debian/changelog

   1 libpve-access-control (5.1-2) unstable; urgency=medium
   2
   3   * fix #1998: correct return properties for read_role
   4
   5  -- Proxmox Support Team <support@proxmox.com>  Fri, 23 Nov 2018 14:22:40 +0100
   6
   7 libpve-access-control (5.1-1) unstable; urgency=medium
   8
   9   * pveum: introduce sub-commands
  10
  11   * register userid with completion
  12
  13   * fix #233: return cluster name on successful login
  14
  15  -- Proxmox Support Team <support@proxmox.com>  Thu, 15 Nov 2018 09:34:47 +0100
  16
  17 libpve-access-control (5.0-8) unstable; urgency=medium
  18
  19   * fix #1612: ldap: make 2nd server work with bind domains again
  20
  21   * fix an error message where passing a bad pool id to an API function would
  22     make it complain about a wrong group name instead
  23
  24   * fix the API-returned permission list so that the GUI knows to show the
  25     'Permissions' tab for a storage to an administrator apart from root@pam
  26
  27  -- Proxmox Support Team <support@proxmox.com>  Thu, 18 Jan 2018 13:34:50 +0100
  28
  29 libpve-access-control (5.0-7) unstable; urgency=medium
  30
  31   * VM.Snapshot.Rollback privilege added
  32
  33   * api: check for special roles before locking the usercfg
  34
  35   * fix #1501: pveum: die when deleting special role
  36
  37   * API/ticket: rework coarse grained permission computation
  38
  39  -- Proxmox Support Team <support@proxmox.com>  Thu, 5 Oct 2017 11:27:48 +0200
  40
  41 libpve-access-control (5.0-6) unstable; urgency=medium
  42
  43   * Close #1470: Add server ceritifcate verification for AD and LDAP via the
  44     'verify' option. For compatibility reasons this defaults to off for now,
  45     but that might change with future updates.
  46
  47   * AD, LDAP: Add ability to specify a CA path or file, and a client
  48     certificate via the 'capath', 'cert' and 'certkey' options.
  49
  50  -- Proxmox Support Team <support@proxmox.com>  Tue, 08 Aug 2017 11:56:38 +0200
  51
  52 libpve-access-control (5.0-5) unstable; urgency=medium
  53
  54   * change from dpkg-deb to dpkg-buildpackage
  55
  56  -- Proxmox Support Team <support@proxmox.com>  Thu, 22 Jun 2017 09:12:37 +0200
  57
  58 libpve-access-control (5.0-4) unstable; urgency=medium
  59
  60   * PVE/CLI/pveum.pm: call setup_default_cli_env()
  61
  62   * PVE/Auth/PVE.pm: encode uft8 password before calling crypt
  63
  64   * check_api2_permissions: avoid warning about uninitialized value
  65
  66  -- Proxmox Support Team <support@proxmox.com>  Tue, 02 May 2017 11:58:15 +0200
  67
  68 libpve-access-control (5.0-3) unstable; urgency=medium
  69
  70   * use new PVE::OTP class from pve-common
  71
  72   * use new PVE::Tools::encrypt_pw from pve-common
  73
  74  -- Proxmox Support Team <support@proxmox.com>  Thu, 30 Mar 2017 17:45:55 +0200
  75
  76 libpve-access-control (5.0-2) unstable; urgency=medium
  77
  78   * encrypt_pw: avoid '+' for crypt salt
  79
  80  -- Proxmox Support Team <support@proxmox.com>  Thu, 30 Mar 2017 08:54:10 +0200
  81
  82 libpve-access-control (5.0-1) unstable; urgency=medium
  83
  84   * rebuild for PVE 5.0
  85
  86  -- Proxmox Support Team <support@proxmox.com>  Mon, 6 Mar 2017 13:42:01 +0100
  87
  88 libpve-access-control (4.0-23) unstable; urgency=medium
  89
  90   * use new PVE::Ticket class
  91
  92  -- Proxmox Support Team <support@proxmox.com>  Thu, 19 Jan 2017 13:42:06 +0100
  93
  94 libpve-access-control (4.0-22) unstable; urgency=medium
  95
  96   * RPCEnvironment: removed check_volume_access() to avoid cyclic dependency
  97     (moved to PVE::Storage)
