]> git.proxmox.com Git - pve-access-control.git/blame - debian/changelog
projects / pve-access-control.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
d/control: bump versioned dependency to libpve-rs-perl
[pve-access-control.git] / debian / changelog
CommitLineData
6f643e79
TL		 1libpve-access-control (7.1-2) bullseye; urgency=medium
2
3 * catch incompatible tfa entries with a nice error
4
5 -- Proxmox Support Team <support@proxmox.com> Wed, 17 Nov 2021 13:44:45 +0100
6
92bca71e
TL		 7libpve-access-control (7.1-1) bullseye; urgency=medium
8
9 * tfa: map HTTP 404 error in get_tfa_entry correctly
10
11 -- Proxmox Support Team <support@proxmox.com> Mon, 15 Nov 2021 15:33:22 +0100
12
1c9b6501
TL		 13libpve-access-control (7.0-7) bullseye; urgency=medium
14
15 * fix #3513: pass configured proxy to OpenID
16
17 * use rust based parser for TFA config
18
19 * use PBS-like auth api call flow,
20
21 * merge old user.cfg keys to tfa config when adding entries
22
23 * implement version checks for new tfa config writer to ensure all
24 cluster nodes are ready to avoid login issues
25
26 * tickets: add tunnel ticket
27
28 -- Proxmox Support Team <support@proxmox.com> Thu, 11 Nov 2021 18:17:49 +0100
29
cd46b379
TL		 30libpve-access-control (7.0-6) bullseye; urgency=medium
31
32 * fix regression in user deletion when realm does not enforce TFA
33
34 -- Proxmox Support Team <support@proxmox.com> Thu, 21 Oct 2021 12:28:52 +0200
35
52da88a8
TL		 36libpve-access-control (7.0-5) bullseye; urgency=medium
37
38 * acl: check path: add /sdn/vnets/* path
39
40 * fix #2302: allow deletion of users when realm enforces TFA
41
42 * api: delete user: disable user first to avoid surprise on error during the
43 various cleanup action required for user deletion (e.g., TFA, ACL, group)
