source: titan/oealliance/etc/vsftpd.conf @ 40393

Last change on this file since 40393 was 40393, checked in by obi, 7 years ago

add oealliance start scripts

File size: 5.6 KB
Line 
1# Example config file /etc/vsftpd.conf
2#
3# The default compiled in settings are fairly paranoid. This sample file
4# loosens things up a bit, to make the ftp daemon more usable.
5# Please see vsftpd.conf.5 for all compiled in defaults.
6#
7# READ THIS: This example file is NOT an exhaustive list of vsftpd options.
8# Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
9# capabilities.
10
11# run standalone
12listen=NO
13listen_ipv6=NO
14
15# No PAM sessions to save resources
16session_support=NO
17
18# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
19anonymous_enable=NO
20#
21# Uncomment this to allow local users to log in.
22local_enable=YES
23#
24# Uncomment this to enable any form of FTP write command.
25write_enable=YES
26#
27# Default umask for local users is 077. You may wish to change this to 022,
28# if your users expect that (022 is used by most other ftpd's)
29local_umask=022
30#
31# Uncomment this to allow the anonymous FTP user to upload files. This only
32# has an effect if the above global write enable is activated. Also, you will
33# obviously need to create a directory writable by the FTP user.
34#anon_upload_enable=YES
35#
36# Uncomment this if you want the anonymous FTP user to be able to create
37# new directories.
38#anon_mkdir_write_enable=YES
39#
40# Activate directory messages - messages given to remote users when they
41# go into a certain directory.
42dirmessage_enable=YES
43#
44# Activate logging of uploads/downloads.
45xferlog_enable=NO
46#
47# Make sure PORT transfer connections originate from port 20 (ftp-data).
48connect_from_port_20=NO
49#
50# If you want, you can arrange for uploaded anonymous files to be owned by
51# a different user. Note! Using "root" for uploaded files is not
52# recommended!
53#chown_uploads=YES
54#chown_username=whoever
55#
56# You may override where the log file goes if you like. The default is shown
57# below.
58#xferlog_file=/var/log/vsftpd.log
59#
60# If you want, you can have your log file in standard ftpd xferlog format
61xferlog_std_format=YES
62#
63# You may change the default value for timing out an idle session.
64#idle_session_timeout=600
65#
66# You may change the default value for timing out a data connection.
67#data_connection_timeout=120
68#
69# It is recommended that you define on your system a unique user which the
70# ftp server can use as a totally isolated and unprivileged user.
71#nopriv_user=ftp
72#
73# Enable this and the server will recognise asynchronous ABOR requests. Not
74# recommended for security (the code is non-trivial). Not enabling it,
75# however, may confuse older FTP clients.
76#async_abor_enable=YES
77#
78# By default the server will pretend to allow ASCII mode but in fact ignore
79# the request. Turn on the below options to have the server actually do ASCII
80# mangling on files when in ASCII mode.
81# Beware that turning on ascii_download_enable enables malicious remote parties
82# to consume your I/O resources, by issuing the command "SIZE /big/file" in
83# ASCII mode.
84# These ASCII options are split into upload and download because you may wish
85# to enable ASCII uploads (to prevent uploaded scripts etc. from breaking),
86# without the DoS risk of SIZE and ASCII downloads. ASCII mangling should be
87# on the client anyway..
88#ascii_upload_enable=YES
89#ascii_download_enable=YES
90#
91# You may fully customise the login banner string:
92#ftpd_banner=Welcome to blah FTP service.
93#
94# You may specify a file of disallowed anonymous e-mail addresses. Apparently
95# useful for combatting certain DoS attacks.
96#deny_email_enable=YES
97# (default follows)
98#banned_email_file=/etc/vsftpd.banned_emails
99#
100# You may specify an explicit list of local users to chroot() to their home
101# directory. If chroot_local_user is YES, then this list becomes a list of
102# users to NOT chroot().
103chroot_list_enable=YES
104# (default follows)
105chroot_list_file=/etc/vsftpd.chroot_list
106#
107# You may activate the "-R" option to the builtin ls. This is disabled by
108# default to avoid remote users being able to cause excessive I/O on large
109# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
110# the presence of the "-R" option, so there is a strong case for enabling it.
111#ls_recurse_enable=YES
112#
113# This string is the name of the PAM service vsftpd will use.
114pam_service_name=vsftpd
115#
116# This option is examined if userlist_enable is activated. If you set this
117# setting to NO, then users will be denied login  unless  they are  explicitly
118# listed  in the file specified by userlist_file.  When login is denied, the
119# denial is issued before the user is asked for a password.
120userlist_deny=YES
121#
122# If enabled, vsftpd will load a list of usernames, from the filename given by
123# userlist_file.  If a user tries to log in using  a  name in  this  file,  they
124# will be denied before they are asked for a password. This may be useful in
125# preventing cleartext passwords being transmitted. See also userlist_deny.
126userlist_enable=NO
127#
128# If enabled,  vsftpd  will display directory listings with the time in your
129# local time zone. The default is to display GMT. The times returned by the
130# MDTM FTP command are also affected by this option.
131use_localtime=YES
132#
133# If set to YES, local users will be (by default) placed in a chroot() jail in
134# their home directory after login.  Warning: This  option has  security 
135# implications,  especially  if  the users have upload permission, or shell access.
136# Only enable if you know what you are doing.  Note that these security implications
137# are not vsftpd specific. They apply to all FTP daemons which offer to put
138# local  users in chroot() jails.
139chroot_local_user=YES
140#
141allow_writeable_chroot=YES
142#
143tcp_wrappers=NO
144
145# Enable FXP
146pasv_promiscuous=YES
147port_promiscuous=YES
148
149# Allow users w/o shell access
150check_shell=NO
151
152# Start directory for non-chrooted users
153local_root=/tmp
Note: See TracBrowser for help on using the repository browser.