[Freeipa-devel] [PATCH] 0013 Use proper HBAC service names in the documentation
Alexander Bokovoy
abokovoy at redhat.com
Mon Sep 12 14:51:19 UTC 2011
https://fedorahosted.org/freeipa/ticket/1741
--
/ Alexander Bokovoy
-------------- next part --------------
>From 5391bfde89d890541a0274d39a909c08f09ab3ca Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy <abokovoy at redhat.com>
Date: Mon, 12 Sep 2011 14:06:55 +0300
Subject: [PATCH 6/8] Incorrect name in examples of ipa help hbactest
https://fedorahosted.org/freeipa/ticket/1741
HBAC rules address PAM services, thus service names should correspond to proper PAM names.
---
ipalib/plugins/hbactest.py | 14 +++++++-------
1 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/ipalib/plugins/hbactest.py b/ipalib/plugins/hbactest.py
index f6f652177b7b1b45a7581f8a5a07257803e869d6..d007845926aaaf4241243e65d73d4759319a5e80 100644
--- a/ipalib/plugins/hbactest.py
+++ b/ipalib/plugins/hbactest.py
@@ -60,7 +60,7 @@ having access to the production environment.
EXAMPLES:
1. Use all enabled HBAC rules in IPA database to simulate:
- $ ipa hbactest --user=a1a --srchost=foo --host=bar --service=ssh
+ $ ipa hbactest --user=a1a --srchost=foo --host=bar --service=sshd
--------------------
Access granted: True
--------------------
@@ -70,13 +70,13 @@ EXAMPLES:
matched: allow_all
2. Disable detailed summary of how rules were applied:
- $ ipa hbactest --user=a1a --srchost=foo --host=bar --service=ssh --nodetail
+ $ ipa hbactest --user=a1a --srchost=foo --host=bar --service=sshd --nodetail
--------------------
Access granted: True
--------------------
3. Test explicitly specified HBAC rules:
- $ ipa hbactest --user=a1a --srchost=foo --host=bar --service=ssh \
+ $ ipa hbactest --user=a1a --srchost=foo --host=bar --service=sshd \
--rules=my-second-rule,myrule
---------------------
Access granted: False
@@ -85,7 +85,7 @@ EXAMPLES:
notmatched: myrule
4. Use all enabled HBAC rules in IPA database + explicitly specified rules:
- $ ipa hbactest --user=a1a --srchost=foo --host=bar --service=ssh \
+ $ ipa hbactest --user=a1a --srchost=foo --host=bar --service=sshd \
--rules=my-second-rule,myrule --enabled
--------------------
Access granted: True
@@ -96,14 +96,14 @@ EXAMPLES:
matched: allow_all
5. Test all disabled HBAC rules in IPA database:
- $ ipa hbactest --user=a1a --srchost=foo --host=bar --service=ssh --disabled
+ $ ipa hbactest --user=a1a --srchost=foo --host=bar --service=sshd --disabled
---------------------
Access granted: False
---------------------
notmatched: new-rule
6. Test all disabled HBAC rules in IPA database + explicitly specified rules:
- $ ipa hbactest --user=a1a --srchost=foo --host=bar --service=ssh \
+ $ ipa hbactest --user=a1a --srchost=foo --host=bar --service=sshd \
--rules=my-second-rule,myrule --disabled
---------------------
Access granted: False
@@ -113,7 +113,7 @@ EXAMPLES:
notmatched: myrule
7. Test all (enabled and disabled) HBAC rules in IPA database:
- $ ipa hbactest --user=a1a --srchost=foo --host=bar --service=ssh \
+ $ ipa hbactest --user=a1a --srchost=foo --host=bar --service=sshd \
--enabled --disabled
--------------------
Access granted: True
--
1.7.6.1
More information about the Freeipa-devel
mailing list