#914 pkg cvs ACL issue
Closed: Fixed None Opened 15 years ago by mschwendt.

As a co-maintainer of "audacity" in fedora pkg cvs, I used to be able to commit to a README in the top-level audacity directory which is used to forward notifications to the entire audacity-owner team. This no longer works:

{{{
[mschwendt@opc4 audacity]$ cvs commit -m 'mention upstream plans on 1.3.6-beta' README
**** Access denied: mschwendt is not in ACL for rpms/audacity
cvs commit: Pre-commit check failed
cvs [commit aborted]: correct above errors first!
}}}


the acl file has
avail | gemi,mschwendt,@uberpackager | rpms/audacity/F-7
avail | gemi,mschwendt,@uberpackager | rpms/audacity/F-8
avail | gemi,mschwendt,@uberpackager | rpms/audacity/F-9
avail | gemi,mschwendt,@uberpackager | rpms/audacity/FC-1
avail | gemi,mschwendt,@uberpackager | rpms/audacity/FC-2
avail | gemi,mschwendt,@uberpackager | rpms/audacity/FC-3
avail | gemi,mschwendt,@uberpackager | rpms/audacity/FC-4
avail | gemi,mschwendt,@uberpackager | rpms/audacity/FC-5
avail | gemi,mschwendt,@uberpackager | rpms/audacity/FC-6
avail | gemi,mschwendt,@uberpackager | rpms/audacity/RHL-9
avail | dtimms,gemi,mschwendt,@uberpackager | rpms/audacity/devel

there is no access to rpms/audacity

you should have no issues checking in from a branch.
you will need to enter the directory for the branch you are commiting to

I want to modify

http://cvs.fedoraproject.org/viewvc/rpms/audacity/README

and this is not permitted anymore. That also means that I cannot delete that file, and that is bad, too.

its a side effect of one person having access to only the devel branch. Which im guessing is a new thing. AFAIK having the file where it is, is ok. at least there is nothing saying you can't do it.

to allow access to the root again. who would we grant the acls to? i would guess it could only be the common people across all branches. to make sure that access to the root doesn't grant access to branches that they dont have explicit access to. the way the acls are now is how they have always been setup when someone does not have access to all branches. and this is the first time its become an issue. so time to work out exactly how we can give you access and still have the person with devel only access devel only access.

Dennis's analysis seems correct. We could move the README file into the devel branch for you pretty easily.

Rewriting the acl generation to include the root directory (and as Dennis says, figure out which packagers should have access to that directory) is another possibility but there's other work that's demanding my attention. If you're interested in working on that I can attach the genacls code for you.

Note that the top-level pkg directory was chosen on purpose. To make the file common to all branches (and so it could also contain special instructions/guidelines for anyone who would touch the pkgs).

Opening up the acls for the root dir would be rather pointless, if there is no separate watchcommits list for the root dir.

So, please move the file into 'devel' for now.

Login to comment on this ticket.

Metadata