  98
  99   * PVE::PCEnvironment: use new PVE::RESTEnvironment as base class
 100
 101  -- Proxmox Support Team <support@proxmox.com>  Thu, 19 Jan 2017 09:12:04 +0100
 102
 103 libpve-access-control (4.0-21) unstable; urgency=medium
 104
 105   * setup_default_cli_env: expect $class as first parameter
 106
 107  -- Proxmox Support Team <support@proxmox.com>  Thu, 12 Jan 2017 13:54:27 +0100
 108
 109 libpve-access-control (4.0-20) unstable; urgency=medium
 110
 111   * PVE/RPCEnvironment.pm: new function setup_default_cli_env
 112
 113   * PVE/API2/Domains.pm: fix property description
 114
 115   * use new repoman for upload target
 116
 117  -- Proxmox Support Team <support@proxmox.com>  Wed, 11 Jan 2017 12:13:26 +0100
 118
 119 libpve-access-control (4.0-19) unstable; urgency=medium
 120
 121   * Close #833: ldap: non-anonymous bind support
 122
 123   * don't import 'RFC' from MIME::Base32
 124
 125  -- Proxmox Support Team <support@proxmox.com>  Fri, 05 Aug 2016 13:09:08 +0200
 126
 127 libpve-access-control (4.0-18) unstable; urgency=medium
 128
 129   * fix #1062: recognize base32 otp keys again
 130
 131  -- Proxmox Support Team <support@proxmox.com>  Thu, 21 Jul 2016 08:43:18 +0200
 132
 133 libpve-access-control (4.0-17) unstable; urgency=medium
 134
 135   * drop oathtool and libdigest-hmac-perl dependencies
 136
 137  -- Proxmox Support Team <support@proxmox.com>  Mon, 11 Jul 2016 12:03:22 +0200
 138
 139 libpve-access-control (4.0-16) unstable; urgency=medium
 140
 141   * use pve-doc-generator to generate man pages
 142
 143  -- Proxmox Support Team <support@proxmox.com>  Fri, 08 Apr 2016 07:06:05 +0200
 144
 145 libpve-access-control (4.0-15) unstable; urgency=medium
 146
 147   * Fix uninitialized warning when shadow.cfg does not exist
 148
 149  -- Proxmox Support Team <support@proxmox.com>  Fri, 01 Apr 2016 07:10:57 +0200
 150
 151 libpve-access-control (4.0-14) unstable; urgency=medium
 152
 153   * Add is_worker to RPCEnvironment
 154
 155  -- Proxmox Support Team <support@proxmox.com>  Tue, 15 Mar 2016 16:47:34 +0100
 156
 157 libpve-access-control (4.0-13) unstable; urgency=medium
 158
 159   * fix #916: allow HTTPS to access custom yubico url
 160
 161  -- Proxmox Support Team <support@proxmox.com>  Mon, 14 Mar 2016 11:39:23 +0100
 162
 163 libpve-access-control (4.0-12) unstable; urgency=medium
 164
 165   * Catch certificate errors instead of segfaulting
 166
 167  -- Proxmox Support Team <support@proxmox.com>  Wed, 09 Mar 2016 14:41:01 +0100
 168
 169 libpve-access-control (4.0-11) unstable; urgency=medium
 170
 171   * Fix #861: use safer sprintf formatting
 172
 173  -- Proxmox Support Team <support@proxmox.com>  Fri, 08 Jan 2016 12:52:39 +0100
 174
 175 libpve-access-control (4.0-10) unstable; urgency=medium
 176
 177   *  Auth::LDAP, Auth::AD: ipv6 support
 178
 179  -- Proxmox Support Team <support@proxmox.com>  Thu, 03 Dec 2015 12:09:32 +0100
 180
 181 libpve-access-control (4.0-9) unstable; urgency=medium
 182
 183   * pveum: implement bash completion
 184
 185  -- Proxmox Support Team <support@proxmox.com>  Thu, 01 Oct 2015 17:22:52 +0200
 186
 187 libpve-access-control (4.0-8) unstable; urgency=medium
 188
 189   * remove_storage_access: cleanup of access permissions for removed storage
 190
 191  -- Proxmox Support Team <support@proxmox.com>  Wed, 19 Aug 2015 15:39:15 +0200
 192
 193 libpve-access-control (4.0-7) unstable; urgency=medium
 194
 195   * new helper to remove access permissions for removed VMs
 196
 197  -- Proxmox Support Team <support@proxmox.com>  Fri, 14 Aug 2015 07:57:02 +0200
 198
 199 libpve-access-control (4.0-6) unstable; urgency=medium
