Update SGML docs for need_ssl and new oper priv system.
This commit is contained in:
parent
850b23f3a9
commit
1a745bf1a5
|
@ -410,6 +410,12 @@ auth {
|
|||
<para>Users in this auth{} block must have identd, otherwise they will be rejected.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
<term>need_ssl</term>
|
||||
<listitem>
|
||||
<para>Users in this auth{} block must be connected via SSL/TLS, otherwise they will be rejected.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
<term>need_sasl</term>
|
||||
<listitem>
|
||||
|
@ -442,6 +448,33 @@ exempt {
|
|||
</varlistentry>
|
||||
</variablelist>
|
||||
</sect2>
|
||||
<sect2>
|
||||
<title>privset {} block</title>
|
||||
<synopsis>
|
||||
privset {
|
||||
extends = "<replaceable>name</replaceable>";
|
||||
privs = <replaceable>list</replaceable>;
|
||||
};</synopsis>
|
||||
<para>
|
||||
A privset (privilege set) block specifies a set of
|
||||
operator privileges.
|
||||
</para>
|
||||
<variablelist>
|
||||
<title>privset {} variables</title>
|
||||
<varlistentry>
|
||||
<term>extends</term>
|
||||
<listitem>
|
||||
<para>An optional privset to inherit. The new privset will have all privileges that the given privset has.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
<term>privs</term>
|
||||
<listitem>
|
||||
<para>Privileges to grant to this privset. These are described in the operator privileges section.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
</variablelist>
|
||||
</sect2>
|
||||
<sect2>
|
||||
<title>operator {} block</title>
|
||||
<synopsis>
|
||||
|
@ -510,19 +543,35 @@ operator "<replaceable>name</replaceable>" {
|
|||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
<term>flags</term>
|
||||
<term>privset</term>
|
||||
<listitem>
|
||||
<para>
|
||||
A listing of privileges granted to operators using this block.
|
||||
By default, the mass_notice, operwall, remoteban and resv privileges are granted;
|
||||
use ~mass_notice, ~operwall, ~remoteban and ~resv to disable them if necessary.
|
||||
</para>
|
||||
<para>
|
||||
In addition, a flag designating if the password is encrypted is here.
|
||||
Privileges are documented elsewhere in this guide.
|
||||
The privilege set granted to successfully opered clients.
|
||||
This must be defined before this operator{} block.
|
||||
</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
<term>flags</term>
|
||||
<listitem>
|
||||
<para>A list of flags to apply to this operator{} block. They are listed below.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
</variablelist>
|
||||
<variablelist>
|
||||
<title>operator {} flags</title>
|
||||
<varlistentry>
|
||||
<term>encrypted</term>
|
||||
<listitem>
|
||||
<para>The password used has been encrypted. This is enabled by default, use ~encrypted to disable it.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
<term>need_ssl</term>
|
||||
<listitem>
|
||||
<para>Restricts use of this operator{} block to SSL/TLS connections only.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
</variablelist>
|
||||
</sect2>
|
||||
<sect2>
|
||||
|
|
|
@ -3,12 +3,10 @@
|
|||
<sect1 id="oprivlist">
|
||||
<title>Meanings of oper privileges</title>
|
||||
<para>
|
||||
These are flags in operator{}.
|
||||
The letter appears after opering up and in /stats o; an uppercase
|
||||
letter means the privilege is possessed, lowercase means it is not.
|
||||
These are specified in privset{}.
|
||||
</para>
|
||||
<sect2>
|
||||
<title>admin (A), server administrator</title>
|
||||
<title>oper:admin, server administrator</title>
|
||||
<para>
|
||||
Various privileges intended for server administrators.
|
||||
Among other things, this automatically sets umode +a and allows
|
||||
|
@ -16,7 +14,7 @@
|
|||
</para>
|
||||
</sect2>
|
||||
<sect2>
|
||||
<title>remoteban (B), set remote bans</title>
|
||||
<title>oper:remoteban, set remote bans</title>
|
||||
<para>
|
||||
This grants the ability to use the ON argument on
|
||||
DLINE/KLINE/XLINE/RESV and UNDLINE/UNKLINE/UNXLINE/UNRESV to set
|
||||
|
@ -26,46 +24,46 @@
|
|||
</para>
|
||||
<note><para>
|
||||
If a cluster{} block is present, bans are sent remotely even
|
||||
if the oper does not have remoteban privilege.
|
||||
if the oper does not have oper:remoteban privilege.
|
||||
</para></note>
|
||||
</sect2>
|
||||
<sect2>
|
||||
<title>local_kill (C), kill local users</title>
|
||||
<title>oper:local_kill, kill local users</title>
|
||||
<para>
|
||||
This grants permission to use KILL on users on the same server,
|
||||
disconnecting them from the network.
|
||||
</para>
|
||||
</sect2>
|
||||
<sect2>
|
||||
<title>die (D), die and restart</title>
|
||||
<title>oper:die, die and restart</title>
|
||||
<para>
|
||||
This grants permission to use DIE and RESTART, shutting down
|
||||
or restarting the server.