44
45 -- Proxmox Support Team <support@proxmox.com> Mon, 27 Sep 2021 15:50:47 +0200
46
543d646c
TL		 47libpve-access-control (7.0-4) bullseye; urgency=medium
48
49 * realm: add OpenID configuration
50
51 * api: implement OpenID related endpoints
52
53 * implement opt-in OpenID autocreate user feature
54
55 * api: user: add 'realm-type' to user list response
56
57 -- Proxmox Support Team <support@proxmox.com> Fri, 02 Jul 2021 13:45:46 +0200
58
7a4c4fd8
TL		 59libpve-access-control (7.0-3) bullseye; urgency=medium
60
61 * api: acl: add missing `/access/realm/<realm>`, `/access/group/<group>` and
62 `/sdn/zones/<zone>` to allowed ACL paths
63
64 -- Proxmox Support Team <support@proxmox.com> Mon, 21 Jun 2021 10:31:19 +0200
65
0902a936
FG		 66libpve-access-control (7.0-2) bullseye; urgency=medium
67
68 * fix #3402: add Pool.Audit privilege - custom roles containing
69 Pool.Allocate must be updated to include the new privilege.
70
71 -- Proxmox Support Team <support@proxmox.com> Tue, 1 Jun 2021 11:28:38 +0200
72
67febb69
TL		 73libpve-access-control (7.0-1) bullseye; urgency=medium
74
75 * re-build for Debian 11 Bullseye based releases
76
77 -- Proxmox Support Team <support@proxmox.com> Sun, 09 May 2021 18:18:23 +0200
78
2942ba41
TL		 79libpve-access-control (6.4-1) pve; urgency=medium
80
81 * fix #1670: change PAM service name to project specific name
82
83 * fix #1500: permission path syntax check for access control
84
85 * pveum: add resource pool CLI commands
86
87 -- Proxmox Support Team <support@proxmox.com> Sat, 24 Apr 2021 19:48:21 +0200
88
54d312f3
TL		 89libpve-access-control (6.1-3) pve; urgency=medium
90
91 * partially fix #2825: authkey: rotate if it was generated in the
92 future
93
94 * fix #2947: add an option to LDAP or AD realm to switch user lookup to case
95 insensitive
96
97 -- Proxmox Support Team <support@proxmox.com> Tue, 29 Sep 2020 08:54:13 +0200
98
6a9be12f
TL		 99libpve-access-control (6.1-2) pve; urgency=medium
100
101 * also check SDN permission path when computing coarse permissions heuristic
102 for UIs
103
104 * add SDN Permissions.Modify
105
106 * add VM.Config.Cloudinit
107
108 -- Proxmox Support Team <support@proxmox.com> Tue, 30 Jun 2020 13:06:56 +0200
109
e6624f50
TL		 110libpve-access-control (6.1-1) pve; urgency=medium
111
112 * pveum: add tfa delete subcommand for deleting user-TFA
113
114 * LDAP: don't complain about missing credentials on realm removal
115
116 * LDAP: skip anonymous bind when client certificate and key is configured
117
118 -- Proxmox Support Team <support@proxmox.com> Fri, 08 May 2020 17:47:41 +0200
119
8f4a522f
TL		 120libpve-access-control (6.0-7) pve; urgency=medium
121
122 * fix #2575: die when trying to edit built-in roles
123
124 * add realm sub commands to pveum CLI tool
125
126 * api: domains: add user group sync API enpoint
127
128 * allow one to sync and import users and groups from LDAP/AD based realms
129
130 * realm: add default-sync-options to config for more convenient sync configuration
131
132 * api: token create: return also full token id for convenience
133
134 -- Proxmox Support Team <support@proxmox.com> Sat, 25 Apr 2020 19:35:17 +0200
135
23059f35
TL		 136libpve-access-control (6.0-6) pve; urgency=medium
137
138 * API: add group members to group index
139
140 * implement API token support and management
141
142 * pveum: add 'pveum user token add/update/remove/list'
143
144 * pveum: add permissions sub-commands
145
146 * API: add 'permissions' API endpoint
147
148 * user.cfg: skip inexisting roles when parsing ACLs
149
150 -- Proxmox Support Team <support@proxmox.com> Wed, 29 Jan 2020 10:17:27 +0100
151
3dd692e9
TL		 152libpve-access-control (6.0-5) pve; urgency=medium
153
154 * pveum: add list command for users, groups, ACLs and roles
155
156 * add initial permissions for experimental SDN integration
157
158 -- Proxmox Support Team <support@proxmox.com> Tue, 26 Nov 2019 17:56:37 +0100
159
4ef92d0d
FG		 160libpve-access-control (6.0-4) pve; urgency=medium
161
162 * ticket: use clinfo to get cluster name
163
164 * ldaps: add sslversion configuration property to support TLS 1.1 to 1.3 as
165 SSL version
166
167 -- Proxmox Support Team <support@proxmox.com> Mon, 18 Nov 2019 11:55:11 +0100
168
6e5bbca4
TL		 169libpve-access-control (6.0-3) pve; urgency=medium
170
171 * fix #2433: increase possible TFA secret length
172
173 * parse user configuration: correctly parse group names in ACLs, for users
174 which begin their name with an @
175
176 * sort user.cfg entries alphabetically
177
178 -- Proxmox Support Team <support@proxmox.com> Tue, 29 Oct 2019 08:52:23 +0100
179
e073493c
TL		 180libpve-access-control (6.0-2) pve; urgency=medium
181
182 * improve CSRF verification compatibility with newer PVE
183
184 -- Proxmox Support Team <support@proxmox.com> Wed, 26 Jun 2019 20:24:35 +0200
185
a237dc2e
TL		 186libpve-access-control (6.0-1) pve; urgency=medium
187
188 * ticket: properly verify exactly 5 minute old tickets
189
190 * use hmac_sha256 instead of sha1 for CSRF token generation
191
192 -- Proxmox Support Team <support@proxmox.com> Mon, 24 Jun 2019 18:14:45 +0200
193
f1531f22
TL		 194libpve-access-control (6.0-0+1) pve; urgency=medium
195
196 * bump for Debian buster
197
198 * fix #2079: add periodic auth key rotation
199
200 -- Proxmox Support Team <support@proxmox.com> Tue, 21 May 2019 21:31:15 +0200
201
ef761f51
TL		 202libpve-access-control (5.1-10) unstable; urgency=medium
203
204 * add /access/user/{id}/tfa api call to get tfa types
205
206 -- Proxmox Support Team <support@proxmox.com> Wed, 15 May 2019 16:21:10 +0200
207
860ddcba
TL		 208libpve-access-control (5.1-9) unstable; urgency=medium
209
210 * store the tfa type in user.cfg allowing to get it without proxying the call
211 to a higher priviledged daemon.
212
213 * tfa: realm required TFA should lock out users without TFA configured, as it
214 was done before Proxmox VE 5.4
215
216 -- Proxmox Support Team <support@proxmox.com> Tue, 30 Apr 2019 14:01:00 +0000
217
9fbad012
TL		 218libpve-access-control (5.1-8) unstable; urgency=medium
219
220 * U2F: ensure we save correct public key on registration
221
222 -- Proxmox Support Team <support@proxmox.com> Tue, 09 Apr 2019 12:47:12 +0200
223
4473c96c
TL		 224libpve-access-control (5.1-7) unstable; urgency=medium
225
226 * verify_ticket: allow general non-challenge tfa to be run as two step
227 call
228
229 -- Proxmox Support Team <support@proxmox.com> Mon, 08 Apr 2019 16:56:14 +0200
230
a270d4e1
TL		 231libpve-access-control (5.1-6) unstable; urgency=medium
232
233 * more general 2FA configuration via priv/tfa.cfg
234
235 * add u2f api endpoints
236
237 * delete TFA entries when deleting a user
238
239 * allow users to change their TOTP settings
240
241 -- Proxmox Support Team <support@proxmox.com> Wed, 03 Apr 2019 13:40:26 +0200
242
374647e8
TL		 243libpve-access-control (5.1-5) unstable; urgency=medium
244
245 * fix vnc ticket verification without authkey lifetime
246
247 -- Proxmox Support Team <support@proxmox.com> Mon, 18 Mar 2019 10:43:17 +0100
248
7fb70c94
TL		 249libpve-access-control (5.1-4) unstable; urgency=medium
250
251 * fix #1891: Add zsh command completion for pveum
252
253 * ground work to fix #2079: add periodic auth key rotation. Not yet enabled
254 to avoid issues on upgrade, will be enabled with 6.0
255
256 -- Proxmox Support Team <support@proxmox.com> Mon, 18 Mar 2019 09:12:05 +0100
257
6e010cde
TL		 258libpve-access-control (5.1-3) unstable; urgency=medium
259
260 * api/ticket: move getting cluster name into an eval
261
262 -- Proxmox Support Team <support@proxmox.com> Thu, 29 Nov 2018 12:59:36 +0100
263
f5a9380a
TL		 264libpve-access-control (5.1-2) unstable; urgency=medium
265
266 * fix #1998: correct return properties for read_role
267
268 -- Proxmox Support Team <support@proxmox.com> Fri, 23 Nov 2018 14:22:40 +0100
269
b54b7474
TL		 270libpve-access-control (5.1-1) unstable; urgency=medium
271
272 * pveum: introduce sub-commands
273
274 * register userid with completion
275
276 * fix #233: return cluster name on successful login
277
278 -- Proxmox Support Team <support@proxmox.com> Thu, 15 Nov 2018 09:34:47 +0100
279
52192dd4
WB		 280libpve-access-control (5.0-8) unstable; urgency=medium
281
282 * fix #1612: ldap: make 2nd server work with bind domains again
283
284 * fix an error message where passing a bad pool id to an API function would
285 make it complain about a wrong group name instead
286
287 * fix the API-returned permission list so that the GUI knows to show the
288 'Permissions' tab for a storage to an administrator apart from root@pam
289
290 -- Proxmox Support Team <support@proxmox.com> Thu, 18 Jan 2018 13:34:50 +0100
291
3dadf8cf
FG		 292libpve-access-control (5.0-7) unstable; urgency=medium
293
294 * VM.Snapshot.Rollback privilege added
295
296 * api: check for special roles before locking the usercfg
297
298 * fix #1501: pveum: die when deleting special role
299
300 * API/ticket: rework coarse grained permission computation
301
302 -- Proxmox Support Team <support@proxmox.com> Thu, 5 Oct 2017 11:27:48 +0200
303
ec4141f4
WB		 304libpve-access-control (5.0-6) unstable; urgency=medium
305
306 * Close #1470: Add server ceritifcate verification for AD and LDAP via the
307 'verify' option. For compatibility reasons this defaults to off for now,
308 but that might change with future updates.
