]> git.proxmox.com Git - pve-access-control.git/blame - debian/changelog
projects / pve-access-control.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
bump version to 7.1-3
[pve-access-control.git] / debian / changelog
CommitLineData
44a55ff7
TL		 1libpve-access-control (7.1-3) bullseye; urgency=medium
2
3 * openid: allow arbitrary username-claims
4
5 * openid: support configuring the prompt, scopes and ACR values
6
7 -- Proxmox Support Team <support@proxmox.com> Fri, 19 Nov 2021 08:11:52 +0100
8
6f643e79
TL		 9libpve-access-control (7.1-2) bullseye; urgency=medium
10
11 * catch incompatible tfa entries with a nice error
12
13 -- Proxmox Support Team <support@proxmox.com> Wed, 17 Nov 2021 13:44:45 +0100
14
92bca71e
TL		 15libpve-access-control (7.1-1) bullseye; urgency=medium
16
17 * tfa: map HTTP 404 error in get_tfa_entry correctly
18
19 -- Proxmox Support Team <support@proxmox.com> Mon, 15 Nov 2021 15:33:22 +0100
20
1c9b6501
TL		 21libpve-access-control (7.0-7) bullseye; urgency=medium
22
23 * fix #3513: pass configured proxy to OpenID
24
25 * use rust based parser for TFA config
26
27 * use PBS-like auth api call flow,
28
29 * merge old user.cfg keys to tfa config when adding entries
30
31 * implement version checks for new tfa config writer to ensure all
32 cluster nodes are ready to avoid login issues
33
34 * tickets: add tunnel ticket
35
36 -- Proxmox Support Team <support@proxmox.com> Thu, 11 Nov 2021 18:17:49 +0100
37
cd46b379
TL		 38libpve-access-control (7.0-6) bullseye; urgency=medium
39
40 * fix regression in user deletion when realm does not enforce TFA
41
42 -- Proxmox Support Team <support@proxmox.com> Thu, 21 Oct 2021 12:28:52 +0200
43
52da88a8
TL		 44libpve-access-control (7.0-5) bullseye; urgency=medium
45
46 * acl: check path: add /sdn/vnets/* path
47
48 * fix #2302: allow deletion of users when realm enforces TFA
49
50 * api: delete user: disable user first to avoid surprise on error during the
51 various cleanup action required for user deletion (e.g., TFA, ACL, group)
