In ticket #3528 we deprecated source host facet of the HBAC rule. However, the default allow_all rule still has it (note the different label):
# ipa hbacrule-show allow_all Rule name: allow_all User category: all Host category: all <sourcehostcategory>: all Service category: all Description: Allow all users to access any host from any host Enabled: TRUE
We should remove it allow_all.
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1061187
master: 4e207b4[[BR]] ipa-3-3: 206f16a
Metadata Update from @mkosek: - Issue assigned to jcholast - Issue set to the milestone: FreeIPA 3.3.5 (bug fixing)
Login to comment on this ticket.