diff options
Diffstat (limited to 'meta-networking/recipes-daemons/vsftpd/files/vsftpd.conf')
-rw-r--r--[-rwxr-xr-x] | meta-networking/recipes-daemons/vsftpd/files/vsftpd.conf | 43 |
1 files changed, 37 insertions, 6 deletions
diff --git a/meta-networking/recipes-daemons/vsftpd/files/vsftpd.conf b/meta-networking/recipes-daemons/vsftpd/files/vsftpd.conf index 08f91e048d..bb1929480d 100755..100644 --- a/meta-networking/recipes-daemons/vsftpd/files/vsftpd.conf +++ b/meta-networking/recipes-daemons/vsftpd/files/vsftpd.conf @@ -12,17 +12,17 @@ listen=YES # Allow anonymous FTP? (Beware - allowed by default if you comment this out). -anonymous_enable=YES +anonymous_enable=NO # # Uncomment this to allow local users to log in. -#local_enable=YES +local_enable=YES # # Uncomment this to enable any form of FTP write command. write_enable=YES # # Default umask for local users is 077. You may wish to change this to 022, # if your users expect that (022 is used by most other ftpd's) -#local_umask=022 +local_umask=022 # # Uncomment this to allow the anonymous FTP user to upload files. This only # has an effect if the above global write enable is activated. Also, you will @@ -54,7 +54,7 @@ connect_from_port_20=YES #xferlog_file=/var/log/vsftpd.log # # If you want, you can have your log file in standard ftpd xferlog format -#xferlog_std_format=YES +xferlog_std_format=YES # # You may change the default value for timing out an idle session. #idle_session_timeout=600 @@ -64,7 +64,7 @@ connect_from_port_20=YES # # It is recommended that you define on your system a unique user which the # ftp server can use as a totally isolated and unprivileged user. -#nopriv_user=ftpsecure +#nopriv_user=ftp # # Enable this and the server will recognise asynchronous ABOR requests. Not # recommended for security (the code is non-trivial). Not enabling it, @@ -105,4 +105,35 @@ connect_from_port_20=YES # sites. However, some broken FTP clients such as "ncftp" and "mirror" assume # the presence of the "-R" option, so there is a strong case for enabling it. #ls_recurse_enable=YES - +# +# This string is the name of the PAM service vsftpd will use. +pam_service_name=vsftpd +# +# This option is examined if userlist_enable is activated. If you set this +# setting to NO, then users will be denied login unless they are explicitly +# listed in the file specified by userlist_file. When login is denied, the +# denial is issued before the user is asked for a password. +userlist_deny=YES +# +# If enabled, vsftpd will load a list of usernames, from the filename given by +# userlist_file. If a user tries to log in using a name in this file, they +# will be denied before they are asked for a password. This may be useful in +# preventing cleartext passwords being transmitted. See also userlist_deny. +userlist_enable=YES +# +# If enabled, vsftpd will display directory listings with the time in your +# local time zone. The default is to display GMT. The times returned by the +# MDTM FTP command are also affected by this option. +use_localtime=YES +# +# If set to YES, local users will be (by default) placed in a chroot() jail in +# their home directory after login. Warning: This option has security +# implications, especially if the users have upload permission, or shell access. +# Only enable if you know what you are doing. Note that these security implications +# are not vsftpd specific. They apply to all FTP daemons which offer to put +# local users in chroot() jails. +chroot_local_user=YES +# +allow_writeable_chroot=YES +# +tcp_wrappers=YES |