]> git.proxmox.com Git - pve-access-control.git/blame - debian/changelog
projects / pve-access-control.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
tfa: fix http 404 in get_tfa_entry
[pve-access-control.git] / debian / changelog
CommitLineData
1c9b6501
TL		 1libpve-access-control (7.0-7) bullseye; urgency=medium
2
3 * fix #3513: pass configured proxy to OpenID
4
5 * use rust based parser for TFA config
6
7 * use PBS-like auth api call flow,
8
9 * merge old user.cfg keys to tfa config when adding entries
10
11 * implement version checks for new tfa config writer to ensure all
12 cluster nodes are ready to avoid login issues
13
14 * tickets: add tunnel ticket
15
16 -- Proxmox Support Team <support@proxmox.com> Thu, 11 Nov 2021 18:17:49 +0100
17
cd46b379
TL		 18libpve-access-control (7.0-6) bullseye; urgency=medium
19
20 * fix regression in user deletion when realm does not enforce TFA
21
22 -- Proxmox Support Team <support@proxmox.com> Thu, 21 Oct 2021 12:28:52 +0200
23
52da88a8
TL		 24libpve-access-control (7.0-5) bullseye; urgency=medium
25
26 * acl: check path: add /sdn/vnets/* path
27
28 * fix #2302: allow deletion of users when realm enforces TFA
29
30 * api: delete user: disable user first to avoid surprise on error during the
31 various cleanup action required for user deletion (e.g., TFA, ACL, group)
32
33 -- Proxmox Support Team <support@proxmox.com> Mon, 27 Sep 2021 15:50:47 +0200
34
543d646c
TL		 35libpve-access-control (7.0-4) bullseye; urgency=medium
36
37 * realm: add OpenID configuration
38
39 * api: implement OpenID related endpoints
40
41 * implement opt-in OpenID autocreate user feature
42
43 * api: user: add 'realm-type' to user list response
44
45 -- Proxmox Support Team <support@proxmox.com> Fri, 02 Jul 2021 13:45:46 +0200
46
7a4c4fd8
TL		 47libpve-access-control (7.0-3) bullseye; urgency=medium
48
49 * api: acl: add missing `/access/realm/<realm>`, `/access/group/<group>` and
50 `/sdn/zones/<zone>` to allowed ACL paths
51
52 -- Proxmox Support Team <support@proxmox.com> Mon, 21 Jun 2021 10:31:19 +0200
53
0902a936
FG		 54libpve-access-control (7.0-2) bullseye; urgency=medium
55
56 * fix #3402: add Pool.Audit privilege - custom roles containing
57 Pool.Allocate must be updated to include the new privilege.
58
59 -- Proxmox Support Team <support@proxmox.com> Tue, 1 Jun 2021 11:28:38 +0200
60
67febb69
TL		 61libpve-access-control (7.0-1) bullseye; urgency=medium
62
63 * re-build for Debian 11 Bullseye based releases
64
65 -- Proxmox Support Team <support@proxmox.com> Sun, 09 May 2021 18:18:23 +0200
66
2942ba41
TL		 67libpve-access-control (6.4-1) pve; urgency=medium
68
69 * fix #1670: change PAM service name to project specific name
70
71 * fix #1500: permission path syntax check for access control
72
73 * pveum: add resource pool CLI commands
74
75 -- Proxmox Support Team <support@proxmox.com> Sat, 24 Apr 2021 19:48:21 +0200
76
54d312f3
TL		 77libpve-access-control (6.1-3) pve; urgency=medium
78
79 * partially fix #2825: authkey: rotate if it was generated in the
80 future
81
82 * fix #2947: add an option to LDAP or AD realm to switch user lookup to case
83 insensitive
84
85 -- Proxmox Support Team <support@proxmox.com> Tue, 29 Sep 2020 08:54:13 +0200
86
6a9be12f
TL		 87libpve-access-control (6.1-2) pve; urgency=medium
88
89 * also check SDN permission path when computing coarse permissions heuristic
90 for UIs
91
92 * add SDN Permissions.Modify
93
94 * add VM.Config.Cloudinit
95
96 -- Proxmox Support Team <support@proxmox.com> Tue, 30 Jun 2020 13:06:56 +0200
97
e6624f50