 200
 201   * improve parse_user_config, parse_shadow_config
 202
 203  -- Proxmox Support Team <support@proxmox.com>  Mon, 27 Jul 2015 13:14:33 +0200
 204
 205 libpve-access-control (4.0-5) unstable; urgency=medium
 206
 207   * pveum: check for $cmd being defined
 208
 209  -- Proxmox Support Team <support@proxmox.com>  Wed, 10 Jun 2015 10:40:15 +0200
 210
 211 libpve-access-control (4.0-4) unstable; urgency=medium
 212
 213   * use activate-noawait triggers
 214
 215  -- Proxmox Support Team <support@proxmox.com>  Mon, 01 Jun 2015 12:25:31 +0200
 216
 217 libpve-access-control (4.0-3) unstable; urgency=medium
 218
 219   * IPv6 fixes
 220
 221   * non-root buildfix
 222
 223  -- Proxmox Support Team <support@proxmox.com>  Wed, 27 May 2015 11:15:44 +0200
 224
 225 libpve-access-control (4.0-2) unstable; urgency=medium
 226
 227   * trigger pve-api-updates event
 228
 229  -- Proxmox Support Team <support@proxmox.com>  Tue, 05 May 2015 15:06:38 +0200
 230
 231 libpve-access-control (4.0-1) unstable; urgency=medium
 232
 233   * bump version for Debian Jessie
 234
 235  -- Proxmox Support Team <support@proxmox.com>  Thu, 26 Feb 2015 11:22:01 +0100
 236
 237 libpve-access-control (3.0-16) unstable; urgency=low
 238
 239   * root@pam can now be disabled in GUI.
 240
 241  -- Proxmox Support Team <support@proxmox.com>  Fri, 30 Jan 2015 06:20:22 +0100
 242
 243 libpve-access-control (3.0-15) unstable; urgency=low
 244
 245   * oath: add 'step' and 'digits' option
 246
 247  -- Proxmox Support Team <support@proxmox.com>  Wed, 23 Jul 2014 06:59:52 +0200
 248
 249 libpve-access-control (3.0-14) unstable; urgency=low
 250
 251   * add oath two factor auth
 252
 253   * add oathkeygen binary to generate keys for oath
 254
 255   * add yubico two factor auth
 256
 257   * dedend on oathtool
 258
 259   * depend on libmime-base32-perl
 260
 261   * allow to write builtin auth domains config (comment/tfa/default)
 262
 263  -- Proxmox Support Team <support@proxmox.com>  Thu, 17 Jul 2014 13:09:56 +0200
 264
 265 libpve-access-control (3.0-13) unstable; urgency=low
 266
 267   * use correct connection string for AD auth
 268
 269  -- Proxmox Support Team <support@proxmox.com>  Thu, 22 May 2014 07:16:09 +0200
 270
 271 libpve-access-control (3.0-12) unstable; urgency=low
 272
 273   * add dummy API for GET /access/ticket (useful to generate login pages)
 274
 275  -- Proxmox Support Team <support@proxmox.com>  Wed, 30 Apr 2014 14:47:56 +0200
 276
 277 libpve-access-control (3.0-11) unstable; urgency=low
 278
 279   * Sets common hot keys for spice client
 280
 281  -- Proxmox Support Team <support@proxmox.com>  Fri, 31 Jan 2014 10:24:28 +0100
 282
 283 libpve-access-control (3.0-10) unstable; urgency=low
 284
 285   * implement helper to generate SPICE remote-viewer configuration
 286
 287   * depend on libnet-ssleay-perl
 288
 289  -- Proxmox Support Team <support@proxmox.com>  Tue, 10 Dec 2013 10:45:08 +0100
 290
 291 libpve-access-control (3.0-9) unstable; urgency=low
 292
 293   * prevent user enumeration attacks
 294
 295   * allow dots in access paths
 296
 297  -- Proxmox Support Team <support@proxmox.com>  Mon, 18 Nov 2013 09:06:38 +0100
 298
 299 libpve-access-control (3.0-8) unstable; urgency=low
 300
 301   * spice: use lowercase hostname in ticktet signature
 302
 303  -- Proxmox Support Team <support@proxmox.com>  Mon, 28 Oct 2013 08:11:57 +0100
 304
 305 libpve-access-control (3.0-7) unstable; urgency=low
 306
 307   * check_volume_access : use parse_volname instead of path, and remove
 308     path related code.
 309
 310   * use warnings instead of global -w flag.
