Real-world cases in which SELinux causes FTP uploads to fail

This is a SQUID proxy server (a desktop, installed Redhat 5.4 64-bit operating system), every day 4 o'clock in the afternoon a server through the FTP upload host database inspection report to the agent pc in a user home directory under the Xunjian directory, This PC then sends the inspection report to the group member by sending the mail the way, carries on the inspection
This is the background, before the SELinux set for permissive, behold, colleagues at noon to sleep, feet such a touch, will this agent PC restart, restart, 2 consecutive days of inspection reports are not received by mail, hurriedly solve it

1, manually perform the FTP upload action, reported the following error: 553 Could not create file.

[Email protected]:~/xunjian/0108> ftp 192.168.1.123
Connected to 192.168.1.123.
(VsFTPd 2.0.5)
Name (192.168.1.123:oracle): Oracle
331 Specify the password.
Password:
Successful Login.
Remote system type is UNIX.
Using binary mode to transfer files.
Ftp>binary
Switching to Binary mode.
Ftp> put Xunjian_0108.zip
Local:xunjian_0108.zip Remote:xunjian_0108.zip
229 Entering Extended Passive Mode (| | | 10717|)
553 Could not create file.

2, Proxy pc Oracle home directory, must have read and write permissions, because it is the agent pc restart caused, suddenly think of selinux if open, is not allowed to user's home directory for FTP, need to ftp_home_dir this sebool open, as follows:

[Email protected] ~]# Getenforce
Enforcing
[Email protected] ~]# Getsebool-a | grep Ftp_home_dir
Ftp_home_dir--off
[Email protected] ~]# Setsebool Ftp_home_dir on

3, this time to upload, you can succeed, as shown below

[Email protected]:~/xunjian/0108> ftp 192.168.1.123
Connected to 192.168.1.123.
(VsFTPd 2.0.5)
Name (192.168.1.123:oracle): Oracle
331 Specify the password.
Password:
Successful Login.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> Bi
Switching to Binary mode.
Ftp> put Xunjian_0108.zip
Local:xunjian_0108.zip Remote:xunjian_0108.zip
229 Entering Extended Passive Mode (| | | 19974|)
Ok to send data.
100% |***********************************************************************| 577 KB 2.31 MB/s 00:00 ETA
226 File receive OK.
591290 Bytes Sent in 00:00 (2.18 MB/s)

4, another way, is to set the SELinux to permissive

[Email protected] ~]# Getenforce
Enforcing
[Email protected] ~]# Setenforce 0
[Email protected] ~]# Getenforce
Permissive

5, at the same time add this line in the/etc/rc.local, then the next time the system restarts, this will not happen

[email protected] ~]# which Setenforce
/usr/sbin/setenforce
[Email protected] ~]# cat/etc/rc.local | Tail-n 1
/usr/sbin/setenforce 0

Real-world cases in which SELinux causes FTP uploads to fail