I would like to know how can I trace operations done by Seafile Admins. When an admin do some stuff on a library or on a user it seems that there no log of that anywhere… For example, if I’m connected with my admin account and decide to share or transfer a library of a user to another (me for example) this action isn’t log… I try on Seafile Pro edition 6.0.7.
I saw nothing in admin interface and nothing in server logs… I try to configure DEBUG mode but it seems to change nothing.
It’s a problem for the non-repudiation matter…
Another security issue… When we create a local account in Seafile, password is initialize manually or with some random function. The password is send by email to the user. When the user log in for the first time, Seafile offer the possibility to change the password but user is not obliged to do it, because he can type the same password… This password transit by email in plain-text and can be visibile. It would be better if the user was obliged to change it. I think it’s just a field verification to add.