Naming of non-uploading DDs (Was: GR: welcome non-packaging contributors as Debian project members)
On 15/09/10 at 12:08 +0900, Stefano Zacchiroli wrote: Naming (raised by at least Luca and Lars [8,9]) == Ah, what a mess! Until a few minutes before posting the GR proposal, the text contained a s/Debian Members/non-uploading Debian Developers/ and before that several more s/// have been applied on drafts. So, believe me, I fully understand the puzzling about the name. Let's make it clear that the new role we are introducing is not something different than DDs from the POV of constitution. We are just saying that we accept as DDs (called in the constitution both developers and project members) people who contribute stuff other than packaging work. Those people will be Debian Developer, no question. The problem is that in practice we will *need* a name to distinguish on the basis of upload rights (e.g. imagine an IRC conversation on the topic of can you sponsor this upload of mine?). Either we propose a name while introducing the concept, or it will be chosen by folklore and I don't believe that would be wise. In principle, nothing stops us from leaving the name out of the GR and leave up to DAM to select one, as suggested by Luca [8]. The advantage of that is we will not tie our hands with a specific name. The drawback is that, will start to talk about the new role anyhow, without waiting for a proper name blessing. Considering all of the above, I thought that going for Debian Contributor was the better solution. If there is consensus in leaving the name out of the GR, I can apply back the above substitution. I consider that as something that do not alter the meaning of the GR and is hence something I can do without much disruption. If we go for DDs without upload rights, I think that we should be extremely careful about not transforming this new kind of DDs into second-class members of the project. A way to do that is to avoid giving them a name, and emphasize the fact that they are DDs, not another sub-kind of project members. The no upload rights part would just be a minor technical distinction. Another way to put it is, imagine you are a DC, and are writing your CV. What should you write about your status in Debian? Debian Contributor? Debian Developer? If we create the Debian Contributor term, then I'm sure that for many DCs, it will be difficult to write Debian Developer there (Imposter Syndrome, etc), even if that's what should really be written, since their contributions to Debian are not less important than those of other DDs. Just leaving it up to DAM to choose a term would not be enough to avoid that. IMHO, DDs without upload rights should not have any sexy name, and the distinction between them and DDs with upload rights should only be made where it's necessary. I don't think that the IRC conversation example you gave is a convincing one. It wouldn't hurt much to write I'm a DD without upload rights instead of I'm a Debian Contributor (it's only 6 characters more!). - Lucas -- To UNSUBSCRIBE, email to debian-vote-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100915072659.ga11...@xanadu.blop.info
Re: Naming of non-uploading DDs (Was: GR: welcome non-packaging contributors as Debian project members)
On ke, 2010-09-15 at 09:26 +0200, Lucas Nussbaum wrote: If we go for DDs without upload rights, I think that we should be extremely careful about not transforming this new kind of DDs into second-class members of the project. A way to do that is to avoid giving them a name, and emphasize the fact that they are DDs, not another sub-kind of project members. The no upload rights part would just be a minor technical distinction. Another way to put it is, imagine you are a DC, and are writing your CV. What should you write about your status in Debian? Debian Contributor? Debian Developer? If we create the Debian Contributor term, then I'm sure that for many DCs, it will be difficult to write Debian Developer there (Imposter Syndrome, etc), even if that's what should really be written, since their contributions to Debian are not less important than those of other DDs. Just leaving it up to DAM to choose a term would not be enough to avoid that. IMHO, DDs without upload rights should not have any sexy name, and the distinction between them and DDs with upload rights should only be made where it's necessary. I don't think that the IRC conversation example you gave is a convincing one. It wouldn't hurt much to write I'm a DD without upload rights instead of I'm a Debian Contributor (it's only 6 characters more!). I fully agree with Lucas. -- To UNSUBSCRIBE, email to debian-vote-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1284536165.2573.54.ca...@havelock
Re: Naming of non-uploading DDs
Lucas Nussbaum lu...@lucas-nussbaum.net writes: If we go for DDs without upload rights, I think that we should be extremely careful about not transforming this new kind of DDs into second-class members of the project. A way to do that is to avoid giving them a name, and emphasize the fact that they are DDs, not another sub-kind of project members. The no upload rights part would just be a minor technical distinction. I wholeheartedly second this. I'm one of the people who has previously argued for giving different sets of privileges different names, but after reviewing this thread, I think I was wrong. I don't think we should so that at all. DDs already have widely varying privileges. We have different levels of commit access to various project repositories. Some of us have logins on some systems that others do not. I have sudo access to lintian, for example, which most other DDs do not. Some are DSA members and have root access to many project systems. Some are ftp-master team members and have more direct access to the project archive. There are numerous other examples. Yet we're all currently called DDs. I think unlimited upload access should be simply another one of those sets of permissions that some people have and others don't. Those who need that access to do their work can receive it after appropriate vetting of their ability to use that access appropriately, just as someone would volunteer to join ftp-master, or DSA, or keyring-maint, or the Lintian maintenance team and would, after appropriate vetting, be given additional privileges to do that work. Having or not having additional access should not change the basic DD status. In fact, we should all be striving to follow the principle of least privilege and *not* have access that we don't need and don't use, since unused access is one of the primary vulnerabilities to any sort of organizational security. In the long run, I'd love to see a mechanism whereby someone who was qualified for unlimited upload access but doesn't need it for their current work in Debian could have it turned off, to reduce Debian's attack surface, and then regain it later if the nature of their work in Debian changes. Similarly, along that same vein, could we stop calling it upload rights and instead call it upload access? Rights has connotations (at least to this US English speaker) of citizenship, fundamental rights, and similar ideas, which lead directly to the conception of someone without a right as a second-class citizen of Debian. I would much rather think of it as access, just like sudo to a user, membership in some project group, or commit access to some repository is an access control. It's a security and project safety measure following both best practices for access control and a system of qualification to do something with direct impact on other people's work (just like qualification for a driver's license is required since one's operation of a car has a direct impact on other people's use of their cars). Someone without a right is someone we think less of; someone without access is someone who doesn't need it or who hasn't yet finished the qualification process for it. -- Russ Allbery (r...@debian.org) http://www.eyrie.org/~eagle/ -- To UNSUBSCRIBE, email to debian-vote-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/87pqwfjvz5@windlord.stanford.edu
