1. Using privs effectively

All privileges can be administered through the privilege portal, located at the URI /admin/priv/ in installations of LiveJournal. To start administrating privs, you should login as the system account you created in Chapter 14, Finishing Up[9]. By visiting the /admin/priv portal, you can start assigning privs either by username or privilege name.

Privilege packages: You can also grant privs in sets, or “packages”; this is useful for the Support System (and elsewhere). Those with any admin/siteadmin priv can first define “packages” of privileges at the Admin Console, and grant or revoke them en-masse…

        priv_package create #General-I1        1
        priv_package add #General-I1 supportviewscreened:general
        priv_package add #General-I1 supportmakeinternal:general
        
        priv_package list
        priv_package list #General-I1
        
        priv grant #General-I1 someuser
        priv revoke #General-I1 someuser
        
        priv_package remote #General-I1 supporthelp:general
        priv_package delete #General-I1

1

The hashes are optional in all cases, except when granting or revoking a package or privileges. It is required there, to differentiate.



[9] The script bin/upgrading/make_system.pl creates the system account, and grants it the admin priv with the argument of “all”.