[patch] Allow all signers to read the key to upload signed rpms

Kevin Fenzi kevin at tummy.com
Tue Aug 10 23:02:30 UTC 2010


On Tue, 10 Aug 2010 15:37:29 -0700
John Poelstra <poelstra at redhat.com> wrote:

> It seems to me that this is a very important group.  Do we have an
> SOP that describes how this group is handled?

Not that I know of... perhaps there should be one.

> Things like:
> 
> a) What kind of "controls" do we have to make sure that the @signers 
> group is limited and that it requires some sort of approval to add 
> people to it?

No more so than any other fas group I don't think. 

> b) Who has the ability to add another person?

The admin/sponsors of the group. 
Currently jkeating is the only admin, there are no sponsors. 

> c) Are people promptly removed when they no longer need to do any
> signing?

I don't know. I would hope so. 

> d) Who has the ability to remove people?

admin/sponsor of the group?

I think if we are going to write up policies for this group, we might
also put on the same page other "important" groups. ie, sysadmin-main,
cvsadmin, possibly others? 

kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/infrastructure/attachments/20100810/d1192e9c/attachment.bin 


More information about the infrastructure mailing list