Again this time of the year where we had the pleasure of doing the Essen Hackathon in a nice weather condition (sunny, not too hot, no rain). A lot of people here, about 20. Not only FreeBSD committers showed up, but also contributors (biggest group was 3 people who work on iocage/libiocage, and some individuals with interest in various topics like e.g. SCTP / network protocols, and other topics I unfortunately forgot).
The topics of interest this year:
- workflows / processes
- jail‐ / container management (pkgbase, iocage, docker)
- bug squashing
- CA trust store for the base system
I was first working with Allan on moving forward with a CA trust store for the base system (target: make fetch work out of the box for TLS connections – currently you will get an error that the certificate can not validated, if you do not have the ca_nss_root port (or any other source of trust) installed and a symlink in base to the PEM file). We have investigated how base‐openssl, ports-openssl and libressl are setup (ports‐openssl is the odd one in the list, it looks in LOCALBASE/openssl for his default trust store, while we would have expected it would have a look in LOCALBASE/etc/ssl). As no ports‐based ssl lib is looking into /etc/ssl, we were safe to do whatever we want in base without breaking the behavior of ports which depend upon the ports‐based ssl libs. With that the current design is to import a set of CAs into SVN – one cert file per CA – and a way to update them (for the security officer and for users), blacklist CAs, and have base‐system and local CAs merged into the base‐config. The expectation is that Allan will be able to present at least a prototype at EuroBDCon.
I also had a look with the iocage/libiocage developers at some issues I have with iocage. The nice thing is, the current version of libiocage already solves the issue I see (I just have to change my processes a little bit). Some more cleanup is needed on their side until they are ready for a port of libiocage. I am looking forward to this.
Additionally I got some time to look at the list of PRs with patches I wanted to look at. Out of the 17 PRs I toke note of, I have closed 4 (one because it was overcome by events). One is in progress (committed to -current, but I want to MFC that). One additional one (from the iocage guys) I forwarded to jamie@ for review. I also noticed that Kristof fixed some bugs too.
On the social side we had discussions during BBQ, pizza/pasta/…, and a restaurant visit. As always Kristof was telling some funny stories (or at least telling stories in a funny way… 😉 ). This off course triggered some other funny stories from other people. All in all my bottom line of this years Essen Hackathon is (as for the other 2 I visited): fun, sun and progress for FreeBSD.
By bringing cake every time I went there, it seems that I created a tradition of this. So anyone should already plan to register for the next one – if nothing bad happens, I will bring cake again.