52
53 -- Proxmox Support Team <support@proxmox.com> Mon, 27 Sep 2021 15:50:47 +0200
54
543d646c
TL		 55libpve-access-control (7.0-4) bullseye; urgency=medium
56
57 * realm: add OpenID configuration
58
59 * api: implement OpenID related endpoints
60
61 * implement opt-in OpenID autocreate user feature
62
63 * api: user: add 'realm-type' to user list response
64
65 -- Proxmox Support Team <support@proxmox.com> Fri, 02 Jul 2021 13:45:46 +0200
66
7a4c4fd8
TL		 67libpve-access-control (7.0-3) bullseye; urgency=medium
68
69 * api: acl: add missing `/access/realm/<realm>`, `/access/group/<group>` and
70 `/sdn/zones/<zone>` to allowed ACL paths
71
72 -- Proxmox Support Team <support@proxmox.com> Mon, 21 Jun 2021 10:31:19 +0200
73
0902a936
FG		 74libpve-access-control (7.0-2) bullseye; urgency=medium
75
76 * fix #3402: add Pool.Audit privilege - custom roles containing
77 Pool.Allocate must be updated to include the new privilege.
78
79 -- Proxmox Support Team <support@proxmox.com> Tue, 1 Jun 2021 11:28:38 +0200
80
67febb69
TL		 81libpve-access-control (7.0-1) bullseye; urgency=medium
82
83 * re-build for Debian 11 Bullseye based releases
84
85 -- Proxmox Support Team <support@proxmox.com> Sun, 09 May 2021 18:18:23 +0200
86
2942ba41
TL		 87libpve-access-control (6.4-1) pve; urgency=medium
88
89 * fix #1670: change PAM service name to project specific name
90
91 * fix #1500: permission path syntax check for access control
92
93 * pveum: add resource pool CLI commands
94
95 -- Proxmox Support Team <support@proxmox.com> Sat, 24 Apr 2021 19:48:21 +0200
96
54d312f3
TL		 97libpve-access-control (6.1-3) pve; urgency=medium
98
99 * partially fix #2825: authkey: rotate if it was generated in the
100 future
101
102 * fix #2947: add an option to LDAP or AD realm to switch user lookup to case
103 insensitive
104
105 -- Proxmox Support Team <support@proxmox.com> Tue, 29 Sep 2020 08:54:13 +0200
106
6a9be12f
TL		 107libpve-access-control (6.1-2) pve; urgency=medium
108
109 * also check SDN permission path when computing coarse permissions heuristic
110 for UIs
111
112 * add SDN Permissions.Modify
113
114 * add VM.Config.Cloudinit
115
116 -- Proxmox Support Team <support@proxmox.com> Tue, 30 Jun 2020 13:06:56 +0200
117
e6624f50
TL		 118libpve-access-control (6.1-1) pve; urgency=medium
119
120 * pveum: add tfa delete subcommand for deleting user-TFA
121
122 * LDAP: don't complain about missing credentials on realm removal
123
124 * LDAP: skip anonymous bind when client certificate and key is configured
125
126 -- Proxmox Support Team <support@proxmox.com> Fri, 08 May 2020 17:47:41 +0200
127
8f4a522f
TL		 128libpve-access-control (6.0-7) pve; urgency=medium
129
130 * fix #2575: die when trying to edit built-in roles
131
132 * add realm sub commands to pveum CLI tool
133
134 * api: domains: add user group sync API enpoint
135
136 * allow one to sync and import users and groups from LDAP/AD based realms
137
138 * realm: add default-sync-options to config for more convenient sync configuration
139
140 * api: token create: return also full token id for convenience
141
142 -- Proxmox Support Team <support@proxmox.com> Sat, 25 Apr 2020 19:35:17 +0200
143
23059f35
TL		 144libpve-access-control (6.0-6) pve; urgency=medium
145
146 * API: add group members to group index
147
148 * implement API token support and management
149
150 * pveum: add 'pveum user token add/update/remove/list'
151
152 * pveum: add permissions sub-commands
153
154 * API: add 'permissions' API endpoint
155
156 * user.cfg: skip inexisting roles when parsing ACLs
157
158 -- Proxmox Support Team <support@proxmox.com> Wed, 29 Jan 2020 10:17:27 +0100
159
3dd692e9
TL		 160libpve-access-control (6.0-5) pve; urgency=medium
161
162 * pveum: add list command for users, groups, ACLs and roles
163
164 * add initial permissions for experimental SDN integration
165
166 -- Proxmox Support Team <support@proxmox.com> Tue, 26 Nov 2019 17:56:37 +0100
167
4ef92d0d
FG		 168libpve-access-control (6.0-4) pve; urgency=medium
169
170 * ticket: use clinfo to get cluster name
171
172 * ldaps: add sslversion configuration property to support TLS 1.1 to 1.3 as
173 SSL version
174
175 -- Proxmox Support Team <support@proxmox.com> Mon, 18 Nov 2019 11:55:11 +0100
176
6e5bbca4
TL		 177libpve-access-control (6.0-3) pve; urgency=medium
178
179 * fix #2433: increase possible TFA secret length
180
181 * parse user configuration: correctly parse group names in ACLs, for users
182 which begin their name with an @
183
184 * sort user.cfg entries alphabetically
185
186 -- Proxmox Support Team <support@proxmox.com> Tue, 29 Oct 2019 08:52:23 +0100
187
e073493c
TL		 188libpve-access-control (6.0-2) pve; urgency=medium
189
190 * improve CSRF verification compatibility with newer PVE
191
192 -- Proxmox Support Team <support@proxmox.com> Wed, 26 Jun 2019 20:24:35 +0200
193
a237dc2e
TL		 194libpve-access-control (6.0-1) pve; urgency=medium
195
196 * ticket: properly verify exactly 5 minute old tickets
197
198 * use hmac_sha256 instead of sha1 for CSRF token generation
199
200 -- Proxmox Support Team <support@proxmox.com> Mon, 24 Jun 2019 18:14:45 +0200
201
f1531f22
TL		 202libpve-access-control (6.0-0+1) pve; urgency=medium
203
204 * bump for Debian buster
205
206 * fix #2079: add periodic auth key rotation
207
208 -- Proxmox Support Team <support@proxmox.com> Tue, 21 May 2019 21:31:15 +0200
209
ef761f51
TL		 210libpve-access-control (5.1-10) unstable; urgency=medium
211
212 * add /access/user/{id}/tfa api call to get tfa types
213
214 -- Proxmox Support Team <support@proxmox.com> Wed, 15 May 2019 16:21:10 +0200
215
860ddcba
TL		 216libpve-access-control (5.1-9) unstable; urgency=medium
217
218 * store the tfa type in user.cfg allowing to get it without proxying the call
219 to a higher priviledged daemon.
