On 2/21/19 9:42 AM, Richard Brown wrote: "appear to be" is a good way to put it. Despite so many posts from so many "concerned" openSUSE-ers, I still really do not see an "I'll Do It!", do you? -- -Gerry Makaro openSUSE Member openSUSE Global Moderator openSUSE Contributor YaST Contributor aka Fraser_Bell on the Forums, OBS, IRC, and mail at openSUSE.org Fraser-Bell on Github -- To unsubscribe, e-mail: opensuse-project+unsubscribe(a)opensuse.org To contact the owner, email: opensuse-project+owner(a)opensuse.org

Op donderdag 21 februari 2019 21:57:06 CET schreef Fraser_Bell: Even a 'hey, who could help me do it?" would do. -- Gertjan Lettink a.k.a. Knurpht openSUSE Board Member openSUSE Forums Team -- To unsubscribe, e-mail: opensuse-project+unsubscribe(a)opensuse.org To contact the owner, email: opensuse-project+owner(a)opensuse.org

On 22/02/2019 07:52, Vinzenz Vietzke wrote: Yes this discussion has got somewhere further then last time which leaves us with the remaining questions. Where should we install nextcloud? Who would like to install it and keep it running? -- Simon Lees (Simotek) http://simotek.net Emergency Update Team keybase.io/simotek SUSE Linux Adelaide Australia, UTC+10:30 GPG Fingerprint: 5B87 DB9D 88DC F606 E489 CEC5 0922 C246 02F0 014B -- To unsubscribe, e-mail: opensuse-project+unsubscribe(a)opensuse.org To contact the owner, email: opensuse-project+owner(a)opensuse.org

jdd(a)dodin.org wrote: To make it more easily accessible to those who have a need to access it. It could also just be stored on an ftp server, but using a nextcloud instance does make it easier to share. Simon asked: It only needs a fixed ip, apache, php and a database. If we don't have a webserver with those, I'm sure we can get one. Show of hands please. -- Per Jessen, Zürich (7.6°C) http://www.cloudsuisse.com/ - your owncloud, hosted in Switzerland. -- To unsubscribe, e-mail: opensuse-project+unsubscribe(a)opensuse.org To contact the owner, email: opensuse-project+owner(a)opensuse.org

Le 22/02/2019 à 09:26, Per Jessen a écrit : https://www.zaclys.com/ offers a service with 1Gb free and https://cloud.zaclys.com/Le-cloud-a-quoi-ca-sert-exemple-dutilisation-du-se… this I could manage for openSUSE if necessary. it's even encrypted if you want to you may think it's a provocation, and it is... why is it so hard to share such service on openSUSE? I managed one myself for years.. jdd -- http://dodin.org -- To unsubscribe, e-mail: opensuse-project+unsubscribe(a)opensuse.org To contact the owner, email: opensuse-project+owner(a)opensuse.org

Am Freitag, 22. Februar 2019, 11:59:00 CET schrieb Per Jessen: Yeah, I would object to kill some service by adding just another one outside of openSUSE's infrastructure. So as an alternative to some Nextcloud why not just go with a private section of Bugzilla? That should handle the whole process of application, decision and documentation all in one. Plus it's already there and maintained. Regards, vinz. -- To unsubscribe, e-mail: opensuse-project+unsubscribe(a)opensuse.org To contact the owner, email: opensuse-project+owner(a)opensuse.org

Hi all, I have the same question like Carlos: I would volunteer but I don't now what to do. I have no experience with Elgg and don't know how to maintain a forum. Carlos E. R. wrote: Regards Christian Imhorst -- To unsubscribe, e-mail: opensuse-project+unsubscribe(a)opensuse.org To contact the owner, email: opensuse-project+owner(a)opensuse.org