TL		 98libpve-access-control (6.1-1) pve; urgency=medium
99
100 * pveum: add tfa delete subcommand for deleting user-TFA
101
102 * LDAP: don't complain about missing credentials on realm removal
103
104 * LDAP: skip anonymous bind when client certificate and key is configured
105
106 -- Proxmox Support Team <support@proxmox.com> Fri, 08 May 2020 17:47:41 +0200
107
8f4a522f
TL		 108libpve-access-control (6.0-7) pve; urgency=medium
109
110 * fix #2575: die when trying to edit built-in roles
111
112 * add realm sub commands to pveum CLI tool
113
114 * api: domains: add user group sync API enpoint
115
116 * allow one to sync and import users and groups from LDAP/AD based realms
117
118 * realm: add default-sync-options to config for more convenient sync configuration
119
120 * api: token create: return also full token id for convenience
121
122 -- Proxmox Support Team <support@proxmox.com> Sat, 25 Apr 2020 19:35:17 +0200
123
23059f35
TL		 124libpve-access-control (6.0-6) pve; urgency=medium
125
126 * API: add group members to group index
127
128 * implement API token support and management
129
130 * pveum: add 'pveum user token add/update/remove/list'
131
132 * pveum: add permissions sub-commands
133
134 * API: add 'permissions' API endpoint
135
136 * user.cfg: skip inexisting roles when parsing ACLs
137
138 -- Proxmox Support Team <support@proxmox.com> Wed, 29 Jan 2020 10:17:27 +0100
139
3dd692e9
TL		 140libpve-access-control (6.0-5) pve; urgency=medium
141
142 * pveum: add list command for users, groups, ACLs and roles
143
144 * add initial permissions for experimental SDN integration
145
146 -- Proxmox Support Team <support@proxmox.com> Tue, 26 Nov 2019 17:56:37 +0100
147
4ef92d0d
FG		 148libpve-access-control (6.0-4) pve; urgency=medium
149
150 * ticket: use clinfo to get cluster name
151
152 * ldaps: add sslversion configuration property to support TLS 1.1 to 1.3 as
153 SSL version
154
155 -- Proxmox Support Team <support@proxmox.com> Mon, 18 Nov 2019 11:55:11 +0100
156
6e5bbca4
TL		 157libpve-access-control (6.0-3) pve; urgency=medium
158
159 * fix #2433: increase possible TFA secret length
160
161 * parse user configuration: correctly parse group names in ACLs, for users
162 which begin their name with an @
163
164 * sort user.cfg entries alphabetically
165
166 -- Proxmox Support Team <support@proxmox.com> Tue, 29 Oct 2019 08:52:23 +0100
167
e073493c
TL		 168libpve-access-control (6.0-2) pve; urgency=medium
169
170 * improve CSRF verification compatibility with newer PVE
171
172 -- Proxmox Support Team <support@proxmox.com> Wed, 26 Jun 2019 20:24:35 +0200
173
a237dc2e
TL		 174libpve-access-control (6.0-1) pve; urgency=medium
175
176 * ticket: properly verify exactly 5 minute old tickets
177
178 * use hmac_sha256 instead of sha1 for CSRF token generation
179
180 -- Proxmox Support Team <support@proxmox.com> Mon, 24 Jun 2019 18:14:45 +0200
181
f1531f22
TL		 182libpve-access-control (6.0-0+1) pve; urgency=medium
183
184 * bump for Debian buster
185
186 * fix #2079: add periodic auth key rotation
187
188 -- Proxmox Support Team <support@proxmox.com> Tue, 21 May 2019 21:31:15 +0200
189
ef761f51
TL		 190libpve-access-control (5.1-10) unstable; urgency=medium
191
192 * add /access/user/{id}/tfa api call to get tfa types
193
194 -- Proxmox Support Team <support@proxmox.com> Wed, 15 May 2019 16:21:10 +0200
195
860ddcba
TL		 196libpve-access-control (5.1-9) unstable; urgency=medium
197
198 * store the tfa type in user.cfg allowing to get it without proxying the call
199 to a higher priviledged daemon.
