How can I restrict users to their home directories?
There 3 ways of doing this:
First Method:
chroot_local_user=YES
In this option , local users will be (by default) placed in a chroot() jail in their home directory after login. Warning: This option has security implications, especially if the users have upload permission, or shell access. Only enable if you know what you are doing. Note that these security implications are not vsftpd specific. They apply to all FTP daemons which offer to put local users in chroot() jails.
Second Method:
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd.chroot_list
If chroot_list_enable activated, you may provide a list of local users who are placed in a chroot() jail in their home directory upon login.
Third Method:
chroot_local_user=YES
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd.chroot_list
When chroot_local_user and chroot_list_enable are set to YES then the meaning is slightly different. In this case, the list becomes a chroot_list_file list of users which are NOT to be placed in a chroot() jail. By default, the file containing this list is /etc/vsftpd.chroot_list, but you may override this with the chroot_list_file setting.Labels: restrict vsftpd users to their home directories