diff options
| -rw-r--r-- | NEWS | 10 | ||||
| -rw-r--r-- | TODO | 18 |
2 files changed, 10 insertions, 18 deletions
@@ -8,10 +8,20 @@ wallet 0.10 (unreleased) Fix logging in wallet-backend and the remctl configuration to not log the data passed to store. + Add additional reports for wallet-admin list: objects owned by a + specific ACL, objects owned by no one, objects of a specific type, + objects with a specific flag, objects for which a specific ACL has + privileges, ACLs with an entry with a given type and identifier, and + ACLs with no members. + Add a new report owners command to wallet-admin and corresponding report_owners() method to Wallet::Admin, which returns all ACL lines on owner ACLs for matching objects. + Report ACL names as well as numbers in object history. + + Add support for Heimdal KDCs as well as MIT Kerberos KDCs. + wallet 0.9 (2008-04-24) The wallet command-line client now reads the data for store from a @@ -9,16 +9,6 @@ Release 1.0: * Provide a way to get history for deleted objects and ACLs. -* Display ACL names rather than index numbers when displaying history of - owner and acl_* settings. - -* Provide a way to list all objects by type, by owner (including null), or - by all uses of an ACL. - -* Provide an interface to list all empty ACLs. - -* Provide an interface to find all ACLs with a particular line. - * Provide an interface to mass-change all instances of one ACL to another. * Add a help function to wallet-backend listing the commands. @@ -36,9 +26,6 @@ Release 1.0: * Error messages from ACL operations should refer to the ACLs by name instead of by ID. -* History records should list both ACL ID and ACL name if the name is - still found in the database. - * Add the database schema version to a global table so that we can use it to support schema upgrades in the future. @@ -111,11 +98,6 @@ Future work: * Add a comment field for objects that can be set by the owner. -* The keytab backend currently only supports MIT Kerberos. Add support - for Heimdal. This should probably be done by writing a separate class - that handles the kadmin operations that can be subclassed and that - dynamically chooses its implementation based on run-time configuration. - * Use the Perl Authen::Krb5::Admin module instead of rolling our own kadmin code with Expect now that MIT Kerberos has made the kadmin API public. |