If you’ve created a new user, and assigned it a home directory, you might run into the following error message when you’re running SELinux in combination with FTP daemons (proftpd, vsftpd, …): 500 OOPS: cannot change directory.
The message is thrown because SELinux is preventing the FTP daemon from reading user home directories.
You can overwrite this setting, by issuing the following command directly from the CLI.
/usr/sbin/setsebool -P ftp_home_dir=1
This will allow FTP access to a user home directory through SELinux.
Ps; don’t replace ftp_home_dir with the home directory you’re trying to access, it’s a setting named “ftp_home_dir” that we’re trying to alter.
On newer systems (RHEL/CentOS 7.3 and later, including RHEL 8/9), the ftp_home_dir boolean was removed. There you’ll want ftpd_full_access instead:
/usr/sbin/setsebool -P ftpd_full_access=1
Note that ftpd_full_access is broader: it lets the FTP daemon read/write all files on the system (still governed by the regular file permissions), not just home directories.