309
310 * AD, LDAP: Add ability to specify a CA path or file, and a client
311 certificate via the 'capath', 'cert' and 'certkey' options.
312
313 -- Proxmox Support Team <support@proxmox.com> Tue, 08 Aug 2017 11:56:38 +0200
314
63134bd4
DM		 315libpve-access-control (5.0-5) unstable; urgency=medium
316
317 * change from dpkg-deb to dpkg-buildpackage
318
319 -- Proxmox Support Team <support@proxmox.com> Thu, 22 Jun 2017 09:12:37 +0200
320
868fb1ea
DM		 321libpve-access-control (5.0-4) unstable; urgency=medium
322
323 * PVE/CLI/pveum.pm: call setup_default_cli_env()
324
325 * PVE/Auth/PVE.pm: encode uft8 password before calling crypt
326
327 * check_api2_permissions: avoid warning about uninitialized value
328
329 -- Proxmox Support Team <support@proxmox.com> Tue, 02 May 2017 11:58:15 +0200
330
63358f40
DM		 331libpve-access-control (5.0-3) unstable; urgency=medium
332
333 * use new PVE::OTP class from pve-common
334
335 * use new PVE::Tools::encrypt_pw from pve-common
336
337 -- Proxmox Support Team <support@proxmox.com> Thu, 30 Mar 2017 17:45:55 +0200
338
05fd50af
DM		 339libpve-access-control (5.0-2) unstable; urgency=medium
340
341 * encrypt_pw: avoid '+' for crypt salt
342
343 -- Proxmox Support Team <support@proxmox.com> Thu, 30 Mar 2017 08:54:10 +0200
344
0835385b
FG		 345libpve-access-control (5.0-1) unstable; urgency=medium
346
347 * rebuild for PVE 5.0
348
349 -- Proxmox Support Team <support@proxmox.com> Mon, 6 Mar 2017 13:42:01 +0100
350
730f8863
DM		 351libpve-access-control (4.0-23) unstable; urgency=medium
352
353 * use new PVE::Ticket class
354
355 -- Proxmox Support Team <support@proxmox.com> Thu, 19 Jan 2017 13:42:06 +0100
356
1f1c4593
DM		 357libpve-access-control (4.0-22) unstable; urgency=medium
358
359 * RPCEnvironment: removed check_volume_access() to avoid cyclic dependency
360 (moved to PVE::Storage)
361
362 * PVE::PCEnvironment: use new PVE::RESTEnvironment as base class
363
364 -- Proxmox Support Team <support@proxmox.com> Thu, 19 Jan 2017 09:12:04 +0100
365
f9105063
DM		 366libpve-access-control (4.0-21) unstable; urgency=medium
367
368 * setup_default_cli_env: expect $class as first parameter
369
370 -- Proxmox Support Team <support@proxmox.com> Thu, 12 Jan 2017 13:54:27 +0100
371
9595066e
DM		 372libpve-access-control (4.0-20) unstable; urgency=medium
373
374 * PVE/RPCEnvironment.pm: new function setup_default_cli_env
375
376 * PVE/API2/Domains.pm: fix property description
377
378 * use new repoman for upload target
379
380 -- Proxmox Support Team <support@proxmox.com> Wed, 11 Jan 2017 12:13:26 +0100
381
2af5a793
DM		 382libpve-access-control (4.0-19) unstable; urgency=medium
383
384 * Close #833: ldap: non-anonymous bind support
385
386 * don't import 'RFC' from MIME::Base32
387
388 -- Proxmox Support Team <support@proxmox.com> Fri, 05 Aug 2016 13:09:08 +0200
389
5d87bb77
WB		 390libpve-access-control (4.0-18) unstable; urgency=medium
391
392 * fix #1062: recognize base32 otp keys again
393
394 -- Proxmox Support Team <support@proxmox.com> Thu, 21 Jul 2016 08:43:18 +0200
395
28ddf48b
WB		 396libpve-access-control (4.0-17) unstable; urgency=medium
397
398 * drop oathtool and libdigest-hmac-perl dependencies
399
400 -- Proxmox Support Team <support@proxmox.com> Mon, 11 Jul 2016 12:03:22 +0200
401
15cebb28
DM		 402libpve-access-control (4.0-16) unstable; urgency=medium
403
404 * use pve-doc-generator to generate man pages
405
