| Credits |
Paul Taylor (Janus) the author of Guardian would like to give special thanks to Jonathan Kelley aka PC Man Jon/Mac Man Jon from Mount Olympus. (Olympus-Mount.com) Things Jon is accredited for include:
|
| Quick Notes |
I'd like to mention here that guardian has made several plugins no longer needed (obsolete.) We would suggest that you remove the following plugins out of your plugin.conf. Otherwise it could cause serious problems or conflicts!
|
| Command | Arguments | Description |
| `guardian | <arguments> |
Backbone Command.
Arguments:
Unique:
about - About guardian.
reload - Reloads all Guardian files. Aliases (commands that do the equivalent to another command.): `guardian list = `blslst `guardian clean = `clnbls `guardian group = `grplst `guardian glist = `grdlist `guardian exit = `logout |
| `addgrp | <group> | Create <group>. |
| `addgprv | <group> <CMD/TLK/WHS_???|PKT_???|IPT_???|INT_???> | Add privilege(s) to <group>. |
| `adduprv | <group> [<-rpi>] <CMD/TLK/WHS_???|PKT_???|IPT_???|INT_???> | Add privilege(s) to targeted user. |
| `bless | <group> <password0> [<-rpi>] |
Bless whispered user under <group>.
Arguments:
r - (Pre-defined) Registration Code (if unspecified, this is used by default ONLY) p - (Pre-defined) PUID i - (Pre-defined/Specify) IP Address |
| `blslst | [<group>] [<-rpilm>] | List bless entries all or under <group>. Show only 'r'egs, 'p'uids, 'i'ps, 'l'ast login, 'm'od/permissions. |
| `chpass | <group> <password> | Change <password> for whispered user under <group>. |
| `clnbls | [<days>] | Clean bless list of entries unused in number of [<days>] (30 days by default). |
| `delgrp | <group> | Delete <group>. |
| `delgprv | <group> <CMD/TLK/WHS_???|PKT_???|IPT_???|INT_???> | Delete privilege(s) from <group>. |
| `deluprv | <group> [<-rpi>] <CMD/TLK/WHS_???|PKT_???|IPT_???|INT_???> | Delete privilege(s) from targeted user. |
| `grdlst | List all users on by their 'Group' 'User (#ID)' 'Room (#ID)'. | |
| `grplst | [<group>] | List groups if <group> not defined, list contents of group <group> if defined. |
| `logout | Logout of staff status (restores to member rank). | |
| `unbless | <group> [<-rpi>] |
Unbless by whispering or specifying [<-rpi>] under <group>.
Arguments:
r - Registration p - PUID i - IP Address |
| `accept | Accept avatar which has been offered to you. | |
| `offer | Offer your avatar to anyone. | |
| `offerall | Offer your avatar to everybody in the same room. | |
| `sysop | [<SYSOP code>] | Get/Set server SYSOP code. |
| `uptime | Get server's uptime! |
| 01.0 - How to bless a user (The `bless command). |
|
Guardian's bless command is very different from the way GateKeeper was used to bless people. The original GateKeeper only allowed you to bless people by their Registration Code (or hash.)
In Guardian, it's different. Guardian takes security a step higher by verifying people by their Registration Code (or hash), by their PUID (or Z-Code) AND by their IP address.
Using all 3 of these methods to validate a user would make it almost impossible to crack wizard access. But wait, there's more! Not only do you bless people with so much criteria, but you also are allowed to give each person you bless their own password to "wiz up" with.
