rfc: permissions on package branches

John Arbash Meinel john at arbash-meinel.com
Thu Feb 17 22:20:07 UTC 2011


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 2/14/2011 11:34 PM, Martin Pool wrote:
> We have a question in <https://bugs.launchpad.net/bugs/516709> about
> what the permissions on official package branches ought to be, and how
> they should be explained to the user.

Obviously people feel very passionate about this subject, given the
intense discussion. </sarcasm>

> 
> The basic thing is that Launchpad knows who is allowed to write to a
> package, and it already has special code that gives those people
> read/write access to the package branch.  In the common case where the
> package branch is owned by a bot/celebrity that will never do anything
> itself, this is fine.  However, it is perhaps a problem if an existing
> branch owned by a human is marked as official for a particular
> package.

So that means that if I have upload rights to 'bzr', then I can push to
lp:ubuntu/natty/bzr regardless of who the actual owner is?

> 
> At the moment the permissions are unioned: the nominal owner of the
> branch keeps write access, and the package uploaders get right access
> too.
> 
> There are a few options here and we'd appreciate hearing from Ubuntu
> people how they think it should work:
> 
> 0- No change: the nominal owner keeps write access.
> 
> 1- Don't allow branches owned by non-celebrities to become the
> official branch for a package.  Instead, you need to push from that
> branch into the real official branch.
>


I'm in favor of this one myself. ~ubuntu-foo can own all of the official
packaging branches, and the users have rights to upload to the
appropriate branches.


> 2- When the branch becomes an official package branch, the owner loses
> write access (unless they're also an uploader.)  That's what
> <https://code.launchpad.net/~jml/launchpad/owner-cannot-write-to-official-branch-516709/+merge/29446>
> would do.  It seems potentially confusing.
> 
> 3- Something else?
> 
> Let us know what you think either here or on that bug.  Also if you
> think we ought to ask eg the TB, please tell me.
> 
> Martin
> 

John
=:->
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk1dnxcACgkQJdeBCYSNAAMHVwCdHBnuQhJ0lV8caJWmXd1wxGlv
t9YAn0ODlSzKFvJevC9BIv3pp2wFBTco
=WJsq
-----END PGP SIGNATURE-----



More information about the ubuntu-distributed-devel mailing list