[01:41:57] --- haba has become available [01:42:47] Hi everyone [01:47:10] hi [01:52:38] --- dragos.tatulea has become available [01:53:58] Btw Simon, do you know of any cygwin packages of openssh with your pathes? [01:54:10] s/pathes/patches [01:54:31] hello [01:54:43] I don't. You'd need to get either MIT Kerberos or Heimdal to build under cygwin to use them - I'm not sure anyone's done that. [01:54:45] Hi Dragos. [01:55:11] happy new year [01:55:22] Happy New Year to you too. [01:55:29] Sorry for not being arount lately. [01:55:42] We had an old Heimdal (0.6) cygwin build which was some time ago when we looked at it. [01:56:02] dragos: No problem. I'm about to disappear for a couple of months ... [01:56:27] I think 0.6 and 0.7.2 built under cygwin without problems. I have not tested the newest stuff. [01:57:01] --- dragos.tatulea has left [01:57:10] 0.6 is incompat with 1.x, so we need to look at that anyway. [01:57:35] --- tkeiser@sinenomine.net/owl has left [01:57:45] I think once you've got a working Kerberos library, it should be pretty easy to get my patches to build. [02:00:03] --- dragos.tatulea has become available [02:10:40] Yes dragos, happy new year :) (advanced: Figure out the location) http://www.stacken.kth.se/~haba/crw_14055-1.jpg [02:11:44] haba: earth [02:13:09] you get 1p for originality :) [02:13:25] Where is it? [02:16:33] First hints (I'll spill the beans in a moment): I was there because of my girlfriend, they have a ski-jumping event every year and previously have hosted the olympics. They have an airport which needs special training. [02:19:05] for passengers? [02:19:26] No, only for the pilots :) The university clinic is famous for fixing ski related bone injuries. [02:21:15] Ok, you had your chances. Capital of the region Tirol: http://maps.google.com/maps?f=q&hl=en&geocode=&q=innsbruck&sll=37.0625,-95.677068&sspn=48.50801,78.222656&ie=UTF8&t=h&z=11&g=innsbruck&iwloc=addr [02:25:00] or more exact photo location is here, looking north: http://maps.google.com/maps?f=q&hl=en&geocode=&q=innsbruck&sll=37.0625,-95.677068&sspn=48.50801,78.222656&ie=UTF8&ll=47.254523,11.425411&spn=0.001278,0.002387&t=h&z=19 [02:31:37] --- dragos.tatulea has left [02:34:44] --- dragos.tatulea has become available [03:03:36] --- Simon Wilkinson has left [03:39:24] --- shadow@gmail.com/owl445E9790 has left [03:41:04] --- SecureEndpoints has left: Replaced by new connection [04:04:06] --- Simon Wilkinson has become available [04:53:23] --- tkeiser@sinenomine.net/owl has become available [05:22:07] --- SecureEndpoints has become available [05:25:01] apparently this is the most dangerous ski season on record. at least in north america. more deaths since dec 14 than ever recorded in such a short period of time. [05:26:03] haba: the problem with kerberos under cygwin is not that it doesn't compile but that it is completely unaware of the Windows environment it is running under. [05:26:23] Many injuries in Austria, too. One problem is the mix of folks with and without helmets. [05:27:43] the problem in north america is the global warming affect on the weather patterns [05:27:48] Jeff: I can take the "unaware" for now I think. Folks will have to kinit. Maybe the cred cache problems can be solved later. [05:28:21] haba: I think Putty has now got some GSSAPI support of its own. IIRC, it does userauth but not kex. Might that be of use to you? [05:28:35] no kex [05:29:13] there are many putty mods. but if you actually want a console ssh client you need cygwin [05:29:26] or kermit 95 but lets not go there [05:29:43] haba: in austria ski is the national sport [05:33:52] I have been looking at some putty mods, but the ones which might be kex require same AD for client and remote host. [05:35:32] * haba been first times on ski at age 6 in Oberstdorf [05:37:10] or rather in Mittelberg to be exact. That's Austria (for some special value of Austria as the only road out of the valley leads to Oberstorf, Germany) [05:38:14] in gemany land :-) [05:39:28] do you know kitzbuhel ? is not so bad [05:39:53] Jeff,Simon: I have been promised a win* virtual machine with cygwin for next week, so I don't need to bother with the win* setup I hope. [05:51:44] --- shadow@gmail.com/owl274581A9 has become available [05:54:32] --- Simon Wilkinson has left [05:57:38] --- Simon Wilkinson has become available [06:06:16] haba: my putty client mods do not have gex. if you want it you can find it at http://www.secure-endpoints.com/private.htm [06:30:49] Jeff: Thanks, I'll test, but our production ssh server will not