The basic syntax of the command (from the servers help command)
`bless <group> <password> [<-rpi>] |
| 01.1 - Common Flags | ||||||||||||
Before going on, you need a quick tutorial on how flags work, because you'll end up having to use them a lot in this plugin. You'll see a lot of "flags" for commands throughout this plugin, so you need to understand what they mean and how to use them. Usually to execute a command you simply need to type a backtick or apostrophe and then the name of the command, and then the enter key. For instance, to list all users in a Palace you'd type: `glist But a fair amount of commands in this server plugin require or can accept information that alters the way they behave or provides information to be processed: flags and arguments. Flags are the options that will alter the behavior of the program. They are usually preceded with a dash. For instance whispering: `bless <group> <password> -r would bless the user you whispered to by their Registration Code (RegHash). `bless <group> <password> -p would bless the user you whispered to by their PUID (Z-Code). If you wanted to bless someone by both their PUID and Registration Code; you could mix the flags together. To accomplish this you could do: `bless <group> <password> -rp or `bless <group> <password> -r -p Now comes in the arguments, an example of this would be `bless wizard password -i <arguments> When you add the i flag to the bless command you are blessing someone by their IP address. For instance: `bless wizard password -i 24.643.82.3 would allow anyone who had that IP address to log in under group "wizard" with the operator password "password". If I wanted to bless the person with the IP 24.643.82.3 and PUID / RegHash verification, I could do `bless wizard password -rpi 24.643.82.3 `bless wizard password -r -p -i 24.643.82.3 If this is too much for you; you can just whisper `bless <group> <password> to a user without any "flags" and it'll by default bless them by Registration Code (like the original GateKeeper.) You will need to know how to use flags in order to unbless users and do other things throughout the plugin, however, so I'd suggest you learn now! |
| 01.2 - Blessing people with a dynamic IP (or IP address that changes.) |
|
Blessing people with a dynamic IP (or IP address that changes.)
If you have an ISP anything like mine, your IP is bound to change, quite often I might add. Thats why we have implemented whats called ranging and wildcards in to the IP address handling for Guardian. |
| 01.2.1 - Wildcards |
|
A wildcard is an asterisk ( * )
that specifies that any value can be placed in that section of an IP address.
An example of this usage would be the IP address with a wildcard:
192.168.0.* This example would match any IP with the last part being anything. Meaning only the first 3 parts would have to match. IP's that would be allowed through this filter would include: 192.168.0.5 192.168.0.252 192.168.0.102 192.168.0.19 192.168.0.0 192.168.0.69 An IP that would not pass this filter would be 192.168.31.102 22.168.0.69 |
| 01.2.2 - Ranges |
|
A range would be just that, only a specific range in an IP address.
An example of this usage would be the IP address with a range, such as:
65-69.127.3.24 IP's that would be allowed through this filter would only include: 65.127.3.24 66.127.3.24 67.127.3.24 68.127.3.24 69.127.3.24 An IP that would not pass this filter would be 70.127.3.24 |
| 02.0 - How to unbless a user (The `unbless command). |
|
With the ability to bless people, comes the ability to unbless someone. Don't worry. This isn't as bad as blessing, I promise!
The basic syntax of the `unbless
Command is:
`unbless <group> [<-rpi>] Remember those dreaded Command Flags that we learned in the previous chapter? They come in handy here too! There is several ways you could use this command to unbless someone. The constant that never changes about the unbless command however, is you have to declare which group the person you wish to unbless is in. We'll underline each one of these below: The first way would be to put the reg code of the user you wish to unbless. Let's say I want to unbless Bob and he's in a group called "scripter" and his reg code is HODDCCBEF. I could unbless him by typing: `unbless scripter -r HODDCCBEF Or, I could use his PUID and unbless him by that, if his PUID was ZHMBBMHIF I'd do: `unbless scripter -p ZHMBBMHIF Finally, I could unbless someone by their IP if their IP in the Guardian Bless List was 24.*.212.65 `unbless scripter -i 24.*.212.65 I hope this is simple enough? Let's move on... |
| 03.0 - Changing a currently blessed user's operator password (The `chpass command). |
|
Guardian doesn't have the ability to recover operator passwords once they have been set. The reason for this is because we used a special method to encrypt passwords in the bless file. Why did we do this, might you ask? The reason is because we've noticed many individuals in the real world use the same password for everything! We feared staff members might use the same password for E-Mail/AIM/ICQ and then for Palace on top of it all! That's why we took it upon ourself to encrypt passwords in a practically irreversible form.
However, inevitably people may still forget their password, and since you can't retrieve it for them, the best thing to do would be to change it for them, using a command! That's when the `chpass command was born!
