debian/changelog

   1 libpve-access-control (7.0-6) bullseye; urgency=medium
   2
   3   * fix regression in user deletion when realm does not enforce TFA
   4
   5  -- Proxmox Support Team <support@proxmox.com>  Thu, 21 Oct 2021 12:28:52 +0200
   6
   7 libpve-access-control (7.0-5) bullseye; urgency=medium
   8
   9   * acl: check path: add /sdn/vnets/* path
  10
  11   * fix #2302: allow deletion of users when realm enforces TFA
  12
  13   * api: delete user: disable user first to avoid surprise on error during the
  14     various cleanup action required for user deletion (e.g., TFA, ACL, group)
  15
  16  -- Proxmox Support Team <support@proxmox.com>  Mon, 27 Sep 2021 15:50:47 +0200
  17
  18 libpve-access-control (7.0-4) bullseye; urgency=medium
  19
  20   * realm: add OpenID configuration
  21
  22   * api: implement OpenID related endpoints
  23
  24   * implement opt-in OpenID autocreate user feature
  25
  26   * api: user: add 'realm-type' to user list response
  27
  28  -- Proxmox Support Team <support@proxmox.com>  Fri, 02 Jul 2021 13:45:46 +0200
  29
  30 libpve-access-control (7.0-3) bullseye; urgency=medium
  31
  32   * api: acl: add missing `/access/realm/<realm>`, `/access/group/<group>` and
  33     `/sdn/zones/<zone>` to allowed ACL paths
  34
  35  -- Proxmox Support Team <support@proxmox.com>  Mon, 21 Jun 2021 10:31:19 +0200
  36
  37 libpve-access-control (7.0-2) bullseye; urgency=medium
  38
  39   * fix #3402: add Pool.Audit privilege - custom roles containing
  40     Pool.Allocate must be updated to include the new privilege.
  41
  42  -- Proxmox Support Team <support@proxmox.com>  Tue, 1 Jun 2021 11:28:38 +0200
  43
  44 libpve-access-control (7.0-1) bullseye; urgency=medium
  45
  46   * re-build for Debian 11 Bullseye based releases
  47
  48  -- Proxmox Support Team <support@proxmox.com>  Sun, 09 May 2021 18:18:23 +0200
  49
  50 libpve-access-control (6.4-1) pve; urgency=medium
  51
  52   * fix #1670: change PAM service name to project specific name
  53
  54   * fix #1500: permission path syntax check for access control
  55
  56   * pveum: add resource pool CLI commands
  57
  58  -- Proxmox Support Team <support@proxmox.com>  Sat, 24 Apr 2021 19:48:21 +0200
  59
  60 libpve-access-control (6.1-3) pve; urgency=medium
  61
  62   * partially fix #2825: authkey: rotate if it was generated in the
  63     future
  64
  65   * fix #2947: add an option to LDAP or AD realm to switch user lookup to case
  66     insensitive
  67
  68  -- Proxmox Support Team <support@proxmox.com>  Tue, 29 Sep 2020 08:54:13 +0200
  69
  70 libpve-access-control (6.1-2) pve; urgency=medium
  71
  72   * also check SDN permission path when computing coarse permissions heuristic
  73     for UIs
  74
  75   * add SDN Permissions.Modify
  76
  77   * add VM.Config.Cloudinit
  78
  79  -- Proxmox Support Team <support@proxmox.com>  Tue, 30 Jun 2020 13:06:56 +0200
  80
  81 libpve-access-control (6.1-1) pve; urgency=medium
  82
  83   * pveum: add tfa delete subcommand for deleting user-TFA
  84
  85   * LDAP: don't complain about missing credentials on realm removal
  86
  87   * LDAP: skip anonymous bind when client certificate and key is configured
  88
  89  -- Proxmox Support Team <support@proxmox.com>  Fri, 08 May 2020 17:47:41 +0200