406 -- Proxmox Support Team <support@proxmox.com> Fri, 08 Apr 2016 07:06:05 +0200
407
678df887
DM		 408libpve-access-control (4.0-15) unstable; urgency=medium
409
410 * Fix uninitialized warning when shadow.cfg does not exist
411
412 -- Proxmox Support Team <support@proxmox.com> Fri, 01 Apr 2016 07:10:57 +0200
413
cca9761a
DM		 414libpve-access-control (4.0-14) unstable; urgency=medium
415
416 * Add is_worker to RPCEnvironment
417
418 -- Proxmox Support Team <support@proxmox.com> Tue, 15 Mar 2016 16:47:34 +0100
419
8643c99d
DM		 420libpve-access-control (4.0-13) unstable; urgency=medium
421
422 * fix #916: allow HTTPS to access custom yubico url
423
424 -- Proxmox Support Team <support@proxmox.com> Mon, 14 Mar 2016 11:39:23 +0100
425
ae2a6bf9
DM		 426libpve-access-control (4.0-12) unstable; urgency=medium
427
428 * Catch certificate errors instead of segfaulting
429
430 -- Proxmox Support Team <support@proxmox.com> Wed, 09 Mar 2016 14:41:01 +0100
431
4836db5f
DM		 432libpve-access-control (4.0-11) unstable; urgency=medium
433
434 * Fix #861: use safer sprintf formatting
435
436 -- Proxmox Support Team <support@proxmox.com> Fri, 08 Jan 2016 12:52:39 +0100
437
ccbe23dc
DM		 438libpve-access-control (4.0-10) unstable; urgency=medium
439
440 * Auth::LDAP, Auth::AD: ipv6 support
441
442 -- Proxmox Support Team <support@proxmox.com> Thu, 03 Dec 2015 12:09:32 +0100
443
90399ca4
DM		 444libpve-access-control (4.0-9) unstable; urgency=medium
445
446 * pveum: implement bash completion
447
448 -- Proxmox Support Team <support@proxmox.com> Thu, 01 Oct 2015 17:22:52 +0200
449
364ffc13
DM		 450libpve-access-control (4.0-8) unstable; urgency=medium
451
452 * remove_storage_access: cleanup of access permissions for removed storage
453
454 -- Proxmox Support Team <support@proxmox.com> Wed, 19 Aug 2015 15:39:15 +0200
455
7c26cb4a
DM		 456libpve-access-control (4.0-7) unstable; urgency=medium
457
458 * new helper to remove access permissions for removed VMs
459
460 -- Proxmox Support Team <support@proxmox.com> Fri, 14 Aug 2015 07:57:02 +0200
461
296afbd1
DM		 462libpve-access-control (4.0-6) unstable; urgency=medium
463
464 * improve parse_user_config, parse_shadow_config
465
466 -- Proxmox Support Team <support@proxmox.com> Mon, 27 Jul 2015 13:14:33 +0200
467
7d2df2ef
DM		 468libpve-access-control (4.0-5) unstable; urgency=medium
469
470 * pveum: check for $cmd being defined
471
472 -- Proxmox Support Team <support@proxmox.com> Wed, 10 Jun 2015 10:40:15 +0200
473
98a34e3f
DM		 474libpve-access-control (4.0-4) unstable; urgency=medium
475
476 * use activate-noawait triggers
477
478 -- Proxmox Support Team <support@proxmox.com> Mon, 01 Jun 2015 12:25:31 +0200
479
15462727
DM		 480libpve-access-control (4.0-3) unstable; urgency=medium
481
482 * IPv6 fixes
483
484 * non-root buildfix
485
486 -- Proxmox Support Team <support@proxmox.com> Wed, 27 May 2015 11:15:44 +0200
487
bbf4cc9a
DM		 488libpve-access-control (4.0-2) unstable; urgency=medium
489
490 * trigger pve-api-updates event
491
492 -- Proxmox Support Team <support@proxmox.com> Tue, 05 May 2015 15:06:38 +0200
493
dfbcf6d3
DM		 494libpve-access-control (4.0-1) unstable; urgency=medium
495
496 * bump version for Debian Jessie
497
498 -- Proxmox Support Team <support@proxmox.com> Thu, 26 Feb 2015 11:22:01 +0100
499
94971b3a
DM		 500libpve-access-control (3.0-16) unstable; urgency=low
501
502 * root@pam can now be disabled in GUI.
