console screen messages - Fedora 5
Rick Stevens
rstevens at vitalstream.com
Thu Oct 19 20:17:01 UTC 2006
On Thu, 2006-10-19 at 11:35 -0700, Bret Stern wrote:
> What are these messages advising?
>
> Should I be concerned?
>
> These are displayed on my console login.
>
> servant login: audit(1161101072.420:4): avc: denied { search } for
> pid=2339 comm="vsftpd" name="home" dev=dm-0 ino=6815745
> scontext=system_u:system_r:ftpd_t:s0
> tcontext=system_u:object_r:home_root_t:s0 tclass=dir
> audit(1161101196.196:5): avc: denied { search } for pid=2383
> comm="vsftpd" name="home" dev=dm-0 ino=6815745
> scontext=system_u:system_r:ftpd_t:s0
> tcontext=system_u:object_r:home_root_t:s0 tclass=dir
> audit(1161101532.669:6): avc: denied { search } for pid=2436
> comm="vsftpd" name="home" dev=dm-0 ino=6815745
> scontext=system_u:system_r:ftpd_t:s0
> tcontext=system_u:object_r:home_root_t:s0 tclass=dir
Those are SELinux messages. FTP users aren't allowed access to their
home directories. If you have SELinux in "permissive" mode, then those
are just status messages (saying what SELinux _would_ do if it were in
enforcing mode). If it is in enforcing mode, then they are indeed being
denied access to their home directories.
If you want to make them go away, turn off SELinux or enter the
following command:
# setsebool -P ftp_home_dir 1
See "man ftpd_selinux" for details on other options available to you.
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer rstevens at vitalstream.com -
- VitalStream, Inc. http://www.vitalstream.com -
- -
- I don't suffer from insanity...I enjoy every minute of it! -
----------------------------------------------------------------------
More information about the Redhat-install-list
mailing list