From e1f7b2844093a084076a7e173b410a5d31ff6674 Mon Sep 17 00:00:00 2001
From: Mitchell E Berger <mitchb@mit.edu>
Date: Tue, 20 Dec 2011 13:41:10 -0500
Subject: [PATCH 1/1] Add a repo_access configuration hook to grant VCS access
 to developers not trusted to build into any package
 pockets

---
 debian/changelog  |    7 +++++++
 invirt-build-conf |    4 ++++
 2 files changed, 11 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 0a99b19..b7add8e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+invirt-dev (0.1.19) unstable; urgency=low
+
+  * Add a repo_access configuration hook to grant VCS access to
+    developers not trusted to build into any package pockets
+
+ -- Mitchell Berger <mitchb@mit.edu>  Tue, 20 Dec 2011 13:40:00 -0500
+
 invirt-dev (0.1.18) unstable; urgency=low
 
   * Remove the source package when the binary package name is not the same
diff --git a/invirt-build-conf b/invirt-build-conf
index cd0a750..8df29d2 100755
--- a/invirt-build-conf
+++ b/invirt-build-conf
@@ -61,6 +61,10 @@ def main():
         print >>f, 'create repo /usr/bin/invirt-add-repo /etc/remctl/acl/repo_admin'
 
     with atomic_write(os.path.join(builder._REPO_DIR, '.k5login')) as f:
+        if 'repo_access' in config.build:
+            acl = authz.expandAdmin(config.build.repo_access)
+            princs = [userToPrinc(a) for a in acl]
+            all_devs.update(set(princs))
         print >>f, '\n'.join(all_devs)
 
 
-- 
1.7.9.5