SELinux引發的FTP、Samba的錯誤

今天在Fedora 12 下配置ftp的時候，按以前的步驟弄好後竟然本地用戶無法登陸，整了很久都沒解決問題，報錯如下：

ftp 127.0.0.1
Connected to 127.0.0.1 (127.0.0.1).
220 Welcome to my fedora FTP service.
ftp> user stu1
331 Please specify the password.
Password:
500 OOPS: cannot change directory:/home/stu1
Login failed.
ftp> bye
500 OOPS: child died

黔驢技窮後只好請出萬能的google，才知道原來所SELinux 搞的鬼，網絡大部分提供的解決方法:
7^luj/he@0@:L%C0在終端輸入命令：
xoX*eh.j0setsebool ftpd_disable_trans 1

但是我輸入時候卻出現了問題

[root@lin-fedora mnt]# setsebool ftpd_disable_trans 1
Could not change active booleans: Invalid boolean
可能所因爲系統版本不同，無法執行，也就算說原理所一樣的，就是命令的語法可能不一樣

後來又搜到獲取SELinux 設置項的指令，由此得到啓發，最後果然如我所料，成了～

[root@lin-fedora ~]# getsebool -a | grep ftp
allow_ftpd_anon_write --> off
allow_ftpd_full_access --> off
allow_ftpd_use_cifs --> off
allow_ftpd_use_nfs --> off
ftp_home_dir --> off
ftpd_connect_db --> off
httpd_enable_ftp_server --> off
tftp_anon_write --> off
[root@lin-fedora ~]# setsebool ftp_home_dir on
[root@lin-fedora ~]# ftp 127.0.0.1
Connected to 127.0.0.1 (127.0.0.1).
220 Welcome to my fedora FTP service.
Name (127.0.0.1:lin): user stu1
331 Please specify the password.
Password:
530 Login incorrect.
Login failed.
ftp> user lin
331 Please specify the password.
Password:
230 Login successful.
ftp> ls
227 Entering Passive Mode (127,0,0,1,20,203).
150 Here comes the directory listing.
drwxr-xr-x    2 500      500          4096 Aug 04 04:53 Desktop
drwxr-xr-x    2 500      500          4096 Aug 03 11:09 Documents
drwxr-xr-x    2 500      500          4096 Aug 03 11:09 Downloads
drwxr-xr-x    2 500      500          4096 Aug 03 11:09 Music
drwxr-xr-x    2 500      500          4096 Aug 03 11:09 Pictures
drwxr-xr-x    2 500      500          4096 Aug 03 11:09 Public
drwxr-xr-x    2 500      500          4096 Aug 03 11:09 Templates
drwxr-xr-x    2 500      500          4096 Aug 03 11:09 Videos
226 Directory send OK.
ftp>

＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃＃

上午的Samba 服務器更糾結，同樣也是因爲SELinux 花了不少時間，在設置訪問用戶家目錄的時候也所要用setsebool來打開SELinux 中的限制。不過這個還好在配置文件有說明

# Turn the samba_enable_home_dirs Boolean on if you want to share home
# directories via Samba. Run the following command as the root user to turn this
# Boolean on:
# setsebool -P samba_enable_home_dirs on

＃＃＃

samba的掛載常用命令

mount -t cifs //ip addr/Public  /mount/point  -o username=xxxx