VSFTP Virtual User Configuration
I have seen many posts regarding per user configuration for virtual users. One of the most important fact regarding this is the file ownership. Per user configuration files are only read if the files are owned by root. I was not able to find this documented anywhere however while reading through code, it is clear that per user settings are ignored unless per user configuration files are owned by root.
In order for virtual user configuration of vsftpd to take effect, here is what you need:
* user_config_dir=/etc/vsftpd/users
* one file per user with filename identical to the username, so for example, if you want a user janedoe to login and have personalized settings for her, create file /etc/vsftpd/users/janedoe
* do chown root.root /etc/vsftpd/ -R
* /etc/vsftpd/users/janedoe, you can do stuff like:
anon_mkdir_write_enable=NO
anon_other_write_enable=NO
anon_upload_enable=NO
dirlist_enable=YES
download_enable=YES
local_root=/www/janedoe
write_enable=YES
For simplicity sake, I am posting a complete working configuration:
anonymous_enable=NO
local_enable=YES
write_enable=YES
anon_upload_enable=NO
anon_mkdir_write_enable=NO
anon_other_write_enable=NO
chroot_local_user=YES
guest_enable=YES
guest_username=ftp
listen=YES
background=NO
listen_port=21
pasv_min_port=30000
pasv_max_port=44444
### Custom Configuration ###
user_config_dir=/etc/vsftpd/users
dirlist_enable=YES
download_enable=YES
connect_from_port_20=YES
hide_ids=NO
use_localtime=YES
virtual_use_local_privs=YES
xferlog_enable=YES
async_abor_enable=YES
local_umask=022
port_enable=YES
port_promiscuous=NO
setproctitle_enable=YES
anon_max_rate=1
max_per_ip=6
max_clients=6
Last edited by vsftpd_virtual_conf; 02-12-2006 at 07:27 PM.
|