Talk:SAC Meeting 2018-02-15
Jump to navigation
Jump to search
Transcript
20:01:09 robe2: Regina here 20:01:20 robe2: jmckenna are you here? 20:01:21 * wildintellect here, too windy for field work 20:01:40 robe2: strk are you awake? 20:02:08 jmckenna: here here :) 20:02:15 robe2: strk appears to be asleep as usual 20:02:56 robe2: cvvergara want to do the mod - think we have enough folks to start 20:03:08 cvvergara: hi, 20:03:18 robe2: https://wiki.osgeo.org/wiki/SAC_Meeting_2018-02-15 20:03:20 sigabrt: Title: SAC Meeting 2018-02-15 - OSGeo (at wiki.osgeo.org) 20:03:23 cvvergara: modulos? 20:03:39 robe2: hah moderator :) 20:03:53 cvvergara: ah, right, mi mind is elsewhere ... 20:04:13 cvvergara: can I pass this week please 20:04:28 robe2: cvvergara sure 20:04:28 cvvergara: I am in the middle of a fight vs a query 20:04:37 cvvergara: query is winning :( 20:04:42 robe2: yah those do leave your mind loopy for a bit 20:04:58 TemptorSent: cvvergara -- pm me the query if you'd like another set of eyeballs. 20:05:34 robe2: okay first on agenda is status of SSLs 20:05:55 robe2: Was hoping someone from foss4g2018 would be here. Does anyone know where we left off with that? 20:06:53 robe2: next topic new website plans to move to osuosl hosting 20:06:56 wildintellect: I thought there was a plan 20:07:03 wildintellect: for the SSL for foss4g 20:07:34 robe2: wildintellect yah I thought so too that we would move it to webextra and put in ssl. But not sure who to talk to about this 20:07:58 wildintellect: anyone have the ticket number? 20:08:15 TemptorSent: Sorry, I don't have the bot up right now :( 20:08:24 robe2: I might have been the one who offered to talk to Tim of QGIS fame as I think he's hosting bits of it on his company server 20:09:00 wildintellect: https://trac.osgeo.org/osgeo/ticket/2008 20:09:01 sigabrt: Title: #2008 (FOSS4G 2018 Registration Page SSL) – OSGeo (at trac.osgeo.org) 20:09:50 robe2: wildintellect gosh you beat me to it 20:09:55 jmckenna: yikes, 4 months ago 20:10:16 wildintellect: there must be a more in depth email thread 20:10:29 wildintellect: I recall some confusion over who was hosting what/where 20:10:45 robe2: wildintellect no was discussed on irc so in irc logs 20:10:48 robe2: hold on a bit 20:10:50 wildintellect: but yes webextra is the place 20:11:10 wildintellect: if you are doing and don't have the sudo you need, let us know and we'll fix that 20:11:58 robe2: http://irclogs.geoapt.com/osgeo-sac/%23osgeo-sac.2018-01-04.log 20:11:59 sigabrt: Title: IRC Log (at irclogs.geoapt.com) 20:12:08 robe2: starting around 20:10 I'll update the ticket with that 20:13:57 wildintellect: did we have a clear volunteer to do the setup 20:14:06 robe2: wildintellect I updated the ticket with bits from the irc correspondence 20:14:29 robe2: wildintellect not really I think that's where we kinda left off 20:15:15 wildintellect: ok well that's what we need then, if no one here is up for it, we need to check with the members not here or ask martin to do it since it's time sensitive 20:15:19 robe2: okay maybe I put too much of the transcript in ticket :) 20:15:56 jmckenna: can that ticket be covered through the current sys admin OSGeo contract? 20:16:14 wildintellect: that was my comment about Martin 20:16:21 jmckenna: (i forget who that is...but at least we can use that time) 20:16:36 jmckenna: ok 20:17:07 robe2_: sorry lost my connection 20:17:38 wildintellect: ok, if no one else wants it today, then we'll ask Martin to take care of it on the contract 20:17:56 TemptorSent: It would be good to clarify exactly what is needed, but are they talking about taking actual payment on the server? 20:17:58 robe2_: sounds good to me. I'll change ticket to assign to Martin 20:18:15 wildintellect: the wiki page for the meeting pretty much says everything 20:18:28 TemptorSent: Hold up a sec: Currently, we are using 2018.foss4g.or.tz as the page, but would prefer to host our payment clearing page on OGGeo's servers. 