Bug 219022 - SELinux is preventing /usr/sbin/vsftpd (ftpd_t) "getattr" access to /home/lost+found (lost_found_t).
SELinux is preventing /usr/sbin/vsftpd (ftpd_t) "getattr" access to /home/los...
Product: Fedora
Classification: Fedora
Component: vsftpd (Show other bugs)
x86_64 Linux
medium Severity medium
: ---
: ---
Assigned To: Maros Barabas
: Reopened
Depends On:
  Show dependency treegraph
Reported: 2006-12-09 08:05 EST by Maurizio Rossi
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-12-14 05:14:25 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Step by step description of problem (358.78 KB, application/x-gzip)
2006-12-11 15:38 EST, Maurizio Rossi
no flags Details

  None (edit)
Description Maurizio Rossi 2006-12-09 08:05:41 EST
Description of problem:
SELinux denied access requested by /usr/sbin/vsftpd. It is not expected that
this access is required by /usr/sbin/vsftpd and this access may signal an
intrusion attempt. It is also possible that the specific version or
configuration of the application is causing it to require additional access.

Version-Release number of selected component (if applicable):
vsftpd-2.0.5-8 [application], selinux-policy-2.4.6-1.fc6 .
Selinux Enabled:True , Policy Type:targeted

How reproducible:

Steps to Reproduce:
1. From menubar of a client PC select:
Places->Connet to server
on pop-up windows select
FTP (with login)
Server: hostname of server
Folder: /home/userhomedir
User Name: userhomedir
than press button Connect

Actual results:
SELinux is preventing  access to /home/lost+found

Expected results:
No errors, with following following SElinux policy setted: Allow ftp to
read/write files in the user home directories.

Additional info:
Comment 1 Maros Barabas 2006-12-11 08:00:11 EST
This is not a bug. Selinux implicit denied access to home dirs. Please allow ftp
write/read files in user home directories in SELinux. 

/home/lost+found is system directory on ext3 partition with read permissions
only for root. You don't have access to this directory by ftp.
Comment 2 Maurizio Rossi 2006-12-11 15:38:45 EST
Created attachment 143320 [details]
Step by step description of problem
Comment 3 Maurizio Rossi 2006-12-11 15:47:17 EST
Hi Maros,
I had already setted the SElinux policy for the ftp before the use of the ftp

I did all step again to reproduce the problem with more info, you can see the
description in the attached file 'Step by step description of problem', the file
is a gzipped odt document with some shoot.
I hope it's enought for testing.

Many thanks,
Comment 4 Maros Barabas 2006-12-13 08:49:45 EST
Hi Maurizio,
 thanks for document, but I think, this is not problem in vsftpd, try to connect
in other client (lftp, ftp, tftp ..) please and paste me your results.
Comment 5 Maurizio Rossi 2006-12-13 14:02:42 EST
(In reply to comment #4)
> Hi Maurizio,
>  thanks for document, but I think, this is not problem in vsftpd, try to connect
> in other client (lftp, ftp, tftp ..) please and paste me your results.

I agree with you Maros, it seems that the problem is about nautilus maybe ...

This is my tests result:

In the terminal window using ftp client there is no problem, all is ok.

Using gftp program it's the same, I did file transfer without any selinux warning.

Note You need to log in before you can comment on or make changes to this bug.