Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ ftpd(ADMN) — TCP/IP 1.2.0.i

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

ftp(TC)

syslog(SLIB)


 ftpd(ADMN)                      19 June 1992                      ftpd(ADMN)


 Name

    ftpd - DARPA Internet File Transfer Protocol server

 Syntax

    /etc/ftpd [ -d ] [ -v ] [ -l ] [ -umask ] [ -ttimeout ] [ -Tmaxtimeout ]

 Description

    ftpd is the DARPA Internet File Transfer Protocol server process.  The
    server uses the TCP protocol and listens at the port specified in the
    ``ftp'' service specification; see services(SFF).

    ftpd is started by the ``super-server'' inetd, and therefore must have an
    entry in inetd's configuration file, /etc/inetd.conf [see inetd(ADMN) and
    inetd.conf(SFF)].

    If the -d option is specified, debugging information is written to the
    syslog.

    If the -v option is specified, debugging information is written to the
    syslog.

    If the -l option is specified, each FTP session is logged in the syslog.

    If the -u option is specified, the file creation mask will be set to
    mask.

    The FTP server will timeout an inactive session after 15 minutes.  If the
    -t option is specified, the inactivity timeout period will be set to
    timeout seconds. A client may also request a different timeout period;
    the maximum timeout limit allowed may be set to maxtimeout seconds with
    the -T option.  The default limit is 2 hours.

    The FTP server currently supports the following FTP requests;  case is
    not distinguished.


    _________________________________________________________________________
    Request            Description
    _________________________________________________________________________
    ABOR               abort previous command
    ACCT               specify account (ignored)
    ALLO               allocate storage (vacuously)
    APPE               append to a file
    CDUP               change to parent of current working directory
    CWD                change working directory
    DELE               delete a file
    HELP               give help information
    LIST               give list files in a directory (ls -l)
    MKD                make a directory
    MDTM               show last modification time of file
    MODE               specify data transfer mode
    NLST               give name list of files in directory (ls)
    NOOP               do nothing
    PASS               specify password
    PASV               prepare for server-to-server transfer
    PORT               specify data connection port
    PWD                print the current working directory
    QUIT               terminate session
    REST               restart command
    RETR               retrieve a file
    RMD                remove a directory
    RNFR               specify rename-from file name
    RNTO               specify rename-to file name
    SITE               non-standard commands (see next section)
    SIZE               return size of file
    STAT               return status of server
    STOR               store a file
    STOU               store a file with a unique name
    STRU               specify data transfer structure
    SYST               display operating system information
    TYPE               specify data transfer type
    USER               specify user name
    XCUP               change to parent of current working directory
    XCWD               change working directory
    XMKD               make a directory
    XPWD               print the current working directory
    XRMD               remove a directory

    The following non-standard or UNIX specific commands are supported by the
    SITE request.


    _________________________________________________________________________
    Request         Description
    _________________________________________________________________________
    UMASK           change umask. e.g. SITE UMASK 002
    IDLE            set idle-timer. e.g. SITE IDLE 60
    CHMOD           change mode of a file. e.g. SITE CHMOD 755 filename
    HELP            give help information. e.g. SITE HELP

    The remaining FTP requests specified in Internet RFC 959 are recognized,
    but not implemented. MDTM and SIZE are not specified in RFC 959, but will
    appear in the next updated FTP RFC.

    The FTP server will abort an active file transfer only when the ABOR com-
    mand is preceded by a Telnet "Interrupt Process" (IP) signal and a Telnet
    "Synch" signal in the command Telnet stream, as described in Internet RFC
    959. If a STAT command is recieved during a data transfer, preceded by a
    Telnet IP and Synch, transfer status will be returned.

    ftpd interprets file names according to the ``globbing'' conventions used
    by sh(C).  This allows users to utilize the metacharacters ``*?[]{}~''.

    ftpd authenticates users according to four rules.

    +  The user name must be in the password data base, /etc/passwd, and not
       have a null password.  In this case a password must be provided by the
       client before any file operations may be performed.

    +  The user name must not appear in the file /etc/ftpusers.

    +  The FTP server will not allow FTP logins to accounts whose shell is
       not listed in /etc/shells.  This typically restricts access by UUCP
       signons, etc.

    +  If the user name is ``anonymous'' or ``ftp'', an anonymous ftp account
       must be present in the password file (user ``ftp'').  In this case the
       user is allowed to log in by specifying any password (by convention
       this is given as the client host's name).

    In the last case, ftpd takes special measures to restrict the client's
    access privileges.  The server performs a chroot(S) command to the home
    directory of the ``ftp'' user.  In order that system security is not
    breached, it is recommended that the ``ftp'' subtree be constructed with
    care;  the following rules are recommended.  ( N.B.  ~ftp means "the home
    directory of user ftp")

    ~ftp)
       Make the home directory owned by ``ftp'' and unwritable by anyone.

    ~ftp/bin)
       Make this directory owned by the super-user and unwritable by anyone.
       The program ls(C) must be present to support the list commands.  This
       program should have mode 111.  The programs pwd(C) and sh(C) and the
       special file /dev/null must be present to support the pwd command.

    ~ftp/etc)
       Make this directory owned by the super-user and unwritable by anyone.
       The files passwd(SFF) and group(SFF) must be present for the ls com-
       mand to be able to produce owner names rather than numbers.  The pass-
       word field in passwd is not used, and should not contain real
       encrypted passwords.  These files should be mode 444.

    ~ftp/pub)
       Make this directory mode 777 and owned by ``ftp.''  Users should then
       place files which are to be accessible via the anonymous account in
       this directory.  For full details, see the System Administrator's
       Guide in the User's Guide.

 Files


    /etc/ftpusers       - restricted user list

    /etc/shells         - restricted user list

    /etc/passwd         - the user database

    /etc/group          - the group database

    /usr/adm/syslog     - the system log file

    The following files are needed for anonymous ftp:

    ~ftp/etc/passwd     - used by ~ftp/bin/ls

    ~ftp/etc/group      - used by ~ftp/bin/ls

    ~ftp/bin/ls         - to support the LIST and NLST commands

    In addition, if your /bin/ls is linked with shared libraries, you will
    need to copy /shlib/libc_s to ~ftp/shlib/libc_s. You will also need to
    mknod(ADM) ~ftp/dev/socksys.  Supporting PWD requires ~ftp/dev/null,
    ~ftp/bin/sh, and ~ftp/bin/pwd.

 Notes

    The anonymous account is inherently dangerous and should be avoided when
    possible.

    The server must run as the super-user to create sockets with privileged
    port numbers.  It maintains an effective user id of the logged in user,
    reverting to the super-user only when binding addresses to sockets.

 See also

    ftp(TC), syslog(SLIB)


Typewritten Software • bear@typewritten.org • Edmonds, WA 98026