ftpaccess(4) Kernel Interfaces Manual ftpaccess(4)
NAME
ftpaccess - ftpd configuration file
SYNOPSIS
DESCRIPTION
The file is used to configure the operation of (see ftpd(1M)).
Access Capabilities
[ class ... ]
If an user is a member of any of class, the ftp server will perform a to groupname. This allows access to group-and-owner-read-only
files and directories to a particular class of anonymous users. groupname is a valid group from (or whatever mechanism your library
routine uses; see getgrent(3C)).
[ addrglob ... ]
Define class of users, with source addresses of the form addrglob. Multiple members of class may be defined. There may be multiple
commands, listing additional members of the class. If multiple commands can apply to the current session, the first one listed in
the access file is used. Failing to define a valid class for a host will cause access to be denied. typelist is a comma-separated
list of any of the keywords and If the keyword is included, the class can match users using FTP to access real accounts, and if the
keyword is included, the class can match users using anonymous FTP. The keyword matches guest access accounts (see below for more
information)
addrglob may be a globbed domain name or a globbed numeric address. There can be multiple addrglob's for this directive. To avoid
confusion when you have multiple addrglob's, you can put all the addrglob's in a file and specify the path of the file in place of
the addrglob's.
Placing an exclamation (!) before an addrglob negates the test. For example:
will classify real users from outside the domain as the class Use care with this option. Remember, the result of each test is OR'ed
with other tests on the line.
Note: addrglob can be an IPv4 glob address of the form n.n.n.n where n is either a decimal number between 0 to 255 or an asterisk
addrglob can also be an IPv6 address where asterisk is not supported. The equivalent functionality of asterisk is provided in the
form of the subnet prefix followed by a forward slash and the prefix length.
This notation of addrglob as a glob address is applicable for all other directives.
Always deny access to the host(s) matching addrglob. message_file is the file from which denial message is displayed to the hosts
that are denied access. addrglob may be to deny access to sites without a working nameserver. It may also be the name of a file,
starting with a slash which contains additional address globs, as well as in the form address:netmask or address/cidr.
[ groupname ... ]
[ username ... ]
[ groupname ... ]
[ username ... ]
For if a user is a member of any of groupname, the session is set up exactly as with anonymous FTP. In other words, a is done, and
the user is no longer permitted to issue the and commands. groupname is a valid group from (or whatever mechanism your library rou-
tine uses).
The user's home directory must be properly set up, exactly as anonymous FTP would be. The home directory field of the passwd entry
is divided into two directories. The first field is the root directory which will be the argument to the call. The second half is
the user's home directory relative to the root directory. The two halves are separated by a
Example:
In the file, the sample entry is:
When successfully logs in, the ftp server will and then The guest user will only be able to access the directory structure under
(which will look and act as to just as an anonymous FTP user would.
The group name may be specified by either name or numeric ID. To use a numeric group ID, place a before the number. Ranges may be
given. Use an asterisk to mean all groups.
works like except it uses the user name (or numeric ID).
and have the same syntax, but reverse the effect of and They allow real user access when the remote user would otherwise be deter-
mined a guest. For example:
causes all non-anonymous users to be treated as guest, with the sole exception of users in the admin group who are granted real user
access.
[ class ]
Adjust the process nice value of the ftpd server process by the indicated nice-delta value if the remote user is a member of the
named class. If class is not specified, then use nice-delta as the default adjustment to the ftpd server process nice value. This
default nice value adjustment is used to adjust the nice value of the server process only for those users who do not belong to any
class for which a class-specific directive exists in the file.
[ class ]
Set the umask applied to files created by daemon if the remote user is a member of the named class. If class is not specified, then
use the umask as the default for classes which do not have one specified.
Set the TCP option for data sockets. can be used to control network disconnect. means to set the TCP option. With the behavior
depends on the system default settings (see ndd(1M)).
NOTE: It is recommended to set to to keep the network traffic connected.