20:18:31 robe2_: TemptorSent no - it's my understanding the payment page they have is just a javascript thingy hosted that sends to some payment gateway 20:18:35 robe2_: I could be mistaken though 20:18:37 TemptorSent: payment clearing page? 20:18:56 wildintellect: that is correct, it's a simple form that then sends people to the actual payment site 20:18:56 robe2_: So I think it's just a matter of mving the sites, having payment as a subfolder of main and all under https with letsencrypt 20:19:13 TemptorSent: Let's make VERY sure that no personal info is going to traverse the server, especially not financial. 20:19:38 wildintellect: yes they are using 3rd party service for that 20:19:39 robe2_: Anyrate we need Loc team involved. 20:19:49 wildintellect: which should be Tim 20:20:14 robe2_: As I recall the website is currently under github, but the payment is hosted under some other place not under any source control 20:21:01 TemptorSent: I'm going to click through, so if this actually generates a request, please remove, as I can't make it :) 20:21:34 wildintellect: that topic done? 20:22:15 robe2_: wildintellect - yap -- assigned to martin and told him to talk with Tim Sutton 20:22:29 TemptorSent: Hmm, I don't like how that works from a security standpoint -- the payment page is loaded into a subframe of the javascript, which is begging for abuse. 20:22:51 TemptorSent: Looks beautiful though :) 20:22:54 robe2_: I don't have Tim's email handy but he can probably look it up probably splashed all over qgis mailing list 20:23:52 robe2_: Next topic new website 20:24:11 jmckenna: tim at kartoza dot com 20:24:13 robe2_: I have staging.www.osgeo.org moved to web18a.osuosl.org -- jive[m] not here I guess 20:24:37 robe2_: My plan is to move the main site there as well come March 1st after I do some preliminary testing to ensure mail works etc. 20:25:08 robe2_: jmckenna can you add that infor to the ticket - https://trac.osgeo.org/osgeo/ticket/2008#comment:5 20:25:09 sigabrt: Title: #2008 (FOSS4G 2018 Registration Page SSL) – OSGeo (at trac.osgeo.org) 20:25:13 wildintellect: Can you handle ticket https://trac.osgeo.org/osgeo/ticket/2093 and install the munin client on the machine 20:25:14 sigabrt: Title: #2093 (Add munin to Staging machine) – OSGeo (at trac.osgeo.org) 20:25:17 TemptorSent: What services does that entail and what are the relative software versions on the old and new respectively? 20:25:39 robe2_: TemptorSent you talking about the www.osgeo.org website? 20:25:52 robe2_: or we still talking about FOSS4G 2018? 20:25:58 TemptorSent: Yes, + mail and whatever else is to be moved. 20:26:06 TemptorSent: Sorry, www.osgeo.org 20:26:18 wildintellect: TemptorSent, it's only the main wordpress site 20:26:27 wildintellect: and it's staging version 20:26:28 robe2_: okay current one is running PHP5, MYSQL 5.something I forget, sendmail, Apache 2.4 20:26:44 TemptorSent: RE: FOSS4G site, my concern is the payment inside an iframe. 20:26:56 robe2_: new one web18a.osuosl.org is running PHP 7, MariaDb 10.1, sendmail 20:27:00 wildintellect: TemptorSent, please note that in the ticket 20:27:10 robe2_: forgot the other odds and ends of LDAP and some other php plugins 20:27:47 robe2_: So anyway I have new server all ready to go except for restore of latest osgeo.org backup and dns repoint 20:28:07 wildintellect: is backup configured in bacula? 20:28:10 robe2_: all wordpress plugins have been confirmed to work on php7 20:28:28 wildintellect: oh right we still need to buy that one plugin right? 20:28:37 robe2_: wildintellect for new server no -- that is something I was going to have martin do since I don't know how all that works 20:28:42 wildintellect: https://trac.osgeo.org/osgeo/ticket/2073 20:28:43 sigabrt: Title: #2073 (Purchase License key for ACF Fields PRO) – OSGeo (at trac.osgeo.org) 20:28:52 wildintellect: robe2_, can you put in a ticket for that 20:29:26 robe2_: wildintellect sure -- actually I got to check if I even have a ticket for the staging move -- might need to put that in as well even though it's done 20:29:32 TemptorSent: Okay, already at apache 2.4, that eliminates one problem :) 20:29:48 TemptorSent: concern noted. 