Re: CIP Core target EOL dates
masashi.kudo@cybertrust.co.jp <masashi.kudo@...>
Hi, Punit-san,
Thanks for initiating the discussion. Regarding the EOL of "v4.19" x "Debian Buster", it should be "2029-01-11" if we follow the following rule. earlier of (Kernel, Debian) release date + 10 yrs- SLTS4.19 kernel release date: Jan 11, 2019 https://docs.google.com/presentation/d/1R2r7_hVijKN1VTuVc92IE4U94p9AUU90bMFUoGRroUI/edit?pli=1#slide=id.p7 - Debian Buster release date: July 6, 2019 https://www.debian.org/releases/buster/ Ideally, the dates for the Core components should be aligned with CIP maintained kernels but there doesn't seem to be any public documentation for the CIP kernel EOL dates. Let me know if this is written down somewhere.The projected EOLs are stated in the above document. Regarding the web site, I noticed that the following page is not updated. https://wiki.linuxfoundation.org/civilinfrastructureplatform/cipkernelmaintenance I will discuss this inside the kernel team. Best regards, -- M. Kudo -----Original Message----- From: cip-dev@... <cip-dev@...> On Behalf Of punit1.agrawal@... Sent: Thursday, April 9, 2020 2:27 PM To: cip-dev@... Cc: Daniel Sangorrin <daniel.sangorrin@...>; Kazuhiro Hayashi <kazuhiro3.hayashi@...> Subject: [cip-dev] CIP Core target EOL dates Hi, CIP is planning to support the Kernels + Debian Rootfs combinations marked with 'x' in the table below. +----------+----------+-----------+-----------+ | | Debian 8 | Debian 9 | Debian 10 | | | Jessie | Stretch | Buster | | Kernel | | | | +----------+----------+-----------+-----------+ | v4.4 | x | x | | +----------+----------+-----------+-----------+ | v4.19 | | x | x | +----------+----------+-----------+-----------+ So far, the details of when the support is expected to end haven't been explicitly called out for Core components. It would be good to rectify this in order to set expectations and gather feedback from the user community. In addition, it will be helpful in estimating the required effort and planning to resource the projects appropriately. To start the conversation, I would like to propose the following target EOL dates for each of the supported combination. Note: All the dates are in YYYY-MM-DD format +----------+--------------+--------------+--------------+ | | Debian 8 | Debian 9 | Debian 10 | | | Jessie | Stretch | Buster | | Kernel | | | | +----------+--------------+--------------+--------------+ | v4.4 | 2025-04-26 | 2026-01-10 | | +----------+--------------+--------------+--------------+ | v4.19 | | 2027-06-17 | 2019-10-18 | +----------+--------------+--------------+--------------+ The proposed dates have been calculated as earlier of (Kernel, Debian) release date + 10 yrs The choice of duration (10 yrs) is arbitrary and should be adjusted based on requirement and available resources. Also, some of the combinations could be dropped if there are no users for them. Ideally, the dates for the Core components should be aligned with CIP maintained kernels but there doesn't seem to be any public documentation for the CIP kernel EOL dates. Let me know if this is written down somewhere. All feedback welcome. Thanks, Punit The relevant Debian[0][1][2] and Kernel[3] release dates are copied below for reference. Debian Release Dates -------------------- Jessie - 2015-04-26 Stretch - 2017-06-17 Buster - 2019-07-06 Linux Kernel Release Dates -------------------------- v4.4 - 2016-01-10 v4.19 - 2018-10-18 [0] https://www.debian.org/releases/jessie/ [1] https://www.debian.org/releases/stretch/ [2] https://www.debian.org/releases/buster/ [3] https://www.kernel.org/category/releases.html
|
|
CIP Core target EOL dates
punit1.agrawal@...
Hi,
CIP is planning to support the Kernels + Debian Rootfs combinations marked with 'x' in the table below. +----------+----------+-----------+-----------+ | | Debian 8 | Debian 9 | Debian 10 | | | Jessie | Stretch | Buster | | Kernel | | | | +----------+----------+-----------+-----------+ | v4.4 | x | x | | +----------+----------+-----------+-----------+ | v4.19 | | x | x | +----------+----------+-----------+-----------+ So far, the details of when the support is expected to end haven't been explicitly called out for Core components. It would be good to rectify this in order to set expectations and gather feedback from the user community. In addition, it will be helpful in estimating the required effort and planning to resource the projects appropriately. To start the conversation, I would like to propose the following target EOL dates for each of the supported combination. Note: All the dates are in YYYY-MM-DD format +----------+--------------+--------------+--------------+ | | Debian 8 | Debian 9 | Debian 10 | | | Jessie | Stretch | Buster | | Kernel | | | | +----------+--------------+--------------+--------------+ | v4.4 | 2025-04-26 | 2026-01-10 | | +----------+--------------+--------------+--------------+ | v4.19 | | 2027-06-17 | 2019-10-18 | +----------+--------------+--------------+--------------+ The proposed dates have been calculated as earlier of (Kernel, Debian) release date + 10 yrs The choice of duration (10 yrs) is arbitrary and should be adjusted based on requirement and available resources. Also, some of the combinations could be dropped if there are no users for them. Ideally, the dates for the Core components should be aligned with CIP maintained kernels but there doesn't seem to be any public documentation for the CIP kernel EOL dates. Let me know if this is written down somewhere. All feedback welcome. Thanks, Punit The relevant Debian[0][1][2] and Kernel[3] release dates are copied below for reference. Debian Release Dates -------------------- Jessie - 2015-04-26 Stretch - 2017-06-17 Buster - 2019-07-06 Linux Kernel Release Dates -------------------------- v4.4 - 2016-01-10 v4.19 - 2018-10-18 [0] https://www.debian.org/releases/jessie/ [1] https://www.debian.org/releases/stretch/ [2] https://www.debian.org/releases/buster/ [3] https://www.kernel.org/category/releases.html
|
|
CIP IRC weekly meeting today
masashi.kudo@cybertrust.co.jp <masashi.kudo@...>
Hi all,
Kindly be reminded to attend the weekly meeting through IRC to discuss technical topics with CIP kernel today. *Please note that the IRC meeting was rescheduled to UTC (GMT) 09:00 starting from the first week of Apr. according to TSC meeting* https://www.timeanddate.com/worldclock/meetingdetails.html?year=2020&month=4&day=9&hour=9&min=0&sec=0&p1=224&p2=179&p3=136&p4=37&p5=241&p6=248 USWest USEast UK DE TW JP 02:00 05:00 10:00 11:00 17:00 18:00 Channel: * irc:chat.freenode.net:6667/cip Last meeting minutes: https://irclogs.baserock.org/meetings/cip/2020/04/cip.2020-04-02-09.00.log.html Agenda: * Action item 1. Combine root filesystem with kselftest binary - Iwamatsu-san 2. Strengthen sustainable process to backport patches from Mainline/LTS - Kernel Team 2-1. Workflow for identifying important fixes, backporting, and reviewing them 2-2. Prepare the tools to be used for this workflow 2-3. Get practice in backporting patches 3. Upload a guideline for reference hardware platform addition - masashi910 4. Identify target boards and configs for RT kernel testing (4.4rt and 4.19rt) - masashi910 * Kernel maintenance updates * Kernel testing * CIP Core * Software update * CIP Security * AOB The meeting will take 30 min, although it can be extended to an hour if it makes sense and those involved in the topics can stay. Otherwise, the topic will be taken offline or in the next meeting. Best regards, -- M. Kudo Cybertrust Japan Co., Ltd.
|
|
Re: [cip-security] [cip-dev] Python 3.x vs 2.7
masashi.kudo@cybertrust.co.jp <masashi.kudo@...>
Hi,
toggle quoted messageShow quoted text
The security WG nominated duplicity as a solution for "Control system backup" (CR7.3). One of the common requirements of such backup software is check-point restart capability. Duplicity provides this like the following. https://lists.nongnu.org/archive/html/duplicity-announce/2009-06/msg00000.html IMHO, I think tar is not met IEC63443-4-2 requirement, because tar itself does not have this capability, Best regards, -- M. Kudo
-----Original Message-----
From: cip-security@... <cip-security@...> On Behalf Of Kento Yoshida Sent: Tuesday, April 7, 2020 3:49 PM To: Pavel Machek <pavel@...>; Jan Kiszka <jan.kiszka@...> Cc: cip-security@...; cip-dev@... Subject: Re: [cip-security] [cip-dev] Python 3.x vs 2.7 Hi, -----Original Message-----Some of the security members didn't accept GPLv3, so currently we dropped GPLv3 packages from the candidates. BTW, I'm not sure but is the CIP policy on accepting GPLv3 still to be decided? If that's out of question, I'm pretty sure we can get GPLv2 tarThank you for introduction about "tar". I will investigate whether it meets the requirements. And also I'll search GPLv2 implementation if it meets the requirements. If it's not decided yet about the CIP policy on accepting GPLv3, we cannot adopt GPLv3 packages. Anyway, I agreed it is difficult to support python 2 for a super long term. And everyone agreed on this point. So, we cannot support each libraries using python 2, at least. Best regards, Kent Best regards,
|
|
Re: [cip-members] [cip-dev] Migration complete - Re: Mailman2 to Groups.io reminder
Sure! I just set it for cip-dev . See if that is working now? Happy to do it for other lists if needed. -- Neal Neal Caidin Program Manager, Program Management & Operations The Linux Foundation +1 (919) 238-9104 (w/h) +1 (919) 949-1861 (m)
On Tue, Apr 7, 2020 at 11:17 AM Jan Kiszka <jan.kiszka@...> wrote: On 07.04.20 17:12, Konstantin Ryabitsev wrote:
|
|
Re: [cip-members] [cip-dev] Migration complete - Re: Mailman2 to Groups.io reminder
Konstantin Ryabitsev <mricon@...>
On Tue, Apr 07, 2020 at 08:58:31AM +0200, Jan Kiszka wrote:
On each list's "Settings" page there is an option called: Separate Message Footers (Place message footers in a separate MIME part) That's the one you want enabled. -K
|
|
Re: [cip-members] [cip-dev] Migration complete - Re: Mailman2 to Groups.io reminder
Jan Kiszka
On 07.04.20 17:12, Konstantin Ryabitsev wrote:
On Tue, Apr 07, 2020 at 08:58:31AM +0200, Jan Kiszka wrote:Perfect! Neal, you are admin? Can you change that?On each list's "Settings" page there is an option called: Thanks, Jan -- Siemens AG, Corporate Technology, CT RDA IOT SES-DE Corporate Competence Center Embedded Linux
|
|
Password reset - Re: [cip-dev] [cip-members] Migration complete - Re: Mailman2 to Groups.io reminder
For anybody who did not get a password reset email, you can go to https://lists.cip-project.org/ , choose Login , and click the Forgot Password link. Best, Neal Neal Caidin Program Manager, Program Management & Operations The Linux Foundation +1 (919) 238-9104 (w/h) +1 (919) 949-1861 (m)
On Tue, Apr 7, 2020 at 6:26 AM Urs Gleim <urs.gleim@...> wrote:
|
|
Re: Migration complete - Re: Mailman2 to Groups.io reminder
Pavel Machek <pavel@...>
Hi!
I suspect footer won't cause problems with patches; there are manyThey seem to add this kind of trailer to the messages, breaking GPGI wonder if it's possible to turn these off by the admin. lists that add such footers, and patches normally survive that okay. But our project is quite security-focused, so it would be good to preserve GPG signatures... Best regards, Pavel -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
|
|
Re: [cip-members] Migration complete - Re: Mailman2 to Groups.io reminder
Urs Gleim
Hi Neal,
toggle quoted messageShow quoted text
Thanks. However I was not requested to set a password.