[ seconds ]
[ seconds ]
[ seconds ]
[ seconds ]
[ seconds ]
[ seconds ]
Set various timeouts.
[seconds] (default 120 seconds). Specify how long the daemon will wait for an incoming (PASV) data connection.
[seconds] (default 120 seconds). Specify how long the daemon will wait attempting to establish an outgoing (PORT) data connection.
This affects the actual connection attempt. The daemon makes several attempts, sleeping a while between each, before completely
giving up.
[seconds] (default 1200 seconds). Specify how long the daemon will wait for some activity on the data connection. It is recom-
mended to keep this value high, because the remote client may have a slow link and there can be quite a bit of data queued for the
client.
[seconds] (default 900 seconds). Specify how long the daemon will wait for the next command. The default value (900 seconds) can
be overridden by using the option of (see ftpd(1M)). If is specified, that value will override both the default value as well as
the value set with option of The SITE IDLE command allows the remote client to establish a higher value for the idle timeout. An
value of implies that there is no idle timeout period and the control connection is set to an infinite idle timeout period. If is
set to a value more than (see the option), will be set to the value.
[seconds] (default 7200 seconds). Specify the the maximum number of seconds for the idle timeout. The default value (7200 seconds)
can be overridden by using the option of (see ftpd(1M)). If is specified, that value will override both the default value as well
as the value set with option of A value of implies that there is no maximum idle timeout period and the control connection is set to
an infinite idle timeout period.
[seconds] (default 10 seconds). Specify the maximum time that the daemon allows for the entire RFC931 (AUTH/ident) conversation.
Setting this to zero(0) seconds completely disables the daemon's use of this protocol. The information obtained via RFC931 is
recorded in the system logs and is not actually used in any authentication.
[ bytes ]
Specify the number of bytes after which the data connection idle time is reset, in case of an ASCII mode file transfer (see above
for more information). The number specified must be a positive power of 2. By default, the number is set to 4096 bytes.
NOTE: If the specified number is smaller than 4096 bytes, will take the default value (4096 bytes). If the specified number is too
large, a premature closure of the data connection may be encountered.
[ raw ] count [ class ]
Limit the number (count) of data files that a user in the given class may transfer. The limit may be placed on files or If class is
not specified, the limit is the default for those classes which do not have a limit specified. The optional raw parameter applies
the limit to the total traffic rather than just data files.
[ raw ] count [ class ]
Limit the number of data bytes a user in the given class may transfer. The limit may be place on bytes or If no class is specified,
the limit is the default for classes which do not have a limit specified. The optional raw parameter applies the limit to total
traffic rather than just data files.
minutes
Limit the total time a session can take. By default, there is no limit. Real users are never limited.
[ hostname ] ...
Controls which hosts may be used for anonymous or guest access. If used without hostname, all guest or anonymous access to this
site is denied. More than one hostname may be specified. Guest and anonymous access will only be allowed on the named machines.
If access is denied, the user will be asked to use the first hostname listed.
Limit class to n users at specified times, displaying message_file if user is denied access. The limit check is performed at login
time only. If multiple commands apply to the current session, the first applicable one is used. Failing to define a valid limit,
or a limit of is equivalent to unlimited. The format for times can be any of the following:
Any week day
Friday
Any day of week between 9.00 - 13.00 hrs.
Either Thursday or between 9.00 - 13.00.
classname ] ...
filename [ filename ] ...
Always deny retrievability of these files. If the files are an absolute path specification (that is, begins with character), then
only those files are marked unretrievable. Otherwise all files with the matching filename are refused transfer. Example:
specifies that no one is able to get the file whereas they are allowed to transfer a file, if it is not in On the other hand, no one
is able to get a file named wherever it is.
Directory specifications mark all files and sub-directories in the named directory as "un-gettable" or not obtainable. The filename
may be specified as a file glob. For example:
specifies that no files in or any of its sub-directories may be retrieved. Also, no files named anywhere under the directory may be
retrieved.