20:29:59 wildintellect: TemptorSent, this is a new VM with Debian 9 20:31:07 TemptorSent: Okay, just looking out for config changes over versions, such as the apache 2.2 -> 2.4 security defaults gotcha :) 20:31:38 wildintellect: it's being moved from another Debian 9 box 20:31:53 wildintellect: so we can stop paying for 3rd party VM hosting 20:32:37 TemptorSent: Please verify that the db export/import to mariadb10 yields the same dump as the existing -- subtle changes often cause silent breakage I've found. 20:33:12 TemptorSent: ...usually as the result of someone previously working around a bug, with the bug fixed in the new version. 20:34:16 wildintellect: robe2_, is there anything you need to help with this task, it sounds like you have it handled 20:34:20 TemptorSent: PHP5->PHP7 may have significant issues in some cases, but that's not really my bailiwick these days -- double check the php security and memory settings. 20:35:04 wildintellect: we've already tested that 20:35:17 TemptorSent: Ahh, okay - excellent :) 20:35:35 wildintellect: though if you'd like to check the security and mem settings that would be good, I assume we have stock Debian 9 20:35:57 robe2_: yah sorry about not mentioning moving from Debian 8 to Debian 9 20:35:58 wildintellect: if you mean in the wordpress code, for our site we can point you to the site repo 20:36:19 robe2_: everything was much easier to setup than was on the Debian8 box cause didn't have to add in any extra repos :) 20:36:35 robe2_: the site repo is currently a mess 20:36:41 wildintellect: robe2_, I just fixed my key and verified I can sudo on the new server 20:37:21 robe2_: I'm debating if I should just start a new one (repo) as I question really keeping all the plugin stuff in repo that we always pull latest of 20:37:37 robe2_: wildintellect -- if you have martin's key handy maybe you can add him to the box 20:37:53 wildintellect: did you add his account? 20:38:10 robe2_: wildintellect no 20:38:16 TemptorSent: As long as php isn't suddenly allowed to use a huge amount of memory or enable dangerous options, it should be fine -- just one of the things that might be an issue because of changed semantics between major versions. 20:38:29 robe2_: but even if I did wouldn't do any good without the ssh since the box doesn't allow text login 20:38:43 robe2_: and as we discussed we should probably keep it that way 20:38:49 wildintellect: I know where to find his key, he's in the root authorized keys of all the servers 20:39:03 TemptorSent: No machine should allow password login in this day and age. 20:39:19 robe2_: TemptorSent can't agree with you more :) 20:39:25 robe2_: one of the things on our list to change 20:39:41 wildintellect: yup at the bottom of the agenda today 20:40:02 TemptorSent: :) 20:40:15 robe2_: wildintellect you know off hand how much we are paid up on cloudvps 20:40:26 wildintellect: I think we pay monthly 20:40:43 robe2_: was trying to figure out suitable shut-off time. I was thinking around april 1st to give us a month to make sure we didn't miss anything 20:40:45 wildintellect: not sure on start date 20:40:53 wildintellect: sure that's fine with me 20:41:00 wildintellect: it's only 35 euros 20:41:39 robe2_: okay so doesn't matter too much 20:41:50 wildintellect: 1 or 2 months, no not really 20:42:16 robe2_: next topic what Martin has been up to 20:42:27 wildintellect: ah refer to his email 20:42:35 robe2_: All I know is he plans to upgrade OS on Trac and some others -- know when he's doing that? 20:42:37 wildintellect: sounds like he's going to do the OS upgrade on Trac/SVN 20:42:43 wildintellect: yes he had the time in there 20:43:12 robe2_: okay next topic our new server 20:43:23 * wildintellect goes to find the actual time 20:43:50 robe2_: I haven't looked at what TemptorSent put in but I'm not much of an authority on hardware - so anything you guys agree on is fine with me 20:44:19 * robe2_ so hard to have a 30 minute meeting these days 20:44:55 robe2_: wildintellect did TemptorSent suggest somethng like $7000? 20:45:31 wildintellect: once we added the suggested features, yes the price went from $5500 to $7000, though I prefer the $6500 option 20:45:39 robe2_: If its a choice of having hardware that lasts say 3 years instead of 2 sounds like a good deal to me to spend another $1000 20:45:46 TemptorSent: The range we're looking at is $6400 - $7000 approximately. 