Polskie Forum Użytkowników Debiana

Polski portal użytkowników dystrybucji Debian GNU/Linux, dyskusje, artykuły, nowości, blog, porady, pomoc.
https://www.debian.pl/

proftpd - zablokowanie usera w katalogu

https://www.debian.pl/viewtopic.php?t=1823

Strona 1 z 1

proftpd - zablokowanie usera w katalogu

: 09 maja 2007, 21:24
autor: djsolar
w slacku dzialalo mi

Kod: Zaznacz cały

DefaultRoot ~
w ETCH niestety nie chce jakos....

a nie chce aby userzy "lazili" mi po calym ssystemie

Re: proftpd - zablokowanie usera w katalogu

: 10 maja 2007, 09:34
autor: Hunt
a przed Default Root ~ masz zapis
DenyFilter \*.*/
??

: 10 maja 2007, 10:13
autor: djsolar

Kod: Zaznacz cały

# This is a basic ProFTPD configuration file.
# It establishes a single server and a single anonymous login.
# It assumes that you have a user/group "nobody" and "ftp"
# for normal/anonymous operation.

ServerName                      "FTP Server "

ServerType                      standalone
#ServerType                     inetd
DefaultServer                   on
DefaultRoot                     ~
#DisplayConnect                  /etc/proftpd/message.net
# Port 21 is the standard FTP port.
Port                            21
# Umask 022 is a good standard umask to prevent new dirs and files
# from being group and world writable.
Umask                           022

# To prevent DoS attacks, set the maximum number of child processes
# to 30.  If you need to allow more than 30 concurrent connections
# at once, simply increase this value.  Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances                    30

# Set the user and group that the server normally runs at.
User                            nobody
Group                           nogroup

# This next option is required for NIS or NIS+ to work properly:
#PersistentPasswd off

SystemLog                       /var/log/proftpd.log
TransferLog                     /var/log/xferlog

# Normally, we want files to be overwriteable.
<Directory /*>
  AllowOverwrite                on

TransferRate RETR 500000:0

TransferRate STOR 500000:0

TransferRate STOU 500000:0

TransferRate APPE 500000:0


</Directory>

# A basic anonymous FTP server configuration.
# To enable this, remove the user ftp from /etc/ftpusers.
<Anonymous ~ftp>
  RequireValidShell             off
  User                          ftp
  Group                         ftp
  # We want clients to be able to login with "anonymous" as well as "ftp"
  UserAlias                     anonymous ftp

  # Limit the maximum number of anonymous logins
  MaxClients                    10

  # We want 'welcome.msg' displayed at login, and '.message' displayed
  # in each newly chdired directory.
  DisplayLogin                  welcome.msg
  DisplayFirstChdir             .message

  # Limit WRITE everywhere in the anonymous chroot
  <Limit WRITE>
    DenyAll
  </Limit>

  # An upload directory that allows storing files but not retrieving
  # or creating directories.
#  <Directory incoming/*>
#    <Limit READ>
#      DenyAll
#    </Limit>
#
#    <Limit STOR>
#      AllowAll
#    </Limit>
#  </Directory>

</Anonymous>

: 11 maja 2007, 19:48
autor: chyl-o
czy masz załadowany moduł mod_auth?

: 29 lipca 2007, 10:38
autor: kat
Nie prościj zajnstalować vsftpd, mały lekki i bezpieczny
chroot_local_user=YES
Strefa czasowa UTC+01:00
Strona 1 z 1

Technologię dostarcza phpBB® Forum Software © phpBB Limited

Polski pakiet językowy dostarcza phpBB.pl