]> git.proxmox.com Git - pve-access-control.git/blame - debian/changelog
projects / pve-access-control.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
bump version to 7.1-5
[pve-access-control.git] / debian / changelog
CommitLineData
118088d8
TL		 1libpve-access-control (7.1-5) bullseye; urgency=medium
2
3 * openid: fix username-claim fallback
4
5 -- Proxmox Support Team <support@proxmox.com> Thu, 25 Nov 2021 07:57:38 +0100
6
ebb14277
WB		 7libpve-access-control (7.1-4) bullseye; urgency=medium
8
9 * set current origin in the webauthn config if no fixed origin was
10 configured, to support webauthn via subdomains
11
12 -- Proxmox Support Team <support@proxmox.com> Mon, 22 Nov 2021 14:04:06 +0100
13
44a55ff7
TL		 14libpve-access-control (7.1-3) bullseye; urgency=medium
15
16 * openid: allow arbitrary username-claims
17
18 * openid: support configuring the prompt, scopes and ACR values
19
20 -- Proxmox Support Team <support@proxmox.com> Fri, 19 Nov 2021 08:11:52 +0100
21
6f643e79
TL		 22libpve-access-control (7.1-2) bullseye; urgency=medium
23
24 * catch incompatible tfa entries with a nice error
25
26 -- Proxmox Support Team <support@proxmox.com> Wed, 17 Nov 2021 13:44:45 +0100
27
92bca71e
TL		 28libpve-access-control (7.1-1) bullseye; urgency=medium
29
30 * tfa: map HTTP 404 error in get_tfa_entry correctly
31
32 -- Proxmox Support Team <support@proxmox.com> Mon, 15 Nov 2021 15:33:22 +0100
33
1c9b6501
TL		 34libpve-access-control (7.0-7) bullseye; urgency=medium
35
36 * fix #3513: pass configured proxy to OpenID
37
38 * use rust based parser for TFA config
39
40 * use PBS-like auth api call flow,
41
42 * merge old user.cfg keys to tfa config when adding entries
43
44 * implement version checks for new tfa config writer to ensure all
45 cluster nodes are ready to avoid login issues
46
47 * tickets: add tunnel ticket
48
49 -- Proxmox Support Team <support@proxmox.com> Thu, 11 Nov 2021 18:17:49 +0100
50
cd46b379
TL		 51libpve-access-control (7.0-6) bullseye; urgency=medium
52
53 * fix regression in user deletion when realm does not enforce TFA
54
55 -- Proxmox Support Team <support@proxmox.com> Thu, 21 Oct 2021 12:28:52 +0200
56
52da88a8
TL		 57libpve-access-control (7.0-5) bullseye; urgency=medium
58
59 * acl: check path: add /sdn/vnets/* path
60
61 * fix #2302: allow deletion of users when realm enforces TFA
62
63 * api: delete user: disable user first to avoid surprise on error during the
64 various cleanup action required for user deletion (e.g., TFA, ACL, group)