200
201 * tfa: realm required TFA should lock out users without TFA configured, as it
202 was done before Proxmox VE 5.4
203
204 -- Proxmox Support Team <support@proxmox.com> Tue, 30 Apr 2019 14:01:00 +0000
205
9fbad012
TL		 206libpve-access-control (5.1-8) unstable; urgency=medium
207
208 * U2F: ensure we save correct public key on registration
209
210 -- Proxmox Support Team <support@proxmox.com> Tue, 09 Apr 2019 12:47:12 +0200
211
4473c96c
TL		 212libpve-access-control (5.1-7) unstable; urgency=medium
213
214 * verify_ticket: allow general non-challenge tfa to be run as two step
215 call
216
217 -- Proxmox Support Team <support@proxmox.com> Mon, 08 Apr 2019 16:56:14 +0200
218
a270d4e1
TL		 219libpve-access-control (5.1-6) unstable; urgency=medium
220
221 * more general 2FA configuration via priv/tfa.cfg
222
223 * add u2f api endpoints
224
225 * delete TFA entries when deleting a user
226
227 * allow users to change their TOTP settings
228
229 -- Proxmox Support Team <support@proxmox.com> Wed, 03 Apr 2019 13:40:26 +0200
230
374647e8
TL		 231libpve-access-control (5.1-5) unstable; urgency=medium
232
233 * fix vnc ticket verification without authkey lifetime
234
235 -- Proxmox Support Team <support@proxmox.com> Mon, 18 Mar 2019 10:43:17 +0100
236
7fb70c94
TL		 237libpve-access-control (5.1-4) unstable; urgency=medium
238
239 * fix #1891: Add zsh command completion for pveum
240
241 * ground work to fix #2079: add periodic auth key rotation. Not yet enabled
242 to avoid issues on upgrade, will be enabled with 6.0
243
244 -- Proxmox Support Team <support@proxmox.com> Mon, 18 Mar 2019 09:12:05 +0100
245
6e010cde
TL		 246libpve-access-control (5.1-3) unstable; urgency=medium
247
248 * api/ticket: move getting cluster name into an eval
249
250 -- Proxmox Support Team <support@proxmox.com> Thu, 29 Nov 2018 12:59:36 +0100
251
f5a9380a
TL		 252libpve-access-control (5.1-2) unstable; urgency=medium
253
254 * fix #1998: correct return properties for read_role
255
256 -- Proxmox Support Team <support@proxmox.com> Fri, 23 Nov 2018 14:22:40 +0100
257
b54b7474
TL		 258libpve-access-control (5.1-1) unstable; urgency=medium
259
260 * pveum: introduce sub-commands
261
262 * register userid with completion
263
264 * fix #233: return cluster name on successful login
265
266 -- Proxmox Support Team <support@proxmox.com> Thu, 15 Nov 2018 09:34:47 +0100
267
52192dd4
WB		 268libpve-access-control (5.0-8) unstable; urgency=medium
269
270 * fix #1612: ldap: make 2nd server work with bind domains again
271
272 * fix an error message where passing a bad pool id to an API function would
273 make it complain about a wrong group name instead
274
275 * fix the API-returned permission list so that the GUI knows to show the
276 'Permissions' tab for a storage to an administrator apart from root@pam
277
278 -- Proxmox Support Team <support@proxmox.com> Thu, 18 Jan 2018 13:34:50 +0100
279
3dadf8cf
FG		 280libpve-access-control (5.0-7) unstable; urgency=medium
281
282 * VM.Snapshot.Rollback privilege added
283
284 * api: check for special roles before locking the usercfg
285
286 * fix #1501: pveum: die when deleting special role
287
288 * API/ticket: rework coarse grained permission computation
289
290 -- Proxmox Support Team <support@proxmox.com> Thu, 5 Oct 2017 11:27:48 +0200
291
ec4141f4
WB		 292libpve-access-control (5.0-6) unstable; urgency=medium
293
294 * Close #1470: Add server ceritifcate verification for AD and LDAP via the
295 'verify' option. For compatibility reasons this defaults to off for now,
296 but that might change with future updates.
297
298 * AD, LDAP: Add ability to specify a CA path or file, and a client
299 certificate via the 'capath', 'cert' and 'certkey' options.
