-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 07/04/2011 01:20 AM, Gene Smith wrote: > I can manually run a tftp server that allows access to files in a > directory under ~ with no problem. But when I try to run the server > under xinetd using the /etc/xinetd.d/tftp configuration file a > "permission denied" error shows up in /var/log/message with no > indication it is selinux related. But if I make selinux permissive for > tftpd it then works. > > Is there a quick way to configure selinux to allow this type of tftp > access (just read-only) w/o resorting to a "permissive" setting? > > Thanks, > -gene > Are you seeing any Messages in /var/log/audit/audit.log? ausearch -m avc -ts recent If not then you might be being blocked by a dontaudit rule # semodule -DB will turn off dontaudit rules Then run your test and see if AVC messages get generated. # ausearch -m avc -ts recent #semodule -B Will turn back on dontaudit rules. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk4TC3sACgkQrlYvE4MpobOLHgCgwOvi4m/uVvjFvOxxiCS6qYca xpQAn3pBTKni6nWhhzwOsyetWzIXKf8n =20H1 -----END PGP SIGNATURE----- -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines