| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 30 Sep 2022 10:47:29 +0200
From: Thorsten Leemhuis <linux@...mhuis.info>
To: Konstantin Ryabitsev <konstantin@...uxfoundation.org>,
"Artem S. Tashkinov" <aros@....com>
Cc: workflows@...r.kernel.org, LKML <linux-kernel@...r.kernel.org>,
Greg KH <gregkh@...uxfoundation.org>,
Linus Torvalds <torvalds@...ux-foundation.org>,
"regressions@...ts.linux.dev" <regressions@...ts.linux.dev>,
ksummit@...ts.linux.dev
Subject: Re: Planned changes for bugzilla.kernel.org to reduce the "Bugzilla
blues"
On 29.09.22 15:04, Konstantin Ryabitsev wrote:
> On Thu, Sep 29, 2022 at 12:22:35PM +0000, Artem S. Tashkinov wrote:
> [...]
> We do have ability to fund development efforts -- LF has been the primary
> sponsor behind public-inbox.org over the past 3 years. However, there must be
> a clear, strong, and well-articulated mandate from the community. From what I
> heard, the vast majority of maintainers simply want a web form that would
> allow someone to:
>
> 1. clearly state what kernel version they are using
> 2. clearly describe what they were trying to do
> 3. explain what they expected vs. what they got
> 4. attach any files
> 5. give this bug report a unique identifier
Sometimes there are days where I think "let's go down the 'do everything
by mail' rabbit hole some more and couple a pastebin and a somewhat
improved regzbot with an app (usable both locally and on the web) that
helps users preparing a report they can then send with their usual
mailer". And then there are days "ohh, no, that might be a totally
stupid thing to do". :-/
> Then a designated person would look through the bug report and either:
>
> a. quick-close it (with the usual "talk to your distro" or "don't use a
> tainted kernel" etc)
I think having some app would be good here, as it could help gathering
everything and catch problems early, to prevent users from spending a
lot of time on preparing a report that will be ignored.
> b. identify the responsible maintainers and notify them
>
> The hard part is not technical -- the hard part is that "designated person."
+1
> Being a bugmaster is a thankless job that leads to burnout, regardless of how
> well you are paid. Everyone is constantly irate at you from both ends [...]
Tell me about it. Nevertheless I sometimes wonder if I should give it a
try once I got all this regression tracking thing established somewhat
more, as in the end there I'm kind of a bugmaster for regressions already...
> Before we try to fix/replace bugzilla,
Just to be sure: I assume you meant "replacing bugzilla or fixing it for
real" here, and not my band-aid efforts outlined at the start of this
thread? Or do you have a problem with what I proposed to at least make
things less bad for now?
> we really need to figure out the entire
> process and pinpoint who is going to be the one in charge of bug reports. If
> you think that LF should establish a fund for a position like that, then you
> should probably approach LF fellows (Greg KH, Shuah Khan), who can then talk
> to LF management. The IT team will be happy to support you with the tooling,
> but tooling should come second to that -- otherwise we'll just be replacing an
> old and rusty dumpster on fire with a new and shiny dumpster on fire.
+1
Ciao, Thorsten
Powered by blists - more mailing lists