#

底下

说

也是有

47.5%

的机率是由此

产

生的！

***** Plugin catchall_boolean (47.5 confidence) suggests ******************

If you want to allow ftpd to full access

Then

you must tell SELinux about this by enabling the 'ftpd_full_access' boolean.

You can read 'None' man page for more details.

Do

setsebool

-

P ftpd_full_access 1

#

底下

说

，

½

有

6.38%

的可信度是由

这个

情

况产

生的！

***** Plugin catchall (6.38 confidence) suggests **************

************

If you believe that vsftpd should be allowed lock access on the test.txt file by default.

Then you should report this as a bug.

You can generate a local policy module to allow this access.

Do

allow this access for now by executing:

# grep

vsftpd /var/log/audit/audit.log | audit2allow

-

M mypol

# semodule

-

i mypol.pp

#

底下就重要了！是整

个问题发

生的主因～最好

还

是稍微瞧一瞧！

Additional Information:

Source Context system_u:system_r:ftpd_t:s0

-

s0:c0.c1023

Target Context

unconfined_u:object_r:user_home_t:s0

Target Objects /home/ftptest/test.txt [ file ]

Source vsftpd

Source Path /usr/sbin/vsftpd

Port <Unknown>

Host sta

tion3

-

39.gocloud.vm

Source RPM Packages vsftpd

-

3.0.2

-

9.el7.x86_64

Target RPM Packages

Policy RPM selinux

-

policy

-

3.13.1

-

23.el7.noarch

Selinux Enabled True

Policy Type targeted

Enforcing Mode

Permissive

Host Name station3

-

39.gocloud.vm

Platform Linux station3

-

39.gocloud.vm 3.10.0

-

229.el7.x86_64

#1 SMP Fri Mar 6 11:36:42 UTC 2015 x86_64 x86_64

Alert Count

3

First Seen 2015

-

08

-

09 01:00:12 CST

Last Seen 2015

-

08

-

09 02:55:57 CST

Local ID 3a57aad3

-

a128

-

461b

-

966a

-

5bb2b0ffa0f9