home *** CD-ROM | disk | FTP | other *** search
-
-
-
- FFFFTTTTPPPPDDDD((((1111MMMM)))) FFFFTTTTPPPPDDDD((((1111MMMM))))
-
-
-
- NNNNAAAAMMMMEEEE
- ftpd - Internet File Transfer Protocol server
-
- SSSSYYYYNNNNOOOOPPPPSSSSIIIISSSS
- ////uuuussssrrrr////eeeettttcccc////ffffttttppppdddd [ ----ddddSSSSllllpppp ] [ ----tttt_t_i_m_e_o_u_t ] [ ----TTTT_m_a_x_t_i_m_e_o_u_t ]
- [ ----uuuu_u_m_a_s_k ]
-
- DDDDEEEESSSSCCCCRRRRIIIIPPPPTTTTIIIIOOOONNNN
- _F_t_p_d is the Internet File Transfer Protocol server process. The server
- uses the TCP protocol and listens at the well-known port specified in the
- _s_e_r_v_i_c_e_s(4) file.
-
- _F_t_p_d is started by _i_n_e_t_d(1M) whenever a remote client makes a connection
- request. The following options should specified on the ftpd line in
- _i_n_e_t_d's configuration file, /etc/inetd.conf.
-
- If the ----llll option is specified, each successful and failed ftp session
- login is logged in the syslog. If this option is specified twice, the
- retrieve (get), store (put), append, delete, make directory, remove
- directory and rename operations and their filename arguments are also
- logged. If this option is specified thrice, logging for the retrieve
- (get) and store (put) commands includes the number of bytes transferred.
-
- If the ----dddd option is specified, verbose debugging information is written
- to the syslog. Note: this option logs all the commands and arguments
- that the client sends. However arguments from the PASS command for normal
- accounts are not logged.
-
- The ftp server will timeout an inactive session after 15 minutes. If the
- ----tttt option is specified, the inactivity timeout period will be set to
- _t_i_m_e_o_u_t seconds. A client may also request a different timeout period;
- the maximum period allowed may be set to _t_i_m_e_o_u_t seconds with the ----TTTT
- option. The default limit is 2 hours.
-
- The ----uuuu option specifies the default file protection mask (see _u_m_a_s_k(1)).
- If not specified, the default mask is set to 022 (group- and world-
- readable). A client may also request a different mask.
-
- The ----SSSS option turns on extra safety measures for anonymous FTP sites.
- For one thing, makes symbolic links appear to be ordinary links, so that
- links do not leak names in 'private' directories. (Those are directories
- that are not searchable by anonymous users.)
-
- The ----pppp option causes the IP addresses of the data and control connections
- to be compared. Data transfer is allowed only if the IP address of the
- data recipient (or sender) is identical to the IP address used for the
- client's end of the control connection. This prevents the PORT command
- from redirecting the ftp-data connection to a third party and thereby
- provides added protection from network scanning. It also prevents data
- from being transferred to or from a third party while using passive data
- transfer mode. Note that the ----pppp option precludes "proxy" ftp in which a
- client arranges for the transfer of data between two ftp servers.
-
-
-
- PPPPaaaaggggeeee 1111
-
-
-
-
-
-
- FFFFTTTTPPPPDDDD((((1111MMMM)))) FFFFTTTTPPPPDDDD((((1111MMMM))))
-
-
-
- The file /_e_t_c/_n_o_l_o_g_i_n can be used to disable ftp access. If the file
- exists, _f_t_p_d prints it and exits. If the file /_e_t_c/_i_s_s_u_e exists, _f_t_p_d
- prints it before issuing the ``ready'' message.
-
- The ftp server currently supports the following ftp requests; case is not
- distinguished.
-
- RRRReeeeqqqquuuueeeesssstttt DDDDeeeessssccccrrrriiiippppttttiiiioooonnnn
- ABOR abort previous command
- ACCT specify account (ignored)
- ALLO allocate storage (vacuously)
- APPE append to a file
- CDUP change to parent of current working directory
- CWD change working directory
- DELE delete a file
- HELP give help information
- LIST give list files in a directory (``ls -lA'')
- MKD make a directory
- MDTM show last modification time of file
- MODE specify data transfer _m_o_d_e
- NLST give name list of files in directory
- NOOP do nothing
- PASS specify password
- PASV prepare for server-to-server transfer
- PORT specify data connection port
- PWD print the current working directory
- QUIT terminate session
- REST restart incomplete transfer
- RETR retrieve a file
- RMD remove a directory
- RNFR specify rename-from file name
- RNTO specify rename-to file name
- SITE non-standard commands (see next section)
- SIZE return size of file
- STAT return status of server
- STOR store a file
- STOU store a file with a unique name
- STRU specify data transfer _s_t_r_u_c_t_u_r_e
- SYST show operating system type of server system
- TYPE specify data transfer _t_y_p_e
- USER specify user name
- XCUP change to parent of current working directory (deprecated)
- XCWD change working directory (deprecated)
- XMKD make a directory (deprecated)
- XPWD print the current working directory (deprecated)
- XRMD remove a directory (deprecated)
-
- The following non-standard or UNIX specific commands are supported by the
- SITE request.
