Bug 427661 - SELinux stops vsftpd from working correctly
SELinux stops vsftpd from working correctly
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: logrotate (Show other bugs)
8
All Linux
low Severity low
: ---
: ---
Assigned To: Tomas Smetana
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-01-06 07:20 EST by Volans
Modified: 2008-01-15 17:52 EST (History)
0 users

See Also:
Fixed In Version: 3.7.6-2.1.fc8
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-01-15 17:52:24 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
The text returned by SELinux troubleshooter (3.08 KB, text/plain)
2008-01-06 07:20 EST, Volans
no flags Details

  None (edit)
Description Volans 2008-01-06 07:20:12 EST
Description of problem:

SELinux stops vsftpd from working correctly.

Version-Release number of selected component (if applicable):



How reproducible:

The policy stops vsftpd from writing to it's log vsftpd.conf, located in
/var/log . Since vsftp sees it's access denied to that file, it doesn't work.

Steps to Reproduce:
1. Start vsftpd
2. Try to open the FTP page using a browser
3. You see on the screen an information telling that SELinux prevented access to
vsftpd.log, from vsftpd
  
Actual results:

The browser keeps waiting for a response from the FTP server, that never comes,
even if you try loopback.

Expected results:

Told already.

Additional info:

This error doesn't happen always. It happens from times to times, usualy after
restarting PC. I follow the directions told by SELinux, to make this:
/sbin/restorecon -v /var/log/vsftp.log, and everything goes back to normal.
After some time it happens again.
Comment 1 Volans 2008-01-06 07:20:12 EST
Created attachment 290907 [details]
The text returned by SELinux troubleshooter
Comment 2 Daniel Walsh 2008-01-08 13:48:09 EST
This sounds like the broken logrotate bug loosing security context problem.
Comment 3 Tomas Smetana 2008-01-09 03:54:22 EST
I have a fix, so please wait for the updated logrotate.
Comment 4 Fedora Update System 2008-01-11 17:04:03 EST
logrotate-3.7.6-2.1.fc8 has been pushed to the Fedora 8 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update logrotate'
Comment 5 Fedora Update System 2008-01-15 17:52:21 EST
logrotate-3.7.6-2.1.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.