[Freeipa-users] HBAC rules not working
Steven Jones
Steven.Jones at vuw.ac.nz
Thu Nov 24 19:44:12 UTC 2011
Hi,
Yes I got there already, but thanks....
I made a new rule and per host works fine, not if I try and use a host group via CLI, so its not the gui I think......I can see one difference I'm testing that theory now.
regards
Steven Jones
Technical Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
________________________________________
From: JR Aquino [JR.Aquino at citrix.com]
Sent: Thursday, 24 November 2011 4:02 p.m.
To: Steven Jones
Cc: freeipa-users at redhat.com
Subject: Re: [Freeipa-users] HBAC rules not working
On Nov 23, 2011, at 5:41 PM, Steven Jones wrote:
> Hi,
>
> Even a reboot doesnt fix the ghost host group issue...
>
> Can it be dont via the cli?
ipa hbacrule-add-host --hostgroups=hostgroup_name hbacrule_name
Also you may be running into a problem with source hosts... You do need to specify from which hosts you are allowing ssh if I recall correctly. Assuming that you want to permit _from_ any source host:
ipa hbacrule-mod --srchostcat=all hbacrule_name
More information about the Freeipa-users
mailing list