My vsftpd was working. I use it configured via xinetd and turn it off (disabled = yes) when I'm not using it to keep the bad guys from hammering on it.
Recently I upgraded to 4.2 (via yum update). That' the only change I know of on the system. And I didn't have any problems with it.
Today when I try to ftp, i enabled it in xinetd.d (with disable = no and a "service xinetd restart") But I can't connect. Well, I connect, but then I'm dropped with the reply:
500 OOPS: cannot open config file:/etc/vsftpd/vsftpd.conf
The config file is there: -rw------- 1 ftp ftp 4271 Oct 23 21:03 vsftpd.conf
I haven't changed it's permissions.
the ftp account appears intact: ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
There are no related entries on tehlog, only the connect in /var/log/secure: Oct 23 21:11:58 tn1 xinetd[13086]: START: ftp pid=13113 from=xx.xx.xx.xx
I tried starting it manually via service vsftpd start. That appeared to start fine, but when I look no process is running.
So I tried to start it manually and get teh same error
[root@tn1 init.d]# /usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf 500 OOPS: cannot open config file:/etc/vsftpd/vsftpd.conf
Anyone help?
Thanks, Scott
Looks to me that the permissions are not set up to allow access directly to the file.
as user root, can you edit said file ?I'm wondering if you may need to change permissions to the file.
Here's my set up: -rw------- 1 root root 4144 Aug 21 19:39 /etc/vsftpd/vsftpd.conf
scott wrote:
Joe Wrote::
====================== Matt Wrote:
My vsftpd was working. I use it configured via xinetd and turn it off (disabled = yes) when I'm not using it to keep the bad guys from
hammering
i've run across this error message also (although i'm not so sure if it's because of the 4.2 upgrade).
try doing a tail -f on /var/log/messages and see if you're getting SELinux errors ("avc denied") whenever you try to do something on vsftpd.
my vsftpd is working now though. what i did was to just reboot the system. i think it may have been that the SELinux labels on your vsftpd files have not yet been updated. ========================
Matt & Joe. Permissions appeared OK. I ever tried making the files 777 just to test, no luck. I uninstalled (yum remove) and reinstalled vsftpd. It did not change the files ownership or permission as far as I see, but now it's working (again).
Thanks for the replies!
Best, Scott
On 10/25/05, scott scott.list@mlec.net wrote:
Hello Scott,
It's great that your system's working again.
I'm really suspecting that it was your SELinux permissions that were messed up that time. SELinux puts additional access controls on your files, so even if you did chmod your files to 777, it may still disallow your from accessing it (even if you are root).
To determine if it's SELinux, what you do is just do a tail -f on /var/log/messages and if you're getting "AVC Denied" errors, that's SELinux preventing you. If you want to view the SELinux context of your files, what you do is to just put a -Z flag on your ls -l. To change the permissions, use the chcon utility.
-- Stand before it and there is no beginning. Follow it and there is no end. Stay with the ancient Tao, Move with the present.
See below:
----- Original Message ----- From: "Matt Arnilo S. Baluyos (Mailing Lists)" To: "CentOS mailing list" centos@centos.org Sent: Monday, October 24, 2005 6:56 PM Subject: Re: [CentOS] vsftpd failing since upgrade to 4.2
On 10/25/05, scott wrote:
now
it's working (again).
Hello Scott,
It's great that your system's working again.
I'm really suspecting that it was your SELinux permissions that were messed up that time. SELinux puts additional access controls on your files, so even if you did chmod your files to 777, it may still disallow your from accessing it (even if you are root).
To determine if it's SELinux, what you do is just do a tail -f on /var/log/messages and if you're getting "AVC Denied" errors, that's SELinux preventing you. If you want to view the SELinux context of your files, what you do is to just put a -Z flag on your ls -l. To change the permissions, use the chcon utility.
<<<<<<<<<<<<<<<<<<<
I looked in my syslogs, no sign of any AVC messages at all. I did look in syslog when I was experiencing the problem, nada.
I thought I had SELinux turned off, but now I don't know <smile>.
Cheers, Scott
On 10/24/05, scott scott.list@mlec.net wrote:
i've run across this error message also (although i'm not so sure if it's because of the 4.2 upgrade).
try doing a tail -f on /var/log/messages and see if you're getting SELinux errors ("avc denied") whenever you try to do something on vsftpd.
my vsftpd is working now though. what i did was to just reboot the system. i think it may have been that the SELinux labels on your vsftpd files have not yet been updated.
-- Stand before it and there is no beginning. Follow it and there is no end. Stay with the ancient Tao, Move with the present.
-
Joe Brouhard -
Matt Arnilo S. Baluyos (Mailing Lists) -
scott