SELinux拒绝vsftpd上传文件到用户主目录

核心提示： 系统是CentOS 5.1，创建用户后，SELinux拒绝vsftpd上传文件到用户主目录，不能登陆FTP，在/var/log/messages文件记录以下信息： Mar 31 13:46:15 localhost kernel: audit(1206942375.697:5719): avc: denied { a

 

系统是CentOS 5.1，创建用户后，不能登陆FTP，在/var/log/messages文件记录以下信息：

Mar 31 13:46:15 localhost kernel: audit(1206942375.697:5719): avc: denied { append } for pid=32111 comm="vsftpd" name="test" dev=sda3 ino=19400200 scontext=root:system_r:ftpd_t:s0 tcontext=root:object_r:root_t:s0 tclass=file

SElinux ftp daemon policy is customizable based on least access required. So by default SElinux does not allow users to login and read their home directories.

If you are setting up this machine as a ftpd server and wish to allow users to access their home directorories, you need to set the ftp_home_dir boolean.

执行命令：

setsebool -P ftp_home_dir 1

上传文件成功。