220
221 * tfa: realm required TFA should lock out users without TFA configured, as it
222 was done before Proxmox VE 5.4
223
224 -- Proxmox Support Team <support@proxmox.com> Tue, 30 Apr 2019 14:01:00 +0000
225
9fbad012
TL		 226libpve-access-control (5.1-8) unstable; urgency=medium
227
228 * U2F: ensure we save correct public key on registration
229
230 -- Proxmox Support Team <support@proxmox.com> Tue, 09 Apr 2019 12:47:12 +0200
231
4473c96c
TL		 232libpve-access-control (5.1-7) unstable; urgency=medium
233
234 * verify_ticket: allow general non-challenge tfa to be run as two step
235 call
236
237 -- Proxmox Support Team <support@proxmox.com> Mon, 08 Apr 2019 16:56:14 +0200
238
a270d4e1
TL		 239libpve-access-control (5.1-6) unstable; urgency=medium
240
241 * more general 2FA configuration via priv/tfa.cfg
242
243 * add u2f api endpoints
244
245 * delete TFA entries when deleting a user
246
247 * allow users to change their TOTP settings
248
249 -- Proxmox Support Team <support@proxmox.com> Wed, 03 Apr 2019 13:40:26 +0200
250
374647e8
TL		 251libpve-access-control (5.1-5) unstable; urgency=medium
252
253 * fix vnc ticket verification without authkey lifetime
254
255 -- Proxmox Support Team <support@proxmox.com> Mon, 18 Mar 2019 10:43:17 +0100
256
7fb70c94
TL		 257libpve-access-control (5.1-4) unstable; urgency=medium
258
259 * fix #1891: Add zsh command completion for pveum
260
261 * ground work to fix #2079: add periodic auth key rotation. Not yet enabled
262 to avoid issues on upgrade, will be enabled with 6.0
263
264 -- Proxmox Support Team <support@proxmox.com> Mon, 18 Mar 2019 09:12:05 +0100
265
6e010cde
TL		 266libpve-access-control (5.1-3) unstable; urgency=medium
267
268 * api/ticket: move getting cluster name into an eval
269
270 -- Proxmox Support Team <support@proxmox.com> Thu, 29 Nov 2018 12:59:36 +0100
271
f5a9380a
TL		 272libpve-access-control (5.1-2) unstable; urgency=medium
273
274 * fix #1998: correct return properties for read_role
275
276 -- Proxmox Support Team <support@proxmox.com> Fri, 23 Nov 2018 14:22:40 +0100
277
b54b7474
TL		 278libpve-access-control (5.1-1) unstable; urgency=medium
279
280 * pveum: introduce sub-commands
281
282 * register userid with completion
283
284 * fix #233: return cluster name on successful login
285
286 -- Proxmox Support Team <support@proxmox.com> Thu, 15 Nov 2018 09:34:47 +0100
287
52192dd4
WB		 288libpve-access-control (5.0-8) unstable; urgency=medium
289
290 * fix #1612: ldap: make 2nd server work with bind domains again
291
292 * fix an error message where passing a bad pool id to an API function would
293 make it complain about a wrong group name instead
294
295 * fix the API-returned permission list so that the GUI knows to show the
296 'Permissions' tab for a storage to an administrator apart from root@pam
297
298 -- Proxmox Support Team <support@proxmox.com> Thu, 18 Jan 2018 13:34:50 +0100
299
3dadf8cf
FG		 300libpve-access-control (5.0-7) unstable; urgency=medium
301
302 * VM.Snapshot.Rollback privilege added
303
304 * api: check for special roles before locking the usercfg
305
306 * fix #1501: pveum: die when deleting special role
307
308 * API/ticket: rework coarse grained permission computation
309
310 -- Proxmox Support Team <support@proxmox.com> Thu, 5 Oct 2017 11:27:48 +0200
311
ec4141f4
WB		 312libpve-access-control (5.0-6) unstable; urgency=medium
313
314 * Close #1470: Add server ceritifcate verification for AD and LDAP via the
315 'verify' option. For compatibility reasons this defaults to off for now,
316 but that might change with future updates.
