diff options
author | Attila Molnar <attilamolnar@hush.com> | 2014-04-07 13:40:51 +0200 |
---|---|---|
committer | Attila Molnar <attilamolnar@hush.com> | 2014-04-07 13:40:51 +0200 |
commit | f71e6bf9cb41811f18864f5d4eecb26e29d03f25 (patch) | |
tree | 88586e73f7ff864081b8831a88637680267b7201 /docs/conf/opers.conf.example | |
parent | ce78080782c261aed2c0314bc8c66babc1369be2 (diff) | |
parent | 493ff75f1f89a7ede2800eff0368740fbaf02aa4 (diff) |
Merge insp20
Diffstat (limited to 'docs/conf/opers.conf.example')
-rw-r--r-- | docs/conf/opers.conf.example | 108 |
1 files changed, 55 insertions, 53 deletions
diff --git a/docs/conf/opers.conf.example b/docs/conf/opers.conf.example index b42f3129a..524ebce34 100644 --- a/docs/conf/opers.conf.example +++ b/docs/conf/opers.conf.example @@ -8,25 +8,26 @@ # Note: It is possible to make a class which covers all available # # commands. To do this, specify commands="*". This is not really # # recommended, as it negates the whole purpose of the class system, # -# however it is provided for fast configuration (e.g. in test nets) # +# however it is provided for fast configuration (e.g. in test nets). # # # <class name="Shutdown" - # commands: oper commands that users of this class can run. - commands="DIE RESTART REHASH LOADMODULE UNLOADMODULE RELOAD GUNLOADMODULE GRELOADMODULE SAJOIN SAPART SANICK SAQUIT SATOPIC" + # commands: Oper-only commands that opers of this class can run. + commands="DIE RESTART REHASH LOADMODULE UNLOADMODULE RELOADMODULE GUNLOADMODULE GRELOADMODULE" - # privs: special privileges that users with this class may utilise. + # privs: Special privileges that users with this class may utilise. # VIEWING: # - channels/auspex: allows opers with this priv to see more detail about channels than normal users. - # - users/auspex: allows opers with this priv to view more details about users than normal users. + # - users/auspex: allows opers with this priv to view more details about users than normal users, e.g. real host and IP. # - servers/auspex: allows opers with this priv to see more detail about server information than normal users. # ACTIONS: # - users/mass-message: allows opers with this priv to PRIVMSG and NOTICE to a server mask (e.g. NOTICE $*) # - users/samode-usermodes: allows opers with this priv to change the user modes of any other user using /SAMODE # - channels/high-join-limit: allows opers with this priv to join <channels:opers> total channels instead of <channels:users> total channels. # PERMISSIONS: + # - users/flood/no-fakelag: prevents opers from being penalized with fake lag for flooding (*NOTE) # - users/flood/no-throttle: allows opers with this priv to send commands without being throttled (*NOTE) # - users/flood/increased-buffers: allows opers with this priv to send and receive data without worrying about being disconnected for exceeding limits (*NOTE) # @@ -39,10 +40,11 @@ # chanmodes: Oper-only channel modes that opers with this class can use. chanmodes="*"> -<class name="ServerLink" commands="CONNECT SQUIT CONNECT MKPASSWD ALLTIME SWHOIS CLOSE JUMPSERVER LOCKSERV" usermodes="*" chanmodes="*" privs="servers/auspex"> -<class name="BanControl" commands="KILL GLINE KLINE ZLINE QLINE ELINE TLINE RLINE CHECK NICKLOCK SHUN CLONES CBAN CLEARCHAN" usermodes="*" chanmodes="*"> -<class name="OperChat" commands="WALLOPS GLOBOPS SETIDLE" usermodes="*" chanmodes="*" privs="users/mass-message"> -<class name="HostCloak" commands="SETHOST SETIDENT SETNAME CHGHOST CHGIDENT" usermodes="*" chanmodes="*" privs="users/auspex"> +<class name="SACommands" commands="SAJOIN SAPART SANICK SAQUIT SATOPIC SAKICK SAMODE"> +<class name="ServerLink" commands="CONNECT SQUIT RCONNECT RSQUIT MKPASSWD ALLTIME