rfc: permissions on package branches

Scott Kitterman ubuntu at kitterman.com
Fri Feb 18 01:07:29 UTC 2011 

On Tuesday, February 15, 2011 12:34:28 am Martin Pool wrote:
> We have a question in <https://bugs.launchpad.net/bugs/516709> about
> what the permissions on official package branches ought to be, and how
> they should be explained to the user.
> 
> The basic thing is that Launchpad knows who is allowed to write to a
> package, and it already has special code that gives those people
> read/write access to the package branch.  In the common case where the
> package branch is owned by a bot/celebrity that will never do anything
> itself, this is fine.  However, it is perhaps a problem if an existing
> branch owned by a human is marked as official for a particular
> package.
> 
> At the moment the permissions are unioned: the nominal owner of the
> branch keeps write access, and the package uploaders get right access
> too.
> 
> There are a few options here and we'd appreciate hearing from Ubuntu
> people how they think it should work:
> 
> 0- No change: the nominal owner keeps write access.
> 
> 1- Don't allow branches owned by non-celebrities to become the
> official branch for a package.  Instead, you need to push from that
> branch into the real official branch.
> 
> 2- When the branch becomes an official package branch, the owner loses
> write access (unless they're also an uploader.)  That's what
> <https://code.launchpad.net/~jml/launchpad/owner-cannot-write-to-official-b
> ranch-516709/+merge/29446> would do.  It seems potentially confusing.
> 
> 3- Something else?
> 
> Let us know what you think either here or on that bug.  Also if you
> think we ought to ask eg the TB, please tell me.

Now that I know what a celebrity is in this context, I think #2 is reasonable.  
#1 would be achieved by not turning a particular branch into a packaging 
branch and using the default official branch (we have that now).

Official Ubuntu branches are supposed, in some way, to relate to the code in 
the distro, so I think it makes sense to keep the upload and branch 
permissions aligned.  If someone doesn't like losing write permissions to a 
branch for a package they can't upload, then they shouldn't have it made the 
official branch.

It doesn't seem confusing to me, but then maybe I don't understand it well 
enough to be confused.

Scott K

More information about the ubuntu-distributed-devel mailing list