VSFTPd problem
Jeff Vian
jvian10 at charter.net
Wed Sep 7 12:37:47 UTC 2005
On Wed, 2005-09-07 at 09:30 +0100, Paul F. Johnson wrote:
> Hi,
>
> > > I've never had this problem before with vsftpd and am using the default
> > > security settings (firewall on, set for ftp, www, ssh and ntp ports to
> > > be open and SELinux to be nice).
> >
> > "man ftpd_selinux" says:
> >
> > SELinux ftp daemon policy is customizable based on least access
> > required. So by default SElinux does not allow users to login and
> > read their home directories. If you are setting up this machine as
> > a ftpd server and wish to allow users to access their home
> > directorories, you need to set the ftp_home_dir boolean.
> >
> > setsebool -P ftp_home_dir 1
> >
> > I guess you've already done this since downloads are working.
>
> Yep. Normally, all I ever have to do is set up a user and they instantly
> get read/write ftp access. This one box is proving to be a pain!
>
Have you tried with selinux disabled to see if that is the source? It
may be the vsftpd config or it may be an selinux problem.
> > Are you getting any AVC messages in /var/log/audit/audit.log when trying
> > to write to this area? Are the home directories on a local filesystem or
> > are you using NFS/samba etc.?
>
> I'll need to look at audit.log. All home directories are accessed via
> ftp and are held on a bog standard ext3 drive.
>
> > > Second to this, how do I get it to allow passive transfers? proftpd
> > > seemed to do this by default (IIRC), but I can't get vsftpd to do it.
> >
> > Pass; I'm also a proftpd user and haven't tried vsftpd.
>
> Ah....
>
> > > Any help would be appreciated and if you're in the Salford area of
> > > Manchester, beer provided :-)
> >
> > Given the Shanks quote common in your sigs, it would appear you're deep
> > in enemy territory ;-) I'm in Sale.
>
> Well, hopefully I won't be here for that much longer (10 years of being
> just down the road from failureville - Old Trafford to those who don't
> know it) is more than enough. Got my teaching qualifications, just a
> matter of finding a job nearer to St Helens.
>
> TTFN
>
> Paul
> --
> "Logic, my dear Zoe, is merely the ability to be wrong with authority" -
> Dr Who
>
More information about the fedora-list
mailing list