View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0005130 | unreal | ircd | public | 2018-08-06 14:00 | 2018-09-13 20:10 |
| Reporter | capitaine | Assigned To | syzop | ||
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | resolved | Resolution | fixed | ||
| Platform | Linux | ||||
| Fixed in Version | 4.2.0 | ||||
| Summary | 0005130: Permissions issues | ||||
| Description | We have bots with minimal ircop privileges, but they loose their o-line when setting modes on themselves. Also when they /oper, they gets numerics 381 and 481 at the same time. | ||||
| Steps To Reproduce | oper bb :qwe123 :test MODE test :+ostqW :Foo.chat 008 test :Server notice mask (+kcfFjveGnNqSso) :Foo.chat 381 test :You are now an IRC Operator :Foo.chat 481 test :Permission Denied- You do not have the correct IRC operator privileges :Foo.services NOTICE test :from OperServ: USERS: test!test@localhost is now an IRC operator. mode :test :Foo.chat 221 test +owsxqpW :Foo.chat 008 test :Server notice mask (+kcfFjveGnNqSso) mode test :+B :Foo.chat NOTICE test :- Foo.chat Bot Message of the Day - :Foo.chat NOTICE test :- ! :Foo.chat NOTICE test :End of /BOTMOTD command. :test MODE test :-oqW+B :Foo.chat 008 test :Server notice mask (+k) same with other ones like +i, +H | ||||
| Additional Information | The configuration is the following : operclass bobot { privileges { immune; client:host; }; }; oper bb { mask 127.0.0.1; password "qwe123"; class clients; operclass bobot; maxlogins 1; }; plaintext-policy { oper allow; }; | ||||
| Tags | No tags attached. | ||||
| 3rd party modules | |||||
|
|
I don't get the (confusing) 481 numeric on OPER but I can reproduce the problem with MODE nick +B. Culprit is this code: /* Don't let non-ircops set ircop-only modes or snomasks */ if (!ValidatePermissionsForPath("self:restrictedumodes",sptr,NULL,NULL,NULL)) { remove_oper_privileges(sptr, 0); } The idea of the code is good, but... yeah... I'll see what I can do :D |
|
|
Fixed in git. Fix will be in 4.0.19-rc2 / 4.0.19 final: commit 681640024ad76c918e1177b10b7afab897da8997 (HEAD -> unreal40, origin/unreal40, origin/HEAD) Author: Bram Matthys <[email protected]> Date: Sun Sep 9 17:01:35 2018 +0200 Fix permission issues with minimal IRCOps. Reported by capitaine in https://bugs.unrealircd.org/view.php?id=5130 **** That leaves your strange 481 numeric error. Not sure where that is coming from. Do you perhaps have additional settings that apply to all IRCOps that could cause this? |
|
|
Oh and by the way, the fix I added was to make it so ircops without self:restrictedumodes (such as a restricted oper you created), to make it that those opers cannot add oper-only modes to themselves, they may only remove. The same applies to snomasks. |
|
|
Issue resolved. Feel free to elaborate / report / show debug info on the 481 message you were getting, I could not reproduce. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2018-08-06 14:00 | capitaine | New Issue | |
| 2018-09-03 08:52 | syzop | Status | new => acknowledged |
| 2018-09-09 16:41 | syzop | Assigned To | => syzop |
| 2018-09-09 16:41 | syzop | Status | acknowledged => assigned |
| 2018-09-09 16:43 | syzop | Note Added: 0020300 | |
| 2018-09-09 17:03 | syzop | Note Added: 0020301 | |
| 2018-09-09 17:03 | syzop | Status | assigned => feedback |
| 2018-09-09 17:04 | syzop | Note Added: 0020302 | |
| 2018-09-13 20:10 | syzop | Status | feedback => resolved |
| 2018-09-13 20:10 | syzop | Resolution | open => fixed |
| 2018-09-13 20:10 | syzop | Fixed in Version | => 4.2.0 |
| 2018-09-13 20:10 | syzop | Note Added: 0020324 |
