not possible for ubuntu-sru team member to use sru-remove
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Launchpad itself |
Triaged
|
High
|
Unassigned |
Bug Description
I received the following Traceback when trying to remove a package from -proposed.
$ ./sru-remove -s xenial -p golang-go.crypto 1634609
Removing packages from xenial-proposed:
Comment: The package was removed due to its SRU bug(s) not being verified in a timely fashion.
Traceback (most recent call last):
File "./remove-package", line 136, in <module>
main()
File "./remove-package", line 132, in main
remove_
File "./remove-package", line 79, in remove_package
removal_
File "/usr/lib/
extra_
File "/usr/lib/
raise error
lazr.restfulcli
Response headers:
---
-content-encoding: gzip
content-length: 93
content-type: text/plain
date: Thu, 28 Sep 2017 15:12:14 GMT
server: zope.server.http (HTTP)
status: 401
strict-
vary: Accept,
x-content-
x-frame-options: SAMEORIGIN
x-launchpad-
x-lazr-
x-powered-by: Zope (www.zope.org), Python (www.python.org)
x-xss-protection: 1; mode=block
---
Response body:
---
(<SourcePackage
---
ERROR: There was an error removing golang-go.crypto from xenial-proposed.
I believe this works for archive admins and that ubuntu-sru should be able to use requestDeletion.
summary: |
- not possible for ubuntu-sru team member to use sru-remvoe + not possible for ubuntu-sru team member to use sru-remove |
The problem is that the granular permissions the SRU and Release teams have are based solely on the queue, and not the archive. Once a package is accepted, those queue permissions become irrelevant, and the archive admins own it.
I don't disagree with what would be the ultimate conclusion here, which is that finer-grained archive admin permissions per series and pocket would be desirable (though, there'd also need to be extra training/caution involved before handing people the ability to break things as spectacularly as incorrect deletions can), but I suspect it'd be quite an overhaul to retrofit that request into LP.