Announcing people.ubuntuwire.com and qa.ubuntuwire.com

Matthew East mdke at ubuntu.com
Tue Nov 13 18:13:13 GMT 2007 

Hi,

On 13/11/2007, Scott James Remnant <scott at ubuntu.com> wrote:
> On Tue, 2007-11-13 at 04:00 -0600, Brandon Holtsclaw wrote:
>
> > > The existing people.u.c could then be moved to people.canonical.com,
> > > which as per the previous thread on this subject is probably a more
> > > coherent place for it;
> >
> > The ONLY problem i see with this is migrating existing things like
> > ~ubuntu-archive to either people.canonical.com or
> > people.ubuntuwire.com, people.ubuntuwire.com dosent support team urls
> > atm ( but i'm sure if that was a deciding factor it could be added )
> >
> Speaking only for myself here, so don't take this as any kind of
> official response, but in the light of the recent compromise of
> community-hosted Ubuntu machines -- this would not seem to be wise idea.

This sounds like a valid point to me.

However, given that the previous compromise was of *community* hosted
servers living outside the *.ubuntu.com domain, this is really an
argument against having the ubuntuwire resources on anything other
than Canonical administered hosting in the first place, rather than an
argument against pointing an *.ubuntu.com domain at them.

The bad publicity came out of the fact that the compromised servers
were running Ubuntu and/or (however loosely) associated with Ubuntu. I
think we have to recognise that if this happens again (e.g. to the
ubuntuwire servers, for whatever reason), the fact that it's hosted on
unofficial servers won't prevent there from being negative publicity.

There is a balance to be sought between the risk of negative
publicity, the importance of the services provided, and the burden on
Canonical in administering such services.

As for the last point, I wonder whether there is any possibility of
establishing a process by which community members (such as the
ubuntuwire team) can take part in Ubuntu system administration tasks
after going through a certain amount of quality assurance in the same
way that they can obtain commit access to the Ubuntu repository. I
have no idea to what extent that would be doable but it strikes me as
an interesting idea, at least in the long term.

> It makes more sense for the existing machine to be opened up to the full
> developer set; as was decided by the Technical Board some time ago.

That would certainly address what seems to be the biggest issue.

But the ubuntuwire community seems to be providing other services too:

 * shell access for developers
 * mailing lists
 * qa
 * a search engine
 * revu

The same balancing exercise should probably carried out for them too.

-- 
Matthew East
http://www.mdke.org
gnupg pub 1024D/0E6B06FF

More information about the ubuntu-devel mailing list