65
66 -- Proxmox Support Team <support@proxmox.com> Mon, 27 Sep 2021 15:50:47 +0200
67
543d646c
TL		 68libpve-access-control (7.0-4) bullseye; urgency=medium
69
70 * realm: add OpenID configuration
71
72 * api: implement OpenID related endpoints
73
74 * implement opt-in OpenID autocreate user feature
75
76 * api: user: add 'realm-type' to user list response
77
78 -- Proxmox Support Team <support@proxmox.com> Fri, 02 Jul 2021 13:45:46 +0200
79
7a4c4fd8
TL		 80libpve-access-control (7.0-3) bullseye; urgency=medium
81
82 * api: acl: add missing `/access/realm/<realm>`, `/access/group/<group>` and
83 `/sdn/zones/<zone>` to allowed ACL paths
84
85 -- Proxmox Support Team <support@proxmox.com> Mon, 21 Jun 2021 10:31:19 +0200
86
0902a936
FG		 87libpve-access-control (7.0-2) bullseye; urgency=medium
88
89 * fix #3402: add Pool.Audit privilege - custom roles containing
90 Pool.Allocate must be updated to include the new privilege.
91
92 -- Proxmox Support Team <support@proxmox.com> Tue, 1 Jun 2021 11:28:38 +0200
93
67febb69
TL		 94libpve-access-control (7.0-1) bullseye; urgency=medium
95
96 * re-build for Debian 11 Bullseye based releases
97
98 -- Proxmox Support Team <support@proxmox.com> Sun, 09 May 2021 18:18:23 +0200
99
2942ba41
TL		 100libpve-access-control (6.4-1) pve; urgency=medium
101
102 * fix #1670: change PAM service name to project specific name
103
104 * fix #1500: permission path syntax check for access control
105
106 * pveum: add resource pool CLI commands
107
108 -- Proxmox Support Team <support@proxmox.com> Sat, 24 Apr 2021 19:48:21 +0200
109
54d312f3
TL		 110libpve-access-control (6.1-3) pve; urgency=medium
111
112 * partially fix #2825: authkey: rotate if it was generated in the
113 future
114
115 * fix #2947: add an option to LDAP or AD realm to switch user lookup to case
116 insensitive
117
118 -- Proxmox Support Team <support@proxmox.com> Tue, 29 Sep 2020 08:54:13 +0200
119
6a9be12f
TL		 120libpve-access-control (6.1-2) pve; urgency=medium
121
122 * also check SDN permission path when computing coarse permissions heuristic
123 for UIs
124
125 * add SDN Permissions.Modify
126
127 * add VM.Config.Cloudinit
128
129 -- Proxmox Support Team <support@proxmox.com> Tue, 30 Jun 2020 13:06:56 +0200
130
e6624f50
TL		 131libpve-access-control (6.1-1) pve; urgency=medium
132
133 * pveum: add tfa delete subcommand for deleting user-TFA
134
135 * LDAP: don't complain about missing credentials on realm removal
136
137 * LDAP: skip anonymous bind when client certificate and key is configured
138
139 -- Proxmox Support Team <support@proxmox.com> Fri, 08 May 2020 17:47:41 +0200
140
8f4a522f
TL		 141libpve-access-control (6.0-7) pve; urgency=medium
142
143 * fix #2575: die when trying to edit built-in roles
144
145 * add realm sub commands to pveum CLI tool
146
147 * api: domains: add user group sync API enpoint
148
149 * allow one to sync and import users and groups from LDAP/AD based realms
150
151 * realm: add default-sync-options to config for more convenient sync configuration
152
153 * api: token create: return also full token id for convenience
154
155 -- Proxmox Support Team <support@proxmox.com> Sat, 25 Apr 2020 19:35:17 +0200
156
23059f35
TL		 157libpve-access-control (6.0-6) pve; urgency=medium
158
159 * API: add group members to group index
160
161 * implement API token support and management
162
163 * pveum: add 'pveum user token add/update/remove/list'
164
165 * pveum: add permissions sub-commands
166
167 * API: add 'permissions' API endpoint
168
169 * user.cfg: skip inexisting roles when parsing ACLs
170
171 -- Proxmox Support Team <support@proxmox.com> Wed, 29 Jan 2020 10:17:27 +0100
172
3dd692e9
TL		 173libpve-access-control (6.0-5) pve; urgency=medium
174
175 * pveum: add list command for users, groups, ACLs and roles
176
177 * add initial permissions for experimental SDN integration
178
179 -- Proxmox Support Team <support@proxmox.com> Tue, 26 Nov 2019 17:56:37 +0100
180
4ef92d0d
FG		 181libpve-access-control (6.0-4) pve; urgency=medium
182
183 * ticket: use clinfo to get cluster name
184
185 * ldaps: add sslversion configuration property to support TLS 1.1 to 1.3 as
186 SSL version
187
188 -- Proxmox Support Team <support@proxmox.com> Mon, 18 Nov 2019 11:55:11 +0100
189
6e5bbca4
TL		 190libpve-access-control (6.0-3) pve; urgency=medium
191
192 * fix #2433: increase possible TFA secret length
193
194 * parse user configuration: correctly parse group names in ACLs, for users
195 which begin their name with an @
196
197 * sort user.cfg entries alphabetically
198
199 -- Proxmox Support Team <support@proxmox.com> Tue, 29 Oct 2019 08:52:23 +0100
200
e073493c
TL		 201libpve-access-control (6.0-2) pve; urgency=medium
202
203 * improve CSRF verification compatibility with newer PVE
204
205 -- Proxmox Support Team <support@proxmox.com> Wed, 26 Jun 2019 20:24:35 +0200
206
a237dc2e
TL		 207libpve-access-control (6.0-1) pve; urgency=medium
208
209 * ticket: properly verify exactly 5 minute old tickets
210
211 * use hmac_sha256 instead of sha1 for CSRF token generation
212
213 -- Proxmox Support Team <support@proxmox.com> Mon, 24 Jun 2019 18:14:45 +0200
214
f1531f22
TL		 215libpve-access-control (6.0-0+1) pve; urgency=medium
216
217 * bump for Debian buster
218
219 * fix #2079: add periodic auth key rotation
220
221 -- Proxmox Support Team <support@proxmox.com> Tue, 21 May 2019 21:31:15 +0200
222
ef761f51
TL		 223libpve-access-control (5.1-10) unstable; urgency=medium
224
225 * add /access/user/{id}/tfa api call to get tfa types
226
227 -- Proxmox Support Team <support@proxmox.com> Wed, 15 May 2019 16:21:10 +0200
228
860ddcba
TL		 229libpve-access-control (5.1-9) unstable; urgency=medium
230
231 * store the tfa type in user.cfg allowing to get it without proxying the call
232 to a higher priviledged daemon.
