LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 12-22-2005, 11:16 AM   #1
khopsicker
LQ Newbie
 
Registered: Dec 2005
Posts: 4

Rep: Reputation: 0
Question VSFTPD Can't See Filesystems Mounted in a chroot


I'm running Fedora Core 4, VSFTPD 2.0.3, and PAM 0.79. I've configured the VIRTUAL USERS using the EXAMPLE. The virtual user is khopsic and when it logs in, the local user is cadmin and it is chrooted to /cadmin. I've verified the connections are using the cadmin account via a simple ps.

The setup works fine. I can touch files, create directories, etc login and access them just fine. But this is going to be an FTP server with terrabytes of data that these virtual users will all have download access to. So I created all my mount points within /cadmin, i.e. /cadmin/data01, /cadmin/data02, etc.

When I create the mount points, I can see them via FTP. But as soon as I mount the filesystem, the directories are no longer visible via ftp. I can get to them from a shell prompt, but not ftp.

How can I configure all of the mountpoints to be accessed by the virtual users via the cadmin local user? My guess is it's something with how the filesystem is being mounted, but I can't for the life of me figure out exactly what it is.

Any help will be greatly appreciated. Thanks!

Ken Hopsicker
 
Old 12-22-2005, 11:44 AM   #2
Matir
Moderator
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 118Reputation: 118
Can the same user your are logging into ftp as see the files when logged in to the local shell? (I.e., it might be a permissions problem).
 
Old 12-22-2005, 11:50 AM   #3
khopsicker
LQ Newbie
 
Registered: Dec 2005
Posts: 4

Original Poster
Rep: Reputation: 0
Yes, the cadmin user can see the filesystems just fine from the shell prompt. It owns the mount point and the permissions have been set to 777, 750, and 700, all with the same result.

Here's something interesting though. I looked in the audit file and found this:

type=AVC msg=audit(1135277132.983:4870047): avc: denied { search } for pid=13833 comm="vsftpd" name=/ dev=hda5 ino=2 scontext=root:system_r:ftpd_t tcontext=system_ubject_r:file_t tclass=dir
type=SYSCALL msg=audit(1135277132.983:4870047): arch=40000003 syscall=12 success=no exit=-13 a0=997d4a8 a1=1f4 a2=e82524 a3=bf87f2d4 items=1 pid=13833 auid=4294967295 uid=0 gid=0 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 comm="vsftpd" exe="/usr/sbin/vsftpd"
type=PATH msg=audit(1135277132.983:4870047): item=0 name="/cadmin/data01" inode=2 dev=03:05 mode=040777 ouid=500 ogid=500 rdev=00:00


/dev/hda5 is the volume used for /cdead/data01. Could there be something with how the filesystem was created? I think I may be getting a little closer on this one. Any other help will be GREATLY appreciated. Thanks!

Ken
 
Old 12-22-2005, 12:03 PM   #4
Matir
Moderator
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 118Reputation: 118
Ah, my guess would be that that is due to SELinux, which I believe FC enables by default. Unfortunately, since I am not too familiar with it, I'm not sure I can help you out with that.
 
Old 12-22-2005, 12:07 PM   #5
khopsicker
LQ Newbie
 
Registered: Dec 2005
Posts: 4

Original Poster
Rep: Reputation: 0
Here's another little piece of information

With the filesystem mounted:
ls -Z
drwxrwxrwx cadmin cadmin data01

When I unmount the filesystem:
ls -Z
drwx------ cadmin cadmin rootbject_r:root_t data01


This could very well be within the mounting of the filesystem, but I'm not quite sure where.
 
Old 12-22-2005, 12:12 PM   #6
Matir
Moderator
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 118Reputation: 118
Yeah, it probably has to do with the object_r part of it. Exactly how that affects it, I'm not sure.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
vsftpd.conf/chroot/vsftpd.chroot_list issue Jerman Linux - Security 2 06-01-2007 07:24 PM
icons to mounted filesystems with gnome bad_zeppelin Slackware 2 10-10-2005 07:33 AM
cannot read table of mounted filesystems storto Linux From Scratch 4 08-16-2004 10:41 AM
mounted devices/ filesystems ergo_sum Linux - Newbie 4 11-01-2003 05:43 AM
automounted filesystems should be mounted using nosuid ForumKid Linux - Security 2 01-09-2002 01:45 AM


All times are GMT -5. The time now is 11:09 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration