* Log the login activity.
     * @param user The user.
     */
    public void login(final OptionalThing<FessUserBean> user) {
        final Map<String, String> valueMap = new LinkedHashMap<>();
        valueMap.put("action", Action.LOGIN.name());
        valueMap.put("user", user.map(FessUserBean::getUserId).orElse("-"));
        valueMap.put("permissions",

- Removed a warning around Linux user namespaces and kernel version. If the feature gate `UserNamespacesSupport` was enabled, the kubelet previously warned when detecting a Linux kernel version earlier than 6.3.0. User namespace support on Linux typically does still need kernel 6.3 or...

	typedef [v1_enum] enum {
		ACB_DISABLED               = 0x00000001, /* 1 = User account disabled */
		ACB_HOMDIRREQ              = 0x00000002, /* 1 = Home directory required */
		ACB_PWNOTREQ               = 0x00000004, /* 1 = User password not required */
		ACB_TEMPDUP                = 0x00000008, /* 1 = Temporary duplicate account */
		ACB_NORMAL                 = 0x00000010, /* 1 = Normal user account */

    }

    /**
     * Deletes a user from all authentication chains.
     * @param user The user to delete.
     */
    public void delete(final User user) {
        chains().of(stream -> stream.forEach(c -> c.delete(user)));
    }

    /**
     * Loads user information by processing through all authentication chains.
     * @param user The user template containing search criteria.

import org.codelibs.fess.opensearch.user.exentity.User;

/**
 * Interface for authentication chain operations.
 * Provides methods for user management and authentication operations.
 */
public interface AuthenticationChain {

    /**
     * Updates an existing user in the authentication chain.
     * @param user The user to update.
     */
    void update(User user);

    /**

            "The specified user does not exist.", "The specified network password is not correct.",
            "Logon failure: unknown user name or bad password.", "Logon failure: user account restriction.",
            "Logon failure: account logon time restriction violation.", "Logon failure: user not allowed to log on to this computer.",

 */
package org.codelibs.fess.opensearch.user.bsbhv;

import java.util.List;
import java.util.Map;

import org.codelibs.fess.opensearch.user.allcommon.EsAbstractBehavior;
import org.codelibs.fess.opensearch.user.allcommon.EsAbstractEntity.RequestOptionCall;
import org.codelibs.fess.opensearch.user.bsentity.dbmeta.UserDbm;
import org.codelibs.fess.opensearch.user.cbean.UserCB;

        assertEquals("******@****.***", permissionHelper.encode("{user}user@domain.com"));
        assertEquals("2group/subgroup", permissionHelper.encode("{group}group/subgroup"));
        assertEquals("RAdministrators", permissionHelper.encode("{role}Administrators"));
        assertEquals("D1user with spaces", permissionHelper.encode("(deny){user}user with spaces"));

 */
package org.codelibs.fess.opensearch.user.cbean.bs;

import java.util.ArrayList;
import java.util.List;
import java.util.Map;

import org.codelibs.fess.opensearch.user.allcommon.EsAbstractConditionBean;
import org.codelibs.fess.opensearch.user.bsentity.dbmeta.RoleDbm;
import org.codelibs.fess.opensearch.user.cbean.RoleCB;
import org.codelibs.fess.opensearch.user.cbean.ca.RoleCA;

adding an OwnerReference

A vulnerability exists in the NodeRestriction admission controller where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently deleted, the given node object will be deleted via garbage collection. By default, node users are authorized for create and patch requests but not delete requests against their node object. Since the NodeRestriction...