IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-01-28 09:06:44 -06:00
Code Issues Packages Projects Releases Wiki Activity

Incorrect name in examples of ipa help hbactest

Browse Source 
https://fedorahosted.org/freeipa/ticket/1741

HBAC rules address PAM services, thus service names should correspond to proper PAM names.
This commit is contained in:
Alexander Bokovoy 2011-09-12 14:06:55 +03:00 committed by Rob Crittenden
parent c97eb871c5
commit 8f0a7bd646
1 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
ipalib/plugins/hbactest.py
View File

@ -60,7 +60,7 @@ having access to the production environment.
EXAMPLES: EXAMPLES:
1. Use all enabled HBAC rules in IPA database to simulate: 1. Use all enabled HBAC rules in IPA database to simulate:
$ ipa hbactest --user=a1a --srchost=foo --host=bar --service=ssh $ ipa hbactest --user=a1a --srchost=foo --host=bar --service=sshd
-------------------- --------------------
Access granted: True Access granted: True
-------------------- --------------------
@ -70,13 +70,13 @@ EXAMPLES:
matched: allow_all matched: allow_all
2. Disable detailed summary of how rules were applied: 2. Disable detailed summary of how rules were applied:
$ ipa hbactest --user=a1a --srchost=foo --host=bar --service=ssh --nodetail $ ipa hbactest --user=a1a --srchost=foo --host=bar --service=sshd --nodetail
-------------------- --------------------
Access granted: True Access granted: True
-------------------- --------------------
3. Test explicitly specified HBAC rules: 3. Test explicitly specified HBAC rules:
$ ipa hbactest --user=a1a --srchost=foo --host=bar --service=ssh \ $ ipa hbactest --user=a1a --srchost=foo --host=bar --service=sshd \
--rules=my-second-rule,myrule --rules=my-second-rule,myrule
--------------------- ---------------------
Access granted: False Access granted: False
@ -85,7 +85,7 @@ EXAMPLES:
notmatched: myrule notmatched: myrule
4. Use all enabled HBAC rules in IPA database + explicitly specified rules: 4. Use all enabled HBAC rules in IPA database + explicitly specified rules:
$ ipa hbactest --user=a1a --srchost=foo --host=bar --service=ssh \ $ ipa hbactest --user=a1a --srchost=foo --host=bar --service=sshd \
--rules=my-second-rule,myrule --enabled --rules=my-second-rule,myrule --enabled
-------------------- --------------------
Access granted: True Access granted: True
@ -96,14 +96,14 @@ EXAMPLES:
matched: allow_all matched: allow_all
5. Test all disabled HBAC rules in IPA database: 5. Test all disabled HBAC rules in IPA database:
$ ipa hbactest --user=a1a --srchost=foo --host=bar --service=ssh --disabled $ ipa hbactest --user=a1a --srchost=foo --host=bar --service=sshd --disabled
--------------------- ---------------------
Access granted: False Access granted: False
--------------------- ---------------------
notmatched: new-rule notmatched: new-rule
6. Test all disabled HBAC rules in IPA database + explicitly specified rules: 6. Test all disabled HBAC rules in IPA database + explicitly specified rules:
$ ipa hbactest --user=a1a --srchost=foo --host=bar --service=ssh \ $ ipa hbactest --user=a1a --srchost=foo --host=bar --service=sshd \
--rules=my-second-rule,myrule --disabled --rules=my-second-rule,myrule --disabled
--------------------- ---------------------
Access granted: False Access granted: False
@ -113,7 +113,7 @@ EXAMPLES:
notmatched: myrule notmatched: myrule
7. Test all (enabled and disabled) HBAC rules in IPA database: 7. Test all (enabled and disabled) HBAC rules in IPA database:
$ ipa hbactest --user=a1a --srchost=foo --host=bar --service=ssh \ $ ipa hbactest --user=a1a --srchost=foo --host=bar --service=sshd \
--enabled --disabled --enabled --disabled
-------------------- --------------------
Access granted: True Access granted: True