SWHOIS JUMPSERVER LOCKSERV UNLOCKSERV" usermodes="*" chanmodes="*" privs="servers/auspex"> +<class name="BanControl" commands="KILL GLINE KLINE ZLINE QLINE ELINE TLINE RLINE CHECK NICKLOCK NICKUNLOCK SHUN CLONES CBAN CLOSE" usermodes="*" chanmodes="*"> +<class name="OperChat" commands="WALLOPS GLOBOPS" usermodes="*" chanmodes="*" privs="users/mass-message"> +<class name="HostCloak" commands="SETHOST SETIDENT CHGNAME CHGHOST CHGIDENT SETIDLE" usermodes="*" chanmodes="*" privs="users/auspex"> #-#-#-#-#-#-#-#-#-#-#-#- OPERATOR COMPOSITION -#-#-#-#-#-#-#-#-#-#-# @@ -53,44 +55,44 @@ # # <type - # name: Name of type. Used in actual olines below. + # name: Name of type. Used in actual server operator accounts below. name="NetAdmin" - # classes: classes (above blocks) that this type belongs to. - classes="OperChat BanControl HostCloak Shutdown ServerLink" + # classes: Classes (blocks above) that this type belongs to. + classes="SACommands OperChat BanControl HostCloak Shutdown ServerLink" - # vhost: host oper gets on oper-up. This is optional. - vhost="netadmin.omega.org.za" + # vhost: Host opers of this type get when they log in (oper up). This is optional. + vhost="netadmin.omega.example.org" - # modes: usermodes besides +o that are set on a oper of this type + # modes: User modes besides +o that are set on an oper of this type # when they oper up. Used for snomasks and other things. # Requires that m_opermodes.so be loaded. modes="+s +cCqQ"> -<type name="GlobalOp" classes="OperChat BanControl HostCloak ServerLink" vhost="ircop.omega.org.za"> -<type name="Helper" classes="HostCloak" vhost="helper.omega.org.za"> +<type name="GlobalOp" classes="SACommands OperChat BanControl HostCloak ServerLink" vhost="ircop.omega.example.org"> +<type name="Helper" classes="HostCloak" vhost="helper.omega.example.org"> #-#-#-#-#-#-#-#-#-#-#- OPERATOR CONFIGURATION -#-#-#-#-#-#-#-#-#-#-# # # # Opers are defined here. This is a very important section. # -# Remember to only make operators out of trust worthy people. # +# Remember to only make operators out of trustworthy people. # # # -# oline with plain-text password +# Operator account with a plain-text password. <oper - # name: oper login that is used to oper up (/oper name password). - # Remember: This is case sensitive - name="Brain" + # name: Oper login that is used to oper up (/oper name password). + # Remember: This is case sensitive. + name="Attila" - # password: case-sensitive, unhashed...yea...self-explanatory. + # password: Case-sensitive, unhashed (plaintext). password="s3cret" - # host: What hostnames/IP's are allowed to oper up with this oline. - # Multiple options can be separated by spaces and CIDR's are allowed. - # You CAN use just * or *@* for this section, but it is not recommended + # host: What hostnames and IPs are allowed to use this operator account. + # Multiple options can be separated by spaces and CIDRs are allowed. + # You can use just * or *@* for this section, but it is not recommended # for security reasons. - host="yourident@dialup15.isp.com *@localhost *@example.com *@2001:db8::/32" + host="attila@inspircd.org *@2001:db8::/32" # ** ADVANCED ** This option is disabled by default. # fingerprint: When using the m_sslinfo module, you may specify @@ -102,61 +104,61 @@ # If m_sslinfo isn't loaded, this option will be ignored. #fingerprint="67cb9dc013248a829bb2171ed11becd4" - # autologin: if an SSL fingerprint for this oper is specified, you can + # autologin: If an SSL fingerprint for this oper is specified, you can # have the oper block automatically log in. This moves all security of the # oper block to the protection of the client certificate, so be sure that # the private key is