1 libpve-access-control (5.0-8) unstable; urgency=medium
3 * fix #1612: ldap: make 2nd server work with bind domains again
5 * fix an error message where passing a bad pool id to an API function would
6 make it complain about a wrong group name instead
8 * fix the API-returned permission list so that the GUI knows to show the
9 'Permissions' tab for a storage to an administrator apart from root@pam
11 -- Proxmox Support Team <support@proxmox.com> Thu, 18 Jan 2018 13:34:50 +0100
13 libpve-access-control (5.0-7) unstable; urgency=medium
15 * VM.Snapshot.Rollback privilege added
17 * api: check for special roles before locking the usercfg
19 * fix #1501: pveum: die when deleting special role
21 * API/ticket: rework coarse grained permission computation
23 -- Proxmox Support Team <support@proxmox.com> Thu, 5 Oct 2017 11:27:48 +0200
25 libpve-access-control (5.0-6) unstable; urgency=medium
27 * Close #1470: Add server ceritifcate verification for AD and LDAP via the
28 'verify' option. For compatibility reasons this defaults to off for now,
29 but that might change with future updates.
31 * AD, LDAP: Add ability to specify a CA path or file, and a client
32 certificate via the 'capath', 'cert' and 'certkey' options.
34 -- Proxmox Support Team <support@proxmox.com> Tue, 08 Aug 2017 11:56:38 +0200
36 libpve-access-control (5.0-5) unstable; urgency=medium
38 * change from dpkg-deb to dpkg-buildpackage
40 -- Proxmox Support Team <support@proxmox.com> Thu, 22 Jun 2017 09:12:37 +0200
42 libpve-access-control (5.0-4) unstable; urgency=medium
44 * PVE/CLI/pveum.pm: call setup_default_cli_env()
46 * PVE/Auth/PVE.pm: encode uft8 password before calling crypt
48 * check_api2_permissions: avoid warning about uninitialized value
50 -- Proxmox Support Team <support@proxmox.com> Tue, 02 May 2017 11:58:15 +0200
52 libpve-access-control (5.0-3) unstable; urgency=medium
54 * use new PVE::OTP class from pve-common
56 * use new PVE::Tools::encrypt_pw from pve-common
58 -- Proxmox Support Team <support@proxmox.com> Thu, 30 Mar 2017 17:45:55 +0200
60 libpve-access-control (5.0-2) unstable; urgency=medium
62 * encrypt_pw: avoid '+' for crypt salt
64 -- Proxmox Support Team <support@proxmox.com> Thu, 30 Mar 2017 08:54:10 +0200
66 libpve-access-control (5.0-1) unstable; urgency=medium
70 -- Proxmox Support Team <support@proxmox.com> Mon, 6 Mar 2017 13:42:01 +0100
72 libpve-access-control (4.0-23) unstable; urgency=medium
74 * use new PVE::Ticket class
76 -- Proxmox Support Team <support@proxmox.com> Thu, 19 Jan 2017 13:42:06 +0100
78 libpve-access-control (4.0-22) unstable; urgency=medium
80 * RPCEnvironment: removed check_volume_access() to avoid cyclic dependency
81 (moved to PVE::Storage)
83 * PVE::PCEnvironment: use new PVE::RESTEnvironment as base class
85 -- Proxmox Support Team <support@proxmox.com> Thu, 19 Jan 2017 09:12:04 +0100
87 libpve-access-control (4.0-21) unstable; urgency=medium
89 * setup_default_cli_env: expect $class as first parameter
91 -- Proxmox Support Team <support@proxmox.com> Thu, 12 Jan 2017 13:54:27 +0100
93 libpve-access-control (4.0-20) unstable; urgency=medium
95 * PVE/RPCEnvironment.pm: new function setup_default_cli_env
97 * PVE/API2/Domains.pm: fix property description
99 * use new repoman for upload target
101 -- Proxmox Support Team <support@proxmox.com> Wed, 11 Jan 2017 12:13:26 +0100
103 libpve-access-control (4.0-19) unstable; urgency=medium
105 * Close #833: ldap: non-anonymous bind support
107 * don't import 'RFC' from MIME::Base32
