[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: console screen messages - Fedora 5

On Thu, 2006-10-19 at 11:35 -0700, Bret Stern wrote:
> What are these messages advising?
> 
> Should I be concerned?
> 
> These are displayed on my console login.
> 
> servant login: audit(1161101072.420:4): avc:  denied  { search } for
> pid=2339 comm="vsftpd" name="home" dev=dm-0 ino=6815745
> scontext=system_u:system_r:ftpd_t:s0
> tcontext=system_u:object_r:home_root_t:s0 tclass=dir
> audit(1161101196.196:5): avc:  denied  { search } for  pid=2383
> comm="vsftpd" name="home" dev=dm-0 ino=6815745
> scontext=system_u:system_r:ftpd_t:s0
> tcontext=system_u:object_r:home_root_t:s0 tclass=dir
> audit(1161101532.669:6): avc:  denied  { search } for  pid=2436
> comm="vsftpd" name="home" dev=dm-0 ino=6815745
> scontext=system_u:system_r:ftpd_t:s0
> tcontext=system_u:object_r:home_root_t:s0 tclass=dir

Those are SELinux messages.  FTP users aren't allowed access to their
home directories.  If you have SELinux in "permissive" mode, then those
are just status messages (saying what SELinux _would_ do if it were in
enforcing mode).  If it is in enforcing mode, then they are indeed being
denied access to their home directories.

If you want to make them go away, turn off SELinux or enter the
following command:

	# setsebool -P ftp_home_dir 1

See "man ftpd_selinux" for details on other options available to you.

----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer     rstevens vitalstream com -
- VitalStream, Inc.                       http://www.vitalstream.com -
-                                                                    -
-    I don't suffer from insanity...I enjoy every minute of it!      -
----------------------------------------------------------------------
[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]