2011年(489)
分类:
2011-09-03 22:43:53
声明:本文档是我自己试着翻译的,难免会有错误,请高人指正,请勿以这里的翻译为准。
接上续……..
布尔型选项和值(1)
download_enable
If set to NO, all download requests will give permission denied.
Default: YES
download_enble
如果设置为NO,所有的用户禁止下载
默认:YES
dual_log_enable
If enabled, two log files are generated in parallel, going by
default to /var/log/xferlog and /var/log/vsftpd.log. The former
is a wu-ftpd style transfer log, parseable by standard tools.
The latter is vsftpd’s own style log.
Default: NO
dual_log_enable
如果启用,会产生两个日志文件/var/log/xferlog,var/log/vsftpd.conf .格式是标准的参数,是wu-ftpd的格式,后来也成了vsftpd自己的类型日志了
force_dot_files
If activated, files and directories starting with . will be
shown in directory listings even if the "a" flag was not used by
the client. This override excludes the "." and ".." entries.
Default: NO
force_dot_files
如果激活,在客户端输入ls –l命令也可以显示出带“.”的文件和目录,但是默认的“.”和“..”除外
默认:NO
force_anon_data_ssl
Only applies if ssl_enable is activated. If activated, all
anonymous logins are forced to use a secure SSL connection in
order to send and receive data on data connections.
Default: NO
force_anon_data_ssl
条件是ssl_enable必须被激活,如果被激活,那么所有的匿名账户在发送和接受数据的时候被强迫时候SSL通道来连接数据端口
默认:NO
force_anon_logins_ssl
Only applies if ssl_enable is activated. If activated, all
anonymous logins are forced to use a secure SSL connection in
order to send the password.
Default: NO
force_anon_logins_ssl
条件是ssl_enable必须被激活,如果被激活,所有的匿名用户被迫使用一个安全的连接
默认:NO
force_local_data_ssl
Only applies if ssl_enable is activated. If activated, all non-
anonymous logins are forced to use a secure SSL connection in
order to send and receive data on data connections.
Default: YES
force_local_data_ssl
条件是ssl_enable必须被激活,如果被激活,所有的非匿名账户都使用安全的连接来接受和发送数据
默认:YES
force_local_logins_ssl
Only applies if ssl_enable is activated. If activated, all non-
anonymous logins are forced to use a secure SSL connection in
order to send the password.
Default: YES
force_local_logins_ssl
条件是ssl_enable必须被激活,如果被激活,所有的非匿名用户被迫使用一个安全的连接
guest_enable
If enabled, all non-anonymous logins are classed as "guest"
logins. A guest login is remapped to the user specified in the
guest_username setting.
Default: NO
guest_enable
如果被启用,所有的非匿名账户登录被归类于“guest”类型,一个guest类型的账号登陆,映射指定的用户,在字段guest_username里进行设置
默认:NO
( 一般虚拟用户要启用这两个字段)
hide_ids
If enabled, all user and group information in directory listings
will be displayed as "ftp".
Default: NO
hide_ids
如果被启用,当登录到ftp服务器的时候,用户看到的uid,gid是全是ftp
默认:NO
listen
If enabled, vsftpd will run in standalone mode. This means that
vsftpd must not be run from an inetd of some kind. Instead, the
vsftpd executable is run once directly. vsftpd itself will then
take care of listening for and handling incoming connections.
Default: NO
listen
如果被启用,vftpd服务器将运行独立模式,这就意味着vsftpd服务不运行xinetd服务进程,相反地,vsftpd进程就直接一次性运行,vsftpd本身自己将监听和处理到来的连接
默认:NO
listen_ipv6
Like the listen parameter, except vsftpd will listen on an IPv6
socket instead of an IPv4 one. This parameter and the listen
parameter are mutually exclusive.
Default: NO
listen_ipv6
监听ipv6的网段地址,与ipv4是一样的意思
local_enable
Controls whether local logins are permitted or not. If enabled,
normal user accounts in /etc/passwd (or wherever your PAM config
references) may be used to log in. This must be enable for any
non-anonymous login to work, including virtual users.
