vsftpd and sebool

Rafnews raf.news at gmail.com
Wed Mar 26 12:07:15 UTC 2014


Hi,

i setup an FTP server to allow me and my friend to upload, create, 
delete, modify files/directories into /var/www/html directory (as ftp 
home dir).

however if authentification works great, i'm not able (even locally so 
using ftp localhost) to create a simple directory e.g. "test"

here is the getsebool -a | grep ftp result:
ftp_home_dir --> on
ftpd_anon_write --> off
ftpd_connect_all_unreserved --> off
ftpd_connect_db --> off
ftpd_full_access --> off
ftpd_use_cifs --> off
ftpd_use_fusefs --> off
ftpd_use_nfs --> off
ftpd_use_passive_mode --> off
httpd_can_connect_ftp --> off
httpd_enable_ftp_server --> off
sftpd_anon_write --> off
sftpd_enable_homedirs --> off
sftpd_full_access --> off
sftpd_write_ssh_home --> off
tftp_anon_write --> off
tftp_home_dir --> off


basically i should be able.

after searching on internet i discovered that people use to set 
"ftpd_full_access" to ON...
but is this really what needs to be done ? i have a feeling it opens 
others issues about security, or am i wrong ?

thx.

A.



More information about the users mailing list