On Thu, 22 Oct 2015, at 11:17 AM, sebb wrote: > The LDAP group is used for granting karma, not for determining PMC > membership.
That is simply not necessarily true Sebb. There are two LDAP groups per TLP/PMC. ou=groups,cn=httpd and ou=pmc,ou=groups,cn=httpd - there are even groups that do no represent a TLP/PMC in the same OU. PMC chairs are told to add new PMC members to the PMC group, while new committers (where a TLP does not operate that a committer is not also a PMC member (ala Subversion)) are only added to the 'Unix' group. This is in fairness a carry over from the old minotaur days. The former was known as the PMC unix group, and the latter was a group created to define the PMC membership. You should never a group either defines, or does not define access control.