1 libpve-access-control (7.1-7) bullseye; urgency=medium
3 * userid-group check: distinguish create and update
5 * api: get user: declare token schema
7 -- Proxmox Support Team <support@proxmox.com> Mon, 21 Mar 2022 16:15:23 +0100
9 libpve-access-control (7.1-6) bullseye; urgency=medium
11 * fix #3768: warn on bad u2f or webauthn settings
13 * tfa: when modifying others, verify the current user's password
15 * tfa list: account for admin permissions
17 * fix realm sync permissions
19 * fix token permission display bug
21 * include SDN permissions in permission tree
23 -- Proxmox Support Team <support@proxmox.com> Fri, 21 Jan 2022 14:20:42 +0100
25 libpve-access-control (7.1-5) bullseye; urgency=medium
27 * openid: fix username-claim fallback
29 -- Proxmox Support Team <support@proxmox.com> Thu, 25 Nov 2021 07:57:38 +0100
31 libpve-access-control (7.1-4) bullseye; urgency=medium
33 * set current origin in the webauthn config if no fixed origin was
34 configured, to support webauthn via subdomains
36 -- Proxmox Support Team <support@proxmox.com> Mon, 22 Nov 2021 14:04:06 +0100
38 libpve-access-control (7.1-3) bullseye; urgency=medium
40 * openid: allow arbitrary username-claims
42 * openid: support configuring the prompt, scopes and ACR values
44 -- Proxmox Support Team <support@proxmox.com> Fri, 19 Nov 2021 08:11:52 +0100
46 libpve-access-control (7.1-2) bullseye; urgency=medium
48 * catch incompatible tfa entries with a nice error
50 -- Proxmox Support Team <support@proxmox.com> Wed, 17 Nov 2021 13:44:45 +0100
52 libpve-access-control (7.1-1) bullseye; urgency=medium
54 * tfa: map HTTP 404 error in get_tfa_entry correctly
56 -- Proxmox Support Team <support@proxmox.com> Mon, 15 Nov 2021 15:33:22 +0100
58 libpve-access-control (7.0-7) bullseye; urgency=medium
60 * fix #3513: pass configured proxy to OpenID
62 * use rust based parser for TFA config
64 * use PBS-like auth api call flow,
66 * merge old user.cfg keys to tfa config when adding entries
68 * implement version checks for new tfa config writer to ensure all
69 cluster nodes are ready to avoid login issues
71 * tickets: add tunnel ticket
73 -- Proxmox Support Team <support@proxmox.com> Thu, 11 Nov 2021 18:17:49 +0100
75 libpve-access-control (7.0-6) bullseye; urgency=medium
77 * fix regression in user deletion when realm does not enforce TFA
79 -- Proxmox Support Team <support@proxmox.com> Thu, 21 Oct 2021 12:28:52 +0200
81 libpve-access-control (7.0-5) bullseye; urgency=medium
83 * acl: check path: add /sdn/vnets/* path
85 * fix #2302: allow deletion of users when realm enforces TFA
87 * api: delete user: disable user first to avoid surprise on error during the
88 various cleanup action required for user deletion (e.g., TFA, ACL, group)
90 -- Proxmox Support Team <support@proxmox.com> Mon, 27 Sep 2021 15:50:47 +0200
92 libpve-access-control (7.0-4) bullseye; urgency=medium
94 * realm: add OpenID configuration
96 * api: implement OpenID related endpoints
98 * implement opt-in OpenID autocreate user feature
100 * api: user: add 'realm-type' to user list response
102 -- Proxmox Support Team <support@proxmox.com> Fri, 02 Jul 2021 13:45:46 +0200
104 libpve-access-control (7.0-3) bullseye; urgency=medium
106 * api: acl: add missing `/access/realm/<realm>`, `/access/group/<group>` and
107 `/sdn/zones/<zone>` to allowed ACL paths
109 -- Proxmox Support Team <support@proxmox.com> Mon, 21 Jun 2021 10:31:19 +0200
