Review shell access list
Some shell accounts were created manually, and other using salt. The same for the accounts' supplementary groups, including sudo and ssh-login.
As we don't have a central database for account information, it's not trivial to determine who has access to what, and with which privileges. Moreover contributors come and go — naturally — so the access list needs to be reviewed regularly to reflect the current reality. The same goes for the tdf-admin mailing list (aka hostmaster@tdf).