-
-
-
-
-
-
- PPPPaaaaggggeeee 2222
-
-
-
-
-
-
- FFFFTTTTPPPPDDDD((((1111MMMM)))) FFFFTTTTPPPPDDDD((((1111MMMM))))
-
-
-
- RRRReeeeqqqquuuueeeesssstttt DDDDeeeessssccccrrrriiiippppttttiiiioooonnnn
- UMASK change umask, e.g., SITE UMASK 002
- IDLE set idle-timer, e.g., SITE IDLE 60
- CHMOD change mode of a file, e.g., SITE CHMOD 755 filename
- HELP give help information, e.g., SITE HELP
-
- The remaining ftp requests specified in Internet RFC 959 are recognized,
- but not implemented. MDTM and SIZE are not specified in RFC 959, but
- will appear in the next updated FTP RFC.
-
- The ftp server will abort an active file transfer only when the ABOR
- command is preceded by a Telnet "Interrupt Process" (IP) signal and a
- Telnet "Synch" signal in the command Telnet stream, as described in
- Internet RFC 959. If a STAT command is received during a data transfer,
- preceded by a Telnet IP and Synch, transfer status will be returned.
-
- _F_t_p_d interprets file names according to the ``globbing'' conventions used
- by _c_s_h(1). This allows users to utilize the metacharacters ``*?[]{}~''.
-
- _F_t_p_d authenticates users according to three rules.
-
- 1) The user name must be in the password data base, /_e_t_c/_p_a_s_s_w_d, and not
- have a null password. In this case a password must be provided by the
- client before any file operations may be performed.
-
- 2) The user name must not appear in the file /_e_t_c/_f_t_p_u_s_e_r_s. However, if
- the user name is in /_e_t_c/_f_t_p_u_s_e_r_s followed by the white-space
- separated keyword ``restrict'', the user is allowed restricted access
- privileges, as described below.
-
- 3) If the user name is ``anonymous'' or ``ftp'', an anonymous ftp account
- must be present in the password file (user ``ftp''). In this case the
- user is allowed to log in by specifying any password (by convention
- this is given as the client user and host name).
-
- For the restricted and anonymous accounts, _f_t_p_d takes special measures to
- restrict the client's access privileges. The server performs a _c_h_r_o_o_t(2)
- command to the home directory of the user and prints the file README if
- it exists. In order that system security is not breached, it is
- recommended that the subtree be constructed with care; the following
- rules are recommended, using the ``ftp'' anonymous account as an example.
- If you allow logins as the ftp account, then you should instead make all
- the files and directories owned by a user and group other than ftp (or
- any other account that can login using the restricted passwd file in the
- chrooted tree), with the possible exception of directories to which you
- allow file transfers, such as ~ftp/pub. Remember that because the
- account name and password are valid, the user will be able to login
- directly or via _t_e_l_n_e_t, _r_l_o_g_i_n, or _r_s_h. This can be prevented, if
- desired, by using the feature documented in the _p_a_s_s_w_d(4) man page,
- having the shell field start with ****, and the home directory being a real
- or impossible base for the chrooted environment. See that manual page
- for more information.
-
-
-
- PPPPaaaaggggeeee 3333
-
-
-
-
-
-
- FFFFTTTTPPPPDDDD((((1111MMMM)))) FFFFTTTTPPPPDDDD((((1111MMMM))))
-
-
-
- Note that _f_t_p_d uses the information in /_e_t_c/_p_a_s_s_w_d to perform
- authentication and to establish its environment; i.e., _f_t_p_d does not use
- the _e_t_c/_p_a_s_s_w_d file in the chrooted tree (unlike _l_o_g_i_n(1)).
-
-
- ~ftp Make the home directory owned by ``bin'' and unwritable by
- anyone (mode 555 - see _c_h_m_o_d(1)):
-
- chown bin ~ftp
- chmod a-w ~ftp
-
-
- ~ftp/bin Make this directory owned by the super-user and unwritable by
- anyone (mode 555). The program _l_s(1) must be present to
- support the list commands. This program should have mode 111.
