]> git.proxmox.com Git - pve-access-control.git/blame - debian/changelog
projects / pve-access-control.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
fix user deletion when realm does not enforce TFA
[pve-access-control.git] / debian / changelog
CommitLineData
52da88a8
TL		 1libpve-access-control (7.0-5) bullseye; urgency=medium
2
3 * acl: check path: add /sdn/vnets/* path
4
5 * fix #2302: allow deletion of users when realm enforces TFA
6
7 * api: delete user: disable user first to avoid surprise on error during the
8 various cleanup action required for user deletion (e.g., TFA, ACL, group)
9
10 -- Proxmox Support Team <support@proxmox.com> Mon, 27 Sep 2021 15:50:47 +0200
11
543d646c
TL		 12libpve-access-control (7.0-4) bullseye; urgency=medium
13
14 * realm: add OpenID configuration
15
16 * api: implement OpenID related endpoints
17
18 * implement opt-in OpenID autocreate user feature
19
20 * api: user: add 'realm-type' to user list response
21
22 -- Proxmox Support Team <support@proxmox.com> Fri, 02 Jul 2021 13:45:46 +0200
23
7a4c4fd8
TL		 24libpve-access-control (7.0-3) bullseye; urgency=medium
25
26 * api: acl: add missing `/access/realm/<realm>`, `/access/group/<group>` and
27 `/sdn/zones/<zone>` to allowed ACL paths
28
29 -- Proxmox Support Team <support@proxmox.com> Mon, 21 Jun 2021 10:31:19 +0200
30
0902a936
FG		 31libpve-access-control (7.0-2) bullseye; urgency=medium
32
33 * fix #3402: add Pool.Audit privilege - custom roles containing
34 Pool.Allocate must be updated to include the new privilege.
35
36 -- Proxmox Support Team <support@proxmox.com> Tue, 1 Jun 2021 11:28:38 +0200
37
67febb69
TL		 38libpve-access-control (7.0-1) bullseye; urgency=medium
39
40 * re-build for Debian 11 Bullseye based releases
41
42 -- Proxmox Support Team <support@proxmox.com> Sun, 09 May 2021 18:18:23 +0200
43
2942ba41
TL		 44libpve-access-control (6.4-1) pve; urgency=medium
45
46 * fix #1670: change PAM service name to project specific name
47
48 * fix #1500: permission path syntax check for access control
49
50 * pveum: add resource pool CLI commands
51
52 -- Proxmox Support Team <support@proxmox.com> Sat, 24 Apr 2021 19:48:21 +0200
53
54d312f3
TL		 54libpve-access-control (6.1-3) pve; urgency=medium
55
56 * partially fix #2825: authkey: rotate if it was generated in the
57 future
58
59 * fix #2947: add an option to LDAP or AD realm to switch user lookup to case
60 insensitive
61
62 -- Proxmox Support Team <support@proxmox.com> Tue, 29 Sep 2020 08:54:13 +0200
63
6a9be12f
TL		 64libpve-access-control (6.1-2) pve; urgency=medium
65
66 * also check SDN permission path when computing coarse permissions heuristic
67 for UIs
68
69 * add SDN Permissions.Modify
70
71 * add VM.Config.Cloudinit
72
73 -- Proxmox Support Team <support@proxmox.com> Tue, 30 Jun 2020 13:06:56 +0200
74
e6624f50
TL		 75libpve-access-control (6.1-1) pve; urgency=medium
76
77 * pveum: add tfa delete subcommand for deleting user-TFA
78
79 * LDAP: don't complain about missing credentials on realm removal
80
81 * LDAP: skip anonymous bind when client certificate and key is configured
82
83 -- Proxmox Support Team <support@proxmox.com> Fri, 08 May 2020 17:47:41 +0200
