ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel

ACLs and Groups for Mumble Channels

Updated on February 2, 2012

Introduction

Hello and welcome to another one of my Mumble Guides. Today I am going over ACLs for Murmur server management. ACL stands for Access Control Lists, it limits what users can and cannot do in a room. For instance you can make it so that only registered users can access certain rooms. Only certain users can speak in certain rooms, and much much more.

I will be going over:

  1. Why ACLs and Groups are useful and important
  2. The basics of ACLs and how to use them
  3. Some ACL recipes that are from the Mumble Wiki

Why are Access Control Lists (ACLs) are important

ACLs give a lot of customization for murmur channels. ACLs are important because they give control over the server. Who can say what, and who can't. Who can enter and traverse between channels, and who gets suppressed or denied if they enter. I personally use them so that registered users get options to create extra chat rooms, whereas unauthorized users only get the chat rooms that I allow them to have. They can't create any temporary rooms or whisper between channels.

So I can regulate what people can do on the server. It is a really great feature, but there is a slight problem. ACLs can be confusing. There is a Wiki page on ACLs provided by the Mumble community, but I have found a lot of people still not understanding how they work.

Why Groups are Important

Groups are important because it gives you more of a handle on the server. Like ACLs you are able to make the rules apply to certain groups. This is particularly good for Clan instances that have multiple ranks. You could then make a channel that is only for clan leaders. The rules could then go as far as, anyone can message the moderators channel, but they can't enter the channel. There are many possibilities that could apply to groups.

Like ACLs, groups are channel based - unless the inheritable flag is checked in the parents and inherit flag is checked under subchannels.

Groups have 3 elements that can be applied to users:

  • Members - Potential users that can be added to the group.
  • Inherited members - Users inherited from the same group in the parent channel.
  • Excluded members - Users that were inherited but are removed.

The main window for setting up ACLs
The main window for setting up ACLs
Edit option
Edit option

ACL Group Types:

  • @all - Everyone
  • @auth - Everyone registered to the server
  • @in - Everyone inside the current channel
  • @out - Everyone outside the current channel

How to Open the ACL Window

When applying ACLs to a channel, Right click a channel > Edit > ACL tab

The window on the above should appear with the following sections:

Active ACLs: This is where all the ACLs for the channel are stored. The order of these will affect how the rules are applied to the channel.

Inheriting ACL: This option allows any parent ACLs to be passed down to the child that is currently being edited.

Context: Self explanatory, but either applies to the Sub channel or only the current channel being edited. If both are selected then all children will have this rule along with the current channel being edited.

User/Group: This allows the rule to be applied to a Group, Subgroup, or a User.

Permissions: This is where all the sugar goes in seasoning our little regulation monstrosities. If any of these permissions are unclear, refer to the following:

  • Write ACL: Allows/Denies users/groups to write their own ACLs
  • Traverse: Allows/Denies users/groups to move through/travel through channels
  • Enter: Allows/Denies users/groups from entering a channel(s)
  • Speak: Allows/Denies users/groups to speak in channels
  • Mute/Deafen: Allows/Denies users/groups from muting or deafening
  • Move: Allows/Denies users/groups from moving others to or from a channel
  • Make Channel: Allows/Denies users/groups from making permanent channels
  • Link Channel: Allows/Denies user/groups from linking channels together
  • Whisper: Allows/Denies users/groups from whispering to another channel/user. (aka: altspeak)
  • Text Message: Allows/Denies users/groups from messaging in a certain channel(s)
  • Make Temporary: Allows/Denies users/groups from making temporary channels
  • Kick: Allows/Denies users/groups from kicking others from the server
  • Ban: Allows/Denies users/groups from banning people from the server
  • Register User: Allows/Denies users/groups from registering other users
  • Register Self: Allows/Denies users from registering themselves


Channel structure
Channel structure

Tips

Root: Is the root channel that all Murmur servers have. It cannot be deleted, but it can be renamed.

Tips

If you had these flipped the other way around, with Auth being done first and All being last, it would allow Auth players but then read that all players cannot enter. Thus resulting in locking the channel from everyone.

Other Recipes of On the Wiki

Examples here - Here are some good examples for games and clan management.

The Basics of ACLs and How to Use Them

Now that is out of the way, let's really begin. The most important thing to remember are, ACLs respect an order. That means reading ACLS from top to bottom is not the same as reading them from bottom to top. Its like making a Pizza, the sauce is normally between the bread and the cheese. Pizza wouldn't be the same if that was inverted.

Lets create a rule that makes it so that only Authenticated people can enter channel A. First of all, we need to make it so that All users cannot enter or traverse through channel A. We do this by the following:

Edit Channel A by right clicking the channel and selecting Edit. Next go to the ACL Tab and click the Add button. Make sure the Applies to this channel and subchannels check boxes are selected. Next make sure the group is on all and select the deny column on Enter and Traverse

After that we want to add a rule to the Auth group. So click the add button again. This time select the auth group in groups. Now select Enter and Traverse under the allow column.

Click OK and now test to see if it is working.

Final Comments

I hope this guide has helped you better understand some things about ACLs. If there is anything on this guide that is unclear or needs to be clarified. Please let me know and I will go over it in finer excruciating detail. Be sure to check out my other guides below!! Remember to share and up-vote!

working

This website uses cookies

As a user in the EEA, your approval is needed on a few things. To provide a better website experience, hubpages.com uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at: https://corp.maven.io/privacy-policy

Show Details
Necessary
HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
LoginThis is necessary to sign in to the HubPages Service.
Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
AkismetThis is used to detect comment spam. (Privacy Policy)
HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the googleapis.com or gstatic.com domains, for performance and efficiency reasons. (Privacy Policy)
Features
Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
MavenThis supports the Maven widget and search functionality. (Privacy Policy)
Marketing
Google AdSenseThis is an ad network. (Privacy Policy)
Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
Index ExchangeThis is an ad network. (Privacy Policy)
SovrnThis is an ad network. (Privacy Policy)
Facebook AdsThis is an ad network. (Privacy Policy)
Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
AppNexusThis is an ad network. (Privacy Policy)
OpenxThis is an ad network. (Privacy Policy)
Rubicon ProjectThis is an ad network. (Privacy Policy)
TripleLiftThis is an ad network. (Privacy Policy)
Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
Statistics
Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)
ClickscoThis is a data management platform studying reader behavior (Privacy Policy)