1 libpve-access-control (5.1-2) unstable; urgency=medium
3 * fix #1998: correct return properties for read_role
5 -- Proxmox Support Team <support@proxmox.com> Fri, 23 Nov 2018 14:22:40 +0100
7 libpve-access-control (5.1-1) unstable; urgency=medium
9 * pveum: introduce sub-commands
11 * register userid with completion
13 * fix #233: return cluster name on successful login
15 -- Proxmox Support Team <support@proxmox.com> Thu, 15 Nov 2018 09:34:47 +0100
17 libpve-access-control (5.0-8) unstable; urgency=medium
19 * fix #1612: ldap: make 2nd server work with bind domains again
21 * fix an error message where passing a bad pool id to an API function would
22 make it complain about a wrong group name instead
24 * fix the API-returned permission list so that the GUI knows to show the
25 'Permissions' tab for a storage to an administrator apart from root@pam
27 -- Proxmox Support Team <support@proxmox.com> Thu, 18 Jan 2018 13:34:50 +0100
29 libpve-access-control (5.0-7) unstable; urgency=medium
31 * VM.Snapshot.Rollback privilege added
33 * api: check for special roles before locking the usercfg
35 * fix #1501: pveum: die when deleting special role
37 * API/ticket: rework coarse grained permission computation
39 -- Proxmox Support Team <support@proxmox.com> Thu, 5 Oct 2017 11:27:48 +0200
41 libpve-access-control (5.0-6) unstable; urgency=medium
43 * Close #1470: Add server ceritifcate verification for AD and LDAP via the
44 'verify' option. For compatibility reasons this defaults to off for now,
45 but that might change with future updates.
47 * AD, LDAP: Add ability to specify a CA path or file, and a client
48 certificate via the 'capath', 'cert' and 'certkey' options.
50 -- Proxmox Support Team <support@proxmox.com> Tue, 08 Aug 2017 11:56:38 +0200
52 libpve-access-control (5.0-5) unstable; urgency=medium
54 * change from dpkg-deb to dpkg-buildpackage
56 -- Proxmox Support Team <support@proxmox.com> Thu, 22 Jun 2017 09:12:37 +0200
58 libpve-access-control (5.0-4) unstable; urgency=medium
60 * PVE/CLI/pveum.pm: call setup_default_cli_env()
62 * PVE/Auth/PVE.pm: encode uft8 password before calling crypt
64 * check_api2_permissions: avoid warning about uninitialized value
66 -- Proxmox Support Team <support@proxmox.com> Tue, 02 May 2017 11:58:15 +0200
68 libpve-access-control (5.0-3) unstable; urgency=medium
70 * use new PVE::OTP class from pve-common
72 * use new PVE::Tools::encrypt_pw from pve-common
74 -- Proxmox Support Team <support@proxmox.com> Thu, 30 Mar 2017 17:45:55 +0200
76 libpve-access-control (5.0-2) unstable; urgency=medium
78 * encrypt_pw: avoid '+' for crypt salt
80 -- Proxmox Support Team <support@proxmox.com> Thu, 30 Mar 2017 08:54:10 +0200
82 libpve-access-control (5.0-1) unstable; urgency=medium
86 -- Proxmox Support Team <support@proxmox.com> Mon, 6 Mar 2017 13:42:01 +0100
88 libpve-access-control (4.0-23) unstable; urgency=medium
90 * use new PVE::Ticket class
92 -- Proxmox Support Team <support@proxmox.com> Thu, 19 Jan 2017 13:42:06 +0100
94 libpve-access-control (4.0-22) unstable; urgency=medium
96 * RPCEnvironment: removed check_volume_access() to avoid cyclic dependency
97 (moved to PVE::Storage)