Hello, [ I have about 50 unread mails in this discussion, so I might not have seen all relevant comment yet. One thing I noticed is that we have several volunteers. I'm really happy about that :-) Please forgive me for answering only to one of you ;-) ] Am Freitag, 22. Februar 2019, 08:47:36 CET schrieb Ish Sookun: In a mail nearby, jdd asked the right question: and why is a *cloud* storage needed to manage membership? Using nextcloud with a LibreOffice Calc document in it would be a bad idea IMHO. Not because my personal preference is ownCloud ;-) but because it makes things more complicated than necessary. For example, extracting the mail aliases out of a LibreOffice table would be a PITA, or in general, automating anything would be a PITA. So let's start even more simple and less cloudy, please ;-) If we go for "a table that can only be edited by the membership committee", then I'd propose to use a MySQL database + phpMyAdmin The interface would look a bit more "technical", but not too different/ difficult, and it would have several advantages: - extracting the mail aliases out of a database is boring and easy (much easier than extracting them from a binary[1] LibreOffice file) - setting up the server is easy - we could easily track changes, for example with a daily CSV export that gets auto-commited to a git repo (not a requirement for the initial implementation, just an idea for the future) - if we setup a "request membership" form, writing to a database is much easier than writing to a LibreOffice document The hard part is to convert the data from connect.o.o to the new database scheme. (I never looked at the database scheme used by connect.o.o, therefore I have no idea how hard this will be.) Writing/updating the export scripts (for example for the mail aliases) is also some work, but not really hard. I'm happy to hear that :-) Getting a VM (IMHO: for phpMyAdmin and an empty database) shouldn't be too hard ;-) Please write a mail to the heroes mailinglist to request it, and while on it, please also request access to the VPN and the connect.o.o database. Until that setup is done, you can already start on the drawing board with stuff like "which columns will we need?" I know it sounds boring, but I'm also sure nobody will get this right on the first attemp ;-) On the positive side, adding a column later is easy, so don't worry too much. Regards, Christian Boltz [1] I know that LibreOffice documents are basically zipped XML, but that doesn't make things much easier ;-) -- Ich soll keine fünfzeiligen Sigs schreiben. Ich soll keine fünfzeiligen Sigs schreiben. Ich soll keine fünfzeiligen Sigs schreiben. Ich soll keine fünfzeiligen Sigs schreiben. Ich soll keine fünf... -- To unsubscribe, e-mail: opensuse-project+unsubscribe(a)opensuse.org To contact the owner, email: opensuse-project+owner(a)opensuse.org

On 2/22/19 4:58 PM, Carlos E. R. wrote: If we can get moving on the Provide Alternate and Dump Connect idea, there will be no need to bother with the spam, as it will disappear with Connect. Just sayin' If you help, even with just some of it, that helps move that process forward towards fruition. ;-) (... and, I would enjoy working with you, again.) -- -Gerry Makaro openSUSE Member openSUSE Global Moderator openSUSE Contributor YaST Contributor aka Fraser_Bell on the Forums, OBS, IRC, and mail at openSUSE.org Fraser-Bell on Github -- To unsubscribe, e-mail: opensuse-project+unsubscribe(a)opensuse.org To contact the owner, email: opensuse-project+owner(a)opensuse.org

Hi Gerry On 2/23/19 6:31 AM, Fraser_Bell wrote: Let's not focus on the "how" at this moment. Important is that we try the possible alternatives to see what they're capable of. Something which I am doing already. Thanks for stepping too, Gerry. I'll update you, Edwin and jdd about the solutions I am testing. We can then get in touch the membership officials for a trial. Regards, Ish -- To unsubscribe, e-mail: opensuse-project+unsubscribe(a)opensuse.org To contact the owner, email: opensuse-project+owner(a)opensuse.org

Let me start a fork of this thread to focus on evaluation of possible solution and list of volunteers to do so Voluteers (may be) are: christian Boltz (data base) jdd (galette and more) Ish Sookun Edwin Carlos (?) (add or remove yourself :-) needs to fulfill: * manage a member database with identification, allowing members to check they data and keep them safe * manage a way to allow people to ask to be a members * connect the present base to the new one solution proposed are: opensource for sure: * plain paper * Nextcloud session + libreoffice calc * galette (http://galette.eu/dc/?navlang=en) * mysql + phpmyadmin probably opensource (to check): * admidio (https://www.admidio.org/) * clubmaster (http://www.clubmaster.org/) * civicrm (http://groupspaces.com/) please ad ideas here at will, but fork to add comments (change subject or open a new one) thanks jdd -- http://dodin.org -- To unsubscribe, e-mail: opensuse-project+unsubscribe(a)opensuse.org To contact the owner, email: opensuse-project+owner(a)opensuse.org

