# COMMANDS.md — racked.ru command + permission audit **Audit date:** 2026-05-07 **Server:** `minecraft-mc` (Paper 1.21.1) **Method:** read-only inspection of plugin.yml inside each loaded jar + `/data/plugins//config.yml` + `/data/plugins/ProAntiTab/storage.yml` + LuckPerms export + `/data/commands.yml` + `/data/spigot.yml`. **Scope:** every plugin that is currently loaded. The `Lands/` directory is NOT counted — the `Lands*.jar` is absent (Homestead handles claiming). --- ## 1. Overview | Metric | Value | |---|---| | Plugin jars on disk | 24 | | Plugins that declare commands in their plugin.yml | 18 | | Plugins that register commands programmatically (no plugin.yml decl.) | 4 (EpicGuard, EZShop, SkinsRestorer, MiniMOTD has none, MiniPlaceholders has none) | | Total bukkit commands declared (base, no aliases) | 138 (EssentialsX 124, Homestead 5, AuthMe 9, ProtocolLib 4, AuthLimbo 1, Carbon 22 user-facing, others 1 each) | | Total command aliases declared (sum of `aliases:` lists) | 580+ (EssentialsX dominates) | | ProAntiTab whitelist mode | **whitelist** (`turn-blacklist-to-whitelist: true`) | | Default-player visible commands (allowed by PAT `groups.default`) | **39 entries** in `groups.default.commands` (some are sub-commands, some duplicate aliases) — actual *base-command* surface is 33 | | LuckPerms `default` group nodes | 44 (15 explicit `true`, 13 explicit `false`, plus weight/prefix) | **Server-level alias config** (`/data/commands.yml`): - `/tp` → `essentials:tpa $1-` (request, not raw teleport) - `/pm` → `essentials:msg $1-` - `/deletehome` → `essentials:delhome $1-` - `/help` → `helpcommand:help $1-` - *Disabled (empty list):* `/tpa /tpahere /tphere /teleport`, `/skin clear /skin update /skin search /skin random` **Effective default-player command surface** (commands actually reachable): `/login /register /help /rules /sethome /home /deletehome /claim /tpaccept /tp /pay /pm /bal /skin /shop /ah /auctionhouse /balance /baltop /msg /reply /r /back /spawn /delhome /homes /warp /warps /list /region /rg /hs /homestead /unclaim` plus what AuthMe forces (login/register/email/captcha/2fa/totp). Anything else is hidden by PAT. --- ## 2. Per-plugin command/permission tables Legend for **Default**: `op` = ops only by Bukkit, `true` = everyone, `false` = nobody, `—` = not specified (Bukkit treats as `op` for command, `true` for permissions). PAT column is the storage.yml `groups.default.commands` membership — a base command (or alias) is shown as ✅ if it appears verbatim in the default whitelist. ### 2.1 AuctionHouse v1.4.6 | Command | Aliases | Permission node | Default | PAT default | Notes | |---|---|---|---|---|---| | /auctionhouse | (registers `/ah` dynamically) | `auctionhouse.ah` | true | ✅ both `auctionhouse` and `ah` | command itself NOT declared in plugin.yml — registered programmatically; only the perm is in plugin.yml | ### 2.2 AuthLimbo v1.0.0 (custom, s8n-ru) | Command | Aliases | Permission node | Default | PAT default | Notes | |---|---|---|---|---|---| | /authlimbo | /alimbo | `authlimbo.admin` | op | ❌ | admin-only; intended for ops; reload + tp subcommands | ### 2.3 AuthMe v5.6.0-FORK-b49 (HaHaWTH fork) | Command | Aliases | Permission node | Default | PAT default | Notes | |---|---|---|---|---|---| | /authme | — | `authme.admin.*` | op | ❌ | admin | | /email | — | `authme.player.email.*` | true | ❌ (but PAT bypasses pre-login via AuthMe `allowCommands`) | email mgmt | | /login | /l | `authme.player.login` | true | ✅ (also in AuthMe `allowCommands` pre-login) | | | /logout | — | `authme.player.logout` | true | ❌ | not whitelisted; rarely needed in practice | | /register | /reg | `authme.player.register` | true | ✅ | | | /unregister | /unreg | `authme.player.unregister` | op | ❌ | | | /changepassword | /changepass /cp | `authme.player.changepassword` | true | ❌ | **gap — players cannot change their own pw** | | /totp | /2fa | `authme.player.totpadd` / `.totpremove` | true | ❌ (AuthMe bypasses pre-login) | post-login is blocked by PAT | | /captcha | — | `authme.player.captcha` | true | ❌ (AuthMe bypasses pre-login) | | | /verification | — | `authme.player.security.verificationcode` | true | ❌ | rarely used | AuthMe's `Settings.restrictions.allowCommands` (config.yml) = `[/login, /log, /l, /register, /reg, /email, /captcha, /2fa, /totp]` — these bypass PAT *before* login by the AuthMe handler itself. After login, PAT re-asserts. ### 2.4 CarbonChat v3.0.0-beta.36 Carbon registers commands programmatically; names + aliases are in `command-settings.conf`. None are in plugin.yml. All Carbon commands have **no default** declared (effective: op-only unless granted). | Command | Aliases | Permission node (typical) | Default | PAT default | Notes | |---|---|---|---|---|---| | /carbon | — | `carbon.help` | op | ❌ | help+reload landing | | /updateusername | /updatename | `carbon.help` | op | ❌ | | | /party | /group | `carbon.parties` | op | ❌ | | | /reply | /r | `carbon.whisper.reply` | op | ✅ both | **Conflicts with Essentials /r,/reply (see §3)** | | /filter | — | (Carbon admin) | op | ❌ | | | /join | — | (Carbon admin) | op | ❌ | channel | | /leave | — | (Carbon admin) | op | ❌ | channel | | /ignorelist | /listignores | `carbon.ignore` | op | ❌ | | | /unmute | — | `carbon.mute.unmute` | op | ❌ | | | /ignore | /block | `carbon.ignore` | op | ❌ | conflicts with /ignore from Essentials | | /spy | — | `carbon.whisper` (chat spy) | op | ❌ | | | /whisper | /w /message /msg /m /tell | `carbon.whisper` | op | ❌ for whisper; ✅ for `msg` only | **Conflicts with Essentials /msg,/w,/tell etc** | | /continue | /c | `carbon.whisper.continue` | op | ❌ | | | /togglemsg | /togglepm | `carbon.whisper` | op | ❌ | | | /clearchat | /chatclear /cc | `carbon.clearchat.clear` | op | ❌ | admin | | /carbondebug | /cdebug | `carbon.debug` | op | ❌ | | | /muteinfo | /muted | `carbon.mute.info` | op | ❌ | | | /unignore | /unblock | `carbon.ignore.unignore` | op | ❌ | | | /mute | — | `carbon.mute` | op | ❌ | | | /nickname | /nick | `carbon.nickname` | op | ❌ | conflicts with Essentials /nick | | (channels: /global, /local …) | per-channel | `carbon.channel..see/.speak` | inherits | ❌ | LP grants `carbon.channel.global.see/.speak` to default | LP grants for default group: `carbon.channel.global.see=true`, `carbon.channel.global.speak=true`. No other Carbon perms granted — players cannot use whisper/party/etc through Carbon. Whispers are routed through Essentials' `/msg` instead. ### 2.5 Chunky v1.4.40 | Command | Aliases | Permission node | Default | PAT default | Notes | |---|---|---|---|---|---| | /chunky | /cy | `chunky.command` (and 19 sub-perms) | op | ❌ | admin world-pregen | ### 2.6 CoreProtect v23.1 (CoreProtect-CE) | Command | Aliases | Permission node | Default | PAT default | Notes | |---|---|---|---|---|---| | /co | — | `coreprotect.co` | **true** | ❌ | despite `default:true`, PAT blocks it for default players | | /core | — | `coreprotect.core` | false | ❌ | | | /coreprotect | — | `coreprotect.coreprotect` | false | ❌ | | ### 2.7 EpicGuard v7.6.1 EpicGuard is a Paper-only plugin; it has only `paper-plugin.yml` (no commands declared). Commands are registered through its own `CommandHandler` class. Confirmed handler entry point = `/guard` (also `/epicguard /eg`) per `messages.conf` referencing `/guard status`, `/guard reload`, `/guard analyze`, `/guard whitelist`, `/guard blacklist`, `/guard save`. | Command | Aliases | Permission node | Default | PAT default | Notes | |---|---|---|---|---|---| | /guard | /epicguard /eg | `epicguard.command` (declared at runtime) | op | ❌ | bot-protection admin | ### 2.8 EssentialsX v2.21.2 124 commands declared; the most comprehensive plugin. Only the user-relevant rows are tabled. Permissions are mostly the form `essentials.`; exceptions noted. | Command | Aliases | Permission node | Default | PAT default | LP default override | Notes | |---|---|---|---|---|---|---| | /afk | /eafk /away /eaway | `essentials.afk` | — | ❌ | **true** | LP grants but PAT blocks | | /antioch | /grenade /tnt … | `essentials.antioch` | — | ❌ | — | op-toy | | /anvil | /eanvil | `essentials.anvil` | — | ❌ | — | | | /back | /eback /return | `essentials.back` | — | ✅ | **true** | OK | | /balance | /bal /money /eco | `essentials.balance` | — | ✅ (`balance` and `bal`) | **true** | | | /balancetop | /baltop /ebaltop | `essentials.balancetop` | — | ✅ (`baltop`) | **true** | | | /ban | /eban | `essentials.ban` | — | ❌ | — | | | /banip | /ebanip | `essentials.banip` | — | ❌ | — | | | /book | /ebook | `essentials.book` | — | ❌ | — | rename signed books | | /broadcast | /bc /bcast /shout | `essentials.broadcast` | — | ❌ | — | | | /clearinventory | /ci /clean /clear | `essentials.clearinventory` | — | ❌ | — | | | /compass | /direction | `essentials.compass` | — | ❌ | — | could be enabled | | /delhome | /edelhome /remhome /rmhome | `essentials.delhome` | — | ✅ | **true** | also aliased server-side `/deletehome` → `/essentials:delhome` | | /delwarp | /remwarp /rmwarp | `essentials.delwarp` | — | ❌ | — | admin | | /depth | /height | `essentials.depth` | — | ❌ | — | | | /eco | /economy | `essentials.eco` | — | ❌ | — | admin | | /enchant | /enchantment | `essentials.enchant` | — | ❌ | — | | | /enderchest | /echest /ec | `essentials.enderchest` | — | ❌ | — | | | /essentials | /ess /essversion | `essentials.essentials` | — | ❌ | — | reload | | /exp | /xp | `essentials.exp` | — | ❌ | — | | | /feed | /eat | `essentials.feed` | — | ❌ | — | | | /fly | /efly | `essentials.fly` | — | ❌ | — | | | /gamemode | /gm /gmc /gms /gma /gmsp /gmt | `essentials.gamemode` | — | ❌ | — | | | /gc | /lag /tps /mem /uptime /entities | `essentials.gc` | — | ❌ | — | | | /getpos | /coords /position /whereami /getloc | `essentials.getpos` | — | ❌ | — | | | /give | /egive | `essentials.give` | — | ❌ | — | | | /god | /godmode /tgm | `essentials.god` | — | ❌ | — | | | /hat | /head | `essentials.hat` | — | ❌ | — | | | /heal | /eheal | `essentials.heal` | — | ❌ | — | | | /help | /ehelp | `essentials.help` | — | ✅ | **true** | server-aliased to HelpCommand via commands.yml | | /helpop | /ac /amsg | `essentials.helpop` | — | ❌ | — | message admins | | /home | /ehome /homes /ehomes | `essentials.home` | — | ✅ (`home`) | **true** | | | /ignore | /unignore | `essentials.ignore` | — | ❌ | — | conflicts with Carbon /ignore | | /info | /about /news | `essentials.info` | — | ❌ | — | | | /invsee | — | `essentials.invsee` | — | ❌ | — | | | /item | /i | `essentials.item` | — | ❌ | — | | | /itemdb | /dura /durability | `essentials.itemdb` | — | ❌ | — | | | /jump | /j /jumpto | `essentials.jump` | — | ❌ | — | | | /kick | /ekick | `essentials.kick` | — | ❌ | — | | | /kit | /kits | `essentials.kit` | — | ❌ | — | | | /lightning | /shock /smite /strike /thor | `essentials.lightning` | — | ❌ | — | | | /list | /online /who /playerlist /plist | `essentials.list` | — | ✅ | **true** | | | /mail | /email /memo | `essentials.mail` | — | ❌ | — | conflicts with AuthMe /email | | /me | /action /describe | `essentials.me` | — | ❌ | — | | | /motd | /emotd | `essentials.motd` | — | ❌ | **false** | LP explicit deny — intentional | | /msg | /m /t /pm /tell /w /whisper | `essentials.msg` | — | ✅ (`msg`) | **true** | conflicts heavily with Carbon (see §3) | | /msgtoggle | — | `essentials.msgtoggle` | — | ❌ | — | | | /mute | /silence | `essentials.mute` | — | ❌ | — | conflicts with Carbon /mute | | /near | /nearby | `essentials.near` | — | ❌ | — | | | /nick | /nickname | `essentials.nick` | — | ❌ | — | conflicts with Carbon /nick | | /pay | /epay | `essentials.pay` | — | ✅ | **true** | | | /paytoggle | /payoff /payon | `essentials.paytoggle` | — | ❌ | — | | | /ping | /pong | `essentials.ping` | — | ❌ | — | | | /playtime | /eplaytime | `essentials.playtime` | — | ❌ | — | | | /r | /reply | `essentials.msg` (`.r` for /r) | — | ✅ both | **true** (essentials.reply) | conflicts with Carbon /r,/reply | | /realname | /erealname | `essentials.realname` | — | ❌ | **true** | LP grants but no PAT entry | | /recipe | /formula /recipes | `essentials.recipe` | — | ❌ | — | | | /repair | /fix | `essentials.repair` | — | ❌ | — | | | /rules | /erules | `essentials.rules` | — | ✅ | — | | | /seen | /alts | `essentials.seen` | — | ❌ | — | | | /sell | /esell | `essentials.sell` | — | ❌ | — | not used; we have EZShop /shop | | /sethome | /createhome /esethome | `essentials.sethome` | — | ✅ | **true** | | | /setwarp | /createwarp | `essentials.setwarp` | — | ❌ | — | admin | | /skull | /head /playerskull | `essentials.skull` | — | ❌ | — | | | /socialspy | — | `essentials.socialspy` | — | ❌ | — | | | /spawn | /espawn | `essentials.spawn` | — | ✅ | **true** | | | /spawnmob | /mob /spawnentity | `essentials.spawnmob` | — | ❌ | — | | | /speed | /flyspeed /walkspeed | `essentials.speed` | — | ❌ | — | | | /sudo | /esudo | `essentials.sudo` | — | ❌ | — | | | /suicide | /esuicide | `essentials.suicide` | — | ❌ | — | | | /tempban | /etempban | `essentials.tempban` | — | ❌ | — | | | /time | /day /night | `essentials.time` | — | ❌ | — | | | /top | /etop | `essentials.top` | — | ❌ | — | | | /tp | /tele /teleport /etp | `essentials.tp` | — | ✅ | — | **server-aliased to /tpa** in commands.yml — raw /tp is gated to op | | /tpa | /call /tpask | `essentials.tpa` | — | (server alias [] disables it) | **true** | | | /tpaall | /etpaall | `essentials.tpaall` | — | ❌ | — | | | /tpaccept | /tpyes | `essentials.tpaccept` | — | ✅ | **true** | | | /tpahere | /etpahere | `essentials.tpahere` | — | (server alias [] disables) | — | | | /tpall | /etpall | `essentials.tpall` | — | ❌ | — | | | /tpauto | /etpauto | `essentials.tpauto` | — | ❌ | — | | | /tpacancel | /etpacancel | `essentials.tpacancel` | — | ❌ | — | | | /tpdeny | /tpno | `essentials.tpdeny` | — | ❌ | — | **gap — counterpart of /tpaccept missing** | | /tphere | /s | `essentials.tphere` | — | (server alias [] disables) | — | | | /tpoffline | /otp /tpoff | `essentials.tpoffline` | — | ❌ | — | | | /tppos | — | `essentials.tppos` | — | ❌ | — | | | /tpr | /tprandom | `essentials.tpr` | — | ❌ | — | | | /tptoggle | — | `essentials.tptoggle` | — | ❌ | — | | | /tree | /etree | `essentials.tree` | — | ❌ | — | | | /unban | /pardon | `essentials.unban` | — | ❌ | — | | | /vanish | /v /ev | `essentials.vanish` | — | ❌ | — | | | /warp | /warps /ewarp | `essentials.warp` | — | ✅ both | — | no warps configured currently | | /weather | /rain /sky /storm /sun | `essentials.weather` | — | ❌ | — | | | /whois | /ewhois | `essentials.whois` | — | ❌ | — | | | /workbench | /craft /wb | `essentials.workbench` | — | ❌ | — | | | /world | /eworld | `essentials.world` | — | ❌ | — | | | /worth | /price | `essentials.worth` | — | ❌ | — | | (non-user commands omitted: backup, beezooka, bigtree, bottom, break, broadcastworld, burn, cartographytable, clearinventoryconfirmtoggle, condense, createkit, customtext, deljail, delkit, disposal, ext, fireball, firework, getpos, grindstone, helpop, ice, itemlore, itemname, jails, kickall, kill, kitreset, kittycannon, loom, more, nuke, payconfirmtoggle, potion, powertool, powertooltoggle, ptime, pweather, remove, renamehome, rest, rtoggle, setjail, setspawn, settpr, setworth, showkit, editsign, smithingtable, spawner, stonecutter, tempbanip, thunder, togglejail, tpacancel, tpoffline, unbanip, unlimited, warpinfo — all op-default, all blocked by PAT — **expected**.) ### 2.9 EZShop v1.0-SNAPSHOT (de.flori.shopPlugin) EZShop has only `paper-plugin.yml` and registers `/shop` programmatically (class `de.flori.shopPlugin.ShopCommand`). No permissions declared — assumes `op` for admin / open-to-all for /shop GUI. | Command | Aliases | Permission node | Default | PAT default | Notes | |---|---|---|---|---|---| | /shop | (none) | (none declared) | — | ✅ | the racked.ru sell-shop GUI | ### 2.10 FastAsyncWorldEdit v2.15.0 (provides WorldEdit) FAWE registers WorldEdit's full command set via `provides: [WorldEdit]`. None declared in plugin.yml `commands:` block — all WE commands like `/we`, `/pos1`, `/copy`, `/paste` are registered programmatically by WorldEdit core. Permission: `worldedit.*` family (over 200 nodes). All `default: op` or `default: false` via `fawe.permpack.basic`/`fawe.bypass`/etc. None whitelisted by PAT. | Command | Aliases | Permission node | Default | PAT default | Notes | |---|---|---|---|---|---| | /we /worldedit | — | `worldedit.*` | op | ❌ | admin | | (full WE command set, ~70 commands) | various | `worldedit..` | op | ❌ | admin | | /fawe | — | `fawe.admin` | op | ❌ | | ### 2.11 HelpCommand v2.9.2 | Command | Aliases | Permission node | Default | PAT default | Notes | |---|---|---|---|---|---| | /help | — | (none — open) | — | ✅ | **shadowed by Essentials by load order; commands.yml routes /help → /helpcommand:help** | | /hc | — | `hc.admin` | op | ❌ | admin | ### 2.12 Homestead v5.2.0.0 | Command | Aliases | Permission node | Default | PAT default | Notes | |---|---|---|---|---|---| | /claim | — | `homestead.commands.claim` | true | ✅ | | | /unclaim | — | `homestead.commands.unclaim` | true | ✅ | | | /region | /rg /hs /homestead | `homestead.commands.region` (+ ~50 sub-perms all `default:true`) | true | ✅ all four | master command | | /homesteadadmin | /hsadmin | `homestead.commands.homesteadadmin` (+9 sub-perms) | op | ❌ | admin | | /forceunclaim | /opunclaim /adminunclaim | `homestead.admin.forceunclaim` | op | ❌ | admin | LP default group has explicit `homestead.user=true` (custom umbrella perm). This is **not declared in plugin.yml** — appears to be operator-added cosmetic / for internal LP audit purposes; has no behavioural effect on its own (Homestead checks the `homestead.commands.region.` and `homestead.actions.regions.` paths, all already `default:true`). 106 perm nodes total. ### 2.13 LuckPerms v5.5.17 | Command | Aliases | Permission node | Default | PAT default | Notes | |---|---|---|---|---|---| | /luckperms | /lp /perm /perms /permission /permissions | `luckperms.` (per-action) | op | ❌ (`lp`/`luckperms` whitelisted in `global.commands` only — global takes precedence over default group) | | PAT `global.commands` includes `lp`, `luckperms`, `gamerule …`, `execute …`. global commands are allowed for everyone regardless of group; intended for ops to use without per-group config. But `/lp` itself permission-checks each sub-action via LuckPerms' own perm system — default players running `/lp info default` will be denied at the LP layer. ### 2.14 MiniMOTD v2.2.3 No commands declared. Server-list MOTD only. ### 2.15 MiniPlaceholders v3.2.0 `(unable to read plugin.yml — paper-plugin.yml only)`. No user-facing commands; placeholder library. ### 2.16 PlaceholderAPI v2.12.2 | Command | Aliases | Permission node | Default | PAT default | Notes | |---|---|---|---|---|---| | /placeholderapi | /papi | `placeholderapi.admin` | op | ❌ | admin | ### 2.17 ProAntiTab v2.3.0 | Command | Aliases | Permission node | Default | PAT default | Notes | |---|---|---|---|---|---| | /proantitab | /pat | `proantitab.admin` (default-derived; not explicitly in plugin.yml — runtime check) | op | ❌ | admin | PAT internally manages tab-completion and command-block visibility for **all** other commands. The default group itself maps to LP perm `proantitab.group.default=true`. ### 2.18 ProtocolLib v5.5.0 | Command | Aliases | Permission node | Default | PAT default | Notes | |---|---|---|---|---|---| | /protocol | — | `protocol.admin` | op | ❌ | admin | | /packet | — | `protocol.admin` | op | ❌ | admin | | /filter | /packet_filter | `protocol.admin` | op | ❌ | admin (conflicts with Carbon /filter — Carbon registers later, takes /filter) | | /packetlog | — | `protocol.admin` | op | ❌ | admin | ### 2.19 SkinsRestorer v15.12.0 No commands in plugin.yml. SR registers `/skin` (and many sub-aliases like `/skins`) programmatically. Granular permissions are well known. | Command | Aliases | Permission node | Default | PAT default | LP default override | Notes | |---|---|---|---|---|---|---| | /skin | — | `skinsrestorer.command` | (runtime) | ✅ | **true** | | | /skin set | — | `skinsrestorer.command.set` | (runtime) | ✅ | **true** | | | /skin url | — | `skinsrestorer.command.set.url` | (runtime) | ✅ | **true** | | | /skin gui / /skins | — | `skinsrestorer.command.gui` | (runtime) | ❌ (`skins` not listed) | **true** | **gap** — LP allows but PAT blocks `/skins` | | /skin clear | — | `skinsrestorer.command.clear` | (runtime) | (commands.yml empty alias) | **false** | LP denies; commands.yml also disables alias — defence in depth | | /skin update | — | `skinsrestorer.command.update` | (runtime) | (commands.yml empty alias) | **false** | | | /skin search | — | `skinsrestorer.command.search` | (runtime) | (commands.yml empty alias) | **false** | | | /skin random | — | `skinsrestorer.command.random` | (runtime) | (commands.yml empty alias) | **false** | | | /skin set | — | `skinsrestorer.command.set.other` | (runtime) | ❌ | **false** | | | /skin favourite | — | `skinsrestorer.command.favourite` | (runtime) | ❌ | **false** | | | /skin edit | — | `skinsrestorer.command.edit` | (runtime) | ❌ | **false** | | | /skin undo | — | `skinsrestorer.command.undo` | (runtime) | ❌ | **false** | | | /skin skull | — | `skinsrestorer.command.skull` | (runtime) | ❌ | **false** | | | /sradmin | — | `skinsrestorer.admincommand` | op | ❌ | **false** | | ### 2.20 spark v1.10.172 | Command | Aliases | Permission node | Default | PAT default | Notes | |---|---|---|---|---|---| | /spark | — | `spark` | op | ❌ | admin profiler | ### 2.21 TAB v6.0.1 | Command | Aliases | Permission node | Default | PAT default | Notes | |---|---|---|---|---|---| | /tab | — | `tab.admin` (+ ~25 sub-perms) | op | ❌ | admin | ### 2.22 VaultUnlocked v2.19.1 | Command | Aliases | Permission node | Default | PAT default | Notes | |---|---|---|---|---|---| | /vault-info | — | `vault.admin.info` | op | ❌ | admin | | /vault-convert | — | `vault.admin.convert` | op | ❌ | admin | ### 2.23 voicechat v2.6.17 | Command | Aliases | Permission node | Default | PAT default | Notes | |---|---|---|---|---|---| | /voicechat | /vc (registered runtime) | `voicechat.admin` (+ listen/speak/groups) | op | ❌ | admin; listen/speak/groups perms are `default:true` (true is implicit) and players use the chat through the proximity client | ### 2.24 VoidWorldGenerator v1.3.11 No commands declared. Provides `void` generator referenced by `bukkit.yml` for `auth_limbo` world. --- ## 3. Conflicts (same command claimed by ≥2 plugins) Bukkit resolves by load order: first plugin to register wins the bare token; the second's command becomes accessible only via `:`. Load order from logs is approximately: ProtocolLib → FAWE → SkinsRestorer → PlaceholderAPI → **Essentials (early)** → AuthMe → AuthLimbo → EZShop → ProAntiTab → Homestead → **CarbonChat (late)** → voicechat → CoreProtect → TAB → MiniMOTD → HelpCommand → EpicGuard → AuctionHouse → Chunky. | Command | Plugin A (winner) | Plugin B (shadowed) | commands.yml override | Effective owner | Notes | |---|---|---|---|---|---| | /msg | EssentialsX (`essentials.msg`) | CarbonChat (`carbon.whisper`) | none | **Essentials** | Carbon /msg only via `/carbon:whisper` | | /m /t /tell /w /whisper /message | EssentialsX (most aliases) | CarbonChat | none | **Essentials** | aliased identically; first to register wins | | /r /reply | EssentialsX (`essentials.r`) | CarbonChat (`carbon.whisper.reply`) | none | **Essentials** | | | /nick /nickname | EssentialsX (`essentials.nick`) | CarbonChat (`carbon.nickname`) | none | **Essentials** | | | /ignore | EssentialsX (`essentials.ignore`) | CarbonChat (`carbon.ignore`) | none | **Essentials** | | | /mute | EssentialsX (`essentials.mute`) | CarbonChat (`carbon.mute`) | none | **Essentials** | | | /clearchat /cc /chatclear | (only Carbon) | — | none | **Carbon** | not in PAT default; admin only anyway | | /filter | ProtocolLib (`protocol.admin`) | CarbonChat | none | **ProtocolLib** | Carbon /filter only via `/carbon:filter` | | /help | EssentialsX (`essentials.help`) | HelpCommand | **commands.yml `help: [helpcommand:help $1-]`** | **HelpCommand** (after restart) | already fixed in commands.yml | | /tp | EssentialsX (`essentials.tp`) | (none — vanilla /tp gated by op) | **commands.yml `tp: [essentials:tpa $1-]`** | **Essentials TPA flow** | players' /tp = TPA request, not raw teleport | | /skull /head | EssentialsX (`essentials.skull`) | EssentialsX `/hat` aliases (`head`) | none | **Essentials skull** | internal Ess overlap: /head is alias of both /hat and /skull — Bukkit registers first that wins (skull) | | /home /homes | EssentialsX (`essentials.home` + `homes` alias) | EssentialsX (`/homes` is also alias of /home) | none | **Essentials** | | | /email | EssentialsX `/mail` alias `email` | AuthMe `/email` (own command) | none | **AuthMe** (loads first, registers /email as own command) | EssentialsX /mail's `email` alias is shadowed | | /pm | (Essentials msg alias) | (none) | **commands.yml `pm: [essentials:msg $1-]`** | **Essentials msg** | | | /deletehome | (none — Essentials only has /delhome) | — | **commands.yml `deletehome: [essentials:delhome $1-]`** | **Essentials delhome** via alias | | | /shop | EZShop | (none) | none | **EZShop** | | | /list | EssentialsX | vanilla /list | none | **Essentials** | overrides vanilla | No conflict on `/seen` (Essentials only). --- ## 4. PAT whitelist diff (storage.yml `groups.default.commands` vs reality) `groups.default.commands` actual list (39 entries): ``` login, register, help, rules, sethome, home, deletehome, claim, lands, tpaccept, tp, pay, pm, bal, skin, skin url, skin set, shop, ah, auctionhouse, balance, baltop, msg, reply, r, back, spawn, delhome, homes, warp, warps, list, region, rg, hs, homestead, unclaim ``` ### 4a. Dead PAT whitelist entries (whitelisted but no plugin claims them) | Entry | Why it's dead | Action | |---|---|---| | `lands` | Lands jar is **not loaded**. `/data/plugins/Lands/` is config-only debris. Homestead handles claiming. | **Remove** from whitelist. Possibly archive `/data/plugins/Lands/` to `_keep/`. | | `warp`, `warps` | Essentials warps work, but **no warps are configured** on this server. Players see "warp does not exist". Either configure warps (e.g. /warp shop, /warp pvp) or remove. | **Decide:** configure or remove both. | ### 4b. Over-restrictions (plugin.yml says `default:true` but PAT blocks) | Command | Plugin | Reason it's blocked | Recommendation | |---|---|---|---| | `/co` | CoreProtect (`coreprotect.co=true`) | inspector tool — works for everyone by plugin design (lets players see who broke a block in their claim) | **Optional:** add `co` to default whitelist if operator wants player-side block-history transparency. Default-policy decision. | | `/auctionhouse` and `/ah` | AuctionHouse (`auctionhouse.ah=true`) | both are whitelisted ✅ — no over-restriction | OK | | AuthMe `/changepassword`, `/cp`, `/changepass` | AuthMe (default:true) | post-login PAT denies; players can't rotate own pw without contacting an op | **Add** `changepassword`, `changepass`, `cp` to whitelist. | | AuthMe `/totp`, `/2fa` | AuthMe (default:true) | only allowed pre-login by AuthMe internal handler; once logged in PAT blocks. Players who want to add 2FA after registration are blocked. | **Add** `totp`, `2fa` to whitelist if 2FA is intended to be available post-login. | | `/tpdeny`, `/tpno` | EssentialsX | counterpart of /tpaccept missing | **Add** `tpdeny`, `tpno`. | | `/skins` | SkinsRestorer (LP grants `skinsrestorer.command.gui=true`) | LP allows but PAT doesn't list. /skins (gui) currently unreachable. | **Add** `skins`. | | `/afk`, `/eafk`, `/away` | EssentialsX (LP grants `essentials.afk=true`) | LP allows but PAT doesn't list. AFK is unreachable. | **Add** `afk` (single canonical token) plus optional aliases. | | `/realname` | EssentialsX (LP grants `essentials.realname=true`) | LP allows but PAT doesn't list. | **Add** `realname` if used socially; **OR** revoke `essentials.realname=true` from default if not needed. | ### 4c. PAT entries that work — sanity check All other entries (`login, register, help, rules, sethome, home, deletehome, claim, tpaccept, tp, pay, pm, bal, skin, skin url, skin set, shop, ah, auctionhouse, balance, baltop, msg, reply, r, back, spawn, delhome, homes, list, region, rg, hs, homestead, unclaim`) resolve cleanly to a loaded plugin's command and are reachable. ✅ ### 4d. PAT global.commands ``` login, register, gamerule (+ subcommands), lp, luckperms, execute (+ subcommands … long chain ending in `gamerule announceAdvancements false`) ``` The `execute …` chain is unusual — appears to allow exactly one specific vanilla execute invocation. It's safe (LuckPerms denies LP commands at perm layer for non-ops, vanilla execute requires op level 2). Useful only to allow a specific in-game command-block style command, but **looks like leftover debugging setup**. Would recommend trimming the long `execute in minecraft:overworld run gamerule announceAdvancements false` ladder — it doesn't restrict anything (PAT match is on the *first token*, so just `execute` is enough), and it clutters the file. --- ## 5. LuckPerms `default` group analysis 15 explicit `true` grants: | Node | Effect | |---|---| | `carbon.channel.global.see` | see global