Allowing vsftpd access for user's home directory
Thomas Bleher
bleher at informatik.uni-muenchen.de
Thu May 11 07:16:35 UTC 2006
* Ketut Mahaindra <kmahaindra at axalto.com> [2006-05-11 07:19]:
> Hello all,
>
> I have installation of FC5.
> I want to make vsftpd run with chroot environment of user home directory.
> So far it does not work because SELinux prevents the vsftpd to access the
> home directory.
>
> P.S.
> - I have the following AVC error messages:
> avc: denied { dac_override } for pid=9099 comm="vsftpd" capability=1
> scontext=system_u:system_r:ftpd_t:s0 tcontext=system_u:system_r:ftpd_t:s0
> tclass=capability
> avc: denied { dac_read_search } for pid=9099 comm="vsftpd" capability=2
> scontext=system_u:system_r:ftpd_t:s0 tcontext=system_u:system_r:ftpd_t:s0
> tclass=capability
This means that vsftpd can't access some files or directories because it
does not have DAC rights on it. Probably some home directory is mode
0700. Either you change the rights on the directory or you allow the
capabilities as discussed in this thread.
Thomas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: Digital signature
Url : http://lists.fedoraproject.org/pipermail/selinux/attachments/20060511/7a307838/attachment.bin
More information about the selinux
mailing list