20:45:48 robe2_: I'm sure we can get the board to approve :) 20:45:52 wildintellect: oh we are getting a 5 year warranty 20:46:05 wildintellect: note drive warranties are separate 20:46:06 robe2_: yah but I'm thinking realistically 20:46:11 jmckenna: :) 20:46:21 robe2_: like who cares about a 5 year warrant on a 286 computer :) 20:46:22 wildintellect: robe2_, we don't need board approval, we have the budget 20:46:30 TemptorSent: Life expectancy should be 4-5 years of useful primary service, and several more of secondary service when the next round of hardware is purchased. 20:46:39 wildintellect: we tend to keep our machines for 8 years 20:46:52 wildintellect: that's how old osgeo3/4 are 20:47:03 robe2_: see we don't want it to be total dog shit in 5 years :) 20:47:25 jmckenna: budget (20k total): https://wiki.osgeo.org/wiki/OSGeo_Budget_2018 20:47:25 wildintellect: those were expensive (10,000) to begin with 20:47:26 sigabrt: Title: OSGeo Budget 2018 - OSGeo (at wiki.osgeo.org) 20:47:35 jmckenna: (happy face ha) 20:47:36 robe2_: by that I mean even though the hardware may be good, it's too slow for current needs 20:47:47 wildintellect: we only need board if we need more that 20,000 this year 20:47:52 jmckenna: should be ok if we need more, can push at board for that if you need me to 20:47:53 TemptorSent: The load on the machines isn't likely to grow too much in relative terms. 20:47:59 jmckenna: right 20:48:07 jmckenna: wildintellect is right 20:48:10 TemptorSent: Right now, CPU appears to be a non-issue. 20:48:21 robe2_: TemptorSent hah that assumes we don't dream :) 20:48:29 wildintellect: ya CPU is a non issue but no way to reduce them 20:48:56 wildintellect: well the min config is 16 cores before hyperthreading 20:49:28 TemptorSent: So even with say an order of magnitude increase in traffic, it won't be CPU bound. 20:50:03 robe2_: So how much does more memory add? 20:50:10 TemptorSent: Currently, most of the latency appears to be write load. 20:50:25 TemptorSent: That quote is configured with 128GB 20:50:45 wildintellect: right $7000 is all the whistles and bells 20:50:50 TemptorSent: So memory usage should also not be an issue. 20:51:00 robe2_: okay +1 for the $7000 20:51:22 TemptorSent: With the Optane card on the PCIe bus, latency is essentially zero for anything cached on it. 20:51:28 wildintellect: TemptorSent, can you better explain how we configure the Optane card? 20:51:33 TemptorSent: (microseconds) 20:51:43 wildintellect: is that bios configured? 20:51:56 jmckenna: +1 for the $7000 20:51:59 TemptorSent: It's essentially a SSD-like storage device that runs at near dram speeds. 20:52:11 wildintellect: so we configure it in the OS? 20:52:21 TemptorSent: It shows up as a standard NVMe storage device. 20:52:46 wildintellect: I just want to know where we configure it, and what tool/software is needed to manage the caching 20:52:49 TemptorSent: Yep, the OS can use it however we want, unlike the cache-only solution they sell at th low end. 20:53:33 wildintellect: eg: varnish for web caching, or something else for general OS level disk pre-caching 20:53:54 TemptorSent: The filesystem handles the caching, and we can also copy very high read-frequency data to it and serve off of that for blazing performance. 20:54:17 TemptorSent: We can do both at the same time given the size device we're getting. 20:54:40 wildintellect: yes, but please list the software, or tools required to manage the configuration 20:55:03 TemptorSent: ZFS would like 32-64 GB (or more :)) for L2ARC 20:55:07 wildintellect: since I assume we are not dropping specific files on it 20:55:33 robe2_: TemporSent -- feel free to put notes in the meeting or mailing list 20:55:52 TemptorSent: Not specific files, but directory trees or caches. 