Re: Naming of non-uploading DDs
I think unlimited upload access should be simply another one of those sets of permissions that some people have and others don't. Those who need that access to do their work can receive it after appropriate vetting of their ability to use that access appropriately, just as someone would volunteer to join ftp-master, or DSA, or keyring-maint, or the Lintian maintenance team and would, after appropriate vetting, be given additional privileges to do that work. Having or not having additional access should not change the basic DD status. I, using my DAM hat, don't care if this gets a name. It got one as it seemed good at the time of writing, but whatever its named (or not) is REALLY just a very tiny little bit of this thing and about as important as the fact if someone had rice or meat for breakfast. The more important part is getting the project to acknowledge the concept of a set of members/developers/whateveryounameit not having upload rights by default and letting DAM/FD/theusualpeople just manage that. The important part is opening our membership to people who deserve it, but who (most likely) never ever will maintain a package and as such currently have a hard time joiningm as we do want to see new people have at least a basic set of knowledge packaging requires (be that using a set of questions or by evaluating what they have in the archive, the procedure there is up to the AM). And the latter part should change, giving people who want to an early exit - consequently a little less ability later on, but one they dont need/want then. I, using my FTPMaster hat, do care a lot that we do not get $whateveritsname with upload rights that never ever had to show at least the basic understanding of packaging work. Looking at all the errors existing Developers do, even longstanding ones, having something like TS drop away entirely will be near death. Whoever thinks it cant be that bad should do a month of release team, qa or ftpteam work. You will think different. -- bye, Joerg Naturally; worms that don't know what they are doing end up as fish bait, instead of getting invited into weird math experiments. -- Lars Wirzenius -- To UNSUBSCRIBE, email to debian-vote-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/87fwxbquvo@gkar.ganneff.de
Re: Naming of non-uploading DDs
Joerg Jaspert jo...@debian.org writes: The more important part is getting the project to acknowledge the concept of a set of members/developers/whateveryounameit not having upload rights by default and letting DAM/FD/theusualpeople just manage that. The important part is opening our membership to people who deserve it, but who (most likely) never ever will maintain a package and as such currently have a hard time joiningm as we do want to see new people have at least a basic set of knowledge packaging requires (be that using a set of questions or by evaluating what they have in the archive, the procedure there is up to the AM). And the latter part should change, giving people who want to an early exit - consequently a little less ability later on, but one they dont need/want then. This I definitely agree with and support. -- Russ Allbery (r...@debian.org) http://www.eyrie.org/~eagle/ -- To UNSUBSCRIBE, email to debian-vote-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/87fwxbjtp6@windlord.stanford.edu
Re: GR: welcome non-packaging contributors as Debian project members
Le Tue, Sep 14, 2010 mat 06:29:24PM -0700, Russ Allbery a écrit : Charles Plessy ple...@debian.org writes: after seeing the torrent of seconds, I am still puzzled if this GR is a progress or a regression: is the take home message that Debian should be more open, or that some members must not have upload rights ? When a member does not have upload rights, is it for the principle of least needed priviledge, which suggests that getting that prividedge may be granted automaticaly later with the need, or because that member is not trusted to be able to upload correctly ? Well, if one isn't interested in upload rights, there's no need for one to qualify on upload rights during NM, which implies omitting or at least much abbreviating the Tasks and Skills part of NM. But if we want to maintain the policy that anyone with general upload rights complete Tasks and Skills for package uploads, we wouldn't want to extend those rights later without having the person go through NM. I think that this is where our point of view differ the most. I think that somebody who was accepted as a member, because he showed enough reliability in his work, respect for our procedures and commitment in his contributions, does not need to qualify again to start uploading packages when his contribution eventually evolves in that direction. We are proud to be a do-o-cracy. I think that we can let our members to demonstrate their capacities by giving them the opportunity of doing the things right, instead of passing certificates. If we trust somebody to manage correctly his SSH and GPG keys and prevent from bad people stealing his identity and loging in our machines with bad intentions, then I think that we must trust that person to not do rogue NMUs nor upload to NEW packages that they do not have the capacity to maintain. More in general, I think that the principle of least priviledge is best applied when a large majority do not need them (like driving trucks and airplanes, or logging in some machines at the core of our infrastructure), but is not much benefical when it is about managing a minority. But the core of my disagreement is not about priviledge management, which already takes place for other operations than upload, but classifying DDs through the passage of certificates, since in my understanting a DC will be a DD for whom it will be remembered that TC was not passed, and who will not be able to upload until he passes that test. I have to say that I am also worried that this is just the beginning of a more comprehensive categorization of the roles within Debian. The application managers and the front desk are doing great work in managing the request to join our project, but I object extending their role to manage the access of the DDs to the components of our architecture. Cheers, -- Charles Plessy Tsurumi, Kanagawa, Japan -- To UNSUBSCRIBE, email to debian-vote-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100915084303.ga30...@merveille.plessy.net
Re: Naming of non-uploading DDs (Was: GR: welcome non-packaging contributors as Debian project members)
