Bug 740860 - hbactest fails while the sourcehost is external.
Summary: hbactest fails while the sourcehost is external.
Keywords:
Status: CLOSED DUPLICATE of bug 736276
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: ipa
Version: 6.2
Hardware: Unspecified
OS: Unspecified
high
unspecified
Target Milestone: rc
: ---
Assignee: Rob Crittenden
QA Contact: IDM QE LIST
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-09-23 15:06 UTC by Gowrishankar Rajaiyan
Modified: 2011-09-27 06:30 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-09-27 06:30:33 UTC
Target Upstream Version:


Attachments (Terms of Use)

Description Gowrishankar Rajaiyan 2011-09-23 15:06:41 UTC
Description of problem:


Version-Release number of selected component (if applicable):
ipa-server-2.1.1-4.el6.x86_64

How reproducible:
Always

Steps to Reproduce:

[root@kungfupanda ~]# ipa hbacrule-show nc-test 
  Rule name: nc-test
  Enabled: TRUE
  Users: nc
  Hosts: decepticons.lab.eng.pnq.redhat.com
  Services: sshd
  Service Groups: remote
  External host: nc.pnq.redhat.com

[root@kungfupanda ~]# ipa hbacsvcgroup-show remote
  Service group name: remote
  Description: Remote Services
  Member HBAC service: sshd, telnet, vsftpd

[root@kungfupanda ~]# ipa hbactest --rule nc-test
User name: nc
Source host: nc.pnq.redhat.com
Target host: decepticons.lab.eng.pnq.redhat.com
Service: telnet
---------------------
Access granted: False
---------------------
  notmatched: nc-test

  
Actual results:
The hbactest displays "Access granted: False", even when the access should be granted.


Expected results:
Access should be granted while the source host is an external host.

Additional info:

Comment 2 Rob Crittenden 2011-09-23 17:36:28 UTC
Upstream ticket:
https://fedorahosted.org/freeipa/ticket/1860

Comment 3 Gowrishankar Rajaiyan 2011-09-27 06:30:33 UTC

*** This bug has been marked as a duplicate of bug 736276 ***


Note You need to log in before you can comment on or make changes to this bug.