https://bugzilla.novell.com/show_bug.cgi?id=786024
https://bugzilla.novell.com/show_bug.cgi?id=786024#c11
Michal Vyskocil changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |NEEDINFO
InfoProvider| |kukuk@suse.com
--- Comment #11 from Michal Vyskocil 2013-02-21 13:30:46 UTC ---
Well, I suspect the pam subsystem try to open a /dev/log. When add the
socket(PF_FILE) into the whitelist, vsftpd seems to work. However I've got an
another issue with pam (this is valid even if seccomp_sanbox is disabled).
2013-02-21T14:20:17.693042+01:00 linux-xtv2 vsftpd[1]: pam_unix(vsftpd:auth):
authentication failure; logname= uid=0 euid=0 tty=ftp ruser=mvyskocil rhost=::1
user=mvyskocil
2013-02-21T14:20:18.407159+01:00 linux-xtv2 vsftpd[1]: pam_sss(vsftpd:auth):
authentication success; logname= uid=0 euid=0 tty=ftp ruser=mvyskocil rhost=::1
user=mvyskocil
2013-02-21T14:20:18.409089+01:00 linux-xtv2 vsftpd[1]: PAM
audit_log_acct_message() failed: Operation not permitted
2013-02-21T14:20:18.411338+01:00 linux-xtv2 vsftpd[1]: [mvyskocil] FAIL LOGIN:
Client "::1"
@thorsen: I would say both CAP_AUDIT_* are needed for vsftpd. I'm right?
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.