mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-02-25 18:55:28 -06:00
Add an example for creating an HBAC service and service group.
Try to tie in the hbacsvc and hbacsvcgroup plugins better through an example. ticket 159
This commit is contained in:
@@ -59,6 +59,15 @@ EXAMPLES:
|
||||
ipa hbac-add-user --users=john john_sshd
|
||||
ipa hbac-add-service --hbacsvcs=sshd john_sshd
|
||||
|
||||
Create a rule for a new service group. This lets the user john access
|
||||
the any FTP service on any machine from any machine:
|
||||
ipa hbacsvcgroup-add ftpers
|
||||
ipa hbacsvc-add sftp
|
||||
ipa hbacsvcgroup-add-member --hbacsvcs=ftp,sftp ftpers
|
||||
ipa hbac-add --type=allow --hostcat=all --srchostcat=all john_ftp
|
||||
ipa hbac-add-user --users=john john_ftp
|
||||
ipa hbac-add-service --hbacsvcgroups=ftpers john_ftp
|
||||
|
||||
Disable a named HBAC rule:
|
||||
ipa hbac-disable test1
|
||||
|
||||
|
Reference in New Issue
Block a user