| mnasiadka | spotz[m]: Do you have any idea how I can sort of push https://bugzilla.redhat.com/show_bug.cgi?id=2326534 forward? NeilHanlon seems to be happy to help - but there's no reply in bugzilla. | 09:49 |
|---|---|---|
| spotz[m] | I pinged someone:) | 16:34 |
| mnasiadka | spotz[m]: thanks | 16:59 |
| JonathanWright[m] | noonedeadpunk: test builds are underway of systemd-extras for epel10. Hopefully have some builds submitted to stable today. | 17:07 |
| spotz[m] | mnasiadka Neil started the process to be a co-maintainer but didn't finish, that's why he's stalled | 17:52 |
| spotz[m] | https://docs.fedoraproject.org/en-US/epel/epel-package-request/#stalled_epel_requests | 17:53 |
| JonathanWright[m] | Does openstack work with selinux? | 18:15 |
| fungi | i don't see why it wouldn't as long as someone writes the appropriate policies | 18:16 |
| clarkb | we don't test with selinux enabled upstream nor do we have policies. | 18:17 |
| clarkb | not sure if anyone has done that work | 18:17 |
| fungi | it's a rather vague question though, what rules are required for running with selinux enforcing mode enabled will depend heavily on how openstack is installed and what components are used | 18:17 |
| JonathanWright[m] | That's basically what I needed to know | 18:17 |
| fungi | we have a few "deployment projects" that are opinionated ways openstack can be installed, and those might be candidates for working out selinux compatibility in each of their specific cases, but every downstream distribution is going to need similar work to accommodate the choices they make too | 18:18 |
| fungi | there's not really a way to add generic selinux (or apparmor, or whatever) compatibility in the upstream projects themselves, it's an entirely distribution/installation-oriented problem | 18:19 |
| opendevreview | Merged openstack/security-doc master: Bump minimum tox version to 3.18.0 https://review.opendev.org/c/openstack/security-doc/+/955057 | 18:23 |
| noonedeadpunk | JonathanWright[m]: yep, thanks for the update, I get notifications from BZ on tghe progres ;) | 20:03 |
| frickler | maybe it is just my bias because I'm not interested in RHEL-based distros at all, but maybe you could find a different channel for these discussions, assuming this is going to become a long-term involvement? | 20:25 |
| fungi | i think supporting discussion for what goes in https://governance.openstack.org/tc/reference/runtimes/2026.1.html is on-topic for the tc, but yeah we don't need to get too far into how the sausage is made for any particular distro | 20:34 |
| fungi | i expect #openstack-dib for image building discussions and #openstack-qa for testing would be most appropriate | 20:37 |
Generated by irclog2html.py 4.0.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!