84
8f4a522f
TL		 85libpve-access-control (6.0-7) pve; urgency=medium
86
87 * fix #2575: die when trying to edit built-in roles
88
89 * add realm sub commands to pveum CLI tool
90
91 * api: domains: add user group sync API enpoint
92
93 * allow one to sync and import users and groups from LDAP/AD based realms
94
95 * realm: add default-sync-options to config for more convenient sync configuration
96
97 * api: token create: return also full token id for convenience
98
99 -- Proxmox Support Team <support@proxmox.com> Sat, 25 Apr 2020 19:35:17 +0200
100
23059f35
TL		 101libpve-access-control (6.0-6) pve; urgency=medium
102
103 * API: add group members to group index
104
105 * implement API token support and management
106
107 * pveum: add 'pveum user token add/update/remove/list'
108
109 * pveum: add permissions sub-commands
110
111 * API: add 'permissions' API endpoint
112
113 * user.cfg: skip inexisting roles when parsing ACLs
114
115 -- Proxmox Support Team <support@proxmox.com> Wed, 29 Jan 2020 10:17:27 +0100
116
3dd692e9
TL		 117libpve-access-control (6.0-5) pve; urgency=medium
118
119 * pveum: add list command for users, groups, ACLs and roles
120
121 * add initial permissions for experimental SDN integration
122
123 -- Proxmox Support Team <support@proxmox.com> Tue, 26 Nov 2019 17:56:37 +0100
124
4ef92d0d
FG		 125libpve-access-control (6.0-4) pve; urgency=medium
126
127 * ticket: use clinfo to get cluster name
128
129 * ldaps: add sslversion configuration property to support TLS 1.1 to 1.3 as
130 SSL version
131
132 -- Proxmox Support Team <support@proxmox.com> Mon, 18 Nov 2019 11:55:11 +0100
133
6e5bbca4
TL		 134libpve-access-control (6.0-3) pve; urgency=medium
135
136 * fix #2433: increase possible TFA secret length
137
138 * parse user configuration: correctly parse group names in ACLs, for users
139 which begin their name with an @
140
141 * sort user.cfg entries alphabetically
142
143 -- Proxmox Support Team <support@proxmox.com> Tue, 29 Oct 2019 08:52:23 +0100
144
e073493c
TL		 145libpve-access-control (6.0-2) pve; urgency=medium
146
147 * improve CSRF verification compatibility with newer PVE
148
149 -- Proxmox Support Team <support@proxmox.com> Wed, 26 Jun 2019 20:24:35 +0200
150
a237dc2e
TL		 151libpve-access-control (6.0-1) pve; urgency=medium
152
153 * ticket: properly verify exactly 5 minute old tickets
154
155 * use hmac_sha256 instead of sha1 for CSRF token generation
156
157 -- Proxmox Support Team <support@proxmox.com> Mon, 24 Jun 2019 18:14:45 +0200
158
f1531f22
TL		 159libpve-access-control (6.0-0+1) pve; urgency=medium
160
161 * bump for Debian buster
162
163 * fix #2079: add periodic auth key rotation
164
165 -- Proxmox Support Team <support@proxmox.com> Tue, 21 May 2019 21:31:15 +0200
166
ef761f51
TL		 167libpve-access-control (5.1-10) unstable; urgency=medium
168
169 * add /access/user/{id}/tfa api call to get tfa types
170
171 -- Proxmox Support Team <support@proxmox.com> Wed, 15 May 2019 16:21:10 +0200
172
860ddcba
TL		 173libpve-access-control (5.1-9) unstable; urgency=medium
174
175 * store the tfa type in user.cfg allowing to get it without proxying the call
176 to a higher priviledged daemon.