On 09:26 Wed 15 Sep , Lucas Nussbaum wrote: If we go for DDs without upload rights, I think that we should be extremely careful about not transforming this new kind of DDs into second-class members of the project. A way to do that is to avoid giving them a name, and emphasize the fact that they are DDs, not another sub-kind of project members. The no upload rights part would just be a minor technical distinction. +1. I think we should not go to some kind of discrimination about terms. For example, people writing documentations are as importants as DDs but they don't need so much access than a DDs should need. A project is a whole and have members. Official members in Debian are called DD. And I think DD is a good choice since developer can be used in several contexts. For me, I see more the term developer as development inside and around the project. What we could have is. Case 1. === Debian Developer --- Unlimited upload access |- Documentation R/W access |- FTP-Master |- Release manager Case 2. === Debian Developer --- Upload access on personnal packages |- Documentation R/W access Case N. === Debian Developer --- access to ... |- access to ... I see a DD more as a project member instead of a specific member. To attribute rights we could have procedures like we have NM process for having Unlimited upload access. The documentation team could have some templates and follow contributors for attributing the DD status with Documentation R/W access. And all DD should have voting rights. Well it's just some ideas I have in mind and wanted to tell here. Maybe Im pushing things to far. Greetings, -- Xavier Oswald xosw...@debian.org GNU/Linux Debian Developer - http://www.debian.org/ GPG key ID: 0x464B8DE3 -- To UNSUBSCRIBE, email to debian-vote-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100915090146.ga12...@master
Re: Naming of non-uploading DDs (Was: GR: welcome non-packaging contributors as Debian project members)
On Wed, Sep 15, 2010 at 09:26:59AM +0200, Lucas Nussbaum wrote: If we go for DDs without upload rights, I think that we should be extremely careful about not transforming this new kind of DDs into second-class members of the project. A way to do that is to avoid giving them a name, and emphasize the fact that they are DDs, not another sub-kind of project members. The no upload rights part would just be a minor technical distinction. Another way to put it is, imagine you are a DC, and are writing your CV. What should you write about your status in Debian? Debian Contributor? Debian Developer? If we create the Debian Contributor term, then I'm sure that for many DCs, it will be difficult to write Debian Developer there (Imposter Syndrome, etc), even if that's what should really be written, since their contributions to Debian are not less important than those of other DDs. Just leaving it up to DAM to choose a term would not be enough to avoid that. IMHO, DDs without upload rights should not have any sexy name, and the distinction between them and DDs with upload rights should only be made where it's necessary. Definitely. -- Steve McIntyre, Cambridge, UK.st...@einval.com C++ ate my sanity -- Jon Rabone signature.asc Description: Digital signature
Re: Naming of non-uploading DDs (Was: GR: welcome non-packaging contributors as Debian project members)
On Wed, Sep 15, 2010 at 09:26:59AM +0200, Lucas Nussbaum wrote: If we go for DDs without upload rights, I think that we should be extremely careful about not transforming this new kind of DDs into second-class members of the project. A way to do that is to avoid giving them a name, and emphasize the fact that they are DDs, not another sub-kind of project members. The no upload rights part would just be a minor technical distinction. ... and who am I to disagree with a proposal which find consensus from Lucas to Ganneff, passing through Lars and Russ? :-) Attached you can find a tentative wording of a proposal which remove the term Debian Contributors, pretty similar to the version I had before posting (shame on me for changing that!), but maybe a bit better in that it doesn't the horrible non-uploading Debian Developer. How about it? I don't consider this as something that changes the meaning of the original GR text. I'll let the patch linger for a couple of days — actually, I'll be away for most part of tomorrow — and then I'll apply it, posting a new complete draft here shortly thereafter. Cheers. -- Stefano Zacchiroli -o- PhD in Computer Science \ PostDoc @ Univ. Paris 7 z...@{upsilon.cc,pps.jussieu.fr,debian.org} -- http://upsilon.cc/zack/ Quando anche i santi ti voltano le spalle, | . |. I've fans everywhere ti resta John Fante -- V. Caposella ...| ..: |.. -- C. Adams The Debian project aims at producing the best free operating system. To that end the project benefits from various types of contributions, including but not limited to: package maintenance, translations, infrastructure and website maintenance, porting, bug triaging and fixing, management activities, communication, testing, legal advice, quality assurance, etc. The Debian project acknowledges that: * To pursue Debian goals, package maintenance as well as a wide range of other technical and non-technical contributions are all valuable. * Active contributors of non-packaging work, which share Debian values and are ready to uphold Debian Foundation Documents, deserve the opportunity to become Debian Developers. The Debian project therefore invites the Debian Account Managers to: * Endorse the idea that contributors of non-packaging work might become Debian Developers, albeit without upload access to the Debian archive. * Establish procedures to evaluate and accept contributors of non-packaging work as Debian Developers. * Initiate the appropriate technical measures to enable contributors of non-packaging work, which get accepted as Debian Developers, to participate in Debian decision making and to access Debian infrastructure. --- debian-contributors.txt 2010-09-15 20:54:06.0 +0900 +++ /tmp/debian-contributors.txt 2010-09-15 20:54:04.507770573 +0900 @@ -12,16 +12,17 @@ * Active contributors of non-packaging work, which share Debian values and are ready to uphold Debian Foundation Documents, deserve the - opportunity to become Debian project members. + opportunity to become Debian Developers. The Debian project therefore invites the Debian Account Managers to: * Endorse the idea that contributors of non-packaging work might become - Debian Developers without upload rights to the Debian archive. These - new developers shall be recognized as Debian Contributors (DC). + Debian Developers, albeit without upload access to the Debian archive. -* Establish procedures to evaluate and accept Debian Contributors. +* Establish procedures to evaluate and accept contributors of + non-packaging work as Debian Developers. -* Initiate the appropriate technical measures to enable Debian - Contributors to participate in Debian decision making and to access - Debian infrastructure. +* Initiate the appropriate technical measures to enable contributors of + non-packaging work, which get accepted as Debian Developers, to + participate in Debian decision making and to access Debian + infrastructure. The Debian project aims at producing the best free operating system. To that end the project benefits from various types of contributions, including but not limited to: package maintenance, translations, infrastructure and website maintenance, porting, bug triaging and fixing, management activities, communication, testing, legal advice, quality assurance, etc. The Debian project acknowledges that: * To pursue Debian goals, package maintenance as well as a wide range of other technical and non-technical contributions are all valuable. * Active contributors of non-packaging work, which share Debian values and are ready to uphold Debian Foundation Documents, deserve the opportunity to become Debian [-project members.-] {+Developers.+} The Debian project therefore invites the Debian Account Managers to: * Endorse the idea that contributors of non-packaging work might become Debian [-Developers-] {+Developers, albeit+} without upload [-rights-] {+access+} to the Debian archive.
