projects / irc / rqf / shadowircd.git / blame
| Commit | Line | Data |
|---|---|---|
| 212380e3 | 1 | <chapter id="oprivs"> |
| 2 | <title>Oper privileges</title> | |
| 3 | <sect1 id="oprivlist"> | |
| 4 | <title>Meanings of oper privileges</title> | |
| 5 | <para> | |
| 1a745bf1 | 6 | These are specified in privset{}. |
| 212380e3 | 7 | </para> |
| 8 | <sect2> | |
| 1a745bf1 | 9 | <title>oper:admin, server administrator</title> |
| 212380e3 | 10 | <para> |
| 11 | Various privileges intended for server administrators. | |
| 12 | Among other things, this automatically sets umode +a and allows | |
| 13 | loading modules. | |
| 14 | </para> | |
| 15 | </sect2> | |
| 16 | <sect2> | |
| 637b590f | 17 | <title>oper:die, die and restart</title> |
| 212380e3 | 18 | <para> |
| 637b590f JT |
19 | This grants permission to use DIE and RESTART, shutting down |
| 20 | or restarting the server. | |
| 212380e3 | 21 | </para> |
| 212380e3 | 22 | </sect2> |
| 23 | <sect2> | |
| 637b590f | 24 | <title>oper:global_kill, global kill</title> |
| 212380e3 | 25 | <para> |
| 637b590f | 26 | Allows using KILL on users on any server. |
| 212380e3 | 27 | </para> |
| 28 | </sect2> | |
| 29 | <sect2> | |
| 637b590f | 30 | <title>oper:hidden, hide from /stats p</title> |
| 212380e3 | 31 | <para> |
| 637b590f JT |
32 | This privilege currently does nothing, but was designed |
| 33 | to hide bots from /stats p so users will not message them | |
| 34 | for help. | |
| 212380e3 | 35 | </para> |
| 36 | </sect2> | |
| 212380e3 | 37 | <sect2> |
| 637b590f | 38 | <title>oper:hidden_admin, hidden administrator</title> |
| 212380e3 | 39 | <para> |
| 637b590f JT |
40 | This grants everything granted to the oper:admin privilege, |
| 41 | except the ability to set umode +a. If both oper:admin and oper:hidden_admin | |
| 42 | are possessed, umode +a can still not be used. | |
| 212380e3 | 43 | </para> |
| 44 | </sect2> | |
| 45 | <sect2> | |
| 1a745bf1 | 46 | <title>oper:kline, kline and dline</title> |
| 212380e3 | 47 | <para> |
| 48 | Allows using KLINE and DLINE, to ban users by user@host mask | |
| 49 | or IP address. | |
| 50 | </para> | |
| 51 | </sect2> | |
| 52 | <sect2> | |
| 637b590f | 53 | <title>oper:local_kill, kill local users</title> |
| 212380e3 | 54 | <para> |
| 637b590f JT |
55 | This grants permission to use KILL on users on the same server, |
| 56 | disconnecting them from the network. | |
| 212380e3 | 57 | </para> |
| 625b1e58 JT |
58 | </sect2> |
| 59 | <sect2> | |
| 1a745bf1 | 60 | <title>oper:mass_notice, global notices and wallops</title> |
| 625b1e58 JT |
61 | <para> |
| 62 | Allows using server name ($$mask) and hostname ($#mask) masks in | |
| 63 | NOTICE and PRIVMSG to send a message to all matching users, and | |
| 64 | allows using the WALLOPS command to send a message to all users | |
| 65 | with umode +w set. | |
| 66 | </para> | |
| 212380e3 | 67 | </sect2> |
| 68 | <sect2> | |
| 637b590f | 69 | <title>oper:operwall, send/receive operwall</title> |
| 212380e3 | 70 | <para> |
| 637b590f JT |
71 | Allows using the OPERWALL command and umode +z to send and |
| 72 | receive operwalls. | |
| 212380e3 | 73 | </para> |
| 74 | </sect2> | |
| 75 | <sect2> | |
| 637b590f | 76 | <title>oper:rehash, rehash</title> |
| 212380e3 | 77 | <para> |
| 637b590f JT |
78 | Allows using the REHASH command, to rehash various configuration |
| 79 | files or clear certain lists. | |
| 212380e3 | 80 | </para> |
| 81 | </sect2> | |
| 82 | <sect2> | |
| 637b590f | 83 | <title>oper:remoteban, set remote bans</title> |
| 212380e3 | 84 | <para> |
| 637b590f JT |
85 | This grants the ability to use the ON argument on |
| 86 | DLINE/KLINE/XLINE/RESV and UNDLINE/UNKLINE/UNXLINE/UNRESV to set | |