177
178 * tfa: realm required TFA should lock out users without TFA configured, as it
179 was done before Proxmox VE 5.4
180
181 -- Proxmox Support Team <support@proxmox.com> Tue, 30 Apr 2019 14:01:00 +0000
182
9fbad012
TL		 183libpve-access-control (5.1-8) unstable; urgency=medium
184
185 * U2F: ensure we save correct public key on registration
186
187 -- Proxmox Support Team <support@proxmox.com> Tue, 09 Apr 2019 12:47:12 +0200
188
4473c96c
TL		 189libpve-access-control (5.1-7) unstable; urgency=medium
190
191 * verify_ticket: allow general non-challenge tfa to be run as two step
192 call
193
194 -- Proxmox Support Team <support@proxmox.com> Mon, 08 Apr 2019 16:56:14 +0200
195
a270d4e1
TL		 196libpve-access-control (5.1-6) unstable; urgency=medium
197
198 * more general 2FA configuration via priv/tfa.cfg
199
200 * add u2f api endpoints
201
202 * delete TFA entries when deleting a user
203
204 * allow users to change their TOTP settings
205
206 -- Proxmox Support Team <support@proxmox.com> Wed, 03 Apr 2019 13:40:26 +0200
207
374647e8
TL		 208libpve-access-control (5.1-5) unstable; urgency=medium
209
210 * fix vnc ticket verification without authkey lifetime
211
212 -- Proxmox Support Team <support@proxmox.com> Mon, 18 Mar 2019 10:43:17 +0100
213
7fb70c94
TL		 214libpve-access-control (5.1-4) unstable; urgency=medium
215
216 * fix #1891: Add zsh command completion for pveum
217
218 * ground work to fix #2079: add periodic auth key rotation. Not yet enabled
219 to avoid issues on upgrade, will be enabled with 6.0
220
221 -- Proxmox Support Team <support@proxmox.com> Mon, 18 Mar 2019 09:12:05 +0100
222
6e010cde
TL		 223libpve-access-control (5.1-3) unstable; urgency=medium
224
225 * api/ticket: move getting cluster name into an eval
226
227 -- Proxmox Support Team <support@proxmox.com> Thu, 29 Nov 2018 12:59:36 +0100
228
f5a9380a
TL		 229libpve-access-control (5.1-2) unstable; urgency=medium
230
231 * fix #1998: correct return properties for read_role
232
233 -- Proxmox Support Team <support@proxmox.com> Fri, 23 Nov 2018 14:22:40 +0100
234
b54b7474
TL		 235libpve-access-control (5.1-1) unstable; urgency=medium
236
237 * pveum: introduce sub-commands
238
239 * register userid with completion
240
241 * fix #233: return cluster name on successful login
242
243 -- Proxmox Support Team <support@proxmox.com> Thu, 15 Nov 2018 09:34:47 +0100
244
52192dd4
WB		 245libpve-access-control (5.0-8) unstable; urgency=medium
246
247 * fix #1612: ldap: make 2nd server work with bind domains again
248
249 * fix an error message where passing a bad pool id to an API function would
250 make it complain about a wrong group name instead
251
252 * fix the API-returned permission list so that the GUI knows to show the
253 'Permissions' tab for a storage to an administrator apart from root@pam
254
255 -- Proxmox Support Team <support@proxmox.com> Thu, 18 Jan 2018 13:34:50 +0100
256
3dadf8cf
FG		 257libpve-access-control (5.0-7) unstable; urgency=medium
258
259 * VM.Snapshot.Rollback privilege added
260
261 * api: check for special roles before locking the usercfg
262
263 * fix #1501: pveum: die when deleting special role
264
265 * API/ticket: rework coarse grained permission computation
266
267 -- Proxmox Support Team <support@proxmox.com> Thu, 5 Oct 2017 11:27:48 +0200
268
ec4141f4
WB		 269libpve-access-control (5.0-6) unstable; urgency=medium
270
271 * Close #1470: Add server ceritifcate verification for AD and LDAP via the
272 'verify' option. For compatibility reasons this defaults to off for now,
273 but that might change with future updates.
274
275 * AD, LDAP: Add ability to specify a CA path or file, and a client
276 certificate via the 'capath', 'cert' and 'certkey' options.