300
301 -- Proxmox Support Team <support@proxmox.com> Tue, 08 Aug 2017 11:56:38 +0200
302
63134bd4
DM		 303libpve-access-control (5.0-5) unstable; urgency=medium
304
305 * change from dpkg-deb to dpkg-buildpackage
306
307 -- Proxmox Support Team <support@proxmox.com> Thu, 22 Jun 2017 09:12:37 +0200
308
868fb1ea
DM		 309libpve-access-control (5.0-4) unstable; urgency=medium
310
311 * PVE/CLI/pveum.pm: call setup_default_cli_env()
312
313 * PVE/Auth/PVE.pm: encode uft8 password before calling crypt
314
315 * check_api2_permissions: avoid warning about uninitialized value
316
317 -- Proxmox Support Team <support@proxmox.com> Tue, 02 May 2017 11:58:15 +0200
318
63358f40
DM		 319libpve-access-control (5.0-3) unstable; urgency=medium
320
321 * use new PVE::OTP class from pve-common
322
323 * use new PVE::Tools::encrypt_pw from pve-common
324
325 -- Proxmox Support Team <support@proxmox.com> Thu, 30 Mar 2017 17:45:55 +0200
326
05fd50af
DM		 327libpve-access-control (5.0-2) unstable; urgency=medium
328
329 * encrypt_pw: avoid '+' for crypt salt
330
331 -- Proxmox Support Team <support@proxmox.com> Thu, 30 Mar 2017 08:54:10 +0200
332
0835385b
FG		 333libpve-access-control (5.0-1) unstable; urgency=medium
334
335 * rebuild for PVE 5.0
336
337 -- Proxmox Support Team <support@proxmox.com> Mon, 6 Mar 2017 13:42:01 +0100
338
730f8863
DM		 339libpve-access-control (4.0-23) unstable; urgency=medium
340
341 * use new PVE::Ticket class
342
343 -- Proxmox Support Team <support@proxmox.com> Thu, 19 Jan 2017 13:42:06 +0100
344
1f1c4593
DM		 345libpve-access-control (4.0-22) unstable; urgency=medium
346
347 * RPCEnvironment: removed check_volume_access() to avoid cyclic dependency
348 (moved to PVE::Storage)
349
350 * PVE::PCEnvironment: use new PVE::RESTEnvironment as base class
351
352 -- Proxmox Support Team <support@proxmox.com> Thu, 19 Jan 2017 09:12:04 +0100
353
f9105063
DM		 354libpve-access-control (4.0-21) unstable; urgency=medium
355
356 * setup_default_cli_env: expect $class as first parameter
357
358 -- Proxmox Support Team <support@proxmox.com> Thu, 12 Jan 2017 13:54:27 +0100
359
9595066e
DM		 360libpve-access-control (4.0-20) unstable; urgency=medium
361
362 * PVE/RPCEnvironment.pm: new function setup_default_cli_env
363
364 * PVE/API2/Domains.pm: fix property description
365
366 * use new repoman for upload target
367
368 -- Proxmox Support Team <support@proxmox.com> Wed, 11 Jan 2017 12:13:26 +0100
369
2af5a793
DM		 370libpve-access-control (4.0-19) unstable; urgency=medium
371
372 * Close #833: ldap: non-anonymous bind support
373
374 * don't import 'RFC' from MIME::Base32
375
376 -- Proxmox Support Team <support@proxmox.com> Fri, 05 Aug 2016 13:09:08 +0200
377
5d87bb77
WB		 378libpve-access-control (4.0-18) unstable; urgency=medium
379
380 * fix #1062: recognize base32 otp keys again
381
382 -- Proxmox Support Team <support@proxmox.com> Thu, 21 Jul 2016 08:43:18 +0200
383
28ddf48b
WB		 384libpve-access-control (4.0-17) unstable; urgency=medium
385
386 * drop oathtool and libdigest-hmac-perl dependencies
387
388 -- Proxmox Support Team <support@proxmox.com> Mon, 11 Jul 2016 12:03:22 +0200
389
15cebb28
DM		 390libpve-access-control (4.0-16) unstable; urgency=medium
391
392 * use pve-doc-generator to generate man pages
393
394 -- Proxmox Support Team <support@proxmox.com> Fri, 08 Apr 2016 07:06:05 +0200