 311
 312  -- Proxmox Support Team <support@proxmox.com>  Tue, 01 Oct 2013 12:35:53 +0200
 313
 314 libpve-access-control (3.0-6) unstable; urgency=low
 315
 316   * use shorter spiceproxy tickets
 317
 318  -- Proxmox Support Team <support@proxmox.com>  Fri, 19 Jul 2013 12:39:09 +0200
 319
 320 libpve-access-control (3.0-5) unstable; urgency=low
 321
 322   * add code to generate tickets for SPICE
 323
 324  -- Proxmox Support Team <support@proxmox.com>  Wed, 26 Jun 2013 13:08:32 +0200
 325
 326 libpve-access-control (3.0-4) unstable; urgency=low
 327
 328   * moved add_vm_to_pool/remove_vm_from_pool from qemu-server
 329
 330  -- Proxmox Support Team <support@proxmox.com>  Tue, 14 May 2013 11:56:54 +0200
 331
 332 libpve-access-control (3.0-3) unstable; urgency=low
 333
 334   * Add new role PVETemplateUser (and VM.Clone priviledge)
 335
 336  -- Proxmox Support Team <support@proxmox.com>  Mon, 29 Apr 2013 11:42:15 +0200
 337
 338 libpve-access-control (3.0-2) unstable; urgency=low
 339
 340   * remove CGI.pm related code (pveproxy does not need that)
 341
 342  -- Proxmox Support Team <support@proxmox.com>  Mon, 15 Apr 2013 12:34:23 +0200
 343
 344 libpve-access-control (3.0-1) unstable; urgency=low
 345
 346   * bump version for wheezy release
 347
 348  -- Proxmox Support Team <support@proxmox.com>  Fri, 15 Mar 2013 08:07:06 +0100
 349
 350 libpve-access-control (1.0-26) unstable; urgency=low
 351
 352   * check_volume_access: fix access permissions for backup files
 353
 354  -- Proxmox Support Team <support@proxmox.com>  Thu, 28 Feb 2013 10:00:14 +0100
 355
 356 libpve-access-control (1.0-25) unstable; urgency=low
 357
 358   * add VM.Snapshot permission
 359
 360  -- Proxmox Support Team <support@proxmox.com>  Mon, 10 Sep 2012 09:23:32 +0200
 361
 362 libpve-access-control (1.0-24) unstable; urgency=low
 363
 364   * untaint path (allow root to restore arbitrary paths)
 365
 366  -- Proxmox Support Team <support@proxmox.com>  Wed, 06 Jun 2012 13:06:34 +0200
 367
 368 libpve-access-control (1.0-23) unstable; urgency=low
 369
 370   * correctly compute GUI capabilities (consider pools)
 371
 372  -- Proxmox Support Team <support@proxmox.com>  Wed, 30 May 2012 08:47:23 +0200
 373
 374 libpve-access-control (1.0-22) unstable; urgency=low
 375
 376   * new plugin architecture for Auth modules, minor API change for Auth
 377     domains (new 'delete' parameter)
 378
 379  -- Proxmox Support Team <support@proxmox.com>  Wed, 16 May 2012 07:21:44 +0200
 380
 381 libpve-access-control (1.0-21) unstable; urgency=low
 382
 383   * do not allow user names including slash
 384
 385  -- Proxmox Support Team <support@proxmox.com>  Tue, 24 Apr 2012 10:07:47 +0200
 386
 387 libpve-access-control (1.0-20) unstable; urgency=low
 388
 389   * add ability to fork cli workers in background
 390
 391  -- Proxmox Support Team <support@proxmox.com>  Wed, 18 Apr 2012 08:28:20 +0200
 392
 393 libpve-access-control (1.0-19) unstable; urgency=low
 394
 395   * return set of privileges on login - can be used to adopt GUI
 396
 397  -- Proxmox Support Team <support@proxmox.com>  Tue, 17 Apr 2012 10:25:10 +0200
 398
 399 libpve-access-control (1.0-18) unstable; urgency=low
 400
 401   * fix bug #151: corretly parse username inside ticket
 402
 403   * fix bug #152: allow user to change his own password
 404
 405  -- Proxmox Support Team <support@proxmox.com>  Wed, 11 Apr 2012 09:40:15 +0200
 406
 407 libpve-access-control (1.0-17) unstable; urgency=low
 408
 409   * set propagate flag by default
 410
 411  -- Proxmox Support Team <support@proxmox.com>  Thu, 01 Mar 2012 12:40:19 +0100
 412
 413 libpve-access-control (1.0-16) unstable; urgency=low
