From: Thomas Lamprecht Date: Fri, 9 Jun 2017 15:44:29 +0000 (+0200) Subject: change from dpkg-deb to dpkg-buildpackage X-Git-Url: https://git.proxmox.com/?p=pve-access-control.git;a=commitdiff_plain;h=98eb404f77d95b8fa449db48b6d38196b7582549 change from dpkg-deb to dpkg-buildpackage add debian directory and move the respective files there and add missing (rules, compat). Add a Source section to the control.in file. Move the verify_api check to the new "test" target, which gets executed before the dh_auto_install target. Cleanup the "clean" target. Signed-off-by: Thomas Lamprecht --- diff --git a/Makefile b/Makefile index a9512ea..e8ff5b4 100644 --- a/Makefile +++ b/Makefile @@ -13,6 +13,8 @@ BASHCOMPLDIR=${PREFIX}/share/bash-completion/completions/ export PERLDIR=${PREFIX}/share/perl5 +export SOURCE_DATE_EPOCH ?= $(shell dpkg-parsechangelog -STimestamp) + ARCH:=$(shell dpkg-architecture -qDEB_BUILD_ARCH) GITVERSION:=$(shell cat .git/refs/heads/master) @@ -22,7 +24,7 @@ DEB=${PACKAGE}_${VERSION}-${PKGREL}_${ARCH}.deb export NOVIEW=1 include /usr/share/pve-doc-generator/pve-doc-generator.mk -all: ${DEB} +all: .PHONY: dinstall dinstall: deb @@ -39,30 +41,25 @@ install: pveum.1 oathkeygen pveum.bash-completion install -m 0755 pveum ${DESTDIR}${SBINDIR} install -m 0755 oathkeygen ${DESTDIR}${BINDIR} make -C PVE install - perl -I. ./pveum verifyapi - perl -I. -T -e "use PVE::CLI::pveum; PVE::CLI::pveum->verify_api();" install -d ${DESTDIR}/${MAN1DIR} install -d ${DESTDIR}/${DOCDIR} install -m 0644 pveum.1 ${DESTDIR}/${MAN1DIR} gzip -9 -n ${DESTDIR}/${MAN1DIR}/pveum.1 install -m 0644 -D pveum.bash-completion ${DESTDIR}${BASHCOMPLDIR}/pveum +.PHONY: test +test: + perl -I. ./pveum verifyapi + perl -I. -T -e "use PVE::CLI::pveum; PVE::CLI::pveum->verify_api();" + .PHONY: deb deb: ${DEB} ${DEB}: rm -rf build - mkdir build - make DESTDIR=`pwd`/build install - install -d -m 0755 build/DEBIAN - sed -e s/@@VERSION@@/${VERSION}/ -e s/@@PKGRELEASE@@/${PKGREL}/ -e s/@@ARCH@@/${ARCH}/ build/DEBIAN/control - echo "git clone git://git.proxmox.com/git/pve-access-control.git\\ngit checkout ${GITVERSION}" > build/${DOCDIR}/SOURCE - install -m 0644 triggers build/DEBIAN - install -D -m 0644 copyright build/${DOCDIR}/copyright - install -m 0644 changelog.Debian build/${DOCDIR}/ - gzip -9 -n build/${DOCDIR}/changelog.Debian - fakeroot dpkg-deb --build build - mv build.deb ${DEB} - #rm -rf build + rsync -a * build + sed -e s/@@ARCH@@/${ARCH}/ build/debian/control + echo "git clone git://git.proxmox.com/git/pve-access-control.git\\ngit checkout ${GITVERSION}" >build/debian/SOURCE + cd build; dpkg-buildpackage -rfakeroot -b -us -uc lintian ${DEB} .PHONY: upload @@ -72,7 +69,7 @@ upload: ${DEB} .PHONY: clean clean: make cleanup-docgen - rm -rf build *~ *.deb ${PACKAGE}-*.tar.gz pveum.1 + rm -rf build *.deb *.buildinfo *.changes find . -name '*~' -exec rm {} ';' .PHONY: distclean diff --git a/changelog.Debian b/changelog.Debian deleted file mode 100644 index ae0677d..0000000 --- a/changelog.Debian +++ /dev/null @@ -1,462 +0,0 @@ -libpve-access-control (5.0-4) unstable; urgency=medium - - * PVE/CLI/pveum.pm: call setup_default_cli_env() - - * PVE/Auth/PVE.pm: encode uft8 password before calling crypt - - * check_api2_permissions: avoid warning about uninitialized value - - -- Proxmox Support Team Tue, 02 May 2017 11:58:15 +0200 - -libpve-access-control (5.0-3) unstable; urgency=medium - - * use new PVE::OTP class from pve-common - - * use new PVE::Tools::encrypt_pw from pve-common - - -- Proxmox Support Team Thu, 30 Mar 2017 17:45:55 +0200 - -libpve-access-control (5.0-2) unstable; urgency=medium - - * encrypt_pw: avoid '+' for crypt salt - - -- Proxmox Support Team Thu, 30 Mar 2017 08:54:10 +0200 - -libpve-access-control (5.0-1) unstable; urgency=medium - - * rebuild for PVE 5.0 - - -- Proxmox Support Team Mon, 6 Mar 2017 13:42:01 +0100 - -libpve-access-control (4.0-23) unstable; urgency=medium - - * use new PVE::Ticket class - - -- Proxmox Support Team Thu, 19 Jan 2017 13:42:06 +0100 - -libpve-access-control (4.0-22) unstable; urgency=medium - - * RPCEnvironment: removed check_volume_access() to avoid cyclic dependency - (moved to PVE::Storage) - - * PVE::PCEnvironment: use new PVE::RESTEnvironment as base class - - -- Proxmox Support Team Thu, 19 Jan 2017 09:12:04 +0100 - -libpve-access-control (4.0-21) unstable; urgency=medium - - * setup_default_cli_env: expect $class as first parameter - - -- Proxmox Support Team Thu, 12 Jan 2017 13:54:27 +0100 - -libpve-access-control (4.0-20) unstable; urgency=medium - - * PVE/RPCEnvironment.pm: new function setup_default_cli_env - - * PVE/API2/Domains.pm: fix property description - - * use new repoman for upload target - - -- Proxmox Support Team Wed, 11 Jan 2017 12:13:26 +0100 - -libpve-access-control (4.0-19) unstable; urgency=medium - - * Close #833: ldap: non-anonymous bind support - - * don't import 'RFC' from MIME::Base32 - - -- Proxmox Support Team Fri, 05 Aug 2016 13:09:08 +0200 - -libpve-access-control (4.0-18) unstable; urgency=medium - - * fix #1062: recognize base32 otp keys again - - -- Proxmox Support Team Thu, 21 Jul 2016 08:43:18 +0200 - -libpve-access-control (4.0-17) unstable; urgency=medium - - * drop oathtool and libdigest-hmac-perl dependencies - - -- Proxmox Support Team Mon, 11 Jul 2016 12:03:22 +0200 - -libpve-access-control (4.0-16) unstable; urgency=medium - - * use pve-doc-generator to generate man pages - - -- Proxmox Support Team Fri, 08 Apr 2016 07:06:05 +0200 - -libpve-access-control (4.0-15) unstable; urgency=medium - - * Fix uninitialized warning when shadow.cfg does not exist - - -- Proxmox Support Team Fri, 01 Apr 2016 07:10:57 +0200 - -libpve-access-control (4.0-14) unstable; urgency=medium - - * Add is_worker to RPCEnvironment - - -- Proxmox Support Team Tue, 15 Mar 2016 16:47:34 +0100 - -libpve-access-control (4.0-13) unstable; urgency=medium - - * fix #916: allow HTTPS to access custom yubico url - - -- Proxmox Support Team Mon, 14 Mar 2016 11:39:23 +0100 - -libpve-access-control (4.0-12) unstable; urgency=medium - - * Catch certificate errors instead of segfaulting - - -- Proxmox Support Team Wed, 09 Mar 2016 14:41:01 +0100 - -libpve-access-control (4.0-11) unstable; urgency=medium - - * Fix #861: use safer sprintf formatting - - -- Proxmox Support Team Fri, 08 Jan 2016 12:52:39 +0100 - -libpve-access-control (4.0-10) unstable; urgency=medium - - * Auth::LDAP, Auth::AD: ipv6 support - - -- Proxmox Support Team Thu, 03 Dec 2015 12:09:32 +0100 - -libpve-access-control (4.0-9) unstable; urgency=medium - - * pveum: implement bash completion - - -- Proxmox Support Team Thu, 01 Oct 2015 17:22:52 +0200 - -libpve-access-control (4.0-8) unstable; urgency=medium - - * remove_storage_access: cleanup of access permissions for removed storage - - -- Proxmox Support Team Wed, 19 Aug 2015 15:39:15 +0200 - -libpve-access-control (4.0-7) unstable; urgency=medium - - * new helper to remove access permissions for removed VMs - - -- Proxmox Support Team Fri, 14 Aug 2015 07:57:02 +0200 - -libpve-access-control (4.0-6) unstable; urgency=medium - - * improve parse_user_config, parse_shadow_config - - -- Proxmox Support Team Mon, 27 Jul 2015 13:14:33 +0200 - -libpve-access-control (4.0-5) unstable; urgency=medium - - * pveum: check for $cmd being defined - - -- Proxmox Support Team Wed, 10 Jun 2015 10:40:15 +0200 - -libpve-access-control (4.0-4) unstable; urgency=medium - - * use activate-noawait triggers - - -- Proxmox Support Team Mon, 01 Jun 2015 12:25:31 +0200 - -libpve-access-control (4.0-3) unstable; urgency=medium - - * IPv6 fixes - - * non-root buildfix - - -- Proxmox Support Team Wed, 27 May 2015 11:15:44 +0200 - -libpve-access-control (4.0-2) unstable; urgency=medium - - * trigger pve-api-updates event - - -- Proxmox Support Team Tue, 05 May 2015 15:06:38 +0200 - -libpve-access-control (4.0-1) unstable; urgency=medium - - * bump version for Debian Jessie - - -- Proxmox Support Team Thu, 26 Feb 2015 11:22:01 +0100 - -libpve-access-control (3.0-16) unstable; urgency=low - - * root@pam can now be disabled in GUI. - - -- Proxmox Support Team Fri, 30 Jan 2015 06:20:22 +0100 - -libpve-access-control (3.0-15) unstable; urgency=low - - * oath: add 'step' and 'digits' option - - -- Proxmox Support Team Wed, 23 Jul 2014 06:59:52 +0200 - -libpve-access-control (3.0-14) unstable; urgency=low - - * add oath two factor auth - - * add oathkeygen binary to generate keys for oath - - * add yubico two factor auth - - * dedend on oathtool - - * depend on libmime-base32-perl - - * allow to write builtin auth domains config (comment/tfa/default) - - -- Proxmox Support Team Thu, 17 Jul 2014 13:09:56 +0200 - -libpve-access-control (3.0-13) unstable; urgency=low - - * use correct connection string for AD auth - - -- Proxmox Support Team Thu, 22 May 2014 07:16:09 +0200 - -libpve-access-control (3.0-12) unstable; urgency=low - - * add dummy API for GET /access/ticket (useful to generate login pages) - - -- Proxmox Support Team Wed, 30 Apr 2014 14:47:56 +0200 - -libpve-access-control (3.0-11) unstable; urgency=low - - * Sets common hot keys for spice client - - -- Proxmox Support Team Fri, 31 Jan 2014 10:24:28 +0100 - -libpve-access-control (3.0-10) unstable; urgency=low - - * implement helper to generate SPICE remote-viewer configuration - - * depend on libnet-ssleay-perl - - -- Proxmox Support Team Tue, 10 Dec 2013 10:45:08 +0100 - -libpve-access-control (3.0-9) unstable; urgency=low - - * prevent user enumeration attacks - - * allow dots in access paths - - -- Proxmox Support Team Mon, 18 Nov 2013 09:06:38 +0100 - -libpve-access-control (3.0-8) unstable; urgency=low - - * spice: use lowercase hostname in ticktet signature - - -- Proxmox Support Team Mon, 28 Oct 2013 08:11:57 +0100 - -libpve-access-control (3.0-7) unstable; urgency=low - - * check_volume_access : use parse_volname instead of path, and remove - path related code. - - * use warnings instead of global -w flag. - - -- Proxmox Support Team Tue, 01 Oct 2013 12:35:53 +0200 - -libpve-access-control (3.0-6) unstable; urgency=low - - * use shorter spiceproxy tickets - - -- Proxmox Support Team Fri, 19 Jul 2013 12:39:09 +0200 - -libpve-access-control (3.0-5) unstable; urgency=low - - * add code to generate tickets for SPICE - - -- Proxmox Support Team Wed, 26 Jun 2013 13:08:32 +0200 - -libpve-access-control (3.0-4) unstable; urgency=low - - * moved add_vm_to_pool/remove_vm_from_pool from qemu-server - - -- Proxmox Support Team Tue, 14 May 2013 11:56:54 +0200 - -libpve-access-control (3.0-3) unstable; urgency=low - - * Add new role PVETemplateUser (and VM.Clone priviledge) - - -- Proxmox Support Team Mon, 29 Apr 2013 11:42:15 +0200 - -libpve-access-control (3.0-2) unstable; urgency=low - - * remove CGI.pm related code (pveproxy does not need that) - - -- Proxmox Support Team Mon, 15 Apr 2013 12:34:23 +0200 - -libpve-access-control (3.0-1) unstable; urgency=low - - * bump version for wheezy release - - -- Proxmox Support Team Fri, 15 Mar 2013 08:07:06 +0100 - -libpve-access-control (1.0-26) unstable; urgency=low - - * check_volume_access: fix access permissions for backup files - - -- Proxmox Support Team Thu, 28 Feb 2013 10:00:14 +0100 - -libpve-access-control (1.0-25) unstable; urgency=low - - * add VM.Snapshot permission - - -- Proxmox Support Team Mon, 10 Sep 2012 09:23:32 +0200 - -libpve-access-control (1.0-24) unstable; urgency=low - - * untaint path (allow root to restore arbitrary paths) - - -- Proxmox Support Team Wed, 06 Jun 2012 13:06:34 +0200 - -libpve-access-control (1.0-23) unstable; urgency=low - - * correctly compute GUI capabilities (consider pools) - - -- Proxmox Support Team Wed, 30 May 2012 08:47:23 +0200 - -libpve-access-control (1.0-22) unstable; urgency=low - - * new plugin architecture for Auth modules, minor API change for Auth - domains (new 'delete' parameter) - - -- Proxmox Support Team Wed, 16 May 2012 07:21:44 +0200 - -libpve-access-control (1.0-21) unstable; urgency=low - - * do not allow user names including slash - - -- Proxmox Support Team Tue, 24 Apr 2012 10:07:47 +0200 - -libpve-access-control (1.0-20) unstable; urgency=low - - * add ability to fork cli workers in background - - -- Proxmox Support Team Wed, 18 Apr 2012 08:28:20 +0200 - -libpve-access-control (1.0-19) unstable; urgency=low - - * return set of privileges on login - can be used to adopt GUI - - -- Proxmox Support Team Tue, 17 Apr 2012 10:25:10 +0200 - -libpve-access-control (1.0-18) unstable; urgency=low - - * fix bug #151: corretly parse username inside ticket - - * fix bug #152: allow user to change his own password - - -- Proxmox Support Team Wed, 11 Apr 2012 09:40:15 +0200 - -libpve-access-control (1.0-17) unstable; urgency=low - - * set propagate flag by default - - -- Proxmox Support Team Thu, 01 Mar 2012 12:40:19 +0100 - -libpve-access-control (1.0-16) unstable; urgency=low - - * add 'pveum passwd' method - - -- Proxmox Support Team Thu, 23 Feb 2012 12:05:25 +0100 - -libpve-access-control (1.0-15) unstable; urgency=low - - * Add VM.Config.CDROM privilege to PVEVMUser rule - - -- Proxmox Support Team Wed, 22 Feb 2012 11:44:23 +0100 - -libpve-access-control (1.0-14) unstable; urgency=low - - * fix buf in userid-param permission check - - -- Proxmox Support Team Wed, 22 Feb 2012 10:52:35 +0100 - -libpve-access-control (1.0-13) unstable; urgency=low - - * allow more characters in ldap base_dn attribute - - -- Proxmox Support Team Wed, 22 Feb 2012 06:17:02 +0100 - -libpve-access-control (1.0-12) unstable; urgency=low - - * allow more characters with realm IDs - - -- Proxmox Support Team Mon, 20 Feb 2012 08:50:33 +0100 - -libpve-access-control (1.0-11) unstable; urgency=low - - * fix bug in exec_api2_perm_check - - -- Proxmox Support Team Wed, 15 Feb 2012 07:06:30 +0100 - -libpve-access-control (1.0-10) unstable; urgency=low - - * fix ACL group name parser - - * changed 'pveum aclmod' command line arguments - - -- Proxmox Support Team Tue, 14 Feb 2012 12:08:02 +0100 - -libpve-access-control (1.0-9) unstable; urgency=low - - * fix bug in check_volume_access (fixes vzrestore) - - -- Proxmox Support Team Mon, 13 Feb 2012 09:56:37 +0100 - -libpve-access-control (1.0-8) unstable; urgency=low - - * fix return value for empty ACL list. - - -- Proxmox Support Team Fri, 10 Feb 2012 11:25:04 +0100 - -libpve-access-control (1.0-7) unstable; urgency=low - - * fix bug #85: allow root@pam to generate tickets for other users - - -- Proxmox Support Team Tue, 17 Jan 2012 06:40:18 +0100 - -libpve-access-control (1.0-6) unstable; urgency=low - - * API change: allow to filter enabled/disabled users. - - -- Proxmox Support Team Wed, 11 Jan 2012 12:30:37 +0100 - -libpve-access-control (1.0-5) unstable; urgency=low - - * add a way to return file changes (diffs): set_result_changes() - - -- Proxmox Support Team Tue, 20 Dec 2011 11:18:48 +0100 - -libpve-access-control (1.0-4) unstable; urgency=low - - * new environment type for ha agents - - -- Proxmox Support Team Tue, 13 Dec 2011 10:08:53 +0100 - -libpve-access-control (1.0-3) unstable; urgency=low - - * add support for delayed parameter parsing - We need that to disable - file upload for normal API request (avoid DOS attacs) - - -- Proxmox Support Team Fri, 02 Dec 2011 09:56:10 +0100 - -libpve-access-control (1.0-2) unstable; urgency=low - - * fix bug in fork_worker - - -- Proxmox Support Team Tue, 11 Oct 2011 08:37:05 +0200 - -libpve-access-control (1.0-1) unstable; urgency=low - - * allow '-' in permission paths - - * bump version to 1.0 - - -- Proxmox Support Team Mon, 27 Jun 2011 13:51:48 +0200 - -libpve-access-control (0.1) unstable; urgency=low - - * first dummy package - no functionality - - -- Proxmox Support Team Thu, 09 Jul 2009 16:03:00 +0200 - diff --git a/control.in b/control.in deleted file mode 100644 index 758e9a0..0000000 --- a/control.in +++ /dev/null @@ -1,10 +0,0 @@ -Package: libpve-access-control -Version: @@VERSION@@-@@PKGRELEASE@@ -Section: perl -Priority: optional -Architecture: @@ARCH@@ -Depends: libc6 (>= 2.3), perl (>= 5.6.0-16), libcrypt-openssl-rsa-perl, libcrypt-openssl-random-perl, libjson-xs-perl, libjson-perl, libterm-readline-gnu-perl,libnet-ldap-perl, libpve-common-perl, pve-cluster, libauthen-pam-perl, libnet-ssleay-perl, liburi-perl, libwww-perl, libmime-base32-perl -Maintainer: Proxmox Support Team -Description: Proxmox VE access control library - This package contains the role