Policy:Proposals/3

Proposal #3 - Operator privilege sets

Written by culex

Oper privilege sets

=
====== Ops team gets no special mention -- they're just server admins. "dev" means developer of the respective codebase; so "dev" in the section for evo only means "developers of evo". "All devs" is used instead to refer to all developers with an O:line. IRCd

All-caps privileges are privs that have no configuration file option; they must be granted through services instead. These are privileges required to help without joining all the time (which, given some entry hazards, can be quite annoying). This has also the additional effect that all opers will strive to get into support team for the extra privs and thus everyone gets better support. [inherits from oper] [inherits from oper] [inherits from oper] [inherits from oper] [inherits from admin + infra] (special abilities granted by umode +N: unkillable by non-services, /shedding if not +a already) they want to use +H] +k users!), MODE -o (+k user here), PRIVMSG/NOTICE despite modes against   sending being present; way too dangerous for no use scenario] evo --- Curly braces mean that I'm requesting a level change via modcmd; the levels in the reference list are the defaults. ADD* commands have their respectice DEL* command not listed unless the level differs. 1000 is the max level, given to the first account. Apparently we have some more opers with level 1000, though. 1000 SHOULD denote "do not use" and 999 means EB-only. Command -> OpServ level reference: ACCESS                0 ADDALERT            800 ADDALERT NOTICE     800 ADDALERT [ACTION]   900 ADDBAD              800 [channels matching *word* get forbidden] ADDBADCHAN          600 {901} ADDEXEMPT           800 [channels to never consider forbidden for C] ADDTRUST            800 [irrelevant, we use newserv for that in dn2] BAN                 100 {600} [can be done with opmode and +b anyway] BLOCK              100 {600} [equivalent of qakill with optional duration] CHANINFO             0 {700} CLEARBANS          300 {600} [can be done with opmode, etc.] CLEARMODES         400 {600} [opmode etc.] CLONE              999 {1000} COLLIDE            800 {900} CSEARCH            100 {700} DEHOP              100 {600} DEHOPALL           400 {600} DEOP               100 {600} DEOPALL            400 {600} DEVOICE            300 {600} [wtf is up with that default being higher?] DEVOICEALL         300 {600} DIE                999 DUMP               999 {1000} EDITTRUST          800 [irrelevant, see ADDTRUST] GAG                600 [services ignore] GLINE              600 GSYNC              600 GTRACE             100 HOP                100 {600} HOPALL             100 {600} INVITE             100 {700} INVITEME           100 {999} [invites to the debug channel, not sure if used] JOIN               601 {900} JUMP               900 JUPE               900 {800} KICK               100 {600} [could be done with opmode + /kick anyway] FORCEKICK          900 KICKALL            400 {600} KICKBAN            100 {600} KICKBANALL         450 {600} LOG                900 {400} MODE               100 {600} OP                 100 {600} OPALL              400 {600} PART               601 {900} QUERY                0 [gets config value] {100} RAW                999 {1000} RECONNECT          900 REFRESHG           600 REFRESHS           600 REHASH             900 REOPEN             900 RESERVE            800 {999} RESTART            900 SBLOCK             100 [qakill/BLOCK with SHUN] {600} SET                900 SETTIME            901 {999} SHUN               600 SSYNC              600 STATS [STAT]         0 STRACE             100 SVSJOIN            999 SVSNICK            999 TRACE              100 {600} TRACE GLINE        600 TRACE GAG          600 TRACE KILL         600 UNBAN              100 {600} VOICE              300 {600} VOICEALL           300 {600} WARN               800 [adds join/part spam checker, I think] {600} WHOIS                0 {700 due to showing +s channels} C + OpServ levels: CREATENOTE/REMOVENOTE 800 {600} Newserv NOperserv - The flags on NOperserv are quite unprecise, lots of stuff assigned to +o. I'll probably need to sort this out and fix the distribution. Flags: s -> staff (< oper) o -> oper t -> access to trust modification functions S -> security team (we have none though) +S affects d -> newserv developer Y -> relay bot (O -> opered up) (A -> has account on NOperserv, even if no flags) (X -> anyone at all) Command reference (only for modules I think MAY use): s -> splitlist o -> channel, lsmod, chanopstat, chanoplist, chanfix, showregs, chansearch, chanstats, channelhistogram, userhistogram, clonehistogram, chanhistogram, kill, kick, spewchan, spew, compare, broadcast, obroadcast, mbroadcast, sbroadcast, cbroadcast, deluser, fakeuser, fakelist, fakekill, nickwatch, listnumerics, patrol{join,part,list}, regexgline and related, serverlist, the trust stuff t -> (empty, what the fuck) S -> (empty) d -> status, relink, die, insmod, rmmod, rehash, reload, cfdebug, cfhistogram, cfsample, cfexpire, cfsave, cfload, chanprofiles, expirecheck, inslua, rmlua, reloadlua, chanstatssave, lslua, forcegc, dumptree, usercount, settime Y -> (empty, we use none of the modules that make use of it) O -> whois, listusers, hello, splitdel A -> showcommands, userflags, noticeflags X -> help
 * 1) oper
 * local = no; implies:
 * whox = yes [This is only about LOGGING /whox, which we should always do]
 * display = yes
 * chan_limit = yes
 * mode_lchan = yes [We should disable local channels anyway, nobody cares]
 * deop_lchan = yes [see above]
 * show_invis = yes
 * show_all_invis = yes
 * local_kill = yes
 * local_gline = no [local bans make everything a bigger pain]
 * see_chan = yes [*override* to no]
 * list_chan = yes [*override* to no]
 * wide_gline = yes [*override* to no]
 * see_opers = yes
 * local_opmode = yes [*override* to no; local channels should be disabled]
 * force_local_opmode = yes [*override* to no; see above]
 * kill = yes [even though it's just a pretty useless toy]
 * opmode = yes [Fixing opless channels, etc.]
 * 1) support (global oper + support, not support oper, which is a services thing)
 * see_chan = yes
 * list_chan = yes
 * unlimit_query = yes [removes all brakes in /who with the other privs above]
 * 1) server admin
 * admin = yes [allows /shedding, /whois, see bind IP in /stats p]
 * set = yes [to be used at request of EB and infra only]
 * rehash = yes
 * die = yes
 * restart = yes
 * 1) all devs
 * 1) infra
 * remoterehash = yes
 * jupe = yes
 * local_jupe = yes
 * 1) EB
 * 1) unused
 * hide_oper [given by infra or EB on request if they have a valid reason why
 * gline [use evo instead, it's easier to track]
 * shun [see above]
 * zline, wide_zline, local_zline [glines are good enough]
 * XTRA_OPER [after setting +X, allows overriding JOIN, KICK, KILL (even against
 * CHANSERV [can set +k on self; too dangerous for no use scenario]
 * badchan, local_badchan [use evo]
 * oper, admin, all devs: 600
 * support: 700
 * infra: 800
 * dev: 900
 * EB: 999
 * oper, admin, all devs: +ots
 * dev: +otsd
 * EB: +otsSd