search for: ftpd_t

...s files labelled with tftpdir_rw_t via samba or vise versa? There's already a number of rules in the default policy which allow ftp access to samba shares and smb/nmb access to files labelled with tftpdir_rw_t. Eg # sesearch --allow -t samba_share_t | grep samba_share_t | grep ftp allow ftpd_t samba_share_t : file { ioctl read write create getattr setattr lock append unlink link rename open } ; allow ftpd_t samba_share_t : dir { ioctl read write create getattr setattr lock unlink link rename add_name remove_name reparent search rmdir open } ; allow ftpd_t samba_share_t : lnk_f...

...pdir_rw_t via > samba or vise versa? There's already a number of rules in the default > policy which allow ftp access to samba shares and smb/nmb access to files > labelled with tftpdir_rw_t. Eg > > # sesearch --allow -t samba_share_t | grep samba_share_t | grep ftp > allow ftpd_t samba_share_t : file { ioctl read write create getattr > setattr lock append unlink link rename open } ; > allow ftpd_t samba_share_t : dir { ioctl read write create getattr > setattr lock unlink link rename add_name remove_name reparent search rmdir > open } ; > allow ftpd_t s...

????????? ???????? ????? 2016-07-05 19:58: >> I need to have the tftpdir_rw_t and samba_share_t SELinux context >> on >> the same directory. >> >> How can we do this? Is it feasible to have more than one SELinux >> context? > > I don't think it's possible/feasible. > You'd probably need to add a new type and necessary rules to your

Has anyone attempted to make SFTP on ProFTPD with SELinux work? I'd like to keep SELinux enabled on this particular system, but I prefer ProFTPD's SFTP solution over OpenSSH. The aureport tool reports the following: 28. 11/05/2014 12:58:58 proftpd unconfined_u:system_r:ftpd_t:s0-s0:c0.c1023 4 file getattr system_u:object_r:sshd_key_t:s0 denied 86877 I have the SFTP config setup to just use the OpenSSH host keys, and it appears to be getting denied read access to it. Thoughts? -- GPG keyID: 0xFECC890C Phil Gardner

...ine...Am I missing something simple? ftp> user (username) user 331 Please specify the password. Password: 530 Login incorrect. # getenforce Permissive here is the event in /var/log/audit/audit.log: type=USER_AUTH msg=audit(1247235151.569:9781): user pid=21052 uid=0 auid=0 subj=root:system_r:ftpd_t:s0 msg='PAM: authentication acct="user" : exe="/usr/sbin/vsftpd" (hostname=hostname, addr=1.2.3.4, terminal=ftp res=failed)' cat /etc/pam.d/vsftpd #%PAM-1.0 session optional pam_keyinit.so force revoke auth required pam_listfile.so item=user sense=deny...