503
504 -- Proxmox Support Team <support@proxmox.com> Fri, 30 Jan 2015 06:20:22 +0100
505
7b17c7cb
DM		 506libpve-access-control (3.0-15) unstable; urgency=low
507
508 * oath: add 'step' and 'digits' option
509
510 -- Proxmox Support Team <support@proxmox.com> Wed, 23 Jul 2014 06:59:52 +0200
511
1abc2c0a
DM		 512libpve-access-control (3.0-14) unstable; urgency=low
513
514 * add oath two factor auth
515
516 * add oathkeygen binary to generate keys for oath
517
518 * add yubico two factor auth
519
520 * dedend on oathtool
521
522 * depend on libmime-base32-perl
30be0de9
DM		 523
524 * allow to write builtin auth domains config (comment/tfa/default)
1abc2c0a
DM		 525
526 -- Proxmox Support Team <support@proxmox.com> Thu, 17 Jul 2014 13:09:56 +0200
527
298450ab
DM		 528libpve-access-control (3.0-13) unstable; urgency=low
529
530 * use correct connection string for AD auth
531
532 -- Proxmox Support Team <support@proxmox.com> Thu, 22 May 2014 07:16:09 +0200
533
396034e4
DM		 534libpve-access-control (3.0-12) unstable; urgency=low
535
536 * add dummy API for GET /access/ticket (useful to generate login pages)
537
538 -- Proxmox Support Team <support@proxmox.com> Wed, 30 Apr 2014 14:47:56 +0200
539
26361123
DM		 540libpve-access-control (3.0-11) unstable; urgency=low
541
542 * Sets common hot keys for spice client
543
544 -- Proxmox Support Team <support@proxmox.com> Fri, 31 Jan 2014 10:24:28 +0100
545
3643383d
DM		 546libpve-access-control (3.0-10) unstable; urgency=low
547
548 * implement helper to generate SPICE remote-viewer configuration
549
550 * depend on libnet-ssleay-perl
551
552 -- Proxmox Support Team <support@proxmox.com> Tue, 10 Dec 2013 10:45:08 +0100
553
0baedcf7
DM		 554libpve-access-control (3.0-9) unstable; urgency=low
555
556 * prevent user enumeration attacks
e4f8fc2e
DM		 557
558 * allow dots in access paths
0baedcf7
DM		 559
560 -- Proxmox Support Team <support@proxmox.com> Mon, 18 Nov 2013 09:06:38 +0100
561
d4b63eae
DM		 562libpve-access-control (3.0-8) unstable; urgency=low
563
564 * spice: use lowercase hostname in ticktet signature
565
566 -- Proxmox Support Team <support@proxmox.com> Mon, 28 Oct 2013 08:11:57 +0100
567
49594944
DM		 568libpve-access-control (3.0-7) unstable; urgency=low
569
570 * check_volume_access : use parse_volname instead of path, and remove
571 path related code.
7c410d63
DM		 572
573 * use warnings instead of global -w flag.
