Displaying 15 results from an estimated 15 matches similar to: "vsftpd not able to log in"
2011 Nov 01
1
SELinux and SETroubleshootd woes in CR
I'm setting up a dedicated database server, and since this will be a
central service to my various web servers I wanted it to be as secure as
possible...so I am leaving SELinux enabled. However I'm having trouble
getting Apache to use mod_auth_pam. I also now can't get setroubleshootd
working to send me notifications of the denials and provide tips to solve
the problem.
The Apache
2010 Sep 02
1
Update for HowTo: Chroot vsftpd with non-system users
Hi,
This update is for the HowTo at
http://wiki.centos.org/HowTos/Chroot_Vsftpd_with_non-system_users
Regarding two of the scripts provided: vsftpd_virtual_config.sh and
vsftpd_virtual_config_withTLS.sh:
The configuration additions it makes to PAM do not work on 64-bit
systems. In vsftpd_virtual_config.sh (Lines 55 & 56) and
vsftpd_virtual_config_withTLS.sh (Lines 123 & 124) should be
2016 Jul 06
2
How to have more than on SELinux context on a directory
> If I understand well, I could add a type to another type?!?!?!
No.
The default targeted policy is mostly about Type Enforcement. Quote from
the manual:
"All files and processes are labeled with a type: types define a SELinux
domain for processes and a SELinux type for files. SELinux policy rules
define how types access each other, whether it be a domain accessing a
type, or a
2016 Jul 06
0
How to have more than on SELinux context on a directory
I can access /depot/tftp from a tftp client but unable to do it from a
Windows client as long as SELinux is enforced. If SELinux is permissive I
can access it then I know Samba is properly configured.
# getenforce
Enforcing
# ls -dZ /depot/tftp/
drwxrwxrwx. root root system_u:object_r:tftpdir_rw_t:s0 /depot/tftp/
And if I do it the other way around, give the directory a type
samba_share_t then
2016 Jul 05
4
How to have more than on SELinux context on a directory
????????? ???????? ????? 2016-07-05 19:58:
>> I need to have the tftpdir_rw_t and samba_share_t SELinux context
>> on
>> the same directory.
>>
>> How can we do this? Is it feasible to have more than one SELinux
>> context?
>
> I don't think it's possible/feasible.
> You'd probably need to add a new type and necessary rules to your
2015 Mar 03
2
selinux allow FTP
On Mar 3, 2015, at 2:30 PM, Brian Mathis <brian.mathis+centos at betteradmin.com> wrote:
>
> people are bound by corporate restrictions
That seems like an awfully convenient rug to sweep problems under.
Can?t fix a security problem? Corporate restrictions!
Can?t require sensible security defaults restrictions by default? Corporate restrictions!
Can?t move off IE6? Corporate
2014 Nov 06
1
ProFTPD SFTP with SELinux
Has anyone attempted to make SFTP on ProFTPD with SELinux work? I'd
like to keep SELinux enabled on this particular system, but I prefer
ProFTPD's SFTP solution over OpenSSH. The aureport tool reports the
following:
28. 11/05/2014 12:58:58 proftpd
unconfined_u:system_r:ftpd_t:s0-s0:c0.c1023 4 file getattr
system_u:object_r:sshd_key_t:s0 denied 86877
I have the SFTP config setup to just
2008 Dec 17
1
Chroot_Vsftpd_with_non-system_users (Update)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
I've been working in the bash scripts used in the page
http://wiki.centos.org/HowTos/Chroot_Vsftpd_with_non-system_users
Some of the changes are:
- - Add vsftpd TLS support in the configuration. So USER and PASS don't be
clearly readable.
- - If SELinux is available, set the boolean allow_ftpd_anon_write to on
in the configuration
2015 Mar 05
0
selinux allow FTP
Guys,
I hear all your arguments against using FTP. I completely get all that.
But I am making things a little bit safer by using virtual users that have
no access to the file system. The ftp user account has a shell of
/bin/false. And I was able to get proftpd working with SELinux
using setsebool -P ftp_home_dir on.
The client is recalcitrant to using any technology he doesn't know. I have
2010 Sep 29
5
Forbidden: can't access *.html files in /var/www/html
Hello,
I'm using the latest CentOS with phpBB 3.0.x + postgreSQL + sendmail
(relayed through gmail.com) - all those programs working fine,
with no big modifications of the CentOS defaults (i.e. SELinux is on).
Now I'm struggling with the seemingly simple problem, that when
I put an .html file into /var/www/html/ then Apache won't serve it.
In the browser I see:
"Forbidden
You
2007 Jul 03
0
i18n problems connecting Samba 3.0.22 with Snap! Server 4100 (samba 2.2.x I think)
Hello,
I have an old SNAP! Server 4100 appliance that has a built-in samba, I think
it's a 2.2.x samba
The only commands I can issue for smb are (taken from debug console):
Usage:
? ? ? smb add [w{hex#ofbytes} {AtHexOffset} | e{AtHexOffset}]
? ? ? smb domain [{name} [{user} [{pwd}]]]
? ? ? smb encrypted-password [enable|disable]
? ? ? smb info [connections]
? ? ? smb pdc disconnect
2002 May 13
1
Spatio-temporal analysis of homicide rates
Dear R-listers,
I would like to carry out a very basic descriptive analysis of homicides
rates in Italy, taking into account both the spatial dimension (103
provinces) and the temporal dimension (10 years), but no covariates. In
practice, what I would like to do is to describe spatio-temporal variation
of homicide rates, identifying those combinations of province-year where
the homicide rate
2006 Mar 15
9
Rails 1.1 is coming!
"Rails 1.1 is coming" - Feb 26, 2006 post in rails-core
* http://www.ruby-forum.com/topic/55991
Final Drive Candidates (highlighted for review by core members)
* http://dev.rubyonrails.org/report/19
Potential Rails 1.1 Blockers
* http://dev.rubyonrails.org/report/10
Did you know you can run many different versions of Rails on the same
physical server? This means you can test
2014 Sep 11
1
replicating (manage)sieve - no symlink on replica?
2.2.13/0.4.2, both from source-tarball, no fancy options.
tcp-replication between two nodes and following plugin parameters (same
on both sides, except the ip-addr)
plugin {
sieve_before = /home/ssfn/etc/dovecot/sieve.default
sieve_global_dir = /home/ssfn/etc/dovecot
sieve = ~/.dovecot.sieve
sieve_dir = ~/.sieve
sieve_extensions = +vnd.dovecot.duplicate
sieve_duplicate_period = 6h
2004 Jun 15
2
Multiple X100Ps -- order?
After over a month (well, ok, no more than an hour a day :) of planning,
getting hardware, tinkering and testing, I'm about to my Ultimate Home
Phone System (tm) online.
Connectivity to the outside world is provided by:
A. 1 POTS phone line connected through an X100P ($11/month, needed to
carry DSL)
B. 1 Vonage ATA186 connected through an X100P (needed for the rate
center :( )
C. 3 Broadvoice