#####################################
# LSHELL - Limited Shell - CHANGES #
#####################################
#
# $Id: CHANGES,v 1.65 2010/10/26 22:39:36 ghantoos Exp $
Contact: ghantoos@ghantoos.org
http://sourceforge.net/projects/lshell/
#####################################
=== v0.9.14 27/10/2010 ===
* Corrected get_aliases function, as it was looping when aliases were
"recursive" (e.g. 'ls':'ls --color=auto')
* Added lsudo built-in command to list allowed sudo commands.
* Corrected completion function when 2 strings collided (e.g. ls and lsudo)
* Corrected the README's installation part (adding --prefix).
* Added possibility to log via syslog.
* Corrected warning counter (was counting minus 1).
* Added the possibility to disable the counter, and just warn the user
(withouht kicking him).
* Added possibility to configure prompt. Thank you bapt for the patch.
* Added possibility to set environment variables to users. Thank you bapt
for the patch.
* Added the 'history' built-in function.
=== v0.9.13 02/09/2010 ===
* Switched from deprecated popen2 to subprocess to be python2.6 compatible.
Thank you Greg Orlowski for the patch.
* Added missing builin commands when 'allowed' list was set to 'all'. For
example, the "cd" command was then missing.
* Added the "export" builtin function to export shell variables. Thank you
Chris for reporting this issue.
=== v0.9.12 04/05/2010 ===
* A minor bug was inserted in version 0.9.11 with the sudo command.
It has been corrected in this version.
=== v0.9.11 27/04/2010 ===
* Corrects traceback when executing a command that had a python homonym
(e.g. "print foo" or "set"). (Closes: SF#2969631)
* Corrected completion error when using "~/". Thanks to Piotr Minkina for
reporting this.
* Corrected the get_aliases function.
* Corrected interpretation of ~user. Thank you Adrien Urban for reporting
this.
* The 'home_path' variable is being deprecated from this version and on.
Please use your system's tools to set a user's home directory.
It will be completely removed in the next version of lshell.
* Corrected shell variable and wildcards expansions when checking a command.
Thank you Adrien Urban for reporting this.
* Added possibility to allow/forbid scp upload/download using scp_upload
and scp_download variables.
* Corrected bug when using the "command=" in openSSH's authorized_keys.
lshell now takes into account the SSH_ORIGINAL_COMMAND environment
variable. Thank you Jason Heiss for reporting this.
* Corrected traceback when aliases is not defined in configuration, and
command is sent over SSH. Thank you Jason Heiss for reporting this.
=== v0.9.10 08/03/2010 ===
* Corrected minor bug in the aliases function that appeared in the previous
version. Thank you Piotr Minkina for reporting this.
=== v0.9.9 07/03/2010 ===
* Added the possibility to configure introduction prompt.
* Replaced "joker" by "warnings" (more elegant)
* Possibility of limiting the history file size.
* Added lpath built-in command to list allowed and denied path. Thanks to
Adrien Urban.
* Corrected bug when using "~" was not parsed as "home directory" when
used in a command other than "cd". Thank you Adrien Urban finding this.
* Corrected minor typo when warning for a forbidden path.
* If $(foo) is present in the line, check if foo is allowed before
executing the line. Thank you Adrien Urban for pointing this out!
* Added the possibility to list commands allowed to be executed using sudo.
The new configuration field is sudo_commands.
* Added the clear(1) command as a built-in command.
* Added '$(' and '${' in the forbidden list by default in the configuration
file.
* Now check the content of curly braces with variables '${}'. Thank you
Adrien Urban for reporting this.
* Added possibility to set history file name using history_file in the
configuration file.
* Corrected the bug when using '|', '&' or ';' over ssh. Over ssh forbidden
characters refers now to the list provided in the "forbidden" field.
Thank you Jools Wills for reporting this!
* It now possible to use "&&" and "||" even if "&" and/or "|" are in the
forbidden list. In order to forbid them too, you must add them
explicitely in the forbidden list. Thank you Adrien Urban for this
suggestion.
* Fixed aliases bug that replaced part of commands rendering them unusable.
e.g. aliase vi:vim replaced the view command by vimew.
* Added a logrotate file for lshell log files.
* Corrected parsing of commands overssh to be checked by the same function
used by the lshell CLI.
Thank you Adrien Urban for you security audit and excellent ideas!
=== v0.9.8 30/11/2009 ===
* Major bug fix. lshell did not launch on python 2.4 and 2.5 (https://sourceforge.net/projects/lshell/forums/forum/778301/topic/3474668)
* Added aliases for commands over SSH.
=== v0.9.7 25/11/2009 ===
* Cleaned up the Python code
* Corrected crash when directory permission denied (Closes: https://sourceforge.net/tracker/?func=detail&aid=2875374&group_id=215792&atid=1035093)
* Added possibility to set the home_path option using the '%u' flag.
(e.g. '/var/chroot/%u' where '%u' will be replaced by the user's username)
* Now replaces "~" by user's home directory.
=== v0.9.6 9/09/2009 ===
* Major security fix. User had access to all files located in forbidden
directories (Closes: https://sourceforge.net/tracker/?func=detail&aid=2838542&group_id=215792&atid=1035093)
* Corrects RPM generation bug (Closes: https://sourceforge.net/tracker/index.php?func=detail&aid=2838283&group_id=215792&atid=1035093)
* lshell exits gracefully when user home directory doesn't exist
=== v0.9.5 28/07/2009 ===
* Minor release
* Changed lshell's group from lshellg to lshell (this should not have an \
impact on older installations)
* Minor typo correction in the lshell.py code
=== v0.9.4 09/06/2009 ===
* Log file name is now configurable using 'logfilename' variable inside the\
configuration file
* Corrected aliases in lshell.conf to work with *BSD
=== v0.9.3 13/04/2009 ===
* corrected major bug (alias related)
=== v0.9.2 05/04/2009 ===
* added Force SCP directory feature
* added command alias feature
=== v0.9.1 24/03/2009 ===
* loglevel can now be defined on global, group or user level
* corrected sftp support (broken since in 0.9.0)
=== v0.9.0 20/03/2009 ===
* As lshell has reached the point where it can be considered as a nearly \
stable software. I decided to make a version jump to 0.9.0
* corrected bug in case PATH does not exist and allowed set to 'all'
* added support for UNIX groups in configuration file
* cleaned up code
* corrected major security bug
* corrected path completion, to complete only allowed path simplified the \
check_secure and check_path functions
* added escape code handling (tested with ftp, gdb, vi)
* added flexible +/- possibilities in configuration file
* now supports completion after '|', ';' and '&'
* Command test are also done after '|', ';' and '&'
* Doesn't list hidden directories by default
* There are now 4 logging levels (4: logs absolutely everything user types)
* added 'strict' behaviour. If set to 1, any unknown command is considered \
as forbidden, as warning counter is decreased.
=== v0.2.6 02/03/2009 ===
* added 'all' to allow all commands to a user
* added backticks in lshell.conf
* changes made to setup.py in version 0.2.5 were undone + added classifiers
=== v0.2.5 15/02/2009 ===
* corrected import readline [bug]
* added log directory instead of a logfile
* created log levels (0 to 3)
* setup.py is now BSD compatible (using --install-data flag)
=== v0.2.4 27/01/2009 ===
* NEW: "overssh" in config file. Allows to set commands allowed to execute \
over ssh (e.g. rsync)
* fixed timer
* added python logging method
* cleaned code
* cleaner "over ssh commands" support (e.g. scp, sftp, rsync, etc.)
=== v0.2.3 03/12/2008 ===
* corrected completion
* added [global] section in configuration file
=== v0.2.2 29/10/2008 ===
* corrected SCP functionnality
* added SFTP support
* passwd in not mandatory in configuration file (deprecated)
* lshell is now added to /etc/shells using `add-shell`
=== v0.2.1 20/10/2008 ===
* Corrected rpm & deb builds
* added a manpage
=== v0.2 18/10/2008 ===
* Initial debian packaging
=== v0.2 17/10/2008 ===
* Added config and log option on command line (-c|--config and -l|--log)
* Initial source packaging using distutils
* Initial rpm packaging using distutils
=== v0.2 07/10/2008 ===
* Added file completion
* Added a history file per user
* Added a logging for warnings and log in/out
* Added prompt update when user changes directory (bash like)
* Corrected the check_path function
* Changed user setting from global variable to dict
* Added a default profile used when a parameter is not set for a user
=== 06/05/2008 ===
* Added an shell script usefull to install and manage lshell users
=== 08/04/2008 ===
* Added evironment path (env_path) update support
* Added home path (home_path) variable
=== 29/03/2008 ===
* Corrected class declaration bug and configuration file location
* Updated the README file with another usage of lshell
=== 05/02/2008 ===
* added a path variable to restrict the user's geographic actions
* MAJOR: added SCP support (also configurable through the config file)
=== 31/01/2008 ===
* MAJOR: Added the 'help' method
* Did some code cleanup
=== 28/01/2008 ===
* Initial release of lshell