233
234 * tfa: realm required TFA should lock out users without TFA configured, as it
235 was done before Proxmox VE 5.4
236
237 -- Proxmox Support Team <support@proxmox.com> Tue, 30 Apr 2019 14:01:00 +0000
238
9fbad012
TL		 239libpve-access-control (5.1-8) unstable; urgency=medium
240
241 * U2F: ensure we save correct public key on registration
242
243 -- Proxmox Support Team <support@proxmox.com> Tue, 09 Apr 2019 12:47:12 +0200
244
4473c96c
TL		 245libpve-access-control (5.1-7) unstable; urgency=medium
246
247 * verify_ticket: allow general non-challenge tfa to be run as two step
248 call
249
250 -- Proxmox Support Team <support@proxmox.com> Mon, 08 Apr 2019 16:56:14 +0200
251
a270d4e1
TL		 252libpve-access-control (5.1-6) unstable; urgency=medium
253
254 * more general 2FA configuration via priv/tfa.cfg
255
256 * add u2f api endpoints
257
258 * delete TFA entries when deleting a user
259
260 * allow users to change their TOTP settings
261
262 -- Proxmox Support Team <support@proxmox.com> Wed, 03 Apr 2019 13:40:26 +0200
263
374647e8
TL		 264libpve-access-control (5.1-5) unstable; urgency=medium
265
266 * fix vnc ticket verification without authkey lifetime
267
268 -- Proxmox Support Team <support@proxmox.com> Mon, 18 Mar 2019 10:43:17 +0100
269
7fb70c94
TL		 270libpve-access-control (5.1-4) unstable; urgency=medium
271
272 * fix #1891: Add zsh command completion for pveum
273
274 * ground work to fix #2079: add periodic auth key rotation. Not yet enabled
275 to avoid issues on upgrade, will be enabled with 6.0
276
277 -- Proxmox Support Team <support@proxmox.com> Mon, 18 Mar 2019 09:12:05 +0100
278
6e010cde
TL		 279libpve-access-control (5.1-3) unstable; urgency=medium
280
281 * api/ticket: move getting cluster name into an eval
282
283 -- Proxmox Support Team <support@proxmox.com> Thu, 29 Nov 2018 12:59:36 +0100
284
f5a9380a
TL		 285libpve-access-control (5.1-2) unstable; urgency=medium
286
287 * fix #1998: correct return properties for read_role
288
289 -- Proxmox Support Team <support@proxmox.com> Fri, 23 Nov 2018 14:22:40 +0100
290
b54b7474
TL		 291libpve-access-control (5.1-1) unstable; urgency=medium
292
293 * pveum: introduce sub-commands
294
295 * register userid with completion
296
297 * fix #233: return cluster name on successful login
298
299 -- Proxmox Support Team <support@proxmox.com> Thu, 15 Nov 2018 09:34:47 +0100
300
52192dd4
WB		 301libpve-access-control (5.0-8) unstable; urgency=medium
302
303 * fix #1612: ldap: make 2nd server work with bind domains again
304
305 * fix an error message where passing a bad pool id to an API function would
306 make it complain about a wrong group name instead
307
308 * fix the API-returned permission list so that the GUI knows to show the
309 'Permissions' tab for a storage to an administrator apart from root@pam
310
311 -- Proxmox Support Team <support@proxmox.com> Thu, 18 Jan 2018 13:34:50 +0100
312
3dadf8cf
FG		 313libpve-access-control (5.0-7) unstable; urgency=medium
314
315 * VM.Snapshot.Rollback privilege added
316
317 * api: check for special roles before locking the usercfg
318
319 * fix #1501: pveum: die when deleting special role
320
321 * API/ticket: rework coarse grained permission computation
322
323 -- Proxmox Support Team <support@proxmox.com> Thu, 5 Oct 2017 11:27:48 +0200
324
ec4141f4
WB		 325libpve-access-control (5.0-6) unstable; urgency=medium
326
327 * Close #1470: Add server ceritifcate verification for AD and LDAP via the
328 'verify' option. For compatibility reasons this defaults to off for now,
329 but that might change with future updates.
