Bug 753375 - vsftpd can't access home dir on server with selinux enforcing
Summary: vsftpd can't access home dir on server with selinux enforcing
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted
Version: 16
Hardware: i686
OS: Linux
unspecified
unspecified
Target Milestone: ---
Assignee: Miroslav Grepl
QA Contact: Ben Levenson
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-11-12 02:44 UTC by Jim Haynes
Modified: 2011-11-14 10:03 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-11-13 02:00:51 UTC
Type: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Jim Haynes 2011-11-12 02:44:07 UTC 
Description of problem:selinux enforcing doesn't allow vsftpd to access
/home, so I can't get into my home directory on the ftpd server from
another machine on the local network.


Version-Release number of selected component (if applicable):
selinux-policy-targeted-3.10.0-55.fc16.noarch

How reproducible: absolutely


Steps to Reproduce:
1. having enabled and started vsftpd on the ftp server

2. connect with ftp client from another host on the same local network

3. giving login name and password
  
Actual results:  reports it cannot change to my home directory on the server


Expected results:  should have let me into my home directory on the server


Additional info:  worked around by turning SELinux to permissive
Comment 1 Carl G. 2011-11-13 02:00:51 UTC 
You have to enable the boolean ftp_home_dir

# setsebool -P ftp_home_dir 1
Comment 2 Jim Haynes 2011-11-13 02:44:16 UTC 
OK, but which file contains that magic line?
Comment 3 Miroslav Grepl 2011-11-14 10:03:47 UTC 
Jim,
the sealert should tell it.

Also you can check the the ftpd_selinux man page

# man ftpd_selinux
Note You need to log in before you can comment on or make changes to this bug.