The syntax for the command is:
`chpass <group> <new password> [<-rpi>] This command is very similar to the unbless command described in the section above, because the flags work the exact same way. If I want to change the password for "Jon" and he's in group "Host" and he had a reg code of HOPDOCBOF according to his bless record, I would do: `chpass host my-new_pass! -r HOPDOCBOF You can also use the -p and -i flags to change the password by their PUID or IP address respectively. An alternative (and probably easier) way to change someone's pass would be to whisper to them without providing any flags. E.G. whispering to "Bob" who is in group "owner" who wants his new pass to be "911" like this: `chpass owner 911 |
| 04.0 - Logging out of Operator mode (The `logout command). |
|
Another thing we noticed upon our journey in making Guardian, is that sometimes people accidentally log out of staff mode. Admittedly, I know I've done it once or twice. ;-) We made it so it's impossible to log out from staff mode. Well, except for one way, by the usage of the `logout command.
If you're in staff mode, you just simply type `logout
Owners/Root can log wizards out by whispering `logout to wizards.
NOTE: If you're root you will be unable to log out. This is a security precaution.
ALIASES: You can also type `guardian exit
ALIASES: You can also type `guardian `exit |
| 05.0 - About the offer functions in Guardian (The `offer | `accept | `offerall commands). |
|
You may have noticed that in the quick notes section of this document we mentioned Guardian makes the offer plugins obsolete. That's because we've incorporated our own version of offer in to guardian. It even has improvements over the old traditional offer plugins. The commands are:
`offer - To offer an avatar to anyone (needs to be whispered)
`accept - To accept an avatar someone has offered you. `offerall - Offer your current avatar to everyone in the same room as you. (Wizard and above) As you may see, we also added a new command for staff where a staff member can offer their current avatar to everyone in the current room at once. The command for this is `offerall NOTE: You can give the ability of `offerall to everyone if you wish by tweaking your guardian.mod file. |
| 06.0 - Showing the list of all currently blessed users (The `blslst command). |
|
To show the users who are currently on the bless list you use the command `blslst.
Apply a rank/group name as an argument to list only records under that rank/group. NEW!!!You can now only make it show only certain details, apply arguments [<-rpilm>] An example of the output this command would generate would be: *** ; owner: Jon *** ; RegHash: {HOPDCCBEF} *** ; PUID: {ZMHFIAHCCH} *** ; IP Address: "192.168.0.*" *** ; Privilege(s): *** ; 0 privileges found... ALIASES: You can also type `guardian list ALIASES: You can also type `guardian `list |
| 07.0 - Listing currently logged on users under Guardian (The `grdlst command). |
|
This is the equivalent to `hlist for HostKeeper where it lists all the other users on the server.
An example output is:
*** ; "root" "Jon [Jonnie-chu] (10)" "Mount Olympus (6048)" *** ; "root" "Jon2 [Jonnie 2] (3)" "Mount Olympus (6048)" * The "root" stands for the current group they reside in. * The "Jon" & "Jon2" stands for the username they're logged on with. * The "Jonnie-chu" & "Jonnie 2" stands for the username they're blessed as. * The "10" & "3" stands for the current UserID of the user(s) * The "Mount Olympus" stands for the current room name their in. * The "6048" stands for the current room id of the room they reside in. ALIASES: You can also type `guardian glist ALIASES: You can also type `guardian `glist |
| 08.0 - Listing groups currently loaded from config (The `grplst command). |
| This is rather self explaining. This lists all of the groups currently loaded in memory from the guardian.mod file. ALIASES: You can also type `guardian group |
| 09.0 - Changing your sysop code through Guardian (The `sysop command). |
|
This command isn't really related to Palace Security (HostKeeper, GateKeeper, HostMgr) but we thought it would be useful. This command allows you to change the SYSOP entry in your pserver.prefs file while the Palace Server is running.
This is useful if you need to change your Palacetools key and don't want to shut the server down in order to do it.