330
331 * AD, LDAP: Add ability to specify a CA path or file, and a client
332 certificate via the 'capath', 'cert' and 'certkey' options.
333
334 -- Proxmox Support Team <support@proxmox.com> Tue, 08 Aug 2017 11:56:38 +0200
335
63134bd4
DM		 336libpve-access-control (5.0-5) unstable; urgency=medium
337
338 * change from dpkg-deb to dpkg-buildpackage
339
340 -- Proxmox Support Team <support@proxmox.com> Thu, 22 Jun 2017 09:12:37 +0200
341
868fb1ea
DM		 342libpve-access-control (5.0-4) unstable; urgency=medium
343
344 * PVE/CLI/pveum.pm: call setup_default_cli_env()
345
346 * PVE/Auth/PVE.pm: encode uft8 password before calling crypt
347
348 * check_api2_permissions: avoid warning about uninitialized value
349
350 -- Proxmox Support Team <support@proxmox.com> Tue, 02 May 2017 11:58:15 +0200
351
63358f40
DM		 352libpve-access-control (5.0-3) unstable; urgency=medium
353
354 * use new PVE::OTP class from pve-common
355
356 * use new PVE::Tools::encrypt_pw from pve-common
357
358 -- Proxmox Support Team <support@proxmox.com> Thu, 30 Mar 2017 17:45:55 +0200
359
05fd50af
DM		 360libpve-access-control (5.0-2) unstable; urgency=medium
361
362 * encrypt_pw: avoid '+' for crypt salt
363
364 -- Proxmox Support Team <support@proxmox.com> Thu, 30 Mar 2017 08:54:10 +0200
365
0835385b
FG		 366libpve-access-control (5.0-1) unstable; urgency=medium
367
368 * rebuild for PVE 5.0
369
370 -- Proxmox Support Team <support@proxmox.com> Mon, 6 Mar 2017 13:42:01 +0100
371
730f8863
DM		 372libpve-access-control (4.0-23) unstable; urgency=medium
373
374 * use new PVE::Ticket class
375
376 -- Proxmox Support Team <support@proxmox.com> Thu, 19 Jan 2017 13:42:06 +0100
377
1f1c4593
DM		 378libpve-access-control (4.0-22) unstable; urgency=medium
379
380 * RPCEnvironment: removed check_volume_access() to avoid cyclic dependency
381 (moved to PVE::Storage)
382
383 * PVE::PCEnvironment: use new PVE::RESTEnvironment as base class
384
385 -- Proxmox Support Team <support@proxmox.com> Thu, 19 Jan 2017 09:12:04 +0100
386
f9105063
DM		 387libpve-access-control (4.0-21) unstable; urgency=medium
388
389 * setup_default_cli_env: expect $class as first parameter
390
391 -- Proxmox Support Team <support@proxmox.com> Thu, 12 Jan 2017 13:54:27 +0100
392
9595066e
DM		 393libpve-access-control (4.0-20) unstable; urgency=medium
394
395 * PVE/RPCEnvironment.pm: new function setup_default_cli_env
396
397 * PVE/API2/Domains.pm: fix property description
398
399 * use new repoman for upload target
400
401 -- Proxmox Support Team <support@proxmox.com> Wed, 11 Jan 2017 12:13:26 +0100
402
2af5a793
DM		 403libpve-access-control (4.0-19) unstable; urgency=medium
404
405 * Close #833: ldap: non-anonymous bind support
406
407 * don't import 'RFC' from MIME::Base32
408
409 -- Proxmox Support Team <support@proxmox.com> Fri, 05 Aug 2016 13:09:08 +0200
410
5d87bb77
WB		 411libpve-access-control (4.0-18) unstable; urgency=medium
412
413 * fix #1062: recognize base32 otp keys again
414
415 -- Proxmox Support Team <support@proxmox.com> Thu, 21 Jul 2016 08:43:18 +0200
416
28ddf48b
WB		 417libpve-access-control (4.0-17) unstable; urgency=medium
418
419 * drop oathtool and libdigest-hmac-perl dependencies
420
421 -- Proxmox Support Team <support@proxmox.com> Mon, 11 Jul 2016 12:03:22 +0200
422
15cebb28
DM		 423libpve-access-control (4.0-16) unstable; urgency=medium
424
425 * use pve-doc-generator to generate man pages
426
