diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2011-08-26 12:00:55 -0400 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-08-26 16:52:53 -0400 |
commit | 473c90800239fc54eaab9d3dc3194582b039d614 (patch) | |
tree | 99f57854dd1488e03ef40fefb40230276ba1104c | |
parent | 5215f682e5beda6fa85456576237de8a5a057bb8 (diff) | |
download | sssd-473c90800239fc54eaab9d3dc3194582b039d614.tar.gz sssd-473c90800239fc54eaab9d3dc3194582b039d614.tar.xz sssd-473c90800239fc54eaab9d3dc3194582b039d614.zip |
HBAC: Use of hostgroups for targethost or sourcehost was broken
We were trying to look up the wrong attribute for the name of the
hostgroup.
-rw-r--r-- | src/providers/ipa/ipa_hbac_hosts.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/providers/ipa/ipa_hbac_hosts.c b/src/providers/ipa/ipa_hbac_hosts.c index 15522f49f..70be90e10 100644 --- a/src/providers/ipa/ipa_hbac_hosts.c +++ b/src/providers/ipa/ipa_hbac_hosts.c @@ -257,7 +257,7 @@ static errno_t hbac_host_attrs_to_rule(TALLOC_CTX *mem_ctx, errno_t ret; TALLOC_CTX *tmp_ctx; struct hbac_rule_element *new_hosts; - const char *attrs[] = { IPA_HOST_FQDN, NULL }; + const char *attrs[] = { IPA_HOST_FQDN, IPA_CN, NULL }; struct ldb_message_element *el; size_t num_hosts = 0; size_t num_hostgroups = 0; @@ -351,7 +351,7 @@ static errno_t hbac_host_attrs_to_rule(TALLOC_CTX *mem_ctx, IPA_HOST_FQDN, NULL); if (name == NULL) { - DEBUG(1, ("Attribute is missing!\n")); + DEBUG(1, ("FQDN is missing!\n")); ret = EFAULT; goto done; } @@ -384,9 +384,9 @@ static errno_t hbac_host_attrs_to_rule(TALLOC_CTX *mem_ctx, } /* Original DN matched a single group. Get the groupname */ - name = ldb_msg_find_attr_as_string(msgs[0], SYSDB_NAME, NULL); + name = ldb_msg_find_attr_as_string(msgs[0], IPA_CN, NULL); if (name == NULL) { - DEBUG(1, ("Attribute is missing!\n")); + DEBUG(1, ("Hostgroup name is missing!\n")); ret = EFAULT; goto done; } |