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Saturday, 2019-02-23 at 20:10 +0100, Carlos E. R. wrote: I see Stefan Seyfried also volunteers for this. - -- Cheers, Carlos E. R. (from openSUSE 15.0 x86_64 at Telcontar) -- To unsubscribe, e-mail: opensuse-project+unsubscribe(a)opensuse.org To contact the owner, email: opensuse-project+owner(a)opensuse.org

On Sat, 23 Feb 2019 at 20:49, Lars Vogdt <lrupp(a)suse.de> wrote: absolutely welcome. I don't know what you mean by "if I'm allowed". volunteer from being allowed to do hands on stuff to solve this issue. If there are factors I'm unaware of, then I'd suggest we discuss that offlist. I'm prepared to help in any way I can to remove any such blockers. If it would make you more comfortable, I'd suggest emailing board(a)opensuse.org if you wish an alternative to contacting me directly. Oh boy, talk about a comprehensive solution. This solution would also be compatible with some casual enquiries discussed with the Board recently. If this is an idea the community likes and is willing to work behind, I can see potential in this solution to tie together nicely with other requirements that are currently coalescing over the horizon. Might be worth the work -- To unsubscribe, e-mail: opensuse-project+unsubscribe(a)opensuse.org To contact the owner, email: opensuse-project+owner(a)opensuse.org

HUGE, HUGE, HUGE SUPER THANKS!!!! Super Thanks to all the people who are stepping up to offer help on one aspect or another with the remake of Membership database and cleanup of our existing system. This is what I, personally, needed to see to reinvigorate my energy to work on openSUSE problems. A Community, Volunteering as Community Members, to solve a pressing Community Issue. Thanks, everyone!!! Up till now, it was beginning to depress me that calls for help seemed to be constantly ignored. Now, I am beginning to feel Very Proud of being a Member of this Community! -- -Gerry Makaro openSUSE Member openSUSE Global Moderator openSUSE Contributor YaST Contributor aka Fraser_Bell on the Forums, OBS, IRC, and mail at openSUSE.org Fraser-Bell on Github -- To unsubscribe, e-mail: opensuse-project+unsubscribe(a)opensuse.org To contact the owner, email: opensuse-project+owner(a)opensuse.org

On 2/23/19 12:20 PM, Richard Brown wrote: Ahhh. As I thought. Thanks, Richard. -- -Gerry Makaro openSUSE Member openSUSE Global Moderator openSUSE Contributor YaST Contributor aka Fraser_Bell on the Forums, OBS, IRC, and mail at openSUSE.org Fraser-Bell on Github -- To unsubscribe, e-mail: opensuse-project+unsubscribe(a)opensuse.org To contact the owner, email: opensuse-project+owner(a)opensuse.org

Op zaterdag 23 februari 2019 21:59:26 CET schreef Fraser_Bell: <jdd(a)dodin.org>rg>: +1 here. -- Gertjan Lettink a.k.a. Knurpht openSUSE Board Member openSUSE Forums Team -- To unsubscribe, e-mail: opensuse-project+unsubscribe(a)opensuse.org To contact the owner, email: opensuse-project+owner(a)opensuse.org

On 2/23/19 8:49 PM, Lars Vogdt wrote: Note my proposal a couple of months ago: "Proposal: Use Æ-DIR instead of FreeIPA" https://lists.opensuse.org/heroes/2018-07/msg00002.html I've done a PoC installation: https://progress.opensuse.org/issues/39872 I will also present Æ-DIR (see https://ae-dir.com) at oSC 2019. In the mean-time someone implemented a aehostd state for CentOS and Debian which could be probably pretty easily adapted to openSUSE: https://git.webmeisterei.com/saltstack-formulas/ae-dir-formula Ciao, Michael. -- To unsubscribe, e-mail: opensuse-project+unsubscribe(a)opensuse.org To contact the owner, email: opensuse-project+owner(a)opensuse.org

