diff options
author | Sumit Bose <sbose@redhat.com> | 2010-10-20 12:58:50 +0200 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2010-10-22 08:11:14 -0400 |
commit | 18a45c63a7902251a0d0b92f78f78eb7d26a0046 (patch) | |
tree | 05dc02a87f0aaa472790278b7a228a0494c0a621 | |
parent | 59cc610d3a4885c5d37185b9adad39168feb6b55 (diff) | |
download | sssd-18a45c63a7902251a0d0b92f78f78eb7d26a0046.tar.gz sssd-18a45c63a7902251a0d0b92f78f78eb7d26a0046.tar.bz2 sssd-18a45c63a7902251a0d0b92f78f78eb7d26a0046.zip |
Download only enabled IPA HBAC rules
-rw-r--r-- | src/providers/ipa/ipa_access.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/providers/ipa/ipa_access.c b/src/providers/ipa/ipa_access.c index 223bf165..979959fb 100644 --- a/src/providers/ipa/ipa_access.c +++ b/src/providers/ipa/ipa_access.c @@ -50,6 +50,7 @@ #define IPA_CN "cn" #define IPA_MEMBER_SERVICE "memberService" #define IPA_SERVICE_CATEGORY "serviceCategory" +#define IPA_TRUE_VALUE "TRUE" #define IPA_HOST_BASE_TMPL "cn=computers,cn=accounts,%s" #define IPA_HBAC_BASE_TMPL "cn=hbac,%s" @@ -1085,7 +1086,8 @@ static struct tevent_req *hbac_get_rules_send(TALLOC_CTX *memctx, state->hbac_filter = talloc_asprintf(state, "(&(objectclass=ipaHBACRule)" - "(|(%s=%s)(%s=%s)", + "(%s=%s)(|(%s=%s)(%s=%s)", + IPA_ENABLED_FLAG, IPA_TRUE_VALUE, IPA_HOST_CATEGORY, "all", IPA_MEMBER_HOST, host_dn); if (state->hbac_filter == NULL) { |