X-Git-Url: https://git.tld-linux.org/?p=TLD.git;a=blobdiff_plain;f=pld-builder.new%2Fconfig%2Facl.conf;fp=pld-builder.new%2Fconfig%2Facl.conf;h=81256cc3043c15cd313953ab7a9729b21ce375db;hp=0000000000000000000000000000000000000000;hb=90809c8fec988489786ce00247d9a4150070748b;hpb=ab3934fab858112cd552359b18cb980ea07c310b diff --git a/pld-builder.new/config/acl.conf b/pld-builder.new/config/acl.conf new file mode 100644 index 0000000..81256cc --- /dev/null +++ b/pld-builder.new/config/acl.conf @@ -0,0 +1,55 @@ +# +# Access Control Lists for PLD builder +# +# Format: +# +# [login]: login of user, used in messages +# +# gpg_emails: list of emails used in GPG signatures +# Message is considered to be sent by this user if *any* of emails +# listed is seen in "gpg: Good signature from ..." +# It is therefore important not to add any fake signatures to +# keyring. +# +# mailto: where to send status notification for this user. +# If not present gpg_emails[0] is assumed. +# +# privs: list of privileges. List is scanned left to right. If no +# match is found access is denied. ! before item denies access. +# Items have format :[:], +# where all three are shell wildcards and by default any branch is allowed. +# may be only specified for: src, binary, ready and upgrade +# +# Actions: +# src -- build src rpm (only makes sense if is src +# builder) +# binary -- build binary rpm +# notify -- can send notification about build process on given builder. +# Used in entries for binary builders. +# ready -- can start non-test builds +# upgrade -- can start package upgrades +# -- minimum (highest) priority allowed (default: 10) +# +# Example: +# Allow access for binary builders, except for security builders. +# Also allow building src rpms (without it binary:* wouldn't make much +# sense). Lowest priority allowe will be 3. +# +# [foo] +# gpg_emails = foo@pld-linux.org Foo.Bar@blah.com +# mailto foo-builder@blah.com +# privs = src:src !binary:security-* binary:* 3:* +# + +[bin_builder_roke] +gpg_emails = bin_builder@roke.freak +privs = notify:* + +[src_builder_roke] +gpg_emails = srpms_builder@roke.freak +privs = sign_queue:* notify:* + +[malekith] +gpg_emails = malekith@pld-linux.org +mailto = malekith@roke.freak +privs = src:roke-src binary:roke-*:AC-branch