Best regards,
Urs --
Urs Gleim | Siemens AG | Corporate Technology
Am 06.04.2020 um 23:45 schrieb Neal Caidin <ncaidin@...>:
|
|
Re: [cip-members] Migration complete - Re: Mailman2 to Groups.io reminder
Chris Paterson
Hello Neil,
>You should receive an email shortly asking you to log in with your email address and set a password. It doesn’t look like I’ve received this email.
>Lists >https://lists.cip-project.org/main > >https://lists.cip-project.org/cip-board >https://lists.cip-project.org/cip-dev >https://lists.cip-project.org/cip-testing-results >https://lists.cip-project.org/cip-members >https://lists.cip-project.org/cip-security
None of these links work. It looks like they should be https://lists.cip-project.org/g/main etc.
Kind regards, Chris
From: cip-members@... <cip-members@...>
On Behalf Of Neal Caidin via lists.cip-project.org
Sent: 06 April 2020 22:45 To: cip-board@...; cip-members@...; cip-security@...; cip-dev@... Subject: [cip-members] Migration complete - Re: Mailman2 to Groups.io reminder
Dear CIP Community,
The migration is complete.
You should receive an email shortly asking you to log in with your email address and set a password.
One important note, please do NOT unsubscribe from the "main" list. This would unsubscribe you from all of the CIP lists. "main" is an administrative list used by Groups.io as a parent list to manage the other lists. Please let me know if you have any questions or issues.
Lists https://lists.cip-project.org/main
https://lists.cip-project.org/cip-board https://lists.cip-project.org/cip-dev https://lists.cip-project.org/cip-testing-results https://lists.cip-project.org/cip-members https://lists.cip-project.org/cip-security
Email addresses
Best regards, Neal
Neal Caidin Program Manager, Program Management & Operations The Linux Foundation +1 (919) 238-9104 (w/h)
On Mon, Apr 6, 2020 at 3:34 PM Neal Caidin <ncaidin@...> wrote:
|
|
Re: [cip-members] [cip-dev] Migration complete - Re: Mailman2 to Groups.io reminder
Jan Kiszka
On 07.04.20 03:44, punit1.agrawal@... wrote:
Pavel Machek <pavel@...> writes:Konstantin, could you have a look or organize help? This is a blocker for us, groups.io must not mess with messages.Hi!I wonder if it's possible to turn these off by the admin.The migration is complete.And we have first problem. But given that other projects are using this workflow as well, I strongly suspect there is a way to fix it. Thanks, Jan -- Siemens AG, Corporate Technology, CT RDA IOT SES-DE Corporate Competence Center Embedded Linux
|
|
Re: Python 3.x vs 2.7
Kento Yoshida
Hi,
toggle quoted messageShow quoted text
-----Original Message-----Some of the security members didn't accept GPLv3, so currently we dropped GPLv3 packages from the candidates. BTW, I'm not sure but is the CIP policy on accepting GPLv3 still to be decided? If that's out of question, I'm pretty sure we can get GPLv2 tar implementationThank you for introduction about "tar". I will investigate whether it meets the requirements. And also I'll search GPLv2 implementation if it meets the requirements. If it's not decided yet about the CIP policy on accepting GPLv3, we cannot adopt GPLv3 packages. Anyway, I agreed it is difficult to support python 2 for a super long term. And everyone agreed on this point. So, we cannot support each libraries using python 2, at least. Best regards, Kent Best regards,
|
|
Re: Migration complete - Re: Mailman2 to Groups.io reminder
punit1.agrawal@...
Pavel Machek <pavel@...> writes:
Hi!I wonder if it's possible to turn these off by the admin.The migration is complete.And we have first problem. Also, another thing to test is the impact of the footer on applying patches sent via email (git am / git apply).
|
|
Re: Migration complete - Re: Mailman2 to Groups.io reminder
Pavel Machek <pavel@...>
Hi!