277
278 -- Proxmox Support Team <support@proxmox.com> Tue, 08 Aug 2017 11:56:38 +0200
279
63134bd4
DM		 280libpve-access-control (5.0-5) unstable; urgency=medium
281
282 * change from dpkg-deb to dpkg-buildpackage
283
284 -- Proxmox Support Team <support@proxmox.com> Thu, 22 Jun 2017 09:12:37 +0200
285
868fb1ea
DM		 286libpve-access-control (5.0-4) unstable; urgency=medium
287
288 * PVE/CLI/pveum.pm: call setup_default_cli_env()
289
290 * PVE/Auth/PVE.pm: encode uft8 password before calling crypt
291
292 * check_api2_permissions: avoid warning about uninitialized value
293
294 -- Proxmox Support Team <support@proxmox.com> Tue, 02 May 2017 11:58:15 +0200
295
63358f40
DM		 296libpve-access-control (5.0-3) unstable; urgency=medium
297
298 * use new PVE::OTP class from pve-common
299
300 * use new PVE::Tools::encrypt_pw from pve-common
301
302 -- Proxmox Support Team <support@proxmox.com> Thu, 30 Mar 2017 17:45:55 +0200
303
05fd50af
DM		 304libpve-access-control (5.0-2) unstable; urgency=medium
305
306 * encrypt_pw: avoid '+' for crypt salt
307
308 -- Proxmox Support Team <support@proxmox.com> Thu, 30 Mar 2017 08:54:10 +0200
309
0835385b
FG		 310libpve-access-control (5.0-1) unstable; urgency=medium
311
312 * rebuild for PVE 5.0
313
314 -- Proxmox Support Team <support@proxmox.com> Mon, 6 Mar 2017 13:42:01 +0100
315
730f8863
DM		 316libpve-access-control (4.0-23) unstable; urgency=medium
317
318 * use new PVE::Ticket class
319
320 -- Proxmox Support Team <support@proxmox.com> Thu, 19 Jan 2017 13:42:06 +0100
321
1f1c4593
DM		 322libpve-access-control (4.0-22) unstable; urgency=medium
323
324 * RPCEnvironment: removed check_volume_access() to avoid cyclic dependency
325 (moved to PVE::Storage)
326
327 * PVE::PCEnvironment: use new PVE::RESTEnvironment as base class
328
329 -- Proxmox Support Team <support@proxmox.com> Thu, 19 Jan 2017 09:12:04 +0100
330
f9105063
DM		 331libpve-access-control (4.0-21) unstable; urgency=medium
332
333 * setup_default_cli_env: expect $class as first parameter
334
335 -- Proxmox Support Team <support@proxmox.com> Thu, 12 Jan 2017 13:54:27 +0100
336
9595066e
DM		 337libpve-access-control (4.0-20) unstable; urgency=medium
338
339 * PVE/RPCEnvironment.pm: new function setup_default_cli_env
340
341 * PVE/API2/Domains.pm: fix property description
342
343 * use new repoman for upload target
344
345 -- Proxmox Support Team <support@proxmox.com> Wed, 11 Jan 2017 12:13:26 +0100
346
2af5a793
DM		 347libpve-access-control (4.0-19) unstable; urgency=medium
348
349 * Close #833: ldap: non-anonymous bind support
350
351 * don't import 'RFC' from MIME::Base32
352
353 -- Proxmox Support Team <support@proxmox.com> Fri, 05 Aug 2016 13:09:08 +0200
354
5d87bb77
WB		 355libpve-access-control (4.0-18) unstable; urgency=medium
356
357 * fix #1062: recognize base32 otp keys again
358
359 -- Proxmox Support Team <support@proxmox.com> Thu, 21 Jul 2016 08:43:18 +0200
360
28ddf48b
WB		 361libpve-access-control (4.0-17) unstable; urgency=medium
362
363 * drop oathtool and libdigest-hmac-perl dependencies
364
365 -- Proxmox Support Team <support@proxmox.com> Mon, 11 Jul 2016 12:03:22 +0200
366
15cebb28
DM		 367libpve-access-control (4.0-16) unstable; urgency=medium
368
369 * use pve-doc-generator to generate man pages
370
371 -- Proxmox Support Team <support@proxmox.com> Fri, 08 Apr 2016 07:06:05 +0200