317
318 * AD, LDAP: Add ability to specify a CA path or file, and a client
319 certificate via the 'capath', 'cert' and 'certkey' options.
320
321 -- Proxmox Support Team <support@proxmox.com> Tue, 08 Aug 2017 11:56:38 +0200
322
63134bd4
DM		 323libpve-access-control (5.0-5) unstable; urgency=medium
324
325 * change from dpkg-deb to dpkg-buildpackage
326
327 -- Proxmox Support Team <support@proxmox.com> Thu, 22 Jun 2017 09:12:37 +0200
328
868fb1ea
DM		 329libpve-access-control (5.0-4) unstable; urgency=medium
330
331 * PVE/CLI/pveum.pm: call setup_default_cli_env()
332
333 * PVE/Auth/PVE.pm: encode uft8 password before calling crypt
334
335 * check_api2_permissions: avoid warning about uninitialized value
336
337 -- Proxmox Support Team <support@proxmox.com> Tue, 02 May 2017 11:58:15 +0200
338
63358f40
DM		 339libpve-access-control (5.0-3) unstable; urgency=medium
340
341 * use new PVE::OTP class from pve-common
342
343 * use new PVE::Tools::encrypt_pw from pve-common
344
345 -- Proxmox Support Team <support@proxmox.com> Thu, 30 Mar 2017 17:45:55 +0200
346
05fd50af
DM		 347libpve-access-control (5.0-2) unstable; urgency=medium
348
349 * encrypt_pw: avoid '+' for crypt salt
350
351 -- Proxmox Support Team <support@proxmox.com> Thu, 30 Mar 2017 08:54:10 +0200
352
0835385b
FG		 353libpve-access-control (5.0-1) unstable; urgency=medium
354
355 * rebuild for PVE 5.0
356
357 -- Proxmox Support Team <support@proxmox.com> Mon, 6 Mar 2017 13:42:01 +0100
358
730f8863
DM		 359libpve-access-control (4.0-23) unstable; urgency=medium
360
361 * use new PVE::Ticket class
362
363 -- Proxmox Support Team <support@proxmox.com> Thu, 19 Jan 2017 13:42:06 +0100
364
1f1c4593
DM		 365libpve-access-control (4.0-22) unstable; urgency=medium
366
367 * RPCEnvironment: removed check_volume_access() to avoid cyclic dependency
368 (moved to PVE::Storage)
369
370 * PVE::PCEnvironment: use new PVE::RESTEnvironment as base class
371
372 -- Proxmox Support Team <support@proxmox.com> Thu, 19 Jan 2017 09:12:04 +0100
373
f9105063
DM		 374libpve-access-control (4.0-21) unstable; urgency=medium
375
376 * setup_default_cli_env: expect $class as first parameter
377
378 -- Proxmox Support Team <support@proxmox.com> Thu, 12 Jan 2017 13:54:27 +0100
379
9595066e
DM		 380libpve-access-control (4.0-20) unstable; urgency=medium
381
382 * PVE/RPCEnvironment.pm: new function setup_default_cli_env
383
384 * PVE/API2/Domains.pm: fix property description
385
386 * use new repoman for upload target
387
388 -- Proxmox Support Team <support@proxmox.com> Wed, 11 Jan 2017 12:13:26 +0100
389
2af5a793
DM		 390libpve-access-control (4.0-19) unstable; urgency=medium
391
392 * Close #833: ldap: non-anonymous bind support
393
394 * don't import 'RFC' from MIME::Base32
395
396 -- Proxmox Support Team <support@proxmox.com> Fri, 05 Aug 2016 13:09:08 +0200
397
5d87bb77
WB		 398libpve-access-control (4.0-18) unstable; urgency=medium
399
400 * fix #1062: recognize base32 otp keys again
401
402 -- Proxmox Support Team <support@proxmox.com> Thu, 21 Jul 2016 08:43:18 +0200
403
28ddf48b
WB		 404libpve-access-control (4.0-17) unstable; urgency=medium
405
406 * drop oathtool and libdigest-hmac-perl dependencies
407
408 -- Proxmox Support Team <support@proxmox.com> Mon, 11 Jul 2016 12:03:22 +0200
409
15cebb28
DM		 410libpve-access-control (4.0-16) unstable; urgency=medium
411
412 * use pve-doc-generator to generate man pages
413
