Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ ftpd(ADMN) — OpenDesktop 3.0.0

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

ftp(TC)

syslog(SLIB)


 ftpd(ADMN)                    06 January 1993                     ftpd(ADMN)


 Name

    ftpd - DARPA Internet File Transfer Protocol server

 Syntax

    /etc/ftpd [ -d ] [ -v ] [ -l ] [ -umask ] [ -ttimeout ] [ -Tmaxtimeout ]

 Description

    ftpd is the DARPA Internet File Transfer Protocol server process. The
    server uses the TCP protocol and listens at the port specified in the
    ``ftp'' service specification; see services(SFF).

    ftpd is started by the ``super-server'' inetd, and therefore must have an
    entry in inetd's configuration file, /etc/inetd.conf (see inetd(ADMN) and
    inetd.conf(SFF)).

    If the -d option is specified, debugging information is written to the
    syslog.

    If the -v option is specified, debugging information is written to the
    syslog (same as the -d option).

    If the -l option is specified, each FTP session is logged in the syslog.

    If the -u option is specified, the file creation mask will be set to
    mask.

    The FTP server will timeout an inactive session after 15 minutes.  If the
    -t option is specified, the inactivity timeout period will be set to
    timeout seconds. A client may also request a different timeout period;
    the maximum timeout limit allowed may be set to maxtimeout seconds with
    the -T option. The default limit is 2 hours.

    The FTP server currently supports the following FTP requests;  case is
    not distinguished.

    _________________________________________________________________________
    Request                    Description
    _________________________________________________________________________
    ABOR                       abort previous command
    ACCT                       specify account (ignored)
    ALLO                       allocate storage (vacuously)
    APPE                       append to a file
    CDUP                       change to parent of current working directory
    CWD                        change working directory
    DELE                       delete a file
    HELP                       give help information
    LIST                       give list files in a directory (ls -l)
    MKD                        make a directory
    MDTM                       show last modification time of file
    MODE                       specify data transfer mode
    NLST                       give name list of files in directory (ls)
    NOOP                       do nothing
    PASS                       specify password
    PASV                       prepare for server-to-server transfer
    PORT                       specify data connection port
    PWD                        print the current working directory
    QUIT                       terminate session
    REST                       restart a file transfer
    RETR                       retrieve a file
    RMD                        remove a directory
    RNFR                       specify rename-from file name
    RNTO                       specify rename-to file name
    SITE                       non-standard commands (see next section)
    SIZE                       return size of file
    STAT                       return status of server
    STOR                       store a file
    STOU                       store a file with a unique name
    STRU                       specify data transfer structure
    SYST                       display operating system information
    TYPE                       specify data transfer type
    USER                       specify user name
    XCUP                       change to parent of current working directory
    XCWD                       change working directory
    XMKD                       make a directory
    XPWD                       print the current working directory
    XRMD                       remove a directory

    The following non-standard or UNIX specific commands are supported by the
    SITE request.

    _________________________________________________________________________
    Request               Description
    _________________________________________________________________________
    UMASK                 change umask. e.g. SITE UMASK 002
    IDLE                  set idle-timer. e.g. SITE IDLE 60
    CHMOD                 change mode of a file. e.g. SITE CHMOD 755 filename
    HELP                  give help information. e.g. SITE HELP

    The remaining FTP requests specified in Internet RFC 959 are recognized,
    but not implemented.  MDTM and SIZE are not specified in RFC 959, but
    will appear in the next updated FTP RFC.

    The FTP server will abort an active file transfer only when the ABOR com-
    mand is preceded by a Telnet Interrupt Process (IP) signal and a Telnet
    Synch signal in the command Telnet stream, as described in Internet RFC
    959. If a STAT command is received during a data transfer, preceded by a
    Telnet IP and Synch, transfer status will be returned.

    ftpd interprets file names according to the ``globbing'' conventions used
    by sh(C).  This allows users to utilize the metacharacters * ? [ ] { }
    and ~.

    ftpd authenticates users according to four rules.

    +  The user name must be in the password data base, /etc/passwd, and not
       have a null password. In this case a password must be provided by the
       client before any file operations may be performed.

    +  The user name must not appear in the file /etc/ftpusers.  This file is
       checked on each non-anonymous ftp connection request.  If the
       requested user name is located in the file, the request for service is
       denied. It is suggested that this file contain at least the following
       names: uucp, root.

    +  The FTP server will not allow FTP logins to accounts whose shell is
       not listed in /etc/shells.  This typically restricts access by UUCP
       signons, etc.

    +  If the user name is ``anonymous'' or ``ftp'', an anonymous ftp account
       must be present in the password file (user ``ftp''). In this case the
       user is allowed to log in by specifying any password (by convention
       this is given as the client host's name).

    In the last case, ftpd takes special measures to restrict the client's
    access privileges.  The server performs a chroot(S) command to the home
    directory of the ``ftp'' user.  In order that system security is not
    breached, it is recommended that the ``ftp'' subtree be constructed with
    care;  the following rules are recommended. ( N.B. ~ftp means ``the home
    directory of user ftp'')

    ~ftp      Make the home directory owned by ``ftp'' and unwritable by any-
              one.

    ~ftp/bin  Make this directory owned by the super user and unwritable by
              anyone. The program ls(C) must be present to support the list
              commands. This program should have mode 111.  The programs
              pwd(C) and sh(C) and the special file /dev/null must be present
              to support the pwd command.

    ~ftp/etc  Make this directory owned by the super user and unwritable by
              anyone. The files passwd(C) and group(F) must be present for
              the ls command to be able to produce owner names rather than
              numbers.  The password field in passwd is not used, and should
              not contain real encrypted passwords.  These files should be
              mode 444.

    ~ftp/pub  Make this directory mode 777 and owned by ``ftp.''  Users
              should then place files which are to be accessible via the
              anonymous account in this directory.  For full details, see the
              System Administrator's Guide.

 Files

    /etc/ftpusers       restricted user list
    /etc/shells         allowable shell list
    /etc/passwd         the user database
    /etc/group          the group database
    /usr/adm/syslog     the system log file

    The following files are needed for anonymous ftp:

    ~ftp/etc/passwd     used by ~ftp/bin/ls
    ~ftp/etc/group      used by ~ftp/bin/ls
    ~ftp/bin/ls         to support the LIST and NLST commands

    In addition, if your /bin/ls is linked with shared libraries, you will
    need to copy /shlib/libc_s to ~ftp/shlib/libc_s.  You will also need to
    mknod(C) ~ftp/dev/socksys.  Supporting PWD requires ~ftp/dev/null,
    ~ftp/bin/sh, and ~ftp/bin/pwd.

 Notes

    The anonymous account is inherently dangerous and should be avoided when
    possible.

    The server must run as the super user to create sockets with privileged
    port numbers. It maintains an effective user ID of the logged in user,
    reverting to the super user only when binding addresses to sockets.

 See also

    ftp(TC), syslog(SLIB)


Typewritten Software • bear@typewritten.org • Edmonds, WA 98026