based user management and access - control function used by Proxmox VE. diff --git a/copyright b/copyright deleted file mode 100644 index f96f3fb..0000000 --- a/copyright +++ /dev/null @@ -1,16 +0,0 @@ -Copyright (C) 2010 Proxmox Server Solutions GmbH - -This software is written by Proxmox Server Solutions GmbH - -This program is free software: you can redistribute it and/or modify -it under the terms of the GNU Affero General Public License as published by -the Free Software Foundation, either version 3 of the License, or -(at your option) any later version. - -This program is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -GNU Affero General Public License for more details. - -You should have received a copy of the GNU Affero General Public License -along with this program. If not, see . diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 0000000..ae0677d --- /dev/null +++ b/debian/changelog @@ -0,0 +1,462 @@ +libpve-access-control (5.0-4) unstable; urgency=medium + + * PVE/CLI/pveum.pm: call setup_default_cli_env() + + * PVE/Auth/PVE.pm: encode uft8 password before calling crypt + + * check_api2_permissions: avoid warning about uninitialized value + + -- Proxmox Support Team Tue, 02 May 2017 11:58:15 +0200 + +libpve-access-control (5.0-3) unstable; urgency=medium + + * use new PVE::OTP class from pve-common + + * use new PVE::Tools::encrypt_pw from pve-common + + -- Proxmox Support Team Thu, 30 Mar 2017 17:45:55 +0200 + +libpve-access-control (5.0-2) unstable; urgency=medium + + * encrypt_pw: avoid '+' for crypt salt + + -- Proxmox Support Team Thu, 30 Mar 2017 08:54:10 +0200 + +libpve-access-control (5.0-1) unstable; urgency=medium + + * rebuild for PVE 5.0 + + -- Proxmox Support Team Mon, 6 Mar 2017 13:42:01 +0100 + +libpve-access-control (4.0-23) unstable; urgency=medium + + * use new PVE::Ticket class + + -- Proxmox Support Team Thu, 19 Jan 2017 13:42:06 +0100 + +libpve-access-control (4.0-22) unstable; urgency=medium + + * RPCEnvironment: removed check_volume_access() to avoid cyclic dependency + (moved to PVE::Storage) + + * PVE::PCEnvironment: use new PVE::RESTEnvironment as base class + + -- Proxmox Support Team Thu, 19 Jan 2017 09:12:04 +0100 + +libpve-access-control (4.0-21) unstable; urgency=medium + + * setup_default_cli_env: expect $class as first parameter + + -- Proxmox Support Team Thu, 12 Jan 2017 13:54:27 +0100 + +libpve-access-control (4.0-20) unstable; urgency=medium + + * PVE/RPCEnvironment.pm: new function setup_default_cli_env + + * PVE/API2/Domains.pm: fix property description + + * use new repoman for upload target + + -- Proxmox Support Team Wed, 11 Jan 2017 12:13:26 +0100 + +libpve-access-control (4.0-19) unstable; urgency=medium + + * Close #833: ldap: non-anonymous bind support + + * don't import 'RFC' from MIME::Base32 + + -- Proxmox Support Team Fri, 05 Aug 2016 13:09:08 +0200 + +libpve-access-control (4.0-18) unstable; urgency=medium + + * fix #1062: recognize base32 otp keys again + + -- Proxmox Support Team Thu, 21 Jul 2016 08:43:18 +0200 + +libpve-access-control (4.0-17) unstable; urgency=medium + + * drop oathtool and libdigest-hmac-perl dependencies + + -- Proxmox Support Team Mon, 11 Jul 2016 12:03:22 +0200 + +libpve-access-control (4.0-16) unstable; urgency=medium + + * use pve-doc-generator to generate man pages + + -- Proxmox Support Team Fri, 08 Apr 2016 07:06:05 +0200 + +libpve-access-control (4.0-15) unstable; urgency=medium + + * Fix uninitialized warning when shadow.cfg does not exist + + -- Proxmox Support Team Fri, 01 Apr 2016 07:10:57 +0200 + +libpve-access-control (4.0-14) unstable; urgency=medium + + * Add is_worker to RPCEnvironment + + -- Proxmox Support Team Tue, 15 Mar 2016 16:47:34 +0100 + +libpve-access-control (4.0-13) unstable; urgency=medium + + * fix #916: allow HTTPS to access custom yubico url + + -- Proxmox Support Team Mon, 14 Mar 2016 11:39:23 +0100 + +libpve-access-control (4.0-12) unstable; urgency=medium + + * Catch certificate errors instead of segfaulting + + -- Proxmox Support Team Wed, 09 Mar 2016 14:41:01 +0100 + +libpve-access-control (4.0-11) unstable; urgency=medium + + * Fix #861: use safer sprintf formatting + + -- Proxmox Support Team Fri, 08 Jan 2016 12:52:39 +0100 + +libpve-access-control (4.0-10) unstable; urgency=medium + + * Auth::LDAP, Auth::AD: ipv6 support + + -- Proxmox Support Team Thu, 03 Dec 2015 12:09:32 +0100 + +libpve-access-control (4.0-9) unstable; urgency=medium + + * pveum: implement bash completion + + -- Proxmox Support Team Thu, 01 Oct 2015 17:22:52 +0200 + +libpve-access-control (4.0-8) unstable; urgency=medium + + * remove_storage_access: cleanup of access permissions for removed storage + + -- Proxmox Support Team Wed, 19 Aug 2015 15:39:15 +0200 + +libpve-access-control (4.0-7) unstable; urgency=medium + + * new helper to remove access permissions for removed VMs + + -- Proxmox Support Team Fri, 14 Aug 2015 07:57:02 +0200 + +libpve-access-control (4.0-6) unstable; urgency=medium + + * improve parse_user_config, parse_shadow_config + + -- Proxmox Support Team Mon, 27 Jul 2015 13:14:33 +0200 + +libpve-access-control (4.0-5) unstable; urgency=medium + + * pveum: check for $cmd being defined + + -- Proxmox Support Team Wed, 10 Jun 2015 10:40:15 +0200 + +libpve-access-control (4.0-4) unstable; urgency=medium + + * use activate-noawait triggers + + -- Proxmox Support Team Mon, 01 Jun 2015 12:25:31 +0200 + +libpve-access-control (4.0-3) unstable; urgency=medium + + * IPv6 fixes + + * non-root buildfix + + -- Proxmox Support Team Wed, 27 May 2015 11:15:44 +0200 + +libpve-access-control (4.0-2) unstable; urgency=medium + + * trigger pve-api-updates event + + -- Proxmox Support Team Tue, 05 May 2015 15:06:38 +0200 + +libpve-access-control (4.0-1) unstable; urgency=medium + + * bump version for Debian Jessie + + -- Proxmox Support Team Thu, 26 Feb 2015 11:22:01 +0100 + +libpve-access-control (3.0-16) unstable; urgency=low + + * root@pam can now be disabled in GUI. + + -- Proxmox Support Team Fri, 30 Jan 2015 06:20:22 +0100 + +libpve-access-control (3.0-15) unstable; urgency=low + + * oath: add 'step' and 'digits' option + + -- Proxmox Support Team Wed, 23 Jul 2014 06:59:52 +0200 + +libpve-access-control (3.0-14) unstable; urgency=low + + * add oath two factor auth + + * add oathkeygen binary to generate keys for oath + + * add yubico two factor auth + + * dedend on oathtool + + * depend on libmime-base32-perl + + * allow to write builtin auth domains config (comment/tfa/default) + + -- Proxmox Support Team Thu, 17 Jul 2014 13:09:56 +0200 + +libpve-access-control (3.0-13) unstable; urgency=low + + * use correct connection string for AD auth + + -- Proxmox Support Team Thu, 22 May 2014 07:16:09 +0200 + +libpve-access-control (3.0-12) unstable; urgency=low + + * add dummy API for GET /access/ticket (useful to generate login pages) + + -- Proxmox Support Team Wed, 30 Apr 2014 14:47:56 +0200 + +libpve-access-control (3.0-11) unstable; urgency=low + + * Sets common hot keys for spice client + + -- Proxmox Support Team Fri, 31 Jan 2014 10:24:28 +0100 + +libpve-access-control (3.0-10) unstable; urgency=low + + * implement helper to generate SPICE remote-viewer configuration + + * depend on libnet-ssleay-perl + + -- Proxmox Support Team Tue, 10 Dec 2013 10:45:08 +0100 + +libpve-access-control (3.0-9) unstable; urgency=low + + * prevent user enumeration attacks + + * allow dots in access paths + + -- Proxmox Support Team Mon, 18 Nov 2013 09:06:38 +0100 + +libpve-access-control (3.0-8) unstable; urgency=low + + * spice: use lowercase hostname in ticktet signature + + -- Proxmox Support Team Mon, 28 Oct 2013 08:11:57 +0100 + +libpve-access-control (3.0-7) unstable; urgency=low + + * check_volume_access : use parse_volname instead of path, and remove + path related code. + + * use warnings instead of global -w flag. + + -- Proxmox Support Team Tue, 01 Oct 2013 12:35:53 +0200 + +libpve-access-control (3.0-6) unstable; urgency=low + + * use shorter spiceproxy tickets + + -- Proxmox Support Team Fri, 19 Jul 2013 12:39:09 +0200 + +libpve-access-control (3.0-5) unstable; urgency=low + + * add code to generate tickets for SPICE + + -- Proxmox Support Team Wed, 26 Jun 2013 