111 libpve-access-control (7.0-2) bullseye; urgency=medium
113 * fix #3402: add Pool.Audit privilege - custom roles containing
114 Pool.Allocate must be updated to include the new privilege.
116 -- Proxmox Support Team <support@proxmox.com> Tue, 1 Jun 2021 11:28:38 +0200
118 libpve-access-control (7.0-1) bullseye; urgency=medium
120 * re-build for Debian 11 Bullseye based releases
122 -- Proxmox Support Team <support@proxmox.com> Sun, 09 May 2021 18:18:23 +0200
124 libpve-access-control (6.4-1) pve; urgency=medium
126 * fix #1670: change PAM service name to project specific name
128 * fix #1500: permission path syntax check for access control
130 * pveum: add resource pool CLI commands
132 -- Proxmox Support Team <support@proxmox.com> Sat, 24 Apr 2021 19:48:21 +0200
134 libpve-access-control (6.1-3) pve; urgency=medium
136 * partially fix #2825: authkey: rotate if it was generated in the
139 * fix #2947: add an option to LDAP or AD realm to switch user lookup to case
142 -- Proxmox Support Team <support@proxmox.com> Tue, 29 Sep 2020 08:54:13 +0200
144 libpve-access-control (6.1-2) pve; urgency=medium
146 * also check SDN permission path when computing coarse permissions heuristic
149 * add SDN Permissions.Modify
151 * add VM.Config.Cloudinit
153 -- Proxmox Support Team <support@proxmox.com> Tue, 30 Jun 2020 13:06:56 +0200
155 libpve-access-control (6.1-1) pve; urgency=medium
157 * pveum: add tfa delete subcommand for deleting user-TFA
159 * LDAP: don't complain about missing credentials on realm removal
161 * LDAP: skip anonymous bind when client certificate and key is configured
163 -- Proxmox Support Team <support@proxmox.com> Fri, 08 May 2020 17:47:41 +0200
165 libpve-access-control (6.0-7) pve; urgency=medium
167 * fix #2575: die when trying to edit built-in roles
169 * add realm sub commands to pveum CLI tool
171 * api: domains: add user group sync API enpoint
173 * allow one to sync and import users and groups from LDAP/AD based realms
175 * realm: add default-sync-options to config for more convenient sync configuration
177 * api: token create: return also full token id for convenience
179 -- Proxmox Support Team <support@proxmox.com> Sat, 25 Apr 2020 19:35:17 +0200
181 libpve-access-control (6.0-6) pve; urgency=medium
183 * API: add group members to group index
185 * implement API token support and management
187 * pveum: add 'pveum user token add/update/remove/list'
189 * pveum: add permissions sub-commands
191 * API: add 'permissions' API endpoint
193 * user.cfg: skip inexisting roles when parsing ACLs
195 -- Proxmox Support Team <support@proxmox.com> Wed, 29 Jan 2020 10:17:27 +0100
197 libpve-access-control (6.0-5) pve; urgency=medium
199 * pveum: add list command for users, groups, ACLs and roles
201 * add initial permissions for experimental SDN integration
203 -- Proxmox Support Team <support@proxmox.com> Tue, 26 Nov 2019 17:56:37 +0100
205 libpve-access-control (6.0-4) pve; urgency=medium
207 * ticket: use clinfo to get cluster name
209 * ldaps: add sslversion configuration property to support TLS 1.1 to 1.3 as
212 -- Proxmox Support Team <support@proxmox.com> Mon, 18 Nov 2019 11:55:11 +0100
214 libpve-access-control (6.0-3) pve; urgency=medium
216 * fix #2433: increase possible TFA secret length
218 * parse user configuration: correctly parse group names in ACLs, for users
219 which begin their name with an @
221 * sort user.cfg entries alphabetically
223 -- Proxmox Support Team <support@proxmox.com> Tue, 29 Oct 2019 08:52:23 +0100
225 libpve-access-control (6.0-2) pve; urgency=medium
227 * improve CSRF verification compatibility with newer PVE
229 -- Proxmox Support Team <support@proxmox.com> Wed, 26 Jun 2019 20:24:35 +0200
231 libpve-access-control (6.0-1) pve; urgency=medium
233 * ticket: properly verify exactly 5 minute old tickets
235 * use hmac_sha256 instead of sha1 for CSRF token generation
237 -- Proxmox Support Team <support@proxmox.com> Mon, 24 Jun 2019 18:14:45 +0200
239 libpve-access-control (6.0-0+1) pve; urgency=medium
241 * bump for Debian buster
243 * fix #2079: add periodic auth key rotation
245 -- Proxmox Support Team <support@proxmox.com> Tue, 21 May 2019 21:31:15 +0200
247 libpve-access-control (5.1-10) unstable; urgency=medium
249 * add /access/user/{id}/tfa api call to get tfa types
251 -- Proxmox Support Team <support@proxmox.com> Wed, 15 May 2019 16:21:10 +0200
253 libpve-access-control (5.1-9) unstable; urgency=medium
255 * store the tfa type in user.cfg allowing to get it without proxying the call
256 to a higher priviledged daemon.
258 * tfa: realm required TFA should lock out users without TFA configured, as it
259 was done before Proxmox VE 5.4
261 -- Proxmox Support Team <support@proxmox.com> Tue, 30 Apr 2019 14:01:00 +0000
263 libpve-access-control (5.1-8) unstable; urgency=medium
265 * U2F: ensure we save correct public key on registration
267 -- Proxmox Support Team <support@proxmox.com> Tue, 09 Apr 2019 12:47:12 +0200
269 libpve-access-control (5.1-7) unstable; urgency=medium
271 * verify_ticket: allow general non-challenge tfa to be run as two step
274 -- Proxmox Support Team <support@proxmox.com> Mon, 08 Apr 2019 16:56:14 +0200
276 libpve-access-control (5.1-6) unstable; urgency=medium
278 * more general 2FA configuration via priv/tfa.cfg
280 * add u2f api endpoints
282 * delete TFA entries when deleting a user
284 * allow users to change their TOTP settings
286 -- Proxmox Support Team <support@proxmox.com> Wed, 03 Apr 2019 13:40:26 +0200
288 libpve-access-control (5.1-5) unstable; urgency=medium
290 * fix vnc ticket verification without authkey lifetime
292 -- Proxmox Support Team <support@proxmox.com> Mon, 18 Mar 2019 10:43:17 +0100
294 libpve-access-control (5.1-4) unstable; urgency=medium
296 * fix #1891: Add zsh command completion for pveum
298 * ground work to fix #2079: add periodic auth key rotation. Not yet enabled
299 to avoid issues on upgrade, will be enabled with 6.0
301 -- Proxmox Support Team <support@proxmox.com> Mon, 18 Mar 2019 09:12:05 +0100
303 libpve-access-control (5.1-3) unstable; urgency=medium
305 * api/ticket: move getting cluster name into an eval
307 -- Proxmox Support Team <support@proxmox.com> Thu, 29 Nov 2018 12:59:36 +0100
309 libpve-access-control (5.1-2) unstable; urgency=medium
311 * fix #1998: correct return properties for read_role
313 -- Proxmox Support Team <support@proxmox.com> Fri, 23 Nov 2018 14:22:40 +0100
315 libpve-access-control (5.1-1) unstable; urgency=medium
317 * pveum: introduce sub-commands
319 * register userid with completion
321 * fix #233: return cluster name on successful login
323 -- Proxmox Support Team <support@proxmox.com> Thu, 15 Nov 2018 09:34:47 +0100
325 libpve-access-control (5.0-8) unstable; urgency=medium
327 * fix #1612: ldap: make 2nd server work with bind domains again
329 * fix an error message where passing a bad pool id to an API function would
330 make it complain about a wrong group name instead
332 * fix the API-returned permission list so that the GUI knows to show the
333 'Permissions' tab for a storage to an administrator apart from root@pam
335 -- Proxmox Support Team <support@proxmox.com> Thu, 18 Jan 2018 13:34:50 +0100
337 libpve-access-control (5.0-7) unstable; urgency=medium
339 * VM.Snapshot.Rollback privilege added
341 * api: check for special roles before locking the usercfg
343 * fix #1501: pveum: die when deleting special role
345 * API/ticket: rework coarse grained permission computation
347 -- Proxmox Support Team <support@proxmox.com> Thu, 5 Oct 2017 11:27:48 +0200
349 libpve-access-control (5.0-6) unstable; urgency=medium
351 * Close #1470: Add server ceritifcate verification for AD and LDAP via the
352 'verify' option. For compatibility reasons this defaults to off for now,
353 but that might change with future updates.
355 * AD, LDAP: Add ability to specify a CA path or file, and a client
356 certificate via the 'capath', 'cert' and 'certkey' options.
358 -- Proxmox Support Team <support@proxmox.com> Tue, 08 Aug 2017 11:56:38 +0200
360 libpve-access-control (5.0-5) unstable; urgency=medium
362 * change from dpkg-deb to dpkg-buildpackage
364 -- Proxmox Support Team <support@proxmox.com> Thu, 22 Jun 2017 09:12:37 +0200
366 libpve-access-control (5.0-4) unstable; urgency=medium
368 * PVE/CLI/pveum.pm: call setup_default_cli_env()
370 * PVE/Auth/PVE.pm: encode uft8 password before calling crypt
372 * check_api2_permissions: avoid warning about uninitialized value
374 -- Proxmox Support Team <support@proxmox.com> Tue, 02 May 2017 11:58:15 +0200
376 libpve-access-control (5.0-3) unstable; urgency=medium
378 * use new PVE::OTP class from pve-common
380 * use new PVE::Tools::encrypt_pw from pve-common
382 -- Proxmox Support Team <support@proxmox.com> Thu, 30 Mar 2017 17:45:55 +0200
384 libpve-access-control (5.0-2) unstable; urgency=medium
386 * encrypt_pw: avoid '+' for crypt salt
388 -- Proxmox Support Team <support@proxmox.com> Thu, 30 Mar 2017 08:54:10 +0200
390 libpve-access-control (5.0-1) unstable; urgency=medium
392 * rebuild for PVE 5.0
394 -- Proxmox Support Team <support@proxmox.com> Mon, 6 Mar 2017 13:42:01 +0100
396 libpve-access-control (4.0-23) unstable; urgency=medium
398 * use new PVE::Ticket class
400 -- Proxmox Support Team <support@proxmox.com> Thu, 19 Jan 2017 13:42:06 +0100
402 libpve-access-control (4.0-22) unstable; urgency=medium
404 * RPCEnvironment: removed check_volume_access() to avoid cyclic dependency
405 (moved to PVE::Storage)
407 * PVE::PCEnvironment: use new PVE::RESTEnvironment as base class
409 -- Proxmox Support Team <support@proxmox.com> Thu, 19 Jan 2017 09:12:04 +0100
411 libpve-access-control (4.0-21) unstable; urgency=medium
413 * setup_default_cli_env: expect $class as first parameter
415 -- Proxmox Support Team <support@proxmox.com> Thu, 12 Jan 2017 13:54:27 +0100
417 libpve-access-control (4.0-20) unstable; urgency=medium
419 * PVE/RPCEnvironment.pm: new function setup_default_cli_env
421 * PVE/API2/Domains.pm: fix property description
423 * use new repoman for upload target
425 -- Proxmox Support Team <support@proxmox.com> Wed, 11 Jan 2017 12:13:26 +0100
427 libpve-access-control (4.0-19) unstable; urgency=medium
429 * Close #833: ldap: non-anonymous bind support
431 * don't import 'RFC' from MIME::Base32
433 -- Proxmox Support Team <support@proxmox.com> Fri, 05 Aug 2016 13:09:08 +0200
435 libpve-access-control (4.0-18) unstable; urgency=medium
437 * fix #1062: recognize base32 otp keys again
439 -- Proxmox Support Team <support@proxmox.com> Thu, 21 Jul 2016 08:43:18 +0200
441 libpve-access-control (4.0-17) unstable; urgency=medium
443 * drop oathtool and libdigest-hmac-perl dependencies
445 -- Proxmox Support Team <support@proxmox.com> Mon, 11 Jul 2016 12:03:22 +0200
447 libpve-access-control (4.0-16) unstable; urgency=medium
449 * use pve-doc-generator to generate man pages
451 -- Proxmox Support Team <support@proxmox.com> Fri, 08 Apr 2016 07:06:05 +0200
453 libpve-access-control (4.0-15) unstable; urgency=medium
455 * Fix uninitialized warning when shadow.cfg does not exist
457 -- Proxmox Support Team <support@proxmox.com> Fri, 01 Apr 2016 07:10:57 +0200
459 libpve-access-control (4.0-14) unstable; urgency=medium
461 * Add is_worker to RPCEnvironment
463 -- Proxmox Support Team <support@proxmox.com> Tue, 15 Mar 2016 16:47:34 +0100
465 libpve-access-control (4.0-13) unstable; urgency=medium
467 * fix #916: allow HTTPS to access custom yubico url
469 -- Proxmox Support Team <support@proxmox.com> Mon, 14 Mar 2016 11:39:23 +0100
471 libpve-access-control (4.0-12) unstable; urgency=medium
473 * Catch certificate errors instead of segfaulting
475 -- Proxmox Support Team <support@proxmox.com> Wed, 09 Mar 2016 14:41:01 +0100
477 libpve-access-control (4.0-11) unstable; urgency=medium
479 * Fix #861: use safer sprintf formatting
481 -- Proxmox Support Team <support@proxmox.com> Fri, 08 Jan 2016 12:52:39 +0100
