Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ ftpd(ADMN) — OpenDesktop 1.1.0

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

ftp(TC)

syslog(SLIB)


     FTPD(ADMN)                                 UNIX System V



     Name
          ftpd - DARPA Internet File Transfer Protocol server


     Syntax
          /etc/ftpd [ -d ] [ -l ] [ -ttimeout ]


     Description
          ftpd is the DARPA Internet  File  Transfer  Protocol  server
          process.   The  server  uses the TCP protocol and listens at
          the port specified in the  ftp  service  specification;  see
          services(SFF).

          ftpd is started by the  super-server  inetd,  and  therefore
          must   have   an   entry   in   inetd's  configuration  file
          /etc/inetd.conf.  [See inetd(ADMN) and inetd.conf(SFF).]

          If the -d option  is  specified,  debugging  information  is
          written to the syslog.

          If the -l option is specified, each FTP session is logged in
          the syslog.

          The FTP server will timeout an  inactive  session  after  15
          minutes.   If  the  -t  option  is specified, the inactivity
          timeout period will be set to timeout.

          The  FTP  server  currently  supports  the   following   FTP
          requests;  case is not distinguished.

          Request        Description
          ABOR           abort previous command
          ACCT           specify account (ignored)
          ALLO           allocate storage (vacuously)
          APPE           append to a file
          CDUP           change to parent of current working directory
          CWD            change working directory
          DELE           delete a file
          HELP           give help information
          LIST           give list files in a directory (ls -l)
          MKD            make a directory
          MODE           specify data transfer mode
          NLST           give name list of files in directory (ls)
          NOOP           do nothing
          PASS           specify password
          PASV           prepare for server-to-server transfer
          PORT           specify data connection port
          PWD            print the current working directory
          QUIT           terminate session
          RETR           retrieve a file
          RMD            remove a directory
          RNFR           specify rename-from file name
          RNTO           specify rename-to file name
          STOR           store a file
          STOU           store a file with a unique name
          STRU           specify data transfer structure
          TYPE           specify data transfer type
          USER           specify user name
          XCUP           change to parent of current working directory
          XCWD           change working directory
          XMKD           make a directory
          XPWD           print the current working directory
          XRMD           remove a directory

          The remaining FTP requests specified in Internet RFC 959 are
          recognized, but not implemented.

          The FTP server will abort an active file transfer only  when
          the  ABOR  command is preceded by a Telnet Interrupt Process
          (IP) signal and a Telnet Synch signal in the command  Telnet
          stream, as described in Internet RFC 959.

          ftpd  interprets  file  names  according  to  the   globbing
          conventions used by sh(C).  This allows users to utilize the
          metacharacters *?[]{}~.

          ftpd authenticates users according to three rules.

          1)   The user  name  must  be  in  the  password  data  base
               /etc/passwd  and  not  have  a  null password.  In this
               case, a password must be provided by the client  before
               any file operations can be performed.

          2)   The  user  name   must   not   appear   in   the   file
               /etc/ftpusers.

          3)   If the user name is anonymous or ftp, an anonymous  ftp
               account  must  be  present  in  the password file (user
               ftp).  In this case, the user is allowed to log  in  by
               specifying  any password. (By convention, this is given
               as the client host's name.)

          In the last case, ftpd takes special  measures  to  restrict
          the  client's  access  privileges.   The  server  performs a
          chroot(2) command to the home directory of the ftp user.  To
          make sure system security is not breached, it is recommended
          that  the  ftp  subtree  be  constructed  with  care;    the
          following  rules  are recommended.  (Note:  ~ftp means ``the
          home directory of user ftp'')

          ~ftp)
               Make it so the home  directory  is  owned  by  ftp  and
               unwritable by anyone.

          ~ftp/bin)
               Make it so this directory is owned by the superuser and
               unwritable  by  anyone.   The  program  ls(C)  must  be
               present to support the  list  commands.   This  program
               should have mode 111.

          ~ftp/etc)
               Make it so this directory owned by  the  superuser  and
               unwritable   by  anyone.   The  files  passwd(SFF)  and
               group(SFF) must be present for the ls command  to  work
               properly.  These files should be mode 444.

          ~ftp/pub)
               Make this directory mode 777 and owned by  ftp.   Users
               should  then  place files that are to be accessible via
               the anonymous account in this directory.


     See Also
          ftp(TC), syslog(SLIB)


     Notes
          The anonymous account is  inherently  dangerous  and  should
          avoided when possible.

          The server must run as the superuser to create sockets  with
          privileged  port numbers.  It maintains an effective user id
          of the logged in user, reverting to the superuser only  when
          binding  addresses  to sockets.  The possible security holes
          have  been  extensively  scrutinized,   but   are   possibly
          incomplete.


     Files
          /etc/ftpusers - restricted user list
          /etc/passwd - the user database
          /etc/group - the group database
          /usr/adm/syslog - the system log file

          The following files are needed for anonymous ftp:

          ~ftp/etc/passwd - used by ~ftp/bin/ls
          ~ftp/etc/group - used by ~ftp/bin/ls
          ~ftp/bin/ls - to support the LIST and NLST commands

          In  addition,  if  your  /bin/ls  is  linked   with   shared
          libraries,   you   will   need   to  copy  /shlib/libc_s  to
          ~ftp/shlib/libc_s.  If  your  implementation  is  using  the
          SIOCSOCKSYS  ioctl,  you  will  need  to run the mdnod(ADMN)
          command on ~ftp/dev/socksys.


     (printed 8/17/89)                                  FTPD(ADMN)

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026