  90
  91 libpve-access-control (6.0-7) pve; urgency=medium
  92
  93   * fix #2575: die when trying to edit built-in roles
  94
  95   * add realm sub commands to pveum CLI tool
  96
  97   * api: domains: add user group sync API enpoint
  98
  99   * allow one to sync and import users and groups from LDAP/AD based realms
 100
 101   * realm: add default-sync-options to config for more convenient sync configuration
 102
 103   * api: token create: return also full token id for convenience
 104
 105  -- Proxmox Support Team <support@proxmox.com>  Sat, 25 Apr 2020 19:35:17 +0200
 106
 107 libpve-access-control (6.0-6) pve; urgency=medium
 108
 109   * API: add group members to group index
 110
 111   * implement API token support and management
 112
 113   * pveum: add 'pveum user token add/update/remove/list'
 114
 115   * pveum: add permissions sub-commands
 116
 117   * API: add 'permissions' API endpoint
 118
 119   * user.cfg: skip inexisting roles when parsing ACLs
 120
 121  -- Proxmox Support Team <support@proxmox.com>  Wed, 29 Jan 2020 10:17:27 +0100
 122
 123 libpve-access-control (6.0-5) pve; urgency=medium
 124
 125   * pveum: add list command for users, groups, ACLs and roles
 126
 127   * add initial permissions for experimental SDN integration
 128
 129  -- Proxmox Support Team <support@proxmox.com>  Tue, 26 Nov 2019 17:56:37 +0100
 130
 131 libpve-access-control (6.0-4) pve; urgency=medium
 132
 133   * ticket: use clinfo to get cluster name
 134
 135   * ldaps: add sslversion configuration property to support TLS 1.1 to 1.3 as
 136     SSL version
 137
 138  -- Proxmox Support Team <support@proxmox.com>  Mon, 18 Nov 2019 11:55:11 +0100
 139
 140 libpve-access-control (6.0-3) pve; urgency=medium
 141
 142   * fix #2433: increase possible TFA secret length
 143
 144   * parse user configuration: correctly parse group names in ACLs, for users
 145     which begin their name with an @
 146
 147   * sort user.cfg entries alphabetically
 148
 149  -- Proxmox Support Team <support@proxmox.com>  Tue, 29 Oct 2019 08:52:23 +0100
 150
 151 libpve-access-control (6.0-2) pve; urgency=medium
 152
 153   * improve CSRF verification compatibility with newer PVE
 154
 155  -- Proxmox Support Team <support@proxmox.com>  Wed, 26 Jun 2019 20:24:35 +0200
 156
 157 libpve-access-control (6.0-1) pve; urgency=medium
 158
 159   * ticket: properly verify exactly 5 minute old tickets
 160
 161   * use hmac_sha256 instead of sha1 for CSRF token generation
 162
 163  -- Proxmox Support Team <support@proxmox.com>  Mon, 24 Jun 2019 18:14:45 +0200
 164
 165 libpve-access-control (6.0-0+1) pve; urgency=medium
 166
 167   * bump for Debian buster
 168
 169   * fix #2079: add periodic auth key rotation
 170
 171  -- Proxmox Support Team <support@proxmox.com>  Tue, 21 May 2019 21:31:15 +0200
 172
 173 libpve-access-control (5.1-10) unstable; urgency=medium
 174
 175   * add /access/user/{id}/tfa api call to get tfa types
 176
 177  -- Proxmox Support Team <support@proxmox.com>  Wed, 15 May 2019 16:21:10 +0200
 178
 179 libpve-access-control (5.1-9) unstable; urgency=medium
 180
 181   * store the tfa type in user.cfg allowing to get it without proxying the call
 182     to a higher priviledged daemon.
 183
 184   * tfa: realm required TFA should lock out users without TFA configured, as it
 185     was done before Proxmox VE 5.4
 186
 187  -- Proxmox Support Team <support@proxmox.com>  Tue, 30 Apr 2019 14:01:00 +0000
 188
 189 libpve-access-control (5.1-8) unstable; urgency=medium
 190
 191   * U2F: ensure we save correct public key on registration
 192
 193  -- Proxmox Support Team <support@proxmox.com>  Tue, 09 Apr 2019 12:47:12 +0200
 194
 195 libpve-access-control (5.1-7) unstable; urgency=medium
 196
 197   * verify_ticket: allow general non-challenge tfa to be run as two step
 198     call
 199
 200  -- Proxmox Support Team <support@proxmox.com>  Mon, 08 Apr 2019 16:56:14 +0200
 201
 202 libpve-access-control (5.1-6) unstable; urgency=medium
 203
 204   * more general 2FA configuration via priv/tfa.cfg
 205
 206   * add u2f api endpoints
 207
 208   * delete TFA entries when deleting a user
 209
 210   * allow users to change their TOTP settings
 211
 212  -- Proxmox Support Team <support@proxmox.com>  Wed, 03 Apr 2019 13:40:26 +0200
 213
 214 libpve-access-control (5.1-5) unstable; urgency=medium
 215
 216   * fix vnc ticket verification without authkey lifetime
 217
 218  -- Proxmox Support Team <support@proxmox.com>  Mon, 18 Mar 2019 10:43:17 +0100
 219
 220 libpve-access-control (5.1-4) unstable; urgency=medium
 221
 222   * fix #1891: Add zsh command completion for pveum
 223
 224   * ground work to fix #2079: add periodic auth key rotation. Not yet enabled
 225     to avoid issues on upgrade, will be enabled with 6.0
 226
 227  -- Proxmox Support Team <support@proxmox.com>  Mon, 18 Mar 2019 09:12:05 +0100
 228
 229 libpve-access-control (5.1-3) unstable; urgency=medium
 230
 231   * api/ticket: move getting cluster name into an eval
 232
 233  -- Proxmox Support Team <support@proxmox.com>  Thu, 29 Nov 2018 12:59:36 +0100
 234
 235 libpve-access-control (5.1-2) unstable; urgency=medium
 236
 237   * fix #1998: correct return properties for read_role
 238
 239  -- Proxmox Support Team <support@proxmox.com>  Fri, 23 Nov 2018 14:22:40 +0100
 240
 241 libpve-access-control (5.1-1) unstable; urgency=medium
 242
 243   * pveum: introduce sub-commands
 244
 245   * register userid with completion
 246
 247   * fix #233: return cluster name on successful login
 248
 249  -- Proxmox Support Team <support@proxmox.com>  Thu, 15 Nov 2018 09:34:47 +0100
 250
 251 libpve-access-control (5.0-8) unstable; urgency=medium
 252
 253   * fix #1612: ldap: make 2nd server work with bind domains again
 254
 255   * fix an error message where passing a bad pool id to an API function would
 256     make it complain about a wrong group name instead
 257
 258   * fix the API-returned permission list so that the GUI knows to show the
 259     'Permissions' tab for a storage to an administrator apart from root@pam
 260
 261  -- Proxmox Support Team <support@proxmox.com>  Thu, 18 Jan 2018 13:34:50 +0100
 262
 263 libpve-access-control (5.0-7) unstable; urgency=medium
 264
 265   * VM.Snapshot.Rollback privilege added
 266
 267   * api: check for special roles before locking the usercfg
 268
 269   * fix #1501: pveum: die when deleting special role
 270
 271   * API/ticket: rework coarse grained permission computation
 272
 273  -- Proxmox Support Team <support@proxmox.com>  Thu, 5 Oct 2017 11:27:48 +0200
 274
 275 libpve-access-control (5.0-6) unstable; urgency=medium
 276
 277   * Close #1470: Add server ceritifcate verification for AD and LDAP via the
 278     'verify' option. For compatibility reasons this defaults to off for now,
 279     but that might change with future updates.
 280
 281   * AD, LDAP: Add ability to specify a CA path or file, and a client
 282     certificate via the 'capath', 'cert' and 'certkey' options.
 283
 284  -- Proxmox Support Team <support@proxmox.com>  Tue, 08 Aug 2017 11:56:38 +0200
 285
 286 libpve-access-control (5.0-5) unstable; urgency=medium
 287
 288   * change from dpkg-deb to dpkg-buildpackage
 289
 290  -- Proxmox Support Team <support@proxmox.com>  Thu, 22 Jun 2017 09:12:37 +0200
 291
 292 libpve-access-control (5.0-4) unstable; urgency=medium
 293
 294   * PVE/CLI/pveum.pm: call setup_default_cli_env()
 295
 296   * PVE/Auth/PVE.pm: encode uft8 password before calling crypt
 297
 298   * check_api2_permissions: avoid warning about uninitialized value
 299
 300  -- Proxmox Support Team <support@proxmox.com>  Tue, 02 May 2017 11:58:15 +0200
 301
 302 libpve-access-control (5.0-3) unstable; urgency=medium
 303
 304   * use new PVE::OTP class from pve-common
 305
 306   * use new PVE::Tools::encrypt_pw from pve-common
 307
 308  -- Proxmox Support Team <support@proxmox.com>  Thu, 30 Mar 2017 17:45:55 +0200
 309
 310 libpve-access-control (5.0-2) unstable; urgency=medium
 311
 312   * encrypt_pw: avoid '+' for crypt salt
 313
 314  -- Proxmox Support Team <support@proxmox.com>  Thu, 30 Mar 2017 08:54:10 +0200
 315
 316 libpve-access-control (5.0-1) unstable; urgency=medium
 317
 318   * rebuild for PVE 5.0
 319
 320  -- Proxmox Support Team <support@proxmox.com>  Mon, 6 Mar 2017 13:42:01 +0100
 321
 322 libpve-access-control (4.0-23) unstable; urgency=medium
 323
 324   * use new PVE::Ticket class
 325
 326  -- Proxmox Support Team <support@proxmox.com>  Thu, 19 Jan 2017 13:42:06 +0100
 327
 328 libpve-access-control (4.0-22) unstable; urgency=medium
 329
 330   * RPCEnvironment: removed check_volume_access() to avoid cyclic dependency
 331     (moved to PVE::Storage)
 332
 333   * PVE::PCEnvironment: use new PVE::RESTEnvironment as base class
 334
 335  -- Proxmox Support Team <support@proxmox.com>  Thu, 19 Jan 2017 09:12:04 +0100
 336
 337 libpve-access-control (4.0-21) unstable; urgency=medium
 338
 339   * setup_default_cli_env: expect $class as first parameter
 340
 341  -- Proxmox Support Team <support@proxmox.com>  Thu, 12 Jan 2017 13:54:27 +0100
 342
 343 libpve-access-control (4.0-20) unstable; urgency=medium
 344
 345   * PVE/RPCEnvironment.pm: new function setup_default_cli_env
 346
 347   * PVE/API2/Domains.pm: fix property description
 348
 349   * use new repoman for upload target
 350
 351  -- Proxmox Support Team <support@proxmox.com>  Wed, 11 Jan 2017 12:13:26 +0100
 352
 353 libpve-access-control (4.0-19) unstable; urgency=medium
 354
 355   * Close #833: ldap: non-anonymous bind support
 356
 357   * don't import 'RFC' from MIME::Base32
 358
 359  -- Proxmox Support Team <support@proxmox.com>  Fri, 05 Aug 2016 13:09:08 +0200
 360
 361 libpve-access-control (4.0-18) unstable; urgency=medium
 362
 363   * fix #1062: recognize base32 otp keys again
 364
 365  -- Proxmox Support Team <support@proxmox.com>  Thu, 21 Jul 2016 08:43:18 +0200
 366
 367 libpve-access-control (4.0-17) unstable; urgency=medium
 368
 369   * drop oathtool and libdigest-hmac-perl dependencies
 370
 371  -- Proxmox Support Team <support@proxmox.com>  Mon, 11 Jul 2016 12:03:22 +0200
 372
 373 libpve-access-control (4.0-16) unstable; urgency=medium
 374
 375   * use pve-doc-generator to generate man pages
 376
 377  -- Proxmox Support Team <support@proxmox.com>  Fri, 08 Apr 2016 07:06:05 +0200