414 -- Proxmox Support Team <support@proxmox.com> Fri, 08 Apr 2016 07:06:05 +0200
415
678df887
DM		 416libpve-access-control (4.0-15) unstable; urgency=medium
417
418 * Fix uninitialized warning when shadow.cfg does not exist
419
420 -- Proxmox Support Team <support@proxmox.com> Fri, 01 Apr 2016 07:10:57 +0200
421
cca9761a
DM		 422libpve-access-control (4.0-14) unstable; urgency=medium
423
424 * Add is_worker to RPCEnvironment
425
426 -- Proxmox Support Team <support@proxmox.com> Tue, 15 Mar 2016 16:47:34 +0100
427
8643c99d
DM		 428libpve-access-control (4.0-13) unstable; urgency=medium
429
430 * fix #916: allow HTTPS to access custom yubico url
431
432 -- Proxmox Support Team <support@proxmox.com> Mon, 14 Mar 2016 11:39:23 +0100
433
ae2a6bf9
DM		 434libpve-access-control (4.0-12) unstable; urgency=medium
435
436 * Catch certificate errors instead of segfaulting
437
438 -- Proxmox Support Team <support@proxmox.com> Wed, 09 Mar 2016 14:41:01 +0100
439
4836db5f
DM		 440libpve-access-control (4.0-11) unstable; urgency=medium
441
442 * Fix #861: use safer sprintf formatting
443
444 -- Proxmox Support Team <support@proxmox.com> Fri, 08 Jan 2016 12:52:39 +0100
445
ccbe23dc
DM		 446libpve-access-control (4.0-10) unstable; urgency=medium
447
448 * Auth::LDAP, Auth::AD: ipv6 support
449
450 -- Proxmox Support Team <support@proxmox.com> Thu, 03 Dec 2015 12:09:32 +0100
451
90399ca4
DM		 452libpve-access-control (4.0-9) unstable; urgency=medium
453
454 * pveum: implement bash completion
455
456 -- Proxmox Support Team <support@proxmox.com> Thu, 01 Oct 2015 17:22:52 +0200
457
364ffc13
DM		 458libpve-access-control (4.0-8) unstable; urgency=medium
459
460 * remove_storage_access: cleanup of access permissions for removed storage
461
462 -- Proxmox Support Team <support@proxmox.com> Wed, 19 Aug 2015 15:39:15 +0200
463
7c26cb4a
DM		 464libpve-access-control (4.0-7) unstable; urgency=medium
465
466 * new helper to remove access permissions for removed VMs
467
468 -- Proxmox Support Team <support@proxmox.com> Fri, 14 Aug 2015 07:57:02 +0200
469
296afbd1
DM		 470libpve-access-control (4.0-6) unstable; urgency=medium
471
472 * improve parse_user_config, parse_shadow_config
473
474 -- Proxmox Support Team <support@proxmox.com> Mon, 27 Jul 2015 13:14:33 +0200
475
7d2df2ef
DM		 476libpve-access-control (4.0-5) unstable; urgency=medium
477
478 * pveum: check for $cmd being defined
479
480 -- Proxmox Support Team <support@proxmox.com> Wed, 10 Jun 2015 10:40:15 +0200
481
98a34e3f
DM		 482libpve-access-control (4.0-4) unstable; urgency=medium
483
484 * use activate-noawait triggers
485
486 -- Proxmox Support Team <support@proxmox.com> Mon, 01 Jun 2015 12:25:31 +0200
487
15462727
DM		 488libpve-access-control (4.0-3) unstable; urgency=medium
489
490 * IPv6 fixes
491
492 * non-root buildfix
493
494 -- Proxmox Support Team <support@proxmox.com> Wed, 27 May 2015 11:15:44 +0200
495
bbf4cc9a
DM		 496libpve-access-control (4.0-2) unstable; urgency=medium
497
498 * trigger pve-api-updates event
499
500 -- Proxmox Support Team <support@proxmox.com> Tue, 05 May 2015 15:06:38 +0200
501
dfbcf6d3
DM		 502libpve-access-control (4.0-1) unstable; urgency=medium
503
504 * bump version for Debian Jessie
505
506 -- Proxmox Support Team <support@proxmox.com> Thu, 26 Feb 2015 11:22:01 +0100
507
94971b3a
DM		 508libpve-access-control (3.0-16) unstable; urgency=low
509
510 * root@pam can now be disabled in GUI.
