add more requirements for root

Mostly to be granted only as last resort. Demand that problems be documented in the service page. Also includes some clarification in the wording.

add more requirements for root
efeb6df2 · anarcat · 45c017ef · efeb6df2
Unverified Commit efeb6df2 authored 4 years ago by anarcat
--- a/policy/tpa-rfc-7-root.md
+++ b/policy/tpa-rfc-7-root.md
@@ -78,15 +78,19 @@ concerns only membership to the TPA team and access to servers.

 Members of TPA SHOULD have all access levels defined above.

-Service admins MAY have access to some accesses. In general, they MUST
-have `sudo` access to some role account to manage their own service,
-but they MAY be granted LIMITED `root` access (through `sudo`) only on
-the server(s) which host the service they are admin for.
+Service admins MAY have some access to some servers. In general, they
+MUST have `sudo` access to a role account to manage their own
+service. They MAY be granted LIMITED `root` access (through `sudo`)
+only on the server(s) which host their service, but this should be
+granted only if there are no other technical way to implement the
+service.

 In general, service admins SHOULD use their `root` access in
 "read-only" mode for debugging, as much as possible. Any "write"
 changes MUST be documented, either in a ticket or in an email to the
-TPA team (if the ticket system is down). 
+TPA team (if the ticket system is down). Common problems and their
+resolutions SHOULD be documented in the [service documentation
+page](service).

 Service admins are responsible for any breakage they cause to systems
 while they use elevated privileges.