 378
 379 libpve-access-control (4.0-15) unstable; urgency=medium
 380
 381   * Fix uninitialized warning when shadow.cfg does not exist
 382
 383  -- Proxmox Support Team <support@proxmox.com>  Fri, 01 Apr 2016 07:10:57 +0200
 384
 385 libpve-access-control (4.0-14) unstable; urgency=medium
 386
 387   * Add is_worker to RPCEnvironment
 388
 389  -- Proxmox Support Team <support@proxmox.com>  Tue, 15 Mar 2016 16:47:34 +0100
 390
 391 libpve-access-control (4.0-13) unstable; urgency=medium
 392
 393   * fix #916: allow HTTPS to access custom yubico url
 394
 395  -- Proxmox Support Team <support@proxmox.com>  Mon, 14 Mar 2016 11:39:23 +0100
 396
 397 libpve-access-control (4.0-12) unstable; urgency=medium
 398
 399   * Catch certificate errors instead of segfaulting
 400
 401  -- Proxmox Support Team <support@proxmox.com>  Wed, 09 Mar 2016 14:41:01 +0100
 402
 403 libpve-access-control (4.0-11) unstable; urgency=medium
 404
 405   * Fix #861: use safer sprintf formatting
 406
 407  -- Proxmox Support Team <support@proxmox.com>  Fri, 08 Jan 2016 12:52:39 +0100
 408
 409 libpve-access-control (4.0-10) unstable; urgency=medium
 410
 411   *  Auth::LDAP, Auth::AD: ipv6 support
 412
 413  -- Proxmox Support Team <support@proxmox.com>  Thu, 03 Dec 2015 12:09:32 +0100
 414
 415 libpve-access-control (4.0-9) unstable; urgency=medium
 416
 417   * pveum: implement bash completion
 418
 419  -- Proxmox Support Team <support@proxmox.com>  Thu, 01 Oct 2015 17:22:52 +0200
 420
 421 libpve-access-control (4.0-8) unstable; urgency=medium
 422
 423   * remove_storage_access: cleanup of access permissions for removed storage
 424
 425  -- Proxmox Support Team <support@proxmox.com>  Wed, 19 Aug 2015 15:39:15 +0200
 426
 427 libpve-access-control (4.0-7) unstable; urgency=medium
 428
 429   * new helper to remove access permissions for removed VMs
 430
 431  -- Proxmox Support Team <support@proxmox.com>  Fri, 14 Aug 2015 07:57:02 +0200
 432
 433 libpve-access-control (4.0-6) unstable; urgency=medium
 434
 435   * improve parse_user_config, parse_shadow_config
 436
 437  -- Proxmox Support Team <support@proxmox.com>  Mon, 27 Jul 2015 13:14:33 +0200
 438
 439 libpve-access-control (4.0-5) unstable; urgency=medium
 440
 441   * pveum: check for $cmd being defined
 442
 443  -- Proxmox Support Team <support@proxmox.com>  Wed, 10 Jun 2015 10:40:15 +0200
 444
 445 libpve-access-control (4.0-4) unstable; urgency=medium
 446
 447   * use activate-noawait triggers
 448
 449  -- Proxmox Support Team <support@proxmox.com>  Mon, 01 Jun 2015 12:25:31 +0200
 450
 451 libpve-access-control (4.0-3) unstable; urgency=medium
 452
 453   * IPv6 fixes
 454
 455   * non-root buildfix
 456
 457  -- Proxmox Support Team <support@proxmox.com>  Wed, 27 May 2015 11:15:44 +0200
 458
 459 libpve-access-control (4.0-2) unstable; urgency=medium
 460
 461   * trigger pve-api-updates event
 462
 463  -- Proxmox Support Team <support@proxmox.com>  Tue, 05 May 2015 15:06:38 +0200
 464
 465 libpve-access-control (4.0-1) unstable; urgency=medium
 466
 467   * bump version for Debian Jessie
 468
 469  -- Proxmox Support Team <support@proxmox.com>  Thu, 26 Feb 2015 11:22:01 +0100
 470
 471 libpve-access-control (3.0-16) unstable; urgency=low
 472
 473   * root@pam can now be disabled in GUI.
