Present: akit - Angel Kittiyachavalit *alanw - Alan Wong *geo - George Wu *gfs - Gregory Shuflin (Site Manager) *gordeon - Gordon Mei (General Manager and chair) *griffin - Griffin Foster *jchu - Jonathan Chu jedimike - Michael Newton *kevintra - Kevin Tran kwinterl - Karl Winterling sahnn - Sue Ahnn *sle - Stephen Le *sluo - Steven Luo Quorum met Taking minutes: sluo Start time - 7:14 PM [gfs leaves to get food] jedimike Appeal to BoD jedimike: Represents the Shuar Health Group, funded by Blum Center work for safe water and sanitation in Ecuador he handles media and communications they need a better way to manage files than random USB keys they need more than 400 MB, want 10-20 GB of space for storage would like something that works like WebFiles see mail sent to staff for details akit: Is this a program that you do during two months in the summer? jedimike: yes griffin: I don't see any problems with doing this sluo: technical challenges formidable would be difficult to do with shared hosting maybe they can provide a box [colocation]? jedimike: what's that? akit/griffin explain colocation griffin: no idea what software would be needed or useful sluo: do they need a web interface? jedimike: no, just need some way to access files sluo: ok, just set up a simple multiuser file server griffin: is client software an issue? jedimike: no, PuTTY or an FTP client can work anywhere jedimike: is OCF required to do philanthropy? sluo: no, we're a service already kwinterl: something about hazing akit: are you still taking applications for volunteers? jedimike: yes jedimike: so ... what do I need to do? sluo: uh, don't know if we need a BoD decision griffin: either (1) offer them a chunk of space or (2) colocate kwinterl: would groupware software be useful or usable? sluo: that's a possibility in colocation griffin: make everyone in group get OCF account merge their storage somehow? alanw: how would you get everyone an account? discussion about sharing one group account general conclusion that it wouldn't work jedimike: I have concerns about what less savvy people would do in a one-account setting griffin: ask ASUC IT to get you a box kwinterl: talk to an ASUC senator? akit: that won't be necessary akit/griffin: talk to Fullmer jedimike: I'm sure we can make that work discussion of ASUC losing $40000 a few years back??? === Motion SP-08-001 === Motion to allow Shuar Health Group to colocate their fileserver with the OCF, and assist them in maintaining it. Proposed by sluo, seconded by jchu PASSES 8-0, 1 abstention ======================== [jedimike leaves] gordeon: when are elections? akit: I'll talk about that later GM Agenda gordeon: I had no time to check budget, but we have spending figures: General fund spending this week: $183.79 for rush toner refill, more (jchu: $500-800) for further toner orders Miscellaneous fund spending: $200+ on food in last three weeks??!?! gordeon: net2ftp is up, thanks sle milki: looks cool!!! alanw: what does it do? gordeon explains net2ftp [gfs reappears with food] gordeon: I added a link to mibbit (AJAX IRC client) on the web IRC clients page, it's not replacing the existing [Java-based] client jchu: yes!!! looks cool! bofjh: noo!!! we don't want users on IRC!?!?! gordeon: Dreamhost approved our application for a nonprofit account, offers 500 GB for 10 years free domain name -- but what domain name should we use? theocf.org is domain-parked -- should we ask for it, or should we pick another one? jchu: where does the owner of theocf.org live? [laughter] gfs: pick another domain name discussion on what name to use names suggested: ocf-is-broken, ucb-ocf, etc. gordeon: Let's have this discussion over staff mail, so check your email and reply! gordeon: I emailed sm@ the password, should I have sent it in the clear? sluo: no milki: get PGP!!! OCF key-signing party!!!! sle: we could use 2 500 GB HDD @ $120 each for the backup server, which is running out of space === Motion SP-08-002 === Motion to spend up to $300 to purchase two 500 GB HDD for the backup server. Proposed by sle, seconded by griffin gfs: how much space is there on the backup server now? sle: 1.5 TB gordeon: can we use Dreamhost for this? sle: no, they charge you now if you do that discussion on what to do with Dreamhost space PASSES 7-1, 1 abstention ======================== kwinterl: I'm not on BoD, right? griffin: yeah, because you missed too many meetings, but you can rejoin sluo: but don't if you plan on missing lots of meetings [sahnn leaves] sle: let's get remote management cards for coupdetat and pollution at about $100 each akit: pollution? sle: that's the backup server === Motion SP-08-003 === Motion to spend up to $250 to purchase remote management cards for coupdetat and pollution. Proposed by sle, seconded by geo PASSES 7-1, 1 abstention ======================== sluo: we should give the SM a discretionary fund === Motion SP-08-004 === Motion to allocate $1000 to the site manager to spend at his discretion. Propsed by sluo, seconded by griffin PASSES 8-0, 1 abstention ======================== gordeon: stickers -- sle wanted to pass out stickers at meetings sle: I'd pass them out at networking meetings to solicit donations gordeon: let's try to get more professional stickers (i.e. ones that don't say "OCF ownz you") gfs: wouldn't business cards be better? griffin: yeah sle: business cards look too professional, might deter donations gordeon: defer this to next time, since we don't have any prices handy kwinterl: make busines cards with emacs! sluo : you can do anything in emacs griffin: screw emacs! gordeon: mgasidlo and I identified almost all of the owners of the USB drives in the lost and found sle: gg gordeon: no free USB drives for us! geo: awww akit: ASUC elections are Apr 7-10 (Tu-Th) need people Tu from 6:30 AM, WTh from 7 AM alanw: what do we do for them? akit: technical assistance geo: rig elections!!!!!???!!? griffin: it's easy work akit: and you get to drive a golf cart! griffin: and we get paid lots of money! sle: which pays for our food akit: so the more people the better! SM Agenda gfs: the LDAP transition is the only thing I wanted to bring up sluo: it might be a little tight time-wise now, but I'm still aiming for a transition from NIS+ to LDAP and Kerberos during spring break right now, passwords are hashed using a (weak) one-way hash and stored in NIS+ -- when users try to log in, their passwords are hashed and compared against the stored hash Kerberos uses a completely different auth system, and to migrate people's accounts, we need the plaintext passwords Reversing the hash is not a practical option Two options: (1) automatically migrate people's passwords the first time they log in, or (2) rereg automatic password migration is easiest for users, but we can't enforce new, stronger password requirements rereg is a lot more hassle, but we could also ask users to fill out a survey in the process or something ... discussion on whether rereg is a good idea alanw: why would we do this to our users? sluo: because we'd like them to have stronger passwords than currently alanw: but users already have problems with the current requirements ... sluo: those requirements are set by the campus Minimum Security Standards for Networked Devices gfs: can we force users to select new password on first login? sluo: that's probably technically possible akit/griffin: do you have to come in to lab to rereg? if so, that's a problem for alumni and other people who aren't around alanw: but if they're not actually around, they don't use their accounts, right? everyone else: yes they do gfs: ok, toss out the idea of physical rereg on those grounds then griffin: but strictly, these people shouldn't have accounts ... alanw: wait, what can they do with their accounts? [answer: everything ordinary users can do] gfs: that leaves us only with one option, right? alanw: can we do both rereg and automatic password migration? gfs: that's the worst of both worlds kevintra: are the campus password strength requirements new? sluo: no, they're not kevintra: so why implement them now, if we haven't been in the past? jchu: because they'd be within their rights to kick us off the campus net now for violating the policy gfs: let's have a poll: online automatic password migration with mandatory password changes, or rereg? sluo: we need to look into whether the mandatory password changes are possible gfs: let's table, then? griffin: no one seems to want rereg gfs: let's table griffin: with automatic password migration, what happens if they don't log in within the migration period? sluo: we'll preserve the password hashes somewhere so they can do it later, but it'll be more of a hassle for them gfs: 6 months is plenty of time for the transition, though kwinterl: unless they're in North Korea! everyone else: then they have other things to worry about! Random Stuff sle: BMUN? gordeon: their representative was sick and missed a meeting with me today not much left to be worked out === Motion SP-08-R0306-01 === Motion to add akit and kwinterl to BoD. Proposed by sluo, seconded by griffin PASSES 7-0, 2 abstentions ============================= === Motion SP-08-R0306-02 === Motion to adjourn. Proposed by griffin, seconded by sle PASSES 7-0, 2 abstentions ============================= Meeting adjourned 8:02 PM