]> jfr.im git - irc/rqf/shadowircd.git/blob - doc/sgml/oper-guide/oprivs.sgml
projects / irc / rqf / shadowircd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Mention how to specify the default port in a remote connect.
[irc/rqf/shadowircd.git] / doc / sgml / oper-guide / oprivs.sgml
1 <chapter id="oprivs">
2 <title>Oper privileges</title>
3 <sect1 id="oprivlist">
4 <title>Meanings of oper privileges</title>
5 <para>
6 These are specified in privset{}.
7 </para>
8 <sect2>
9 <title>oper:admin, server administrator</title>
10 <para>
11 Various privileges intended for server administrators.
12 Among other things, this automatically sets umode +a and allows
13 loading modules.
14 </para>
15 </sect2>
16 <sect2>
17 <title>oper:die, die and restart</title>
18 <para>
19 This grants permission to use DIE and RESTART, shutting down
20 or restarting the server.
21 </para>
22 </sect2>
23 <sect2>
24 <title>oper:global_kill, global kill</title>
25 <para>
26 Allows using KILL on users on any server.
27 </para>
28 </sect2>
29 <sect2>
30 <title>oper:hidden, hide from /stats p</title>
31 <para>
32 This privilege currently does nothing, but was designed
33 to hide bots from /stats p so users will not message them
34 for help.
35 </para>
36 </sect2>
37 <sect2>
38 <title>oper:hidden_admin, hidden administrator</title>
39 <para>
40 This grants everything granted to the oper:admin privilege,
41 except the ability to set umode +a. If both oper:admin and oper:hidden_admin
42 are possessed, umode +a can still not be used.
43 </para>
44 </sect2>
45 <sect2>
46 <title>oper:kline, kline and dline</title>
47 <para>
48 Allows using KLINE and DLINE, to ban users by user@host mask
49 or IP address.
50 </para>
51 </sect2>
52 <sect2>
53 <title>oper:local_kill, kill local users</title>
54 <para>
55 This grants permission to use KILL on users on the same server,
56 disconnecting them from the network.
57 </para>
58 </sect2>
59 <sect2>
60 <title>oper:mass_notice, global notices and wallops</title>
61 <para>
62 Allows using server name ($$mask) and hostname ($#mask) masks in
63 NOTICE and PRIVMSG to send a message to all matching users, and
64 allows using the WALLOPS command to send a message to all users
65 with umode +w set.
66 </para>
67 </sect2>
68 <sect2>
69 <title>oper:operwall, send/receive operwall</title>
70 <para>
71 Allows using the OPERWALL command and umode +z to send and
72 receive operwalls.
73 </para>
74 </sect2>
75 <sect2>
76 <title>oper:rehash, rehash</title>
77 <para>
78 Allows using the REHASH command, to rehash various configuration
79 files or clear certain lists.
80 </para>
81 </sect2>
82 <sect2>
83 <title>oper:remoteban, set remote bans</title>
84 <para>
85 This grants the ability to use the ON argument on
86 DLINE/KLINE/XLINE/RESV and UNDLINE/UNKLINE/UNXLINE/UNRESV to set
87 and unset bans on other servers, and the server argument on REHASH.
88 This is only allowed if the oper may perform the action locally,
89 and if the remote server has a shared{} block.
90 </para>
91 <note><para>
92 If a cluster{} block is present, bans are sent remotely even
93 if the oper does not have oper:remoteban privilege.
94 </para></note>
95 </sect2>
96 <sect2>
97 <title>oper:resv, channel control</title>
98 <para>
99 This allows using /resv, /unresv and changing the channel
100 modes +L and +P.
101 </para>
102 </sect2>
103 <sect2>
104 <title>oper:routing, remote routing</title>
105 <para>
106 This allows using the third argument of the CONNECT command, to
107 instruct another server to connect somewhere, and using SQUIT
108 with an argument that is not locally connected.
109 (In both cases all opers with +w set will be notified.)
110 </para>
111 </sect2>
112 <sect2>
113 <title>oper:spy, use operspy</title>
114 <para>
115 This allows using /mode !#channel, /whois !nick, /who !#channel,
116 /chantrace !#channel, /who !mask, /masktrace !user@host :gecos
117 and /scan umodes +modes-modes global list to see through secret
118 channels, invisible users, etc.
119 </para>
120 <para>
121 All operspy usage is broadcasted to opers with snomask +Z set
122 (on the entire network) and optionally logged.
123 If you grant this to anyone, it is a good idea to establish
124 concrete policies describing what it is to be used for, and
125 what not.
126 </para>
127 <para>
128 If operspy_dont_care_user_info is enabled, /who mask is operspy
129 also, and /who !mask, /who mask, /masktrace !user@host :gecos
130 and /scan umodes +modes-modes global list do not generate +Z notices
131 or logs.
132 </para>
133 </sect2>
134 <sect2>
135 <title>oper:unkline, unkline and undline</title>
136 <para>
137 Allows using UNKLINE and UNDLINE.
138 </para>
139 </sect2>
140 <sect2>
141 <title>oper:xline, xline and unxline</title>
142 <para>
143 Allows using XLINE and UNXLINE, to ban/unban users by realname.
144 </para>
145 </sect2>
146 <sect2>
147 <title>snomask:nick_changes, see nick changes</title>
148 <para>
149 Allows using snomask +n to see local client nick changes.
150 This is designed for monitor bots.
151 </para>
152 </sect2>
153 </sect1>
154 </chapter>
155 <!-- Keep this comment at the end of the file
156 Local variables:
157 mode: sgml
158 sgml-omittag:t
159 sgml-shorttag:t
160 sgml-namecase-general:t
161 sgml-general-insert-case:lower
162 sgml-minimize-attributes:nil
163 sgml-always-quote-attributes:t
164 sgml-indent-step:2
165 sgml-indent-data:t
166 sgml-parent-document: ("charybdis-oper-guide.sgml" "book")
167 sgml-exposed-tags:nil
168 fill-column: 105
169 sgml-validate-command: "nsgmls -e -g -s -u charybdis-oper-guide.sgml"
170 End:
171 -->
Unnamed repository; edit this file 'description' to name the repository.