Red Hat Bugzilla – Bug 427661
SELinux stops vsftpd from working correctly
Last modified: 2008-01-15 17:52:24 EST
Description of problem:
SELinux stops vsftpd from working correctly.
Version-Release number of selected component (if applicable):
The policy stops vsftpd from writing to it's log vsftpd.conf, located in
/var/log . Since vsftp sees it's access denied to that file, it doesn't work.
Steps to Reproduce:
1. Start vsftpd
2. Try to open the FTP page using a browser
3. You see on the screen an information telling that SELinux prevented access to
vsftpd.log, from vsftpd
The browser keeps waiting for a response from the FTP server, that never comes,
even if you try loopback.
This error doesn't happen always. It happens from times to times, usualy after
restarting PC. I follow the directions told by SELinux, to make this:
/sbin/restorecon -v /var/log/vsftp.log, and everything goes back to normal.
After some time it happens again.
Created attachment 290907 [details]
The text returned by SELinux troubleshooter
This sounds like the broken logrotate bug loosing security context problem.
I have a fix, so please wait for the updated logrotate.
logrotate-3.7.6-2.1.fc8 has been pushed to the Fedora 8 testing repository. If problems still persist, please make note of it in this bug report.
If you want to test the update, you can install it with
su -c 'yum --enablerepo=updates-testing update logrotate'
logrotate-3.7.6-2.1.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.