372
678df887
DM		 373libpve-access-control (4.0-15) unstable; urgency=medium
374
375 * Fix uninitialized warning when shadow.cfg does not exist
376
377 -- Proxmox Support Team <support@proxmox.com> Fri, 01 Apr 2016 07:10:57 +0200
378
cca9761a
DM		 379libpve-access-control (4.0-14) unstable; urgency=medium
380
381 * Add is_worker to RPCEnvironment
382
383 -- Proxmox Support Team <support@proxmox.com> Tue, 15 Mar 2016 16:47:34 +0100
384
8643c99d
DM		 385libpve-access-control (4.0-13) unstable; urgency=medium
386
387 * fix #916: allow HTTPS to access custom yubico url
388
389 -- Proxmox Support Team <support@proxmox.com> Mon, 14 Mar 2016 11:39:23 +0100
390
ae2a6bf9
DM		 391libpve-access-control (4.0-12) unstable; urgency=medium
392
393 * Catch certificate errors instead of segfaulting
394
395 -- Proxmox Support Team <support@proxmox.com> Wed, 09 Mar 2016 14:41:01 +0100
396
4836db5f
DM		 397libpve-access-control (4.0-11) unstable; urgency=medium
398
399 * Fix #861: use safer sprintf formatting
400
401 -- Proxmox Support Team <support@proxmox.com> Fri, 08 Jan 2016 12:52:39 +0100
402
ccbe23dc
DM		 403libpve-access-control (4.0-10) unstable; urgency=medium
404
405 * Auth::LDAP, Auth::AD: ipv6 support
406
407 -- Proxmox Support Team <support@proxmox.com> Thu, 03 Dec 2015 12:09:32 +0100
408
90399ca4
DM		 409libpve-access-control (4.0-9) unstable; urgency=medium
410
411 * pveum: implement bash completion
412
413 -- Proxmox Support Team <support@proxmox.com> Thu, 01 Oct 2015 17:22:52 +0200
414
364ffc13
DM		 415libpve-access-control (4.0-8) unstable; urgency=medium
416
417 * remove_storage_access: cleanup of access permissions for removed storage
418
419 -- Proxmox Support Team <support@proxmox.com> Wed, 19 Aug 2015 15:39:15 +0200
420
7c26cb4a
DM		 421libpve-access-control (4.0-7) unstable; urgency=medium
422
423 * new helper to remove access permissions for removed VMs
424
425 -- Proxmox Support Team <support@proxmox.com> Fri, 14 Aug 2015 07:57:02 +0200
426
296afbd1
DM		 427libpve-access-control (4.0-6) unstable; urgency=medium
428
429 * improve parse_user_config, parse_shadow_config
430
431 -- Proxmox Support Team <support@proxmox.com> Mon, 27 Jul 2015 13:14:33 +0200
432
7d2df2ef
DM		 433libpve-access-control (4.0-5) unstable; urgency=medium
434
435 * pveum: check for $cmd being defined
436
437 -- Proxmox Support Team <support@proxmox.com> Wed, 10 Jun 2015 10:40:15 +0200
438
98a34e3f
DM		 439libpve-access-control (4.0-4) unstable; urgency=medium
440
441 * use activate-noawait triggers
442
443 -- Proxmox Support Team <support@proxmox.com> Mon, 01 Jun 2015 12:25:31 +0200
444
15462727
DM		 445libpve-access-control (4.0-3) unstable; urgency=medium
446
447 * IPv6 fixes
448
449 * non-root buildfix
450
451 -- Proxmox Support Team <support@proxmox.com> Wed, 27 May 2015 11:15:44 +0200
452
bbf4cc9a
DM		 453libpve-access-control (4.0-2) unstable; urgency=medium
454
455 * trigger pve-api-updates event
456
457 -- Proxmox Support Team <support@proxmox.com> Tue, 05 May 2015 15:06:38 +0200
458
dfbcf6d3
DM		 459libpve-access-control (4.0-1) unstable; urgency=medium
460
461 * bump version for Debian Jessie
462
463 -- Proxmox Support Team <support@proxmox.com> Thu, 26 Feb 2015 11:22:01 +0100
464
94971b3a
DM		 465libpve-access-control (3.0-16) unstable; urgency=low
466
467 * root@pam can now be disabled in GUI.
