January 8, 2009 06:34pm pst

10.19.2008 at 11:22AM PDT, ID: 23827967

	[x] Attachment Details

Fedora 9: Selinux policy is preventing the ftp deamon from writing to apublic directory

[x]

The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

The Grade of the Solution
The Zone Rank of the Expert Providing the Solution
The Number of Author and Expert Comments
The Number of Experts Contributing
The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

8.2

Zones:

Fedora Linux, Linux Networking

Tags:

Fedora 9, vsftpd, SElinux AVC denial: Selinux policy is preventing the ftp deamon from writing to apublic directory

I am trying to upload a file from Windows Vista smart to my fedora server and my server is giving me the message:

SElinux AVC denial:
Selinux policy is preventing the ftp deamon from writing to a public directory

the I am given more detailed description:

" Summary:

SELinux policy is preventing the ftp daemon from writing to a public directory.

Detailed Description:

SELinux policy is preventing the ftp daemon from writing to a public directory.
If ftpd is not setup to allow anonymous writes, this could signal a intrusion
attempt.

Allowing Access:

If the ftp daemon should be allowed to write to this directory you need to turn
on the allow_ftpd_anon_write boolean and change the file context of the public
directory to public_content_rw_t. Read the ftpd_selinux man page for further
information: "setsebool -P allow_ftpd_anon_write=1; chcon -t public_content_rw_t
"

Fix Command:

setsebool -P allow_ftpd_anon_write=1

Additional Information:

Source Context system_u:system_r:ftpd_t:s0
Target Context unconfined_u:object_r:public_content_t:s0
Target Objects ./incoming [ dir ]
Source vsftpd
Source Path /usr/sbin/vsftpd
Port <Unknown>
Host ftpserver
Source RPM Packages vsftpd-2.0.6-3.fc9
Target RPM Packages
Policy RPM selinux-policy-3.3.1-42.fc9
Selinux Enabled True
Policy Type targeted
MLS Enabled True
Enforcing Mode Enforcing
Plugin Name allow_ftpd_anon_write
Host Name ftpserver
Platform Linux ftpserver 2.6.25-14.fc9.i686 #1 SMP Thu May
1 06:28:41 EDT 2008 i686 i686
Alert Count 472
First Seen Sun 19 Oct 2008 01:06:35 PM EDT
Last Seen Sun 19 Oct 2008 02:12:36 PM EDT
Local ID ba87e2e0-138c-4c42-bdf5-a34101005af8
Line Numbers

"

Where should I enable this function ?????

Start your 7 day free trial to see this answer

Answered By:	hfraser
Expert Since:	01/22/2003
Accepted Solutions:	144

hfraser has been an Expert for 5 years 11 months, during which he has posted 563 comments and answered 144 questions. hfraser is just one of 408 experts in the Fedora Linux Zone. 2 experts collaborated on this answer, which was graded an "A" by the asker.

#	Title
1	SELinux and sftp
2	How to install VMServer onto Fedora …
3	Upgrading Kernel Fedora Core 5
4	Fedora Core software update hangs
5	how to develop jsp files on fedora cor…
6	VNC for Linux Fedora