Le 23/02/2019 à 21:56, Fraser_Bell a écrit : I was unsure so I added the "add yourself" it as him that proposed the phpmyadmin solution, so I figured out hi wanted to setup one :-) alrady asked the heroes team about this (I don't expect an answer during week end :-() thanks jdd -- http://dodin.org -- To unsubscribe, e-mail: opensuse-project+unsubscribe(a)opensuse.org To contact the owner, email: opensuse-project+owner(a)opensuse.org

On sob, lut 23, 2019 at 10:32 PM, Fraser_Bell <Fraser_Bell(a)openSUSE.org> wrote: Eh, out of all that shitposting I started making some quick and easy replacement for connect on Friday. Initial mockup: https://cdn.discordapp.com/attachments/407993213425680384/54856502532597350… Current state: https://cdn.discordapp.com/attachments/407993213425680384/54894856195014657… (and some more equally unfinished parts of the interface) I suspect I will have something usable on monday (and if not my next free time is on the next friday). Although I would much appreciate less spam in mailing lists so I can focus on that instead of reading emails :P LCP [Stasiek] https://lcp.world -- To unsubscribe, e-mail: opensuse-project+unsubscribe(a)opensuse.org To contact the owner, email: opensuse-project+owner(a)opensuse.org

On 2/23/19 1:32 PM, Fraser_Bell wrote: Repeating this highlighting objective in Heading. -- -Gerry Makaro openSUSE Member openSUSE Global Moderator openSUSE Contributor YaST Contributor aka Fraser_Bell on the Forums, OBS, IRC, and mail at openSUSE.org Fraser-Bell on Github -- To unsubscribe, e-mail: opensuse-project+unsubscribe(a)opensuse.org To contact the owner, email: opensuse-project+owner(a)opensuse.org

Am Sonntag, 24. Februar 2019, 09:16:50 CET schrieb jdd(a)dodin.org: annoincing this kinbd of stuff a bit more in advance would be the thing to do. Not everybody checks their email every five minutes, especially at 11pm. not just irc... Cheers MH -- Mathias Homann Senior Systems Engineer, IT Consultant. IT Trainer Mathias.Homann(a)openSUSE.org http://www.tuxonline.tech gpg key fingerprint: 8029 2240 F4DD 7776 E7D2 C042 6B8E 029E 13F2 C102

Le 23/02/2019 à 16:33, jdd(a)dodin.org a écrit : I created on my own (shared) domain a galette instance (15" time) http://dodin.org/galette/webroot//login I expect some of you to mimic a membership subscription: create your own profile. you may as well ask for admin account, no problem jdd -- http://dodin.org -- To unsubscribe, e-mail: opensuse-project+unsubscribe(a)opensuse.org To contact the owner, email: opensuse-project+owner(a)opensuse.org

Hello all. I think at the moment a wiki page to summarize the propositions could be useful. are you OK? can I process? thanks jdd -- http://dodin.org -- To unsubscribe, e-mail: opensuse-project+unsubscribe(a)opensuse.org To contact the owner, email: opensuse-project+owner(a)opensuse.org

On 2/24/19 9:04 AM, jdd(a)dodin.org wrote: That sounds like a very good idea to me, jdd. -- -Gerry Makaro openSUSE Member openSUSE Global Moderator openSUSE Contributor YaST Contributor aka Fraser_Bell on the Forums, OBS, IRC, and mail at openSUSE.org Fraser-Bell on Github -- To unsubscribe, e-mail: opensuse-project+unsubscribe(a)opensuse.org To contact the owner, email: opensuse-project+owner(a)opensuse.org

On 2/25/19 12:40 AM, jdd(a)dodin.org wrote: I will take care of that later today, jdd. Thanks. -- -Gerry Makaro openSUSE Member openSUSE Global Moderator openSUSE Contributor YaST Contributor aka Fraser_Bell on the Forums, OBS, IRC, and mail at openSUSE.org Fraser-Bell on Github -- To unsubscribe, e-mail: opensuse-project+unsubscribe(a)opensuse.org To contact the owner, email: opensuse-project+owner(a)opensuse.org

