userlist_enable in vsftpd.conf
hi,
i am having problem with "/etc/vsftpd/vsftpd.conf" the rule in file(/etc/vsftpd/user_list) says that if "userlist_enable=NO" is set in vsftpd.conf then only users which are listed in "/etc/vsftpd/user_list" are allowed to login or see content with ls but i have three users a1 a2 a3 but even though a1 is listed in /etc/vsftpd/user_list file with "userlist_enable=NO" is set in vsftpd.conf ; even a2 a3 allowed to login and see content with ls cmd, plz tell me what's the problem. |
I think your understanding is incorrect.
As far as I'm aware, if your set userlist_enable=YES; then vsftpd will DENY access to any users in your userlist_file. The fact that you have userlist_enable=NO means that vsftpd isn't even looking at your userlist file. |
Quote:
Quote:
|
Thanks! I could solved the problem after entering
"userlist_deny=NO" I thought it's there in vsftpd.conf file only and we just need to enter YES or NO . BUT # vsftpd userlist # If userlist_deny=NO, only allow users in this file # If userlist_deny=YES (default), never allow users in this file, and # do not even prompt for a password. # Note that the default vsftpd pam config also checks /etc/vsftpd/ftpusers # for users that are denied. a4 a3 a2 root ----------- BUT WHEN MADE BOTH userlist_deny=YES and userlist_enable=YES and added few users in userlist file but it still asking them a password though ls(any command) is not working there. WHAT'S THE REASON? |
Please read this: http://www.redhat.com/docs/en-US/Red...opt-login.html
Basically these 2 options (userlist_deny and userlist_enable) work in conjunction with each other. Thus if you're setting userlist_deny=YES and userlist_enable=YES, it means that: 1. All users will be denied access, unless they are found in the userlist_file 2. What you're saying about it asking for a password makes no sense - it should not do that. Users should get an immediate permission denied. |
Quote:
From my last post: Quote:
|
Quote:
Hi, Take care about FTP users need to have a shell account on the system, instead of a nologin shell (case of vsftpd). ALERT: Providing all users with a shell may not be ideal for some environments, such as a shared web host. Then for allow users with a shell (like /usr/bin/bash) access to FTP, but have no shell access, edit /etc/shells adding the shell (bash). This is necessary because, by default vsftpd uses PAM for authentication; the shells PAM module restricts access to shells listed in the /etc/shells file |
Quote:
|
All times are GMT -5. The time now is 12:25 AM. |