109 -- Proxmox Support Team <support@proxmox.com> Fri, 05 Aug 2016 13:09:08 +0200
111 libpve-access-control (4.0-18) unstable; urgency=medium
113 * fix #1062: recognize base32 otp keys again
115 -- Proxmox Support Team <support@proxmox.com> Thu, 21 Jul 2016 08:43:18 +0200
117 libpve-access-control (4.0-17) unstable; urgency=medium
119 * drop oathtool and libdigest-hmac-perl dependencies
121 -- Proxmox Support Team <support@proxmox.com> Mon, 11 Jul 2016 12:03:22 +0200
123 libpve-access-control (4.0-16) unstable; urgency=medium
125 * use pve-doc-generator to generate man pages
127 -- Proxmox Support Team <support@proxmox.com> Fri, 08 Apr 2016 07:06:05 +0200
129 libpve-access-control (4.0-15) unstable; urgency=medium
131 * Fix uninitialized warning when shadow.cfg does not exist
133 -- Proxmox Support Team <support@proxmox.com> Fri, 01 Apr 2016 07:10:57 +0200
135 libpve-access-control (4.0-14) unstable; urgency=medium
137 * Add is_worker to RPCEnvironment
139 -- Proxmox Support Team <support@proxmox.com> Tue, 15 Mar 2016 16:47:34 +0100
141 libpve-access-control (4.0-13) unstable; urgency=medium
143 * fix #916: allow HTTPS to access custom yubico url
145 -- Proxmox Support Team <support@proxmox.com> Mon, 14 Mar 2016 11:39:23 +0100
147 libpve-access-control (4.0-12) unstable; urgency=medium
149 * Catch certificate errors instead of segfaulting
151 -- Proxmox Support Team <support@proxmox.com> Wed, 09 Mar 2016 14:41:01 +0100
153 libpve-access-control (4.0-11) unstable; urgency=medium
155 * Fix #861: use safer sprintf formatting
157 -- Proxmox Support Team <support@proxmox.com> Fri, 08 Jan 2016 12:52:39 +0100
159 libpve-access-control (4.0-10) unstable; urgency=medium
161 * Auth::LDAP, Auth::AD: ipv6 support
163 -- Proxmox Support Team <support@proxmox.com> Thu, 03 Dec 2015 12:09:32 +0100
165 libpve-access-control (4.0-9) unstable; urgency=medium
167 * pveum: implement bash completion
169 -- Proxmox Support Team <support@proxmox.com> Thu, 01 Oct 2015 17:22:52 +0200
171 libpve-access-control (4.0-8) unstable; urgency=medium
173 * remove_storage_access: cleanup of access permissions for removed storage
175 -- Proxmox Support Team <support@proxmox.com> Wed, 19 Aug 2015 15:39:15 +0200
177 libpve-access-control (4.0-7) unstable; urgency=medium
179 * new helper to remove access permissions for removed VMs
181 -- Proxmox Support Team <support@proxmox.com> Fri, 14 Aug 2015 07:57:02 +0200
183 libpve-access-control (4.0-6) unstable; urgency=medium
185 * improve parse_user_config, parse_shadow_config
187 -- Proxmox Support Team <support@proxmox.com> Mon, 27 Jul 2015 13:14:33 +0200
189 libpve-access-control (4.0-5) unstable; urgency=medium
191 * pveum: check for $cmd being defined
193 -- Proxmox Support Team <support@proxmox.com> Wed, 10 Jun 2015 10:40:15 +0200
195 libpve-access-control (4.0-4) unstable; urgency=medium
197 * use activate-noawait triggers
199 -- Proxmox Support Team <support@proxmox.com> Mon, 01 Jun 2015 12:25:31 +0200
201 libpve-access-control (4.0-3) unstable; urgency=medium
207 -- Proxmox Support Team <support@proxmox.com> Wed, 27 May 2015 11:15:44 +0200
209 libpve-access-control (4.0-2) unstable; urgency=medium
211 * trigger pve-api-updates event
213 -- Proxmox Support Team <support@proxmox.com> Tue, 05 May 2015 15:06:38 +0200
215 libpve-access-control (4.0-1) unstable; urgency=medium
217 * bump version for Debian Jessie
219 -- Proxmox Support Team <support@proxmox.com> Thu, 26 Feb 2015 11:22:01 +0100
221 libpve-access-control (3.0-16) unstable; urgency=low
223 * root@pam can now be disabled in GUI.
