Again this time of the year where we had the pleasure of doing the Essen Hackathon in a nice weather condition (sunny, not too hot, no rain). A lot of people here, about 20. Not only FreeBSD committers showed up, but also contributors (biggest group was 3 people who work on iocage/libiocage, and some individuals with interest in various topics like e.g. SCTP / network protocols, and other topics I unfortunately forgot).
The topics of interest this year:
- workflows / processes
- jail- / container management (pkgbase, iocage, docker)
- bug squashing
- CA trust store for the base system
I was first working with Allan on moving forward with a CA trust store for the base system (target: make fetch work out of the box for TLS connections – currently you will get an error that the certificate can not validated, if you do not have the ca_nss_root port (or any other source of trust) installed and a symlink in base to the PEM file). We have investigated how base-openssl, ports-openssl and libressl are setup (ports-openssl is the odd one in the list, it looks in LOCALBASE/openssl for his default trust store, while we would have expected it would have a look in LOCALBASE/etc/ssl). As no ports-based ssl lib is looking into /etc/ssl, we were safe to do whatever we want in base without breaking the behavior of ports which depend upon the ports-based ssl libs. With that the current design is to import a set of CAs into SVN – one cert file per CA – and a way to update them (for the security officer and for users), blacklist CAs, and have base-system and local CAs merged into the base-config. The expectation is that Allan will be able to present at least a prototype at EuroBDCon.
I also had a look with the iocage/libiocage developers at some issues I have with iocage. The nice thing is, the current version of libiocage already solves the issue I see (I just have to change my processes a little bit). Some more cleanup is needed on their side until they are ready for a port of libiocage. I am looking forward to this.
Additionally I got some time to look at the list of PRs with patches I wanted to look at. Out of the 17 PRs I toke note of, I have closed 4 (one because it was overcome by events). One is in progress (committed to ‑current, but I want to MFC that). One additional one (from the iocage guys) I forwarded to jamie@ for review. I also noticed that Kristof fixed some bugs too.
On the social side we had discussions during BBQ, pizza/pasta/…, and a restaurant visit. As always Kristof was telling some funny stories (or at least telling stories in a funny way… 😉 ). This off course triggered some other funny stories from other people. All in all my bottom line of this years Essen Hackathon is (as for the other 2 I visited): fun, sun and progress for FreeBSD.
By bringing cake every time I went there, it seems that I created a tradition of this. So anyone should already plan to register for the next one – if nothing bad happens, I will bring cake again.