Summary: SELinux is preventing vsftpd (ftpd_t) "dac_override" to <Unknown> (ftpd_t). Detailed Description: [SELinux is in permissive mode. This access was not denied.] SELinux denied access requested by vsftpd. The current boolean settings do not allow this access. If you have not setup vsftpd to require this access this may signal an intrusion attempt. If you do intend this access you need to change the booleans on this system to allow the access. Allowing Access: One of the following booleans is set incorrectly: allow_ftpd_full_access, ftp_home_dir Fix Command: Choose one of the following to allow access: Allow ftp servers to login to local users and read/write all files on the system, governed by DAC. # setsebool -P allow_ftpd_full_access 1 Allow ftp to read and write files in the user home directories # setsebool -P ftp_home_dir 1 Additional Information: Source Context unconfined_u:system_r:ftpd_t:s0-s0:c0.c1023 Target Context unconfined_u:system_r:ftpd_t:s0-s0:c0.c1023 Target Objects None [ capability ] Source vsftpd Source Path /usr/sbin/vsftpd Port <Unknown> Host (removed) Source RPM Packages vsftpd-2.1.2-2.fc11 Target RPM Packages Policy RPM selinux-policy-3.6.12-98.fc11 Selinux Enabled True Policy Type targeted Enforcing Mode Permissive Plugin Name catchall_boolean Host Name (removed) Platform Linux (removed) 2.6.30.10-105.2.23.fc11.x86_64 #1 SMP Thu Feb 11 07:06:34 UTC 2010 x86_64 x86_64 Alert Count 3 First Seen Mi 19 mai 2010 00:05:50 +0000 Last Seen Mi 19 mai 2010 00:13:53 +0000 Local ID 5ac72285-bad3-4eaf-8ba4-57c38c2b8118 Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1274217233.370:32116): avc: denied { dac_override } for pid=16712 comm="vsftpd" capability=1 scontext=unconfined_u:system_r:ftpd_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:ftpd_t:s0-s0:c0.c1023 tclass=capability node=(removed) type=SYSCALL msg=audit(1274217233.370:32116): arch=c000003e syscall=4 success=no exit=-2 a0=7f21436bbb10 a1=7fffdfdd72d0 a2=7fffdfdd72d0 a3=20 items=0 ppid=0 pid=16712 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=44 comm="vsftpd" exe="/usr/sbin/vsftpd" subj=unconfined_u:system_r:ftpd_t:s0-s0:c0.c1023 key=(null) Hash String generated from catchall_boolean,vsftpd,ftpd_t,ftpd_t,capability,dac_override audit2allow suggests: #============= ftpd_t ============== #!!!! This avc can be allowed using one of the these booleans: # allow_ftpd_full_access, ftp_home_dir allow ftpd_t self:capability dac_override;
*** This bug has been marked as a duplicate of bug 538428 ***