395
678df887
DM		 396libpve-access-control (4.0-15) unstable; urgency=medium
397
398 * Fix uninitialized warning when shadow.cfg does not exist
399
400 -- Proxmox Support Team <support@proxmox.com> Fri, 01 Apr 2016 07:10:57 +0200
401
cca9761a
DM		 402libpve-access-control (4.0-14) unstable; urgency=medium
403
404 * Add is_worker to RPCEnvironment
405
406 -- Proxmox Support Team <support@proxmox.com> Tue, 15 Mar 2016 16:47:34 +0100
407
8643c99d
DM		 408libpve-access-control (4.0-13) unstable; urgency=medium
409
410 * fix #916: allow HTTPS to access custom yubico url
411
412 -- Proxmox Support Team <support@proxmox.com> Mon, 14 Mar 2016 11:39:23 +0100
413
ae2a6bf9
DM		 414libpve-access-control (4.0-12) unstable; urgency=medium
415
416 * Catch certificate errors instead of segfaulting
417
418 -- Proxmox Support Team <support@proxmox.com> Wed, 09 Mar 2016 14:41:01 +0100
419
4836db5f
DM		 420libpve-access-control (4.0-11) unstable; urgency=medium
421
422 * Fix #861: use safer sprintf formatting
423
424 -- Proxmox Support Team <support@proxmox.com> Fri, 08 Jan 2016 12:52:39 +0100
425
ccbe23dc
DM		 426libpve-access-control (4.0-10) unstable; urgency=medium
427
428 * Auth::LDAP, Auth::AD: ipv6 support
429
430 -- Proxmox Support Team <support@proxmox.com> Thu, 03 Dec 2015 12:09:32 +0100
431
90399ca4
DM		 432libpve-access-control (4.0-9) unstable; urgency=medium
433
434 * pveum: implement bash completion
435
436 -- Proxmox Support Team <support@proxmox.com> Thu, 01 Oct 2015 17:22:52 +0200
437
364ffc13
DM		 438libpve-access-control (4.0-8) unstable; urgency=medium
439
440 * remove_storage_access: cleanup of access permissions for removed storage
441
442 -- Proxmox Support Team <support@proxmox.com> Wed, 19 Aug 2015 15:39:15 +0200
443
7c26cb4a
DM		 444libpve-access-control (4.0-7) unstable; urgency=medium
445
446 * new helper to remove access permissions for removed VMs
447
448 -- Proxmox Support Team <support@proxmox.com> Fri, 14 Aug 2015 07:57:02 +0200
449
296afbd1
DM		 450libpve-access-control (4.0-6) unstable; urgency=medium
451
452 * improve parse_user_config, parse_shadow_config
453
454 -- Proxmox Support Team <support@proxmox.com> Mon, 27 Jul 2015 13:14:33 +0200
455
7d2df2ef
DM		 456libpve-access-control (4.0-5) unstable; urgency=medium
457
458 * pveum: check for $cmd being defined
459
460 -- Proxmox Support Team <support@proxmox.com> Wed, 10 Jun 2015 10:40:15 +0200
461
98a34e3f
DM		 462libpve-access-control (4.0-4) unstable; urgency=medium
463
464 * use activate-noawait triggers
465
466 -- Proxmox Support Team <support@proxmox.com> Mon, 01 Jun 2015 12:25:31 +0200
467
15462727
DM		 468libpve-access-control (4.0-3) unstable; urgency=medium
469
470 * IPv6 fixes
471
472 * non-root buildfix
473
474 -- Proxmox Support Team <support@proxmox.com> Wed, 27 May 2015 11:15:44 +0200
475
bbf4cc9a
DM		 476libpve-access-control (4.0-2) unstable; urgency=medium
477
478 * trigger pve-api-updates event
479
480 -- Proxmox Support Team <support@proxmox.com> Tue, 05 May 2015 15:06:38 +0200
481
dfbcf6d3
DM		 482libpve-access-control (4.0-1) unstable; urgency=medium
483
484 * bump version for Debian Jessie
485
486 -- Proxmox Support Team <support@proxmox.com> Thu, 26 Feb 2015 11:22:01 +0100
487
94971b3a
DM		 488libpve-access-control (3.0-16) unstable; urgency=low
489
490 * root@pam can now be disabled in GUI.
