Changes

Mostly to be granted only as last resort. Demand that problems be documented in the service page. Also includes some clarification in the wording.
anarcat · 2652b9cd
--- a/policy/tpa-rfc-7-root.md
+++ b/policy/tpa-rfc-7-root.md
@@ -78,15 +78,19 @@ concerns only membership to the TPA team and access to servers.
 Members of TPA SHOULD have all access levels defined above.
-Service admins MAY have access to some accesses. In general, they MUST
+Service admins MAY have some access to some servers. In general, they
-have `sudo` access to some role account to manage their own service,
+MUST have `sudo` access to a role account to manage their own
-but they MAY be granted LIMITED `root` access (through `sudo`) only on
+service. They MAY be granted LIMITED `root` access (through `sudo`)
-the server(s) which host the service they are admin for.
+only on the server(s) which host their service, but this should be
+granted only if there are no other technical way to implement the
+service.
 In general, service admins SHOULD use their `root` access in
 "read-only" mode for debugging, as much as possible. Any "write"
 changes MUST be documented, either in a ticket or in an email to the
-TPA team (if the ticket system is down). 
+TPA team (if the ticket system is down). Common problems and their
+resolutions SHOULD be documented in the [service documentation
+page](service).
 Service admins are responsible for any breakage they cause to systems
 while they use elevated privileges.