483 libpve-access-control (4.0-10) unstable; urgency=medium
485 * Auth::LDAP, Auth::AD: ipv6 support
487 -- Proxmox Support Team <support@proxmox.com> Thu, 03 Dec 2015 12:09:32 +0100
489 libpve-access-control (4.0-9) unstable; urgency=medium
491 * pveum: implement bash completion
493 -- Proxmox Support Team <support@proxmox.com> Thu, 01 Oct 2015 17:22:52 +0200
495 libpve-access-control (4.0-8) unstable; urgency=medium
497 * remove_storage_access: cleanup of access permissions for removed storage
499 -- Proxmox Support Team <support@proxmox.com> Wed, 19 Aug 2015 15:39:15 +0200
501 libpve-access-control (4.0-7) unstable; urgency=medium
503 * new helper to remove access permissions for removed VMs
505 -- Proxmox Support Team <support@proxmox.com> Fri, 14 Aug 2015 07:57:02 +0200
507 libpve-access-control (4.0-6) unstable; urgency=medium
509 * improve parse_user_config, parse_shadow_config
511 -- Proxmox Support Team <support@proxmox.com> Mon, 27 Jul 2015 13:14:33 +0200
513 libpve-access-control (4.0-5) unstable; urgency=medium
515 * pveum: check for $cmd being defined
517 -- Proxmox Support Team <support@proxmox.com> Wed, 10 Jun 2015 10:40:15 +0200
519 libpve-access-control (4.0-4) unstable; urgency=medium
521 * use activate-noawait triggers
523 -- Proxmox Support Team <support@proxmox.com> Mon, 01 Jun 2015 12:25:31 +0200
525 libpve-access-control (4.0-3) unstable; urgency=medium
531 -- Proxmox Support Team <support@proxmox.com> Wed, 27 May 2015 11:15:44 +0200
533 libpve-access-control (4.0-2) unstable; urgency=medium
535 * trigger pve-api-updates event
537 -- Proxmox Support Team <support@proxmox.com> Tue, 05 May 2015 15:06:38 +0200
539 libpve-access-control (4.0-1) unstable; urgency=medium
541 * bump version for Debian Jessie
543 -- Proxmox Support Team <support@proxmox.com> Thu, 26 Feb 2015 11:22:01 +0100
545 libpve-access-control (3.0-16) unstable; urgency=low
547 * root@pam can now be disabled in GUI.
549 -- Proxmox Support Team <support@proxmox.com> Fri, 30 Jan 2015 06:20:22 +0100
551 libpve-access-control (3.0-15) unstable; urgency=low
553 * oath: add 'step' and 'digits' option
555 -- Proxmox Support Team <support@proxmox.com> Wed, 23 Jul 2014 06:59:52 +0200
557 libpve-access-control (3.0-14) unstable; urgency=low
559 * add oath two factor auth
561 * add oathkeygen binary to generate keys for oath
563 * add yubico two factor auth
567 * depend on libmime-base32-perl
569 * allow to write builtin auth domains config (comment/tfa/default)
571 -- Proxmox Support Team <support@proxmox.com> Thu, 17 Jul 2014 13:09:56 +0200
573 libpve-access-control (3.0-13) unstable; urgency=low
575 * use correct connection string for AD auth
577 -- Proxmox Support Team <support@proxmox.com> Thu, 22 May 2014 07:16:09 +0200
579 libpve-access-control (3.0-12) unstable; urgency=low
581 * add dummy API for GET /access/ticket (useful to generate login pages)
583 -- Proxmox Support Team <support@proxmox.com> Wed, 30 Apr 2014 14:47:56 +0200
585 libpve-access-control (3.0-11) unstable; urgency=low
587 * Sets common hot keys for spice client
589 -- Proxmox Support Team <support@proxmox.com> Fri, 31 Jan 2014 10:24:28 +0100
591 libpve-access-control (3.0-10) unstable; urgency=low
593 * implement helper to generate SPICE remote-viewer configuration
595 * depend on libnet-ssleay-perl
597 -- Proxmox Support Team <support@proxmox.com> Tue, 10 Dec 2013 10:45:08 +0100
599 libpve-access-control (3.0-9) unstable; urgency=low
601 * prevent user enumeration attacks
603 * allow dots in access paths
605 -- Proxmox Support Team <support@proxmox.com> Mon, 18 Nov 2013 09:06:38 +0100
607 libpve-access-control (3.0-8) unstable; urgency=low
609 * spice: use lowercase hostname in ticktet signature
611 -- Proxmox Support Team <support@proxmox.com> Mon, 28 Oct 2013 08:11:57 +0100
613 libpve-access-control (3.0-7) unstable; urgency=low
615 * check_volume_access : use parse_volname instead of path, and remove
618 * use warnings instead of global -w flag.