Re: Naming of non-uploading DDs (Was: GR: welcome non-packaging contributors as Debian project members)
Hi, On Wed, Sep 15, 2010 at 09:00:32PM +0900, Stefano Zacchiroli wrote: The Debian project aims at producing the best free operating system. To that end the project benefits from various types of contributions, including but not limited to: package maintenance, translations, infrastructure and website maintenance, porting, bug triaging and fixing, management activities, communication, testing, legal advice, quality assurance, etc. The Debian project acknowledges that: * To pursue Debian goals, package maintenance as well as a wide range of other technical and non-technical contributions are all valuable. * Active contributors of non-packaging work, which share Debian values and are ready to uphold Debian Foundation Documents, deserve the opportunity to become Debian Developers. The Debian project therefore invites the Debian Account Managers to: * Endorse the idea that contributors of non-packaging work might become Debian Developers, albeit without upload access to the Debian archive. * Establish procedures to evaluate and accept contributors of non-packaging work as Debian Developers. * Initiate the appropriate technical measures to enable contributors of non-packaging work, which get accepted as Debian Developers, to participate in Debian decision making and to access Debian infrastructure. I like that a lot more than the other wording, thus seconded. Simon signature.asc Description: Digital signature
Re: Naming of non-uploading DDs (Was: GR: welcome non-packaging contributors as Debian project members)
Le Wed, Sep 15, 2010 at 09:00:32PM +0900, Stefano Zacchiroli a écrit : The Debian project therefore invites the Debian Account Managers to: * Endorse the idea that contributors of non-packaging work might become Debian Developers, albeit without upload access to the Debian archive. * Establish procedures to evaluate and accept contributors of non-packaging work as Debian Developers. * Initiate the appropriate technical measures to enable contributors of non-packaging work, which get accepted as Debian Developers, to participate in Debian decision making and to access Debian infrastructure. It seems to me that, if “albeit without upload access to the Debian archive” were removed, it would not close the possibility for the people in charge to restrict upload capacities of developers who do not need them (do-o-cracy), while at the same time it would make the GR more neutral, focusing it on acceptance of new members, without suggesting restriction and therefore difference of status. Would such a change be a happy end for everybody ? Cheers, -- Charles Plessy Tsurumi, Kanagawa, Japan -- To UNSUBSCRIBE, email to debian-vote-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100915121600.gd30...@merveille.plessy.net
Re: Naming of non-uploading DDs (Was: GR: welcome non-packaging contributors as Debian project members)
On Wed, Sep 15, 2010 at 02:13:12PM +0200, Simon Richter wrote: I like that a lot more than the other wording, thus seconded. Thanks for your appreciation, but wait! :-) There are no need of seconds for this change (unless some of the previous seconders considers it unfaithful with respect to the meaning of the previous text; I don't). Cheers. -- Stefano Zacchiroli -o- PhD in Computer Science \ PostDoc @ Univ. Paris 7 z...@{upsilon.cc,pps.jussieu.fr,debian.org} -- http://upsilon.cc/zack/ Quando anche i santi ti voltano le spalle, | . |. I've fans everywhere ti resta John Fante -- V. Caposella ...| ..: |.. -- C. Adams signature.asc Description: Digital signature
Re: GR: welcome non-packaging contributors as Debian project members
On Wed, Sep 15, 2010 at 12:20:54PM +0900, Stefano Zacchiroli wrote: On Tue, Sep 14, 2010 at 04:04:24PM +0100, Philip Hands wrote: * Active contributors of non-packaging work, which share Debian values and are ready to uphold Debian Foundation Documents, deserve the opportunity for becoming Debian project members. to become or if you prefer: of becoming I bow to the superior knowledge of the British language :-) (and I encourage anyone to point out similar fixes). I hereby accept this as an editorial change that does not affect the meaning of the proposal. GR text is now also available at http://git.debian.org/?p=dpl/dpl.git In a similar vein, I propose a few changes (which add cosmetic fixes, and to my best knowledge, do not alter the meaning in any way). I attach my patch inline, as well as separately, to be sure at least one of them works! Thanks. Kumar From c6397c766cd298d7cd361910d35ece7046e5bb1f Mon Sep 17 00:00:00 2001 From: Kumar Appaiah a.ku...@alumni.iitm.ac.in Date: Tue, 14 Sep 2010 22:27:17 -0500 Subject: [PATCH] Add punctuation and fix some pronouns. --- gr/debian-contributors.txt |8 1 files changed, 4 insertions(+), 4 deletions(-) diff --git a/gr/debian-contributors.txt b/gr/debian-contributors.txt index 11e9192..0bb4e73 100644 --- a/gr/debian-contributors.txt +++ b/gr/debian-contributors.txt @@ -1,6 +1,6 @@ The Debian project aims at producing the best free operating system. -To that end the project benefits from various types of contributions, -including but not limited to: package maintenance, translations, +To that end, the project benefits from various types of contributions, +including, but not limited to: package maintenance, translations, infrastructure and website maintenance, porting, bug triaging and fixing, management activities, communication, testing, legal advice, quality assurance, etc. @@ -10,11 +10,11 @@ The Debian project acknowledges that: * To pursue Debian goals, package maintenance as well as a wide range of other technical and non-technical contributions are all valuable. -* Active contributors of non-packaging work, which share Debian values +* Active contributors of non-packaging work, who share Debian values and are ready to uphold Debian Foundation Documents, deserve the opportunity to become Debian project members. -The Debian project therefore invites the Debian Account Managers to: +The Debian project, therefore, invites the Debian Account Managers to: * Endorse the idea that contributors of non-packaging work might become Debian Developers without upload rights to the Debian archive. These -- 1.7.1 From c6397c766cd298d7cd361910d35ece7046e5bb1f Mon Sep 17 00:00:00 2001 From: Kumar Appaiah a.ku...