fix #1670: change PAM service name to project specific name
[pve-access-control.git] / PVE /
2020-11-20 Wolfgang Bumillerfix #1670: change PAM service name to project specific... master
2020-09-29 Thomas Lamprechtapi/users: catch existing user also on case insensitive...
2020-09-29 Thomas Lamprechtapi/users: indentation cleanup
2020-09-29 Wolfgang Linkfix #2947 login name for the LDAP/AD realm can be case...
2020-07-04 Thomas Lamprechtpartially fix #2825: authkey: rotate if it was generate...
2020-07-03 Thomas Lamprechtauthkey: use variable instead of hard coded grace perio...
2020-06-26 Mira Limbeckintroduce VM.Config.Cloudinit permission
2020-06-15 Alexandre Derumierapi2: AccessControl: add sdn permissions.modify
2020-06-09 Thomas Lamprechtcomput coarse UI permissions: also check SDN ones
2020-05-08 Dominik CsapakLDAP: skip anonymous bind when clientcert/key is given
2020-05-08 Thomas Lamprechtldap_delete_credentials: don't complain if already...
2020-05-06 Tim Marxwhitespace cleanup
2020-05-03 Thomas Lamprechtpveum: add 'tfa delete' subcommand for deleting user-TFA
2020-04-25 Thomas Lamprechtdomains: dry-run: adapt log messages and improve variab...
2020-04-25 Thomas Lamprechtparse_sync_opts: code cleanup
2020-04-25 Dominik Csapakdomain sync: add 'dry-run' parameter
2020-04-25 Dominik Csapakauth ldap/ad: introduce connection 'mode'
2020-04-25 Dominik Csapakdomain sync: make options actually required
2020-04-18 Dominik Csapakauth ldap/ad: make password a parameter for the api
2020-04-18 Thomas Lamprechtapi/domain: add on add/update/delete hooks
2020-04-15 Thomas Lamprechttoken create: return also full token id for convenience
2020-04-15 Thomas Lamprechttoken: avoid undef warning if no tokens are configured
2020-04-06 Dominik Csapakauth ad: add sync-defaults-options
2020-03-21 Thomas Lamprechtsplit and sort some module use
2020-03-21 Thomas Lamprechtrealm: add default-sync-options to config
2020-03-21 Thomas Lamprechtapi: realm sync: move out group and user update to...
2020-03-21 Thomas Lamprechtapi: realm sync: use auth-realm-sync as worker id
2020-03-21 Thomas Lamprechtapi: realm sync: cleanup code and refactor
2020-03-21 Dominik Csapakdo not modify ACLs/Groups for missing users
2020-03-21 Dominik Csapakapi: domains: add user/group sync API enpoint
2020-03-21 Dominik CsapakAuth/AD: make PVE::Auth::AD a subclass of PVE::Auth...
2020-03-21 Dominik CsapakAuth/LDAP: add get_{users, groups} subs for syncing
2020-03-21 Dominik CsapakAuth/LDAP: add necessary options for syncing
2020-03-07 Dominik CsapakAuth/LDAP: refactor out 'connect_and_bind'
2020-03-07 Dominik CsapakAPI2/Domains.pm: document 'type' return value
2020-03-07 Dominik CsapakAPI2/Domains.pm: fix whitespace errors
2020-03-07 Dominik Csapakadd realm commands to pveum
2020-03-07 Dominik Csapakuse PVE::LDAP module instead of useing Net::LDAP directly
2020-01-31 Dominik Csapakfix #2575: die when trying to edit built-in roles
2020-01-29 Fabian Grünbichleruser.cfg: skip inexisting roles when parsing ACLs
2020-01-29 Fabian Grünbichlerpveum: add permissions sub-commands
2020-01-29 Thomas Lamprechtpveum token: rename 'update' subcommand to 'modify...
2020-01-29 Fabian Grünbichlerpveum: add 'pveum user token add/update/remove/list'
2020-01-29 Fabian GrünbichlerAPI: add 'permissions' API endpoint
2020-01-29 Fabian Grünbichlerroles()/permissions(): also return propagate flag
2020-01-29 Fabian Grünbichlerapi: disallow some paths for API tokens
2020-01-29 Fabian GrünbichlerAPI token: implement permission checks
2020-01-29 Fabian GrünbichlerAPI: include API tokens in ACL API endpoints
2020-01-29 Thomas Lamprechtapi/users: mark tokens and groups as optional in return...