The optional first parameter selects whether names are interpreted as absolute or relative to the current environment. The default
is to interpret names beginning with a slash as absolute.
The restrictions may be placed upon members of particular classes. If any is specified, then this option is set only for the users
of that particular class.
classname ] ...
filename [ filename ] ...
Allows retrieval of files which would otherwise be denied by noretrieve.
After number login failures, log a message and terminate the FTP connection. Default value is 5.
After a user logs in, the and commands may be used to specify an enhanced access group and associated password. If the group name
and password are valid, the user becomes (via a member of the group specified in the group access file,
The format of the group access file is:
where access_group_name is an arbitrary (alphanumeric and punctuation) string. encrypted_password is the password encrypted via
(see crypt(3C)) exactly like in real_group_name is the name of a valid group listed in
NOTE: For this option to work for anonymous FTP users, the ftp server must keep permanently open and the group access file is loaded
into memory. This means that:(1) the ftp server now has an additional file descriptor open, and(2) the necessary passwords and
access privileges granted to users via (see ftpd(1M)) will be static for the duration of an FTP session. If you have an urgent need
to change the access groups and/or passwords now (immediately), just kill all of the running FTP servers.
Informational Capabilities
Allows you to control how much information is given out before the remote user logs in. is the default and shows the hostname and
daemon version. shows the hostname. only displays the message "FTP server ready." Also, this message is printed as the output of
the command. Although is the default, is recommended.
NOTE: The two options and are not supported. The greeting option can be used to suppress the hostname or the daemon version.
The form allows you to specify any greeting message you desire. The message can be any string; whitespace (spaces and tabs) is con-
verted to a single space.
Works similarly to the command (see below), except that the banner is displayed before the user enters the username and password.
The path is relative to the real system root, not the base of the anonymous FTP directory.
use of this command can completely prevent non-compliant FTP clients from making use of the FTP server. Not all clients can handle
multi-line responses (which is how the banner is displayed).
Defines the default host name of the ftp server. This string will be printed on the greeting message and every time the magic
cookie is used. See below for a list of magic cookies. The host name for virtual servers overrides this value. If not specified,
the default host name for the local machine is used.
Defines the email address of the ftp archive maintainer. This string will be printed every time the magic cookie is used. See
below for a list of magic cookies.
[ when [ class... ]]
Define a file with path such that will display the contents of the file to the user at login time or upon using the change working
directory command. The when parameter may be or If when is dir specifies the new default directory which will trigger the notifica-
tion.
The optional class specification allows the message to be displayed only to members of a particular class. More than one class may
be specified.
In the message file, the user can key in a message and use the "macros" or "magic cookies" that are available. The ftp server will
replace the cookie with a specified text string. The following magic cookies are available:
local time (form Thu Nov 15 17:12:42 1990)
current working directory
the maintainer's email address as defined in
remote host name
local host name
username as determined via RFC931 authentication
username given at login time
maximum allowed number of users in this class
current number of users in this class
absolute limit on disk blocks allocated
preferred limit on disk blocks
current block count
maximum number of allocated inodes (+1)
preferred inode limit
current number of allocated inodes
time limit for excessive disk use
time limit for excessive files
ratios:
Uploaded bytes
Downloaded bytes
Upload/Download ratio (1:n)
Credit bytes
Time limit (minutes)
Elapsed time since login (minutes)
Time left
Upload limit
Download limit
The message will only be displayed once to avoid annoying the user. Remember that when messages are triggered by an anonymous FTP
user, the path must be relative to the base of the anonymous FTP directory tree.
[ when [ class ]]
Define a file with path such that will notify user at login time or upon using the change working directory command that the file
exists and was modified on such-and-such date. The when parameter may be or If when dir specifies the new default directory which
will trigger the notification. The message will only be displayed once, to avoid bothering users. Remember that when messages are
triggered by an anonymous FTP user, the path must be relative to the base of the anonymous FTP directory tree.
