Here's an example of structure from the Real World, IE, my MUD:

At the top of things there's Chahiero. He owns the server, he pays the bills, and occasionally he makes code changes which have to happen to NakedMuds C backend, since the source is setuid root and I don't have root access. He is part of the usergroup "owner" which consists of him and well … him. Basically he gets a catchall group to which all commands are automatically assigned.

There is one other person who qualifies as an admin: myself.

Admins very specifically get these commands:


I can edit accounts and pcs where normal pcs cant, and I have the freedom to set some things freely that immortals cant, and a few other things.

Below me, I have three Immortals: Alia, Bikari, and Risai

They get these commands, specifically:


They can set titles, races, and do a few RPish things (gemotes, echoes, etc), as well as purge certain objects from the world and force players to do something. USERS just displays this:



That's really it as far as administrata goes on my mud at the moment. The audit records are actually just saved to a seperate file thats world readable but only setuid root gets write perms to, though adding an in-game audit log viewer is actually something Im working on coding in between responses. Bans and kicks/etc are kind of on my perpetual "todo" list at the moment, for now we just add particularly disruptive people (which has only been a few webbots whom I can only presume were looking for an easy DoS target) to the HOSTS file through CPanel.

Holding people with powers in the MUD accountable for their actions, whether abusive or not, is an important thing. Even when I do agree with something one of my admins has done that might be contentious I still feel its important that they be able to defend that action.

Maya/Rudha

Please give me enough credit to have at least read your post. I was commenting on your opening sentence, which is just not really appropriate. As I said, there are different levels of admins, so saying that an admin is an admin is not really useful.

Furthermore, if you really want to get picky here, your full sentence was:
"Given that an admin is… well… an admin, I don't see how any kind of a command logging/publishing system would do anything to increase accountability"
which you go on to defeat all by yourself in what you just quoted to me. So, well, yes, your first sentence was a little weird.

This is what I was reacting to. I even said I wasn't disagreeing with the rest of your post…


EDIT: in case it wasn't clear, this was in reply to Deimos. Too many people posting at the same time…

Having it visible to nobody but you does nothing to earn trust or curtail abuse. Frankly, everyone logs abusable staff commands. So you're making a nonstatement. The overall point was to favor transparency and I still stand by my original statement. Hiding staff actions only benefits the crooked.

He seems to work under the assumption that administrators are untouchable by audits and can reinvent the rules to their liking. This is only really true on a Linux machine (cant comment for any other OS really) if they are setuid root, or the person that owns the MUD is callous and gives the same toys to everybody regardless of where they are on the totem pole (I know of one mud where anyone who was an admin got terminal access and added to the wheel group, it wasnt long before that got abused). At the same time, the integrity of that process really depends on the willingness of a MUD owner to do that, which as 'Crat pointed out quite rightly, that a MUD owner does have that willingness, tends to speak better to their integrity than someone who intentionally keeps things closed-up.



Yes, just about any major codebase has auditing tools, even NakedMud minimalist as it is has a rather verbose system log, though it doesn't explicitly catch admin commands. Point being - any major production MUD is going to have internal auditing tools. Some have audit tools that save so much data that the data has to be archived on a regular basis, even, which starts to hurt how helpful that audit system is.

The point here is that making that system open to players in a way that respects privacy is a good thing and engenders trust in the community to a degree. How much, is debatable. That it does, is not.



It may be wise to quote whom you're responding to … not trying to be condescending or such in the suggestion although re-reading it I kind of get that impression of myself, even, but rather that I notice a few of your posts are confusing and without context since the thread seems to be moving rather quickly.

Maya/Rudha

Double post. Please delete.

Of course it's appropriate when taken in context. The discussion was referencing staff accountability from a player's perspective. As a player, how am I to ever know that the log hasn't been doctored? It's simply a false sense of security that only works on the less skeptical.

Or those that know appropriate setuid usergroup permissions have been assigned and enforced in Linux, a feature that has been available almost as long as Linux has existed - or actually in fact longer, since I know of IBM Unix distributions from 1982 that allow that kind of assignment, seeing whereas the retail outlet I work on my day job uses it :P

Maya/Rudha

The post was basically empty of content, so there wasn't much to quote. It's only really a problem when many people are posting at once; usually it's very clear what the context is, at least in the post or two I've made on this forum, and when it isn't, I use quotes, as I am now. :smile: Sometimes excessive quoting can be just as confusing, really, and makes a thread unnecessarily long to read.

But since you brought up the topic of how to use the forum :wink: it's also generally a good idea to not edit your post to add significant new content after you've made it, especially in fast-moving topics like this one, because people are likely to miss it if they rely on the forum's notion of what has and hasn't been read.
Another forum netiquette note is signature length; it's nice to keep them to a few lines at most so that they don't take up too much vertical space, forcing more scrolling between posts…


Erm, like I said, I wasn't trying to disagree with your post. I just thought it was weird for you to make a tautological statement followed by another statement that you subsequently defeat. No hidden tricks here.


I know relatively few MUDs that give anybody but the top-most admins any form of shell access.

A player has no way of verifying file system permissions, regardless of what operating system the game is running on. Not only that, but someone, somewhere has to have the correct permissions, and again, as a player, I have no way of knowing whether that person or group of people is virtuous or not. This is basically an indefensible position. No matter what kind of system you use, at some level, your players are simply going to have to trust you.

Defensive much? I made two posts following each other and compiled them together. I'm not going to comment on the rest, although I suppose that in and of itself is a comment.



Which, ironically comes back to doing things that engender trust in the game community. So … anything I could say here would be repetitive, except to make it clear that I believe that transparency is a good thing that does just that. The more administrative action that the players hear, see clearly, and feel they are part of, the healthier the community, and the healthier the game as a whole is. A feed is just one very specific example of how to better increase transparency.

Maya/Rudha

Let me clarify that I was not trying to imply that those MUD admins who favour transparency lack integrity, rather that (in my opinion) transparency is only necessary in cases where the MUD admin lacks integrity.



Let's leave condescending implications of naivety out of this, please.



Nowhere in my post did I say that player communities are fundamentally good. I said that if the administration operates with integrity, the players will come to understand and repsect that. They don't have to be 'good' to do so, they just have to be reasonable. Unreasonable players will find things to complain about and accuse you of regardless of how transparent you are, so I think it's fair to limit our discussion to reasonable players.

Even if you do make your audit logs available to the players, they have to trust that those logs have not been tampered with, and they have to accept explanations of any suspicious activity that has been logged. In the end, it still comes down to the integrity of the administration. Does making the audit logs available increase your integrity? Perhaps in some cases, but not in all.



Evidently we have had different experiences with MUD admins.



I don't think I said that, either.



It appears as though you missed my earlier statement:



Perhaps I am in the minority with that view. Nonetheless, declaring that something cannot be debated when a conflicting opinion has been already voiced is somewhat crass.

EDIT: For grammar and clarity.

Defensive? Is it defensive to make comments on the topic you made comments on? You're the one being a little snarky in this latest reply. :smile:
And yes, I know you compiled the posts; in fact that's the only reason I noticed your original post had been edited (seeing the empty second post). That's exactly why I mentioned it to you; it certainly wasn't intended as an attack. If you feel it's bad and lashing out for me to comment on your usage of the forum, what does that say about you commenting on mine?

Unfortunately, I'll have to agree that we do (i.e., you seem to have encountered a proportionally larger number of good ones than I have). This is not to say that they are all bad, obviously. But it's all too common to find MUDs run in, well, a suboptimal manner.

I think we both know that in most cases where it can be argued that a MUD needs transparency, this is probably not going to fix its problems.



That wasn't my intention, though in retrospect I see how it can be taken in that way and for that I apologise. The point was … well, you more or less touched on it in the next point:



^ There. There will always be a segment of the population of players who are unreasonable. You don't like it, I don't like it, and indeed very few MUD administrators or moderators like it, but it exists. If, however, there's something you can do that can placate some of them, then it makes as a nice tangential benefit, though one would be correct to say that would be a poor primary reason to do anything.



I think that we can agree with that, however, I'd challenge you to find a MUD that goes to the lengths of having open and freely available live logs of administrative actions which are doctored. To me personally it would seem like a whole lot of pointless smoke and mirrors to go to that much trouble to falsify something.



Whether your personal experiences differ - the general expectation of someone playing a MUD is that they will be mistreated, if they are given attention at all. It's not an entirely unfounded notion, since generally speaking, most people on most MUDs will only interact with administrators if the administrators are dealing punishment on them.

As regards the comment about the impact - The impact on you yourself was obviously stated, yes, and I didnt mean to sound as if I glossed over that - rather when I made that comment, I was saying 'it cannot really be argued that there are people in any given MUD community who would probably think this is a good thing.'

Maya/Rudha

[edit]: Quotes tags got mixed up, so I tried to fix that.

The idea that all staff are admins is silly. Ideally most staff would not. Furthermore, if you help strengthen trust for even one person in one instance it is a net positive.

Indeed. To draw a real world example, my store where I work at has several 'managers' In fact it has a framing manager, two department managers, a customer service manager, a replenishment manager, an operations manager, an assistant store manager, and a store manager. Only two of those people really make the decisions.



This is probably the important point to the immediate discussion. Even if you "only convince a few ignorant people" as was suggested, you've still achieved a net gain, pragmatically speaking.

Maya/Rudha

Are you sure? It's not like transparency is free; there are pragmatic concerns like having to implement it all. Then there are concerns like turning punishment into a form of stocks you put people into: their (mis)deeds are permanently recorded, for all to see for all time. Imagine the HR department at a company behaving this way: surely this would not always be a healthy environment.

So, if convincing a handful of people means angering another handful, is the effect still a net gain? It might be, but it's not at all clear to me that in fact it is.

And if something goes wrong in the future, because your system is transparent, a drastically larger portion of your players will lose trust than gained it due to having such a system in place. Just like in Vegas, you can't play the odds without factorin..., or you'll go home broke.

The same is true of police records, which anyone can actually check on anyone else, and I in fact have to do frequently as pre-hiring screening of employees. Does that mean that I should not consider someone's criminal record because they get locked into that? Of course not, and I don't think you would say so either, however that is what you seem to be implying with your statement.

It is worth noting again, as it has been noted before in this thread, that while there are unreasonable people who will always jump on someone for making mistakes, there are also people that you will gain much more respect from owning up to those mistakes and rectifying them. In the end while there can be stress involved in that, I can speak from both MUD admin experience and less-directly-related customer service experience that the majority of 'problem' people whom you wrong in some way in their perception, will be impressed by someone who despite all that takes the time to be patient and listen. Its part of being mature, and I do often find the difference between good MUD administration and bad MUD administration can be the level of maturity involved.

As regards the issue of how much effort that it would take to implement - it depends on how labyrinthine you get with the implementation, I suppose. Even the Wikipedia-esque revision history system I use to be able to audit changes to objects, mobiles, rooms, and player files, wasn't terribly difficult to write. Even if one decides to get fancy and use MySQL or MS SQL for it the queries are relatively simplistic and easy to optimise, so I'm unsure where you feel the implementation issues could arise. The one problem I could perceive is that depending on how much retention of data you have, you can start amassing a lot of data - but at the same time, it is trivial to run gunzip on the logs of X number of days ago when you hit a new day.

Maya/Rudha

@Rudha:

Let's say I'm a member of your staff. I've built a number of great areas for you and have generally been a stand-up guy. I come on one night and decide to have a little fun by making one of the mobs in a newbie zone invincible. Invincibility is a sensitive attribute, so you have your OLC audit log set up to notify you when something's invincible status is changed. You notice that I've done this, revert the change, admonish me privately and temporarily revoke my OLC privs. A few days later, a player comes across the following line in the public audit log:



And they post it on the game's forums. Is this really a good thing?