Release 2.0 and some admin migration issues
Posted: Mon Jan 17, 2005 7:52 am
The 2.0 release is at our doorstep. Many things have been added. There are test binaries up on http://my.BZFlag.org/builds/1.11/ for people to try out. Please do!
With the new version some things have changed that are relevant to server operators of public servers. User callsigns and passwords from the forums are valid on any server by default. Players that login this way get a "+" on the scoreboard. Players that have "ban" permissions will get a "@". Unverified players will have a "-".
the group DEFAULT is now called EVERYONE
the group REGISTERED is now called VERIFIED
the group ADMIN is now called LOCAL.ADMIN
Any groups that do not start with "LOCAL." can be defined here on the forums and the members will get merged in with your local names. If you want groups to remain local only, prepend a LOCAL. to them in the groupdb and the userdb as well.
Notice that forum groups have no local permissions unless you use a -groupdb <file> option and grant them permissions.
If -passdb <file> is not used, then the commands that deal with passwords are disabled: /register /identify /deregister /setpass /ghost
If -userdb <file> is not used, then group membership commands are disabled and group membership is only defined here on the forums.
As mentioned on the boards before, we have restricted the characters that are valid in usernames and passwords in order to work with the new 2.0 central registration system. These sets may be expanded in the future, but right now: valid characters are: '<space>-_.0-9a-zA-Z' If a forum callsign or password contains other characters, that account cannot be used for central login on BZFlag servers.
If you run a 2.0 server with your existing userdb and passdb, then central logins for the accounts in the local passdb will not work. This is to prevent misuse. If you would like both central login and local /identify logins to work, there is a new special group to handle that.
The group LOCAL.GLOBAL contains the users whose local /identify based accounts are the same as the central login accounts. The passwords need not be the same, this means that the person using them is the same. If the account is in this group in your userdb, then the user will be able to use either central or /identify to get verified.
A minimum setup would not use a passdb or a userdb but use central login for both. If you would like a group created here on the forums, contact a forum admin. Add any central groups you want to grant permissions to into your groupdb with the appropriate permissions.
A full migration would mean editing the groupdb and changing the names of any local groups to start with "LOCAL." as well as changing the names of the built in DEFAULT to EVERYONE and REGISTERED to VERIFIED. That same change needs to be made in the userdb for any members of those groups. Then add central groups you want to grant permissions to into your groupdb as above.
There is a new command line option -requireidentify that, when used, only allows verified users (either local or central) to play on the server. Others can join, but not enter the game. Some test servers are using this already.
The man pages for the CVS version are online. They lag by up to 5 hours as they are pulled on the fly from the SourceForge viewcvs interface.
http://my.bzflag.org/bzfman.cgi
Notice that the /showgroup will display any groups that you are a member of. Only groups that are in the local server's groupdb will be included in this list.
This is likely as clear as mud. But hang in there. It should make things easier for admins, and players as we move onward.
With the new version some things have changed that are relevant to server operators of public servers. User callsigns and passwords from the forums are valid on any server by default. Players that login this way get a "+" on the scoreboard. Players that have "ban" permissions will get a "@". Unverified players will have a "-".
the group DEFAULT is now called EVERYONE
the group REGISTERED is now called VERIFIED
the group ADMIN is now called LOCAL.ADMIN
Any groups that do not start with "LOCAL." can be defined here on the forums and the members will get merged in with your local names. If you want groups to remain local only, prepend a LOCAL. to them in the groupdb and the userdb as well.
Notice that forum groups have no local permissions unless you use a -groupdb <file> option and grant them permissions.
If -passdb <file> is not used, then the commands that deal with passwords are disabled: /register /identify /deregister /setpass /ghost
If -userdb <file> is not used, then group membership commands are disabled and group membership is only defined here on the forums.
As mentioned on the boards before, we have restricted the characters that are valid in usernames and passwords in order to work with the new 2.0 central registration system. These sets may be expanded in the future, but right now: valid characters are: '<space>-_.0-9a-zA-Z' If a forum callsign or password contains other characters, that account cannot be used for central login on BZFlag servers.
If you run a 2.0 server with your existing userdb and passdb, then central logins for the accounts in the local passdb will not work. This is to prevent misuse. If you would like both central login and local /identify logins to work, there is a new special group to handle that.
The group LOCAL.GLOBAL contains the users whose local /identify based accounts are the same as the central login accounts. The passwords need not be the same, this means that the person using them is the same. If the account is in this group in your userdb, then the user will be able to use either central or /identify to get verified.
A minimum setup would not use a passdb or a userdb but use central login for both. If you would like a group created here on the forums, contact a forum admin. Add any central groups you want to grant permissions to into your groupdb with the appropriate permissions.
A full migration would mean editing the groupdb and changing the names of any local groups to start with "LOCAL." as well as changing the names of the built in DEFAULT to EVERYONE and REGISTERED to VERIFIED. That same change needs to be made in the userdb for any members of those groups. Then add central groups you want to grant permissions to into your groupdb as above.
There is a new command line option -requireidentify that, when used, only allows verified users (either local or central) to play on the server. Others can join, but not enter the game. Some test servers are using this already.
The man pages for the CVS version are online. They lag by up to 5 hours as they are pulled on the fly from the SourceForge viewcvs interface.
http://my.bzflag.org/bzfman.cgi
Notice that the /showgroup will display any groups that you are a member of. Only groups that are in the local server's groupdb will be included in this list.
This is likely as clear as mud. But hang in there. It should make things easier for admins, and players as we move onward.