@alumni.iitm.ac.in Date: Tue, 14 Sep 2010 22:27:17 -0500 Subject: [PATCH] Add punctuation and fix some pronouns. --- gr/debian-contributors.txt |8 1 files changed, 4 insertions(+), 4 deletions(-) diff --git a/gr/debian-contributors.txt b/gr/debian-contributors.txt index 11e9192..0bb4e73 100644 --- a/gr/debian-contributors.txt +++ b/gr/debian-contributors.txt @@ -1,6 +1,6 @@ The Debian project aims at producing the best free operating system. -To that end the project benefits from various types of contributions, -including but not limited to: package maintenance, translations, +To that end, the project benefits from various types of contributions, +including, but not limited to: package maintenance, translations, infrastructure and website maintenance, porting, bug triaging and fixing, management activities, communication, testing, legal advice, quality assurance, etc. @@ -10,11 +10,11 @@ The Debian project acknowledges that: * To pursue Debian goals, package maintenance as well as a wide range of other technical and non-technical contributions are all valuable. -* Active contributors of non-packaging work, which share Debian values +* Active contributors of non-packaging work, who share Debian values and are ready to uphold Debian Foundation Documents, deserve the opportunity to become Debian project members. -The Debian project therefore invites the Debian Account Managers to: +The Debian project, therefore, invites the Debian Account Managers to: * Endorse the idea that contributors of non-packaging work might become Debian Developers without upload rights to the Debian archive. These -- 1.7.1 signature.asc Description: Digital signature
Re: Naming of non-uploading DDs
On 15/09/10 at 10:22 +0200, Joerg Jaspert wrote: I, using my FTPMaster hat, do care a lot that we do not get $whateveritsname with upload rights that never ever had to show at least the basic understanding of packaging work. Looking at all the errors existing Developers do, even longstanding ones, having something like TS drop away entirely will be near death. Whoever thinks it cant be that bad should do a month of release team, qa or ftpteam work. You will think different. So, you say that both old and newer DDs sometimes lack packaging skills. This sounds like an acknowledgement of the failure of TS, and the NM process in general, to make sure that DDs have the necessary skills? What makes you think that completely dropping TS would make things significantly worse? I'm more and more convinced that what Debian lacks is not a more difficult NM process, but: - a culture of asking for help, advice, and reviews - work on our tools and processes to make them easier and less error-prone to use - work on our documentations to document the best practices After someone has done enough work inside Debian to earn the trust from other DDs to do the right thing when participating in the project decision making processes, I really don't see why we shouldn't also trust him about taking the necessary steps when uploading packages, even if he earned the trust of fellow DDs by doing non-packaging work, or even non-technical work. - Lucas -- To UNSUBSCRIBE, email to debian-vote-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100915124056.gb18...@xanadu.blop.info
Re: Naming of non-uploading DDs (Was: GR: welcome non-packaging contributors as Debian project members)
On 15/09/10 at 21:00 +0900, Stefano Zacchiroli wrote: Attached you can find a tentative wording of a proposal which remove the term Debian Contributors, pretty similar to the version I had before posting (shame on me for changing that!), but maybe a bit better in that it doesn't the horrible non-uploading Debian Developer. How about it? I don't consider this as something that changes the meaning of the original GR text. Much better, thanks a lot! I'm wondering whether we should write in stone (= in the GR) that people should not try to come up with a sexy name for DDs without upload access to the Debian archive. This discussion might be enough. - Lucas -- To UNSUBSCRIBE, email to debian-vote-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100915121609.ga18...@xanadu.blop.info
Re: Naming of non-uploading DDs (Was: GR: welcome non-packaging contributors as Debian project members)
On Wed, Sep 15, 2010 at 09:16:00PM +0900, Charles Plessy wrote: It seems to me that, if “albeit without upload access to the Debian archive” were removed, it would not close the possibility for the people in charge to difference of status. snip Would such a change be a happy end for everybody ? Sorry, but I really can't accept that as a simple editorial change to the text I've proposed. To go that way, please check my discussion points in http://lists.debian.org/debian-vote/2010/09/msg00052.html. Cheers. -- Stefano Zacchiroli -o- PhD in Computer Science \ PostDoc @ Univ. Paris 7 z...@{upsilon.cc,pps.jussieu.fr,debian.org} -- http://upsilon.cc/zack/ Quando anche i santi ti voltano le spalle, | . |. I've fans everywhere ti resta John Fante -- V. Caposella ...| ..: |.. -- C. Adams signature.asc Description: Digital signature
Re: Naming of non-uploading DDs
On Wed, Sep 15, 2010 at 02:40:56PM +0200, Lucas Nussbaum wrote: So, you say that both old and newer DDs sometimes lack packaging skills. This sounds like an acknowledgement of the failure of TS, and the NM process in general, to make sure that DDs have the necessary skills? Please, as requested at the start of the thread, let's stick to the point of this specific GR and not turn this into a broad discussion about NM. I appreciate you have lots of strong opinions about the NM process, although your understanding of it as has become nowadays might not be fully up to date. If you feel compelled to start a broad discussion about NM now, please feel free to do so on debian-newma...@l.d.o. Ciao, Enrico -- GPG key: 4096R/E7AD5568 2009-05-08 Enrico Zini enr...@enricozini.org signature.asc Description: Digital signature
Re: GR: welcome non-packaging contributors as Debian project members
