my $tmp;
if (($tmp = PVE::AccessControl::verify_ticket($param->{password}, 1)) &&
- ($tmp eq $username)) {
+ ($tmp eq 'root@pam' || $tmp eq $username)) {
# got valid ticket
+ # Note: root@pam can create tickets for other users
} else {
$username = PVE::AccessControl::authenticate_user($username, $param->{password});
}
+libpve-access-control (1.0-7) unstable; urgency=low
+
+ * fix bug #85: allow root@pam to generate tickets for other users
+
+ -- Proxmox Support Team <support@proxmox.com> Tue, 17 Jan 2012 06:40:18 +0100
+
libpve-access-control (1.0-6) unstable; urgency=low
* API change: allow to filter enabled/disabled users.