468
469 -- Proxmox Support Team <support@proxmox.com> Fri, 30 Jan 2015 06:20:22 +0100
470
7b17c7cb
DM		 471libpve-access-control (3.0-15) unstable; urgency=low
472
473 * oath: add 'step' and 'digits' option
474
475 -- Proxmox Support Team <support@proxmox.com> Wed, 23 Jul 2014 06:59:52 +0200
476
1abc2c0a
DM		 477libpve-access-control (3.0-14) unstable; urgency=low
478
479 * add oath two factor auth
480
481 * add oathkeygen binary to generate keys for oath
482
483 * add yubico two factor auth
484
485 * dedend on oathtool
486
487 * depend on libmime-base32-perl
30be0de9
DM		 488
489 * allow to write builtin auth domains config (comment/tfa/default)
1abc2c0a
DM		 490
491 -- Proxmox Support Team <support@proxmox.com> Thu, 17 Jul 2014 13:09:56 +0200
492
298450ab
DM		 493libpve-access-control (3.0-13) unstable; urgency=low
494
495 * use correct connection string for AD auth
496
497 -- Proxmox Support Team <support@proxmox.com> Thu, 22 May 2014 07:16:09 +0200
498
396034e4
DM		 499libpve-access-control (3.0-12) unstable; urgency=low
500
501 * add dummy API for GET /access/ticket (useful to generate login pages)
502
503 -- Proxmox Support Team <support@proxmox.com> Wed, 30 Apr 2014 14:47:56 +0200
504
26361123
DM		 505libpve-access-control (3.0-11) unstable; urgency=low
506
507 * Sets common hot keys for spice client
508
509 -- Proxmox Support Team <support@proxmox.com> Fri, 31 Jan 2014 10:24:28 +0100
510
3643383d
DM		 511libpve-access-control (3.0-10) unstable; urgency=low
512
513 * implement helper to generate SPICE remote-viewer configuration
514
515 * depend on libnet-ssleay-perl
516
517 -- Proxmox Support Team <support@proxmox.com> Tue, 10 Dec 2013 10:45:08 +0100
518
0baedcf7
DM		 519libpve-access-control (3.0-9) unstable; urgency=low
520
521 * prevent user enumeration attacks
e4f8fc2e
DM		 522
523 * allow dots in access paths
0baedcf7
DM		 524
525 -- Proxmox Support Team <support@proxmox.com> Mon, 18 Nov 2013 09:06:38 +0100
526
d4b63eae
DM		 527libpve-access-control (3.0-8) unstable; urgency=low
528
529 * spice: use lowercase hostname in ticktet signature
530
531 -- Proxmox Support Team <support@proxmox.com> Mon, 28 Oct 2013 08:11:57 +0100
532
49594944
DM		 533libpve-access-control (3.0-7) unstable; urgency=low
534
535 * check_volume_access : use parse_volname instead of path, and remove
536 path related code.
7c410d63
DM		 537
538 * use warnings instead of global -w flag.
49594944
DM		 539
540 -- Proxmox Support Team <support@proxmox.com> Tue, 01 Oct 2013 12:35:53 +0200
541
fe7de5d0
DM		 542libpve-access-control (3.0-6) unstable; urgency=low
543
544 * use shorter spiceproxy tickets
545
546 -- Proxmox Support Team <support@proxmox.com> Fri, 19 Jul 2013 12:39:09 +0200
547
4cdd9507
DM		 548libpve-access-control (3.0-5) unstable; urgency=low
549
550 * add code to generate tickets for SPICE
551
552 -- Proxmox Support Team <support@proxmox.com> Wed, 26 Jun 2013 13:08:32 +0200
553
677f9ab0
DM		 554libpve-access-control (3.0-4) unstable; urgency=low
555
556 * moved add_vm_to_pool/remove_vm_from_pool from qemu-server
557
558 -- Proxmox Support Team <support@proxmox.com> Tue, 14 May 2013 11:56:54 +0200
559
139a8ecf
DM		 560libpve-access-control (3.0-3) unstable; urgency=low
561
7b395f99 562 * Add new role PVETemplateUser (and VM.Clone priviledge)