Hi, Stefano Zacchiroli lea...@debian.org writes: --- The Debian project aims at producing the best free operating system. To that end the project benefits from various types of contributions, including but not limited to: package maintenance, translations, infrastructure and website maintenance, porting, bug triaging and fixing, management activities, communication, testing, legal advice, quality assurance, etc. The Debian project acknowledges that: * To pursue Debian goals, package maintenance as well as a wide range of other technical and non-technical contributions are all valuable. * Active contributors of non-packaging work, which share Debian values and are ready to uphold Debian Foundation Documents, deserve the opportunity for becoming Debian project members. The Debian project therefore invites the Debian Account Managers to: * Endorse the idea that contributors of non-packaging work might become Debian Developers without upload rights to the Debian archive. These new developers shall be recognized as Debian Contributors (DC). * Establish procedures to evaluate and accept Debian Contributors. * Initiate the appropriate technical measures to enable Debian Contributors to participate in Debian decision making and to access Debian infrastructure. --- Seconded. Thanks for finally pushing this to a GR. Marc -- BOFH #429: Temporal anomaly pgph5tGMdtUjV.pgp Description: PGP signature
Draft amendment: Welcome non-packaging contributors as Debian Developers with upload access
On 14/09/10 at 18:56 +0200, Lucas Nussbaum wrote: Hi, While I support welcoming non-packaging contributors as project members, I am concerned that we are creating the concept of second-class DDs (or at least, that it will be communicated like that). I see two different ways to avoid that: [A] Avoid giving DDs without upload rights any special name or title (like Debian Contributors). Their official title should be Debian Developers, and they should only be special-cased in the documents where the distinction between DDs with upload rights and DDs without upload rights is important. So, this is achieved by Stefano's new proposal, which is great news. [B] Give everybody upload rights anyway. If we trust them to influence the project's decisions through voting, we should probably trust them to do the right thing and not upload packages when they don't feel qualified to. After all, I am a DD, I have the technical power to make changes to eglibc and upload it, but I should probably not do that. Why am I treated differently from DCs in that regard? Of course, we have a problem with security, and it's probably not very reasonable to have 1000 DDs able to upload every package, and connect to every project machine. So I think that we could use this GR to ask DSA, DAM and keyring-maint to investigate changes to the Debian infrastructure that would mitigate security issues in the case of a compromise of a DD's credentials. Examples, just to illustrate what I'm thinking about: - create a limited upload rights mode, where DDs would only be allowed to upload their own packages. Action from the DD, like a login on db.debian.org, would be required to switch to full upload rights mode, and that mode would auto-expire after a month without any upload. - do something similar for access to project machines. I took some time to draft an amendment along those lines. - The Debian project aims at producing the best free operating system. To that end the project benefits from various types of contributions, including but not limited to: package maintenance, translations, infrastructure and website maintenance, porting, bug triaging and fixing, management activities, communication, testing, legal advice, quality assurance, etc. The Debian project acknowledges that: * To pursue Debian goals, package maintenance as well as a wide range of other technical and non-technical contributions are all valuable. * Active contributors of non-packaging work, which share Debian values and are ready to uphold Debian Foundation Documents, deserve the opportunity to become Debian Developers. The Debian project therefore invites the Debian Account Managers to: * Endorse the idea that contributors of non-packaging work might become Debian Developers. * Establish procedures to evaluate and accept contributors of non-packaging work as Debian Developers. Additionally, the Debian project acknowledges that the current practice of providing all Debian Developers with access to project machines, and unlimited upload permissions to the Debian archive, does not follow the principle of least privilege, and unnecessarily exposes the Debian infrastructure and the Debian archive. Therefore, the Debian project invites the relevant teams to investigate technical methods that would permit DDs to restrict their access to Debian infrastructure, and their upload access to the Debian archive, when their work does not require it. Those technical methods should only be aimed at reducing Debian's attack surface, not at limiting DDs' access and upload permissions, and DDs should be able to regain unlimited access when their work require it without going through a review of their skills. - diff with zack's most recent proposal at the end of my mail. Before pushing it forward as an amendment, I'd like to hear opinions about this: we have had problems with GRs proposing orthogonal options in the past. This amendment proposal discusses two things that are orthogonal (giving full upload access to non-packaging contributors, and limiting every DDs' access on a volunteer basis). Should the second part of the amendment (after Additionally, ..) be dropped for now? Or should we move forward as is? - Lucas --- debian-contributors.txt 2010-09-15 15:21:44.734619147 +0200 +++ debian-contributors-amendment.txt 2010-09-15 16:16:19.294612170 +0200 @@ -17,12 +17,21 @@ The Debian project therefore invites the Debian Account Managers to: * Endorse the idea that contributors of non-packaging work might become - Debian Developers, albeit without upload access to the Debian archive. + Debian Developers. * Establish procedures to evaluate and accept contributors of non-packaging work as Debian Developers. -* Initiate the appropriate technical measures to enable contributors of - non-packaging work, which get accepted as Debian Developers, to - participate in Debian decision making
What exactly is this GR supposed to do?