The optional class specification allows the message to be displayed only to members of a particular class. More than one class may
be specified.
Logging Capabilities
Enables logging of individual commands by users. typelist is a comma-separated list of any of the keywords and If the keyword is
included, logging will be done for users using FTP to access real accounts, and if the keyword is included logging will done for
users using anonymous FTP. The keyword matches guest access accounts (see in the subsection above for more information). The indi-
vidual commands are logged in the file.
Enables logging of file transfers for either real or anonymous FTP users. Logging of transfers TO the server (incoming) can be
enabled separately from transfers FROM the server (outbound). typelist is a comma-separated list of any of the keywords and If the
keyword is included, logging will be done for users using FTP to access real accounts. If the keyword is included, logging will be
done for users using anonymous FTP. The keyword matches guest access accounts (see in the subsection above for more information).
directions is a comma-separated list of any of the two keywords and and will respectively cause transfers to be logged for files
sent to the server and sent from the server. All the logging is done into the file
Enables logging of violations of security rules (noretrieve, notar, ...) for real, guest and/or anonymous users. typelist is a
comma-separated list of any of the keywords and If the keyword is included, logging will be done for users using FTP to access real
accounts. If the keyword is included, logging will done for users using anonymous FTP. The keyword matches guest access accounts
(see for more information).
Redirects the logging messages for incoming and outgoing transfers to either or or both. By default (if is not specified), the
transfer log messages are put into will put the log messages into only will put the log messages into both and
Upload/Download Ratios
[ class ... ]
Specify an Upload/Download ratio (1:rate). For each byte that an ftp user uploads, rate bytes can be downloaded. By default, there
is no ratio.
[ class ... ]
The file filename can be downloaded freely ignoring the ratio. See above.
[ class ... ]
All files in the directory dirname and its subdirectories can be downloaded freely ignoring the ratio. See above.
Note that both and are relative to the system's root environment, not the environment.
Miscellaneous Capabilities
Defines an alias, string, for the specified directory, dir. Can be used to add the concept of logical directories.
For example:
would allow the user to access from any directory by the command Aliases only apply to the command.
Defines a directory entry in the dir defines a search path that is used when changing directories.
For example:
would allow the user to into any directory directly under or directories. The search path is defined by the order in which the
lines appear in the
If the user were to give the command:
The directory will be searched for in the following order:
The path is only available with the command. If you have a large number of aliases, you might want to set up an aliases directory
with links to all of the areas that you wish to make available to users.
classglob [ classglob ... ]
classglob [ classglob ... ]
Enables or capabilities for any class matching any of classglob. The actual conversions are defined in the external file
If the file pointed to by path exists, the server will check the file regularly to see if the server is going to be shut down. If a
shutdown is planned, the user is notified, new connections are denied after a specified time before shutdown and current connections
are dropped at a specified time before shutdown. path points to a file structured as follows:
year month day hour minute deny_offset disc_offset
text
year any year > 1970
month <-- Note: month index begins from
hour
minute
deny_offset and disc_offset are the offsets in HHMM format before the shutdown time that new connections will be denied and existing
connections will be disconnected.
text follows the normal rules for any message (see in the subsection), with the following additional magic cookies available:
time system is going to shut down
time new connections will be denied
time current connections will be dropped
All times are in the form: ddd MMM DD hh:mm:ss YYYY. There can be only one command in the configuration file.
The external program can be used to automate the process of generating this file.
If this value is not set, then the server will listen for connections on every IP addresses. Otherwise it will only listen on the
IP address specified. Use of this clause is discouraged as it will break virtual hosting. This option will work only when is run-
ning in the standalone mode (see ftpd(1M)).
Specifies the transfer logfile for the default server. Virtual hosts can override this with the "" option. If omitted, the default
logfile is used.
Normally used in a virtual host file, the root directive is used to specify the path to the root of the directory for this server.
path
Enables the virtual ftp server capabilities. The address is the IP address of the virtual server. The second argument specifies
that the path is one of the following:
The root of the filesystem for this virtual server.
