These are specified in privset{}.
Various privileges intended for server administrators. Among other things, this automatically sets umode +a and allows loading modules.
This grants permission to use DIE and RESTART, shutting down or restarting the server.
Allows using KILL on users on any server.
This privilege currently does nothing, but was designed to hide bots from /stats p so users will not message them for help.
This grants everything granted to the oper:admin privilege, except the ability to set umode +a. If both oper:admin and oper:hidden_admin are possessed, umode +a can still not be used.
Allows using KLINE and DLINE, to ban users by user@host mask or IP address.
This grants permission to use KILL on users on the same server, disconnecting them from the network.
Allows using server name ($$mask) and hostname ($#mask) masks in NOTICE and PRIVMSG to send a message to all matching users, and allows using the WALLOPS command to send a message to all users with umode +w set.
Allows using the OPERWALL command and umode +z to send and receive operwalls.
Allows using the REHASH command, to rehash various configuration files or clear certain lists.
This grants the ability to use the ON argument on DLINE/KLINE/XLINE/RESV and UNDLINE/UNKLINE/UNXLINE/UNRESV to set and unset bans on other servers, and the server argument on REHASH. This is only allowed if the oper may perform the action locally, and if the remote server has a shared{} block.
Note: If a cluster{} block is present, bans are sent remotely even if the oper does not have oper:remoteban privilege.
This allows using /resv, /unresv and changing the channel modes +L and +P.
This allows using the third argument of the CONNECT command, to instruct another server to connect somewhere, and using SQUIT with an argument that is not locally connected. (In both cases all opers with +w set will be notified.)
This allows using /mode !#channel, /whois !nick, /who !#channel, /chantrace !#channel, /topic !#channel, /who !mask, /masktrace !user@host :gecos and /scan umodes +modes-modes global list to see through secret channels, invisible users, etc.
All operspy usage is broadcasted to opers with snomask +Z set (on the entire network) and optionally logged. If you grant this to anyone, it is a good idea to establish concrete policies describing what it is to be used for, and what not.
If operspy_dont_care_user_info is enabled, /who mask is operspy also, and /who !mask, /who mask, /masktrace !user@host :gecos and /scan umodes +modes-modes global list do not generate +Z notices or logs.
Allows using UNKLINE and UNDLINE.
Allows using XLINE and UNXLINE, to ban/unban users by realname.
Allows using snomask +n to see local client nick changes. This is designed for monitor bots.