# Devuan meet 2020-09-10 @20:30 UTC
Present: golinux, fsmithred, rrq, bgstack15, LeePen, RickMoen, plasma41,
mason, Adam, Beer
## Old Business
* wiki exploration
* Two contenders that seem reasonable:
* TikiWiki
* Very active cvedetails page:
https://www.cvedetails.com/vulnerability-list.php?vendor_id=12391&product_id=23390
which is enough of a worry to put me right off the idea.
* PMWiki
* Better record than TWiki even:
https://www.cvedetails.com/vulnerability-list.php?vendor_id=3519&product_id=0
* Both are PHP, but otherwise more or less offer the right features.
I'll be happy to try additional packages, but for now I'm going to
do an internal spin of PMWiki and see how it looks. If decent,
I'll put it up on wiki.devuan.org with install notes.
* (from rrq) page layout per user / per page?
### fsmithred
* (Done) I need to build refractainstaller for
beowulf-proposed-updates. I made the branch, but I don't have a
label. How to make one? Or just move the packages? DONE
## Old Actions
## New Business
### LeePen
* amprolla (with Evilham):
* Merge of Translation files (which provide apt long package
descriptions) now enabled on pkgmaster.d.o and should have
propagated to all mirrors.
* packages.d.o needs decommisioning
* Updated ceres packages: openvpn, pdns-recursor
### mason
* Bug found with unbound:
* https://github.com/NLnetLabs/unbound/issues/303
* no update as yet
* I spun some test packages that elide the #ifdef HAVE_CHOWN block and
they work. Hopefully upstream will tell us if there is any
legitimate use case for chowning a pidfile to the user as which the
service runs. (Beer) Are `cfg_uid` & `cfg_gid` used to drop
privileges of the unbound processes after startup? If so, a quick PR
could be submitted to upstream, basically merely stripping that
`chown` part.
* update - beer submitted pull request
https://github.com/NLnetLabs/unbound/pull/306
### rrq
* would be useful with a git store bot that reviews accounts to prompt
those that are empty and haven't used their account since yonks to
re-register, and then weed out those that don't. The same kind of bot
could well be applied to the forum as well, though perhaps with a
different timeline.
* (gl) On git high percentage of registrations are confirmed but the
user never signs in. On the forum there are over 400 users with no
posts including nextime, Lydia-K, lkcl and d1g-voyager. I am less
inclined to start nuking those. Perhaps compare the registration
date with the last visited date to help make the decision? Although
some may be visiting but not logging in too. Harder to sort forum
than git users. How about adding a "rule" that users must sign in
once a year to keep account active?
### golinux
* Would like to limit the size of signatures on DNG. Emailed jaromil
about this but no response. Rick Moen . . . maybe there is a way to
set this in the web admin panel? I'll poke around in a bit to see if
I can find it.
* (mason) tough to do programmatically - people have to honor
etiquette to be able to reliably identify signatures, and if they're
honoring the etiquette they *probably* aren't problem cases
## New Actions
### bgstack15
* Look into how the apt Release file requirements affect the
installer-iso project.
::
[devuan-dev] Meeting notes 2020-09-…
