IDC资讯中心
proftpd.conf如何改?我要限制不同ftp user在他自己目录读写,其他目录不可读写.请帮一把巴!!请看一下这个配置文件错在那里:(ftp user and ftp group有了,控制目录是 /app/ftpdir 允许目录是 /app/ftpdir/pearl )
#
# virtual hosting server configuration
# for frontier internet services limited
# (http://www.000.com/)
#
servername “master webserver”
#
# spawn from inetd?
#
#servertype inetd
#
# or maybe a standalone server…
#
servertype standalone
#
# dont give the server banner until _after_ authentication
#
deferwelcome off
#
# some basic defaults
#
port 21
umask 002
timeoutlogin 120
timeoutidle 600
timeoutnotransfer 900
timeoutstalled 3600
#
# no, i dont think well run as root!
#
user ftp
group ftp
# we want clients to be able to login with “anonymous” as well as “ftp”
useralias anonymous ftp
requirevalidshell no
#
# this is a non-customer usable name, (ie they should be connecting via www.{domain})
# not hostname. therefore lets dump them in a dummy account and wait for them to
# scream.
#
defaultroot /app/ftpdir/
#
# performance, lets do dns resolution when we process the logs…
#
usereversedns off
#
# where do we put the pid files?
#
#scoreboardpath /var/run/proftpd
#
# logging options
#
#transferlog /var/spool/syslog/proftpd/xferlog.legacy
#
# some logging formats
#
#logformat default “%h %l %u %t “%r” %s %b”
#logformat auth “%v [%p] %h %t “%r” %s”
#logformat write “%h %l %u %t “%r” %s %b”
#
# global settings
#
displaylogin welcome.msg
displayfirstchdir readme
#
# having to delete before uploading is a pain 😉
#
allowoverwrite yes
#
# turn off ident lookups
#
identlookups off
#
# logging
#
# file/dir access
#
# extendedlog /var/spool/syslog/proftpd/access.log write,read write
#
#
# record all logins
#
# extendedlog /var/spool/syslog/proftpd/auth.log auth auth
#
# paranoia logging level….
#
##extendedlog /var/spool/syslog/proftpd/paranoid.log all default
#
# deny writing to the base server…
#
denyall
# ——————————————–
# virtual servers start here….
#
# (note: this is normally auto generated by a
# script written in house).
# ——————————————–
#
# ewftp.ewserver.com.
# this is the default server
# gets all the connections for www.{customer.domain},
#
serveradmin admin@ewserver.com
servername “ewmaster ftpserver”
maxloginattempts 2
requirevalidshell no
# transferlog /var/spool/syslog/proftpd/xferlog.www
maxclients 50
defaultserver on
#defaultroot ~ !staff
defaultroot /app/ftpdir
allowoverwrite yes
#
# no quickly do we kick someone out
#
timeoutlogin 120
timeoutidle 600
timeoutnotransfer 900
denyall
user ftp
group ftp
useralias anonymous ftp
allowall
denyall
# ——————————————–
# ——————————————–
#
# block them from doing anything other than reading…
#
#
allowall
floatboat told me this below,but didnt work:
修改proftpd.conf,添加defaultroot ~ groupname
其中groupname为用户组的名,如添加一个新的用户username,和一个新的组groupname,要将username限制在其主目录内只需要添加上面所说的那条语句到proftpd.conf中即可。切记修改完之后要重新启动proftpd