The banner presented to the user when connecting to this virtual server.
The logfile where transfers are recorded for this virtual server. If
is not specified, the default logfile will be used.
All other message files and permissions as well as any other settings in this file apply to all virtual servers.
The address may also be specified as the hostname rather than the IP number. This is strongly discouraged because if DNS is not
available at the time the FTP session begins, the hostname will not be matched.
The above options must be used in the file only and not in the virtual domain file.
{ hostname|email } string
Sets string to either the hostname shown in the greeting message and command, or to the email address used in message files and on
the command.
The above options must be used in the file only and not in the virtual domain file.
[ username ... ]
[ username ... ]
Normally, real and guest users are not allowed to log in on the virtual server unless they are guests and to the virtual root. The
users listed on the line(s) will be granted access. All users can be granted access by giving as the username. The clauses are
processed after the clauses and are used to deny access to specific users when all users were allowed.
The above options can be used in both the file and in the virtual domain file.
Normally, anonymous users are allowed to log in on the virtual server. This option denies them access.
The above option must be used in the file only and not in the virtual domain file.
Use a different passwd file for the virtual domain.
Note: This option is currently not supported in HP-UX.
Use a different shadow file for this virtual domain.
Note: This option is currently not supported in HP-UX.
[ username ... ]
[ username ... ]
Normally, all users are allowed access to the default (non-virtual) FTP server. Use to revoke access for specific users. Specify
to deny access to all users. Specific users can then be allowed using
Normally, anonymous users are allowed on the default (non-virtual) FTP server. This statement disallows anonymous access.
The and and clauses provide a means to control which users are allowed access on which FTP servers.
Allows control of the address reported in response to a command. When any control connection matching the cidr requests a passive
data connection the externalip address is reported.
NOTE: this does not change the address that the daemon actually listens on, only the address reported to the client. This feature
allows the daemon to operate correctly behind IP-renumbering firewalls. For example:
Clients connecting from the class-A network 10 will be told the passive connection is listening on IP-address 10.0.1.15 while all
others will be told the connection is listening on 192.168.1.5.
Multiple passive addresses may be specified to handle complex, or multi-gatewayed, networks.
Note: This option is not supported on IPv6 enabled systems.
Allows control of the TCP port numbers which may be used for a passive data connection. If the control connection matches the cidr,
a port in the range min to max will be randomly selected for the daemon to listen on. This feature allows firewalls to limit the
ports which remote clients may use to connect into the protected network.
cidr is shorthand for an IP address in dotted-quad notation followed by a slash and the number of left-most bits which represent the
network address (as opposed to the machine address). For example, if you are using the reserved class-A network 10, instead of a
netmask of 255.0.0.0, use a cidr of /8 as in 10.0.0.0/8 to represent your network.
Note: This option is not supported on IPv6 enabled systems.
[ addrglob ... ]
[ addrglob ... ]
Normally, the daemon does not allow a command to specify an address different than that of the control connection. And it does not
allow a connection from another address.
The clause provides a list of addresses which the specified class of user may give on a command. These addresses will be allowed
even if they do not match the IP-address of the client-side of the control connection.
The clause provides a list of addresses which the specified class of user may make data connections from. These addresses will be
allowed even if they do not match the IP-address of the client-side of the control connection.
[ options ... ]
[ options ... ]
[ options ... ]
The and clauses specify the command and the command options used to generate directory listings. Note the options cannot contain
spaces. Typically the command is used to provide directory listings. To change the path for specify it in The defaults for these
clauses are generally correct. For normal users is used. For anonymous users is used. is used for special cases. Use or only if
absolutely necessary.
[ hostname ... ]
Specify the name of a mail server which will accept upload notifications for the FTP daemon. Multiple mail servers may be listed;
the daemon will attempt to deliver the upload notification to each, in order, until one accepts the message. If no mail servers are
specified, localhost is used. This option is only meaningful if anyone is to be notified of anonymous uploads (see below).
