IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Add an example for creating an HBAC service and service group.

Browse Source 
Try to tie in the hbacsvc and hbacsvcgroup plugins better through an
example.

ticket 159
This commit is contained in:
Rob Crittenden
2010-09-20 13:09:02 -04:00
parent 77385c7e9e
commit 9fd7fedb76
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
ipalib/plugins/hbac.py
View File

@@ -59,6 +59,15 @@ EXAMPLES:
ipa hbac-add-user --users=john john_sshd
ipa hbac-add-service --hbacsvcs=sshd john_sshd
Create a rule for a new service group. This lets the user john access
the any FTP service on any machine from any machine:
ipa hbacsvcgroup-add ftpers
ipa hbacsvc-add sftp
ipa hbacsvcgroup-add-member --hbacsvcs=ftp,sftp ftpers
ipa hbac-add --type=allow --hostcat=all --srchostcat=all john_ftp
ipa hbac-add-user --users=john john_ftp
ipa hbac-add-service --hbacsvcgroups=ftpers john_ftp
Disable a named HBAC rule:
ipa hbac-disable test1