> Am Thu, May 04, 2023 at 06:49:06AM -0000 schrieb Finn Fysj via FreeIPA-users: > > Hi, > > the above is part of the access control when a user is trying to log in. > As the messages says there are no HBAC rules defined and hence access is > denied. By default there are: > > # ipa hbacrule-find > -------------------- > 2 HBAC rules matched > -------------------- > Rule name: allow_all > User category: all > Host category: all > Service category: all > Description: Allow all users to access any host from any host > Enabled: True > > Rule name: allow_systemd-user > User category: all > Host category: all > Description: Allow pam_systemd to run [email protected] to create a system user > session > Enabled: True > ---------------------------- > Number of entries returned 2 > ---------------------------- > > > defined. So it is expected that there are always some rules defined. > Please check your HBAC rules. > > HTH > > bye, > Sumit OK, what does this mean Sumit?
Does it mean I should create an own HBAC rule for systemd-user? And should SSSD or ipactl restart be used when configuring SUDO/HBAC rules? _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
