diff options
author | Rob Crittenden <rcritten@redhat.com> | 2010-05-04 15:24:54 -0400 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2010-05-05 14:57:58 -0400 |
commit | 92e350ca0a1fda0dc9fe6e073dd7afe19a62d9ec (patch) | |
tree | 84bb163a6a1dde36f43900f5805ffb87e518dc3c /install/share/default-hbac.ldif | |
parent | a3d1b1755965c73a758acb1ec4992bf2428fa37b (diff) | |
download | freeipa-92e350ca0a1fda0dc9fe6e073dd7afe19a62d9ec.tar.gz freeipa-92e350ca0a1fda0dc9fe6e073dd7afe19a62d9ec.tar.xz freeipa-92e350ca0a1fda0dc9fe6e073dd7afe19a62d9ec.zip |
Create default HBAC rule allowing any user to access any host from any host
This is to make initial installation and testing easier.
Use the --no_hbac_allow option on the command-line to disable this when
doing an install.
To remove it from a running server do: ipa hbac-del allow_all
Diffstat (limited to 'install/share/default-hbac.ldif')
-rw-r--r-- | install/share/default-hbac.ldif | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/install/share/default-hbac.ldif b/install/share/default-hbac.ldif new file mode 100644 index 00000000..541ff0df --- /dev/null +++ b/install/share/default-hbac.ldif @@ -0,0 +1,14 @@ +# default HBAC policy that grants permission to all services +dn: ipauniqueid=$UUID,cn=hbac,$SUFFIX +changetype: add +objectclass: ipaassociation +objectclass: ipahbacrule +cn: allow_all +accessruletype: allow +usercategory: all +hostcategory: all +sourcehostcategory: all +ipaenabledflag: TRUE +description: Allow all users to access any host from any host +# ipauniqueid gets added for us by 389-ds + |