Server Privileges
DareNET Development Wiki - Server Privileges
As it stands, ircd-darenet has five (5) access levels: ordinary user, local operator, global operator, administrator and network administrator. The last two are essentially global operators with a few additional privileges. This is hardly enough control, especially over some of the more advanced and powerful features, such as G-lines, Shuns, etc.
To compensate for this, ircd-darenet supports an operator privilege system. Privileges are essentially an arbitrarily long bit string. Access to particular features and information is governed by the value of a particular bit of that bit string. So, in other words, privileges are a form of Access Control List (ACL). Below is a table of operator privileges currently supported by ircd-darenet.
| Privilege | Purpose |
|---|---|
| CHAN_LIMIT | Channel limit not enforced. |
| MODE_LCHAN | Can use mode on local channels. |
| WALK_LCHAN | Can walk through modes on local channels. |
| DEOP_LCHAN | Cannot be deop'd on local channels. |
| SHOW_INVIS | Show local invisible (+i) users. |
| SHOW_ALL_INVIS | Show all (global) invisible (+i) users. |
| UNLIMIT_QUERY | Who queries not limited. |
| KILL | Can use /KILL (globally). |
| LOCAL_KILL | Can use /KILL locally only. |
| REHASH | Can use /REHASH. |
| REMOTEREHASH | Can use remote /REHASH. |
| RESTART | Can use /RESTART. Password still required if set. |
| DIE | Can use /DIE. Password still required if set. |
| GLINE | Can use /GLINE (globally). |
| LOCAL_GLINE | Can use /GLINE locally only. |
| ZLINE | Can use /ZLINE (globally). |
| LOCAL_ZLINE | Can use /ZLINE locally only. |
| SHUN | Can use /SHUN (globally). |
| LOCAL_SHUN | Can use /SHUN locally only. |
| JUPE | Can use /JUPE (globally). |
| LOCAL_JUPE | Can use /JUPE locally only. |
| OPMODE | Can use /OPMODE and /CLEARMODE on non-registered/quarantined channels. |
| LOCAL_OPMODE | Can use /OPMODE and /CLEARMODE on non-quarantined local channels. |
| SET | Can use /SET. |
| WHOX | Can use /who x. |
| BADCHAN | Can set bad channels globally. |
| LOCAL_BADCHAN | Can set bad channels locally only. |
| SEE_CHAN | Can see in secret channels. |
| PROPOGATE | Oper status is propogated. |
| DISPLAY | "is an oper" displayed. |
| SEE_OPERS | Can see opers that do not have the DISPLAY priv. |
| WIDE_GLINE | Can set "wide" GLINEs. |
| WIDE_ZLINE | Can set "wide" ZLINEs. |
| WIDE_SHUN | Can set "wide" SHUNs. |
| LIST_CHAN | Can list secret channels. |
| FORCE_OPMODE | Can use /OPMODE and /CLEARMODE on registered and quarantined channels. |
| FORCE_LOCAL_OPMODE | Can use /OPMODE and /CLEARMODE on quarantined local channels. |
| CHECK | Can use /CHECK. |
| SEE_SECRET_CHAN | Can see +s channels in whois replies. |
| WHOIS_NOTICE | Can set/unset usermode +W. |
| HIDE_IDLE | Can set/unset usermode +I. |
| HIDE_CHANNELS | Can set/unset usermode +n. |
| XTRAOP | Can set/unset usermode +X. (deprecated - removed in 1.3.5) |
| WALLUSERS | Can use /WALLUSERS. |
| RMLINE | Can completely remove g/zlines and shuns, even if they're deactivated. |
| DNSBL_EXEMPT | Can add/delete/modify entries to/on the DNSBL exemption list. |
| MNOTICES | Can send mass/masked messages and notices. |
| ROUTING | Can use /CONNECT and /SQUIT. |
| ROUTEINFO | Can see the actual server a user is on, use /MAP, /TRACE, /ASLL, /LINKS and view the JUPE list. |
| SERVERINFO | Can use /GET, /STATS, /HASH, /DNS and retrieve remote information. |
| UAUSPEX | Can bypass user privacy (e.g. see real hosts/ips). |
| CAUSPEX | Oper can bypass channel privacy for channels they're not on (e.g. see channel keys, view ban lists, etc). |
| SOPER | Support Operator. |
| LOCAL_WELCOME | Can add/modify/remove server welcome messages, locally. |
| WELCOME | Can add/modify/remove server welcome messages, globally. |
| DISPLAY_MODE | Is shown as an IRC operator to users. |