Specify email addresses to be notified of anonymous uploads. Multiple addresses can be specified; each will receive a notification.
If none are specified, no notifications are sent.
If addresses are specified for a host, only those addresses will receive notification up anonymous uploads on that host. Otherwise,
notifications will be sent to the global addresses.
The above option must be used in the file only and not in the virtual domain file.
The addresses only apply to real hosts and not virtual hosts. In this way, the real host can receive notifications of uploads on
their default anonymous area. However, with this option set, the virtual hosts will not be notified.
Specify the sender's email address for anonymous upload notifications. Only one address may be specified. If no applies, email is
sent from the default mailbox name To avoid problems if the recipient attempts to reply to a notification, or if downstream mail
problems generate bounces, you should ensure the is deliverable.
The above option must be used in the file only and not in the virtual domain file.
Permission Capabilities
typelist
typelist
typelist
typelist
typelist
Allows or disallows the ability to perform the specified function. By default, all users are allowed.
typelist is a comma-separated list of any of the keywords and When appears, it must be followed by a classname. If any appears, the
typelist restriction applies only to users in that class.
Define the level and enforcement of password checking done by the server for anonymous ftp.
no password checking performed.
password must contain an
password must be an rfc822 compliant address.
warn the user, but allow them to log in.
warn the user, and then log them out.
The e-mail address given as an argument is considered to be invalid. If is set to enforce, anonymous users giving this address as
password cannot log in. This is one way that you can stop users from having web browsers that use fake addresses like IE?0User@ or
mozilla@. By using you are not shutting out users using a web browser for ftp. You just making them configure their browser cor-
rectly. Only one address per line, but you can have as many clauses as you like.
[ disallowed_regexp ... ]
For users in typelist, defines regular expressions that control what a filename can or cannot be. Disallowed regular expressions,
disallowed_regexp, may be specified with multiple regular expressions (see regexp(5)). If a filename is invalid due to failure to
match the regular expression criteria, mesg will be displayed to the user. For example:
specifies that all upload filenames for anonymous users must be made of only the characters period dash and underscore The filenames
may not begin with a period or a dash as specified by ^. and ^- respectively. If the filename is invalid, will be displayed to
the user.
classname ]... [-] root-dir dirglob owner group mode [ d_mode ]
Define a directory with dirglob that permits or denies uploads.
If it does permit uploads, all newly created files will be owned by owner and group and will have the permissions set according to
mode. Existing files which are overwritten will keep their original ownership and permissions.
Directories are matched on a best-match basis.
For example:
These commands would only allow uploads into and Files that were uploaded to would be owned by and would have permissions of File
uploaded to would be owned by and have permissions of Note that the root-dir here must match the home directory specified in the
password database for the user.
The optional and keywords can be specified to allow or disallow the creation of new subdirectories using the command.
Note that if the command is used, directory creation is allowed by default. To turn it off by default, you must specify a user,
group and mode followed by the keyword as the first line where the command is used in this file.
If directories are permitted, the optional d_mode determines the permissions for a newly created directory. If d_mode is omitted,
the permissions are inferred from mode or are if mode is also omitted.
only applies to users who have a home directory (the argument to the of root-dir. root-dir may be specified as to match any home
directory.
The owner and/or group may each be specified as in which case any uploaded files or directories will be created with the ownership
of the directory in which they are created.
The optional first parameter selects whether root-dir names are interpreted as absolute or relative to the current environment. The
default is to interpret root-dir names as absolute.
You can specify any number of restrictions. If any are specified, this upload clause only takes effect if the current user is a
member of one of the classes.
