Re: vsftpd config

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Am Do, den 28.07.2005 schrieb Marcel Janssen um 20:56:

> On Thursday 28 July 2005 20:42, Alexander Dalloz wrote:

> > Why "only"? It fully shows why anonymous ftp upload fails.
> 
> Apparently it's readable text for you, but not for me :-)

I must confess that I do not know any detail. But below log says that
write access for vsftd was denied for /pub/drgerg (that is the chroot
dir certainly).

> > > type=AVC msg=audit(1122573029.236:6745575): avc:  denied  { write } for
> > > pid=7167 comm="vsftpd" name="pub" dev=sda6 ino=260354
> > > scontext=root:system_r:ftpd_t tcontext=system_u:object_r:ftpd_anon_t
> > > tclass=dir
> > > type=SYSCALL msg=audit(1122573029.236:6745575): arch=c000003e syscall=83
> > > success=no exit=-13 a0=555555676140 a1=1ff a2=b a3=2aaaaaac5000 items=1
> > > pid=7167 auid=4294967295 uid=14 gid=50 euid=14 suid=14 fsuid=14 egid=50
> > > sgid=50 fsgid=50 comm="vsftpd" exe="/usr/sbin/vsftpd"
> > > type=CWD msg=audit(1122573029.236:6745575):  cwd="/pub"
> > > type=PATH msg=audit(1122573029.236:6745575): item=0 name="/pub/drgerg"
> > > flags=10  inode=260354 dev=08:06 mode=040777 ouid=0 ogid=0 rdev=00:00
> > >
> > > Regards,
> > > Marcel
> >
> > Check the vsftpd boolean or your SELinux setup in total.
> 
> How does one find it's a problem with SElinux than ?
> Can you explain from the above log ?

http://fedora.redhat.com/docs/selinux-faq-fc3/
http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/selinux-guide/

> Marcel

Please check in which mode your SELinux runs by looking into
/etc/sysconfig/selinux. With system-config-securitylevel you can check
how services are configured. Maybe a "grep vsftpd
/etc/selinux/*/boolean" is helpful. There are too man pages for using
"setsebool".

Alexander


-- 
Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.35_FC2smp 
Serendipity 21:07:10 up 13 days, 1:39, load average: 0.35, 0.22, 0.19

Attachment: signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux