-
Notifications
You must be signed in to change notification settings - Fork 0
/
vsftpd.conf
95 lines (71 loc) · 1.91 KB
/
vsftpd.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
# Run in the foreground to keep the container running:
background=NO
# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
anonymous_enable=NO
# Uncomment this to allow local users to log in.
local_enable=YES
#
ftpd_banner=Welcome to FTP
#
chroot_local_user=YES
#
chroot_list_enable=YES
#
chroot_list_file=/etc/vsftpd/chroot_list
#
#nopriv_user=admin
#
#nopriv_group=sladmin
## Enable virtual users
#guest_enable=YES
#�
#guest_username=admin
## Virtual users will use the same permissions as anonymous
#virtual_use_local_privs=YES
#
user_config_dir=/etc/vsftpd/vuser_conf
# Uncomment this to enable any form of FTP write command.
write_enable=YES
## PAM file name
#pam_service_name=vsftpd_virtual
pam_service_name=/etc/pam.d/vsftpd
## Home Directory for virtual users
user_sub_token=$USER
#local_root=/home/vsftpd/$USER
local_root=/home/vsftpd
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
chroot_local_user=YES
# Workaround chroot check.
# See https://www.benscobie.com/fixing-500-oops-vsftpd-refusing-to-run-with-writable-root-inside-chroot/
# and http://serverfault.com/questions/362619/why-is-the-chroot-local-user-of-vsftpd-insecure
allow_writeable_chroot=YES
## Hide ids from user
#hide_ids=YES
#
text_userdb_names=YES
## Enable logging
xferlog_enable=YES
xferlog_std_format=YES
xferlog_file=/var/log/xferlog
dual_log_enable=YES
vsftpd_log_file=/var/log/vsftpd.log
## Enable active mode
port_enable=YES
connect_from_port_20=YES
ftp_data_port=20
## Disable seccomp filter sanboxing
seccomp_sandbox=NO
### Variables set at container runtime
pasv_address=172.16.20.5
pasv_max_port=21110
pasv_min_port=21100
pasv_addr_resolve=NO
pasv_enable=YES
file_open_mode=0755
local_umask=022
xferlog_std_format=NO
reverse_lookup_enable=YES
#����
#utf8_filesystem=yes