I have vsftpd setup on a Fedora 8 system. I configured the vsftpd.conf to chroot all users (not in the list). Have a user that is on the list, so he's an exception from the chroot(). I want to have him be able to ftp files into all the other users directories - including new users that are later added.
Thanks in advance!
-Rick
****Config****
# BOOLEAN options
# allow anonymous users to create directories?
anon_mkdir_write_enable=NO
# allow anonymous users to modify / delete files?
anon_other_write_enable=NO
# allow anonymous uploads?
anon_upload_enable=NO
# allow anonymous downloads of only world-readable content?
anon_world_readable_only=YES
# allow anonymous logins?
anonymous_enable=NO
# allow ascii-mode downloads?
ascii_download_enable=NO
# allow ascii-mode uploads?
ascii_upload_enable=NO
# allow async ABOR command (for buggy ftp clients)?
async_abor_enable=NO
# spawn a background process?
background=YES
# check /etc/shells (non-pam builds only)
check_shell=YES
# enable SITE CHMOD command?
chmod_enable=YES
# chown uploads?
chown_uploads=NO
# enable a list of chroot'd users?
chroot_list_enable=YES
# chroot local users?
chroot_local_user=YES
# force data ports to use port 20?
connect_from_port_20=YES
# deny anonymous logins based on email address?
deny_email_enable=NO
# enable directory listings?
dirlist_enable=YES
# enable directory messages?
dirmessage_enable=YES
# enable downloads?
download_enable=YES
# use both vsftpd and xferlog formats?
dual_log_enable=NO
# always show dot files?
force_dot_files=NO
# enable guest logins?
guest_enable=NO
# hide user / group ids?
hide_ids=NO
# run in standalone mode?
listen=YES
# listen on IPv6?
listen_ipv6=NO
# enable local logins?
local_enable=YES
# log FTP protocol debugging messages?
log_ftp_protocol=NO
# enable recursive directory listings?
ls_recurse_enable=NO
# disable password for anonymous logins?
no_anon_password=NO
# use single-process model (linux 2.4)?
one_process_model=NO
# use per-user chroot passwd file?
passwd_chroot_enable=NO
# enable PASV transfers?
pasv_enable=YES
# enable promiscuous PASV transfers (dangerous)?
pasv_promiscuous=NO
# enable PORT transfers?
port_enable=YES
# enable promiscuous PORT transfers (dangerous)?
port_promiscuous=NO
# allow anonymous access for only certain email addresses?
secure_email_list_enable=NO
# session support?
session_support=YES
# show session status information in process listing?
setproctitle_enable=NO
# log to syslog?
syslog_enable=NO
# use tcp wrappers?
tcp_wrappers=NO
# use textual names for directory owners?
text_userdb_names=NO
# use localtime (as opposed to GMT)?
use_localtime=NO
# use sendfile() to transfer?
use_sendfile=YES
# deny users based on userlist file?
userlist_deny=YES
# enable userlist?
userlist_enable=YES
# virtual users have same permissions as local users?
virtual_use_local_privs=NO
# enable uploads?
write_enable=YES
# enable logging?
xferlog_enable=YES
# write logs in standard format?
xferlog_std_format=YES
# NUMERIC options
# maximum timeout in seconds for PASV transfers
accept_timeout=60
# maximum transfer rate in seconds for anonymous connections (0 = unlimited)
anon_max_rate=0
# umask for anonymous file creation
anon_umask=077
# connetion timeout in seconds for PORT transfers
connect_timeout=60
# timeout on stalled transfers
data_connection_timeout=300
# uploaded file permissions (before umask)
file_open_mode=0666
# port to use for ftp data
ftp_data_port=20
# idle session timeout
idle_session_timeout=300
# port to listen on
listen_port=21
# maximum transfer rate for local users
local_max_rate=0
# umask for local users
local_umask=022
# maximum number of connections
max_clients=0
# maximum number of connections per client IP address
max_per_ip=0
# PASV maximum port # (0=use any)
pasv_max_port=0
# PASV minimum port # (0=use any)
pasv_min_port=0
# transfer chunk size (0 = pick automatically, 8192 may be a decent default)
trans_chunk_size=0
# STRING options
# directory to change into
# anon_root=
# banned email file (see deny_email_enable)
banned_email_file=/etc/vsftpd.banned_emails
# banner file (overrides ftp_banner option)
# banner_file=
# username to make uploads owned by
chown_username=ftp
# list of users to chroot (see chroot_list_enable) -- negated if chroot_local_user=YES
chroot_list_file=/etc/vsftpd.chroot_list
# comma-separated list of commands to allow
# cmds_allowed=
# deny file - list of files which should not be allowed
# deny_file=
# email password file (see secure_email_list_enable)
email_password_file=/etc/vsftpd.email_passwords
# ftp username
ftp_username=ftp
# greeting to display on login
ftpd_banner=Welcome to the Rackwise FTP server! For site issues, please contact Rackwise Support at
Support@Rackwise.com
# guest user name (see guest_enable)
guest_username=ftp
# pattern of files to hide
# hide_file=
# default address to listen on (default is all)
# listen_address=
# default address to listen on for ipv6 (default is all)
# listen_address6=
# directory to change into after local login
# local_root=
# message file to display on directory listings (see dirmessage_enable)
message_file=.message
# non-priviledged user
nopriv_user=nobody
# pam service name
pam_service_name=vsftpd
# PASV address (default is auto)
# pasv_address=
# secure chroot dir - should be an empty directory
secure_chroot_dir=/usr/share/empty
# user config dir - allows override of config options on per-user basis
# user_config_dir=
# user_sub_token - used to generate home directory for virtual users
# user_sub_token=
# userlist file - used for specifying allowed / denied users (see userlist_enable)
userlist_file=/etc/vsftpd.ftpusers
# vsftp format log file (used if xferlog_enable is set, and xferlog_std_format is not)
# vsftpd_log_file=/var/log/vsftpd.log
# standard format log file
xferlog_file=/var/log/vsftpd.log