have any keys but the keytab, so there will be nothing it can take and ask the user to answer "yes" to. ;) [06:43:47] d_alloc_anon -> d_obtain_alias (GPL-only). so much for the linux nfs translator [06:44:59] I think we should speak to David about what our options are, politically, for this kind of thing. [06:47:14] Add a configure flag --nfs-translator which defaults to YES. On Linux, let it print "due to GPL licensing, this feature is not available on this platform, to disable supply --nfs-translator=no. [06:47:56] That will show this "feature" to all distro packagers. [06:48:41] This is my twist to the political lobbying. [06:49:08] Unfortunately, I think Russ and I are aware of the problem, and powerless to do anything about it. [06:50:02] jhutz wrote the NFS translator, didn't he? I wonder if he could be persuaded to make his code available under a BSD license. [06:50:11] I think there _are_ people who roll their own .deb and .rpm besides your strong efforts.... [06:50:26] ... to make that unnecessary. [06:51:24] I know there are, but none of them are actually going to have any influence in this situation. Really all we can do is wave Linus's statement that they wouldn't remove any existing functionality, for whatever that may be worth. [06:51:53] --- dmontuori has become available [06:59:04] translator is solaris and linux only [06:59:16] and there's no pointin political lobbying [06:59:42] even if jhutz rereleased code he wrote under contract it's not sufficient as it's fully part of the cache manager. [07:00:05] the nfs translator would have to be re-implemented for kafs [07:00:11] Okay, so it'd fall under the derivative work bit of the IPL. [07:00:28] reimplementing the translator for kafs could be a gsoc propoal [07:00:49] Is there likely to be further movement on kafs before GSOC? [07:01:23] Reimplementing disconnection for kafs could be a gsoc proposal, too :( [07:02:30] +1 sxw [07:03:10] there's a lot of functionality we have beyond the base cache manager which could be reimplemented [07:04:11] Personally, I'd rather not have to. There's a load of new stuff we could be doing, without investing huge amounts of effort in wheel reinvention. [07:04:11] Our experience from last Summer shows that we really need to scale back what we think of as a gsoc project. the ramp up time is simply too great for the students that we are getting. [07:05:15] while i agree rewrites of existing tech are a waste, we live in the world we do [07:05:31] summatusmentis if he decided to apply to gsoc again is one of the few which could make significant progress. [07:05:54] the whole purpose of the GPL-only nonsense is to force re-writes [07:06:06] I think the key is to have a project which can be done in stages, so that an exceptional student continues to have work throughout the summer, but a slower student can still complete something meaningful. [07:06:27] disconnected is probably too ambitious [07:07:40] I think the correct way to do disconnected for Linux is to build it on top of the cache layer, and make it complete filesystem agnostic, too. [07:07:57] that is the approach I favor for Windows as well. [07:08:55] But, at least for Linux, that means it isn't an AFS project really. [07:09:41] --- reuteras has left [07:10:08] would disconnected for kafs be that ambitious? wouldn't a gsoc'er be able to leverage the existing disconnected implementation so that the project would be a port rather than 'new work'? [07:10:30] the existing implementation is very tied to our dcaches [07:10:37] ah. got it. [07:10:42] there'd be no point in porting it. arla's would be closer. [07:10:51] you just outed yourself as never looking at the code :) [07:11:09] I was going to add 'while I've not looked at the disconnected implementation...' [07:11:19] arla has disconnect implemented. But not reconnect yet. [07:11:49] all the usual arla disclaimers apply :) [07:12:20] I think both of them are pretty much worthless. If you wanted to actually get your code into the kernel, it would have to be generic. Which means you'd need to build on top of the Linux cacheFS, and define a new interface for communicating with filesystems to do cache coherence and replay. [07:12:42] It would be a significant amount more work, and require some pretty good design skills. [07:13:07] "not an afs project" basically. interfacing with it when it existed would be a kafs project [07:20:23] Anyone remember where we are with the AFS standardisation stuff? [07:21:30] i thought we were basically done [07:22:27] one person keeps raising