My main problem with this text is that while it may fit to the current realities, it makes no sense from a formalistic point of view, as large parts of the text seem to imply there was no way for non-packagers yet and there were no procedures for that. * Stefano Zacchiroli lea...@debian.org [100915 14:00]: The Debian project aims at producing the best free operating system. To that end the project benefits from various types of contributions, including but not limited to: package maintenance, translations, infrastructure and website maintenance, porting, bug triaging and fixing, management activities, communication, testing, legal advice, quality assurance, etc. The Debian project acknowledges that: * To pursue Debian goals, package maintenance as well as a wide range of other technical and non-technical contributions are all valuable. * Active contributors of non-packaging work, which share Debian values and are ready to uphold Debian Foundation Documents, deserve the opportunity to become Debian Developers. How about deserve an easier opportunity to become Debian Developers than they currently have? The Debian project therefore invites the Debian Account Managers to: * Endorse the idea that contributors of non-packaging work might become Debian Developers, albeit without upload access to the Debian archive. How about * Endorse the idea of Debian Developers without upload access to the Debian archive, to reduce perceived barriers hindering non-packagers. * Establish procedures to evaluate and accept contributors of non-packaging work as Debian Developers. Trying to reword this I must say that I do not know what it is supposed to say. Does it mean DAM should think again which parts of NM are not needed when one does not want upload access? * Initiate the appropriate technical measures to enable contributors of non-packaging work, which get accepted as Debian Developers, to participate in Debian decision making and to access Debian infrastructure. Does this imply a DD without direct upload access also does not have access to the infrastructure? Bernhard R. Link -- To UNSUBSCRIBE, email to debian-vote-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100915144542.ga22...@pcpool00.mathematik.uni-freiburg.de
Re: Draft amendment: Welcome non-packaging contributors as Debian Developers with upload access
Re: Lucas Nussbaum 2010-09-15 20100915141740.ga21...@xanadu.blop.info * Establish procedures to evaluate and accept contributors of non-packaging work as Debian Developers. Additionally, the Debian project acknowledges that the current practice of providing all Debian Developers with access to project machines, and unlimited upload permissions to the Debian archive, does not follow the principle of least privilege, and unnecessarily exposes the Debian infrastructure and the Debian archive. Therefore, the Debian project invites the relevant teams to investigate technical methods that would permit DDs to restrict their access to Debian infrastructure, and their upload access to the Debian archive, when their work does not require it. Those technical methods should only be aimed at reducing Debian's attack surface, not at limiting DDs' access and upload permissions, and DDs should be able to regain unlimited access when their work require it without going through a review of their skills. This looks overly detailed and too technical. This kind of security hardening should be done independently from the non-packaging contributors idea, if the involved parties (DSA, etc.) feel it is necessaary. Please don't include it in a GR, but propose a text that just says non-packaging DDs are just like normal DDs. Christoph -- c...@df7cb.de | http://www.df7cb.de/ signature.asc Description: Digital signature
Re: Naming of non-uploading DDs (Was: GR: welcome non-packaging contributors as Debian project members)
Le Wed, Sep 15, 2010 at 10:01:47PM +0900, Stefano Zacchiroli a écrit : On Wed, Sep 15, 2010 at 09:16:00PM +0900, Charles Plessy wrote: It seems to me that, if “albeit without upload access to the Debian archive” were removed, it would not close the possibility for the people in charge to difference of status. snip Would such a change be a happy end for everybody ? Sorry, but I really can't accept that as a simple editorial change to the text I've proposed. To go that way, please check my discussion points in http://lists.debian.org/debian-vote/2010/09/msg00052.html. In case there is a doubt: my intention is not to ask Stefano if he thinks that the proposed change is good for everybody, but it is to ask everybody who may care, in particular the Debian application managers and front desk, if the proposed change would be welcome… Good night, -- Charles -- To UNSUBSCRIBE, email to debian-vote-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100915151140.gc1...@merveille.plessy.net
Re: GR: welcome non-packaging contributors as Debian project members
Paul Wise wrote: Stefano you seem to be 5 years too late with this GR, fjp's AM report looks like he was accepted primarily for his work on documentation and translations: http://lists.debian.org/debian-newmaint/2005/02/msg00017.html Not really. From my original advocation of Frans: | Basically, Frans is now one of the relatively few core d-i developers. | I've watched him grow from a smaller contriutor to the project | (originally he was working only on the installation manual), learn all | the details of working with packages and d-i and now he's everywhere, | working on lots of different parts of d-i, from working on | network-console and the s390 port to processing installation reports and | helping users. He's made the whole thing seem impressively effortless, | while at the same time clearly putting a lot of work into the project. | Frans is exactly the kind of person we need more of on this project and | he deserves to be an official member of it. In addition, as cate pointed out, the constitution already allows DAM/FD to accept such people. And it *has* happened. For example, Mattias Wadenstein is a non-packaging DD. He works on CD building and mirroring. Here's his AM report from 2004: http://lists.debian.org/debian-newmaint/2004/09/msg00033.html -- see shy jo signature.asc Description: Digital signature
Re: Naming of non-uploading DDs (Was: GR: welcome non-packaging contributors as Debian project members)
On Wed, Sep 15, 2010 at 09:00:32PM +0900, Stefano Zacchiroli wrote: On Wed, Sep 15, 2010 at 09:26:59AM +0200, Lucas Nussbaum wrote: If we go for DDs without upload rights, I think that we should be extremely careful about not transforming this new kind of DDs into second-class members of the project. A way to do that is to avoid giving them a name, and emphasize the fact that they are DDs, not another sub-kind of project members. The no upload rights part would just be a minor technical distinction. ... and who am I to disagree with a proposal which find consensus from Lucas to Ganneff, passing through Lars and Russ? :-) Attached you can find a tentative wording of a proposal which remove the term Debian Contributors, pretty similar to the version I had before posting (shame on me for changing that!), but maybe a bit better in that it doesn't the horrible non-uploading Debian Developer. How about it? I don't consider this as something that changes the meaning of the original GR text. I'll let the patch linger for a couple of days -- actually, I'll be away for most part of tomorrow -- and then I'll apply it, posting a new complete draft here shortly thereafter. So I'm not considering this currently as an amendment. Kurt -- To UNSUBSCRIBE, email to debian-vote-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100915194009.ga14...@roeckx.be
Re: Naming of non-uploading DDs (Was: GR: welcome non-packaging contributors as Debian project members)