 414
 415   * add 'pveum passwd' method
 416
 417  -- Proxmox Support Team <support@proxmox.com>  Thu, 23 Feb 2012 12:05:25 +0100
 418
 419 libpve-access-control (1.0-15) unstable; urgency=low
 420
 421   * Add VM.Config.CDROM privilege to PVEVMUser rule
 422
 423  -- Proxmox Support Team <support@proxmox.com>  Wed, 22 Feb 2012 11:44:23 +0100
 424
 425 libpve-access-control (1.0-14) unstable; urgency=low
 426
 427   * fix buf in userid-param permission check
 428
 429  -- Proxmox Support Team <support@proxmox.com>  Wed, 22 Feb 2012 10:52:35 +0100
 430
 431 libpve-access-control (1.0-13) unstable; urgency=low
 432
 433   * allow more characters in ldap base_dn attribute
 434
 435  -- Proxmox Support Team <support@proxmox.com>  Wed, 22 Feb 2012 06:17:02 +0100
 436
 437 libpve-access-control (1.0-12) unstable; urgency=low
 438
 439   * allow more characters with realm IDs
 440
 441  -- Proxmox Support Team <support@proxmox.com>  Mon, 20 Feb 2012 08:50:33 +0100
 442
 443 libpve-access-control (1.0-11) unstable; urgency=low
 444
 445   * fix bug in exec_api2_perm_check
 446
 447  -- Proxmox Support Team <support@proxmox.com>  Wed, 15 Feb 2012 07:06:30 +0100
 448
 449 libpve-access-control (1.0-10) unstable; urgency=low
 450
 451   * fix ACL group name parser
 452
 453   * changed 'pveum aclmod' command line arguments
 454
 455  -- Proxmox Support Team <support@proxmox.com>  Tue, 14 Feb 2012 12:08:02 +0100
 456
 457 libpve-access-control (1.0-9) unstable; urgency=low
 458
 459   * fix bug in check_volume_access (fixes vzrestore)
 460
 461  -- Proxmox Support Team <support@proxmox.com>  Mon, 13 Feb 2012 09:56:37 +0100
 462
 463 libpve-access-control (1.0-8) unstable; urgency=low
 464
 465   * fix return value for empty ACL list.
 466
 467  -- Proxmox Support Team <support@proxmox.com>  Fri, 10 Feb 2012 11:25:04 +0100
 468
 469 libpve-access-control (1.0-7) unstable; urgency=low
 470
 471   * fix bug #85: allow root@pam to generate tickets for other users
 472
 473  -- Proxmox Support Team <support@proxmox.com>  Tue, 17 Jan 2012 06:40:18 +0100
 474
 475 libpve-access-control (1.0-6) unstable; urgency=low
 476
 477   * API change: allow to filter enabled/disabled users.
 478
 479  -- Proxmox Support Team <support@proxmox.com>  Wed, 11 Jan 2012 12:30:37 +0100
 480
 481 libpve-access-control (1.0-5) unstable; urgency=low
 482
 483   * add a way to return file changes (diffs): set_result_changes()
 484
 485  -- Proxmox Support Team <support@proxmox.com>  Tue, 20 Dec 2011 11:18:48 +0100
 486
 487 libpve-access-control (1.0-4) unstable; urgency=low
 488
 489   * new environment type for ha agents
 490
 491  -- Proxmox Support Team <support@proxmox.com>  Tue, 13 Dec 2011 10:08:53 +0100
 492
 493 libpve-access-control (1.0-3) unstable; urgency=low
 494
 495   * add support for delayed parameter parsing - We need that to disable
 496     file upload for normal API request (avoid DOS attacs)
 497
 498  -- Proxmox Support Team <support@proxmox.com>  Fri, 02 Dec 2011 09:56:10 +0100
 499
 500 libpve-access-control (1.0-2) unstable; urgency=low
 501
 502   * fix bug in fork_worker
 503
 504  -- Proxmox Support Team <support@proxmox.com>  Tue, 11 Oct 2011 08:37:05 +0200
 505
 506 libpve-access-control (1.0-1) unstable; urgency=low
 507
 508   * allow '-' in permission paths
 509
 510   * bump version to 1.0
 511
 512  -- Proxmox Support Team <support@proxmox.com>  Mon, 27 Jun 2011 13:51:48 +0200
 513
 514 libpve-access-control (0.1) unstable; urgency=low
 515
 516   * first dummy package - no functionality
 517
 518  -- Proxmox Support Team <support@proxmox.com>  Thu, 09 Jul 2009 16:03:00 +0200
 519