GSSFTP Error: Permission denied permission problem

Source: Internet
Author: User
Tags ftp upload file rsync

It programmer development must-all kinds of resources download list, the most complete IT resources in history, personal collection summary.


Linux Open FTP (with: FTP Upload file error: Permission denied)
RHEL5 Open FTP

Vi/etc/xinetd.d/gssftp
The following:
# Default:off
# description:the kerberized FTP server accepts FTP connections \
# that can is authenticated with Kerberos 5.
Service FTP
{
Flags = Reuse
Socket_type = Stream
wait = no
user = root
Server =/USR/KERBEROS/SBIN/FTPD
Server_args =-l-a
Log_on_failure + + USERID
Disable = yes
}
of which
Server_args =-l-a changed to Server_args =-L
Restart FTP service after saving exit: Service xinetd restart

Disable = yes change to No

Upload file after landing error permission denied

Workaround:

Setsebool-p Ftpd_disable_trans 1 0752 2091936

The Setsebool command queried the relevant information.
is a selinux-related setup item

This is the SELinux set command.
In fact, man Setsebool also know:
Setsebool–set SELinux Boolean value
It is OK to turn off the selinux before you are unfamiliar with selnux. Have time to study the SELinux.
Redhat started with the FC3 and used SELinux to enhance security, but it was sometimes too cumbersome to close it, but it was hard to find a place to turn off if the server started without a graphical interface.
The correct approach is as follows: Modify the selinux= "" in the/etc/selinux/config file as disabled, and then reboot.


Here are some of the set commands collected
===ftp===
If you are want to share files anonymously
Chcon-r-T Public_content_t/var/ftp
If you are want to setup a directory where you can upload files
Chcon-t public_content_rw_t/var/ftp/incoming

You are must also turn on the Boolean allow_ftpd_anon_write
Setsebool-p allow_ftpd_anon_write=1
If you are are setting up this machine as a FTPD server and wish to allow users to access their home directorories
Setsebool-p Ftp_home_dir 1
If you are want to run ftpd as a daemon
Setsebool-p Ftpd_is_daemon 1
Can disable SELinux protection for the ftpd daemon
Setsebool-p Ftpd_disable_trans 1
===httpd===
If you are want a particular domain to write to the public_content_rw_t domain
Setsebool-p allow_httpd_anon_write=1
Or
Setsebool-p allow_httpd_sys__anon_write=1
HTTPD can be the setup to allow CGI s. executed
Setsebool-p httpd_enable_cgi 1
If you are want to allow access to users home directories
Setsebool-p Httpd_enable_homedirs 1
Chcon-r-T httpd_sys_content_t ~user/public_html
HTTPD is allowed access to the controling terminal
Setsebool-p Httpd_tty_comm 1
such that one httpd service can not interfere with another
Setsebool-p httpd_unified 0
Loadable modules run under the same context as httpd
Setsebool-p httpd_builtin_ing 0
httpd s are allowed to connect out to the network
Setsebool-p Httpd_can_network_connect 1
You can disable suEXEC transition
Setsebool-p Httpd_suexec_disable_trans 1
Can disable SELinux protection for the httpd daemon by executing
Setsebool-p Httpd_disable_trans 1
Service httpd Restart
===named===
If you are want to have named update the master zone files
Setsebool-p Named_write_master_zones 1
Can disable SELinux protection for the named daemon by executing
Setsebool-p Named_disable_trans 1
Service named restart
===nfs===
If you want to the setup this machine to share NFS partitions read only
Setsebool-p Nfs_export_all_ro 1
If you are want to share files Read/write
Setsebool-p NFS_EXPORT_ALL_RW 1
If you are want to use a sqlremote NFS server for the "Home directories on" This machine
Setsebool-p Use_nfs_home_dirs 1
===samba===
If you are want to share files other than home Directorie
Chcon-t samba_share_t/directory
If you are want to share the files with multiple domains
Setsebool-p allow_smbd_anon_write=1
If you are are setting up this machine as a Samba server and wish to share the home directories
Setsebool-p Samba_enable_home_dirs 1
If you have want to use a remote Samba server for the "Home directories on" This machine
Setsebool-p Use_samba_home_dirs 1
Can disable SELinux protection for the samba daemon by executing
Setsebool-p Smbd_disable_trans 1
Service SMB Restart
===rsync===
If you are want to share files using the rsync daemon
Chcon-t public_content_t/directories
If you are want to share the files with multiple domains
Setsebool-p allow_rsync_anon_write=1
Can disable SELinux protection for the rsync daemon by executing
Setsebool-p Rsync_disable_trans 1
===kerberos===
Allow your system to work properly in a Kerberos environment
Setsebool-p Allow_kerberos 1
If you are running Kerberos daemons kadmind or KRB5KDC
Setsebool-p Krb5kdc_disable_trans 1
Service KRB5KDC Restart
Setsebool-p Kadmind_disable_trans 1
Service Kadmind Restart
===nis===
Allow your system to work properly in a NIS environment
Setsebool-p Allow_ypbind 1

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.