 474
 475  -- Proxmox Support Team <support@proxmox.com>  Fri, 30 Jan 2015 06:20:22 +0100
 476
 477 libpve-access-control (3.0-15) unstable; urgency=low
 478
 479   * oath: add 'step' and 'digits' option
 480
 481  -- Proxmox Support Team <support@proxmox.com>  Wed, 23 Jul 2014 06:59:52 +0200
 482
 483 libpve-access-control (3.0-14) unstable; urgency=low
 484
 485   * add oath two factor auth
 486
 487   * add oathkeygen binary to generate keys for oath
 488
 489   * add yubico two factor auth
 490
 491   * dedend on oathtool
 492
 493   * depend on libmime-base32-perl
 494
 495   * allow to write builtin auth domains config (comment/tfa/default)
 496
 497  -- Proxmox Support Team <support@proxmox.com>  Thu, 17 Jul 2014 13:09:56 +0200
 498
 499 libpve-access-control (3.0-13) unstable; urgency=low
 500
 501   * use correct connection string for AD auth
 502
 503  -- Proxmox Support Team <support@proxmox.com>  Thu, 22 May 2014 07:16:09 +0200
 504
 505 libpve-access-control (3.0-12) unstable; urgency=low
 506
 507   * add dummy API for GET /access/ticket (useful to generate login pages)
 508
 509  -- Proxmox Support Team <support@proxmox.com>  Wed, 30 Apr 2014 14:47:56 +0200
 510
 511 libpve-access-control (3.0-11) unstable; urgency=low
 512
 513   * Sets common hot keys for spice client
 514
 515  -- Proxmox Support Team <support@proxmox.com>  Fri, 31 Jan 2014 10:24:28 +0100
 516
 517 libpve-access-control (3.0-10) unstable; urgency=low
 518
 519   * implement helper to generate SPICE remote-viewer configuration
 520
 521   * depend on libnet-ssleay-perl
 522
 523  -- Proxmox Support Team <support@proxmox.com>  Tue, 10 Dec 2013 10:45:08 +0100
 524
 525 libpve-access-control (3.0-9) unstable; urgency=low
 526
 527   * prevent user enumeration attacks
 528
 529   * allow dots in access paths
 530
 531  -- Proxmox Support Team <support@proxmox.com>  Mon, 18 Nov 2013 09:06:38 +0100
 532
 533 libpve-access-control (3.0-8) unstable; urgency=low
 534
 535   * spice: use lowercase hostname in ticktet signature
 536
 537  -- Proxmox Support Team <support@proxmox.com>  Mon, 28 Oct 2013 08:11:57 +0100
 538
 539 libpve-access-control (3.0-7) unstable; urgency=low
 540
 541   * check_volume_access : use parse_volname instead of path, and remove
 542     path related code.
 543
 544   * use warnings instead of global -w flag.