511
512 -- Proxmox Support Team <support@proxmox.com> Fri, 30 Jan 2015 06:20:22 +0100
513
7b17c7cb
DM		 514libpve-access-control (3.0-15) unstable; urgency=low
515
516 * oath: add 'step' and 'digits' option
517
518 -- Proxmox Support Team <support@proxmox.com> Wed, 23 Jul 2014 06:59:52 +0200
519
1abc2c0a
DM		 520libpve-access-control (3.0-14) unstable; urgency=low
521
522 * add oath two factor auth
523
524 * add oathkeygen binary to generate keys for oath
525
526 * add yubico two factor auth
527
528 * dedend on oathtool
529
530 * depend on libmime-base32-perl
30be0de9
DM		 531
532 * allow to write builtin auth domains config (comment/tfa/default)
1abc2c0a
DM		 533
534 -- Proxmox Support Team <support@proxmox.com> Thu, 17 Jul 2014 13:09:56 +0200
535
298450ab
DM		 536libpve-access-control (3.0-13) unstable; urgency=low
537
538 * use correct connection string for AD auth
539
540 -- Proxmox Support Team <support@proxmox.com> Thu, 22 May 2014 07:16:09 +0200
541
396034e4
DM		 542libpve-access-control (3.0-12) unstable; urgency=low
543
544 * add dummy API for GET /access/ticket (useful to generate login pages)
545
546 -- Proxmox Support Team <support@proxmox.com> Wed, 30 Apr 2014 14:47:56 +0200
547
26361123
DM		 548libpve-access-control (3.0-11) unstable; urgency=low
549
550 * Sets common hot keys for spice client
551
552 -- Proxmox Support Team <support@proxmox.com> Fri, 31 Jan 2014 10:24:28 +0100
553
3643383d
DM		 554libpve-access-control (3.0-10) unstable; urgency=low
555
556 * implement helper to generate SPICE remote-viewer configuration
557
558 * depend on libnet-ssleay-perl
559
560 -- Proxmox Support Team <support@proxmox.com> Tue, 10 Dec 2013 10:45:08 +0100
561
0baedcf7
DM		 562libpve-access-control (3.0-9) unstable; urgency=low
563
564 * prevent user enumeration attacks
e4f8fc2e
DM		 565
566 * allow dots in access paths
0baedcf7
DM		 567
568 -- Proxmox Support Team <support@proxmox.com> Mon, 18 Nov 2013 09:06:38 +0100
569
d4b63eae
DM		 570libpve-access-control (3.0-8) unstable; urgency=low
571
572 * spice: use lowercase hostname in ticktet signature
573
574 -- Proxmox Support Team <support@proxmox.com> Mon, 28 Oct 2013 08:11:57 +0100
575
49594944
DM		 576libpve-access-control (3.0-7) unstable; urgency=low
577
578 * check_volume_access : use parse_volname instead of path, and remove
579 path related code.
7c410d63
DM		 580
581 * use warnings instead of global -w flag.