[ class ... ]
root-dir specifies the path for anonymous users. If no is matched, the old method of parsing the home directory for the ftp user is
used. If no class is specified, root-dir is the root directory for anonymous users who do not have any other specification. Multi-
ple classes may be given on the line. If an is chosen for the user, the ftp user's home directory in the file is used to determine
the initial directory, and the ftp user's home directory in the system-wide is not used. For example:
causes all anonymous users to be to the directory Then, if the ftp user exists in their initial is that home directory. Anonymous
users in the class localnet, however, are to the directory and their initial is taken from the ftp user's home directory in
[ uid-range ... ]
root-dir specifies the path for guest users. If is not matched, the old method of parsing the user's home directory is used. If no
uid-range is specified, the root directory is for guest users who do not match any other guest-root specification. Multiple uid
ranges may be given on the line. If a is chosen for the user, the user's home directory in the file is used to determine the ini-
tial directory and their home directory in the system-wide is not used.
uid-range specifies numeric UID values. Ranges are specified by giving the lower and upper bounds (inclusive), separated by a dash.
Omitting the lower bound means "all up to", and omitted the upper bound means "all starting from". For example:
causes all guest users to to then starts each user in their home directory specified in Users in the range 100 through 999, inclu-
sive, and user will be to and the CWD will be taken from their entries in The single user will be to and the CWD will be from his
entry in
Note that order is important for both and If a user would match multiple clauses, only the first applies; with the exception of the
clause which has no class or uid-range, which applies only if no other clause matches.
These clauses allow specification of UID and GID values which will be denied access to the ftp server. The and clauses may be used
to allow access for uid/gid which would otherwise be denied. These checks occur before all others. Deny is checked before allow.
The default is to allow access. Note that in most cases, this can remove the need for an files. For example:
denies ftp access to all privileged or special users and groups on a Linux box except the anonymous ftp user/group. In many cases,
this can eliminate the need for the file. Support for that file still exists so it may be used when changing is not desired.
Throughout the file, at any place that a single UID or GID is allowed, either names or numbers may be used. To use numbers, put a
before it. In places where a range is allowed, put the before the range.
These clauses control whether or not real or guest users will be allowed access to areas on the FTP site outside their home directo-
ries. They are not meant to replace the use of guestgroup and guestuser. Instead, use these to supplement the operation of guests.
The and clauses may be used to allow users outside their home directories who would otherwise be restricted.
An example of the use of these clauses shows their intended use. Assume user has a home directory and has a home directory
While both and are to they cannot access each other's files because they are restricted to their home directories.
Wherever possible, in situations such as this example, try not to rely solely upon the ftp restrictions. As with all other ftp
access rules, try to use directory and file permissions to backstop the operation of the configuration.
[ class ... ]
The SITE EXEC feature traditionally limits the number of lines of output which may be sent to the remote client. This clause allows
you to set this limit. If omitted, the limit is 20 lines. A limit of 0 (zero) implies no limit. Be very careful if you choose to
remove the limit. If a clause is found matching the remote user's class, that limit is used. Otherwise, the clause with class or
no class given, is used. For example:
The above examples limit output from SITE EXEC (and therefore SITE INDEX) to lines for users, specifies there is no limit at all for
users, and sets a limit of lines for all other users.
Refuse FTP sessions when the forward and reverse lookups for the remote site do not match. Display the named file, filename (like a
message file), admonishing the user. If the optional is specified, allow the connection after complaining.
Refuse FTP sessions when there is no reverse DNS entry for the remote site. Display the named file, filename (like a message file),
admonishing the user. If the optional is specified, allow the connection after complaining.
[ options ]
allows you to tweak name server options. The line takes a series of flags as documented in resolver(3N) (with the leading RES_
removed). Each can be preceded by an optional or For example,
turns on the option (only accept authoritative answers) and turns off the option (search the domain path).
NOTE: For any clause that involves make sure that you copy the libraries and to the directory of the current environment.
FILES
AUTHOR
was developed by the Washington University, St. Louis, Missouri.
SEE ALSO
ftpshut(1), groups(1), passwd(1), ftpd(1M), chroot(2), umask(2), resolver(3N), ftpconversions(4), ftpgroups(4).
ftpaccess(4)