FTPD(8C)
NAME
ftpd − DARPA Internet File Transfer Protocol server
USAGE
/etc/ftpd [ −d ] [ −ttimeout ]
DESCRIPTION
Ftpd is the DARPA (Defense Advanced Research Projects Agency) Internet File Transfer Protocol server process. The server uses the TCP protocol and listens at the port specified in the “ftp” service specification.
The ftp server currently supports the following ftp requests; upper- and lowercase operate identically.
RequestDescription
ACCTspecify account (ignored)
ALLOallocate storage
APPEappend to a file
CWDchange working directory
DELEdelete a file
HELPgive help information
LISTgive list files in a directory (“ls -lg”)
MODEspecify data transfer mode
NLSTgive name list of files in directory (“ls”)
NOOPdo nothing
PASSspecify password
PORTspecify data connection port
QUITterminate session
RETRretrieve a file
RNFRspecify rename-from filename
RNTOspecify rename-to filename
STORstore a file
STRUspecify data transfer structure
TYPEspecify data transfer type
USERspecify username
XCUPchange to parent of current working directory
XCWDchange working directory
XMKDmake a directory
XPWDprint the current working directory
XRMDremove a directory
The remaining ftp requests specified in Internet RFC 765 are recognized, but not implemented.
Ftpd interprets filenames according to the conventions used by csh(1), which allows you to use the following metacharacters: *?[]{}~.
Ftpd authenticates a user according to three rules.
1)The user’s name must be in the password database, /etc/passwd, and the account must not have a null password. If the password is null, a user must supply one before the account can perform any file operations.
2)The user’s name must not appear in the file /etc/ftpusers.
3)If the user’s name is “anonymous” or “ftp”, an anonymous ftp account must be present in the password file (i.e., user “ftp”). In this case, the user may log in by specifying any password. (By convention, this password is the original host’s name).
In the last case, ftpd takes special measures to restrict access privileges. The “ftp” subtree should be constructed with care to ensure system security; the following rules are recommended.
~ftpMake the home directory owned by “ftp” and unwritable by anyone.
~ftp/bin
Make this directory owned by the super-user and unwritable by anyone. The program ls(1) must be present to support the list commands. This program should have mode 111.
~ftp/etc
Make this directory owned by the super-user and unwritable by anyone. The files passwd(5) and group(5) must be present for the ls command to work properly. These files should be mode 444.
~ftp/pub
Make this directory mode 777 and owned by “ftp” Users should then place files that are to be accessible via the anonymous account in this directory.
OPTIONS
−d turns on debugging for each socket created (SO_DEBUG). With debugging enabled, the system traces all sent and received on a socket.
−t sets the inactivity timeout period to timeout. Otherwise, the ftp server will timeout an inactive session after 60 seconds.
NOTES
Commands cannot be aborted.
The “anonymous” account may compromise the security and/or stability of the system.
The server must run as the super-user so that it can create sockets with privileged port numbers. It maintains the effective user ID of the user who is logged in, and reverts to the super-user only when binding addresses to sockets.
NOTES TO DOMAIN/IX USERS
Ftpd, like several other of the UNIX daemons, is normally invoked at boot time by running the inetd(8C) command from the /etc/rc file. Enable the daemon by uncommenting the appropriate line(s) in the /etc/inetd.conf file.