13:08:32 +0200 + +libpve-access-control (3.0-4) unstable; urgency=low + + * moved add_vm_to_pool/remove_vm_from_pool from qemu-server + + -- Proxmox Support Team Tue, 14 May 2013 11:56:54 +0200 + +libpve-access-control (3.0-3) unstable; urgency=low + + * Add new role PVETemplateUser (and VM.Clone priviledge) + + -- Proxmox Support Team Mon, 29 Apr 2013 11:42:15 +0200 + +libpve-access-control (3.0-2) unstable; urgency=low + + * remove CGI.pm related code (pveproxy does not need that) + + -- Proxmox Support Team Mon, 15 Apr 2013 12:34:23 +0200 + +libpve-access-control (3.0-1) unstable; urgency=low + + * bump version for wheezy release + + -- Proxmox Support Team Fri, 15 Mar 2013 08:07:06 +0100 + +libpve-access-control (1.0-26) unstable; urgency=low + + * check_volume_access: fix access permissions for backup files + + -- Proxmox Support Team Thu, 28 Feb 2013 10:00:14 +0100 + +libpve-access-control (1.0-25) unstable; urgency=low + + * add VM.Snapshot permission + + -- Proxmox Support Team Mon, 10 Sep 2012 09:23:32 +0200 + +libpve-access-control (1.0-24) unstable; urgency=low + + * untaint path (allow root to restore arbitrary paths) + + -- Proxmox Support Team Wed, 06 Jun 2012 13:06:34 +0200 + +libpve-access-control (1.0-23) unstable; urgency=low + + * correctly compute GUI capabilities (consider pools) + + -- Proxmox Support Team Wed, 30 May 2012 08:47:23 +0200 + +libpve-access-control (1.0-22) unstable; urgency=low + + * new plugin architecture for Auth modules, minor API change for Auth + domains (new 'delete' parameter) + + -- Proxmox Support Team Wed, 16 May 2012 07:21:44 +0200 + +libpve-access-control (1.0-21) unstable; urgency=low + + * do not allow user names including slash + + -- Proxmox Support Team Tue, 24 Apr 2012 10:07:47 +0200 + +libpve-access-control (1.0-20) unstable; urgency=low + + * add ability to fork cli workers in background + + -- Proxmox Support Team Wed, 18 Apr 2012 08:28:20 +0200 + +libpve-access-control (1.0-19) unstable; urgency=low + + * return set of privileges on login - can be used to adopt GUI + + -- Proxmox Support Team Tue, 17 Apr 2012 10:25:10 +0200 + +libpve-access-control (1.0-18) unstable; urgency=low + + * fix bug #151: corretly parse username inside ticket + + * fix bug #152: allow user to change his own password + + -- Proxmox Support Team Wed, 11 Apr 2012 09:40:15 +0200 + +libpve-access-control (1.0-17) unstable; urgency=low + + * set propagate flag by default + + -- Proxmox Support Team Thu, 01 Mar 2012 12:40:19 +0100 + +libpve-access-control (1.0-16) unstable; urgency=low + + * add 'pveum passwd' method + + -- Proxmox Support Team Thu, 23 Feb 2012 12:05:25 +0100 + +libpve-access-control (1.0-15) unstable; urgency=low + + * Add VM.Config.CDROM privilege to PVEVMUser rule + + -- Proxmox Support Team Wed, 22 Feb 2012 11:44:23 +0100 + +libpve-access-control (1.0-14) unstable; urgency=low + + * fix buf in userid-param permission check + + -- Proxmox Support Team Wed, 22 Feb 2012 10:52:35 +0100 + +libpve-access-control (1.0-13) unstable; urgency=low + + * allow more characters in ldap base_dn attribute + + -- Proxmox Support Team Wed, 22 Feb 2012 06:17:02 +0100 + +libpve-access-control (1.0-12) unstable; urgency=low + + * allow more characters with realm IDs + + -- Proxmox Support Team Mon, 20 Feb 2012 08:50:33 +0100 + +libpve-access-control (1.0-11) unstable; urgency=low + + * fix bug in exec_api2_perm_check + + -- Proxmox Support Team Wed, 15 Feb 2012 07:06:30 +0100 + +libpve-access-control (1.0-10) unstable; urgency=low + + * fix ACL group name parser + + * changed 'pveum aclmod' command line arguments + + -- Proxmox Support Team Tue, 14 Feb 2012 12:08:02 +0100 + +libpve-access-control (1.0-9) unstable; urgency=low + + * fix bug in check_volume_access (fixes vzrestore) + + -- Proxmox Support Team Mon, 13 Feb 2012 09:56:37 +0100 + +libpve-access-control (1.0-8) unstable; urgency=low + + * fix return value for empty ACL list. + + -- Proxmox Support Team Fri, 10 Feb 2012 11:25:04 +0100 + +libpve-access-control (1.0-7) unstable; urgency=low + + * fix bug #85: allow root@pam to generate tickets