diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2011-08-26 12:00:55 -0400 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-08-26 16:54:12 -0400 |
commit | fde6ab61a611cfea5f15534dd405d5658bc0c879 (patch) | |
tree | 95a9a1413827b234b3ea1c53031cbaf39e15103c /src | |
parent | df38d9452dbdebadbf22437067db91067c682dea (diff) | |
download | sssd-fde6ab61a611cfea5f15534dd405d5658bc0c879.tar.gz sssd-fde6ab61a611cfea5f15534dd405d5658bc0c879.tar.xz sssd-fde6ab61a611cfea5f15534dd405d5658bc0c879.zip |
HBAC: Use of hostgroups for targethost or sourcehost was broken
We were trying to look up the wrong attribute for the name of the
hostgroup.
Diffstat (limited to 'src')
-rw-r--r-- | src/providers/ipa/ipa_hbac_hosts.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/providers/ipa/ipa_hbac_hosts.c b/src/providers/ipa/ipa_hbac_hosts.c index 4e753f374..dd82f2848 100644 --- a/src/providers/ipa/ipa_hbac_hosts.c +++ b/src/providers/ipa/ipa_hbac_hosts.c @@ -257,7 +257,7 @@ static errno_t hbac_host_attrs_to_rule(TALLOC_CTX *mem_ctx, errno_t ret; TALLOC_CTX *tmp_ctx; struct hbac_rule_element *new_hosts; - const char *attrs[] = { IPA_HOST_FQDN, NULL }; + const char *attrs[] = { IPA_HOST_FQDN, IPA_CN, NULL }; struct ldb_message_element *el; size_t num_hosts = 0; size_t num_hostgroups = 0; @@ -351,7 +351,7 @@ static errno_t hbac_host_attrs_to_rule(TALLOC_CTX *mem_ctx, IPA_HOST_FQDN, NULL); if (name == NULL) { - DEBUG(1, ("Attribute is missing!\n")); + DEBUG(1, ("FQDN is missing!\n")); ret = EFAULT; goto done; } @@ -384,9 +384,9 @@ static errno_t hbac_host_attrs_to_rule(TALLOC_CTX *mem_ctx, } /* Original DN matched a single group. Get the groupname */ - name = ldb_msg_find_attr_as_string(msgs[0], SYSDB_NAME, NULL); + name = ldb_msg_find_attr_as_string(msgs[0], IPA_CN, NULL); if (name == NULL) { - DEBUG(1, ("Attribute is missing!\n")); + DEBUG(1, ("Hostgroup name is missing!\n")); ret = EFAULT; goto done; } |