Hi, attached patch should fix ticket 1988. This is currently last known bug in hbactest and should be safe to add to 2.1.3 (even though it is targetting 2.1.4 milestone).
Tested using rules similar to the ones in the ticket description and also with --service=<service group> (where service group is the group specified in the rule), as well as negative cases. https://fedorahosted.org/freeipa/ticket/1988 -- / Alexander Bokovoy
>From f3e1b4f3259e841e2bd54f649231b36e257a2559 Mon Sep 17 00:00:00 2001 From: Alexander Bokovoy <aboko...@redhat.com> Date: Mon, 17 Oct 2011 00:23:26 +0300 Subject: [PATCH] hbactest fails while you have svcgroup in hbacrule https://fedorahosted.org/freeipa/ticket/1988 --- ipalib/plugins/hbactest.py | 5 +++-- 1 files changed, 3 insertions(+), 2 deletions(-) diff --git a/ipalib/plugins/hbactest.py b/ipalib/plugins/hbactest.py index 9b33dafa4424c2919732dd9e5161806b31fc5568..6bbdada4ea5a6f9c50cb1bb93909a39deee8acd6 100644 --- a/ipalib/plugins/hbactest.py +++ b/ipalib/plugins/hbactest.py @@ -283,8 +283,9 @@ class hbactest(Command): if options['service'] != u'all': try: request.service.name = options['service'] - request.service.groups = \ - self.api.Command.hbacsvcgroup_show(request.service.name)['result']['member_hbacsvc'] + service_result = self.api.Command.hbacsvc_show(request.service.name)['result'] + if 'memberof_hbacsvcgroup' in service_result: + request.service.groups = service_result['memberof_hbacsvcgroup'] except: pass -- 1.7.6.4
_______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