-
- ~ftp/etc Make this directory owned by the super-user and unwritable by
- anyone (mode 555). The files _p_a_s_s_w_d(4) and _g_r_o_u_p(4) must be
- present for the _l_s command to be able to produce owner names
- rather than numbers. This should not be a copy of the real
- file in /etc, and in particular, it should contain no encrypted
- passwords from the real /etc/passwd or /etc/group. The
- password field in _p_a_s_s_w_d is not used. Only the minimal number
- of accounts should be listed. These files should be mode 444.
-
- ~ftp/lib32
- Make this directory own by the super-user and unwritable by
- anyone (mode 555). In order for ls to run, the files
- /_l_i_b_3_2/_r_l_d and /_l_i_b_3_2/_l_i_b_c._s_o._1 must be copied into lib32
- (older releases, or some uses of other programs might also
- require the o32 versions in /_l_i_b. Both _r_l_d and _l_i_b_c._s_o._1
- should be readable and executable by everyone, _e._g. mode 555.
-
- ~ftp/dev Make this directory owned by the super-user and unwritable by
- anyone (mode 555). _r_l_d uses /_d_e_v/_z_e_r_o, so use mknod(1) to make
- a copy of /_d_e_v/_z_e_r_o in ~ftp/dev with the same major and minor
- device numbers. Make /_d_e_v/_z_e_r_o read-only (mode 444).
-
- mknod ~ftp/dev/zero c 37 0
- chmod 444 ~ftp/dev/zero
-
-
- ~ftp/pub Make this directory owned by ``ftp''. If local users and remote
- anonymous users are to be allowed to write in this directory,
- change the directory's mode to 777. Users can then place files
- which are to be accessible via the anonymous account in this
- directory. If write accesses are to be denied, change the
- directory's mode to 555.
-
-
-
-
-
-
-
- PPPPaaaaggggeeee 4444
-
-
-
-
-
-
- FFFFTTTTPPPPDDDD((((1111MMMM)))) FFFFTTTTPPPPDDDD((((1111MMMM))))
-
-
-
- SHARE II ACTIONS
- If the Share II system is installed and enabled, then the following
- privilege and resource checks are made immediately after the other
- validation checks are passed but before the ftp session is permitted to
- begin:
-
- 1. If your _nnnn_oooo_llll_oooo_gggg_iiii_nnnn flag is set, or you already have another connection
- and your _oooo_nnnn_eeee_llll_oooo_gggg_iiii_nnnn flag is set, then you are denied connection.
-
- 2. If a disk usage exceeds its soft disk limit in any of your domains,
- then a message is printed and you are given a _w_a_r_n_i_n_g. If you
- accumulate too many warnings, further connection attempts are denied
- and you must see your subadministrator to rectify the situation.
- Whenever you connect with no disk usages in excess of any soft
- limits, all your accumulated warnings are cleared.
-
- 3. If you do not have permission to use an _f_t_p connection, as determined
- by the terminal permission flag _tttt_eeee_rrrr_mmmm_iiii_nnnn_aaaa_llll_...._ffff_llll_aaaa_gggg_...._ffff_tttt_pppp, then you are
- denied connection.
-
- 4. Some installations place limits on terminal connect-time, which apply
- equally to connection by way of _f_t_p. If you have already reached
- your connect-time limit, then you are denied connection. Otherwise,
- if you have a limit, your remaining connect-time is printed.
-
- If all of these checks are passed, _ffff_tttt_pppp_dddd proceeds normally.
-
- FFFFIIIILLLLEEEESSSS
- /etc/ftpusers list of unwelcome/restricted users
- /etc/issue welcome notice
- /etc/nologin disables access
- /etc/limconf The compiled Share II configuration file (machine
- readable)
-
- SSSSEEEEEEEE AAAALLLLSSSSOOOO
- login(1), ftp(1C), inetd(1M), rexecd(1M), syslogd(1M), passwd(4),
- share(5)
-
- DDDDIIIIAAAAGGGGNNNNOOOOSSSSTTTTIIIICCCCSSSS
- The Share II specific diagnostic messages are listed as follows:
-
- _WWWW_aaaa_rrrr_nnnn_iiii_nnnn_gggg _X _oooo_ffff _Y: soft disk limit exceeded.
- One of your domains has a disk usage in excess of its soft limit.