On Di, Apr 6, 2021 at 09:55, Lars Vogdt <lrupp(a)suse.de> wrote: We could create a mail ticket system on pagure for membership submissions and obsolete connect right now, the much bigger problem is membership applications than keeping existing memberships. I still vote we do membership management in the login system because: * that allows us to do login for members-only services global instead of implementing the list of members per service * we need to have our own login system for gdpr/foundation reasons anyway (that was discussed during gdpr meeting last year) * we can fold heroes and standard login into one system and manage permissions to infra as groups (as we already do pretty much) * it allows us to check when was the last time the person logged into any service at all for deprecating member status * freeipa provides us with an option to manage email aliases * noggin replaces profiles as well as provides nice settings for the users to manage their account and probably more The problem is: I don't really know if we can do anything at all, it doesn't seem like SUSE is particularly happy about the prospect of openSUSE Accounts from what we got last year, but it is pretty much delaying inevitable from the legal perspective (assuming foundation happens that is ;). And the system we want to use is way more pleasant to use and navigate as well as actually fit for community purposes compared to the SUSE idp. Actually Fedora deployed it last week if you want to have a look at it (although you will need to register if you don't have a login already) https://accounts.fedoraproject.org/user/hellcp/ https://accounts.fedoraproject.org/user/ngompa/ (since Neal belongs to group so he can show off the functionality better ;) LCP [Sasi] https://lcp.world

On Di, Apr 6, 2021 at 18:52, Lars Vogdt <lrupp(a)suse.de> wrote: Considering that tickets for for example removing accounts of spammers ended up in a void (or rather our ticket system) for a long time without anybody looking at them, I have 0, zero, null and none trust in that working out. We do need a system with which heroes can actually help out and which can be used by membership officials without jumping through hoops. If that existed it was lost to time, mostly because everybody involved with GDPR stuff is extremely busy, and the meetings haven't managed to turn into a regular thing; please reach out to SUSE Legal though, I'm sure they would be happy to explain to you why clear divide of ownership of data within infrastructure is necessary for GDPR reasons. How about we use a system which actually allows us to contribute to it, instead of something which not only requires signing CLA, but also apparently requires patching vital functionality and because of it breaks with updates. I know SUSE very much prefers to use tools that are either proprietary or very hard to contribute to though from my experience, so that may not be an actual argument that gets through. LCP [Sasi] https://lcp.world

On Tue, 06 Apr 2021 19:36:07 +0200 Sasi Olin <hellcp(a)opensuse.org> wrote: Agreed. But this is a general problem. Will do. :-) Just to be a bit more clear: I did neither want to make a joke nor did I want to attack someone. I just get the feeling that our two communities might start sharing not only code on their distributions, but maybe more? I would love to hear others opinions... I guess the main problem with this is the parallel use of OBS and Bugzilla at the moment? If we can bring both systems to support more than one authentication system, we could create a completely independent openSUSE identify management system. After that, it's more or less only the hardware and domain sponsoring from SUSE which is connecting SUSE and openSUSE. I see both as not critical (as both could be provided by any other sponsor as well). Did I miss something? Regards, Lars

[ Late response, apologies ] On Tue 2021-04-06, Sasi Olin wrote: Bugzilla is run by SUSE IT at this point. OBS is run by folks like Henne, Lars,... who are very close to openSUSE. It is an actively maintained and modern part of our infrastructure. If there's any requirements on or suggestions for OBS, I encourage you to give it a try. (I don't have the exact Who is Who around OBS these days, but bet Lars can help connect.) If there's anything needed from SUSE IT, Evzenie and/or members of her team in SUSE IT try to attend the monthly Heroes meeting, and they care. If anything feels stuck, best reach out to her directly (and in the unlikely case you need help beyond that, feel free to copy me). Gerald

Lars Vogdt wrote: Sharing is good as long as it is bilateral or e.g. via open source. I am not interested in "switching over to Fedora's infrastructure", period. Maintaining our independence is important to me. -- Per Jessen, Zürich (0.9°C) Member, openSUSE Heroes

