Hide Forgot
Description of problem: Warning are displayed when srchost option is used in hbactest, and also warning messages are displayed even if the rule does not contain any source host. Version-Release number of selected component (if applicable): ipa-server-2.2.0-101.20120209T0933zgit52cf9d9.el6.x86_64 How reproducible: Always Steps to Reproduce: 1. Add a rule which has no sourcehost. [root@sentinel ~]# ipa hbacrule-show rule1000 --all dn: ipauniqueid=2a75ad92-5722-11e1-b341-525400400b4a,cn=hbac,dc=lab,dc=eng,dc=pnq,dc=redhat,dc=com Rule name: rule1000 Enabled: TRUE accessruletype: allow ipauniqueid: 2a75ad92-5722-11e1-b341-525400400b4a objectclass: ipaassociation, ipahbacrule [root@sentinel ~]# 2. Execute hbactest against rule in Step 1 [root@sentinel ~]# ipa hbactest --user=user782927 --srchost=$HOSTNAME --host=$HOSTNAME --service=sshd --rule=rule1001 --------------------- Access granted: False --------------------- warning: Sourcehost value of rule "rule1001" is ignored <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< notmatched: rule1001 [root@sentinel ~]# Actual results: Here the rule does not have any sourcehost, however, we display a warning stating that sourcehost value of the rule would be ignored. Expected results: No warning should be displayed if there exists no sourcehost in the rule even though --srchost option is specified for test request. Additional info:
The warning ONLY displays when --srchost is provided. It is independent of the rules. It tells the user that this option makes no difference (and is a big hint to not pass it any more).