-
- _CCCC_oooo_nnnn_nnnn_eeee_cccc_tttt_iiii_oooo_nnnn _dddd_eeee_nnnn_iiii_eeee_dddd_.... _TTTT_oooo_oooo _mmmm_aaaa_nnnn_yyyy _wwww_aaaa_rrrr_nnnn_iiii_nnnn_gggg_ssss_....
- You have reached your warning limit. See your subadministrator.
-
- _CCCC_oooo_nnnn_nnnn_eeee_cccc_tttt_iiii_oooo_nnnn _dddd_eeee_nnnn_iiii_eeee_dddd_.... _AAAA_llll_rrrr_eeee_aaaa_dddd_yyyy _llll_oooo_gggg_gggg_eeee_dddd _iiii_nnnn _---- _oooo_nnnn_llll_yyyy _oooo_nnnn_eeee _llll_oooo_gggg_iiii_nnnn _aaaa_llll_llll_oooo_wwww_eeee_dddd_....
- You are already connected to the system and your _oooo_nnnn_eeee_llll_oooo_gggg_iiii_nnnn flag is
- set.
-
-
-
-
-
- PPPPaaaaggggeeee 5555
-
-
-
-
-
-
- FFFFTTTTPPPPDDDD((((1111MMMM)))) FFFFTTTTPPPPDDDD((((1111MMMM))))
-
-
-
- _CCCC_oooo_nnnn_nnnn_eeee_cccc_tttt_iiii_oooo_nnnn _dddd_eeee_nnnn_iiii_eeee_dddd_.... _CCCC_uuuu_rrrr_rrrr_eeee_nnnn_tttt_llll_yyyy _bbbb_aaaa_rrrr_rrrr_eeee_dddd _ffff_rrrr_oooo_mmmm _llll_oooo_gggg_gggg_iiii_nnnn_gggg _iiii_nnnn_....
- Your _nnnn_oooo_llll_oooo_gggg_iiii_nnnn flag is set.
-
- _CCCC_oooo_nnnn_nnnn_eeee_cccc_tttt_iiii_oooo_nnnn _dddd_eeee_nnnn_iiii_eeee_dddd_.... _NNNN_oooo _pppp_eeee_rrrr_mmmm_iiii_ssss_ssss_iiii_oooo_nnnn _tttt_oooo _uuuu_ssss_eeee _tttt_hhhh_iiii_ssss _tttt_eeee_rrrr_mmmm_iiii_nnnn_aaaa_llll_....
- You are not allowed to log in at this terminal because of a clear
- _tttt_eeee_rrrr_mmmm_iiii_nnnn_aaaa_llll_...._ffff_llll_aaaa_gggg_...._rrrr_ssss_hhhh flag.
-
- _YYYY_oooo_uuuu _hhhh_aaaa_vvvv_eeee _aaaa _rrrr_eeee_mmmm_aaaa_iiii_nnnn_iiii_nnnn_gggg _tttt_eeee_rrrr_mmmm_iiii_nnnn_aaaa_llll _cccc_oooo_nnnn_nnnn_eeee_cccc_tttt_----_tttt_iiii_mmmm_eeee _oooo_ffff _Y.
- You may use this connection until you have used up your remaining
- connect-time, at which point you are forced to disconnect.
-
- _CCCC_oooo_nnnn_nnnn_eeee_cccc_tttt_iiii_oooo_nnnn _dddd_eeee_nnnn_iiii_eeee_dddd_.... _TTTT_eeee_rrrr_mmmm_iiii_nnnn_aaaa_llll _cccc_oooo_nnnn_nnnn_eeee_cccc_tttt_----_tttt_iiii_mmmm_eeee _llll_iiii_mmmm_iiii_tttt _eeee_xxxx_cccc_eeee_eeee_dddd_eeee_dddd_....
- You have already reached your terminal connect-time limit.
-
- _SSSS_hhhh_aaaa_rrrr_eeee _nnnn_oooo_tttt _cccc_oooo_nnnn_ffff_iiii_gggg_uuuu_rrrr_eeee_dddd _---- _nnnn_oooo _llll_iiii_mmmm_iiii_tttt _cccc_hhhh_eeee_cccc_kkkk_ssss_....
- The configuration file is unreadable for some reason, so terminal
- privileges, connect-time limits and disk space limits could not be
- checked.
-
- BBBBUUUUGGGGSSSS
- The anonymous account is inherently dangerous and should avoided when
- possible.
-
- The server must run as the super-user to create sockets with privileged
- port numbers. It maintains an effective user ID of the logged in user,
- reverting to the super-user only when binding addresses to sockets. The
- possible security holes have been extensively scrutinized, but are
- possibly incomplete.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- PPPPaaaaggggeeee 6666
-
-
-
-
