Hi everyone,

In a virtual machine (VM) with SLES 12, after enforcing ("enforce mode") the AppArmor profile for "vsftpd" to confine it (via the "aa-enforce vsftpd" command), I'm doing a "lftp" session to "localhost", authenticating with the "ftp" user and some password. By doing that, I get the ftp shell prompt (as expected). However, when I run the "ls" command in that ftp shell, I get the following error message:

Code:
`ls' at 0 [500 OOPS: setrlimit]
This error does NOT happen when I run vsftpd in "complain mode" / "learning mode" (via "aa-complain vsftpd"): in that case, I do get the expected file and directory listing when I run the "ls" command in the "ftp" shell.

A Google search for "500 OOPS: setrlimit" apparently does not return relevant results.

Could you help me troubleshoot this, please?


In case it's useful, here is the content of my "/etc/apparmor.d/usr.sbin.vsftpd" file:

Code:
server1:/etc/apparmor.d # cat usr.sbin.vsftpd  
# Last Modified: Sun Oct 29 19:55:42 2017
#include <tunables/global>

/usr/sbin/vsftpd {
  #include <abstractions/apache2-common>
  #include <abstractions/base>


  capability     net_bind_service,
  capability     setgid,
  capability     setuid,
  capability     sys_admin,
  capability     sys_chroot,

  /etc/vsftpd.conf r,
  /run/nscd/group r,
  /run/nscd/passwd r,
  /srv/ftp/ r,
  /srv/ftp/* rw,
  /srv/ftp/test/ w,
  /srv/ftp/upload/* wk,
  /usr/sbin/vsftpd mr,

}

Thanks in advance.