The migration is complete.And we have first problem. They seem to add this kind of trailer to the messages, breaking GPG signatures :-(. (I won't quote full trailer as it seems to contain some secrets?) Pavel -- DENX Software Engineering GmbH, Managing Director: Wolfgang Denk HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
|
|
Re: Python 3.x vs 2.7
Pavel Machek <pavel@...>
On Mon 2020-04-06 12:15:16, Jan Kiszka wrote:
On 03.04.20 23:47, Pavel Machek wrote:Does "tar" match the requirements?Hi!I suppose there is that concern about GPLv3 again (as with broadly used And I agree that best option would be to accept GPLv3. If that's out of question, I'm pretty sure we can get GPLv2 tar implementation somewhere. busybox has implementation, and I'm pretty sure there's GPLv2 fork of busybox. Old version of tar should be GPLv2. Still better than porting duplicity to different python version... Best regards, Pavel -- DENX Software Engineering GmbH, Managing Director: Wolfgang Denk HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
|
|
Migration complete - Re: Mailman2 to Groups.io reminder
Dear CIP Community, The migration is complete. You should receive an email shortly asking you to log in with your email address and set a password. One important note, please do NOT unsubscribe from the "main" list. This would unsubscribe you from all of the CIP lists. "main" is an administrative list used by Groups.io as a parent list to manage the other lists. Please let me know if you have any questions or issues. Lists https://lists.cip-project.org/main
https://lists.cip-project.org/cip-board https://lists.cip-project.org/cip-dev https://lists.cip-project.org/cip-testing-results https://lists.cip-project.org/cip-members https://lists.cip-project.org/cip-security
Email addresses Best regards, Neal Neal Caidin Program Manager, Program Management & Operations The Linux Foundation +1 (919) 238-9104 (w/h) +1 (919) 949-1861 (m)
On Mon, Apr 6, 2020 at 3:34 PM Neal Caidin <ncaidin@...> wrote:
|
|
Re: Python 3.x vs 2.7
Jan Kiszka
On 03.04.20 23:47, Pavel Machek wrote:
Hi!I suppose there is that concern about GPLv3 again (as with broadly used rsync) - which is generally overrated. There exists legal views that already GPLv2 requires to keep such licensed components replaceable on the target. What then effectively remains with v3 is its, well, wording complexity. Jan -- Siemens AG, Corporate Technology, CT RDA IOT SES-DE Corporate Competence Center Embedded Linux
|
|
Re: Python 3.x vs 2.7
punit1.agrawal@...
Hi Kent,
Kento Yoshida <kento.yoshida.wz@...> writes: Thank you for your feedback, Iwamatsu-san.[...]-----Original Message----- From a brief look at the pros / cons between the two choices (below), IActually, option-2 is dominant in the security team as well.As you may know, some of other packages we selected are dependent on python3.x, so we may have the below options:similar problems for the others of python. am also biased towards backporting a python3 based version of duplicity. Suggested next steps further down - * Python2 Pros ---- * No backport (to Buster) needed (least effort, right now) Cons ---- * Has reached EOL in upstream. Not sure about ELTS support. It maybe that if we go with Python2, we (CIP) is on our own. * Python3 Pros ---- * Python3 is available in Debian Buster * Likely to be supported for longer time - upstream and in Debian Cons ---- * Needs backporting duplicity (and dependencies) to Buster via backports to align with upstream first approach of CIP. - From a quick check of dependencies in bullseye a backport of librsync2 might also be needed. Next steps ---------- * Investigate the effort to backport duplicity (and dependencies) to buster-backports. * If no major surprises are found during the investigation, work with Debian upstream to upload the new version. Hope that makes sense. Thanks, Punit However, packages with large dependencies can be difficult to backports. ForAgree. We are not going to select the package which is GPL-3 or has a lot of dependent package, so the duplicity is only one candidate for us substantially.
|
|
Re: Python 3.x vs 2.7
Pavel Machek
Hi!
<duplicity>I'm not sure what your exact requirements are, but have you considered "tar"? It should be possible to pipe its output to aespipe (and possibly other tools) to get encryption, and it should be able to do incremental backups... Best regards, Pavel -- DENX Software Engineering GmbH, Managing Director: Wolfgang Denk HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
|
|