well-protected! Requires m_sslinfo. #autologin="on" - # sslonly: This oper can only oper up if they're using a SSL connection. + # sslonly: If on, this oper can only oper up if they're using a SSL connection. # Setting this option adds a decent bit of security. Highly recommended # if the oper is on wifi, or specifically, unsecured wifi. Note that it # is redundant to specify this option if you specify a fingerprint. # This setting only takes effect if m_sslinfo is loaded. #sslonly="yes" - # vhost: overrides the vhost in the type block. Class and modes may also - # be overridden - vhost="brain.netadmin.omega" + # vhost: Overrides the vhost in the type block. Class and modes may also + # be overridden. + vhost="attila.example.org" - # type: What oper type this oline is. See the block above for list - # of types. NOTE: This is case-sensitive as well. + # type: Which type of operator this person is; see the block + # above for the list of types. NOTE: This is case-sensitive as well. type="NetAdmin"> -# oline with plain-text password and no comments..for all who like copy & paste +# Operator with a plaintext password and no comments, for easy copy & paste. <oper name="Brain" password="s3cret" - host="yourident@dialup15.isp.com *@localhost *@example.com *@2001:db8::/32" + host="brain@dialup15.isp.com *@localhost *@example.com *@2001:db8::/32" #fingerprint="67cb9dc013248a829bb2171ed11becd4" type="NetAdmin"> -# oline with hashed password. It is highly recommended to use hashed passwords. +# Operator with a hashed password. It is highly recommended to use hashed passwords. <oper - # name: oper login that is used to oper up (/oper name password). - # Remember: This is case sensitive - name="Brain" + # name: Oper login that is used to oper up (/oper name password). + # Remember: This is case sensitive. + name="Adam" - # hash: what hash this password is hashed with. + # hash: What hash this password is hashed with. # Requires the module for selected hash (m_md5.so, m_sha256.so # or m_ripemd160.so) be loaded and the password hashing module # (m_password_hash.so) loaded. # Options here are: "md5", "sha256" and "ripemd160", or one of # these prefixed with "hmac-", e.g.: "hmac-sha256". - # Create hashed password with: /mkpasswd <hash> <password> - hash="sha256" + # Create hashed passwords with: /mkpasswd <hash> <password> + hash="hmac-sha256" - # password: a hash of your password (see above option) hashed - # with /mkpasswd <hash> <password> . See m_password_hash in modules.conf + # password: A hash of the password (see above option) hashed + # with /mkpasswd <hash> <password>. See m_password_hash in modules.conf # for more information about password hashing. - password="1ec1c26b50d5d3c58d9583181af8076655fe00756bf7285940ba3670f99fcba0" + password="qQmv3LcF$Qh63wzmtUqWp9OXnLwe7yv1GcBwHpq59k2a0UrY8xe0" - # host: What hostnames/IP's are allowed to oper up with this oline. - # Multiple options can be separated by spaces and CIDR's are allowed. - # You CAN use just * or *@* for this section, but it is not recommended + # host: What hostnames and IPs are allowed to use this operator account. + # Multiple options can be separated by spaces and CIDRs are allowed. + # You can use just * or *@* for this section, but it is not recommended # for security reasons. - host="yourident@dialup15.isp.com *@localhost *@example.com *@2001:db8::/32" + host="*@127.0.0.1 *@192.0.2.40 *@198.51.100.4" - # type: What oper type this oline is. See the block above for list - # of types. NOTE: This is case-sensitive as well. - type="NetAdmin"> + # type: Which type of operator this person is; see the block + # above for the list of types. NOTE: This is case-sensitive as well. + type="Helper"> |