Red Hat Bugzilla – Bug 157873
Can't login with ftp client to users home directories
Last modified: 2007-11-30 17:11:06 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i586; en-US; rv:1.7.8) Gecko/20050512 Fedora/1.0.4-2 Firefox/1.0.4
Description of problem:
Having read the man ftpd_selinux page I can get
anonymous ftp to work (only tested read only mode so
far) by typing what is suggested in a terminal window.
chcon -R -t ftpd_anon_t /var/ftp
But what I cant get to work with selinux protection on
is ftp access to a users home directory just by either
using the system-config-securitylevel tool to enable
acces to home directories or by typing the following
command in a terminal window.
setsebool -P ftp_home_dir 1
When I try to login as a user with a home directory I
get this error message at the client end after the
password is entered
Error sending status request (Operation not permitted)
Do you also have to use chcon to appropriatly label a
users home directory.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
Actual Results: See description
Expected Results: Successful login the same as is possible when selinux protection is disabled for vsftpd.
Ther is an inconsistancy in the man page for ftpd_selinux as follows :-
The line after "setsebool -P ftpd_disable_trans 1"
reads "system vsftpd restart" but this when typed
produces an error.
The line should be "service vsftpd restart" presumably.
Fixed in selinux-policy-*-1.23.16-4