20:56:00 robe2_: next topic - TemptorSent want to officially join the SAC family :) 20:56:11 TemptorSent: Do I have a choice? :P 20:56:31 jmckenna: :D 20:56:34 robe2_: TemptorSent yes -- you can say you guys suck I want nothing to do with you :) 20:56:40 TemptorSent: me looks over his shoulder for the press gang. 20:57:15 jmckenna: i spoke with dbb (Brian) the other day on the phone and he praised skills of TemptorSent 20:57:16 TemptorSent: Hmm, in that case... I guess I don't have much choice if I don't want to get tarred and feathered :) 20:57:18 robe2_: If you reject us we'll all run away crying 20:57:49 robe2_: okay so I'll make a motion on the list 20:57:51 TemptorSent: I accept, I can't stand tears. 20:58:15 robe2_: you have to accept on list :) actually maybe not I think our rules are lossey goosey at the moment. 20:58:33 wildintellect: well yes vote will be on list 20:59:09 wildintellect: but no doesn't need to affirm on list 21:00:01 strk[m]: Sorry I missed the meeting 21:00:15 wildintellect: lucky for you it's not quite over 21:00:16 TemptorSent: Hi strk[m] -- you're late, but you didn't miss it yet. 21:00:43 robe2_: okay motioned 21:00:55 robe2_: on list - now waiting for all those sleepers to vote :) 21:01:09 strk[m]: Was it not obe hour ago? 21:01:17 robe2_: strk I listed you as attending but asleep :) 21:01:25 wildintellect: strk, yes but we haven't finished 21:01:44 TemptorSent: robe2_ - BTW, I did fill in some of the details on provisioning on the meeting wiki already, but it should go somewhere more permanent if we're going with that configuration. 21:01:55 robe2_: strk well we started an hour ago, but our objective of having a 30 minute meeting seems to have gone south 21:02:45 wildintellect: if we can end soon we'll still be making progress towards that 21:03:04 TemptorSent: Storage pool will be 16TB, dual redundancy, max fill of about 10TB. 21:03:17 strk[m]: Vicky missing? 21:03:21 robe2_: next topic https -- looks like high need is with downloads (aside from foss4g2018 which we already discussed) 21:03:29 robe2_: Vicky is fighting queries 21:03:36 robe2_: the queries are winning 21:03:39 wildintellect: should be easy to add to Downloads 21:04:07 robe2_: I could do that I think though not sure if I have sudo on downloads 21:04:18 cvvergara: yeah, 2, 0 queries ahead 21:05:01 robe2_: shoudl we just do lets encrypt for that? 21:05:04 wildintellect: yes 21:05:23 robe2_: okay I'll put myself on the todo for that and scream if I don't have sudo 21:05:31 wildintellect: I'll give you sudo soon as I figure out how 21:05:43 wildintellect: I suppose it's just adding you to sudo group 21:05:47 TemptorSent: Is LetsEncrypt setup to automatically renew and update the records? 21:06:03 wildintellect: should be, we should be using certbot 21:06:15 wildintellect: though strk should know 21:06:19 strk[m]: addgroup sudo robe 21:06:27 robe2_: TemptorSent yes I have it set on new server and old osgeo.org 21:06:31 TemptorSent: Probably want to verify that it's actually autorenewing :) 21:06:43 TemptorSent: Okay - cool. 21:06:58 strk[m]: Check crontab, shoukd be there 21:07:09 robe2_: I mean old www.osgeo.org . Not sure if we are using letsencrypt on any other osuosl servers 21:07:33 wildintellect: robe2_, you have sudo on downloads now 21:07:41 TemptorSent: ...probably should have it setup for all domains. 21:07:52 robe2_: actually I misspoke I think I might not have turned it on on new server. Will do. But definitely a cronjob on current www.osgeo.org 21:07:54 strk[m]: Osgeo6 has it for drone.osgeo.org 21:07:54 wildintellect: TemptorSent, we used to use a cert we bought 21:08:55 TemptorSent: Understood, the LE cert can always be relegated to second-class if a higher-grade one is used. 21:10:48 robe2_: next ssh keys for LDAP 21:11:12 robe2_: guess we need to discuss how that would go. Do we need to upgrade LDAP server? or is it turning a switch? 21:11:17 strk[m]: Nobody knows LDAP 21:11:22 wildintellect: Martin does 21:11:27 wildintellect: mostly 21:11:29 strk[m]: Hobu did 21:11:35 wildintellect: true 21:11:36 strk[m]: Martin learnt some 21:11:47 wildintellect: I think we need to research this 21:11:55 robe2_: well any rate it's learnable that's the important thing :) 21:11:59 TemptorSent: LDAP is not difficult. 21:12:20 TemptorSent: It just seems arcane because of the short symbol names 21:12:22 strk[m]: If anyone.wants to learn is very welcome 21:12:27 robe2_: So first figure out if we are talking about a monumental change or just a config change 21:12:46 TemptorSent: To add SSH keys to ldap? Just add the property 21:13:02 wildintellect: https://serverfault.com/questions/653792/ssh-key-authentication-using-ldap#653793 21:13:03 strk[m]: There's a 'ldap' keyword I've been using on trac 21:13:03 sigabrt: Title: SSH key authentication using LDAP - Server Fault (at serverfault.com) 21:13:26 TemptorSent: That's not the same as authenticating against ssh keys TO ldap, but that's not the problem. 21:13:27 strk: we may want to use a component instead 21:13:33 strk: anyway, those tickets request a few enhancements 21:13:38 strk: one is "expire date" 21:13:51 wildintellect: course, we also need to figure out how someone uploads their key to begin with 21:13:51 strk: so we can do proper "blocking" (rather than deletion) of users 21:14:15 strk: I've learnt they are called "overlais" 21:14:16 robe2_: maybe someone just update the ticket with ideas about moving forward with it - https://trac.osgeo.org/osgeo/ticket/2116 21:14:17 sigabrt: Title: #2116 (Add support for registering public user SSH keys in LDAP) – OSGeo (at trac.osgeo.org) 21:14:19 strk: (components, additional properties, or whatever) 21:14:26 strk: overlays 21:14:43 strk: whoever wants to learn and play with LDAP server please check out the list of tickets 21:15:07 strk: someone could start form simple things, like adding "givenName" to the user create and edit forms 21:15:25 robe2_: oh yah that little thing 21:15:35 robe2_: that requires more python though 21:15:40 wildintellect: I can't seem to find where Martin said he'd be doing the Trac dist upgrade - anyone able to find that 21:15:48 robe2_: I'm afraid of any language sensitive to indenting 21:15:53 strk: is in the SSL ticket wildintellect 21:16:04 TemptorSent: I guess I'll look at it next week -- python isn't my first language, but I can muddle through. 21:16:05 strk: filter to get Blocker or Critical tickets and you shall find it 21:16:29 strk: https://trac.osgeo.org/osgeo/query?status=!closed&keywords=~ldap 21:16:30 sigabrt: Title: Custom Query – OSGeo (at trac.osgeo.org) 21:16:38 robe2_: next topic GeoForALL jmckenna 21:16:49 wildintellect: ah ok Trac/SVN upgrade on Friday (2018-02-16) 21:16:55 strk: "password policy" and "last bind" was my requests from first sysadmin run 21:16:56 wildintellect: someone want to warn users? 21:17:02 strk: "last bind" is to spot dormient spam users 21:17:27 jmckenna: re: geoforall I've contacted Suchith and asked for their developer Jason to join the ticket. (https://trac.osgeo.org/osgeo/ticket/2061) 21:17:28 sigabrt: Title: #2061 (Migrate GeoForAll DNS) – OSGeo (at trac.osgeo.org) 21:18:06 jmckenna: Suchith did respond, but i may need to nudge Jason/Suchith again to get action 21:18:21 jmckenna: i really feel we need input from Jason 21:18:40 TemptorSent: strk - is the ldap scripting in git? 21:18:45 wildintellect: right we can't do the move withouth Jason initiating 21:19:08 jmckenna: agreed 21:19:09 strk: TemptorSent: https://git.osgeo.org/gitea/sac/web-cgi-bin 21:19:19 TemptorSent: ty 21:19:32 strk: to be migrated in their own repository, specific to id.osgeo.org (recently created) 21:19:49 TemptorSent: not showing. 21:19:50 strk: I suspect nowadays full featured web UIs exist 21:19:56 strk: you need to login and be granted access 21:20:29 TemptorSent: Logged in, but probably no perms on that particular repo 21:20:36 strk: I've just added, please reload 21:21:13 jmckenna: robe2_: that is my update 21:21:23 wildintellect: jmckenna, thanks 21:21:38 jmckenna: np will keep nudging 21:21:48 TemptorSent: got it strk, thanks. 21:21:52 strk: TemptorSent: if we find an opensource LDAP management software it may be much better than maintaining these custom made unsecure scripte 21:22:22 wildintellect: robe2_, official end of meeting? into after party? 21:22:23 TemptorSent: Yeah -- I'll do a little looking around. 21:22:38 jmckenna: after party, ha! 21:22:45 markusN: just reached here for the party 21:22:50 jmckenna: :D 21:22:55 jmckenna: welcome markus :) 21:22:58 strk: the wiki used to mention a management console, but I never saw it (maybe it used to exist) 21:23:02 robe2_: yes official end