FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora User

 
 
LinkBack Thread Tools
 
Old 10-03-2010, 03:29 PM
Aaron Gray
 
Default VSFTPD 421 Service not availabl

On 3 October 2010 11:21, Daniel J Walsh <dwalsh@redhat.com> wrote:



-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1



On 10/02/2010 10:28 PM, Aaron Gray wrote:

> On 3 October 2010 01:35, Sam Sharpe <lists.redhat@samsharpe.net> wrote:

>

>> On 3 October 2010 00:41, Aaron Gray <aaronngray.lists@gmail.com> wrote:

>>> On 2 October 2010 23:58, Aaron Gray <aaronngray.lists@gmail.com> wrote:

>>>>

>>>> On 2 October 2010 23:56, stan <gryt2@q.com> wrote:

>>>>>

>>>>> On Sat, 2 Oct 2010 23:37:40 +0100

>>>>> Aaron Gray <aaronngray.lists@gmail.com> wrote:

>>>>>

>>>>>> I have installed a fresh version of F11, unfortunately I did not

>>>>>> install VSFTPD with it.

>>>>>>

>>>>>> On doing a "yum install vsftpd" it install fine but does not seem to

>>>>>> function.

>>>>>>

>>>>>> [root@zzz vsftpd]# ftp localhost

>>>>>> Trying ::1...

>>>>>> ftp: connect to address ::1Connection refused

>>>>>> Trying 127.0.0.1...

>>>>>> Connected to localhost (127.0.0.1).

>>>>>> 421 Service not available, remote server has closed connection

>>>>>> ftp> quit

>>>>>>

>>>>>> I copied the 'vsftpd.conf' and 'users' directory from my working F11

>>>>>> server this one is supposed to be mirroring, but am getting exactly

>>>>>> the same responce.

>>>>>

>>>>> This is probably a problem with the firewall. *Did you open ports 20

>>>>> and 21?

>>>>>

>>>>> And if you are using passive ftp you should open some ports in the high

>>>>> range, so there is a hole in the firewall for vsftpd to use. *You have

>>>>> to tell vsftpd to use those ports in the configuration. *I also had to

>>>>> open the service on my router, but that might not be an issue for you.

>>>>>

>>>>> If I recall correctly, there is a logging function that can be turned

>>>>> on and it is really useful for decoding where the problem is and what

>>>>> it is too.

>>>>>

>>>>> It's been a few years since I used vsftpd, so this is somewhat hazy.

>>>>

>>>> My other F11 server is working fine, and that does not have any extras.

>>>

>>> Its not iptables, thats exactly the same across the two machines.

>>> Aaron

>>

>> I find the best way to deal with this kind of problem is some

>> elementary research. I started with Google:

>>

>> http://www.google.com/search?sourceid=navclient&hl=en-GB&q=vsftpd+421

>>

>> The first Search Result might help you immensely.

>>

>

> Yep its SELinux !

>

> Are there any rule files for this I can just load ?

>

> Aaron

>

>

What AVC messages are you getting in /var/log/audit/audit.log?

type=AVC msg=audit(1286119627.313:21309): avc: *denied *{ sys_admin } for *pid=1903 comm="vsftpd" capability=21 scontext=unconfined_u:system_r:ftpd_t:s0 tcontext=unconfined_u:system_r:ftpd_t:s0 tclass=capability


type=SYSCALL msg=audit(1286119627.313:21309): arch=40000003 syscall=120 success=no exit=-1 a0=28000011 a1=0 a2=6f4334 a3=6f4334 items=0 ppid=1 pid=1903 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=5 comm="vsftpd" exe="/usr/sbin/vsftpd" subj=unconfined_u:system_r:ftpd_t:s0 key=(null)



Yeah, it works when I turn enforcement off.
Aaron*
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 

Thread Tools




All times are GMT. The time now is 12:11 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org