Show Table of Contents
21.2.2.6.4. Local-User Options
The following lists directives that characterize the way local users access the server. To use these options, the
local_enable directive must be set to YES. Note that the SELinux ftp_home_dir Boolean option needs to be set for users to be able to access their home directories. See Section 21.2.2.4, “SELinux Policy for vsftpd” and to ftpd_selinux(8) for more information on vsftpd's interaction with the default SELinux policy.
chmod_enable— When enabled, theFTPcommandSITE CHMODis allowed for local users. This command allows the users to change the permissions on files.The default value isYES.chroot_list_enable— When enabled, the local users listed in the file specified in thechroot_list_filedirective are placed in achrootjail upon log in.If enabled in conjunction with thechroot_local_userdirective, the local users listed in the file specified in thechroot_list_filedirective are not placed in achrootjail upon log in.The default value isNO.chroot_list_file— Specifies the file containing a list of local users referenced when thechroot_list_enabledirective is set toYES.The default value is/etc/vsftpd/chroot_listchroot_local_user— When enabled, local users are change-rooted to their home directories after logging in.The default value isNO.Warning
Enablingchroot_local_useropens up a number of security issues, especially for users with upload privileges. For this reason, it is not recommended.guest_enable— When enabled, all non-anonymous users are logged in as the userguest, which is the local user specified in theguest_usernamedirective.The default value isNO.guest_username— Specifies the user name theguestuser is mapped to.The default value isftplocal_root— Specifies the directoryvsftpdchanges to after a local user logs in.There is no default value for this directive.local_umask— Specifies the umask value for file creation. Note that the default value is in octal form (a numerical system with a base of eight), which includes a “0” prefix. Otherwise, the value is treated as a base-10 integer.The default value is077. On Red Hat Enterprise Linux 6, this option is set to022in the configuration file.passwd_chroot_enable— When enabled in conjunction with thechroot_local_userdirective,vsftpdchange-roots local users based on the occurrence of/./in the home-directory field within/etc/passwd.The default value isNO.user_config_dir— Specifies the path to a directory containing configuration files bearing the names of local system users that contain specific settings for those users. Any directive in a user's configuration file overrides those found in/etc/vsftpd/vsftpd.conf.There is no default value for this directive.
Where did the comment section go?
Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.