139a8ecf
DM		 563
564 -- Proxmox Support Team <support@proxmox.com> Mon, 29 Apr 2013 11:42:15 +0200
565
b78ce7c2
DM		 566libpve-access-control (3.0-2) unstable; urgency=low
567
568 * remove CGI.pm related code (pveproxy does not need that)
569
570 -- Proxmox Support Team <support@proxmox.com> Mon, 15 Apr 2013 12:34:23 +0200
571
786820f9
DM		 572libpve-access-control (3.0-1) unstable; urgency=low
573
574 * bump version for wheezy release
575
576 -- Proxmox Support Team <support@proxmox.com> Fri, 15 Mar 2013 08:07:06 +0100
577
e5ae5487
DM		 578libpve-access-control (1.0-26) unstable; urgency=low
579
580 * check_volume_access: fix access permissions for backup files
581
582 -- Proxmox Support Team <support@proxmox.com> Thu, 28 Feb 2013 10:00:14 +0100
583
e3e6510c
DM		 584libpve-access-control (1.0-25) unstable; urgency=low
585
586 * add VM.Snapshot permission
587
588 -- Proxmox Support Team <support@proxmox.com> Mon, 10 Sep 2012 09:23:32 +0200
589
1e15ebe7
DM		 590libpve-access-control (1.0-24) unstable; urgency=low
591
592 * untaint path (allow root to restore arbitrary paths)
593
594 -- Proxmox Support Team <support@proxmox.com> Wed, 06 Jun 2012 13:06:34 +0200
595
437be042
DM		 596libpve-access-control (1.0-23) unstable; urgency=low
597
598 * correctly compute GUI capabilities (consider pools)
599
600 -- Proxmox Support Team <support@proxmox.com> Wed, 30 May 2012 08:47:23 +0200
601
5bb4e06a
DM		 602libpve-access-control (1.0-22) unstable; urgency=low
603
604 * new plugin architecture for Auth modules, minor API change for Auth
605 domains (new 'delete' parameter)
606
607 -- Proxmox Support Team <support@proxmox.com> Wed, 16 May 2012 07:21:44 +0200
608
3030a176
DM		 609libpve-access-control (1.0-21) unstable; urgency=low
610
611 * do not allow user names including slash
612
613 -- Proxmox Support Team <support@proxmox.com> Tue, 24 Apr 2012 10:07:47 +0200
614
615libpve-access-control (1.0-20) unstable; urgency=low
616
617 * add ability to fork cli workers in background
618
619 -- Proxmox Support Team <support@proxmox.com> Wed, 18 Apr 2012 08:28:20 +0200
620
dd2cfee0
DM		 621libpve-access-control (1.0-19) unstable; urgency=low
622
623 * return set of privileges on login - can be used to adopt GUI
624
625 -- Proxmox Support Team <support@proxmox.com> Tue, 17 Apr 2012 10:25:10 +0200
626
1cf154b7
DM		 627libpve-access-control (1.0-18) unstable; urgency=low
628
533219a1
DM		 629 * fix bug #151: corretly parse username inside ticket
630
631 * fix bug #152: allow user to change his own password
1cf154b7
DM		 632
633 -- Proxmox Support Team <support@proxmox.com> Wed, 11 Apr 2012 09:40:15 +0200
634
2de14407
DM		 635libpve-access-control (1.0-17) unstable; urgency=low
636
637 * set propagate flag by default
638
639 -- Proxmox Support Team <support@proxmox.com> Thu, 01 Mar 2012 12:40:19 +0100
640
bdc61d7a
DM		 641libpve-access-control (1.0-16) unstable; urgency=low
642
643 * add 'pveum passwd' method
644
645 -- Proxmox Support Team <support@proxmox.com> Thu, 23 Feb 2012 12:05:25 +0100
646
cc7bdf33
DM		 647libpve-access-control (1.0-15) unstable; urgency=low
648
649 * Add VM.Config.CDROM privilege to PVEVMUser rule
650
651 -- Proxmox Support Team <support@proxmox.com> Wed, 22 Feb 2012 11:44:23 +0100
652
a69bbe2e
DM		 653libpve-access-control (1.0-14) unstable; urgency=low