427 -- Proxmox Support Team <support@proxmox.com> Fri, 08 Apr 2016 07:06:05 +0200
428
678df887
DM		 429libpve-access-control (4.0-15) unstable; urgency=medium
430
431 * Fix uninitialized warning when shadow.cfg does not exist
432
433 -- Proxmox Support Team <support@proxmox.com> Fri, 01 Apr 2016 07:10:57 +0200
434
cca9761a
DM		 435libpve-access-control (4.0-14) unstable; urgency=medium
436
437 * Add is_worker to RPCEnvironment
438
439 -- Proxmox Support Team <support@proxmox.com> Tue, 15 Mar 2016 16:47:34 +0100
440
8643c99d
DM		 441libpve-access-control (4.0-13) unstable; urgency=medium
442
443 * fix #916: allow HTTPS to access custom yubico url
444
445 -- Proxmox Support Team <support@proxmox.com> Mon, 14 Mar 2016 11:39:23 +0100
446
ae2a6bf9
DM		 447libpve-access-control (4.0-12) unstable; urgency=medium
448
449 * Catch certificate errors instead of segfaulting
450
451 -- Proxmox Support Team <support@proxmox.com> Wed, 09 Mar 2016 14:41:01 +0100
452
4836db5f
DM		 453libpve-access-control (4.0-11) unstable; urgency=medium
454
455 * Fix #861: use safer sprintf formatting
456
457 -- Proxmox Support Team <support@proxmox.com> Fri, 08 Jan 2016 12:52:39 +0100
458
ccbe23dc
DM		 459libpve-access-control (4.0-10) unstable; urgency=medium
460
461 * Auth::LDAP, Auth::AD: ipv6 support
462
463 -- Proxmox Support Team <support@proxmox.com> Thu, 03 Dec 2015 12:09:32 +0100
464
90399ca4
DM		 465libpve-access-control (4.0-9) unstable; urgency=medium
466
467 * pveum: implement bash completion
468
469 -- Proxmox Support Team <support@proxmox.com> Thu, 01 Oct 2015 17:22:52 +0200
470
364ffc13
DM		 471libpve-access-control (4.0-8) unstable; urgency=medium
472
473 * remove_storage_access: cleanup of access permissions for removed storage
474
475 -- Proxmox Support Team <support@proxmox.com> Wed, 19 Aug 2015 15:39:15 +0200
476
7c26cb4a
DM		 477libpve-access-control (4.0-7) unstable; urgency=medium
478
479 * new helper to remove access permissions for removed VMs
480
481 -- Proxmox Support Team <support@proxmox.com> Fri, 14 Aug 2015 07:57:02 +0200
482
296afbd1
DM		 483libpve-access-control (4.0-6) unstable; urgency=medium
484
485 * improve parse_user_config, parse_shadow_config
486
487 -- Proxmox Support Team <support@proxmox.com> Mon, 27 Jul 2015 13:14:33 +0200
488
7d2df2ef
DM		 489libpve-access-control (4.0-5) unstable; urgency=medium
490
491 * pveum: check for $cmd being defined
492
493 -- Proxmox Support Team <support@proxmox.com> Wed, 10 Jun 2015 10:40:15 +0200
494
98a34e3f
DM		 495libpve-access-control (4.0-4) unstable; urgency=medium
496
497 * use activate-noawait triggers
498
499 -- Proxmox Support Team <support@proxmox.com> Mon, 01 Jun 2015 12:25:31 +0200
500
15462727
DM		 501libpve-access-control (4.0-3) unstable; urgency=medium
502
503 * IPv6 fixes
504
505 * non-root buildfix
506
507 -- Proxmox Support Team <support@proxmox.com> Wed, 27 May 2015 11:15:44 +0200
508
bbf4cc9a
DM		 509libpve-access-control (4.0-2) unstable; urgency=medium
510
511 * trigger pve-api-updates event
512
513 -- Proxmox Support Team <support@proxmox.com> Tue, 05 May 2015 15:06:38 +0200
514
dfbcf6d3
DM		 515libpve-access-control (4.0-1) unstable; urgency=medium
516
517 * bump version for Debian Jessie
518
519 -- Proxmox Support Team <support@proxmox.com> Thu, 26 Feb 2015 11:22:01 +0100
520
94971b3a
DM		 521libpve-access-control (3.0-16) unstable; urgency=low
522
523 * root@pam can now be disabled in GUI.
