概述: SELinux is preventing /usr/sbin/vsftpd "net_raw" access. 详细描述: SELinux denied access requested by vsftpd. It is not expected that this access is required by vsftpd and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. 允许访问: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Please file a bug report. 附加信息: 源上下文 system_u:system_r:ftpd_t:s0-s0:c0.c1023 目标上下文 system_u:system_r:ftpd_t:s0-s0:c0.c1023 目标对象 None [ capability ] 源 vsftpd 源路径 /usr/sbin/vsftpd 端口 <未知> 主机 (removed) 源 RPM 软件包 vsftpd-2.2.0-6.fc12 目标 RPM 软件包 策略 RPM selinux-policy-3.6.32-69.fc12 启用 Selinux True 策略类型 targeted Enforcing 模式 Enforcing 插件名称 catchall 主机名 (removed) 平台 Linux (removed) 2.6.31.12-174.2.3.fc12.i686.PAE #1 SMP Mon Jan 18 20:06:44 UTC 2010 i686 i686 警报计数 1 第一个 2010年01月27日 星期三 00时16分09秒 最后一个 2010年01月27日 星期三 00时16分09秒 本地 ID 866c2505-cfa8-4368-87ab-4a1100aae869 行号 原始核查信息 node=(removed) type=AVC msg=audit(1264522569.529:27082): avc: denied { net_raw } for pid=9397 comm="vsftpd" capability=13 scontext=system_u:system_r:ftpd_t:s0-s0:c0.c1023 tcontext=system_u:system_r:ftpd_t:s0-s0:c0.c1023 tclass=capability node=(removed) type=SYSCALL msg=audit(1264522569.529:27082): arch=40000003 syscall=120 success=no exit=-1 a0=40000011 a1=0 a2=9fa338 a3=9fa338 items=0 ppid=0 pid=9397 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="vsftpd" exe="/usr/sbin/vsftpd" subj=system_u:system_r:ftpd_t:s0-s0:c0.c1023 key=(null) Hash String generated from selinux-policy-3.6.32-69.fc12,catchall,vsftpd,ftpd_t,ftpd_t,capability,net_raw audit2allow suggests: #============= ftpd_t ============== allow ftpd_t self:capability net_raw;
*** This bug has been marked as a duplicate of bug 547339 ***