620 -- Proxmox Support Team <support@proxmox.com> Tue, 01 Oct 2013 12:35:53 +0200
622 libpve-access-control (3.0-6) unstable; urgency=low
624 * use shorter spiceproxy tickets
626 -- Proxmox Support Team <support@proxmox.com> Fri, 19 Jul 2013 12:39:09 +0200
628 libpve-access-control (3.0-5) unstable; urgency=low
630 * add code to generate tickets for SPICE
632 -- Proxmox Support Team <support@proxmox.com> Wed, 26 Jun 2013 13:08:32 +0200
634 libpve-access-control (3.0-4) unstable; urgency=low
636 * moved add_vm_to_pool/remove_vm_from_pool from qemu-server
638 -- Proxmox Support Team <support@proxmox.com> Tue, 14 May 2013 11:56:54 +0200
640 libpve-access-control (3.0-3) unstable; urgency=low
642 * Add new role PVETemplateUser (and VM.Clone priviledge)
644 -- Proxmox Support Team <support@proxmox.com> Mon, 29 Apr 2013 11:42:15 +0200
646 libpve-access-control (3.0-2) unstable; urgency=low
648 * remove CGI.pm related code (pveproxy does not need that)
650 -- Proxmox Support Team <support@proxmox.com> Mon, 15 Apr 2013 12:34:23 +0200
652 libpve-access-control (3.0-1) unstable; urgency=low
654 * bump version for wheezy release
656 -- Proxmox Support Team <support@proxmox.com> Fri, 15 Mar 2013 08:07:06 +0100
658 libpve-access-control (1.0-26) unstable; urgency=low
660 * check_volume_access: fix access permissions for backup files
662 -- Proxmox Support Team <support@proxmox.com> Thu, 28 Feb 2013 10:00:14 +0100
664 libpve-access-control (1.0-25) unstable; urgency=low
666 * add VM.Snapshot permission
668 -- Proxmox Support Team <support@proxmox.com> Mon, 10 Sep 2012 09:23:32 +0200
670 libpve-access-control (1.0-24) unstable; urgency=low
672 * untaint path (allow root to restore arbitrary paths)
674 -- Proxmox Support Team <support@proxmox.com> Wed, 06 Jun 2012 13:06:34 +0200
676 libpve-access-control (1.0-23) unstable; urgency=low
678 * correctly compute GUI capabilities (consider pools)
680 -- Proxmox Support Team <support@proxmox.com> Wed, 30 May 2012 08:47:23 +0200
682 libpve-access-control (1.0-22) unstable; urgency=low
684 * new plugin architecture for Auth modules, minor API change for Auth
685 domains (new 'delete' parameter)
687 -- Proxmox Support Team <support@proxmox.com> Wed, 16 May 2012 07:21:44 +0200
689 libpve-access-control (1.0-21) unstable; urgency=low
691 * do not allow user names including slash
693 -- Proxmox Support Team <support@proxmox.com> Tue, 24 Apr 2012 10:07:47 +0200
695 libpve-access-control (1.0-20) unstable; urgency=low
697 * add ability to fork cli workers in background
699 -- Proxmox Support Team <support@proxmox.com> Wed, 18 Apr 2012 08:28:20 +0200
701 libpve-access-control (1.0-19) unstable; urgency=low
703 * return set of privileges on login - can be used to adopt GUI
705 -- Proxmox Support Team <support@proxmox.com> Tue, 17 Apr 2012 10:25:10 +0200
707 libpve-access-control (1.0-18) unstable; urgency=low
709 * fix bug #151: corretly parse username inside ticket
711 * fix bug #152: allow user to change his own password
713 -- Proxmox Support Team <support@proxmox.com> Wed, 11 Apr 2012 09:40:15 +0200
715 libpve-access-control (1.0-17) unstable; urgency=low
717 * set propagate flag by default
719 -- Proxmox Support Team <support@proxmox.com> Thu, 01 Mar 2012 12:40:19 +0100