491
492 -- Proxmox Support Team <support@proxmox.com> Fri, 30 Jan 2015 06:20:22 +0100
493
7b17c7cb
DM		 494libpve-access-control (3.0-15) unstable; urgency=low
495
496 * oath: add 'step' and 'digits' option
497
498 -- Proxmox Support Team <support@proxmox.com> Wed, 23 Jul 2014 06:59:52 +0200
499
1abc2c0a
DM		 500libpve-access-control (3.0-14) unstable; urgency=low
501
502 * add oath two factor auth
503
504 * add oathkeygen binary to generate keys for oath
505
506 * add yubico two factor auth
507
508 * dedend on oathtool
509
510 * depend on libmime-base32-perl
30be0de9
DM		 511
512 * allow to write builtin auth domains config (comment/tfa/default)
1abc2c0a
DM		 513
514 -- Proxmox Support Team <support@proxmox.com> Thu, 17 Jul 2014 13:09:56 +0200
515
298450ab
DM		 516libpve-access-control (3.0-13) unstable; urgency=low
517
518 * use correct connection string for AD auth
519
520 -- Proxmox Support Team <support@proxmox.com> Thu, 22 May 2014 07:16:09 +0200
521
396034e4
DM		 522libpve-access-control (3.0-12) unstable; urgency=low
523
524 * add dummy API for GET /access/ticket (useful to generate login pages)
525
526 -- Proxmox Support Team <support@proxmox.com> Wed, 30 Apr 2014 14:47:56 +0200
527
26361123
DM		 528libpve-access-control (3.0-11) unstable; urgency=low
529
530 * Sets common hot keys for spice client
531
532 -- Proxmox Support Team <support@proxmox.com> Fri, 31 Jan 2014 10:24:28 +0100
533
3643383d
DM		 534libpve-access-control (3.0-10) unstable; urgency=low
535
536 * implement helper to generate SPICE remote-viewer configuration
537
538 * depend on libnet-ssleay-perl
539
540 -- Proxmox Support Team <support@proxmox.com> Tue, 10 Dec 2013 10:45:08 +0100
541
0baedcf7
DM		 542libpve-access-control (3.0-9) unstable; urgency=low
543
544 * prevent user enumeration attacks
e4f8fc2e
DM		 545
546 * allow dots in access paths
0baedcf7
DM		 547
548 -- Proxmox Support Team <support@proxmox.com> Mon, 18 Nov 2013 09:06:38 +0100
549
d4b63eae
DM		 550libpve-access-control (3.0-8) unstable; urgency=low
551
552 * spice: use lowercase hostname in ticktet signature
553
554 -- Proxmox Support Team <support@proxmox.com> Mon, 28 Oct 2013 08:11:57 +0100
555
49594944
DM		 556libpve-access-control (3.0-7) unstable; urgency=low
557
558 * check_volume_access : use parse_volname instead of path, and remove
559 path related code.
7c410d63
DM		 560
561 * use warnings instead of global -w flag.
