[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: New package cvs requests. opt out of cvsextras commit rather than in?



On Wed, 5 Dec 2007 10:41:20 -0500
Jesse Keating <jkeating redhat com> wrote:

> Having just looked a bit closer and talked with Jeremy, here is what I
> think we can do.
> 
> "cvsextras" as a FAS group becomes something like just 'cvspkgs'.
> Warren is already planning on doing this.  Membership in this group
> gives you a couple things.  
> 
> 1) file level ACLs on the cvs server to
> write to the file system.  Everybody has to have this in order for cvs
> to write out files on your behalf.
> 
> 2) A grouping of all Fedora package maintainers.  All maintainers
> would have to be in cvspkgs.
> 
> We would then create a new group, cvsexperienced or some other name
> such as this.  This group is the group that gets CVS ACLs to all
> modules that haven't opted out of this openness.  This takes the place
> of what we have in pkgdb currently as cvsextras commit.  Entry to this
> group should be relatively low barrier, but there is still a barrier
> between the fresh contributors and everybody elses packages.
> 
> Finally we have the cvsadmin group who just has blanket access no
> matter what, and this doesn't have to change.
> 
> With some relatively small changes this could be accomplished.  The
> interesting discussion points are A) what is the criteria to get added
> to cvsexperienced?  Obviously sponsors are automatically added, but
> there should be other ways to get in.  B) who from the current members
> of cvsextras would we grandfather into cvsexperienced?  C) what is a
> better name for "cvsexperienced".  D) when to make this happen.


I forgot to mention.  Membership in cvspkgs does not give you wide
access.  In fact, the members of cvspkgs are not "considered" when
creating CVS ACLs.  The owners/co-maintainers of packages are, and
members of cvsexperienced are (provided the package in question allows
for cvsexperienced commit access).

This effectively keeps new packagers to only A) the packages they own,
and B) the packages the co-maintain with other people.

-- 
Jesse Keating
Fedora -- All my bits are free, are yours?

Attachment: signature.asc
Description: PGP signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]