VSFTPd problem

Jeff Vian jvian10 at charter.net
Wed Sep 7 12:37:47 UTC 2005 

On Wed, 2005-09-07 at 09:30 +0100, Paul F. Johnson wrote:
> Hi,
> 
> > > I've never had this problem before with vsftpd and am using the default
> > > security settings (firewall on, set for ftp, www, ssh and ntp ports to
> > > be open and SELinux to be nice).
> > 
> > "man ftpd_selinux" says:
> > 
> >    SELinux ftp daemon policy is customizable based on least access
> >    required. So by default SElinux does not allow users to login and
> >    read their home directories. If you are setting up this machine as
> >    a ftpd server and wish to allow users to access their home
> >    directorories, you need to set the ftp_home_dir boolean.
> > 
> >    setsebool -P ftp_home_dir 1
> > 
> > I guess you've already done this since downloads are working.
> 
> Yep. Normally, all I ever have to do is set up a user and they instantly
> get read/write ftp access. This one box is proving to be a pain!
> 

Have you tried with selinux disabled to see if that is the source?  It
may be the vsftpd config or it may be an selinux problem.

> > Are you getting any AVC messages in /var/log/audit/audit.log when trying
> > to write to this area? Are the home directories on a local filesystem or
> > are you using NFS/samba etc.?
> 
> I'll need to look at audit.log. All home directories are accessed via
> ftp and are held on a bog standard ext3 drive.
> 
> > > Second to this, how do I get it to allow passive transfers? proftpd
> > > seemed to do this by default (IIRC), but I can't get vsftpd to do it.
> > 
> > Pass; I'm also a proftpd user and haven't tried vsftpd.
> 
> Ah....
> 
> > > Any help would be appreciated and if you're in the Salford area of
> > > Manchester, beer provided :-)
> > 
> > Given the Shanks quote common in your sigs, it would appear you're deep
> > in enemy territory ;-) I'm in Sale.
> 
> Well, hopefully I won't be here for that much longer (10 years of being
> just down the road from failureville - Old Trafford to those who don't
> know it) is more than enough. Got my teaching qualifications, just a
> matter of finding a job nearer to St Helens.
> 
> TTFN
> 
> Paul
> -- 
> "Logic, my dear Zoe, is merely the ability to be wrong with authority" -
> Dr Who
>

More information about the users mailing list