2020-01-29 Fabian GrünbichlerAPI: add group and token info to user index
2020-01-29 Thomas Lamprechtapi: document default of token expiration date
2020-01-29 Fabian GrünbichlerAPI: add API token API endpoints
2020-01-28 Fabian GrünbichlerAPI token: add verification method
2020-01-28 Fabian GrünbichlerAPI token: add (shadow) TokenConfig
2020-01-28 Fabian GrünbichlerAPI token: add check_token_exist API helper
2020-01-28 Fabian GrünbichlerAPI token: add REs, helpers, parsing + writing
2020-01-28 Fabian GrünbichlerAPI: add group members to group index
2020-01-27 Fabian Grünbichlerfix typo
2020-01-14 Fabian Grünbichlerrefactor acl transformation code
2020-01-14 Fabian Grünbichlerauth: pull username REs into variables
2020-01-14 Fabian Grünbichlerrpcenv: drop unused roles()
2019-12-13 Thomas Lamprechtgrammar fix: s/does not exists/does not exist/g
2019-11-26 Alexandre Derumieradd SDN.Allocate && SDN.Audit privileges
2019-11-23 Fabian Grünbichleraccess-control: remove check_permissions/permission
2019-11-23 Fabian Grünbichlerpveum: add list commands
2019-11-23 Fabian Grünbichleruser.cfg: sort group and pool members, role privs
2019-11-23 Fabian Grünbichleruser.cfg: ensure propagate flag is 1/0 when parsing
2019-11-18 Fabian Grünbichleruse already parsed u2f property string
2019-11-18 Fabian Grünbichleruse PVE::DataCenterConfig
2019-11-14 Fabian GrünbichlerAPI: fix calls to raise_param_exc
2019-11-08 Fabian Grünbichlerticket: use clinfo to get cluster name
2019-11-08 Fabian Grünbichlerpveum: cleanup outdated use statements
2019-11-06 Thomas Lamprechtldaps: support TLS 1.3 as SSL version
2019-11-06 Alexandre Derumierldap auth: add sslversion option
2019-10-29 Wolfgang Bumillerapi: tfa: use the new 'pve-tfa-secret' format
2019-10-17 Fabian Grünbichleruser.cfg: sort ACL members
2019-10-17 Fabian Grünbichleruser.cfg: sort entries alphabetically in each section
2019-10-17 Fabian Grünbichleradd missing 'use PVE::Auth::Plugin'
2019-10-03 Fabian Grünbichlerparse_user_cfg: correctly parse group names in ACLs
2019-06-26 Thomas Lamprechtimprove CSRF compat with older PVE
2019-06-19 Oguz Bektasuse hmac_sha256 instead of sha1 for csrf token
2019-06-19 Fabian Grünbichlerticket: add comments about auth key mtime
2019-06-19 Fabian Grünbichlerticket: reorder calls when rotating
2019-06-19 Fabian Grünbichlerticket: properly verify exactly 5min old tickets
2019-05-21 Thomas Lamprechtfix #2079: activate authkey rotation every 24 hours
2019-05-07 Dominik Csapakadd /access/user/{id}/tfa api call to get tfa types
2019-04-24 Wolfgang Bumillertfa: realm required TFA should lock out users without TFA
2019-04-15 Wolfgang Bumillertypo fixup
2019-04-12 Wolfgang Bumillerstore the tfa type in user.cfg
2019-04-09 Thomas Lamprechtu2f: new perl bindings encode public key for us
2019-04-08 Wolfgang Bumillerverify_ticket: allow general non-challenge tfa to be...
2019-04-03 Thomas Lamprechtfollowup: s/CUSTOM_TFA_TYPES/USER_CONTROLLED_TFA_TYPES/
2019-04-03 Wolfgang Bumillerallow users to change their totp settings
2019-04-03 Wolfgang Bumilleruse a property string for tfa config
2019-04-03 Wolfgang Bumilleru2f authentication
2019-04-03 Wolfgang Bumillerdelete TFA entries when deleting a user
2019-04-03 Wolfgang Bumilleru2f api endpoints
2019-04-03 Wolfgang Bumillermore general 2FA configuration via priv/tfa.cfg
2019-03-18 Dominik Csapakfix vnc ticket verification without authkey lifetime
2019-03-14 Thomas Lamprechtfixup call to cfs_lock_authkey
next