 545
 546  -- Proxmox Support Team <support@proxmox.com>  Tue, 01 Oct 2013 12:35:53 +0200
 547
 548 libpve-access-control (3.0-6) unstable; urgency=low
 549
 550   * use shorter spiceproxy tickets
 551
 552  -- Proxmox Support Team <support@proxmox.com>  Fri, 19 Jul 2013 12:39:09 +0200
 553
 554 libpve-access-control (3.0-5) unstable; urgency=low
 555
 556   * add code to generate tickets for SPICE
 557
 558  -- Proxmox Support Team <support@proxmox.com>  Wed, 26 Jun 2013 13:08:32 +0200
 559
 560 libpve-access-control (3.0-4) unstable; urgency=low
 561
 562   * moved add_vm_to_pool/remove_vm_from_pool from qemu-server
 563
 564  -- Proxmox Support Team <support@proxmox.com>  Tue, 14 May 2013 11:56:54 +0200
 565
 566 libpve-access-control (3.0-3) unstable; urgency=low
 567
 568   * Add new role PVETemplateUser (and VM.Clone priviledge)
 569
 570  -- Proxmox Support Team <support@proxmox.com>  Mon, 29 Apr 2013 11:42:15 +0200
 571
 572 libpve-access-control (3.0-2) unstable; urgency=low
 573
 574   * remove CGI.pm related code (pveproxy does not need that)
 575
 576  -- Proxmox Support Team <support@proxmox.com>  Mon, 15 Apr 2013 12:34:23 +0200
 577
 578 libpve-access-control (3.0-1) unstable; urgency=low
 579
 580   * bump version for wheezy release
 581
 582  -- Proxmox Support Team <support@proxmox.com>  Fri, 15 Mar 2013 08:07:06 +0100
 583
 584 libpve-access-control (1.0-26) unstable; urgency=low
 585
 586   * check_volume_access: fix access permissions for backup files
 587
 588  -- Proxmox Support Team <support@proxmox.com>  Thu, 28 Feb 2013 10:00:14 +0100
 589
 590 libpve-access-control (1.0-25) unstable; urgency=low
 591
 592   * add VM.Snapshot permission
 593
 594  -- Proxmox Support Team <support@proxmox.com>  Mon, 10 Sep 2012 09:23:32 +0200
 595
 596 libpve-access-control (1.0-24) unstable; urgency=low
 597
 598   * untaint path (allow root to restore arbitrary paths)
 599
 600  -- Proxmox Support Team <support@proxmox.com>  Wed, 06 Jun 2012 13:06:34 +0200
 601
 602 libpve-access-control (1.0-23) unstable; urgency=low
 603
 604   * correctly compute GUI capabilities (consider pools)
 605
 606  -- Proxmox Support Team <support@proxmox.com>  Wed, 30 May 2012 08:47:23 +0200
 607
 608 libpve-access-control (1.0-22) unstable; urgency=low
 609
 610   * new plugin architecture for Auth modules, minor API change for Auth
 611     domains (new 'delete' parameter)
 612
 613  -- Proxmox Support Team <support@proxmox.com>  Wed, 16 May 2012 07:21:44 +0200
 614
 615 libpve-access-control (1.0-21) unstable; urgency=low
 616
 617   * do not allow user names including slash
 618
 619  -- Proxmox Support Team <support@proxmox.com>  Tue, 24 Apr 2012 10:07:47 +0200
 620
 621 libpve-access-control (1.0-20) unstable; urgency=low
 622
 623   * add ability to fork cli workers in background
 624
 625  -- Proxmox Support Team <support@proxmox.com>  Wed, 18 Apr 2012 08:28:20 +0200
 626
 627 libpve-access-control (1.0-19) unstable; urgency=low
 628
 629   * return set of privileges on login - can be used to adopt GUI
 630
 631  -- Proxmox Support Team <support@proxmox.com>  Tue, 17 Apr 2012 10:25:10 +0200
 632
 633 libpve-access-control (1.0-18) unstable; urgency=low
 634
 635   * fix bug #151: corretly parse username inside ticket
 636
 637   * fix bug #152: allow user to change his own password
 638
 639  -- Proxmox Support Team <support@proxmox.com>  Wed, 11 Apr 2012 09:40:15 +0200
 640
 641 libpve-access-control (1.0-17) unstable; urgency=low
 642
 643   * set propagate flag by default
 644
 645  -- Proxmox Support Team <support@proxmox.com>  Thu, 01 Mar 2012 12:40:19 +0100
 646
 647 libpve-access-control (1.0-16) unstable; urgency=low
