X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=input%2Fdoc%2Fguest-account.creole;h=30efc9d6435de0288abe840c1480708dfa864ca9;hb=0a4a36161706310957c77d75a691586945edd46c;hp=b9010d824a22e80522c7fcb958d22940e5d3bf6d;hpb=56b079692dc1e430a322e1e563ec46464c5bef92;p=mirror%2Fdsa-wiki.git
diff --git a/input/doc/guest-account.creole b/input/doc/guest-account.creole
index b9010d8..30efc9d 100644
--- a/input/doc/guest-account.creole
+++ b/input/doc/guest-account.creole
@@ -1,9 +1,31 @@
= Guest Access to porter machines =
-People who are not DDs but are working on software in Debian are able to obtain
+People who are not DDs but are working on software in Debian are can request
access to porter machines for short term (1-2 months) in order to resolve port
issues and the like.
+The final decision about account creation remains with DSA.
+
+== DMs/NMs ==
+
+DMs (i.e. people who have their key in the debian-maintainers keyring) or
+people already in the NM process may route their request through the
+NM-frontdesk.
+
+The following information should be provided to frontdesk:
+
+* First/Middle/Last-name
+* Preferred username
+* Key **fingerprint** of the PGP key, which needs to be on the keyserver network. (fingerprint. Not a keyid. Not a link to a site that has a key or a keyserver. A fingerprint.)
+* email address
+* Signed agreement to abide by DMUP (or link to the mailinglist archive of debian-newmaint where that already was done)
+* Machine(s)/Architecture(s) to which access is needed
+* Short rationale as to //why// access is needed
+
+A member of frontdesk will verify the information for correctness, and create a
+ticket in RT (signed by the frontdesk member) asking DSA to add the new account
+to LDAP.
+
== non-DMs ==
People who are not yet DMs or NMs will need to find a DD who is willing
@@ -23,8 +45,8 @@ regarded as such.
* First/Middle/Last-name
* Preferred username
-* GPG key
-* Forwarding email address (for things like cron output etc.)
+* Key **fingerprint** of the PGP key, which needs to be on the keyserver network. (fingerprint. Not a keyid. Not a link to a site that has a key or a keyserver. A fingerprint.)
+* email address
* Signed agreement to abide by DMUP
* Machine(s)/Architecture(s) to which access is needed
* Short rationale as to //why// access is needed
@@ -33,26 +55,17 @@ regarded as such.
* Signed email containing above information
-== DMs/NMs ==
+== Notes ==
-DMs (i.e. people who have their key in the debian-maintainers keyring) or
-people already in the NM process may route their request through the
-NM-frontdesk.
+* Requests for "all architectures" are not acceptable.
+* Requests need to be clear-signed. Request-tracker munges PGP/MIME. Also, the signed DMUP agreement needs to be clear-signed.
-The following information should be provided to frontdesk:
+== Expired Accounts ==
-* First/Middle/Last-name
-* Preferred username
-* GPG key fingerprint (if key is in the debian-maintainers keyring), or key if not.
-* Forwarding email address (for things like cron output etc.)
-* Signed agreement to abide by DMUP (or link to the mailinglist archive of debian-newmaint where that already was done)
-* Machine(s)/Architecture(s) to which access is needed
-* Short rationale as to //why// access is needed
-
-A member of frontdesk will verify the information for correctness, and create a
-ticket in RT (signed by the frontdesk member) asking DSA to add the new account
-to LDAP.
+Once an account has expired the user will no longer be able to log into
+debian machines. If access is required again creating a ticket in RT should
+suffice to get it re-activated (The request should be pgp signed).
+Similarly, should access to other hosts become necessary a ticket in RT
+can be opened.
-
-The final decision about account creation remains with DSA.