tftp from home dir running under xinetd
Daniel J Walsh
dwalsh at redhat.com
Tue Jul 5 13:02:51 UTC 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 07/04/2011 01:20 AM, Gene Smith wrote:
> I can manually run a tftp server that allows access to files in a
> directory under ~ with no problem. But when I try to run the server
> under xinetd using the /etc/xinetd.d/tftp configuration file a
> "permission denied" error shows up in /var/log/message with no
> indication it is selinux related. But if I make selinux permissive for
> tftpd it then works.
>
> Is there a quick way to configure selinux to allow this type of tftp
> access (just read-only) w/o resorting to a "permissive" setting?
>
> Thanks,
> -gene
>
Are you seeing any Messages in /var/log/audit/audit.log?
ausearch -m avc -ts recent
If not then you might be being blocked by a dontaudit rule
# semodule -DB
will turn off dontaudit rules
Then run your test and see if AVC messages get generated.
# ausearch -m avc -ts recent
#semodule -B
Will turn back on dontaudit rules.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAk4TC3sACgkQrlYvE4MpobOLHgCgwOvi4m/uVvjFvOxxiCS6qYca
xpQAn3pBTKni6nWhhzwOsyetWzIXKf8n
=20H1
-----END PGP SIGNATURE-----
More information about the users
mailing list