On 4/6/21 5:59 PM, Sasi Olin wrote: Handling applications is actually the easy bit, we probably don't need anything more then a email template that you fill out and email to a mailing list. It is then streamlining the process of accepting the membership setting up the email / irc aliases if desired etc is probably what actually needs atleast a little work. I am not entirely convinced that "Need" is the right word here. Certainly SUSE Legal would prefer not to be responsible from a GDPR perspective, however there are other things at play here. It would be exceptionally unwise for a "openSUSE Fountdation" to take ownership of user data unless as part of SUSE's sponsorship of openSUSE it covers these costs. To date as part of our foundation discussions we have always seen this as a possible future option but not something that would be done straight away but something that could be discussed later if both sides agree it would be beneficial given there are also significant technical challenges here that i'll get to in a minute. Having said that it should be considerably cheaper for openSUSE to handle its GDPR then what it costs SUSE Legal, so if SUSE Legal really wants such a change it would be really helpful if they help us develop a business case and outline how the above would work to go to upper SUSE management to help push the foundation proposal forward. As I said earlier there were technical reasons which have been the main reason behind not looking at this during the formation of the foundation (It's also worth noting when we last had these serious discussions SUSE IT was still in the middle of a carve out). The main ones as you mention are obviously obs and bugzilla, data gets shared from the openSUSE obs instance to the internal one and as you are aware the bugzilla instance is the same. What makes this problem genuinely hard is there are a number of SUSE employees such as myself who were members of the openSUSE community before joining SUSE, to make our lives easier generally we just continue using our "community" account inside SUSE and just have the SUSE Employee flag set. This means we don't need to constantly swap obs and bugzilla accounts based off whether we are dealing with a package we maintained before joining SUSE or one we maintain as a part of our role. Further to that if an employee leaves SUSE generally it doesn't mean that all there maintainership rights etc in obs should be removed that is generally left up to them. So under this idea of two account systems does an employee such as myself end up with a "SUSE" account and a "Community" account if so which has access to what inside obs and how do you make sure that my bugs for community packages still get assigned to my SUSE account with access to security bugs because that is the bugzilla account i'll use. Really if SUSE Legal no longer wants to be legally responsible for community data from a GDPR perspective they need to first work with the openSUSE community to help us establish a foundation that can hold the data and then need to work with SUSE IT and then the heroes to answer the above questions but really currently its still mostly SUSE IT's responsibility and if they come back to SUSE Legal and say yes we can do that but its going to cost $XXXXXX SUSE Legal might turn around and say well if the cost is that much its not worth the benefit and instead we will stick with the existing arrangement. There are also other technical solutions to this problem that would address these issues in a far simpler manner. For example it maybe possible to have multiple IDP databases such that the employee database is on SUSE hardware and the community one is on foundation hardware, which would solve the GDPR issue from a legal perspective. The foundation could then have a "Service agreement" with SUSE IT to maintain the login system and make changes in a timely fashion. As part of its sponsorship of openSUSE the agreement could also state that SUSE will provide an employee already working on openSUSE to handle GDPR requests which would be much cheaper then SUSE Legal handling them and would mean that a foundation wouldn't have to deal with the risk of not having someone on the Heroes team in 10 years time who is willing to handle GDPR requests. The reality is any change here will benefit SUSE the most so really they need to be the one driving the process. As a board member in the current state i'd be really hesitant for the Heroes to create yet another authentication system even if it could fix all the above issues without approval from SUSE Legal and SUSE IT because ultimately currently they are still responsible for the data. Without such agreement this would be one rare case where i'd see it as reasonable for the openSUSE Chairman to use there veto. But as a result of all this I don't think that we can expect to have a separate account system in the near future and maybe its worth using an alternate system as an intermediate step. As an aside we also have to deal with Emeritus Members and people wishing to transfer either way. -- Simon Lees (Simotek) http://simotek.net Emergency Update Team keybase.io/simotek SUSE Linux Adelaide Australia, UTC+10:30 GPG Fingerprint: 5B87 DB9D 88DC F606 E489 CEC5 0922 C246 02F0 014B