 648
 649   * add 'pveum passwd' method
 650
 651  -- Proxmox Support Team <support@proxmox.com>  Thu, 23 Feb 2012 12:05:25 +0100
 652
 653 libpve-access-control (1.0-15) unstable; urgency=low
 654
 655   * Add VM.Config.CDROM privilege to PVEVMUser rule
 656
 657  -- Proxmox Support Team <support@proxmox.com>  Wed, 22 Feb 2012 11:44:23 +0100
 658
 659 libpve-access-control (1.0-14) unstable; urgency=low
 660
 661   * fix buf in userid-param permission check
 662
 663  -- Proxmox Support Team <support@proxmox.com>  Wed, 22 Feb 2012 10:52:35 +0100
 664
 665 libpve-access-control (1.0-13) unstable; urgency=low
 666
 667   * allow more characters in ldap base_dn attribute
 668
 669  -- Proxmox Support Team <support@proxmox.com>  Wed, 22 Feb 2012 06:17:02 +0100
 670
 671 libpve-access-control (1.0-12) unstable; urgency=low
 672
 673   * allow more characters with realm IDs
 674
 675  -- Proxmox Support Team <support@proxmox.com>  Mon, 20 Feb 2012 08:50:33 +0100
 676
 677 libpve-access-control (1.0-11) unstable; urgency=low
 678
 679   * fix bug in exec_api2_perm_check
 680
 681  -- Proxmox Support Team <support@proxmox.com>  Wed, 15 Feb 2012 07:06:30 +0100
 682
 683 libpve-access-control (1.0-10) unstable; urgency=low
 684
 685   * fix ACL group name parser
 686
 687   * changed 'pveum aclmod' command line arguments
 688
 689  -- Proxmox Support Team <support@proxmox.com>  Tue, 14 Feb 2012 12:08:02 +0100
 690
 691 libpve-access-control (1.0-9) unstable; urgency=low
 692
 693   * fix bug in check_volume_access (fixes vzrestore)
 694
 695  -- Proxmox Support Team <support@proxmox.com>  Mon, 13 Feb 2012 09:56:37 +0100
 696
 697 libpve-access-control (1.0-8) unstable; urgency=low
 698
 699   * fix return value for empty ACL list.
 700
 701  -- Proxmox Support Team <support@proxmox.com>  Fri, 10 Feb 2012 11:25:04 +0100
 702
 703 libpve-access-control (1.0-7) unstable; urgency=low
 704
 705   * fix bug #85: allow root@pam to generate tickets for other users
 706
 707  -- Proxmox Support Team <support@proxmox.com>  Tue, 17 Jan 2012 06:40:18 +0100
 708
 709 libpve-access-control (1.0-6) unstable; urgency=low
 710
 711   * API change: allow to filter enabled/disabled users.
 712
 713  -- Proxmox Support Team <support@proxmox.com>  Wed, 11 Jan 2012 12:30:37 +0100
 714
 715 libpve-access-control (1.0-5) unstable; urgency=low
 716
 717   * add a way to return file changes (diffs): set_result_changes()
 718
 719  -- Proxmox Support Team <support@proxmox.com>  Tue, 20 Dec 2011 11:18:48 +0100
 720
 721 libpve-access-control (1.0-4) unstable; urgency=low
 722
 723   * new environment type for ha agents
 724
 725  -- Proxmox Support Team <support@proxmox.com>  Tue, 13 Dec 2011 10:08:53 +0100
 726
 727 libpve-access-control (1.0-3) unstable; urgency=low
 728
 729   * add support for delayed parameter parsing - We need that to disable
 730     file upload for normal API request (avoid DOS attacs)
 731
 732  -- Proxmox Support Team <support@proxmox.com>  Fri, 02 Dec 2011 09:56:10 +0100
 733
 734 libpve-access-control (1.0-2) unstable; urgency=low
 735
 736   * fix bug in fork_worker
 737
 738  -- Proxmox Support Team <support@proxmox.com>  Tue, 11 Oct 2011 08:37:05 +0200
 739
 740 libpve-access-control (1.0-1) unstable; urgency=low
 741
 742   * allow '-' in permission paths
 743
 744   * bump version to 1.0
 745
 746  -- Proxmox Support Team <support@proxmox.com>  Mon, 27 Jun 2011 13:51:48 +0200
 747
 748 libpve-access-control (0.1) unstable; urgency=low
 749
 750   * first dummy package - no functionality
 751
 752  -- Proxmox Support Team <support@proxmox.com>  Thu, 09 Jul 2009 16:03:00 +0200
 753