49594944
DM		 574
575 -- Proxmox Support Team <support@proxmox.com> Tue, 01 Oct 2013 12:35:53 +0200
576
fe7de5d0
DM		 577libpve-access-control (3.0-6) unstable; urgency=low
578
579 * use shorter spiceproxy tickets
580
581 -- Proxmox Support Team <support@proxmox.com> Fri, 19 Jul 2013 12:39:09 +0200
582
4cdd9507
DM		 583libpve-access-control (3.0-5) unstable; urgency=low
584
585 * add code to generate tickets for SPICE
586
587 -- Proxmox Support Team <support@proxmox.com> Wed, 26 Jun 2013 13:08:32 +0200
588
677f9ab0
DM		 589libpve-access-control (3.0-4) unstable; urgency=low
590
591 * moved add_vm_to_pool/remove_vm_from_pool from qemu-server
592
593 -- Proxmox Support Team <support@proxmox.com> Tue, 14 May 2013 11:56:54 +0200
594
139a8ecf
DM		 595libpve-access-control (3.0-3) unstable; urgency=low
596
7b395f99 597 * Add new role PVETemplateUser (and VM.Clone priviledge)
139a8ecf
DM		 598
599 -- Proxmox Support Team <support@proxmox.com> Mon, 29 Apr 2013 11:42:15 +0200
600
b78ce7c2
DM		 601libpve-access-control (3.0-2) unstable; urgency=low
602
603 * remove CGI.pm related code (pveproxy does not need that)
604
605 -- Proxmox Support Team <support@proxmox.com> Mon, 15 Apr 2013 12:34:23 +0200
606
786820f9
DM		 607libpve-access-control (3.0-1) unstable; urgency=low
608
609 * bump version for wheezy release
610
611 -- Proxmox Support Team <support@proxmox.com> Fri, 15 Mar 2013 08:07:06 +0100
612
e5ae5487
DM		 613libpve-access-control (1.0-26) unstable; urgency=low
614
615 * check_volume_access: fix access permissions for backup files
616
617 -- Proxmox Support Team <support@proxmox.com> Thu, 28 Feb 2013 10:00:14 +0100
618
e3e6510c
DM		 619libpve-access-control (1.0-25) unstable; urgency=low
620
621 * add VM.Snapshot permission
622
623 -- Proxmox Support Team <support@proxmox.com> Mon, 10 Sep 2012 09:23:32 +0200
624
1e15ebe7
DM		 625libpve-access-control (1.0-24) unstable; urgency=low
626
627 * untaint path (allow root to restore arbitrary paths)
628
629 -- Proxmox Support Team <support@proxmox.com> Wed, 06 Jun 2012 13:06:34 +0200
630
437be042
DM		 631libpve-access-control (1.0-23) unstable; urgency=low
632
633 * correctly compute GUI capabilities (consider pools)
634
635 -- Proxmox Support Team <support@proxmox.com> Wed, 30 May 2012 08:47:23 +0200
636
5bb4e06a
DM		 637libpve-access-control (1.0-22) unstable; urgency=low
638
639 * new plugin architecture for Auth modules, minor API change for Auth
640 domains (new 'delete' parameter)
641
642 -- Proxmox Support Team <support@proxmox.com> Wed, 16 May 2012 07:21:44 +0200
643
3030a176
DM		 644libpve-access-control (1.0-21) unstable; urgency=low
645
646 * do not allow user names including slash
647
648 -- Proxmox Support Team <support@proxmox.com> Tue, 24 Apr 2012 10:07:47 +0200
649
650libpve-access-control (1.0-20) unstable; urgency=low
651
652 * add ability to fork cli workers in background
653
654 -- Proxmox Support Team <support@proxmox.com> Wed, 18 Apr 2012 08:28:20 +0200
655
dd2cfee0
DM		 656libpve-access-control (1.0-19) unstable; urgency=low
657
658 * return set of privileges on login - can be used to adopt GUI
659
660 -- Proxmox Support Team <support@proxmox.com> Tue, 17 Apr 2012 10:25:10 +0200
661
1cf154b7
DM		 662libpve-access-control (1.0-18) unstable; urgency=low
663
533219a1
DM		 664 * fix bug #151: corretly parse username inside ticket
665
666 * fix bug #152: allow user to change his own password
1cf154b7
DM		 667
668 -- Proxmox Support Team <support@proxmox.com> Wed, 11 Apr 2012 09:40:15 +0200
669
2de14407
DM		 670libpve-access-control (1.0-17) unstable; urgency=low
671
672 * set propagate flag by default
673
674 -- Proxmox Support Team <support@proxmox.com> Thu, 01 Mar 2012 12:40:19 +0100
675
bdc61d7a
