[arch-dev-public] GIT projects on gerolde: owners and groups
Dan McGee
dpmcgee at gmail.com
Sun Oct 21 09:54:37 EDT 2007
On 10/21/07, Thomas Bächler <thomas at archlinux.org> wrote:
> Aaron mentioned he would take care of this, but I wanted to bring this
> up so it isn't forgotten:
>
> For the git projects, we need:
> - A separate group for each project, instead of "projects"
> - An owner assigned to each project (not root)
>
> I am volunteering as the owner for the initscripts, klibc-extras and
> mkinitcpio projects.
ACLs work well here for what we need to do with the groups. I'd
recommend keeping all folders as owned by group projects, but using an
ACL to add an additional group as we did with pacman:
$ getfacl pacman.git/
# file: pacman.git
# owner: root
# group: projects
user::rwx
group::rwx
group:pacman:rwx
mask::rwx
other::r-x
default:user::rwx
default:group::rwx
default:group:pacman:rwx
default:mask::rwx
default:other::r-x
We may want to tweak and document this setup, but this would ensure we
could have a projects 'overlord' continue to make changes to things
without having to be in every new project group, and we could still
give individual project access to the other developers by using a new
group and an ACL.
Put me down for pacman if Aaron doesn't want to take it.
-Dan
More information about the arch-dev-public
mailing list