Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ ftpd(1M) — Dell System V Release 4 Issue 2.2

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

ftp(1)

getsockopt(3N)

passwd(4)

services(4)



ftpd(1M)                     UNIX System V(TCP/IP)                     ftpd(1M)


NAME
      ftpd - file transfer protocol server

SYNOPSIS
      in.ftpd [ -dl ] [ -ttimeout ]

DESCRIPTION
      ftpd is the Internet File Transfer Protocol (FTP) server process.  The
      server is invoked by the Internet daemon inetd(1M) each time a connection
      to the FTP service [see services(4)] is made, with the connection
      available as descriptor 0.

      Inactive connections are timed out after 90 seconds.

      The following options are available:

      -d    Write Debugging information into the system log.

      -l    Write each FTP session into the system log.

      -ttimeout
            Set the inactivity timeout period to timeout, in seconds.  The FTP
            server will timeout an inactive session after 15 minutes.

   Requests
      The FTP server currently supports the following FTP requests; case is not
      distinguished.

      Request   Description

      ABOR      abort previous command

      ACCT      specify account (ignored)

      ALLO      allocate storage (vacuously)

      APPE      append to a file

      CDUP      change to parent of current working directory

      CWD       change working directory

      DELE      delete a file

      HELP      give help information

      LIST      give list files in a directory (ls -lg)

      MKD       make a directory





10/89                                                                    Page 1







ftpd(1M)                     UNIX System V(TCP/IP)                     ftpd(1M)


      MODE      specify data transfer mode

      NLST      give name list of files in directory (ls)

      NOOP      do nothing

      PASS      specify password

      PASV      prepare for server-to-server transfer

      PORT      specify data connection port

      PWD       print the current working directory

      QUIT      terminate session

      RETR      retrieve a file

      RMD       remove a directory

      RNFR      specify rename-from file name

      RNTO      specify rename-to file name

      STOR      store a file

      STOU      store a file with a unique name

      STRU      specify data transfer structure

      TYPE      specify data transfer type

      USER      specify user name

      XCUP      change to parent of current working directory

      XCWD      change working directory

      XMKD      make a directory

      XPWD      print the current working directory

      XRMD      remove a directory

      The remaining FTP requests specified in RFC 959 are recognized, but not
      implemented.

      The FTP server will abort an active file transfer only when the ABOR
      command is preceded by a Telnet Interrupt Process (IP) signal and a
      Telnet Synch signal in the command Telnet stream, as described in RFC
      959.



Page 2                                                                    10/89







ftpd(1M)                     UNIX System V(TCP/IP)                     ftpd(1M)


      ftpd interprets file names according to the globbing conventions used by
      sh(1).  This allows users to utilize the metacharacters:  * ? [ ] { } ~

      ftpd authenticates users according to four rules.

      1)    The user name must be in the password data base, /etc/passwd, and
            not have a null password.  In this case a password must be provided
            by the client before any file operations may be performed.

      2)    If the user name appears in the file /etc/ftpusers, ftp access is
            denied.

      3)    ftp access is denied unless the user's shell (from /etc/passwd) is
            listed in the file /etc/shells, or the user's shell is one of the
            following:
            /bin/sh
            /bin/ksh
            /bin/csh
            /usr/bin/sh
            /usr/bin/ksh
            /usr/bin/csh

      4)    If the user name is anonymous or ftp, an anonymous FTP account must
            be present in the password file (user ftp).  In this case the user
            is allowed to log in by specifying any password (by convention this
            is given as the client host's name).

      In the last case, ftpd takes special measures to restrict the client's
      access privileges.  The server performs a chroot(2) command to the home
      directory of the ftp user.  In order that system security is not
      breached, it is recommended that the ftp subtree be constructed with
      care;  the following rules are recommended.

      home_directory
              Make the home directory owned by ftp and unwritable by anyone.

      home_directory/usr/lib
              Make this directory owned by the super-user and unwritable by
              anyone.  The shared library /usr/lib/libc.so.1 should be copied
              into this directory to support the other user commands that are
              linked with it.

      home_directory/usr/bin
              Make this directory owned by the super-user and unwritable by
              anyone.  The program ls(1) must be present to support the list
              commands.  This program should have mode 111.

      home_directory/etc
              Make this directory owned by the super-user and unwritable by
              anyone.  Copies of the files passwd(4), group(4), and netconfig
              must be present for the ls command to work properly.  These files
              should be mode 444.


10/89                                                                    Page 3







ftpd(1M)                     UNIX System V(TCP/IP)                     ftpd(1M)


      home_directory/pub
              Make this directory mode 777 and owned by ftp.  Users should then
              place files which are to be accessible via the anonymous account
              in this directory.

      home_directory/dev
              Make this directory owned by the super-user and unwritable by
              anyone.  Change directories to this directory and do the
              following:

      FTP="`grep ^ftp: /etc/passwd | cut -d: -f6`"
      MAJORMINOR="`ls -l /dev/tcp | nawk '{ gsub(/,/, ""); print $5, $6}'`
      mknod $FTP/dev/tcp c $MAJORMINOR
      chmod 666 $FTP/dev/tcp

SEE ALSO
      ftp(1), getsockopt(3N), passwd(4), services(4).

      Postel, Jon, and Joyce Reynolds, File Transfer Protocol (FTP), RFC 959,
      Network Information Center, SRI International, Menlo Park, Calif.,
      October 1985.

NOTES
      The anonymous account is inherently dangerous and should be avoided when
      possible.

      The server must run as the super-user to create sockets with privileged
      port numbers.  It maintains an effective user ID of the logged in user,
      changing to user ID 0 only when binding addresses to sockets.  The
      possible security holes have been extensively scrutinized, but are
      possibly incomplete.

      /etc/ftpusers contains a list of users who cannot access the system; the
      format of the file is one username per line.




















Page 4                                                                    10/89





Typewritten Software • bear@typewritten.org • Edmonds, WA 98026