On Mon, May 14, 2012 at 07:57:06PM -0700, David Copperfield wrote:
> Hi all,
> The online manual says that the '--usercat' means 'User category the rule
> applies to'; '--hostcat' has the similar explanation. But I still don't
> understand how that could be used in real life and when/where to use the
> Could anyone please shed a light on this? Thanks a lot.
iirc these options where introduced with the host based access control
(HBAC) and are used to identify categories/classes of users and hosts
in a more general way than using groups or ip-address ranges. I think
currently only the keyword 'all' can be used here, which e.g means that
an HBAC rule will match for all users or all hosts. In future it is
planned to support other categories, e.g. something like 'local' and
'remote' which would catch all users/hosts of the local IPA domain or
all users/groups which are coming from remote domains ,respectively.
> Freeipa-users mailing list
Freeipa-users mailing list