49594944
DM		 582
583 -- Proxmox Support Team <support@proxmox.com> Tue, 01 Oct 2013 12:35:53 +0200
584
fe7de5d0
DM		 585libpve-access-control (3.0-6) unstable; urgency=low
586
587 * use shorter spiceproxy tickets
588
589 -- Proxmox Support Team <support@proxmox.com> Fri, 19 Jul 2013 12:39:09 +0200
590
4cdd9507
DM		 591libpve-access-control (3.0-5) unstable; urgency=low
592
593 * add code to generate tickets for SPICE
594
595 -- Proxmox Support Team <support@proxmox.com> Wed, 26 Jun 2013 13:08:32 +0200
596
677f9ab0
DM		 597libpve-access-control (3.0-4) unstable; urgency=low
598
599 * moved add_vm_to_pool/remove_vm_from_pool from qemu-server
600
601 -- Proxmox Support Team <support@proxmox.com> Tue, 14 May 2013 11:56:54 +0200
602
139a8ecf
DM		 603libpve-access-control (3.0-3) unstable; urgency=low
604
7b395f99 605 * Add new role PVETemplateUser (and VM.Clone priviledge)
139a8ecf
DM		 606
607 -- Proxmox Support Team <support@proxmox.com> Mon, 29 Apr 2013 11:42:15 +0200
608
b78ce7c2
DM		 609libpve-access-control (3.0-2) unstable; urgency=low
610
611 * remove CGI.pm related code (pveproxy does not need that)
612
613 -- Proxmox Support Team <support@proxmox.com> Mon, 15 Apr 2013 12:34:23 +0200
614
786820f9
DM		 615libpve-access-control (3.0-1) unstable; urgency=low
616
617 * bump version for wheezy release
618
619 -- Proxmox Support Team <support@proxmox.com> Fri, 15 Mar 2013 08:07:06 +0100
620
e5ae5487
DM		 621libpve-access-control (1.0-26) unstable; urgency=low
622
623 * check_volume_access: fix access permissions for backup files
624
625 -- Proxmox Support Team <support@proxmox.com> Thu, 28 Feb 2013 10:00:14 +0100
626
e3e6510c
DM		 627libpve-access-control (1.0-25) unstable; urgency=low
628
629 * add VM.Snapshot permission
630
631 -- Proxmox Support Team <support@proxmox.com> Mon, 10 Sep 2012 09:23:32 +0200
632
1e15ebe7
DM		 633libpve-access-control (1.0-24) unstable; urgency=low
634
635 * untaint path (allow root to restore arbitrary paths)
636
637 -- Proxmox Support Team <support@proxmox.com> Wed, 06 Jun 2012 13:06:34 +0200
638
437be042
DM		 639libpve-access-control (1.0-23) unstable; urgency=low
640
641 * correctly compute GUI capabilities (consider pools)
642
643 -- Proxmox Support Team <support@proxmox.com> Wed, 30 May 2012 08:47:23 +0200
644
5bb4e06a
DM		 645libpve-access-control (1.0-22) unstable; urgency=low
646
647 * new plugin architecture for Auth modules, minor API change for Auth
648 domains (new 'delete' parameter)
649
650 -- Proxmox Support Team <support@proxmox.com> Wed, 16 May 2012 07:21:44 +0200
651
3030a176
DM		 652libpve-access-control (1.0-21) unstable; urgency=low
653
654 * do not allow user names including slash
655
656 -- Proxmox Support Team <support@proxmox.com> Tue, 24 Apr 2012 10:07:47 +0200
657
658libpve-access-control (1.0-20) unstable; urgency=low
659
660 * add ability to fork cli workers in background
661
662 -- Proxmox Support Team <support@proxmox.com> Wed, 18 Apr 2012 08:28:20 +0200
663
dd2cfee0
DM		 664libpve-access-control (1.0-19) unstable; urgency=low
665
666 * return set of privileges on login - can be used to adopt GUI
667
668 -- Proxmox Support Team <support@proxmox.com> Tue, 17 Apr 2012 10:25:10 +0200
669
1cf154b7
DM		 670libpve-access-control (1.0-18) unstable; urgency=low
671
533219a1
DM		 672 * fix bug #151: corretly parse username inside ticket
673
674 * fix bug #152: allow user to change his own password
1cf154b7
DM		 675
676 -- Proxmox Support Team <support@proxmox.com> Wed, 11 Apr 2012 09:40:15 +0200
677
2de14407
DM		 678libpve-access-control (1.0-17) unstable; urgency=low
679
680 * set propagate flag by default
681
682 -- Proxmox Support Team <support@proxmox.com> Thu, 01 Mar 2012 12:40:19 +0100
683
bdc61d7a
