brown proposed openstack/bandit: Better function to count lines in a file https://review.openstack.org/219433	20:05
openstackgerrit	Marianne Linhares Monteiro proposed openstack/security-doc: There's an grammar error in section "Compartmentalize" of Compliance overview in Security Guide. https://review.openstack.org/219439	20:16
openstackgerrit	Jamie Finnigan proposed openstack/bandit: Remove unused describe_symbol() utility function https://review.openstack.org/219440	20:18
openstackgerrit	Jamie Finnigan proposed openstack/bandit: Remove unused describe_symbol() utility function https://review.openstack.org/219440	20:20
*** salv-orl_ has joined #openstack-security		20:20
*** salv-orlando has quit IRC		20:24
*** dave-mccowan has quit IRC		20:25
openstackgerrit	Michael Xin proposed openstack/anchor: Remove outdated hashing algorithms and change default hashing algorithm from md5 to sha256 https://review.openstack.org/219443	20:27
openstackgerrit	Brant Knudson proposed openstack/bandit: Unit tests for bandit.core.config https://review.openstack.org/219444	20:28
openstackgerrit	Michael McCune proposed openstack/bandit: Adding check for node key in Context https://review.openstack.org/219445	20:29
*** dave-mccowan has joined #openstack-security		20:38
*** sdake has quit IRC		20:53
*** alex_klimov has joined #openstack-security		20:56
*** moises has joined #openstack-security		21:02
openstackgerrit	Merged openstack/bandit: Remove unused describe_symbol() utility function https://review.openstack.org/219440	21:07
*** jian5397 is now known as michaelxin		21:14
tkelsey	michaelxin: https://www.youtube.com/watch?v=Q_ZhrQq-_YM	21:14
tkelsey	michaelxin: https://www.youtube.com/watch?v=jf_YOzW7I3s	21:15
michaelxin	jqxin2006@gmail.com	21:19
*** moises has quit IRC		21:32
openstackgerrit	Michael Xin proposed openstack/anchor: Remove outdated hashing algorithms https://review.openstack.org/219443	21:45
*** alex_klimov has quit IRC		21:51
*** jmckind has quit IRC		21:52
*** tjt263 has joined #openstack-security		21:53
openstackgerrit	Merged openstack/bandit: Better function to count lines in a file https://review.openstack.org/219433	22:08
*** sigmavirus24 is now known as sigmavirus24_awa		22:18
openstackgerrit	Eric Brown proposed openstack/bandit: WIP: Add unit tests for the formatters https://review.openstack.org/219472	22:25
openstackgerrit	Jamie Finnigan proposed openstack/bandit: Python 3 compat for safe_unicode() function https://review.openstack.org/219473	22:26
*** edmondsw has quit IRC		22:28
*** ccneill_ has joined #openstack-security		22:32
*** ccneill has quit IRC		22:34
*** michaelxin has quit IRC		22:36
*** jian5397 has joined #openstack-security		22:38
*** alejandrito_ has joined #openstack-security		22:43
openstackgerrit	Jamie Finnigan proposed openstack/bandit: Python 3 compat for safe_unicode() function https://review.openstack.org/219473	22:43
*** alejandrito_ has quit IRC		22:45
*** alejandrito has quit IRC		22:45
*** dwyde has quit IRC		22:48
tmcpeak	browne: https://review.openstack.org/219473	22:50
openstackgerrit	Brant Knudson proposed openstack/bandit: Unit tests for bandit.core.config https://review.openstack.org/219444	22:55
openstackgerrit	Brant Knudson proposed openstack/bandit: Unit tests for bandit.core.config https://review.openstack.org/219444	22:56
openstackgerrit	Jamie Finnigan proposed openstack/bandit: Remove unused safe_unicode() utility function https://review.openstack.org/219473	22:58
*** Cristian10b has joined #openstack-security		23:00
*** Cristian10b has quit IRC		23:01
openstackgerrit	Jamie Finnigan proposed openstack/bandit: Remove unused safe_unicode() utility function https://review.openstack.org/219473	23:01
openstackgerrit	Brant Knudson proposed openstack/bandit: Unit tests for bandit.core.config https://review.openstack.org/219444	23:03
*** voodookid has quit IRC		23:05
openstackgerrit	Jamie Finnigan proposed openstack/bandit: Py3 compatibility fix in lines_with_context() util https://review.openstack.org/219482	23:07
openstackgerrit	Brant Knudson proposed openstack/bandit: Remove unreachable code in config.py https://review.openstack.org/219483	23:07
openstackgerrit	Jamie Finnigan proposed openstack/bandit: Additional unit test coverage for core/utils.py https://review.openstack.org/219487	23:13
openstackgerrit	Travis McPeak proposed openstack/bandit: Adding test tool for check OpenStack projects' Bandit job https://review.openstack.org/219488	23:16
openstackgerrit	Merged openstack/bandit: Remove unused safe_unicode() utility function https://review.openstack.org/219473	23:23
openstackgerrit	Michael McCune proposed openstack/bandit: Adding a check for key in get_call_arg_at_position https://review.openstack.org/219510	23:40
*** quie2 has quit IRC		23:41
openstackgerrit	Merged openstack/bandit: Py3 compatibility fix in lines_with_context() util https://review.openstack.org/219482	23:42
*** salv-orlando has joined #openstack-security		23:43
*** salv-orl_ has quit IRC		23:47
*** y_sawai has joined #openstack-security		23:48
openstackgerrit	Robert Clark proposed openstack/anchor: Adding some additional high level content. It might not live here forever but words is words - have some words! https://review.openstack.org/219512	23:53
openstackgerrit	Doug Chivers proposed openstack/anchor: Working config.json https://review.openstack.org/219513	23:53
openstackgerrit	Robert Clark proposed openstack/anchor: Adding some additional high level content. It might not live here forever but words is words - have some words! https://review.openstack.org/219512	23:54
*** y_sawai has quit IRC		23:58

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!