49594944
DM		 562
563 -- Proxmox Support Team <support@proxmox.com> Tue, 01 Oct 2013 12:35:53 +0200
564
fe7de5d0
DM		 565libpve-access-control (3.0-6) unstable; urgency=low
566
567 * use shorter spiceproxy tickets
568
569 -- Proxmox Support Team <support@proxmox.com> Fri, 19 Jul 2013 12:39:09 +0200
570
4cdd9507
DM		 571libpve-access-control (3.0-5) unstable; urgency=low
572
573 * add code to generate tickets for SPICE
574
575 -- Proxmox Support Team <support@proxmox.com> Wed, 26 Jun 2013 13:08:32 +0200
576
677f9ab0
DM		 577libpve-access-control (3.0-4) unstable; urgency=low
578
579 * moved add_vm_to_pool/remove_vm_from_pool from qemu-server
580
581 -- Proxmox Support Team <support@proxmox.com> Tue, 14 May 2013 11:56:54 +0200
582
139a8ecf
DM		 583libpve-access-control (3.0-3) unstable; urgency=low
584
7b395f99 585 * Add new role PVETemplateUser (and VM.Clone priviledge)
139a8ecf
DM		 586
587 -- Proxmox Support Team <support@proxmox.com> Mon, 29 Apr 2013 11:42:15 +0200
588
b78ce7c2
DM		 589libpve-access-control (3.0-2) unstable; urgency=low
590
591 * remove CGI.pm related code (pveproxy does not need that)
592
593 -- Proxmox Support Team <support@proxmox.com> Mon, 15 Apr 2013 12:34:23 +0200
594
786820f9
DM		 595libpve-access-control (3.0-1) unstable; urgency=low
596
597 * bump version for wheezy release
598
599 -- Proxmox Support Team <support@proxmox.com> Fri, 15 Mar 2013 08:07:06 +0100
600
e5ae5487
DM		 601libpve-access-control (1.0-26) unstable; urgency=low
602
603 * check_volume_access: fix access permissions for backup files
604
605 -- Proxmox Support Team <support@proxmox.com> Thu, 28 Feb 2013 10:00:14 +0100
606
e3e6510c
DM		 607libpve-access-control (1.0-25) unstable; urgency=low
608
609 * add VM.Snapshot permission
610
611 -- Proxmox Support Team <support@proxmox.com> Mon, 10 Sep 2012 09:23:32 +0200
612
1e15ebe7
DM		 613libpve-access-control (1.0-24) unstable; urgency=low
614
615 * untaint path (allow root to restore arbitrary paths)
616
617 -- Proxmox Support Team <support@proxmox.com> Wed, 06 Jun 2012 13:06:34 +0200
618
437be042
DM		 619libpve-access-control (1.0-23) unstable; urgency=low
620
621 * correctly compute GUI capabilities (consider pools)
622
623 -- Proxmox Support Team <support@proxmox.com> Wed, 30 May 2012 08:47:23 +0200
624
5bb4e06a
DM		 625libpve-access-control (1.0-22) unstable; urgency=low
626
627 * new plugin architecture for Auth modules, minor API change for Auth
628 domains (new 'delete' parameter)
629
630 -- Proxmox Support Team <support@proxmox.com> Wed, 16 May 2012 07:21:44 +0200
631
3030a176
DM		 632libpve-access-control (1.0-21) unstable; urgency=low
633
634 * do not allow user names including slash
635
636 -- Proxmox Support Team <support@proxmox.com> Tue, 24 Apr 2012 10:07:47 +0200
637
638libpve-access-control (1.0-20) unstable; urgency=low
639
640 * add ability to fork cli workers in background
641
642 -- Proxmox Support Team <support@proxmox.com> Wed, 18 Apr 2012 08:28:20 +0200
643
dd2cfee0
DM		 644libpve-access-control (1.0-19) unstable; urgency=low
645
646 * return set of privileges on login - can be used to adopt GUI
647
648 -- Proxmox Support Team <support@proxmox.com> Tue, 17 Apr 2012 10:25:10 +0200
649
1cf154b7
DM		 650libpve-access-control (1.0-18) unstable; urgency=low
651
533219a1
DM		 652 * fix bug #151: corretly parse username inside ticket
653
654 * fix bug #152: allow user to change his own password
1cf154b7
DM		 655
656 -- Proxmox Support Team <support@proxmox.com> Wed, 11 Apr 2012 09:40:15 +0200
657
2de14407
DM		 658libpve-access-control (1.0-17) unstable; urgency=low
659
660 * set propagate flag by default
661
662 -- Proxmox Support Team <support@proxmox.com> Thu, 01 Mar 2012 12:40:19 +0100
663
bdc61d7a