On 4/7/21 12:35 PM, Neal Gompa wrote: This is simply not true, all our previous planning has been based around no separation which is actually simplest from a legal perspective. Currently the data is hosted on SUSE infrastructure and therefore is owned by SUSE from a GDPR perspective. With one account system just because we now have a foundation doesn't change that fact, the data would still be owned by SUSE. As I outlined it is beneficial to SUSE to transfer that data to openSUSE as it greatly reduces there GDPR footprint and cost of dealing with GDPR. At the same time there are only two real things that could bankrupt or put a foundation in serious financial issues one is fines for failing to maintain adaquite bookwork the other is fines from failing to handle GDPR correctly, so if (not when) the foundation decides it would like to handle data it needs to be very careful about how it decides to do that to ensure that in 10-15 years time when things and volunteers have changed we still have the capability to properly handle GDPR requests. Atleast that is the legal advice we have to date. It is also worth noting that to this point as part of creating a foundation there has been no plan to transfer any of the openSUSE Infrastructure currently owned by SUSE to a foundation. If we did go down that path then yes separating login systems and dealing with GDPR is something that we would look at. But again as part of foundation proposals we had no immediate plans to do anything but again if we work with SUSE here and its beneficial to transfer some hardware we can look at it into the future. Atleast this is now being better thought out and planned then the original you'll just need to log in everywhere twice and or swap between. Yeah I know the issues with the existing system especially connect (we have been trying to properly get rid of it since before I joined the board). At some point we as a board decided that connect.opensuse.org should no longer resolve and only people who really need it should be given access by an alternative means (IE those wanting to apply for membership and the membership committee). I guess this got reverted at some point. I am by no means saying don't do stuff (While i'm still not convinced about needing a 4th auth system to do my job). Just that it is wise to have all the right people onboard. The board could have initially helped in this area but we didn't find out about these plans until significant work and effort had already been invested. At the end of the day under current law SUSE is Legally responsible for all openSUSE's data under GDPR as such whenever the Heroes add a new service that stores any form of data SUSE should be comfortable with it and so id be expecting the Heroes to be running these things by the relevant people at SUSE prior to working on them so we don't end up in an awkward situation where SUSE has to tell the Heroes that you shouldn't be running that or no you can't do that. Mind you under the same reasoning I'm really supprised that SUSE hasn't invested the time and effort to migrate us away from connect because I suspect its a serious GDPR liability having it still running and at the end of the day thats there issue not openSUSE's (atleast from a GDPR perspective). -- Simon Lees (Simotek) http://simotek.net Emergency Update Team keybase.io/simotek SUSE Linux Adelaide Australia, UTC+10:30 GPG Fingerprint: 5B87 DB9D 88DC F606 E489 CEC5 0922 C246 02F0 014B

On 4/7/21 7:55 PM, Neal Gompa wrote: It's not just about the data we collect though, almost more important then that is the compliance officer feeling comfortable that they can locate and remove any users data should they receive a request to do so. If I was the data projection officer i'd be hesitant to leave this to a couple of people in the community becaues who knows if and where they'll be in 10 years things change after all. But on the other hand if there is a well documented process to handle this and the officer has access or knows they can contact someone with access (possibly an employee because they have the right to tell another employee you need to do this today, where as they don't for a community member) i'd start to see this as a non issue. Please don't get me wrong i'm not trying to single out the new login system here, this is something we should be doing for any new infra we add that stores any form of user data. Not just for SUSE now but for the board of a future foundation to feel comfortable should we decide to transfer some of openSUSE's data to its ownership sometime in the future. Cheers -- Simon Lees (Simotek) http://simotek.net Emergency Update Team keybase.io/simotek SUSE Linux Adelaide Australia, UTC+10:30 GPG Fingerprint: 5B87 DB9D 88DC F606 E489 CEC5 0922 C246 02F0 014B

On 2/22/19 11:27 PM, Simon Lees wrote: I do not think that should be necessary, at all. Simple forms, automated, should be all that is necessary. Note that if it is MySQL, f.e., it can be secured, and can also be accessible across the infrastructure to the authorized individuals, and can allow real-time web access and generation for any future needs. -- -Gerry Makaro openSUSE Member openSUSE Global Moderator openSUSE Contributor YaST Contributor aka Fraser_Bell on the Forums, OBS, IRC, and mail at openSUSE.org Fraser-Bell on Github -- To unsubscribe, e-mail: opensuse-project+unsubscribe(a)opensuse.org To contact the owner, email: opensuse-project+owner(a)opensuse.org