[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Allowing vsftpd access for user's home directory



On Thu, May 11, 2006 at 01:17:28PM +0800, Ketut Mahaindra wrote:
> Hello all,
> 
> I have installation of FC5.
> I want to make vsftpd run with chroot environment of user home directory.
> So far it does not work because SELinux prevents the vsftpd to access the
> home directory.
> 
> What's the best way to configure SELinux for this purpose?
> I don't want to disable it.
> I have been googling it around but so far has not came up with any easy
> solution.
> 
> Any help will be appreciated.
> 
> P.S.
> - I have the following AVC error messages:
>   avc:  denied  { dac_override } for  pid=9099 comm="vsftpd" capability=1
> scontext=system_u:system_r:ftpd_t:s0 tcontext=system_u:system_r:ftpd_t:s0
> tclass=capability
>   avc:  denied  { dac_read_search } for  pid=9099 comm="vsftpd" capability=2
> scontext=system_u:system_r:ftpd_t:s0 tcontext=system_u:system_r:ftpd_t:s0
> tclass=capability  

You can use audit2allow and the local.te file to allow what you want.

See http://www.samag.com/documents/s=9820/sam0508a/0508a.htm

Best regards,

			---Kayvan
-- 
Kayvan A. Sylvan          | Proud husband of       | Father to my kids:
Sylvan Associates, Inc.   | Laura Isabella Sylvan, | Katherine Yelena (8/8/89)
http://sylvan.com/~kayvan | my beautiful Queen.    | Robin Gregory (2/28/92)


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]