Release Meeting Minutes/2010-01-26

From K5Wiki
< Release Meeting Minutes
Revision as of 19:28, 3 January 2011 by TomYu (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Will Fiveash, Simo Sorce, Greg Hudson, Zhanna Tsitkova, Tom Yu

Instant messaging

We're moving to IRC. (see IRC and Jabber)

Logging would be useful.

[digression about access controls, publicizing, etc.]

People generally good about not interrupting dev chats on IRC with non-dev stuff.


Need to find right places to put auditing calls. Some uncertainty about "hard" auditing requirements, e.g. aborting an operation if the audit log can't be written. Will and Simo have sent Zhanna some OS-specific information about audit policies.

Cover as many events as possible. ... high level policy for when to call the audit system.
We need to poll sponsors, large enterprises.
Sun has audit requirements for Kerberos. [he knows some peoplewho know about audit standards, etc.]


Simo has run into trouble trying to build KDB plugins outside of the tree. Some stuff might need k5-int.h? Greg will move kdb_ext.h into kdb.h.

In Heimdal, if KDB plugin supports ticket policy checks, the KDC builtins get overridden by plugins. This contrasts with MIT KDC behavior.

Heimdal has helper functions to implement default policy checks. Samba calls the helpers after the Samba policy checks finish.
Upgrade issues from mkvno!=1 case. lookup_kvno is used in more places than expected. Investigating further. These would be prime places for DAL cleanup.

Patch releases

Maybe target first of month -- evaluate whether a patch release makes sense; make release if needed. Tom will draft a policy on the wiki.

1.8 followup

Solaris kernel code for GSS mechs must be lint-clean. Would you accept lint comments?
Hard to give guidance to developers. Happier if code can be made lint-clean without adding cruft. Already added coding practices to make Coverity happy. What's specifically triggering complaints from lint?
Limit stuff to kernel code. Will do some more research.
Compiler warnings?
We use some gcc warnings. We try to keep it clean. Dropped const-qual and (narrow type?) warnings. We're not warning-free; got rid of half of warnings.
add kadmin history key change support to 1.8