225 -- Proxmox Support Team <support@proxmox.com> Fri, 30 Jan 2015 06:20:22 +0100
227 libpve-access-control (3.0-15) unstable; urgency=low
229 * oath: add 'step' and 'digits' option
231 -- Proxmox Support Team <support@proxmox.com> Wed, 23 Jul 2014 06:59:52 +0200
233 libpve-access-control (3.0-14) unstable; urgency=low
235 * add oath two factor auth
237 * add oathkeygen binary to generate keys for oath
239 * add yubico two factor auth
243 * depend on libmime-base32-perl
245 * allow to write builtin auth domains config (comment/tfa/default)
247 -- Proxmox Support Team <support@proxmox.com> Thu, 17 Jul 2014 13:09:56 +0200
249 libpve-access-control (3.0-13) unstable; urgency=low
251 * use correct connection string for AD auth
253 -- Proxmox Support Team <support@proxmox.com> Thu, 22 May 2014 07:16:09 +0200
255 libpve-access-control (3.0-12) unstable; urgency=low
257 * add dummy API for GET /access/ticket (useful to generate login pages)
259 -- Proxmox Support Team <support@proxmox.com> Wed, 30 Apr 2014 14:47:56 +0200
261 libpve-access-control (3.0-11) unstable; urgency=low
263 * Sets common hot keys for spice client
265 -- Proxmox Support Team <support@proxmox.com> Fri, 31 Jan 2014 10:24:28 +0100
267 libpve-access-control (3.0-10) unstable; urgency=low
269 * implement helper to generate SPICE remote-viewer configuration
271 * depend on libnet-ssleay-perl
273 -- Proxmox Support Team <support@proxmox.com> Tue, 10 Dec 2013 10:45:08 +0100
275 libpve-access-control (3.0-9) unstable; urgency=low
277 * prevent user enumeration attacks
279 * allow dots in access paths
281 -- Proxmox Support Team <support@proxmox.com> Mon, 18 Nov 2013 09:06:38 +0100
283 libpve-access-control (3.0-8) unstable; urgency=low
285 * spice: use lowercase hostname in ticktet signature
287 -- Proxmox Support Team <support@proxmox.com> Mon, 28 Oct 2013 08:11:57 +0100
289 libpve-access-control (3.0-7) unstable; urgency=low
291 * check_volume_access : use parse_volname instead of path, and remove
294 * use warnings instead of global -w flag.
296 -- Proxmox Support Team <support@proxmox.com> Tue, 01 Oct 2013 12:35:53 +0200
298 libpve-access-control (3.0-6) unstable; urgency=low
300 * use shorter spiceproxy tickets
302 -- Proxmox Support Team <support@proxmox.com> Fri, 19 Jul 2013 12:39:09 +0200
304 libpve-access-control (3.0-5) unstable; urgency=low
306 * add code to generate tickets for SPICE
308 -- Proxmox Support Team <support@proxmox.com> Wed, 26 Jun 2013 13:08:32 +0200
310 libpve-access-control (3.0-4) unstable; urgency=low
312 * moved add_vm_to_pool/remove_vm_from_pool from qemu-server
314 -- Proxmox Support Team <support@proxmox.com> Tue, 14 May 2013 11:56:54 +0200
316 libpve-access-control (3.0-3) unstable; urgency=low
318 * Add new role PVETemplateUser (and VM.Clone priviledge)
320 -- Proxmox Support Team <support@proxmox.com> Mon, 29 Apr 2013 11:42:15 +0200
322 libpve-access-control (3.0-2) unstable; urgency=low
324 * remove CGI.pm related code (pveproxy does not need that)
326 -- Proxmox Support Team <support@proxmox.com> Mon, 15 Apr 2013 12:34:23 +0200
328 libpve-access-control (3.0-1) unstable; urgency=low
330 * bump version for wheezy release
332 -- Proxmox Support Team <support@proxmox.com> Fri, 15 Mar 2013 08:07:06 +0100
334 libpve-access-control (1.0-26) unstable; urgency=low
336 * check_volume_access: fix access permissions for backup files
338 -- Proxmox Support Team <support@proxmox.com> Thu, 28 Feb 2013 10:00:14 +0100
340 libpve-access-control (1.0-25) unstable; urgency=low
342 * add VM.Snapshot permission
344 -- Proxmox Support Team <support@proxmox.com> Mon, 10 Sep 2012 09:23:32 +0200
346 libpve-access-control (1.0-24) unstable; urgency=low
348 * untaint path (allow root to restore arbitrary paths)
350 -- Proxmox Support Team <support@proxmox.com> Wed, 06 Jun 2012 13:06:34 +0200
352 libpve-access-control (1.0-23) unstable; urgency=low
354 * correctly compute GUI capabilities (consider pools)
356 -- Proxmox Support Team <support@proxmox.com> Wed, 30 May 2012 08:47:23 +0200
358 libpve-access-control (1.0-22) unstable; urgency=low
360 * new plugin architecture for Auth modules, minor API change for Auth
361 domains (new 'delete' parameter)
363 -- Proxmox Support Team <support@proxmox.com> Wed, 16 May 2012 07:21:44 +0200
365 libpve-access-control (1.0-21) unstable; urgency=low