524
525 -- Proxmox Support Team <support@proxmox.com> Fri, 30 Jan 2015 06:20:22 +0100
526
7b17c7cb
DM		 527libpve-access-control (3.0-15) unstable; urgency=low
528
529 * oath: add 'step' and 'digits' option
530
531 -- Proxmox Support Team <support@proxmox.com> Wed, 23 Jul 2014 06:59:52 +0200
532
1abc2c0a
DM		 533libpve-access-control (3.0-14) unstable; urgency=low
534
535 * add oath two factor auth
536
537 * add oathkeygen binary to generate keys for oath
538
539 * add yubico two factor auth
540
541 * dedend on oathtool
542
543 * depend on libmime-base32-perl
30be0de9
DM		 544
545 * allow to write builtin auth domains config (comment/tfa/default)
1abc2c0a
DM		 546
547 -- Proxmox Support Team <support@proxmox.com> Thu, 17 Jul 2014 13:09:56 +0200
548
298450ab
DM		 549libpve-access-control (3.0-13) unstable; urgency=low
550
551 * use correct connection string for AD auth
552
553 -- Proxmox Support Team <support@proxmox.com> Thu, 22 May 2014 07:16:09 +0200
554
396034e4
DM		 555libpve-access-control (3.0-12) unstable; urgency=low
556
557 * add dummy API for GET /access/ticket (useful to generate login pages)
558
559 -- Proxmox Support Team <support@proxmox.com> Wed, 30 Apr 2014 14:47:56 +0200
560
26361123
DM		 561libpve-access-control (3.0-11) unstable; urgency=low
562
563 * Sets common hot keys for spice client
564
565 -- Proxmox Support Team <support@proxmox.com> Fri, 31 Jan 2014 10:24:28 +0100
566
3643383d
DM		 567libpve-access-control (3.0-10) unstable; urgency=low
568
569 * implement helper to generate SPICE remote-viewer configuration
570
571 * depend on libnet-ssleay-perl
572
573 -- Proxmox Support Team <support@proxmox.com> Tue, 10 Dec 2013 10:45:08 +0100
574
0baedcf7
DM		 575libpve-access-control (3.0-9) unstable; urgency=low
576
577 * prevent user enumeration attacks
e4f8fc2e
DM		 578
579 * allow dots in access paths
0baedcf7
DM		 580
581 -- Proxmox Support Team <support@proxmox.com> Mon, 18 Nov 2013 09:06:38 +0100
582
d4b63eae
DM		 583libpve-access-control (3.0-8) unstable; urgency=low
584
585 * spice: use lowercase hostname in ticktet signature
586
587 -- Proxmox Support Team <support@proxmox.com> Mon, 28 Oct 2013 08:11:57 +0100
588
49594944
DM		 589libpve-access-control (3.0-7) unstable; urgency=low
590
591 * check_volume_access : use parse_volname instead of path, and remove
592 path related code.
7c410d63
DM		 593
594 * use warnings instead of global -w flag.