DM		 684libpve-access-control (1.0-16) unstable; urgency=low
685
686 * add 'pveum passwd' method
687
688 -- Proxmox Support Team <support@proxmox.com> Thu, 23 Feb 2012 12:05:25 +0100
689
cc7bdf33
DM		 690libpve-access-control (1.0-15) unstable; urgency=low
691
692 * Add VM.Config.CDROM privilege to PVEVMUser rule
693
694 -- Proxmox Support Team <support@proxmox.com> Wed, 22 Feb 2012 11:44:23 +0100
695
a69bbe2e
DM		 696libpve-access-control (1.0-14) unstable; urgency=low
697
698 * fix buf in userid-param permission check
699
700 -- Proxmox Support Team <support@proxmox.com> Wed, 22 Feb 2012 10:52:35 +0100
701
d9483d94
DM		 702libpve-access-control (1.0-13) unstable; urgency=low
703
704 * allow more characters in ldap base_dn attribute
705
706 -- Proxmox Support Team <support@proxmox.com> Wed, 22 Feb 2012 06:17:02 +0100
707
84619607
DM		 708libpve-access-control (1.0-12) unstable; urgency=low
709
710 * allow more characters with realm IDs
711
712 -- Proxmox Support Team <support@proxmox.com> Mon, 20 Feb 2012 08:50:33 +0100
713
09d27058
DM		 714libpve-access-control (1.0-11) unstable; urgency=low
715
716 * fix bug in exec_api2_perm_check
717
718 -- Proxmox Support Team <support@proxmox.com> Wed, 15 Feb 2012 07:06:30 +0100
719
7a4c849e
DM		 720libpve-access-control (1.0-10) unstable; urgency=low
721
722 * fix ACL group name parser
723
724 * changed 'pveum aclmod' command line arguments
725
726 -- Proxmox Support Team <support@proxmox.com> Tue, 14 Feb 2012 12:08:02 +0100
727
3eac4e35
DM		 728libpve-access-control (1.0-9) unstable; urgency=low
729
730 * fix bug in check_volume_access (fixes vzrestore)
731
732 -- Proxmox Support Team <support@proxmox.com> Mon, 13 Feb 2012 09:56:37 +0100
733
4384e19e
DM		 734libpve-access-control (1.0-8) unstable; urgency=low
735
736 * fix return value for empty ACL list.
737
738 -- Proxmox Support Team <support@proxmox.com> Fri, 10 Feb 2012 11:25:04 +0100
739
d8a56966
DM		 740libpve-access-control (1.0-7) unstable; urgency=low
741
742 * fix bug #85: allow root@pam to generate tickets for other users
743
744 -- Proxmox Support Team <support@proxmox.com> Tue, 17 Jan 2012 06:40:18 +0100
745
cb6f2f93
DM		 746libpve-access-control (1.0-6) unstable; urgency=low
747
748 * API change: allow to filter enabled/disabled users.
749
750 -- Proxmox Support Team <support@proxmox.com> Wed, 11 Jan 2012 12:30:37 +0100
751
272fe9ff
DM		 752libpve-access-control (1.0-5) unstable; urgency=low
753
754 * add a way to return file changes (diffs): set_result_changes()
755
756 -- Proxmox Support Team <support@proxmox.com> Tue, 20 Dec 2011 11:18:48 +0100
757
e42eedbc
DM		 758libpve-access-control (1.0-4) unstable; urgency=low
759
760 * new environment type for ha agents
761
762 -- Proxmox Support Team <support@proxmox.com> Tue, 13 Dec 2011 10:08:53 +0100
763
1fba27e0
DM		 764libpve-access-control (1.0-3) unstable; urgency=low
765
766 * add support for delayed parameter parsing - We need that to disable
767 file upload for normal API request (avoid DOS attacs)
768
769 -- Proxmox Support Team <support@proxmox.com> Fri, 02 Dec 2011 09:56:10 +0100
770
5bf71a96
DM		 771libpve-access-control (1.0-2) unstable; urgency=low
772
773 * fix bug in fork_worker
774
775 -- Proxmox Support Team <support@proxmox.com> Tue, 11 Oct 2011 08:37:05 +0200
776
2c3a6c0a
DM		 777libpve-access-control (1.0-1) unstable; urgency=low
778
779 * allow '-' in permission paths
780
781 * bump version to 1.0
782
783 -- Proxmox Support Team <support@proxmox.com> Mon, 27 Jun 2011 13:51:48 +0200
784
785libpve-access-control (0.1) unstable; urgency=low
786
787 * first dummy package - no functionality
788
789 -- Proxmox Support Team <support@proxmox.com> Thu, 09 Jul 2009 16:03:00 +0200
790
Access control framework