On Wed, Sep 15, 2010 at 02:13:12PM +0200, Simon Richter wrote: Hi, On Wed, Sep 15, 2010 at 09:00:32PM +0900, Stefano Zacchiroli wrote: The Debian project aims at producing the best free operating system. To that end the project benefits from various types of contributions, including but not limited to: package maintenance, translations, infrastructure and website maintenance, porting, bug triaging and fixing, management activities, communication, testing, legal advice, quality assurance, etc. The Debian project acknowledges that: * To pursue Debian goals, package maintenance as well as a wide range of other technical and non-technical contributions are all valuable. * Active contributors of non-packaging work, which share Debian values and are ready to uphold Debian Foundation Documents, deserve the opportunity to become Debian Developers. The Debian project therefore invites the Debian Account Managers to: * Endorse the idea that contributors of non-packaging work might become Debian Developers, albeit without upload access to the Debian archive. * Establish procedures to evaluate and accept contributors of non-packaging work as Debian Developers. * Initiate the appropriate technical measures to enable contributors of non-packaging work, which get accepted as Debian Developers, to participate in Debian decision making and to access Debian infrastructure. I like that a lot more than the other wording, thus seconded. Please don't go and make this more confusing for me. As far as I can tell this wasn't meant to be amendment yet. He will probably accept this or something simular as amendment replacing the orignal text. So at that time I could put you down as someone that seconds that proposal. You now basicly seem to have created a second proposal. Kurt -- To UNSUBSCRIBE, email to debian-vote-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100915194802.gb14...@roeckx.be
Re: Naming of non-uploading DDs (Was: GR: welcome non-packaging contributors as Debian project members)
On 09/15/2010 02:16 PM, Charles Plessy wrote: Le Wed, Sep 15, 2010 at 09:00:32PM +0900, Stefano Zacchiroli a écrit : The Debian project therefore invites the Debian Account Managers to: * Endorse the idea that contributors of non-packaging work might become Debian Developers, albeit without upload access to the Debian archive. * Establish procedures to evaluate and accept contributors of non-packaging work as Debian Developers. * Initiate the appropriate technical measures to enable contributors of non-packaging work, which get accepted as Debian Developers, to participate in Debian decision making and to access Debian infrastructure. It seems to me that, if “albeit without upload access to the Debian archive” were removed, it would not close the possibility for the people in charge to restrict upload capacities of developers who do not need them (do-o-cracy), while at the same time it would make the GR more neutral, focusing it on acceptance of new members, without suggesting restriction and therefore difference of status. I don't think we should open a second way to get upload rights to the archive, so I would *not* want to remove that part. -- Bernd ZeimetzDebian GNU/Linux Developer http://bzed.dehttp://www.debian.org GPG Fingerprint: ECA1 E3F2 8E11 2432 D485 DD95 EB36 171A 6FF9 435F -- To UNSUBSCRIBE, email to debian-vote-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4c91265a.5030...@bzed.de
Re: Naming of non-uploading DDs
Russ Allbery r...@debian.org writes: I think unlimited upload access should be simply another one of those sets of permissions that some people have and others don't. Those who need that access to do their work can receive it after appropriate vetting of their ability to use that access appropriately, just as someone would volunteer to join ftp-master, or DSA, or keyring-maint, or the Lintian maintenance team and would, after appropriate vetting, be given additional privileges to do that work. In your vision of things, who would be responsible for granting these privileges and judging whether someone can be trusted to have them? I think our current model of giving all DDs access to the whole archive if they successfully complete NM works. We have procedures to deal with abuse, and we have tools to review the work of others (like the PTS, lintian.d.o, etc). Why move to a culture of having to ask permission? In my opinion, it's very valuable that any DD can decide out of the blue to go on a RC bug fixing spree if they happen to have the time, as some have done in the past. Thanks, -- Romain Francoise rfranco...@debian.org http://people.debian.org/~rfrancoise/ -- To UNSUBSCRIBE, email to debian-vote-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/8739tau40g@elegiac.orebokech.com
Re: Naming of non-uploading DDs
Romain Francoise rfranco...@debian.org writes: Russ Allbery r...@debian.org writes: I think unlimited upload access should be simply another one of those sets of permissions that some people have and others don't. Those who need that access to do their work can receive it after appropriate vetting of their ability to use that access appropriately, just as someone would volunteer to join ftp-master, or DSA, or keyring-maint, or the Lintian maintenance team and would, after appropriate vetting, be given additional privileges to do that work. In your vision of things, who would be responsible for granting these privileges and judging whether someone can be trusted to have them? NM and DAM for unlimited upload access, at least. I think it may vary depending on what the permissions are, but for things like that, I don't see any reason to change who is doing the vetting from the current model. I think our current model of giving all DDs access to the whole archive if they successfully complete NM works. I do too when NM includes TS. The point is that we have contributors who aren't interested in packaging and don't have any need or desire to go through TS and learn a bunch of information about packaging that they'll never use. One shouldn't have to go through that part of NM unless one wants to have unlimited upload access. We have procedures to deal with abuse, and we have tools to review the work of others (like the PTS, lintian.d.o, etc). Why move to a culture of having to ask permission? I don't believe giving people unlimited upload access without going through TS is a good idea. -- Russ Allbery (r...@debian.org) http://www.eyrie.org/~eagle/ -- To UNSUBSCRIBE, email to debian-vote-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/87k4mmu166@windlord.stanford.edu
Re: Naming of non-uploading DDs (Was: GR: welcome non-packaging contributors as Debian project members)
Le Wed, Sep 15, 2010 at 10:02:34PM +0200, Bernd Zeimetz a écrit : On 09/15/2010 02:16 PM, Charles Plessy wrote: Le Wed, Sep 15, 2010 at 09:00:32PM +0900, Stefano Zacchiroli a écrit : The Debian project therefore invites the Debian Account Managers to: * Endorse the idea that contributors of non-packaging work might become Debian Developers, albeit without upload access to the Debian archive. * Establish procedures to evaluate and accept contributors of non-packaging work as Debian Developers. * Initiate the appropriate technical measures to enable contributors of non-packaging work, which get accepted as Debian Developers, to participate in Debian decision making and to access Debian infrastructure. It seems to me that, if “albeit without upload access to the Debian archive” were removed, it would not close the possibility for the people in charge to restrict upload capacities of developers who do not need them (do-o-cracy), while at the same time it would make the GR more neutral, focusing it on acceptance of new members, without suggesting restriction and therefore difference of status. I don't think we should open a second way to get upload rights to the archive, so I would *not* want to remove that part. So do you think that if “albeit without upload access to the Debian archive” is not present, the GR will prevent you from restricting upload access to the archive for the DDs who did not pass TS? I am looking for a formulation that invites you to do what you want, without giving a preference for or against the restriction of upload rights. Cheers, -- Charles -- To UNSUBSCRIBE, email to debian-vote-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100916055807.gb22...@merveille.plessy.net