Debian-news is about one simple thing - news about Debian GNU/Linux and the top free distributions based on Debian GNU/Linux.


Handling of (inactive) Debian Accounts

Joerg Jaspert announces that action should be taken on the unused accounts, as Debian gets more and more accounts.


as Debian gets more and more accounts it is only natural that we have
more and more unused accounts. People get MIA, find different interests
or simply lost interest in Debian but did not follow the normal
procedure of retiring.[1]

To reduce the security risk an unused open account has, and also to get
the number of Developers to reflect the reality, we, the Debian Account
Managers, decided to do regular “WaT”[2] runs.

Selection of the people included in those runs will be done in a way
that we avoid sending out such mails to active people. As a good start
we will take the upcoming DPL vote as an input source, everyone who doesn't
vote this year will be included in the first run.

* Please note that you can vote without expressing an opinion! *

Later on there should be more such runs, on a regular base. Input of
affected accounts can be (apart from future DPL election non-voters) the
great work from the MIA-team, but details for that need to be worked

We currently have 4 states for any given account in LDAP:

o [default]
o Emeritus
o Disabled
o Memorial

[default] is obviously what the majority of accounts has. No need to
explain it.

Memorial is a special state used for accounts that are disabled
but which we don't want reused to avoid confusion (at best), e.g. with
developers who've passed away.

Now, for the handling of the WaT runs, Emeritus and Disabled are the two
important states here:

To get into the Emeritus state you voluntarily retire from the project,
following [1] or by replying to a WaT mail.

The account will be put into the 'emeritus' state. It will get locked
and their keys are moved to a separate keyring. Their email will
continue to work for 6 months. They lose vote, upload and -private
reading privileges.

People in this stage can get their DD status back with a reduced NM

The disabled state is for people where the WaT mail bounced or who don't
reply. For the first 12 months things are the same as 'emeritus', after
that they will need to pass full NM if they want to get their DD status


[2] *W*here *a*re *T*hey?

— bye Joerg It seems to me that the account creation step could be fully automated: checking the box “approved by DAM” could trigger an insert into the LDAP database thereby creating the account. <>

No Response to “Handling of (inactive) Debian Accounts” »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Debian-News is not related to the Debian Project.
All logos and trademarks on this site are property of their respective owners.