Hi,
After upgrading to 7.3, my vsftpd doesn't work due to SELinux.
When I turn off SELinux (setenforce permissive) or set "setsebool allow_ftpd_full_access 1", it's fine. But I don't want to keep these settings.
The wsftpd is configured with a ftp user and points to his personal directory /home/ftpuser. The boolean tftp_home_dir is still on but seems to don't have any effect in Centos 7.3.
In the attached SELinux's log, there are 2 issues relative to wsftpd. I can't state (is it a bug or not ?). The boolean tftp_home_dir should do the job, it did on Centos 7.2.
In complement :
ls -lZd /home/
drwxr-xr-x. root root system_u:object_r:home_root_t:s0 /home/
ls -lZd /home/ftpuser/
d--x------. ftpuser root unconfined_u:object_r:user_home_dir_t:s0 /home/ftpuser/ => Nota : subfolders have same context but rwx.
Do you have any recommendation ?
Thank you in advance.
Best regards.
[Update 7.3] vsftpd and SELinux issue
[Update 7.3] vsftpd and SELinux issue
- Attachments
-
- audit_readable.txt
- (5.88 KiB) Downloaded 111 times
Re: [Update 7.3] vsftpd and SELinux issue
It probably still does but tftp is not ftp and is a totally different protocol and daemon.The boolean tftp_home_dir should do the job, it did on Centos 7.2.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke