NAME
vsftpd.conf - config file for vsftpd
DESCRIPTION
vsftpd.conf may be used to control various aspects of vsftpd's behaviour. By default, vsftpd looks for this file at the location /etc/vsftpd.conf. However, you may override this by specifying a command line argument to vsftpd. The command line argument is the pathname of the configuration file for vsftpd. This behaviour is useful because you may wish to use an advanced inetd such as xinetd to launch vsftpd with different configuration files on a per virtual host basis.
vsftpd.conf用来控制vsftpd的行为,默认情况下,它位于/etc/vsftpd.conf。不过,可以通过vsftpd的命令行下改变它的位置,这个特性是非常有用的,尤其是当你希望更高级的inted,例如xinetd来启动不同配置文件的vsftpd的时候,这个功能非常有用.可以使用不同的配置文件来启动基于虚拟主机的每个服务。
(注:使用xinetd可以在需要的时候才启动ftp,不过我没用过)
FORMAT
The format of vsftpd.conf is very simple. Each line is either a comment or a directive. Comment lines start with a # and are ignored. A directive line has the format:
option=value
It is important to note that it is an error to put any space between the option, = and value.
Each setting has a compiled in default which may be modified in the configuration file.
vsftpd.conf的格式很简单,每一行要么是注释,要么是一个条目。注释是以#号开头,vsftpd会忽略它们。一个条目的格式是:
option=value
必须注意的是在option、=、value之间不能用空格。
每个设置都有相应的默认值,你可以酌情修改。
BOOLEAN OPTIONS
Below is a list of boolean options. The value for a boolean option may be set to YES or NO.
以下列出的选项仅能设置为YES或者NO
allow_anon_ssl
Only applies if ssl_enable is active. If set to YES, anonymous users will be allowed to use secured SSL connections.
Default: NO
只有当ssl_enable设置为YES才生效,如果设置为YES,匿名用户将被允许以ssl连接。
默认:NO
anon_mkdir_write_enable
If set to YES, anonymous users will be permitted to create new directories under certain conditions. For this to work, the option write_enable must be activated, and the anonymous ftp user must have write permission on the parent directory.
Default: NO
如果设置为YES,匿名用户将被允许创建新的目录,以下条件必须满足:write_enable选项设置为YES;匿名用户对父目录有写权限。
默认:NO
anon_other_write_enable
If set to YES, anonymous users will be permitted to perform write operations other than upload and create directory, such as deletion and renaming. This is generally not recommended but included for completeness.
Default: NO
如果设置为YES,匿名用户将会被允许创建目录之外的写操作,例如删除、重命名,不推荐这么做,除非您完全理解此项功能。
默认:NO
anon_upload_enable
If set to YES, anonymous users will be permitted to upload files under certain conditions. For this to work, the option write_enable must be activated, and the anonymous ftp user must have write permission on desired upload locations.
Default: NO
如果设置为YES,匿名用户将被允许上传文件,以下条件必须满足:write_enable选项设置为YES;匿名用户对将要上传到的目录有写权限。
anon_world_readable_only
When enabled, anonymous users will only be allowed to download files which are world readable. This is recognising that the ftp user may own files, especially in the presence of uploads.
Default: YES
如果启用,匿名用户将仅被允许下载具有全局读权限的文件。这就意味着ftp用户可以拥有自己的文件,特别是前边提到的上传的文件。
默认:YES
anonymous_enable
Controls whether anonymous logins are permitted or not. If enabled, both the usernames ftp and anonymous are recognised as anonymous logins.
Default: YES
控制是否允许匿名用户登陆,如果启用,用户名为ftp和anonymous的用户均被视为匿名用户。
默认:YES
ascii_download_enable
When enabled, ASCII mode data transfers will be honoured on downloads.
Default: NO
启用后,下载将启用ASCII传输模式。
默认:NO
ascii_upload_enable
When enabled, ASCII mode data transfers will be honoured on uploads.
Default: NO
启用后,上传将启用ASCII传输模式
默认:NO
async_abor_enable
When enabled, a special FTP command known as "async ABOR" will be enabled. Only ill advised FTP clients will use this feature. Additionally, this feature is awkward to handle, so it is disabled by default. Unfortunately, some FTP clients will hang when cancelling a transfer unless this feature is available, so you may wish to enable it.
Default: NO
启用后,一个特殊的FTP命令“async ABOR”将被启用,只有某些特殊的FTP客户端才需要使用这一特性。另外,这个特性并不是很好控制,因此默认没有开启,但是不幸的是,如果该特性没有开启,一些FTP客户端在取消一个传输的时候会挂起,因此,您可能需要启用它。
默认:NO
background
When enabled, and vsftpd is started in "listen" mode, vsftpd will background the listener process. i.e. control will immediately be returned to the shell which launched vsftpd.
Default: NO
启用该选项,同时vsftpd是以“listen”模式启动的,则vsftpd会以background方式监听进程,也就是,控制会很快的返回给shell。
默认: NO
check_shell
Note! This option only has an effect for non-PAM builds of vsftpd. If disabled, vsftpd will not check /etc/shells for a valid user shell for local logins.
Default: YES
注意!这个选项仅仅对加了non-PAM参数编译安装的vsftpd有效,如果禁用它,vsftpd将不检查有效用户的用于本地登陆的/etc/shells。
默认:YES
chmod_enable
When enables, allows use of the SITE CHMOD command. NOTE! This only applies to local users. Anonymous users never get to use SITE CHMOD.
Default: YES
启用后,SITE CHMOD命令将被允许使用。注意!这只对本地用户有效,匿名用户从不允许使用SITE CHMOD命令。
默认: YES
chown_uploads
If enabled, all anonymously uploaded files will have the ownership changed to the user specified in the setting chown_username. This is useful from an administrative, and perhaps security, standpoint.
Default: NO
启用后,所有匿名用户上传的文件的宿主将被更改为chown_username中指定的用户,这样便于管理,特别是从安全的角度考虑。
默认: NO
chroot_list_enable
If activated, you may provide a list of local users who are placed in a chroot() jail in their home directory upon login. The meaning is slightly different if chroot_local_user is set to YES. In this case, the list becomes a list of users which are NOT to be placed in a chroot() jail. By default, the file containing this list is /etc/vsftpd.chroot_list, but you may override this with the chroot_list_file setting.
Default: NO
启用后,你需要提供一个要将其限制在它home目录的本地用户列表,如果chroot_local_user设置为YES,则意义略有不同。在这种情况下,该列表将变成不需要将其限制在它home目录的本地用户列表,默认情况下,该文件是/etc/vsftpd.chroot_list,但你可以通过chroot_list_file来更改它的位置。
默认: NO
chroot_local_user
If set to YES, local users will be (by default) placed in a chroot() jail in their home directory after login. Warning: This option has security implications, especially if the users have upload permission, or shell access. Only enable if you know what you are doing. Note that these security implications are not vsftpd specific. They apply to all FTP daemons which offer to put local users in chroot() jails.
Default: NO
如果设置为YES,本地用户在登陆后将被限制在其home目录中(也是默认情况)。警告:此选项有安全隐患,特别的是当用户拥有上传权限,或有shell访问权限时。只有当你确切的明白后果以后再启用它。注意这并不是vsftpd所特有的,所有提供将本地用户限制在home目录的FTP守护进程都存在这种隐患。
默认:NO
connect_from_port_20
This controls whether PORT style data connections use port 20 (ftp-data) on the server machine. For security reasons, some clients may insist that this is the case. Conversely, disabling this option enables vsftpd to run with slightly less privilege.
Default: NO (but the sample config file enables it)
该选项用于控制在服务器端是否使用20(ftp-data)端口来进行数据连接。基于安全的考虑,一些客户端需要这样做,相反,禁用该选项,将使vsftpd能以较小的特权运行。
默认: NO(但是在示范的配置文件中启用了该选项)
deny_email_enable
If activated, you may provide a list of anonymous password e-mail responses which cause login to be denied. By default, the file containing this list is /etc/vsftpd.banned_emails, but you may override this with the banned_email_file setting.
Default: NO
如果启用该选项,您应该提供一个禁止匿名用户作密码的EMAIL地址列表,默认情况下,这个文件是/etc/vsftpd.banned_emails,但是你可以通过banned_email_file选项来指定其他位置。
默认: NO
dirlist_enable
If set to NO, all directory list commands will give permission denied.
Default: YES
如果设置为NO,所有的列目录命令将被拒绝执行。
默认:YES
[版权声明]BSD爱好者乐园站内文章,如来源不是互联网,则均系原创或翻译之作,可随意转载,或以此为基础进行演译,但务必以链接形式注明原始出处和作者信息,否则属于侵权行为。另对本站转载他处文章,俱有说明,如有侵权请联系本人,本人将会在第一时间删除侵权文章。
TAG:
翻译