DM		 676libpve-access-control (1.0-16) unstable; urgency=low
677
678 * add 'pveum passwd' method
679
680 -- Proxmox Support Team <support@proxmox.com> Thu, 23 Feb 2012 12:05:25 +0100
681
cc7bdf33
DM		 682libpve-access-control (1.0-15) unstable; urgency=low
683
684 * Add VM.Config.CDROM privilege to PVEVMUser rule
685
686 -- Proxmox Support Team <support@proxmox.com> Wed, 22 Feb 2012 11:44:23 +0100
687
a69bbe2e
DM		 688libpve-access-control (1.0-14) unstable; urgency=low
689
690 * fix buf in userid-param permission check
691
692 -- Proxmox Support Team <support@proxmox.com> Wed, 22 Feb 2012 10:52:35 +0100
693
d9483d94
DM		 694libpve-access-control (1.0-13) unstable; urgency=low
695
696 * allow more characters in ldap base_dn attribute
697
698 -- Proxmox Support Team <support@proxmox.com> Wed, 22 Feb 2012 06:17:02 +0100
699
84619607
DM		 700libpve-access-control (1.0-12) unstable; urgency=low
701
702 * allow more characters with realm IDs
703
704 -- Proxmox Support Team <support@proxmox.com> Mon, 20 Feb 2012 08:50:33 +0100
705
09d27058
DM		 706libpve-access-control (1.0-11) unstable; urgency=low
707
708 * fix bug in exec_api2_perm_check
709
710 -- Proxmox Support Team <support@proxmox.com> Wed, 15 Feb 2012 07:06:30 +0100
711
7a4c849e
DM		 712libpve-access-control (1.0-10) unstable; urgency=low
713
714 * fix ACL group name parser
715
716 * changed 'pveum aclmod' command line arguments
717
718 -- Proxmox Support Team <support@proxmox.com> Tue, 14 Feb 2012 12:08:02 +0100
719
3eac4e35
DM		 720libpve-access-control (1.0-9) unstable; urgency=low
721
722 * fix bug in check_volume_access (fixes vzrestore)
723
724 -- Proxmox Support Team <support@proxmox.com> Mon, 13 Feb 2012 09:56:37 +0100
725
4384e19e
DM		 726libpve-access-control (1.0-8) unstable; urgency=low
727
728 * fix return value for empty ACL list.
729
730 -- Proxmox Support Team <support@proxmox.com> Fri, 10 Feb 2012 11:25:04 +0100
731
d8a56966
DM		 732libpve-access-control (1.0-7) unstable; urgency=low
733
734 * fix bug #85: allow root@pam to generate tickets for other users
735
736 -- Proxmox Support Team <support@proxmox.com> Tue, 17 Jan 2012 06:40:18 +0100
737
cb6f2f93
DM		 738libpve-access-control (1.0-6) unstable; urgency=low
739
740 * API change: allow to filter enabled/disabled users.
741
742 -- Proxmox Support Team <support@proxmox.com> Wed, 11 Jan 2012 12:30:37 +0100
743
272fe9ff
DM		 744libpve-access-control (1.0-5) unstable; urgency=low
745
746 * add a way to return file changes (diffs): set_result_changes()
747
748 -- Proxmox Support Team <support@proxmox.com> Tue, 20 Dec 2011 11:18:48 +0100
749
e42eedbc
DM		 750libpve-access-control (1.0-4) unstable; urgency=low
751
752 * new environment type for ha agents
753
754 -- Proxmox Support Team <support@proxmox.com> Tue, 13 Dec 2011 10:08:53 +0100
755
1fba27e0
DM		 756libpve-access-control (1.0-3) unstable; urgency=low
757
758 * add support for delayed parameter parsing - We need that to disable
759 file upload for normal API request (avoid DOS attacs)
760
761 -- Proxmox Support Team <support@proxmox.com> Fri, 02 Dec 2011 09:56:10 +0100
762
5bf71a96
DM		 763libpve-access-control (1.0-2) unstable; urgency=low
764
765 * fix bug in fork_worker
766
767 -- Proxmox Support Team <support@proxmox.com> Tue, 11 Oct 2011 08:37:05 +0200
768
2c3a6c0a
DM		 769libpve-access-control (1.0-1) unstable; urgency=low
770
771 * allow '-' in permission paths
772
773 * bump version to 1.0
774
775 -- Proxmox Support Team <support@proxmox.com> Mon, 27 Jun 2011 13:51:48 +0200
776
777libpve-access-control (0.1) unstable; urgency=low
778
779 * first dummy package - no functionality
780
781 -- Proxmox Support Team <support@proxmox.com> Thu, 09 Jul 2009 16:03:00 +0200
782
Access control framework