for other users + + -- Proxmox Support Team Tue, 17 Jan 2012 06:40:18 +0100 + +libpve-access-control (1.0-6) unstable; urgency=low + + * API change: allow to filter enabled/disabled users. + + -- Proxmox Support Team Wed, 11 Jan 2012 12:30:37 +0100 + +libpve-access-control (1.0-5) unstable; urgency=low + + * add a way to return file changes (diffs): set_result_changes() + + -- Proxmox Support Team Tue, 20 Dec 2011 11:18:48 +0100 + +libpve-access-control (1.0-4) unstable; urgency=low + + * new environment type for ha agents + + -- Proxmox Support Team Tue, 13 Dec 2011 10:08:53 +0100 + +libpve-access-control (1.0-3) unstable; urgency=low + + * add support for delayed parameter parsing - We need that to disable + file upload for normal API request (avoid DOS attacs) + + -- Proxmox Support Team Fri, 02 Dec 2011 09:56:10 +0100 + +libpve-access-control (1.0-2) unstable; urgency=low + + * fix bug in fork_worker + + -- Proxmox Support Team Tue, 11 Oct 2011 08:37:05 +0200 + +libpve-access-control (1.0-1) unstable; urgency=low + + * allow '-' in permission paths + + * bump version to 1.0 + + -- Proxmox Support Team Mon, 27 Jun 2011 13:51:48 +0200 + +libpve-access-control (0.1) unstable; urgency=low + + * first dummy package - no functionality + + -- Proxmox Support Team Thu, 09 Jul 2009 16:03:00 +0200 + diff --git a/debian/compat b/debian/compat new file mode 100644 index 0000000..ec63514 --- /dev/null +++ b/debian/compat @@ -0,0 +1 @@ +9 diff --git a/debian/control.in b/debian/control.in new file mode 100644 index 0000000..f34adc2 --- /dev/null +++ b/debian/control.in @@ -0,0 +1,14 @@ +Source: libpve-access-control +Section: perl +Priority: optional +Maintainer: Proxmox Support Team +Build-Depends: debhelper (>= 7.0.50~), libpve-common-perl, perl (>= 5.10.0-19), lintian, pve-doc-generator +Standards-Version: 3.9.5 +Homepage: http://www.proxmox.com + +Package: libpve-access-control +Architecture: @@ARCH@@ +Depends: libc6 (>= 2.3), perl (>= 5.6.0-16), libcrypt-openssl-rsa-perl, libcrypt-openssl-random-perl, libjson-xs-perl, libjson-perl, libterm-readline-gnu-perl,libnet-ldap-perl, libpve-common-perl, pve-cluster, libauthen-pam-perl, libnet-ssleay-perl, liburi-perl, libwww-perl, libmime-base32-perl +Description: Proxmox VE access control library + This package contains the role based user management and access + control function used by Proxmox VE. diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 0000000..f96f3fb --- /dev/null +++ b/debian/copyright @@ -0,0 +1,16 @@ +Copyright (C) 2010 Proxmox Server Solutions GmbH + +This software is written by Proxmox Server Solutions GmbH + +This program is free software: you can redistribute it and/or modify +it under the terms of the GNU Affero General Public License as published by +the Free Software Foundation, either version 3 of the License, or +(at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU Affero General Public License for more details. + +You should have received a copy of the GNU Affero General Public License +along with this program. If not, see . diff --git a/debian/docs b/debian/docs new file mode 100644 index 0000000..8696672 --- /dev/null +++ b/debian/docs @@ -0,0 +1 @@ +debian/SOURCE diff --git a/debian/rules b/debian/rules new file mode 100755 index 0000000..955dd78 --- /dev/null +++ b/debian/rules @@ -0,0 +1,13 @@ +#!/usr/bin/make -f +# -*- makefile -*- +# Sample debian/rules that uses debhelper. +# This file was originally written by Joey Hess and Craig Small. +# As a special exception, when this file is copied by dh-make into a +# dh-make output file, you may use that output file without restriction. +# This special exception was added by Craig Small in version 0.37 of dh-make. + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + +%: + dh $@ diff --git a/debian/triggers b/debian/triggers new file mode 100644 index 0000000..59dd688 --- /dev/null +++ b/debian/triggers @@ -0,0 +1 @@ +activate-noawait pve-api-updates diff --git a/triggers b/triggers deleted file mode 100644 index 59dd688..0000000 --- a/triggers +++ /dev/null @@ -1 +0,0 @@ -activate-noawait pve-api-updates