rfc: permissions on package branches
John Arbash Meinel
john at arbash-meinel.com
Thu Feb 17 22:20:07 UTC 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 2/14/2011 11:34 PM, Martin Pool wrote:
> We have a question in <https://bugs.launchpad.net/bugs/516709> about
> what the permissions on official package branches ought to be, and how
> they should be explained to the user.
Obviously people feel very passionate about this subject, given the
intense discussion. </sarcasm>
>
> The basic thing is that Launchpad knows who is allowed to write to a
> package, and it already has special code that gives those people
> read/write access to the package branch. In the common case where the
> package branch is owned by a bot/celebrity that will never do anything
> itself, this is fine. However, it is perhaps a problem if an existing
> branch owned by a human is marked as official for a particular
> package.
So that means that if I have upload rights to 'bzr', then I can push to
lp:ubuntu/natty/bzr regardless of who the actual owner is?
>
> At the moment the permissions are unioned: the nominal owner of the
> branch keeps write access, and the package uploaders get right access
> too.
>
> There are a few options here and we'd appreciate hearing from Ubuntu
> people how they think it should work:
>
> 0- No change: the nominal owner keeps write access.
>
> 1- Don't allow branches owned by non-celebrities to become the
> official branch for a package. Instead, you need to push from that
> branch into the real official branch.
>
I'm in favor of this one myself. ~ubuntu-foo can own all of the official
packaging branches, and the users have rights to upload to the
appropriate branches.
> 2- When the branch becomes an official package branch, the owner loses
> write access (unless they're also an uploader.) That's what
> <https://code.launchpad.net/~jml/launchpad/owner-cannot-write-to-official-branch-516709/+merge/29446>
> would do. It seems potentially confusing.
>
> 3- Something else?
>
> Let us know what you think either here or on that bug. Also if you
> think we ought to ask eg the TB, please tell me.
>
> Martin
>
John
=:->
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk1dnxcACgkQJdeBCYSNAAMHVwCdHBnuQhJ0lV8caJWmXd1wxGlv
t9YAn0ODlSzKFvJevC9BIv3pp2wFBTco
=WJsq
-----END PGP SIGNATURE-----
More information about the ubuntu-distributed-devel
mailing list