proftpd/proftpd.conf@a6cd892638c1 (annotated)
proftpd/proftpd.conf
Sat, 03 Oct 2009 16:18:52 +0200
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Sat, 03 Oct 2009 16:18:52 +0200
- changeset 220
- a6cd892638c1
- permissions
- -rw-r--r--
Update version, adjust corresponding buildconf, and correct logic.
1: Make minor corrections and improvements to scripts patch logic.
2: Upgrade to most recent stable release version 3.0.2.
3: Force selection of a single db backend, as multiple ones never
were supported (changing 'with_db<end>' identifiers accordingly.)
4: Unfortunately add gawk requirement although only partly needed.
5: Add openssl::with_threads requirement to solve strange and hard
to debug problems on Solaris leading to connection failures:
'host-dir JobId 0: Error: openssl.c:86 Connect failure: ERR=error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number'
and
'host-dir JobId 40: Fatal error: TLS negotiation failed with FD at "back1.host.com:9102"'
| michael@182 | 1 | ## |
| michael@182 | 2 | ## proftpd.conf -- ProFTPD Configuration |
| michael@182 | 3 | ## |
| michael@182 | 4 | |
| michael@182 | 5 | ServerType standalone |
| michael@182 | 6 | DefaultServer off |
| michael@182 | 7 | SocketBindTight on |
| michael@182 | 8 | Port none |
| michael@182 | 9 | |
| michael@182 | 10 | MaxInstances 40 |
| michael@182 | 11 | User @l_nusr@ |
| michael@182 | 12 | Group @l_ngrp@ |
| michael@182 | 13 | Umask 022 022 |
| michael@182 | 14 | |
| michael@182 | 15 | UseReverseDNS off |
| michael@182 | 16 | MultilineRFC2228 on |
| michael@182 | 17 | ShowSymlinks on |
| michael@182 | 18 | AllowOverwrite on |
| michael@182 | 19 | MaxLoginAttempts 2 |
| michael@182 | 20 | RequireValidShell yes |
| michael@182 | 21 | ListOptions "-l" |
| michael@182 | 22 | |
| michael@182 | 23 | @l_pam@AuthPAM on |
| michael@182 | 24 | @l_pam@AuthPAMConfig proftpd |
| michael@182 | 25 | @l_pam@AuthPAMAuthoritative off |
| michael@182 | 26 | #PersistentPasswd off |
| michael@182 | 27 | |
| michael@182 | 28 | CommandBufferSize 1023 |
| michael@182 | 29 | TimeoutLogin 120 |
| michael@182 | 30 | TimeoutNoTransfer 600 |
| michael@182 | 31 | TimeoutStalled 600 |
| michael@182 | 32 | TimeoutIdle 1200 |
| michael@182 | 33 | |
| michael@182 | 34 | LogFormat default "%h %l %u %t \"%r\" %s %b" |
| michael@182 | 35 | LogFormat auth "%v [%P] %h %t \"%r\" %s" |
| michael@182 | 36 | LogFormat write "%h %l %u %t \"%r\" %s %b" |
| michael@182 | 37 | SystemLog @l_prefix@/var/proftpd/proftpd.system.log |
| michael@182 | 38 | ScoreboardFile @l_prefix@/var/proftpd/proftpd.scoreboard |
| michael@182 | 39 | |
| michael@182 | 40 | <Global> |
| michael@182 | 41 | ExtendedLog @l_prefix@/var/proftpd/proftpd.access.log WRITE,READ write |
| michael@182 | 42 | ExtendedLog @l_prefix@/var/proftpd/proftpd.auth.log AUTH auth |
| michael@182 | 43 | TransferLog @l_prefix@/var/proftpd/proftpd.xfer.log |
| michael@182 | 44 | IdentLookups off |
| michael@182 | 45 | DeferWelcome off |
| michael@182 | 46 | DisplayGoAway @l_prefix@/etc/proftpd/proftpd.msg.goaway |
| michael@182 | 47 | DisplayLogin @l_prefix@/etc/proftpd/proftpd.msg.login |
| michael@182 | 48 | DisplayChdir .message true |
| michael@182 | 49 | DisplayReadme README* |
| michael@182 | 50 | WTmpLog off |
| michael@182 | 51 | </Global> |
| michael@182 | 52 | |
| michael@182 | 53 | <Directory /*> |
| michael@182 | 54 | AllowOverwrite on |
| michael@182 | 55 | </Directory> |
| michael@182 | 56 | |
| michael@182 | 57 | # sample virtual Anonymous-FTP only server |
| michael@182 | 58 | <VirtualHost 127.0.0.1> |
| michael@182 | 59 | Port 21 |
| michael@182 | 60 | PassivePorts 49152 65535 |
| michael@182 | 61 | ServerIdent on "localhost FTP Server (ProFTPD) ready." |
| michael@182 | 62 | ServerAdmin root@localhost |
| michael@182 | 63 | MaxClients 20 |
| michael@182 | 64 | |
| michael@182 | 65 | # allow anonymous logins only |
| michael@182 | 66 | <Limit LOGIN> |
| michael@182 | 67 | DenyAll |
| michael@182 | 68 | </Limit> |
| michael@182 | 69 | |
| michael@182 | 70 | # Anonymous-FTP |
| michael@182 | 71 | <Anonymous @l_prefix@/share/proftpd> |
| michael@182 | 72 | User @l_nusr@ |
| michael@182 | 73 | Group @l_ngrp@ |
| michael@182 | 74 | UserAlias anonymous @l_nusr@ |
| michael@182 | 75 | UserAlias ftp @l_nusr@ |
| michael@182 | 76 | RootLogin off |
| michael@182 | 77 | UseFtpUsers off |
| michael@182 | 78 | MaxClients 10 "Sorry, max %m users allowed -- try again later, please." |
| michael@182 | 79 | RequireValidShell off |
| michael@182 | 80 | DisplayGoAway /.msg.goaway |
| michael@182 | 81 | DisplayLogin /.msg.login |
| michael@182 | 82 | <Limit LOGIN> |
| michael@182 | 83 | AllowAll |
| michael@182 | 84 | </Limit> |
| michael@182 | 85 | <Limit WRITE> |
| michael@182 | 86 | DenyAll |
| michael@182 | 87 | </Limit> |
| michael@182 | 88 | <Limit READ DIRS> |
| michael@182 | 89 | IgnoreHidden on |
| michael@182 | 90 | </Limit> |
| michael@182 | 91 | # optionally allow uploads to a particular directory |
| michael@182 | 92 | #<Directory incoming/*> |
| michael@182 | 93 | # <Limit STOR> |
| michael@182 | 94 | # AllowAll |
| michael@182 | 95 | # </Limit> |
| michael@182 | 96 | # <Limit WRITE DIRS READ> |
| michael@182 | 97 | # DenyAll |
| michael@182 | 98 | # </Limit> |
| michael@182 | 99 | # <Limit CWD XCWD CDUP> |
| michael@182 | 100 | # AllowAll |
| michael@182 | 101 | # </Limit> |
| michael@182 | 102 | #</Directory> |
| michael@182 | 103 | </Anonymous> |
| michael@182 | 104 | </VirtualHost> |
| michael@182 | 105 |
