allowing in.tftpd to read/write files?

Chuck Anderson cra at WPI.EDU
Fri Oct 19 18:42:33 UTC 2007

How do I allow tftpd to write files?  I changed the context to 
"system_u:object_r:public_content_rw_t:s0" but that doesn't work.  
Also I'm using /var/tftp instead of /tftpboot, and there doesn't seem 
to be any file_contexts set up for /var/tftp.  I manually set the 
context to match that of /tftpboot:

drwxr-xr-x  root root system_u:object_r:tftpdir_t      /tftpboot//
drwxrwsr-x  tftp tftp system_u:object_r:tftpdir_t      /var/tftp/

-rw-rw-rw-  cra tftp system_u:object_r:public_content_rw_t /var/tftp/testfile

type=AVC msg=audit(1192818715.964:10131): avc:  denied  { write } for  
pid=15860 comm="in.tftpd" name="testfile" dev=dm-4 
ino=84549655 scontext=user_u:system_r:tftpd_t:s0 
tcontext=system_u:object_r:public_content_rw_t:s0 tclass=file
type=SYSCALL msg=audit(1192818715.964:10131): arch=40000003 syscall=5 
success=no exit=-13 a0=805fa02 a1=8041 a2=1b6 a3=8041 items=0 
ppid=15781 pid=15860 auid=10002 uid=99 gid=99 euid=99 suid=99 fsuid=99 
egid=99 sgid=99 fsgid=99 tty=(none) comm="in.tftpd" 
exe="/usr/sbin/in.tftpd" subj=user_u:system_r:tftpd_t:s0 key=(null)


More information about the fedora-selinux-list mailing list