721 libpve-access-control (1.0-16) unstable; urgency=low
723 * add 'pveum passwd' method
725 -- Proxmox Support Team <support@proxmox.com> Thu, 23 Feb 2012 12:05:25 +0100
727 libpve-access-control (1.0-15) unstable; urgency=low
729 * Add VM.Config.CDROM privilege to PVEVMUser rule
731 -- Proxmox Support Team <support@proxmox.com> Wed, 22 Feb 2012 11:44:23 +0100
733 libpve-access-control (1.0-14) unstable; urgency=low
735 * fix buf in userid-param permission check
737 -- Proxmox Support Team <support@proxmox.com> Wed, 22 Feb 2012 10:52:35 +0100
739 libpve-access-control (1.0-13) unstable; urgency=low
741 * allow more characters in ldap base_dn attribute
743 -- Proxmox Support Team <support@proxmox.com> Wed, 22 Feb 2012 06:17:02 +0100
745 libpve-access-control (1.0-12) unstable; urgency=low
747 * allow more characters with realm IDs
749 -- Proxmox Support Team <support@proxmox.com> Mon, 20 Feb 2012 08:50:33 +0100
751 libpve-access-control (1.0-11) unstable; urgency=low
753 * fix bug in exec_api2_perm_check
755 -- Proxmox Support Team <support@proxmox.com> Wed, 15 Feb 2012 07:06:30 +0100
757 libpve-access-control (1.0-10) unstable; urgency=low
759 * fix ACL group name parser
761 * changed 'pveum aclmod' command line arguments
763 -- Proxmox Support Team <support@proxmox.com> Tue, 14 Feb 2012 12:08:02 +0100
765 libpve-access-control (1.0-9) unstable; urgency=low
767 * fix bug in check_volume_access (fixes vzrestore)
769 -- Proxmox Support Team <support@proxmox.com> Mon, 13 Feb 2012 09:56:37 +0100
771 libpve-access-control (1.0-8) unstable; urgency=low
773 * fix return value for empty ACL list.
775 -- Proxmox Support Team <support@proxmox.com> Fri, 10 Feb 2012 11:25:04 +0100
777 libpve-access-control (1.0-7) unstable; urgency=low
779 * fix bug #85: allow root@pam to generate tickets for other users
781 -- Proxmox Support Team <support@proxmox.com> Tue, 17 Jan 2012 06:40:18 +0100
783 libpve-access-control (1.0-6) unstable; urgency=low
785 * API change: allow to filter enabled/disabled users.
787 -- Proxmox Support Team <support@proxmox.com> Wed, 11 Jan 2012 12:30:37 +0100
789 libpve-access-control (1.0-5) unstable; urgency=low
791 * add a way to return file changes (diffs): set_result_changes()
793 -- Proxmox Support Team <support@proxmox.com> Tue, 20 Dec 2011 11:18:48 +0100
795 libpve-access-control (1.0-4) unstable; urgency=low
797 * new environment type for ha agents
799 -- Proxmox Support Team <support@proxmox.com> Tue, 13 Dec 2011 10:08:53 +0100
801 libpve-access-control (1.0-3) unstable; urgency=low
803 * add support for delayed parameter parsing - We need that to disable
804 file upload for normal API request (avoid DOS attacs)
806 -- Proxmox Support Team <support@proxmox.com> Fri, 02 Dec 2011 09:56:10 +0100
808 libpve-access-control (1.0-2) unstable; urgency=low
810 * fix bug in fork_worker
812 -- Proxmox Support Team <support@proxmox.com> Tue, 11 Oct 2011 08:37:05 +0200
814 libpve-access-control (1.0-1) unstable; urgency=low
816 * allow '-' in permission paths
818 * bump version to 1.0
820 -- Proxmox Support Team <support@proxmox.com> Mon, 27 Jun 2011 13:51:48 +0200
822 libpve-access-control (0.1) unstable; urgency=low
824 * first dummy package - no functionality
826 -- Proxmox Support Team <support@proxmox.com> Thu, 09 Jul 2009 16:03:00 +0200