On Fri, Oct 05, 2007 at 01:49:05PM -0700, Toshio Kuratomi wrote: > Luke Macken wrote: >> On Fri, Oct 05, 2007 at 01:38:19PM -0400, Todd Zullinger wrote: >>> I built an updated vorbis-tools package to fix bz#244757[1] but bodhi >>> won't let me push the update for F7. When I select Add Update, I get >>> an error that states: >>> >>> tmz does not have commit access to vorbis-tools >>> >>> This is partly true. Though the package is open to cvsextras, which >>> is how I had acccess to commit the changes. What's the best way to >>> solve this? Do I need to nag one of the primary maintainers of >>> vorbis-tools to do the actual push in bodhi (or request more >>> privileges from the pkgdb)? >>> >>> Would it be reasonable to allow members of cvsextras to push an update >>> to -testing if the package is open to cvs commits from cvsextras? >>> That'd facilitate someone coming along and helping fix low-hanging >>> fruit bugs like this -- freeing up the maintainers to work on the >>> harder and more pressing bugs. >>> >>> Pushing to -testing would provide some warning to the primary >>> maintainers if someone were to try and push an update they thought >>> shouldn't be pushed. Then they could unpush it to prevent it from >>> getting into the stable updates. >>> >>> (I'm not sure what the best balance is here, I can see reasons for >>> allowing or for denying such access in bodhi.) >> Right now bodhi only looks at the individuals with commit access from >> the pkgdb. It should definitely also check the ACL, and in the case >> of vorbis-tools, allow you to push updates for it. >> Toshio is throwing together a patch for bodhi now. > > Here's a patch for considering group-acls as part of authentication check. Applied, thanks! luke -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