|
||||
</para>
|
||||
</sect2>
|
||||
<sect2>
|
||||
<title>rehash (H), rehash</title>
|
||||
<title>oper:rehash, rehash</title>
|
||||
<para>
|
||||
Allows using the REHASH command, to rehash various configuration
|
||||
files or clear certain lists.
|
||||
</para>
|
||||
</sect2>
|
||||
<sect2>
|
||||
<title>kline (K), kline and dline</title>
|
||||
<title>oper:kline, kline and dline</title>
|
||||
<para>
|
||||
Allows using KLINE and DLINE, to ban users by user@host mask
|
||||
or IP address.
|
||||
</para>
|
||||
</sect2>
|
||||
<sect2>
|
||||
<title>operwall (L), send/receive operwall</title>
|
||||
<title>oper:operwall, send/receive operwall</title>
|
||||
<para>
|
||||
Allows using the OPERWALL command and umode +z to send and
|
||||
receive operwalls.
|
||||
</para>
|
||||
</sect2>
|
||||
<sect2>
|
||||
<title>mass_notice (M), global notices and wallops</title>
|
||||
<title>oper:mass_notice, global notices and wallops</title>
|
||||
<para>
|
||||
Allows using server name ($$mask) and hostname ($#mask) masks in
|
||||
NOTICE and PRIVMSG to send a message to all matching users, and
|
||||
|
@ -74,20 +72,20 @@
|
|||
</para>
|
||||
</sect2>
|
||||
<sect2>
|
||||
<title>nick_changes (N), see nick changes</title>
|
||||
<title>snomask:nick_changes, see nick changes</title>
|
||||
<para>
|
||||
Allows using snomask +n to see local client nick changes.
|
||||
This is designed for monitor bots.
|
||||
</para>
|
||||
</sect2>
|
||||
<sect2>
|
||||
<title>global_kill (O), global kill</title>
|
||||
<title>oper:global_kill, global kill</title>
|
||||
<para>
|
||||
Allows using KILL on users on any server.
|
||||
</para>
|
||||
</sect2>
|
||||
<sect2>
|
||||
<title>hidden_oper (P), hide from /stats p</title>
|
||||
<title>oper:hidden, hide from /stats p</title>
|
||||
<para>
|
||||
This privilege currently does nothing, but was designed
|
||||
to hide bots from /stats p so users will not message them
|
||||
|
@ -95,14 +93,14 @@
|
|||
</para>
|
||||
</sect2>
|
||||
<sect2>
|
||||
<title>resv (Q), channel control</title>
|
||||
<title>oper:resv, channel control</title>
|
||||
<para>
|
||||
This allows using /resv, /unresv and changing the channel
|
||||
modes +L and +P.
|
||||
</para>
|
||||
</sect2>
|
||||
<sect2>
|
||||
<title>remote (R), remote routing</title>
|
||||
<title>oper:remote, remote routing</title>
|
||||
<para>
|
||||
This allows using the third argument of the CONNECT command, to
|
||||
instruct another server to connect somewhere, and using SQUIT
|
||||
|
@ -111,7 +109,7 @@
|
|||
</para>
|
||||
</sect2>
|
||||
<sect2>
|
||||
<title>oper_spy (S), use operspy</title>
|
||||
<title>oper:spy, use operspy</title>
|
||||
<para>
|
||||
This allows using /mode !#channel, /whois !nick, /who !#channel,
|
||||
/chantrace !#channel, /who !mask, /masktrace !user@host :gecos
|
||||
|
@ -133,27 +131,24 @@
|
|||
</para>
|
||||
</sect2>
|
||||
<sect2>
|
||||
<title>unkline (U), unkline and undline</title>
|
||||
<title>oper:unkline, unkline and undline</title>
|
||||
<para>
|
||||
Allows using UNKLINE and UNDLINE.
|
||||
</para>
|
||||
</sect2>
|
||||
<sect2>
|
||||
<title>xline (X), xline and unxline</title>
|
||||
<title>oper:xline, xline and unxline</title>
|
||||
<para>
|
||||
Allows using XLINE and UNXLINE, to ban/unban users by realname.
|
||||
</para>
|
||||
</sect2>
|
||||
<sect2>
|
||||
<title>hidden_admin, hidden administrator</title>
|
||||
<title>oper:hidden_admin, hidden administrator</title>
|
||||
<para>
|
||||
This grants everything granted to the admin privilege,
|
||||
except the ability to set umode +a. If both admin and hidden_admin
|
||||
except the ability to set umode +a. If both oper:admin and oper:hidden_admin
|
||||
are possessed, umode +a can still not be used.
|
||||
</para>
|
||||
<note><para>
|
||||
This privilege does not appear in /stats o or oper up notices.
|
||||
</para></note>
|
||||
</sect2>
|
||||
</sect1>
|
||||
</chapter>
|
||||
|
|
Loading…
Reference in New Issue