49594944
DM		 595
596 -- Proxmox Support Team <support@proxmox.com> Tue, 01 Oct 2013 12:35:53 +0200
597
fe7de5d0
DM		 598libpve-access-control (3.0-6) unstable; urgency=low
599
600 * use shorter spiceproxy tickets
601
602 -- Proxmox Support Team <support@proxmox.com> Fri, 19 Jul 2013 12:39:09 +0200
603
4cdd9507
DM		 604libpve-access-control (3.0-5) unstable; urgency=low
605
606 * add code to generate tickets for SPICE
607
608 -- Proxmox Support Team <support@proxmox.com> Wed, 26 Jun 2013 13:08:32 +0200
609
677f9ab0
DM		 610libpve-access-control (3.0-4) unstable; urgency=low
611
612 * moved add_vm_to_pool/remove_vm_from_pool from qemu-server
613
614 -- Proxmox Support Team <support@proxmox.com> Tue, 14 May 2013 11:56:54 +0200
615
139a8ecf
DM		 616libpve-access-control (3.0-3) unstable; urgency=low
617
7b395f99 618 * Add new role PVETemplateUser (and VM.Clone priviledge)
139a8ecf
DM		 619
620 -- Proxmox Support Team <support@proxmox.com> Mon, 29 Apr 2013 11:42:15 +0200
621
b78ce7c2
DM		 622libpve-access-control (3.0-2) unstable; urgency=low
623
624 * remove CGI.pm related code (pveproxy does not need that)
625
626 -- Proxmox Support Team <support@proxmox.com> Mon, 15 Apr 2013 12:34:23 +0200
627
786820f9
DM		 628libpve-access-control (3.0-1) unstable; urgency=low
629
630 * bump version for wheezy release
631
632 -- Proxmox Support Team <support@proxmox.com> Fri, 15 Mar 2013 08:07:06 +0100
633
e5ae5487
DM		 634libpve-access-control (1.0-26) unstable; urgency=low
635
636 * check_volume_access: fix access permissions for backup files
637
638 -- Proxmox Support Team <support@proxmox.com> Thu, 28 Feb 2013 10:00:14 +0100
639
e3e6510c
DM		 640libpve-access-control (1.0-25) unstable; urgency=low
641
642 * add VM.Snapshot permission
643
644 -- Proxmox Support Team <support@proxmox.com> Mon, 10 Sep 2012 09:23:32 +0200
645
1e15ebe7
DM		 646libpve-access-control (1.0-24) unstable; urgency=low
647
648 * untaint path (allow root to restore arbitrary paths)
649
650 -- Proxmox Support Team <support@proxmox.com> Wed, 06 Jun 2012 13:06:34 +0200
651
437be042
DM		 652libpve-access-control (1.0-23) unstable; urgency=low
653
654 * correctly compute GUI capabilities (consider pools)
655
656 -- Proxmox Support Team <support@proxmox.com> Wed, 30 May 2012 08:47:23 +0200
657
5bb4e06a
DM		 658libpve-access-control (1.0-22) unstable; urgency=low
659
660 * new plugin architecture for Auth modules, minor API change for Auth
661 domains (new 'delete' parameter)
662
663 -- Proxmox Support Team <support@proxmox.com> Wed, 16 May 2012 07:21:44 +0200
664
3030a176
DM		 665libpve-access-control (1.0-21) unstable; urgency=low
666
667 * do not allow user names including slash
668
669 -- Proxmox Support Team <support@proxmox.com> Tue, 24 Apr 2012 10:07:47 +0200
670
671libpve-access-control (1.0-20) unstable; urgency=low
672
673 * add ability to fork cli workers in background
674
675 -- Proxmox Support Team <support@proxmox.com> Wed, 18 Apr 2012 08:28:20 +0200
676
dd2cfee0
DM		 677libpve-access-control (1.0-19) unstable; urgency=low
678
679 * return set of privileges on login - can be used to adopt GUI
680
681 -- Proxmox Support Team <support@proxmox.com> Tue, 17 Apr 2012 10:25:10 +0200
682
1cf154b7
DM		 683libpve-access-control (1.0-18) unstable; urgency=low
684
533219a1
DM		 685 * fix bug #151: corretly parse username inside ticket
686
687 * fix bug #152: allow user to change his own password
1cf154b7
DM		 688
689 -- Proxmox Support Team <support@proxmox.com> Wed, 11 Apr 2012 09:40:15 +0200
690
2de14407
DM		 691libpve-access-control (1.0-17) unstable; urgency=low
692
693 * set propagate flag by default
694
695 -- Proxmox Support Team <support@proxmox.com> Thu, 01 Mar 2012 12:40:19 +0100
696
bdc61d7a
