LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 05-25-2016, 06:36 AM   #1
mangya
Member
 
Registered: Jul 2015
Distribution: CentOS
Posts: 84

Rep: Reputation: Disabled
Why no ftp_home_dir in Fedora ?


Hello

I just installed Fedora 23 and tried to setup vsftpd server. Its surprising fedora doesn't have selinux ftp_home_dir boolen. How come ?

Fedora 23
Code:
# semanage boolean -l | grep '_home_'
samba_create_home_dirs         (off  ,  off)  Allow samba to create home dirs
spamd_enable_home_dirs         (on   ,   on)  Allow spamd to enable home dirs
use_samba_home_dirs            (off  ,  off)  Allow use to samba home dirs
samba_enable_home_dirs         (off  ,  off)  Allow samba to enable home dirs
use_ecryptfs_home_dirs         (off  ,  off)  Allow use to ecryptfs home dirs
use_nfs_home_dirs              (off  ,  off)  Allow use to nfs home dirs
tftp_home_dir                  (off  ,  off)  Allow tftp to home dir
use_fusefs_home_dirs           (off  ,  off)  Allow use to fusefs home dirs
Whereas in CentOS 7,
Code:
# semanage boolean -l | grep '_home_'
ftp_home_dir                   (off  ,  off)  Allow ftp to home dir
use_ecryptfs_home_dirs         (off  ,  off)  Allow use to ecryptfs home dirs
samba_enable_home_dirs         (off  ,  off)  Allow samba to enable home dirs
use_samba_home_dirs            (off  ,  off)  Allow use to samba home dirs
samba_create_home_dirs         (off  ,  off)  Allow samba to create home dirs
spamd_enable_home_dirs         (on   ,   on)  Allow spamd to enable home dirs
tftp_home_dir                  (off  ,  off)  Allow tftp to home dir
use_fusefs_home_dirs           (off  ,  off)  Allow use to fusefs home dirs
use_nfs_home_dirs              (off  ,  off)  Allow use to nfs home dirs
Thanks
 
Old 05-25-2016, 12:09 PM   #2
Turbocapitalist
Member
 
Registered: Apr 2005
Distribution: Ubuntu, Devuan, OpenBSD
Posts: 974
Blog Entries: 3

Rep: Reputation: 396Reputation: 396Reputation: 396Reputation: 396
Fedora is ahead of CentOS, so I expect that is the direction a later version of CentOS will also take.

If you identify the package that supplies the file, then you could find the version control system for it that Fedora uses. Then you could dig through the commits until you find the right one and hopefully the comment will have some clarification.

But just guessing, it could be that is soon finally over for FTP. Anonymous FTP can be replaced by either HTTP or a Torrent. Uploads can be handled by HTTPS (and some server side help) or SFTP. Old FTP with login should not be allowed. Add to that the complexity of setting it up and the permanent, unfixable insecurity and you have to wonder why it was allowed to hang on for so many years.
 
Old 05-25-2016, 12:28 PM   #3
Habitual
LQ Addict
 
Registered: Jan 2011
Location: Youngstown, Ohio
Distribution: LM17.1/Xfce4.11.8
Posts: 7,179
Blog Entries: 10

Rep: Reputation: 1980Reputation: 1980Reputation: 1980Reputation: 1980Reputation: 1980Reputation: 1980Reputation: 1980Reputation: 1980Reputation: 1980Reputation: 1980Reputation: 1980
Quote:
Originally Posted by mangya View Post
Hello

I just installed Fedora 23 and tried to setup vsftpd server. Its surprising fedora doesn't have selinux ftp_home_dir boolen. How come ?
So, try
Code:
setsebool -P ftp_home_dir on
and re-check.
 
Old 05-25-2016, 12:56 PM   #4
mangya
Member
 
Registered: Jul 2015
Distribution: CentOS
Posts: 84

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by Habitual View Post
So, try
Code:
setsebool -P ftp_home_dir on
and re-check.
I Cant. I've disabled anonymous login and allowed only authorized users to access their respective home directory. So unless I set the boolean ftp_home_dir, users wont be allowed to access their home directories.

Code:
# setsebool -P ftp_home_dir on
Boolean ftp_home_dir is not defined
Cause there is no ftp_home_dir boolean in Fedora23 like CentOS.

Fedora23 (no result)
Code:
# semanage boolean -l | grep '^ftp_home_dir'
CentOS
Code:
# semanage boolean -l | grep '^ftp_home_dir'
ftp_home_dir                   (on   ,   on)  Allow ftp to home dir
Temporarily managed to allow users to login to their respective home directories by using
Code:
# setsebool -P ftpd_full_access 1
Don't know how vulnerable it will be.
 
Old 05-25-2016, 12:58 PM   #5
Habitual
LQ Addict
 
Registered: Jan 2011
Location: Youngstown, Ohio
Distribution: LM17.1/Xfce4.11.8
Posts: 7,179
Blog Entries: 10

Rep: Reputation: 1980Reputation: 1980Reputation: 1980Reputation: 1980Reputation: 1980Reputation: 1980Reputation: 1980Reputation: 1980Reputation: 1980Reputation: 1980Reputation: 1980
Only Fedora knows for sure.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Fedora Present and Future: a Fedora.next 2014 Update (Part IV.e, Fedora Cloud?) LXer Syndicated Linux News 0 08-02-2014 11:01 AM
LXer: Fedora Present and Future: a Fedora.next 2014 Update (Part IV.d, “Fedora Workstation”) LXer Syndicated Linux News 0 06-02-2014 11:20 PM
Upgrade from Fedora 5 to Fedora 11 with a fedora 11 live CD wolverine047 Linux - Newbie 9 10-02-2009 07:08 AM
http://download.fedora.us/fedora/fedora/3/i386/RPMS.os broken! caps_phisto Fedora 3 02-05-2005 05:16 PM


All times are GMT -5. The time now is 12:44 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration