Setting SELinux for vsftpd - SOLVED
Craig White
craigwhite at azapple.com
Wed Jan 7 00:32:42 UTC 2009
On Tue, 2009-01-06 at 13:45 -0500, Mark Haney wrote:
> Mark Haney wrote:
> > I've got a server that we use to do speed testing of our upstreams (and
> > customers links) using FTP. This is a fresh F10 install and I'm getting
> > what seems to be a very common selinux ftp error (226 Failed to open
> > directory). I've googled up a couple of forum posts on how to fix it,
> > but most say just to disable selinux. That I'd not like to do.
> > However, one of the options says to do this:
> >
> > setsebool -P ftpd_disable_trans 1
> >
> > But I get an error:
> >
> > [root at noc5 speedtest]# setsebool -P ftpd_disable_trans 1
> > libsemanage.dbase_llist_set: record not found in the database
> > libsemanage.dbase_llist_set: could not set record value
> > Could not change boolean ftpd_disable_trans
> > Could not change policy booleans
> >
> > I have seen the GUI method of doing this, but since I don't run X on
> > this server that's not much help. What's the correct method of setting
> > selinux up for this?
> >
> >
>
> For anyone who wants to know. The correct option (which, btw, took me
> down deep into google to find) is this:
>
> setsebool -P ftp_home_dir 1
>
> It's amazing to me that this isn't set up by default on a fresh install
> with ftp as one of the installed packages.
----
You seem bent on drawing far reaching conclusions from your
expectations.
FWIW, neither samba nor http will enable SELinux permissions for home
folders served out of the box...I would suspect that they are far more
common.
I suppose that the intent is to provide a secured setup and leave it as
an exercise to the system owner/operator to lower the protection
barriers as they choose.
Craig
More information about the fedora-list
mailing list