The syntax is:
`sysop <new SYSOP entry> The changes take place immediately (The changes WILL be saved to the preferences file on shutdown). |
| 10.0 - Purging the bless list of staff who hasn't logged on in number of [<days>] (The `clnbls command). |
|
Usage: `clnbls [<days>]
I'm no stranger to having to fire staff from my Palace for not showing up. I'm sure you've had to do this before at your own Palace too. This command helps make doing this easier by purging the bless list from staff who haven't signed on in number of [<days>]. An example of this would be clearing my bless list of staff who have neglected to come on in the last 5 days. I would do this by typing: `clnbls 5 Alternatively you can clear the bless list from staff who haven't signed on by the default of 30 days by typing: `clnbls NOTE: Users blessed under the "owner" rank will be purged too, so use with care! |
| 11.0 - Reloading *ALL* configuration files while the server is running (The `guardian reload command). |
| In Guardian you can reload all of the configuration files at any time by typing `guardian reload. This will reload all of the text configuration files (root.bless, guardian.mod, group.bless.) |
| The following commands are probably the hardest commands of the plugin. We would suggest you just edit the configuration manually through FTP and then use the `guardian reload command. Modifying the configuration through these commands because you don't feel comfortable doing it manually is NOT why these commands were created. You will -HAVE- to know how the configuration works to modify the way the plugin works through these commands. If you mess up you could easily make it so people cannot sign on your server, and then you'll really have to learn how the plugin works to fix this. Please learn how to modify the configuration file manually before using these commands. |
| 12.0 - Giving a user a specific privilege within Palace commands (The `adduprv command). |
|
Usage: `adduprv <group> [<-rpi>]
This command is used to give a user a specific command. This would be useful if you add a user to a group, but want to give them 1 or 2 extra commands that the group you added them to do not have.
Consider if I had a group called punyrank it'd look like this in the guardian.mod file:
group punyrank: CMD_gag, CMD_propgag, CMD_ungag, CMD_unpropgag You have a couple of people in punyrank, all of these people can only do those commands. They can't do anything else. Say you bless someone called 'joeblow' who you want to have puny rank, but additionally to have the ability of a badge or star? Then you'd type: `adduprv punyrank -r <joeblow's reg code> INT_badge He'd then still be in the group punyrank, but also have the INT_badge privilege tacked on to him. You can also add multiple commands to a user at once, like this: `adduprv punyrank -r <joeblow's reg code> INT_badge CMD_shutdown PKT_kill |
| 12.1 - Taking away a user's specific privilege (The `deluprv command). |
| This command acts exactly like adding a privilege, except it removes a privilege instead. |
| 13.0 - Giving a group in the config file a privilege within Palace commands (The `addgprv command). |
| Usage: `addgprv <group> <CMD/TLK/WHS_???|PKT_???|IPT_???|INT_???> This command works exactly as the command described above except that it adds privileges to a group. |
| 13.1 - Taking away privileges from a group in the config file (The `delgprv command). |
| Usage: `delgprv <group> <CMD/TLK/WHS_???|PKT_???|IPT_???|INT_???> This command acts exactly like adding a privilege, except it removes a privilege instead. |
| 14.0 - Adding a group to the config file (The `addgrp command). |
| Usage: `addgrp <group> This command works exactly as the command described above except that it adds a group to the configuration file. |
| 14.1 - Removing a group from the config file (The `delgrp command). |
| Usage: `delgrp <group> This command acts exactly like adding a group, except it removes a group instead. |
| 15.0 - Finding uptime and load averages of a Palace Server (The `uptime command). |
The `uptime command is one of our favorites. We added this for Linux fans out there. A common example of the output of this command in the log would be:
*** ; 02:13:06 GMT up 0 days, 04:05, 1 user, load average: 0.00, 0.00, 0.00
|
| 16.0 - Getting Guardian Version information and Credits (The `guardian about command). |
| You can learn a little about guardian by typing `guardian about in Palace. You'll get to see the credits, the build, and some other stuff too! |
| 0A.0 Plugin Installation (So you can get up & running!). |
Assuming the directory the standard server is installed in a directory "palace", perform the following steps:
|
| 0A.1 Implementation for commercial Palace hosting (So hosts can manage shared root.bless files). |
This is an optional configuration for Palace hosts that will allow hosts to take advantage of the "HostMgr" part of Guardian. (HostMGr is a intigrated feature in Guardian that allows certain people to be given "Root" access instantly upon login without the need for pasword verification.)
Basically, what you'll want to do is set up the plugin like in A.0 Plugin Installation, except for a few changes.
There's several ways you'll be able to set this up, but I'll explain probably the easiest and most secure way.
|