DM		 697libpve-access-control (1.0-16) unstable; urgency=low
698
699 * add 'pveum passwd' method
700
701 -- Proxmox Support Team <support@proxmox.com> Thu, 23 Feb 2012 12:05:25 +0100
702
cc7bdf33
DM		 703libpve-access-control (1.0-15) unstable; urgency=low
704
705 * Add VM.Config.CDROM privilege to PVEVMUser rule
706
707 -- Proxmox Support Team <support@proxmox.com> Wed, 22 Feb 2012 11:44:23 +0100
708
a69bbe2e
DM		 709libpve-access-control (1.0-14) unstable; urgency=low
710
711 * fix buf in userid-param permission check
712
713 -- Proxmox Support Team <support@proxmox.com> Wed, 22 Feb 2012 10:52:35 +0100
714
d9483d94
DM		 715libpve-access-control (1.0-13) unstable; urgency=low
716
717 * allow more characters in ldap base_dn attribute
718
719 -- Proxmox Support Team <support@proxmox.com> Wed, 22 Feb 2012 06:17:02 +0100
720
84619607
DM		 721libpve-access-control (1.0-12) unstable; urgency=low
722
723 * allow more characters with realm IDs
724
725 -- Proxmox Support Team <support@proxmox.com> Mon, 20 Feb 2012 08:50:33 +0100
726
09d27058
DM		 727libpve-access-control (1.0-11) unstable; urgency=low
728
729 * fix bug in exec_api2_perm_check
730
731 -- Proxmox Support Team <support@proxmox.com> Wed, 15 Feb 2012 07:06:30 +0100
732
7a4c849e
DM		 733libpve-access-control (1.0-10) unstable; urgency=low
734
735 * fix ACL group name parser
736
737 * changed 'pveum aclmod' command line arguments
738
739 -- Proxmox Support Team <support@proxmox.com> Tue, 14 Feb 2012 12:08:02 +0100
740
3eac4e35
DM		 741libpve-access-control (1.0-9) unstable; urgency=low
742
743 * fix bug in check_volume_access (fixes vzrestore)
744
745 -- Proxmox Support Team <support@proxmox.com> Mon, 13 Feb 2012 09:56:37 +0100
746
4384e19e
DM		 747libpve-access-control (1.0-8) unstable; urgency=low
748
749 * fix return value for empty ACL list.
750
751 -- Proxmox Support Team <support@proxmox.com> Fri, 10 Feb 2012 11:25:04 +0100
752
d8a56966
DM		 753libpve-access-control (1.0-7) unstable; urgency=low
754
755 * fix bug #85: allow root@pam to generate tickets for other users
756
757 -- Proxmox Support Team <support@proxmox.com> Tue, 17 Jan 2012 06:40:18 +0100
758
cb6f2f93
DM		 759libpve-access-control (1.0-6) unstable; urgency=low
760
761 * API change: allow to filter enabled/disabled users.
762
763 -- Proxmox Support Team <support@proxmox.com> Wed, 11 Jan 2012 12:30:37 +0100
764
272fe9ff
DM		 765libpve-access-control (1.0-5) unstable; urgency=low
766
767 * add a way to return file changes (diffs): set_result_changes()
768
769 -- Proxmox Support Team <support@proxmox.com> Tue, 20 Dec 2011 11:18:48 +0100
770
e42eedbc
DM		 771libpve-access-control (1.0-4) unstable; urgency=low
772
773 * new environment type for ha agents
774
775 -- Proxmox Support Team <support@proxmox.com> Tue, 13 Dec 2011 10:08:53 +0100
776
1fba27e0
DM		 777libpve-access-control (1.0-3) unstable; urgency=low
778
779 * add support for delayed parameter parsing - We need that to disable
780 file upload for normal API request (avoid DOS attacs)
781
782 -- Proxmox Support Team <support@proxmox.com> Fri, 02 Dec 2011 09:56:10 +0100
783
5bf71a96
DM		 784libpve-access-control (1.0-2) unstable; urgency=low
785
786 * fix bug in fork_worker
787
788 -- Proxmox Support Team <support@proxmox.com> Tue, 11 Oct 2011 08:37:05 +0200
789
2c3a6c0a
DM		 790libpve-access-control (1.0-1) unstable; urgency=low
791
792 * allow '-' in permission paths
793
794 * bump version to 1.0
795
796 -- Proxmox Support Team <support@proxmox.com> Mon, 27 Jun 2011 13:51:48 +0200
797
798libpve-access-control (0.1) unstable; urgency=low
799
800 * first dummy package - no functionality
801
802 -- Proxmox Support Team <support@proxmox.com> Thu, 09 Jul 2009 16:03:00 +0200
803
Access control framework