Posts Tagged ‘fedora’

SELinux, vsftpd and you

Setting up some new RHEL 6 servers I came across the odd need of enabling ftp access to /tftpboot on those machines came up. SELinux didn’t really like that idea and denied access, which by default is a very good idea. Diabling SELinux is of course no option at all.

It is pretty well known and documented that setsebool -P ftp_home_dir=1 allows access to system users’ home directories. But what about other directories outside of /home? audit2allow to the rescue!

# audit2allow -a
============== ftpd_t ==============
#!!!! This avc can be allowed using the boolean 'allow_ftpd_full_access'

allow ftpd_t tftpdir_rw_t:dir { write remove_name add_name };
#!!!! This avc can be allowed using the boolean 'allow_ftpd_full_access'

allow ftpd_t tftpdir_rw_t:file { write create unlink append };

Basically this little known, but invaluable helper goes through your audit.log and tells you what can be done to avoid those denies; in this case

setsebool -P allow_ftpd_full_access=1

therefore allows vsftpd to write to any system directory the currently logged in user can get access to.

Categories: fedora, red hat Tags: , , , ,

Awesome Fonts in Fedora in 56 Steps

September 22, 2010 Leave a comment
  • Enable RPMFusion Repository
  • su -c 'yum install freetype-freeworld'
  • su -c "ln -s /etc/fonts/conf.avail/10-autohint.conf /etc/fonts/conf.d/"
  • su -c "ln -s /etc/fonts/conf.avail/10-sub-pixel-rgb.conf /etc/fonts/conf.d/"
  • logout / login

Thanks to

Categories: fedora, linux, unix Tags: ,
%d bloggers like this: