[nycbug-talk] Anonymous ftp upload questions
Marco Scoffier
marco
Mon Aug 22 13:05:59 EDT 2005
On Mon, Aug 22, 2005 at 12:49:14PM -0400, michael wrote:
>I wouldn't call it voodoo <grin>. I had set up email (courier-imap,
>postfix) to hold user auth, so, I figured.. why not ftp?. I was
>constrained to MySQL.
>
>xinetd takes the call on port 20 and routes them to vsftpd and its conf
>file. On logon, pam gets the auth request. /etc/pam.d/ftp has the
>entries to look up the users in the db rather than system accounts.
>
>vsftpd has a vsftp_user_conf directive that contains a directory and for
>each user if you want user-specific confs, which is nice.
>
>Sample conf called by xinetd:
>
> ->grep ^[^#] /usr/local/etc/vsftpd/vsftpd.conf
>anonymous_enable=NO
>local_enable=YES
>write_enable=YES
>anon_upload_enable=NO
>anon_mkdir_write_enable=NO
>dirmessage_enable=YES
>connect_from_port_20=YES
>xferlog_enable=YES
>xferlog_file=/usr/local/var/log/vsftpd.log
>banner_file=/usr/local/etc/vsftpd/vsftpd.banner_file
>secure_chroot_dir=/usr/local/share/vsftpd/empty
>chroot_local_user=YES
>user_config_dir=/usr/local/etc/vsftpd/vsftpd_user_conf
>
>
Thanks for the detailed tips.
I'll be working on my PAM foo. I need to get better working with
heavily multi user environments (more that setting up groups properly).
Thanks,
--
Marco
More information about the talk
mailing list