https://bugzilla.redhat.com/show_bug.cgi?id=740850
Description of problem: During hbacrule-add-host, adding canonical names e.g. "scroponok" resolves them to "scroponok.lab.eng.pnq.redhat.com", however, during ipa hbactest, entering "scroponok" doesn't work. I had to enter "scroponok.lab.eng.pnq.redhat.com" explicitly. Version-Release number of selected component (if applicable): ipa-server-2.1.1-4.el6.x86_64 How reproducible: Always Steps to Reproduce: 1. [root@kungfupanda ~]# ipa hbacrule-add-host Rule name: rule1 [member host]: cavenger [member host group]: Rule name: rule1 Enabled: TRUE Hosts: cavenger.lab.eng.pnq.redhat.com ------------------------- Number of members added 1 ------------------------- 2.[root@kungfupanda ~]# ipa hbactest User name: kaushik Source host: scroponok.lab.eng.pnq.redhat.com Target host: cavenger.lab.eng.pnq.redhat.com Service: sshd -------------------- Access granted: True -------------------- 3. # ipa hbactest User name: kaushik Source host: scroponok Target host: cavenger Service: sshd --------------------- Access granted: False --------------------- Actual results: Does not resolve the canonical name and displays "Access granted: False" Expected results: Should resolve canonical name and display "Access granted: True" as it does while entering the complete fqdn. Additional info:
Apparently, in Bugzilla original bug is marked as duplicate to bugzilla #736276. Closing this as duplicate as well.
If this is the case, can you please update the BZ #740850 that this ticket is pointing to? It is still open and pointing to this closed bug.
Wait, this is wrong one. I should have closed 1860.
master: 3e1c04f
ipa-2-1: caaacc9
Metadata Update from @rcritten: - Issue assigned to abbra - Issue set to the milestone: FreeIPA 2.1.3 (bug fixing)
Login to comment on this ticket.