99 * PVE::PCEnvironment: use new PVE::RESTEnvironment as base class
101 -- Proxmox Support Team <support@proxmox.com> Thu, 19 Jan 2017 09:12:04 +0100
103 libpve-access-control (4.0-21) unstable; urgency=medium
105 * setup_default_cli_env: expect $class as first parameter
107 -- Proxmox Support Team <support@proxmox.com> Thu, 12 Jan 2017 13:54:27 +0100
109 libpve-access-control (4.0-20) unstable; urgency=medium
111 * PVE/RPCEnvironment.pm: new function setup_default_cli_env
113 * PVE/API2/Domains.pm: fix property description
115 * use new repoman for upload target
117 -- Proxmox Support Team <support@proxmox.com> Wed, 11 Jan 2017 12:13:26 +0100
119 libpve-access-control (4.0-19) unstable; urgency=medium
121 * Close #833: ldap: non-anonymous bind support
123 * don't import 'RFC' from MIME::Base32
125 -- Proxmox Support Team <support@proxmox.com> Fri, 05 Aug 2016 13:09:08 +0200
127 libpve-access-control (4.0-18) unstable; urgency=medium
129 * fix #1062: recognize base32 otp keys again
131 -- Proxmox Support Team <support@proxmox.com> Thu, 21 Jul 2016 08:43:18 +0200
133 libpve-access-control (4.0-17) unstable; urgency=medium
135 * drop oathtool and libdigest-hmac-perl dependencies
137 -- Proxmox Support Team <support@proxmox.com> Mon, 11 Jul 2016 12:03:22 +0200
139 libpve-access-control (4.0-16) unstable; urgency=medium
141 * use pve-doc-generator to generate man pages
143 -- Proxmox Support Team <support@proxmox.com> Fri, 08 Apr 2016 07:06:05 +0200
145 libpve-access-control (4.0-15) unstable; urgency=medium
147 * Fix uninitialized warning when shadow.cfg does not exist
149 -- Proxmox Support Team <support@proxmox.com> Fri, 01 Apr 2016 07:10:57 +0200
151 libpve-access-control (4.0-14) unstable; urgency=medium
153 * Add is_worker to RPCEnvironment
155 -- Proxmox Support Team <support@proxmox.com> Tue, 15 Mar 2016 16:47:34 +0100
157 libpve-access-control (4.0-13) unstable; urgency=medium
159 * fix #916: allow HTTPS to access custom yubico url
161 -- Proxmox Support Team <support@proxmox.com> Mon, 14 Mar 2016 11:39:23 +0100
163 libpve-access-control (4.0-12) unstable; urgency=medium
165 * Catch certificate errors instead of segfaulting
167 -- Proxmox Support Team <support@proxmox.com> Wed, 09 Mar 2016 14:41:01 +0100
169 libpve-access-control (4.0-11) unstable; urgency=medium
171 * Fix #861: use safer sprintf formatting
173 -- Proxmox Support Team <support@proxmox.com> Fri, 08 Jan 2016 12:52:39 +0100
175 libpve-access-control (4.0-10) unstable; urgency=medium
177 * Auth::LDAP, Auth::AD: ipv6 support
179 -- Proxmox Support Team <support@proxmox.com> Thu, 03 Dec 2015 12:09:32 +0100
181 libpve-access-control (4.0-9) unstable; urgency=medium
183 * pveum: implement bash completion
185 -- Proxmox Support Team <support@proxmox.com> Thu, 01 Oct 2015 17:22:52 +0200
187 libpve-access-control (4.0-8) unstable; urgency=medium
189 * remove_storage_access: cleanup of access permissions for removed storage
191 -- Proxmox Support Team <support@proxmox.com> Wed, 19 Aug 2015 15:39:15 +0200
193 libpve-access-control (4.0-7) unstable; urgency=medium
195 * new helper to remove access permissions for removed VMs
197 -- Proxmox Support Team <support@proxmox.com> Fri, 14 Aug 2015 07:57:02 +0200
