Document privsets in the example confs.
This commit is contained in:
parent
d7703c583e
commit
da77b103ef
2 changed files with 68 additions and 17 deletions
|
@ -186,7 +186,9 @@ auth {
|
|||
class = "users";
|
||||
};
|
||||
|
||||
/* privsets... XXX document me later */
|
||||
/* privset {} blocks MUST be specified before anything that uses them. That
|
||||
* means they must be defined before operator {}.
|
||||
*/
|
||||
privset "local_op" {
|
||||
privs = oper:local_kill, oper:operwall;
|
||||
};
|
||||
|
@ -239,9 +241,8 @@ operator "god" {
|
|||
*/
|
||||
snomask = "+Zbfkrsuy";
|
||||
|
||||
/* privileges: controls the activities and commands an oper is
|
||||
* allowed to do on the server. You may prefix an option with ~ to
|
||||
* disable it, ie ~encrypted.
|
||||
/* flags: misc options for the operator. You may prefix an option
|
||||
* with ~ to disable it, e.g. ~encrypted.
|
||||
*
|
||||
* Default flags are encrypted.
|
||||
*
|
||||
|
@ -250,10 +251,9 @@ operator "god" {
|
|||
* encrypted: the password above is encrypted [DEFAULT]
|
||||
* need_ssl: must be using SSL/TLS to oper up
|
||||
*/
|
||||
flags = global_kill, remote, kline, unkline,
|
||||
die, rehash, admin, xline, operwall;
|
||||
flags = encrypted;
|
||||
|
||||
/* privset: replaces flags */
|
||||
/* privset: privileges set to grant */
|
||||
privset = "admin";
|
||||
};
|
||||
|
||||
|
|
|
@ -18,6 +18,9 @@
|
|||
* that matches a user will be used. So place spoofs first, then specials,
|
||||
* then general access, then restricted.
|
||||
*
|
||||
* privset {} blocks MUST be specified before anything that uses them. That
|
||||
* means they must be defined before operator {}.
|
||||
*
|
||||
* Both shell style (#) and C style comments are supported.
|
||||
*
|
||||
* Files may be included by either:
|
||||
|
@ -362,10 +365,57 @@ auth {
|
|||
flags = need_ident;
|
||||
};
|
||||
|
||||
/* operator {}: defines ircd operators. (OLD O:)
|
||||
* charybdis no longer supports local operators, privileges are
|
||||
* controlled via flags.
|
||||
*/
|
||||
/* privset{}: defines operator privilege sets. */
|
||||
privset "local_op" {
|
||||
/* privs: controls the activities and commands an oper is
|
||||
* allowed to do on the server
|
||||
*
|
||||
* Available options:
|
||||
*
|
||||
* oper:local_kill: allows local users to be /KILL'd
|
||||
* oper:global_kill: allows local and remote users to be /KILL'd
|
||||
* oper:remote: allows remote SQUIT and CONNECT
|
||||
* oper:kline: allows KLINE and DLINE
|
||||
* oper:unkline: allows UNKLINE and UNDLINE
|
||||
* snomask:nick_changes: allows oper to see nickchanges via snomask +n
|
||||
* oper:rehash: allows oper to REHASH config
|
||||
* oper:die: allows DIE and RESTART
|
||||
* oper:admin: gives admin privileges. admins
|
||||
* may (un)load modules and see various
|
||||
* additional information.
|
||||
* oper:hidden_admin: gives admin privileges except
|
||||
* will not have the admin lines in
|
||||
* whois.
|
||||
* oper:xline: allows use of /quote xline/unxline
|
||||
* oper:resv: allows /quote resv/unresv and cmode +LP
|
||||
* oper:operwall: allows the oper to send/receive operwalls
|
||||
* oper:spy: allows 'operspy' features to see through +s
|
||||
* channels etc. see /quote help operspy
|
||||
* oper:hidden: hides the oper from /stats p
|
||||
* oper:remoteban: allows remote kline etc
|
||||
* oper:mass_notice: allows sending wallops and mass notices
|
||||
*/
|
||||
privs = oper:local_kill, oper:operwall;
|
||||
};
|
||||
|
||||
privset "server_bot" {
|
||||
/* extends: a privset to inherit in this privset */
|
||||
extends = "local_op";
|
||||
privs = oper:global_kill, oper:kline, oper:remoteban, snomask:nick_changes;
|
||||
};
|
||||
|
||||
privset "global_op" {
|
||||
extends = "local_op";
|
||||
privs = oper:global_kill, oper:routing, oper:kline, oper:unkline, oper:xline,
|
||||
oper:resv, oper:mass_notice, oper:remoteban;
|
||||
};
|
||||
|
||||
privset "admin" {
|
||||
extends = "global_op";
|
||||
privs = oper:admin, oper:die, oper:rehash, oper:spy;
|
||||
};
|
||||
|
||||
/* operator {}: defines ircd operators. (OLD O:) */
|
||||
operator "god" {
|
||||
/* name: the name of the oper must go above */
|
||||
|
||||
|
@ -399,19 +449,20 @@ operator "god" {
|
|||
*/
|
||||
snomask = "+Zbfkrsuy";
|
||||
|
||||
/* privileges: controls the activities and commands an oper is
|
||||
* allowed to do on the server. You may prefix an option with ~ to
|
||||
* disable it, ie ~operwall
|
||||
/* flags: misc options for the operator. You may prefix an option
|
||||
* with ~ to disable it, e.g. ~encrypted.
|
||||
*
|
||||
* Default flags are operwall, remoteban and encrypted.
|
||||
* Default flags are encrypted.
|
||||
*
|
||||
* Available options:
|
||||
*
|
||||
* encrypted: the password above is encrypted [DEFAULT]
|
||||
* need_ssl: must be using SSL/TLS to oper up
|
||||
*/
|
||||
flags = global_kill, remote, kline, unkline,
|
||||
die, rehash, admin, xline, operwall;
|
||||
flags = encrypted;
|
||||
|
||||
/* privset: privileges set to grant */
|
||||
privset = "admin";
|
||||
};
|
||||
|
||||
/* connect {}: controls servers we connect to (OLD C:, N:, H:, L:) */
|
||||
|
|
Loading…
Reference in a new issue