]> git.proxmox.com Git - pve-access-control.git/commitdiff
projects / pve-access-control.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 930dcfc)
fix bug #85: allow root@pam to generate tickets for other users
authorDietmar Maurer <dietmar@proxmox.com>
Tue, 17 Jan 2012 05:42:42 +0000 (06:42 +0100)
committerDietmar Maurer <dietmar@proxmox.com>
Tue, 17 Jan 2012 05:42:42 +0000 (06:42 +0100)
Makefile patch | blob | blame | history
PVE/API2/AccessControl.pm patch | blob | blame | history
changelog.Debian patch | blob | blame | history

diff --git a/Makefile b/Makefile
index 9b4c4d0c7185e579dddb4d8254e665efb4a05763..bf294ca42c1f17b8f865ce0c5364dd256625cafc 100644 (file)
--- a/Makefile
+++ b/Makefile
@@ -2,7 +2,7 @@ RELEASE=2.0
 
 VERSION=1.0
 PACKAGE=libpve-access-control
 
 VERSION=1.0
 PACKAGE=libpve-access-control
-PKGREL=6
+PKGREL=7
 
 DESTDIR=
 PREFIX=/usr
 
 DESTDIR=
 PREFIX=/usr
diff --git a/PVE/API2/AccessControl.pm b/PVE/API2/AccessControl.pm
index 10b6161909a3df39c58d06c1cf463448d4e0471f..3d7c80d95d602ffbfbb42e011f26cf57eadf488b 100644 (file)
--- a/PVE/API2/AccessControl.pm
+++ b/PVE/API2/AccessControl.pm
@@ -150,8 +150,9 @@ __PACKAGE__->register_method ({
 
            my $tmp;
            if (($tmp = PVE::AccessControl::verify_ticket($param->{password}, 1)) &&
 
            my $tmp;
            if (($tmp = PVE::AccessControl::verify_ticket($param->{password}, 1)) &&
-               ($tmp eq $username)) {
+               ($tmp eq 'root@pam' || $tmp eq $username)) {
                # got valid ticket
                # got valid ticket
+               # Note: root@pam can create tickets for other users
            } else {
                $username = PVE::AccessControl::authenticate_user($username, $param->{password});
            }
            } else {
                $username = PVE::AccessControl::authenticate_user($username, $param->{password});
            }
diff --git a/changelog.Debian b/changelog.Debian
index bc7426c90aa2b0e3130b1f205af6858a91b732ba..54bb9b833392e431b63f74f6fcde6d8fb5b48b76 100644 (file)
--- a/changelog.Debian
+++ b/changelog.Debian
@@ -1,3 +1,9 @@
+libpve-access-control (1.0-7) unstable; urgency=low
+
+  * fix bug #85: allow root@pam to generate tickets for other users
+
+ -- Proxmox Support Team <support@proxmox.com>  Tue, 17 Jan 2012 06:40:18 +0100
+
 libpve-access-control (1.0-6) unstable; urgency=low
 
   * API change: allow to filter enabled/disabled users.
 libpve-access-control (1.0-6) unstable; urgency=low
 
   * API change: allow to filter enabled/disabled users.
Access control framework