Hide Forgot
Description of problem: Version-Release number of selected component (if applicable): ipa-server-2.1.1-4.el6.x86_64 How reproducible: Always Steps to Reproduce: [root@kungfupanda ~]# ipa hbacrule-show nc-test Rule name: nc-test Enabled: TRUE Users: nc Hosts: decepticons.lab.eng.pnq.redhat.com Services: sshd Service Groups: remote External host: nc.pnq.redhat.com [root@kungfupanda ~]# ipa hbacsvcgroup-show remote Service group name: remote Description: Remote Services Member HBAC service: sshd, telnet, vsftpd [root@kungfupanda ~]# ipa hbactest --rule nc-test User name: nc Source host: nc.pnq.redhat.com Target host: decepticons.lab.eng.pnq.redhat.com Service: telnet --------------------- Access granted: False --------------------- notmatched: nc-test Actual results: The hbactest displays "Access granted: False", even when the access should be granted. Expected results: Access should be granted while the source host is an external host. Additional info:
Upstream ticket: https://fedorahosted.org/freeipa/ticket/1860
*** This bug has been marked as a duplicate of bug 736276 ***