654
655 * fix buf in userid-param permission check
656
657 -- Proxmox Support Team <support@proxmox.com> Wed, 22 Feb 2012 10:52:35 +0100
658
d9483d94
DM		 659libpve-access-control (1.0-13) unstable; urgency=low
660
661 * allow more characters in ldap base_dn attribute
662
663 -- Proxmox Support Team <support@proxmox.com> Wed, 22 Feb 2012 06:17:02 +0100
664
84619607
DM		 665libpve-access-control (1.0-12) unstable; urgency=low
666
667 * allow more characters with realm IDs
668
669 -- Proxmox Support Team <support@proxmox.com> Mon, 20 Feb 2012 08:50:33 +0100
670
09d27058
DM		 671libpve-access-control (1.0-11) unstable; urgency=low
672
673 * fix bug in exec_api2_perm_check
674
675 -- Proxmox Support Team <support@proxmox.com> Wed, 15 Feb 2012 07:06:30 +0100
676
7a4c849e
DM		 677libpve-access-control (1.0-10) unstable; urgency=low
678
679 * fix ACL group name parser
680
681 * changed 'pveum aclmod' command line arguments
682
683 -- Proxmox Support Team <support@proxmox.com> Tue, 14 Feb 2012 12:08:02 +0100
684
3eac4e35
DM		 685libpve-access-control (1.0-9) unstable; urgency=low
686
687 * fix bug in check_volume_access (fixes vzrestore)
688
689 -- Proxmox Support Team <support@proxmox.com> Mon, 13 Feb 2012 09:56:37 +0100
690
4384e19e
DM		 691libpve-access-control (1.0-8) unstable; urgency=low
692
693 * fix return value for empty ACL list.
694
695 -- Proxmox Support Team <support@proxmox.com> Fri, 10 Feb 2012 11:25:04 +0100
696
d8a56966
DM		 697libpve-access-control (1.0-7) unstable; urgency=low
698
699 * fix bug #85: allow root@pam to generate tickets for other users
700
701 -- Proxmox Support Team <support@proxmox.com> Tue, 17 Jan 2012 06:40:18 +0100
702
cb6f2f93
DM		 703libpve-access-control (1.0-6) unstable; urgency=low
704
705 * API change: allow to filter enabled/disabled users.
706
707 -- Proxmox Support Team <support@proxmox.com> Wed, 11 Jan 2012 12:30:37 +0100
708
272fe9ff
DM		 709libpve-access-control (1.0-5) unstable; urgency=low
710
711 * add a way to return file changes (diffs): set_result_changes()
712
713 -- Proxmox Support Team <support@proxmox.com> Tue, 20 Dec 2011 11:18:48 +0100
714
e42eedbc
DM		 715libpve-access-control (1.0-4) unstable; urgency=low
716
717 * new environment type for ha agents
718
719 -- Proxmox Support Team <support@proxmox.com> Tue, 13 Dec 2011 10:08:53 +0100
720
1fba27e0
DM		 721libpve-access-control (1.0-3) unstable; urgency=low
722
723 * add support for delayed parameter parsing - We need that to disable
724 file upload for normal API request (avoid DOS attacs)
725
726 -- Proxmox Support Team <support@proxmox.com> Fri, 02 Dec 2011 09:56:10 +0100
727
5bf71a96
DM		 728libpve-access-control (1.0-2) unstable; urgency=low
729
730 * fix bug in fork_worker
731
732 -- Proxmox Support Team <support@proxmox.com> Tue, 11 Oct 2011 08:37:05 +0200
733
2c3a6c0a
DM		 734libpve-access-control (1.0-1) unstable; urgency=low
735
736 * allow '-' in permission paths
737
738 * bump version to 1.0
739
740 -- Proxmox Support Team <support@proxmox.com> Mon, 27 Jun 2011 13:51:48 +0200
741
742libpve-access-control (0.1) unstable; urgency=low
743
744 * first dummy package - no functionality
745
746 -- Proxmox Support Team <support@proxmox.com> Thu, 09 Jul 2009 16:03:00 +0200
747
Access control framework