On Sat, 01 May 2010 22:43:22 -0400 Rob Crittenden <[email protected]> wrote:
> The default configuration in hbac uses the model "denied unless > explicitly allowed" which is why all your logins failed. We don't > currently have any default rules set up, I wonder if we should have > some basic ones for demonstration purposes and to sort of bootstrap > things. I think we should have a default *explicit* permit all rule that admins will promptly remove as soon as they have decided what is their final configuration. Otherwise it will make things too nasty for people that are setting it up for the first time. Simo. -- Simo Sorce * Red Hat, Inc * New York _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
