Select Git revision
ipahbacrule.py
-
Rafael Guterres Jeffman authored
Current implementation of hbacrule and sudorule allow for a new rule creation script to be partialy successful when a member is provided and the respective member category is set to `all` (either users, hosts, services, commands, and their group counterparts). Since the creation of the rule is independent of the adittion of members, the rule is succesfully created, but member addition fails, leaving with a created rule that has no members on it. This patch fixes both modules by verifying if user, host, service or commands (and groups of members) are being added if the corresponding category is set to `all`, when the state is `present` and the action is not `member`. If so, it fails before the rule is created.
Rafael Guterres Jeffman authoredCurrent implementation of hbacrule and sudorule allow for a new rule creation script to be partialy successful when a member is provided and the respective member category is set to `all` (either users, hosts, services, commands, and their group counterparts). Since the creation of the rule is independent of the adittion of members, the rule is succesfully created, but member addition fails, leaving with a created rule that has no members on it. This patch fixes both modules by verifying if user, host, service or commands (and groups of members) are being added if the corresponding category is set to `all`, when the state is `present` and the action is not `member`. If so, it fails before the rule is created.