DM		 664libpve-access-control (1.0-16) unstable; urgency=low
665
666 * add 'pveum passwd' method
667
668 -- Proxmox Support Team <support@proxmox.com> Thu, 23 Feb 2012 12:05:25 +0100
669
cc7bdf33
DM		 670libpve-access-control (1.0-15) unstable; urgency=low
671
672 * Add VM.Config.CDROM privilege to PVEVMUser rule
673
674 -- Proxmox Support Team <support@proxmox.com> Wed, 22 Feb 2012 11:44:23 +0100
675
a69bbe2e
DM		 676libpve-access-control (1.0-14) unstable; urgency=low
677
678 * fix buf in userid-param permission check
679
680 -- Proxmox Support Team <support@proxmox.com> Wed, 22 Feb 2012 10:52:35 +0100
681
d9483d94
DM		 682libpve-access-control (1.0-13) unstable; urgency=low
683
684 * allow more characters in ldap base_dn attribute
685
686 -- Proxmox Support Team <support@proxmox.com> Wed, 22 Feb 2012 06:17:02 +0100
687
84619607
DM		 688libpve-access-control (1.0-12) unstable; urgency=low
689
690 * allow more characters with realm IDs
691
692 -- Proxmox Support Team <support@proxmox.com> Mon, 20 Feb 2012 08:50:33 +0100
693
09d27058
DM		 694libpve-access-control (1.0-11) unstable; urgency=low
695
696 * fix bug in exec_api2_perm_check
697
698 -- Proxmox Support Team <support@proxmox.com> Wed, 15 Feb 2012 07:06:30 +0100
699
7a4c849e
DM		 700libpve-access-control (1.0-10) unstable; urgency=low
701
702 * fix ACL group name parser
703
704 * changed 'pveum aclmod' command line arguments
705
706 -- Proxmox Support Team <support@proxmox.com> Tue, 14 Feb 2012 12:08:02 +0100
707
3eac4e35
DM		 708libpve-access-control (1.0-9) unstable; urgency=low
709
710 * fix bug in check_volume_access (fixes vzrestore)
711
712 -- Proxmox Support Team <support@proxmox.com> Mon, 13 Feb 2012 09:56:37 +0100
713
4384e19e
DM		 714libpve-access-control (1.0-8) unstable; urgency=low
715
716 * fix return value for empty ACL list.
717
718 -- Proxmox Support Team <support@proxmox.com> Fri, 10 Feb 2012 11:25:04 +0100
719
d8a56966
DM		 720libpve-access-control (1.0-7) unstable; urgency=low
721
722 * fix bug #85: allow root@pam to generate tickets for other users
723
724 -- Proxmox Support Team <support@proxmox.com> Tue, 17 Jan 2012 06:40:18 +0100
725
cb6f2f93
DM		 726libpve-access-control (1.0-6) unstable; urgency=low
727
728 * API change: allow to filter enabled/disabled users.
729
730 -- Proxmox Support Team <support@proxmox.com> Wed, 11 Jan 2012 12:30:37 +0100
731
272fe9ff
DM		 732libpve-access-control (1.0-5) unstable; urgency=low
733
734 * add a way to return file changes (diffs): set_result_changes()
735
736 -- Proxmox Support Team <support@proxmox.com> Tue, 20 Dec 2011 11:18:48 +0100
737
e42eedbc
DM		 738libpve-access-control (1.0-4) unstable; urgency=low
739
740 * new environment type for ha agents
741
742 -- Proxmox Support Team <support@proxmox.com> Tue, 13 Dec 2011 10:08:53 +0100
743
1fba27e0
DM		 744libpve-access-control (1.0-3) unstable; urgency=low
745
746 * add support for delayed parameter parsing - We need that to disable
747 file upload for normal API request (avoid DOS attacs)
748
749 -- Proxmox Support Team <support@proxmox.com> Fri, 02 Dec 2011 09:56:10 +0100
750
5bf71a96
DM		 751libpve-access-control (1.0-2) unstable; urgency=low
752
753 * fix bug in fork_worker
754
755 -- Proxmox Support Team <support@proxmox.com> Tue, 11 Oct 2011 08:37:05 +0200
756
2c3a6c0a
DM		 757libpve-access-control (1.0-1) unstable; urgency=low
758
759 * allow '-' in permission paths
760
761 * bump version to 1.0
762
763 -- Proxmox Support Team <support@proxmox.com> Mon, 27 Jun 2011 13:51:48 +0200
764
765libpve-access-control (0.1) unstable; urgency=low
766
767 * first dummy package - no functionality
768
769 -- Proxmox Support Team <support@proxmox.com> Thu, 09 Jul 2009 16:03:00 +0200
770
Access control framework