Summary: SELinux is preventing the ftp daemon from reading users home directories (31206D61692032303130). Detailed Description: [SELinux is in permissive mode. This access was not denied.] SELinux has denied the ftp daemon access to users home directories (31206D61692032303130). Someone is attempting to login via your ftp daemon to a user account. If you only setup ftp to allow anonymous ftp, this could signal a intrusion attempt. Allowing Access: If you want ftp to allow users access to their home directories you need to turn on the ftp_home_dir boolean: "setsebool -P ftp_home_dir=1" Fix Command: setsebool -P ftp_home_dir=1 Additional Information: Source Context unconfined_u:system_r:ftpd_t:s0-s0:c0.c1023 Target Context unconfined_u:object_r:user_home_t:s0 Target Objects 31206D61692032303130 [ dir ] Source vsftpd Source Path /usr/sbin/vsftpd Port <Unknown> Host (removed) Source RPM Packages vsftpd-2.1.2-2.fc11 Target RPM Packages Policy RPM selinux-policy-3.6.12-98.fc11 Selinux Enabled True Policy Type targeted Enforcing Mode Permissive Plugin Name ftp_home_dir Host Name (removed) Platform Linux (removed) 2.6.30.10-105.2.23.fc11.x86_64 #1 SMP Thu Feb 11 07:06:34 UTC 2010 x86_64 x86_64 Alert Count 2 First Seen Mi 19 mai 2010 00:12:36 +0000 Last Seen Mi 19 mai 2010 00:12:36 +0000 Local ID ff82bb74-b3db-4b4b-88af-f41aa1e1d45b Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1274217156.30:32112): avc: denied { read } for pid=16679 comm="vsftpd" name=31206D61692032303130 dev=sda2 ino=12214385 scontext=unconfined_u:system_r:ftpd_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=dir node=(removed) type=AVC msg=audit(1274217156.30:32112): avc: denied { open } for pid=16679 comm="vsftpd" name=31206D61692032303130 dev=sda2 ino=12214385 scontext=unconfined_u:system_r:ftpd_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=dir node=(removed) type=SYSCALL msg=audit(1274217156.30:32112): arch=c000003e syscall=2 success=yes exit=6 a0=7f2ce0dfb900 a1=90800 a2=7f2ce0dfc720 a3=1 items=0 ppid=1 pid=16679 auid=0 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=44 comm="vsftpd" exe="/usr/sbin/vsftpd" subj=unconfined_u:system_r:ftpd_t:s0-s0:c0.c1023 key=(null) Hash String generated from ftp_home_dir,vsftpd,ftpd_t,user_home_t,dir,read audit2allow suggests: #============= ftpd_t ============== #!!!! This avc can be allowed using one of the these booleans: # allow_ftpd_full_access, ftp_home_dir allow ftpd_t user_home_t:dir { read open };
*** This bug has been marked as a duplicate of bug 538428 ***