chat | | `carbon.channel.global.speak` | speak in global chat | | `essentials.afk` | use /afk **(blocked by PAT)** | | `essentials.back` | use /back | | `essentials.balance` | use /balance | | `essentials.baltop` | use /baltop | | `essentials.delhome` | use /delhome | | `essentials.help` | use /help | | `essentials.home` | use /home | | `essentials.homes` | use /homes | | `essentials.list` | use /list | | `essentials.msg` | use /msg | | `essentials.pay` | use /pay | | `essentials.realname` | use /realname **(blocked by PAT)** | | `essentials.reply` | use /reply, /r | | `essentials.sethome` | use /sethome | | `essentials.spawn` | use /spawn | | `essentials.tpa` | use /tpa (server alias makes /tp = /tpa) | | `essentials.tpaccept` | use /tpaccept | | `homestead.user` | umbrella (no plugin uses it; cosmetic / audit-trail) | | `proantitab.group.default` | match PAT default group | | `skinsrestorer.command` | base /skin | | `skinsrestorer.command.gui` | /skin gui ↔ /skins | | `skinsrestorer.command.set` | /skin set | | `skinsrestorer.command.set.url` | /skin url | | `skinsrestorer.ownskin` | apply own skin | | `skinsrestorer.player` | be a SR-tracked player | 13 explicit `false` denies: | Node | Reason | |---|---| | `essentials.motd` | no MOTD spam (intentional) | | `prefix.10.&8[&2Adventurer&8]&r ` | prefix off (operator-managed via tracks elsewhere) | | `skinsrestorer.admincommand` | no /sradmin | | `skinsrestorer.command.clear` | no skin clear | | `skinsrestorer.command.clear.other` | no clearing others | | `skinsrestorer.command.edit` | | | `skinsrestorer.command.favourite` | | | `skinsrestorer.command.favourite.other` | | | `skinsrestorer.command.random` | no random skin spam | | `skinsrestorer.command.search` | no search browser | | `skinsrestorer.command.set.other` | no setting others' skins | | `skinsrestorer.command.skull` | | | `skinsrestorer.command.undo` | | | `skinsrestorer.command.undo.other` | | | `skinsrestorer.command.update` | | | `skinsrestorer.command.update.other` | | Plus `weight.10` (rank ordering). **No re-grant of an op-default permission** is present. **No deny of a `default:true` plugin permission** other than the SkinsRestorer narrowing and `essentials.motd` (both intentional). --- ## 6. Recommended curated default-player surface The 17 commands a default player should have visible after a polish pass: | Category | Command | PAT entry | LP node | Notes | |---|---|---|---|---| | Auth | /login (alias /l) | ✅ | (default:true) | already OK | | Auth | /register (alias /reg) | ✅ | (default:true) | already OK | | Auth | /changepassword (/changepass /cp) | **ADD** | (default:true) | post-login pw rotation | | Auth | /totp (/2fa) | **ADD** | (default:true) | post-login 2FA setup | | Movement | /spawn | ✅ | essentials.spawn=true | OK | | Movement | /home | ✅ | essentials.home=true | OK | | Movement | /sethome | ✅ | essentials.sethome=true | OK | | Movement | /delhome (/deletehome) | ✅ both | essentials.delhome=true | OK | | Movement | /homes | ✅ | essentials.homes=true | OK | | Movement | /back | ✅ | essentials.back=true | OK | | Movement | /tp (= TPA via alias) | ✅ | essentials.tpa=true | OK | | Movement | /tpaccept | ✅ | essentials.tpaccept=true | OK | | Movement | /tpdeny (/tpno) | **ADD** | grant `essentials.tpdeny=true` in LP default | counterpart of /tpaccept | | Social | /msg (/pm /tell /w) | ✅ for `msg` and `pm`; consider adding `tell` and `w` | essentials.msg=true | OK | | Social | /reply (/r) | ✅ both | essentials.reply=true | OK | | Economy | /balance (/bal) | ✅ both | essentials.balance=true | OK | | Economy | /baltop | ✅ | essentials.baltop=true | OK | | Economy | /pay | ✅ | essentials.pay=true | OK | | Economy | /shop | ✅ | (no perm) | OK | | Economy | /ah (/auctionhouse) | ✅ both | auctionhouse.ah=true (default:true) | OK | | Land | /claim | ✅ | homestead.commands.claim=true (default:true) | OK | | Land | /unclaim | ✅ | (default:true) | OK | | Land | /hs (/region /rg /homestead) | ✅ all four | (default:true) | OK | | Skins | /skin /skin set /skin url | ✅ all three | skinsrestorer.command.* selective true | OK | | Skins | /skins (gui) | **ADD** | skinsrestorer.command.gui=true (already in LP) | LP grants but PAT blocks | | Info | /help | ✅ | essentials.help=true (alias to HelpCommand) | OK | | Info | /list | ✅ | essentials.list=true | OK | | Info | /rules | ✅ | (no LP node — Essentials default-true is sufficient) | OK | | Info | /seen | (consider) | ❌ | nice-to-have if last-online useful | | Info | /afk | **ADD** | essentials.afk=true (already granted) | LP grants but PAT blocks | | Info | /motd | (intentionally off via LP) | essentials.motd=false | leave OFF | ### 6.1 Concrete diff — add to PAT `groups.default.commands` ```yaml - changepassword - changepass - cp - totp - 2fa - skins - afk - tpdeny - tpno ``` ### 6.2 Concrete diff — remove from PAT `groups.default.commands` ```yaml - lands # Lands plugin not loaded # - warp # - warps # only if not configuring warps; otherwise leave ``` ### 6.3 Concrete diff — LuckPerms (default group) Add via `/lp group default permission set true` (one-shot, idempotent): ``` essentials.tpdeny true essentials.changepassword true # belt-and-braces; AuthMe perm covers it ``` (Do NOT touch prefixes/suffixes per workspace policy.) ### 6.4 Optional remove (clean-up — operator decision) | Item | Rationale | |---|---| | `essentials.realname=true` in LP default | not in PAT whitelist anyway; remove the LP grant (or add `realname` to PAT). Pick one for consistency. | | `homestead.user=true` in LP default | not declared in any plugin's plugin.yml; cosmetic. Either delete the node or formally document why it's there. | | `/co` for default | optional: add if operator wants player-side block-history visibility. Requires both PAT entry and `coreprotect.co` is already default:true. | --- ## 7. Aliases health ### 7.1 Server-level aliases (commands.yml) | Alias | Resolves to | Status | |---|---|---| | `/tp` | `essentials:tpa $1-` | OK — turns raw teleport into request | | `/pm` | `essentials:msg $1-` | OK | | `/deletehome` | `essentials:delhome $1-` | OK | | `/help` | `helpcommand:help $1-` | OK after next restart (check effective on bounce) | | `/tpa /tpahere /tphere /teleport` | `[]` (disabled) | OK — forces request flow | | `/skin clear /update /search /random` | `[]` (disabled) | OK — defence-in-depth on top of LP denies | ### 7.2 Recommendations - **No /tps spam.** `/tps` is an EssentialsX `/gc` alias and NOT in the PAT whitelist — already silent for default. Leave as is. Consider: spark also exposes `/spark health` which is op-only. No conflict. - **Drop the `execute in minecraft:overworld run gamerule …` ladder** in PAT `global.commands`. PAT only matches the first token (or up to a sub-command boundary) — the long chain is ineffective and confusing. Replace with just `gamerule` and `execute` if those need to be globally allowed. - **Carbon vs Essentials chat aliases.** Bukkit picks Essentials first for /msg/r/whisper/etc. Since Carbon's chat features (parties, channels, ignore) are not granted to default group anyway, this is fine. If you ever want Carbon /party for default, you'd need both an LP grant and a PAT whitelist entry **and** to ensure Essentials doesn't shadow `/party` (Essentials does not declare a /party command — /party is uniquely Carbon's, so it's safe). - **Disable EssentialsX duplicate aliases that fight us.** `/tps` (alias of /gc) and `/email` (alias of /mail) overlap with spark concept and AuthMe respectively. Right now, both are silently OK because they're op-default and not in PAT default whitelist. No action needed. - **HelpCommand alias.** Make sure `/help` alias took effect — check by `echo 'help' | rcon-cli` returning the racked.ru-styled page (after server restart). ### 7.3 Bukkit `commands.yml` extra suggestions (optional) - Add `/tpdeny: [essentials:tpdeny $1-]` — already auto-resolved, but explicit is clearer. - Consider `/wild: [essentials:tpr $1-]` if you want a "random teleport" UX without enabling /tpr token directly. - Consider `/discord: [...]` macro if a Discord invite needs a memorable command (DiscordSRV is **not loaded** despite `SYSTEM.md` mention — confirm the operator's plan re. chat bridging). --- ## 8. Plugins with partial / runtime-registered command data (transparency) | Plugin | Why limited | Source of truth | |---|---|---| | AuctionHouse | command not in plugin.yml; only perm | jar class `me.elaineqheart.auctionHouse.commands.AuctionHouseCommand`; PAT entries `auctionhouse, ah` confirm | | EpicGuard | only paper-plugin.yml; no commands declared | `me.xneox.epicguard.core.command.CommandHandler`; messages.conf shows `/guard ...` usage | | EZShop | only paper-plugin.yml | jar class `de.flori.shopPlugin.ShopCommand` | | SkinsRestorer | no commands in plugin.yml | LP perm structure (`skinsrestorer.command.*`) is canonical | | FastAsyncWorldEdit | provides WorldEdit core; commands registered by WE library | WorldEdit upstream docs apply | | MiniPlaceholders | unable to read plugin.yml (paper-plugin.yml only); no commands | placeholder library — no user commands | | Lands | **NOT LOADED** — no jar present | references in HelpCommand text and PAT whitelist are dead | --- ## 9. Quick reference — "is /X visible to default?" A command appears for default players iff **all** of: 1. The command resolves to a loaded plugin (or commands.yml alias), 2. The owning permission (or its `default:true` flag) is held by the default group, 3. The first token (e.g. `home` from `/home foo`) is in PAT `groups.default.commands` OR `global.commands`. If any of (1)/(2)/(3) fails, the player gets either a "no permission" message (LP), a "BLOCKED" message (PAT), or "Unknown or incomplete command" (Bukkit).