199 libpve-access-control (4.0-6) unstable; urgency=medium
201 * improve parse_user_config, parse_shadow_config
203 -- Proxmox Support Team <support@proxmox.com> Mon, 27 Jul 2015 13:14:33 +0200
205 libpve-access-control (4.0-5) unstable; urgency=medium
207 * pveum: check for $cmd being defined
209 -- Proxmox Support Team <support@proxmox.com> Wed, 10 Jun 2015 10:40:15 +0200
211 libpve-access-control (4.0-4) unstable; urgency=medium
213 * use activate-noawait triggers
215 -- Proxmox Support Team <support@proxmox.com> Mon, 01 Jun 2015 12:25:31 +0200
217 libpve-access-control (4.0-3) unstable; urgency=medium
223 -- Proxmox Support Team <support@proxmox.com> Wed, 27 May 2015 11:15:44 +0200
225 libpve-access-control (4.0-2) unstable; urgency=medium
227 * trigger pve-api-updates event
229 -- Proxmox Support Team <support@proxmox.com> Tue, 05 May 2015 15:06:38 +0200
231 libpve-access-control (4.0-1) unstable; urgency=medium
233 * bump version for Debian Jessie
235 -- Proxmox Support Team <support@proxmox.com> Thu, 26 Feb 2015 11:22:01 +0100
237 libpve-access-control (3.0-16) unstable; urgency=low
239 * root@pam can now be disabled in GUI.
241 -- Proxmox Support Team <support@proxmox.com> Fri, 30 Jan 2015 06:20:22 +0100
243 libpve-access-control (3.0-15) unstable; urgency=low
245 * oath: add 'step' and 'digits' option
247 -- Proxmox Support Team <support@proxmox.com> Wed, 23 Jul 2014 06:59:52 +0200
249 libpve-access-control (3.0-14) unstable; urgency=low
251 * add oath two factor auth
253 * add oathkeygen binary to generate keys for oath
255 * add yubico two factor auth
259 * depend on libmime-base32-perl
261 * allow to write builtin auth domains config (comment/tfa/default)
263 -- Proxmox Support Team <support@proxmox.com> Thu, 17 Jul 2014 13:09:56 +0200
265 libpve-access-control (3.0-13) unstable; urgency=low
267 * use correct connection string for AD auth
269 -- Proxmox Support Team <support@proxmox.com> Thu, 22 May 2014 07:16:09 +0200
271 libpve-access-control (3.0-12) unstable; urgency=low
273 * add dummy API for GET /access/ticket (useful to generate login pages)
275 -- Proxmox Support Team <support@proxmox.com> Wed, 30 Apr 2014 14:47:56 +0200
277 libpve-access-control (3.0-11) unstable; urgency=low
279 * Sets common hot keys for spice client
281 -- Proxmox Support Team <support@proxmox.com> Fri, 31 Jan 2014 10:24:28 +0100
283 libpve-access-control (3.0-10) unstable; urgency=low
285 * implement helper to generate SPICE remote-viewer configuration
287 * depend on libnet-ssleay-perl
289 -- Proxmox Support Team <support@proxmox.com> Tue, 10 Dec 2013 10:45:08 +0100
291 libpve-access-control (3.0-9) unstable; urgency=low
293 * prevent user enumeration attacks
295 * allow dots in access paths
297 -- Proxmox Support Team <support@proxmox.com> Mon, 18 Nov 2013 09:06:38 +0100
299 libpve-access-control (3.0-8) unstable; urgency=low
301 * spice: use lowercase hostname in ticktet signature
303 -- Proxmox Support Team <support@proxmox.com> Mon, 28 Oct 2013 08:11:57 +0100
305 libpve-access-control (3.0-7) unstable; urgency=low
307 * check_volume_access : use parse_volname instead of path, and remove
310 * use warnings instead of global -w flag.
