X-Git-Url: https://git.proxmox.com/?a=blobdiff_plain;f=PVE%2FAccessControl.pm;h=2b7044e2393039aab16dad482e76b0cfd6c29b76;hb=ef740495f04af742c3defb8a034167ecb1713c15;hp=4ba612cbfdf0829df3a5f1a1ac588a83f068aa7f;hpb=86cd805b635299fd810ff80a79cac8a37f7e6a63;p=pve-access-control.git

diff --git a/PVE/AccessControl.pm b/PVE/AccessControl.pm
index 4ba612c..2b7044e 100644
--- a/PVE/AccessControl.pm
+++ b/PVE/AccessControl.pm
@@ -6,6 +6,7 @@ use Encode;
 use Crypt::OpenSSL::Random;
 use Crypt::OpenSSL::RSA;
 use Net::SSLeay;
+use Net::IP;
 use MIME::Base64;
 use Digest::SHA;
 use Digest::HMAC_SHA1;
@@ -317,6 +318,7 @@ sub remote_viewer_config {
     my $cacert = PVE::Tools::file_get_contents("/etc/pve/pve-root-ca.pem", 8192);
     $cacert =~ s/\n/\\n/g;
 
+    $proxy = "[$proxy]" if Net::IP::ip_is_ipv6($proxy);
     my $config = {
 	'secure-attention' => "Ctrl+Alt+Ins",
 	'toggle-fullscreen' => "Shift+F11",
@@ -356,8 +358,6 @@ sub check_user_enabled {
 
     return 1 if $data->{enable};
 
-    return 1 if $username eq 'root@pam'; # root is always enabled
-
     die "user '$username' is disabled\n" if !$noerr;
  
     return undef;
@@ -695,10 +695,10 @@ sub userconfig_force_defaults {
 	$cfg->{roles}->{$r} = $special_roles->{$r};
     }
 
-    # fixme: remove 'root' group (not required)?
-
-    # add root user 
-    $cfg->{users}->{'root@pam'}->{enable} = 1;
+    # add root user if not exists
+    if (!$cfg->{users}->{'root@pam'}) {
+	$cfg->{users}->{'root@pam'}->{enable} = 1; 
+    }
 }
 
 sub parse_user_config {
@@ -1243,7 +1243,6 @@ sub oath_verify_otp {
 	my $line = shift;
 
 	if ($line =~ m/^\d{6}$/) {
-	    print "GOT:$line\n";
 	    $found = 1 if $otp eq $line;
 	}
     };