[opensolaris-summit] OS Summit topic proposal

Shawn Walker binarycrusader at gmail.com
Sat Sep 15 09:39:53 PDT 2007 

On 15/09/2007, Stephen Hahn <sch at sun.com> wrote:
> * Garrett D'Amore <Garrett.Damore at sun.com> [2007-09-14 22:09]:
> > Another issue that I'd like to see dealt with is defect/CR tracking.
> > Right now, it is impossible to get a bugster category, even as a Sun
> > employee, for a product that does not have a Sun manager.  (For example,
> > I was unable to get a category for issues relating to Tadpole platform
> > support... because no manager at Sun owns this, apparently.  Now, my
> > current manager has agreed to sign up as the owner for such a category,
> > but that doesn't scale well... longer term we need a solution which
> > accommodates 3rd party hardware better.)
>
>   Yes, the absence of an opensolaris DTS is a significant hindrance
>   (hitting on other aspects as well as this one).  We can talk about a
>   proper plan at the summit, but basically we need some help eliminating
>   candidates according to
>
>   http://opensolaris.org/sc/src/website/spec/dts-requirements/d-dts-requirements.txt
>
>   (I think E2 might eliminate almost every choice but Bugzilla 3.x, if
>   anyone's motivated to read some docs and run a sample instance of a
>   few candidates.)

In case others were wondering, E2 would appear to be this:

        E2.  Selective differentiated access

        A mechanism must exist to indicate that a defect is private to a
        set of Participants, and no part of it may be made accessible to
        Participants not in that set, even if the defect's subcategory
        would otherwise cause it to be accessible.  (DTS Administrators
        will have access to all defects.)

        This requirement is to allow for security coordination, and
        similar efforts.  (Requests for differentiated access are
        expected to be managed by the Tools Group, the Board, or a
        designee.  Distributions are expected to keep customer
        confidential data external to the Community DTS.)

In which case, I agree with Stephen. However, it seems to me that
there are some specific requirements in other points that are going to
require some customisation to any solution we choose. BugZilla
definitely seems the closest of all the candidates I've seen so far.
Especially, since BugZilla 3.x appears to have a very good focus on
having excellent security.

The main piece of functionality that seems to be missing from BugZilla
3.x, at the moment, is the ability to have confidential users. In
other words, users that will be "masked" to people outside of a
certain group and that will only be available for selection,
assignment, etc. to people in that certain group. However, I may have
missed this functionality inadvertently.

It looks as though the requested evaluation is already happening on
the tools-discuss list. Notably, a poster there named "timeless" has
been rather tireless in posting evaluations.

-- 
Shawn Walker, Software and Systems Analyst
binarycrusader at gmail.com - http://binarycrusader.blogspot.com/

"Beware of bugs in the above code; I have only proved it correct, not
tried it. " --Donald Knuth

More information about the opensolaris-summit mailing list