312 -- Proxmox Support Team <support@proxmox.com> Tue, 01 Oct 2013 12:35:53 +0200
314 libpve-access-control (3.0-6) unstable; urgency=low
316 * use shorter spiceproxy tickets
318 -- Proxmox Support Team <support@proxmox.com> Fri, 19 Jul 2013 12:39:09 +0200
320 libpve-access-control (3.0-5) unstable; urgency=low
322 * add code to generate tickets for SPICE
324 -- Proxmox Support Team <support@proxmox.com> Wed, 26 Jun 2013 13:08:32 +0200
326 libpve-access-control (3.0-4) unstable; urgency=low
328 * moved add_vm_to_pool/remove_vm_from_pool from qemu-server
330 -- Proxmox Support Team <support@proxmox.com> Tue, 14 May 2013 11:56:54 +0200
332 libpve-access-control (3.0-3) unstable; urgency=low
334 * Add new role PVETemplateUser (and VM.Clone priviledge)
336 -- Proxmox Support Team <support@proxmox.com> Mon, 29 Apr 2013 11:42:15 +0200
338 libpve-access-control (3.0-2) unstable; urgency=low
340 * remove CGI.pm related code (pveproxy does not need that)
342 -- Proxmox Support Team <support@proxmox.com> Mon, 15 Apr 2013 12:34:23 +0200
344 libpve-access-control (3.0-1) unstable; urgency=low
346 * bump version for wheezy release
348 -- Proxmox Support Team <support@proxmox.com> Fri, 15 Mar 2013 08:07:06 +0100
350 libpve-access-control (1.0-26) unstable; urgency=low
352 * check_volume_access: fix access permissions for backup files
354 -- Proxmox Support Team <support@proxmox.com> Thu, 28 Feb 2013 10:00:14 +0100
356 libpve-access-control (1.0-25) unstable; urgency=low
358 * add VM.Snapshot permission
360 -- Proxmox Support Team <support@proxmox.com> Mon, 10 Sep 2012 09:23:32 +0200
362 libpve-access-control (1.0-24) unstable; urgency=low
364 * untaint path (allow root to restore arbitrary paths)
366 -- Proxmox Support Team <support@proxmox.com> Wed, 06 Jun 2012 13:06:34 +0200
368 libpve-access-control (1.0-23) unstable; urgency=low
370 * correctly compute GUI capabilities (consider pools)
372 -- Proxmox Support Team <support@proxmox.com> Wed, 30 May 2012 08:47:23 +0200
374 libpve-access-control (1.0-22) unstable; urgency=low
376 * new plugin architecture for Auth modules, minor API change for Auth
377 domains (new 'delete' parameter)
379 -- Proxmox Support Team <support@proxmox.com> Wed, 16 May 2012 07:21:44 +0200
381 libpve-access-control (1.0-21) unstable; urgency=low
383 * do not allow user names including slash
385 -- Proxmox Support Team <support@proxmox.com> Tue, 24 Apr 2012 10:07:47 +0200
387 libpve-access-control (1.0-20) unstable; urgency=low
389 * add ability to fork cli workers in background
391 -- Proxmox Support Team <support@proxmox.com> Wed, 18 Apr 2012 08:28:20 +0200
393 libpve-access-control (1.0-19) unstable; urgency=low
395 * return set of privileges on login - can be used to adopt GUI
397 -- Proxmox Support Team <support@proxmox.com> Tue, 17 Apr 2012 10:25:10 +0200
399 libpve-access-control (1.0-18) unstable; urgency=low
401 * fix bug #151: corretly parse username inside ticket
403 * fix bug #152: allow user to change his own password
405 -- Proxmox Support Team <support@proxmox.com> Wed, 11 Apr 2012 09:40:15 +0200
407 libpve-access-control (1.0-17) unstable; urgency=low
409 * set propagate flag by default
411 -- Proxmox Support Team <support@proxmox.com> Thu, 01 Mar 2012 12:40:19 +0100