objections and being consensus'd down by everyone else who bothers to respond. in that vein, new responses could change things but it seemed like we had consensus among the people who cared to offer an opinion [07:22:41] I think we have, but I'm not sure if we decided what happens next. Someone needs to find out whether we can actually use the RFC Editor for this, I guess. [07:25:19] which reminds me: for the vos split, we need an RPC added to volint.xg -- what process do I need to do for that? [07:26:14] i wonder if jhutz ever set up kula for registraring [07:26:38] if so, mail to the registrar would work. if not, um. odds of your mail being noticed seem low? [07:26:54] no idea. I was thinking something more structured than 'email jhutz and ask for a number' would be appropriate. [07:27:14] To do it properly, write a document describing the RFC. Email it to the standardisation list. [07:27:34] Chivvy people into responding, claim consensus, then mail the registrars. [07:27:58] well, it is. mail the registrar and ask for a number. [07:28:09] not the person, there's a role account which injects into another RT queue [07:28:13] political/pragmatic question: rx osd has several 'goodies' like vos split: should I batch them up wrt the standardization list, or do them one at a time? [07:28:37] he can ask for a number shy of standardization for private work, but yeah, i guess for vos split we should decide yay/nay first [07:28:52] i thought we decided though that osd was considered accepted pre-standardization? [07:29:05] I think we can grandfather in stuff that's already done. [07:29:12] But it would be good to document them where we can. [07:29:17] so email registrar@openafs.org, then? [07:29:18] agreed [07:29:23] @central.org [07:29:40] and put together a single RFC doc outlining each piece, sent to the standardization list? [07:29:40] registry is not openafs-only [07:29:52] ok: registrar@central.org. [07:33:08] I feel bitchy today. Meh, so suffer with me: http://www.stacken.kth.se/~haba/crw_14108-1.jpg (position Patscherkofel top restaurant, looking SW). I think my mood will improve when my girlfriend comes back from Oslo tonight. [07:34:12] my mood would improve if i went to oslo, but i am going ice skating tonight [07:36:13] haba: oohh....skiing.... [07:39:22] My girlfriend told me that Oslo was "not fun" yesterday evening, pro palestina and pro israel demonstrants fighting with new year explosives and the police in between. Probably Oslo is better today. A news article about Oslo yesterday is here: http://www.aftenposten.no/nyheter/iriks/article2856342.ece (ok, in norwegian, but look at the pics, you get it....) [07:45:03] --- mmeffie has left [07:53:40] --- Simon Wilkinson has left [08:02:42] --- dmontuori has left [08:18:17] --- dev-zero@jabber.org has left [08:22:33] --- dmontuori has become available [08:23:27] --- dmontuori has left [08:26:07] --- dmontuori has become available [08:59:33] * haba -> weekend. Have a nice one! [09:00:36] you too [09:00:40] have a good one [09:04:35] --- haba has left [09:20:44] --- matt has become available [09:30:27] --- dragos.tatulea has left [09:34:41] --- dev-zero@jabber.org has become available [09:38:54] --- Moose has become available [10:07:04] --- Russ has become available [10:50:32] --- Moose has left: Lost connection [10:50:32] --- dev-zero@jabber.org has left: Lost connection [11:02:05] --- dev-zero@jabber.org has become available [11:10:48] --- Moose has become available [12:22:16] jake here? [12:22:17] --- manfred furuholmen has left: Lost connection [12:22:31] yes [12:22:42] how far are you from watertown mn? [12:22:59] currently? or in general? [12:23:40] in general [12:24:02] like, apparently if you can get there you should visit crow river coffee [12:24:30] just cehcking, my internet sucks :( [12:24:39] oh, slightly west of MSP [12:24:51] ~3 hours [12:24:57] so "a good ways" [12:24:59] ok [12:25:18] it's not hard to get back to that area though [12:25:59] crow river coffee is a cafe? or processing? [12:27:03] --- dmontuori has left [12:27:10] --- dmontuori has become available [12:29:17] intriguing, if I ever figure out a way to get just west of the twin citiets, I'll have to try it [12:29:32] maybe I can convince the gf to try it [12:29:34] cafn8ed on twitter [12:29:39] he also does a podcast [12:30:08] she'll probably claim she can do it better (works in a cafe, get's all territorial :-D) [12:30:09] he closes early but i guess being in a small town it's not shocking [12:30:27] i'll happily watch her podcast :p [12:30:34] there's a gas station in the small town where I go to school, that closes at 6pm [12:31:02] she also claims computer hate her, it'd be a miracle if I could get her to make a podcast :) [12:31:05] computers* [12:41:41] --- dmontuori has left [12:41:48] --- dmontuori has become available [12:48:20] Oh, yes, definitely. [12:51:39] definitely what? [12:52:16] definitely mybe [13:01:51] definitely indefinitely [13:01:51] with bacon [13:02:24] --- manfred furuholmen has become available [13:05:26] bacon--is it ever off topic? [13:06:32] mmmmmmm baaacon [13:06:36] is there a design somewhere of moving away from the 'one afs keytab per cell'? ie, a description of a sample configuration under the new plan? [13:10:22] I doubt it. We've talked about it at various points, but I don't think there _is_ any configuration. [13:12:53] any thoughts on what principals might look like? e.g., 'srv1/afsfs@YADDAYADDA.ORG' [13:14:05] Just off the top of my head, I'd say use the standard Kerberos service principal naming with different services for each different AFS function. [13:14:48] So afs-fileserver/hostname.domain.com@REALM.COM, afs-vlserver/..., afs-ptserver/..., etc. [13:14:57] bacon is always on topic. and on tuesday, in pittsburgh, at harris grill, it's a vegetable [13:15:04] I don't know if there's any reason for the volserver to have a separate principal from the fileserver. [13:15:24] one key per cell != one keytab per cell. talk to marcus, or see the snipsnap wiki when we figured out how to do it [13:15:42] what's a 'snipsnap wiki'? [13:15:42] "don't hold your breath" [13:16:03] Possibly domain-based names: afs/hostname.domain.com/cell.domain.com [13:16:10] afsig.se runs the snipsnap wiki [13:16:59] afsig.se runs a wiki using snipsnap, which is a piece of wiki software. There are, of course, other snipsnap wikis which are not relevant here [13:17:19] --- dmontuori has left [13:17:25] --- dmontuori has become available [13:17:44] > one key per cell != one keytab per cell True, keys and keytabs are not the same thing. One is a key, and one is a file storing keys. Right now, we have one key per cell, and no keytabs [13:17:55] and the url for that wiki is? [13:18:03] http://afsig.se/ ? [13:18:12] tried that..got a 404. [13:18:38] Oh, except that's broken; I forget why. [13:19:48] Yeah, three-level principals would let us support file servers for multiple cells on the same system in the future. [13:20:04] At the cost of breaking all the (already broken, but still) Kerberos software that doesn't expect three-level principals. :) [13:20:16] afs snipsnap wiki, of course [13:20:29] I don't really know of any kerberos software that can't handle principals with more than 2 components. [13:20:55] Well, it's not the "afs snipsnap wiki"; it's the afsig.se wiki. And in any case it's broken; someone needs to get the swedes to fix it [13:21:12] haba left [13:21:31] Like, I didn't realize what you meant at first either, because I don't think of wikis in terms of what software they're based on [13:23:35] --- dmontuori has left [13:23:42] --- dmontuori has become available [13:24:13] --- stevenjenkins has left [13:27:50] --- stevenjenkins has become available [13:42:23] --- dmontuori has left [14:52:40] --- matt has left [15:05:23] --- mdionne has become available [15:21:18] --- mdionne has left [15:23:19] --- manfred furuholmen has left [16:00:31] --- Moose has left [16:17:07] --- sxw has become available [16:24:06] --- mdionne has become available [16:27:44] --- sxw has left [16:34:18] LInux NFS vs GPL: besides dobtain_alias, most sunrpc functions in the kernel were made GPL only, as of yesterday (also used by the translator) [16:35:48] --- Simon Wilkinson has become available [16:36:19] mdionne: Lovely. Any justification for the change, or are they just out to screw folk? [16:38:01] BTW: I've just submitted a couple of talks for the workshop, but got lots of errors both times. Did they make it through? [16:38:17] The comment is basically that out of tree code has no business using them [16:39:54] More specifically: "The sunrpc server code should not be used by out-of-tree modules" [16:46:04] --- Simon Wilkinson has left [16:49:17] --- dev-zero@jabber.org has left [17:03:10] In other interesting linux news, btrfs is now in mainline and will be in 2.6.29 [17:35:04] --- mdionne has left [17:53:58] --- Moose has become available [18:43:16] so... HTMLL/CSS/javascript afs client soon? [18:46:10] --- edgester has become available [20:09:36] --- edgester has left [23:14:36] --- Russ has left: Disconnected