[pve-devel] [PATCH access-control 3/5] api: clarify that password changes for PAM realm only apply to local node
Fiona Ebner
f.ebner at proxmox.com
Wed Dec 4 12:37:06 CET 2024
Reported in the community forum:
https://forum.proxmox.com/threads/158518/
Signed-off-by: Fiona Ebner <f.ebner at proxmox.com>
---
src/PVE/API2/AccessControl.pm | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/PVE/API2/AccessControl.pm b/src/PVE/API2/AccessControl.pm
index f23662a..bb7b78f 100644
--- a/src/PVE/API2/AccessControl.pm
+++ b/src/PVE/API2/AccessControl.pm
@@ -326,7 +326,8 @@ __PACKAGE__->register_method ({
description => "Each user is allowed to change his own password. A user can change the"
." password of another user if he has 'Realm.AllocateUser' (on the realm of user"
." <userid>) and 'User.Modify' permission on /access/groups/<group> on a group where"
- ." user <userid> is member of.",
+ ." user <userid> is member of. For the PAM realm, a password change does not take "
+ ." effect cluster-wide, but only applies to the local node.",
check => [ 'or',
['userid-param', 'self'],
[ 'and',
--
2.39.5
More information about the pve-devel
mailing list