Bug 736276
Summary: | ipa hbactest fails if sourcehost is external. | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Gowrishankar Rajaiyan <grajaiya> |
Component: | ipa | Assignee: | Rob Crittenden <rcritten> |
Status: | CLOSED ERRATA | QA Contact: | Chandrasekar Kannan <ckannan> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 6.2 | CC: | benl, dpal, jgalipea, mkosek |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | ipa-2.1.2-1.el6 | Doc Type: | Bug Fix |
Doc Text: |
Do not document
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2011-12-06 18:30:48 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Gowrishankar Rajaiyan
2011-09-07 08:59:59 UTC
Upstream ticket: https://fedorahosted.org/freeipa/ticket/1763 Fixed upstream: master: https://fedorahosted.org/freeipa/changeset/261a41b3d4e78f7563a4cc72ebd2b4db42fac3bf ipa-2-1: https://fedorahosted.org/freeipa/changeset/e77bc923c6f7839a38e2af43efd87b92a669c86e *** Bug 740860 has been marked as a duplicate of this bug. *** [root@bumblebee ~]# ipa hbacrule-show rule2 --all dn: ipauniqueid=6610ff46-f1e2-11e0-b1e8-525400deab7b,cn=hbac,dc=lab,dc=eng,dc=pnq,dc=redhat,dc=com Rule name: rule2 Enabled: TRUE Users: shanks Hosts: bumblebee.lab.eng.pnq.redhat.com Source Hosts: mudflap.lab.eng.pnq.redhat.com Services: vsftpd accessruletype: allow ipauniqueid: 6610ff46-f1e2-11e0-b1e8-525400deab7b objectclass: ipaassociation, ipahbacrule [root@bumblebee ~]# [root@bumblebee ~]# ipa hbacrule-add-sourcehost rule2 --hosts=external.lab.eng.pnq.redhat.com Rule name: rule2 Enabled: TRUE Users: shanks Hosts: bumblebee.lab.eng.pnq.redhat.com Source Hosts: mudflap.lab.eng.pnq.redhat.com Services: vsftpd External host: external.lab.eng.pnq.redhat.com ------------------------- Number of members added 1 ------------------------- [root@bumblebee ~]# ipa hbacrule-show rule2 --all dn: ipauniqueid=6610ff46-f1e2-11e0-b1e8-525400deab7b,cn=hbac,dc=lab,dc=eng,dc=pnq,dc=redhat,dc=com Rule name: rule2 Enabled: TRUE Users: shanks Hosts: bumblebee.lab.eng.pnq.redhat.com Source Hosts: mudflap.lab.eng.pnq.redhat.com Services: vsftpd External host: external.lab.eng.pnq.redhat.com accessruletype: allow ipauniqueid: 6610ff46-f1e2-11e0-b1e8-525400deab7b objectclass: ipaassociation, ipahbacrule [root@bumblebee ~]# [root@bumblebee ~]# ipa hbactest --user=shanks --srchost=external.lab.eng.pnq.redhat.com --host=bumblebee.lab.eng.pnq.redhat.com --service=vsftpd --rule=rule2 -------------------- Access granted: True -------------------- matched: rule2 [root@bumblebee ~]# Verified. [root@bumblebee ~]# rpm -qi ipa-server Name : ipa-server Relocations: (not relocatable) Version : 2.1.2 Vendor: Red Hat, Inc. Release : 2.el6 Build Date: Fri 07 Oct 2011 05:09:04 PM EDT Install Date: Sat 08 Oct 2011 07:36:33 AM EDT Build Host: x86-001.build.bos.redhat.com Group : System Environment/Base Source RPM: ipa-2.1.2-2.el6.src.rpm Size : 3363225 License: GPLv3+ Signature : (none) Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla> URL : http://www.freeipa.org/ Summary : The IPA authentication server hbactest is post-6.1 feature. Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: Do not document Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHSA-2011-1533.html |