413 libpve-access-control (1.0-16) unstable; urgency=low
415 * add 'pveum passwd' method
417 -- Proxmox Support Team <support@proxmox.com> Thu, 23 Feb 2012 12:05:25 +0100
419 libpve-access-control (1.0-15) unstable; urgency=low
421 * Add VM.Config.CDROM privilege to PVEVMUser rule
423 -- Proxmox Support Team <support@proxmox.com> Wed, 22 Feb 2012 11:44:23 +0100
425 libpve-access-control (1.0-14) unstable; urgency=low
427 * fix buf in userid-param permission check
429 -- Proxmox Support Team <support@proxmox.com> Wed, 22 Feb 2012 10:52:35 +0100
431 libpve-access-control (1.0-13) unstable; urgency=low
433 * allow more characters in ldap base_dn attribute
435 -- Proxmox Support Team <support@proxmox.com> Wed, 22 Feb 2012 06:17:02 +0100
437 libpve-access-control (1.0-12) unstable; urgency=low
439 * allow more characters with realm IDs
441 -- Proxmox Support Team <support@proxmox.com> Mon, 20 Feb 2012 08:50:33 +0100
443 libpve-access-control (1.0-11) unstable; urgency=low
445 * fix bug in exec_api2_perm_check
447 -- Proxmox Support Team <support@proxmox.com> Wed, 15 Feb 2012 07:06:30 +0100
449 libpve-access-control (1.0-10) unstable; urgency=low
451 * fix ACL group name parser
453 * changed 'pveum aclmod' command line arguments
455 -- Proxmox Support Team <support@proxmox.com> Tue, 14 Feb 2012 12:08:02 +0100
457 libpve-access-control (1.0-9) unstable; urgency=low
459 * fix bug in check_volume_access (fixes vzrestore)
461 -- Proxmox Support Team <support@proxmox.com> Mon, 13 Feb 2012 09:56:37 +0100
463 libpve-access-control (1.0-8) unstable; urgency=low
465 * fix return value for empty ACL list.
467 -- Proxmox Support Team <support@proxmox.com> Fri, 10 Feb 2012 11:25:04 +0100
469 libpve-access-control (1.0-7) unstable; urgency=low
471 * fix bug #85: allow root@pam to generate tickets for other users
473 -- Proxmox Support Team <support@proxmox.com> Tue, 17 Jan 2012 06:40:18 +0100
475 libpve-access-control (1.0-6) unstable; urgency=low
477 * API change: allow to filter enabled/disabled users.
479 -- Proxmox Support Team <support@proxmox.com> Wed, 11 Jan 2012 12:30:37 +0100
481 libpve-access-control (1.0-5) unstable; urgency=low
483 * add a way to return file changes (diffs): set_result_changes()
485 -- Proxmox Support Team <support@proxmox.com> Tue, 20 Dec 2011 11:18:48 +0100
487 libpve-access-control (1.0-4) unstable; urgency=low
489 * new environment type for ha agents
491 -- Proxmox Support Team <support@proxmox.com> Tue, 13 Dec 2011 10:08:53 +0100
493 libpve-access-control (1.0-3) unstable; urgency=low
495 * add support for delayed parameter parsing - We need that to disable
496 file upload for normal API request (avoid DOS attacs)
498 -- Proxmox Support Team <support@proxmox.com> Fri, 02 Dec 2011 09:56:10 +0100
500 libpve-access-control (1.0-2) unstable; urgency=low
502 * fix bug in fork_worker
504 -- Proxmox Support Team <support@proxmox.com> Tue, 11 Oct 2011 08:37:05 +0200
506 libpve-access-control (1.0-1) unstable; urgency=low
508 * allow '-' in permission paths
510 * bump version to 1.0
512 -- Proxmox Support Team <support@proxmox.com> Mon, 27 Jun 2011 13:51:48 +0200
514 libpve-access-control (0.1) unstable; urgency=low
516 * first dummy package - no functionality
518 -- Proxmox Support Team <support@proxmox.com> Thu, 09 Jul 2009 16:03:00 +0200