367 * do not allow user names including slash
369 -- Proxmox Support Team <support@proxmox.com> Tue, 24 Apr 2012 10:07:47 +0200
371 libpve-access-control (1.0-20) unstable; urgency=low
373 * add ability to fork cli workers in background
375 -- Proxmox Support Team <support@proxmox.com> Wed, 18 Apr 2012 08:28:20 +0200
377 libpve-access-control (1.0-19) unstable; urgency=low
379 * return set of privileges on login - can be used to adopt GUI
381 -- Proxmox Support Team <support@proxmox.com> Tue, 17 Apr 2012 10:25:10 +0200
383 libpve-access-control (1.0-18) unstable; urgency=low
385 * fix bug #151: corretly parse username inside ticket
387 * fix bug #152: allow user to change his own password
389 -- Proxmox Support Team <support@proxmox.com> Wed, 11 Apr 2012 09:40:15 +0200
391 libpve-access-control (1.0-17) unstable; urgency=low
393 * set propagate flag by default
395 -- Proxmox Support Team <support@proxmox.com> Thu, 01 Mar 2012 12:40:19 +0100
397 libpve-access-control (1.0-16) unstable; urgency=low
399 * add 'pveum passwd' method
401 -- Proxmox Support Team <support@proxmox.com> Thu, 23 Feb 2012 12:05:25 +0100
403 libpve-access-control (1.0-15) unstable; urgency=low
405 * Add VM.Config.CDROM privilege to PVEVMUser rule
407 -- Proxmox Support Team <support@proxmox.com> Wed, 22 Feb 2012 11:44:23 +0100
409 libpve-access-control (1.0-14) unstable; urgency=low
411 * fix buf in userid-param permission check
413 -- Proxmox Support Team <support@proxmox.com> Wed, 22 Feb 2012 10:52:35 +0100
415 libpve-access-control (1.0-13) unstable; urgency=low
417 * allow more characters in ldap base_dn attribute
419 -- Proxmox Support Team <support@proxmox.com> Wed, 22 Feb 2012 06:17:02 +0100
421 libpve-access-control (1.0-12) unstable; urgency=low
423 * allow more characters with realm IDs
425 -- Proxmox Support Team <support@proxmox.com> Mon, 20 Feb 2012 08:50:33 +0100
427 libpve-access-control (1.0-11) unstable; urgency=low
429 * fix bug in exec_api2_perm_check
431 -- Proxmox Support Team <support@proxmox.com> Wed, 15 Feb 2012 07:06:30 +0100
433 libpve-access-control (1.0-10) unstable; urgency=low
435 * fix ACL group name parser
437 * changed 'pveum aclmod' command line arguments
439 -- Proxmox Support Team <support@proxmox.com> Tue, 14 Feb 2012 12:08:02 +0100
441 libpve-access-control (1.0-9) unstable; urgency=low
443 * fix bug in check_volume_access (fixes vzrestore)
445 -- Proxmox Support Team <support@proxmox.com> Mon, 13 Feb 2012 09:56:37 +0100
447 libpve-access-control (1.0-8) unstable; urgency=low
449 * fix return value for empty ACL list.
451 -- Proxmox Support Team <support@proxmox.com> Fri, 10 Feb 2012 11:25:04 +0100
453 libpve-access-control (1.0-7) unstable; urgency=low
455 * fix bug #85: allow root@pam to generate tickets for other users
457 -- Proxmox Support Team <support@proxmox.com> Tue, 17 Jan 2012 06:40:18 +0100
459 libpve-access-control (1.0-6) unstable; urgency=low
461 * API change: allow to filter enabled/disabled users.
463 -- Proxmox Support Team <support@proxmox.com> Wed, 11 Jan 2012 12:30:37 +0100
465 libpve-access-control (1.0-5) unstable; urgency=low
467 * add a way to return file changes (diffs): set_result_changes()
469 -- Proxmox Support Team <support@proxmox.com> Tue, 20 Dec 2011 11:18:48 +0100
471 libpve-access-control (1.0-4) unstable; urgency=low
473 * new environment type for ha agents
475 -- Proxmox Support Team <support@proxmox.com> Tue, 13 Dec 2011 10:08:53 +0100
477 libpve-access-control (1.0-3) unstable; urgency=low
479 * add support for delayed parameter parsing - We need that to disable
480 file upload for normal API request (avoid DOS attacs)
482 -- Proxmox Support Team <support@proxmox.com> Fri, 02 Dec 2011 09:56:10 +0100
484 libpve-access-control (1.0-2) unstable; urgency=low
486 * fix bug in fork_worker
488 -- Proxmox Support Team <support@proxmox.com> Tue, 11 Oct 2011 08:37:05 +0200
490 libpve-access-control (1.0-1) unstable; urgency=low
492 * allow '-' in permission paths
494 * bump version to 1.0
496 -- Proxmox Support Team <support@proxmox.com> Mon, 27 Jun 2011 13:51:48 +0200
498 libpve-access-control (0.1) unstable; urgency=low
500 * first dummy package - no functionality
502 -- Proxmox Support Team <support@proxmox.com> Thu, 09 Jul 2009 16:03:00 +0200
projects / pve-access-control.git / blob