Default: NO
local_enable
控制是否允许本地访问,如果启用,在/etc/passwd (或者是通过PAM验证的)账号将被允许登录服务器,任何非匿名用户,包括虚拟用户要被使用,必须开启这个选项
默认:NO
lock_upload_files
When enabled, all uploads proceed with a write lock on the
upload file. All downloads proceed with a shared read lock on
the download file. WARNING! Before enabling this, be aware that
malicious readers could starve a writer wanting to e.g. append a
file.
Default: NO
lock_upload_files
当启用这项的时候,对所有上传文件的处理是在上传文件里带了一把写锁,对所有下载的文件的处理是在下载的文件里共享一把只读锁,警告!启用之前,意识到一些恶意的读者饥饿般地想要写入,比如,增加一个文件
默认:NO
log_ftp_protocol
When enabled, all FTP requests and responses are logged, provid-
ing the option xferlog_std_format is not enabled. Useful for
debugging.
Default: NO
log_ftp_protocol
当启用的时候,所有的ftp请求和响应都被记录,但是字段xferlog_std_format必须被禁用,一般是调试的时候使用
默认:NO
ls_recurse_enable
When enabled, this setting will allow the use of "ls -R". This
is a minor security risk, because a ls -R at the top level of a
large site may consume a lot of resources.
Default: NO
ls_recure_enable
当被启用的时候,将被允许使用ls -R这个命令,有一定的安全风险,因为在一些大的站点的顶层目录下使用ls -R ,会消耗很多的资源
默认:NO
mdtm_write
When enabled, this setting will allow MDTM to set file modifica-
tion times (subject to the usual access checks).
Default: YES
mdtm_write
但启用的时候,将允许使用MDTM设置文件的修改次数(通常访问检查限制)
默认:YES
no_anon_password
When enabled, this prevents vsftpd from asking for an anonymous
password - the anonymous user will log straight in.
Default: NO
no_anon_passwd
当启用的时候,匿名用户登录的时候不需要出现密码提示符就直接登录到ftp服务器
默认:NO
no_log_lock
When enabled, this prevents vsftpd from taking a file lock when
writing to log files. This option should generally not be
enabled. It exists to workaround operating system bugs such as
the Solaris / Veritas filesystem combination which has been
observed to sometimes exhibit hangs trying to lock log files.
Default: NO
no_log_lock
当启用的时候,在写入日志的时候,将阻止文件锁定,这个选项一般不启用,
它存在的理由是像solaris /veritas 文件系统共存的情况下,有个时候,文件
被挂起的时候就尝试锁定文件
默认:NO
one_process_model
If you have a Linux 2.4 kernel, it is possible to use a differ-
ent security model which only uses one process per connection.
It is a less pure security model, but gains you performance. You
really don’t want to enable this unless you know what you are
doing, and your site supports huge numbers of simultaneously
connected users.
Default: NO
one_process_model
如果是linux 2.4的内核,它很可能使用一个不一样安全模式,那就是用户的
每个连接只有一个进程,它是很少的安全模式,但是获取了性能的优越,除
非你想这么做,或你的站点支持大量的并发连接用户。
默认:NO
(现在时2.6内核了,不需要了,NO掉吧)
passwd_chroot_enable
If enabled, along with chroot_local_user , then a chroot() jail
location may be specified on a per-user basis. Each user’t jail
is derived from their home directory string in /etc/passwd. The
occurrence of /./ in the home directory string denotes that the
jail is at that particular location in the path.
Default: NO
passwd_chroot_enable
如果被启用,配合字段chroot_local_user使用,然后一个禁锢的位置也许是
在每个用户的基础上被指定的,每个用户的禁锢是源于来自/etc/passwd 字
符串的用户家目录,在家目录中出现/./符号是指被禁锢在一个特殊的位置
默认:NO
pasv_addr_resolve
Set to YES if you want to use a hostname (as opposed to IP
address) in the pasv_address option.
Default: NO
pasv_addr_resolve
如果你想在pasv_address选项中要使用一个主机名(相对于IP地址),就激
活它
默认:NO
pasv_enable
Set to NO if you want to disallow the PASV method of obtaining a
data connection.
Default: YES
pasv_enable
如果你想要在数据传输的时候禁止被动模式,就设置这个字段为NO
默认:NO
*****************请继续关注后续的翻译**********************
