Re: devmapper: call for votes

To: debian-ctte@lists.debian.org
Subject: Re: devmapper: call for votes
From: Manoj Srivastava <srivasta@debian.org>
Date: Thu, 06 Apr 2006 08:25:15 -0500
Message-id: <[🔎] 87hd563kg4.fsf@glaurung.internal.golden-gryphon.com>
In-reply-to: <[🔎] 20060406085952.GC22073@mauritius.dodds.net> (Steve Langasek's message of "Thu, 6 Apr 2006 01:59:52 -0700")
References: <[🔎] 20060406085952.GC22073@mauritius.dodds.net>

On 6 Apr 2006, Steve Langasek said this:

> I'm calling for a vote on the following resolution regarding bug
> #329409.  The only proposed amendment, by Raul, has been accepted;
> so this is the only option on the ballot (other than further
> discussion).
>
> I vote yes on this resolution.
>
> Cheers,

        I vote yes on the resolution below.

        manoj

Attachment: pgpeSgr5XQd1c.pgp
Description: PGP signature

WHEREAS

 1. It is a limitation of the current device-mapper implementation in Debian
    that all device nodes managed by libdevmapper are created with the same
    hard-coded ownership and permissions; and

 2. The standard owning group for disk device nodes is group "disk"; and

 3. The sole reason for the existence of this group on Debian systems is
    to control access to disk devices; and

 4. The majority of device-mapper nodes expose data that is already
    available to members of the disk group via the component disks; and

 5. The use of a different owning group in these cases therefore makes
    accessing the data more inconvenient but not more secure; and

 6. The exception to the above is dm-crypt, whereby device-mapper nodes
    expose data that is not available in unencrypted form from the
    component disks; and

 7. No single owning group satisfies all possible use cases for
    device-mapper; but

 8. Users of dm-crypt have the option of not adding users to the disk
    group that they do not wish to have access to their unencrypted 
    dm-crypt volumes;

THE TECHNICAL COMMITTEE:

 9. THANKS Bastian Blank for his continued maintenance of the devmapper
    package in Debian; and

10. ALSO THANKS Roger Leigh for bringing this issue before the
    committee; and

11. ENCOURAGES the devmapper maintainer to work towards support for
    configurable device-mapper device permissions in Debian; and

12. DETERMINES that the correct default permissions for all device-mapper
    nodes is root:disk 0660, with or without support for configurable device
    permissions; and

13. ASKS (with a 3:1 majority: REQUIRES) the devmapper maintainer to
    implement these permissions in unstable by applying Roger Leigh's
    patch from
    http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=329409;msg=87;att=0;
    and

14. RECOMMENDS policy be updated to reflect this determination on
    default block device permissions; and

15. AUTHORIZES Roger to implement these same permissions in stable via a
    non-maintainer upload.
-- 
Darth Vader!  Only you would be so bold! Princess Leia Organa
Manoj Srivastava   <srivasta@debian.org>  <http://www.debian.org/%7Esrivasta/>
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C

Reply to:

References:
- devmapper: call for votes
  - From: Steve Langasek <vorlon@debian.org>

Prev by Date: Re: devmapper: call for votes
Next by Date: Re: devmapper: call for votes
Previous by thread: Re: devmapper: call for votes
Next by thread: Re: devmapper: call for votes
Index(es):
- Date
- Thread