[CentOS-devel] Central Auth: Group naming and Process Proposal
sbonazzo at redhat.com
Thu Aug 6 06:47:52 UTC 2015
On Wed, Aug 5, 2015 at 10:01 PM, Brian Stinson <brian at bstinson.com> wrote:
> Hi All,
> We're working on testing instances of FAS for storing our user/group
> membership information used by the CBS. I'd like to talk about group
> naming and the permissions model to get some input. The goal is to get
> these discussions going so we can set up our test environment to mirror
> what we'll roll out in production. Consider this a proposal, and please
> send comments my way (on-list please!).
> Groups will use the convention 'sig-<shortname>', for example: people in
> the Cloud SIG will be members of the FAS group 'sig-cloud'. This
> convention will allow push access in dist-git to any branch that starts
> with sig-cloud (sig-cloud7, sig-cloud7-openstack,
> sig-cloud7-openstack-juno) and grant build permissions under the SIG tags
> in Koji.
> FAS has 3 types of membership in a group: Admin, Sponsor, and User. All 3
> levels will be granted commit/build permissions, while only Admins and
> Sponsors can modify members of the group.
> To match our permissions model, I propose:
> - We populate the 'Accounts' (Global Admin) group with the members of the
> CentOS Board.
> - The Board member responsible for each SIG will create the appropriate
> SIG group in FAS
> - The Board member will add him/herself as an admin of the group
> - The Board member will sponsor the SIG Chair as a sponsor for the group
> - From then on, the SIG Chair and Board member can sponsor others into the
> group as users (and optionally add more sponsors to the group)
> Anyone have thoughts? Once we reach consensus, I'll get this written up
> for the SIG wiki page.
+1 on my side
> : http://wiki.centos.org/BrianStinson/GitBranchesandKojiTags
> : http://wiki.centos.org/SpecialInterestGroup
> CentOS-devel mailing list
> CentOS-devel at centos.org
Better technology. Faster innovation. Powered by community collaboration.
See how it works at redhat.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the CentOS-devel