| 87 | and unset bans on other servers, and the server argument on REHASH. | |
| 88 | This is only allowed if the oper may perform the action locally, | |
| 89 | and if the remote server has a shared{} block. | |
| 212380e3 | 90 | </para> |
| 637b590f JT |
91 | <note><para> |
| 92 | If a cluster{} block is present, bans are sent remotely even | |
| 93 | if the oper does not have oper:remoteban privilege. | |
| 94 | </para></note> | |
| 212380e3 | 95 | </sect2> |
| fa796470 | 96 | <sect2> |
| 1a745bf1 | 97 | <title>oper:resv, channel control</title> |
| fa796470 JT |
98 | <para> |
| 99 | This allows using /resv, /unresv and changing the channel | |
| 100 | modes +L and +P. | |
| 101 | </para> | |
| 102 | </sect2> | |
| 212380e3 | 103 | <sect2> |
| d2e3bb4a | 104 | <title>oper:routing, remote routing</title> |
| 212380e3 | 105 | <para> |
| 106 | This allows using the third argument of the CONNECT command, to | |
| 107 | instruct another server to connect somewhere, and using SQUIT | |
| 108 | with an argument that is not locally connected. | |
| 109 | (In both cases all opers with +w set will be notified.) | |
| 110 | </para> | |
| 111 | </sect2> | |
| 112 | <sect2> | |
| 1a745bf1 | 113 | <title>oper:spy, use operspy</title> |
| 212380e3 | 114 | <para> |
| 115 | This allows using /mode !#channel, /whois !nick, /who !#channel, | |
| 116 | /chantrace !#channel, /who !mask, /masktrace !user@host :gecos | |
| 117 | and /scan umodes +modes-modes global list to see through secret | |
| 118 | channels, invisible users, etc. | |
| 119 | </para> | |
| 120 | <para> | |
| 121 | All operspy usage is broadcasted to opers with snomask +Z set | |
| 122 | (on the entire network) and optionally logged. | |
| 123 | If you grant this to anyone, it is a good idea to establish | |
| 124 | concrete policies describing what it is to be used for, and | |
| 125 | what not. | |
| 126 | </para> | |
| 127 | <para> | |
| 128 | If operspy_dont_care_user_info is enabled, /who mask is operspy | |
| 129 | also, and /who !mask, /who mask, /masktrace !user@host :gecos | |
| 130 | and /scan umodes +modes-modes global list do not generate +Z notices | |
| 131 | or logs. | |
| 132 | </para> | |
| 133 | </sect2> | |
| 134 | <sect2> | |
| 1a745bf1 | 135 | <title>oper:unkline, unkline and undline</title> |
| 212380e3 | 136 | <para> |
| d5a432fa | 137 | Allows using UNKLINE and UNDLINE. |
| 212380e3 | 138 | </para> |
| 139 | </sect2> | |
| 140 | <sect2> | |
| 1a745bf1 | 141 | <title>oper:xline, xline and unxline</title> |
| 212380e3 | 142 | <para> |
| 143 | Allows using XLINE and UNXLINE, to ban/unban users by realname. | |
| 144 | </para> | |
| 145 | </sect2> | |
| 146 | <sect2> | |
| 637b590f | 147 | <title>snomask:nick_changes, see nick changes</title> |
| 212380e3 | 148 | <para> |
| 637b590f JT |
149 | Allows using snomask +n to see local client nick changes. |
| 150 | This is designed for monitor bots. | |
| 212380e3 | 151 | </para> |
| 212380e3 | 152 | </sect2> |
| 153 | </sect1> | |
| 154 | </chapter> | |
| 155 | <!-- Keep this comment at the end of the file | |
| 156 | Local variables: | |
| 157 | mode: sgml | |
| 158 | sgml-omittag:t | |
| 159 | sgml-shorttag:t | |
| 160 | sgml-namecase-general:t | |
| 161 | sgml-general-insert-case:lower | |
| 162 | sgml-minimize-attributes:nil | |
| 163 | sgml-always-quote-attributes:t | |
| 164 | sgml-indent-step:2 | |
| 165 | sgml-indent-data:t | |
| 166 | sgml-parent-document: ("charybdis-oper-guide.sgml" "book") | |
| 167 | sgml-exposed-tags:nil | |
| 168 | fill-column: 105 | |
| 169 | sgml-validate-command: "nsgmls -e -g -s -u charybdis-oper-guide.sgml" | |
| 170 | End: | |
| 171 | --> |