On Tue, 2020-08-04 at 14:47 +0200, Kamil Paral wrote:

On Tue, Aug 4, 2020 at 8:50 AM Geoffrey Marr gmarr@redhat.com wrote:

...

At today's blocker review meeting[0], we ran across a bug[1] that we believe is bad enough to warrant blocker status, but as the criteria currently stand, does not violate any particular criterion. The bug in question has to do with logging out of one user account and logging into another account that has already been accessed before during that boot. The criterion listed in the bug[2] doesn't seem to fit, as it is more focused on what happens after the system is booted (which does work in the case of this bug). There is a Final criterion[3] that covers switching between two accounts, where the data in the account switched out of is retained, but that is not the case presented here (as this bug has to do with "logging in/out" of accounts, not "switching" as they are defined technically). Intellectually, we believe this type of bug should violate the criteria, as it seems a common use-case, and so we are bringing it up as a possible addition as there is nothing that currently covers this kind of bug.

The new criterion could look something like "A system with multiple user accounts must be able to log in and out of said accounts as presented by all release-blocking desktops in their default configuration."

Actually, I'd make this even simpler. We already have a Beta criterion related to logging out (among others): https://fedoraproject.org/wiki/Fedora_33_Beta_Release_Criteria#Shutdown.2C_r...

So let's just include logging in as well, and we're done: "Shutting down, rebooting, logging in and logging out must work using standard console commands and the mechanisms offered (if any) by all release-blocking desktops."

We'd also update the "Work?" footnote: "Similar to the Basic criterion for shutting down, shutdown and reboot mechanisms must take storage volumes down cleanly and correctly request a shutdown or reboot from the system firmware. Logging in must transfer the user from the login screen/prompt to his/her working environment, and logging out must return the user to the environment from which they logged in, working as expected."

This sufficiently covers the discussed bug and seems to fit naturally into the existing criterion. One unclear area might be what the console console used for logging in is. We can either explicitly say that for logging in we don't require any specific console command, or we can note that the most likely command to get covered by this is "su". We can also not define it and leave that up to blocker discussion, if such a situation occurs in the future. I'd lean towards the last option, but all sound fine to me.

As mentioned in the IRC meeting today, I have a small nit with this: the criterion as it exists right now is conceptually intended as a "Stopping The Session" criterion. It covers three things which are all, broadly, ways to stop the current session. If we stick "logging in" into it in this way, we lose that conceptual clarity and it potentially makes the overall...idea...of the criterion more muddy and hard to read.

On the whole I feel like considering all requirements related to log in, log out, shutdown, restart, and user switch together we should be able to come up with a better option either than a standalone new criterion (Geoff's proposal) or this add-on to the "end session" criterion (Kamil's proposal), but I think either proposal would be *okay* if we don't get the time to come up with something better. Just wanted to flag that up for discussion.

On Wed, Aug 12, 2020 at 4:25 PM Kamil Paral kparal@redhat.com wrote:

I'd accept the criterion as proposed (because we need it now), and do the reorganization later (possibly when this cycle is over and we have more time to bikeshed about best criterion layout). I'm fine with either adding to the existing criterion (mine version) or creating a standalone criterion (Geoff's version), just note that the standalone version would still need to get tweaked (remove "multiple user accounts", etc).

In accordance with the discussion during the last QA meeting, I've put my proposed changes live: https://fedoraproject.org/w/index.php?title=Fedora_33_Beta_Release_Criteria&...

On Tue, Aug 4, 2020 at 5:07 PM Adam Williamson adamwill@fedoraproject.org wrote:

There's a sort of technical argument to be made that this is covered by

https://fedoraproject.org/wiki/Fedora_33_Beta_Release_Criteria#desktop-shutd... . That says "Shutting down, logging out and rebooting must work using standard console commands and the mechanisms offered (if any) by all release-blocking desktops", with a footnote "Logging out must return the user to the environment from which they logged in, working as expected." Arguably the environment from which they logged in is not "working as expected" if you can't then log in as someone else.

However, the existing basic criterion [1] only requires the *initially* created user to be able to log in. So if you create a second user, and can't log in with it after a system boot, that would not be covered by neither the basic one nor the one you just quoted. It would be covered by the proposed change I made, though. I think it's a good idea to have a clear "logging is must work" criterion somewhere.

[1] https://fedoraproject.org/wiki/Basic_Release_Criteria#Expected_installed_sys...

Adding a more explicit requirement wouldn't hurt, though, I guess. I sort of feel like it would be nice to somehow combine and rationalize all these related requirements somehow...

I'm not sure what exactly you have on mind. How would you like to improve it? By having log in/out + shutdown + reboot in the same criterion, it seems quite "combined".