FTP Server connection failed, error prompted: Oops:cannot change directory:/home/*******
Oops:child died
Workaround: 1 in the terminal Input command: Setsebool Ftpd_disable_trans 1
Service VSFTPD Restart
It's OK. But the next time you reboot, it's going to be so. 2 in the terminal input command: Setsebool-p Ftpd_disable_trans 1 Service VSFTPD Restart So every time we reboot the machine. The reason is SELinux. =========================================================================================== another article:
On the vsftpd part of local users can not log in, part of the problem, I have done a number of experiments, I put this problem combined with the results of the experiment again to describe, please high man, help to see the possible reasons. Thank you, sir.
The original local account in the system can not log in, my/etc/vsftpd/vsftpd.conf files are configured as follows:
Local_enable=yes
Write_enable=yes
Chroot_local_user=yes
Pam_service_name=vsftpd
/ETC/PAM.D/VSFTPD exists and is normal.
Error messages are the same at logon:
Oops:cannot Change Directory:/home/xxxx
Login failed.
421 Service not available, remote server has closed connection
Their home directory is/home/xxxx. Both the/home and/home/xxxx permissions are 755.
These accounts are not FTP login, these are often used, you can log in with the shell.
I've created a new USR1 account,
# useradd-g test-d/TMP/USR1 USR1
Can ftp login, his home for/TMP/USR1, ON/partition. And/home I was on the mount to the/DEV/HDA9.
#mount
/DEV/HDB1 on/type ext3 (rw)
/DEV/HDA9 on/home type ext2 (rw)
So, I guess: whether it is due to the/home partition, and the "home directory in the/home partition account" can not log in.
To verify the above assumptions, I tried to create an account,
Useradd-g test-d/HOME/USR3 USR3
/home,/HOME/USR3 's permissions are all 755.
USR3 FTP Login failed.
Oops:cannot Change DIRECTORY:/HOME/USR3
Login failed.
421 Service not available, remote server has closed connection
At this point, I think you can determine the reason for the/home partition, which causes the "home directory in the/home partition account" can not log in.
Reference articles:
-----------------------------------------------------------------------------------------
I finished my second upgrade to Fedora Core 4. Not everything are ironed out yet with the build of course. But one thing is for sure a lot has happened to the RedHat I knew before.
I must say of the changes, for me the nicest addition is the new SELinux extensions. For deep background in the reasons for and theory of SELinux read, the inevitability of failure:the flawed assumption of Security in modern Computing environments
The more I work with SELinux I realize I need to know about it, and how exactly it does all its stuff. It certainly changes things relating to users, directories and access. As I am starting to learn it, I ' m sure I ' m doing things the Hard-way. :)
The major difference, so far for me, in Red Hat's SELinux is the way FTP is handled. VSFTPD is still the server which is great. However, it seems to is designed to run as a daemon rather than via invoked. If you are grab a working copy of the Xinet.d file for vsftpd you can invoke it via XINET.D wrapper. I did my I-server upgrade in this manner. The current one I am trying as a daemon. I certainly I'll miss some of the features that XINET.D wrapper, and could brings return to it.
All of the issues I saw most notable are if you want to enable Chroot directory ' s outside of the normal/home/xxx vsftpd. These would fail with a
Oops:cannot Change Directory:/mnt/xxxxx
I am able to "use FTP if I logged" with "a" in/home, but once I set a user account to have a ho Me drive outside Of/home (in the, on a mounted secondary disk) VSFTPD Barfs the above.
I found information at the NSA so indicates you can disable SELinux protection of the FTP daemon.
Setsebool-p Ftpd_disable_trans 1
This seems a bit drastic. It certainly works for now though.
I ultimately the issue resides with policies, but as SELinux policies are new to me, it would take time before it all Gets sorted out. As I spend time with the new SELinux extensions in Fedora Core 4 I'll keep you updated on my thoughts and configuration Lessons.
---------------------------------------------------------------------------------------
Solution:
--------------------------------------------------------------------------------------
# Setsebool Ftpd_disable_trans 1
# Service VSFTPD Restart
So, you can determine why it's in SELinux.
Http://hi.baidu.com/cwg3739/blog/item/3d02a477fc42411fb051b981.html |
