OpenSolaris 2009.06 - man page for ftpaccess (opensolaris section 4)

Linux & Unix Commands - Search Man Pages

Man Page or Keyword Search:   man
Select Man Page Set:       apropos Keyword Search (sections above)


ftpaccess(4)				   File Formats 			     ftpaccess(4)

NAME
       ftpaccess - FTP Server configuration file

SYNOPSIS
       /etc/ftpd/ftpaccess

DESCRIPTION
       The ftpaccess file is used to configure the operation of the FTP Server.

   Access Capabilities
       The following access capabilities are supported:

       autogroup groupname class class...

	   If  an anonymous user is a member of any of class, the FTP Server will perform a sete-
	   gid(2) to groupname. This allows access to group and owner read-only files and  direc-
	   tories  to  a particular class of anonymous users. groupname is a valid group returned
	   by getgrnam(3C).

       class class typelist addrglobaddrglob...

	   Define class of users, with source addresses of the form addrglob. Multiple members of
	   class  may be defined. There may be multiple class commands listing additional members
	   of the class. If multiple class commands can apply to the current session,  the  first
	   one	listed	in  the  access file is used. If a valid class for a host is not defined,
	   access will be denied. typelist is a comma-separated  list  of  any	of  the  keywords
	   anonymous, guest, and real. If the real keyword is included, the class can match users
	   using FTP to access real accounts. If the anonymous keyword is included the class  can
	   match users using anonymous FTP. The guest keyword matches guest access accounts.

	   addrglob  may  be a globbed domain name or a globbed numeric IPv4 address. It may also
	   be the name of a file, starting with a slash ('/'), which contains additional  address
	   globs.  IPv4  numeric  addresses  may also be specified in the form address:netmask or
	   address/CIDR. IPv6 numeric addresses can only be specified with an optional CIDR,  not
	   using globs or netmasks.

	   Placing an exclamation (!) before an addrglob negates the test. For example,

	     class rmtuser real !*.example.com

	   will classify real users from outside the example.com domain as the class rmtuser. Use
	   care with this option. Remember, the result of each test is OR'ed with other tests  on
	   the line.

       deny addrglob [message_file]

	   Deny  access  to host(s) that match addrglob and display message_file. If the value of
	   addrglob is !nameserved access to sites without a working nameservers is denied.  mes-
	   sage_file may contain magic cookies. See message for more details.

       guestgroup groupname groupname...
       guestuser username username...
       realgroup groupname groupname...
       realuser username username...

	   For	guestgroup,  if  a  real user is a member of any groupname, the session is set up
	   like anonymous FTP. groupname is a valid group returned by  getgrnam(3C).  The  user's
	   home  directory  must  be set up exactly as anonymous FTP would be. The home directory
	   field of the passwd entry is divided into two directories. The first field is the root
	   directory  that  will  be  the argument to the chroot(2) call. The second field is the
	   user's home directory, relative to the root directory. Use a "/./" to separate the two
	   fields. For example, the following is the real entry in /etc/passwd:

	     guest1:x:100:92:Guest FTP:/export/home/guests/./guest1:/bin/true

	   When  guest1 successfully logs in, the FTP Server will chroot() to /export/home/guests
	   and then chdir(2) to /guest1. The guest user will only be able to access the directory
	   structure  under  /export/home/guests, which will look and act as / to guest1, just as
	   an anonymous FTP user would. The d option to ftpconfig(1M)  is  useful  when  creating
	   guest FTP user accounts. The group name may be specified by either name or numeric ID.
	   To use a numeric group ID, place a percent sign (%) before the number.  You	can  give
	   ranges.  Use  an  asterisk  to  indicate  all groups. guestuser works like guestgroup,
	   except that it uses the user name or numeric ID. realuser and realgroup have the  same
	   syntax,  but they reverse the effect of guestuser and guestgroup. They allow real user
	   access when the remote user would otherwise be determined a guest.

	     guestuser *
	     realgroup admin

	   causes all non-anonymous users to be treated as guest,  with  the  sole  exception  of
	   users in the admin group, who are granted real user access.

       nice nice-delta class

	   Adjust  the	process  nice value of the FTP server process by the indicated nice-delta
	   value if the remote user is a member of the named class. If class  is  not  specified,
	   then  use  nice-delta  as the default adjustment to the FTP server process nice value.
	   This default nice value adjustment is used to adjust the  nice  value  of  the  server
	   process only for those users who do not belong to any class for which a class-specific
	   nice directive exists in the ftpaccess file.

       defumask umask class

	   Set the umask applied to files created by the FTP server if the remote user is a  mem-
	   ber	of  the named class. If class is not specified, then use the umask as the default
	   for classes that do not have one specified.. The mode of files created may  be  speci-
	   fied by using the upload directive.

       tcpwindow size class

	   Set the TCP window size (socket buffer size) for the data connection. Use this to con-
	   trol network traffic. For instance, slow PPP dialin links may need smaller TCP windows
	   to speed up throughput. If you do not know what this does, do not set it.

       ipcos control|data value [typelist]

	   Set the IP Class of Service for either the control or data connection.

	   For connections using AF_INET type sockets, this sets the Type of Service field in the
	   IP header to the value specified.

	   For connections using AF_INET6 type sockets, this sets the Traffic Class field in  the
	   IP header to the value specified.

	   When  configured  through inetd.conf(4), the socket type is controlled by the protocol
	   field of the ftp service. When running in standalone mode the default socket  type  is
	   AF_INET6. The in.ftpd(1M) 4 option selects AF_INET.

	   typelist  is a comma-separated list of any of the keywords anonymous, guest, real, and
	   class=. When class= appears, it must be followed by a class name.

       keepalive yes|no

	   Set the TCP SO_KEEPALIVE option for control and data sockets. This can be used to con-
	   trol network disconnect. If yes, then set it. If no, then use the system default (usu-
	   ally off). You probably want to set this.

       timeout accept seconds
       timeout connect seconds
       timeout data seconds
       timeout idle seconds
       timeout maxidle seconds
       timeout RFC931 seconds

	   Set various timeout conditions.

	   accept     How long the FTP Server will wait for an incoming (PASV)	data  connection.
		      The default is 120 seconds.

	   connect    How  long  the  FTP  Server  will  wait attempting to establish an outgoing
		      (PORT) data connection. This effects the	actual	connection  attempt.  The
		      daemon makes several attempts, sleeping between each attempt, before giving
		      up. The default is 120 seconds.

	   data       How long the FTP Server will wait for some activity on the data connection.
		      You  should  keep this long because the remote client may have a slow link,
		      and there can be quite a bit of data queued for the client. The default  is
		      1200 seconds.

	   idle       How  long the FTP Server will wait for the next command. The default is 900
		      seconds. The default can also be overridden by using the t  option  at  the
		      command-line. This access clause overrides both.

	   maxidle    The  SITE IDLE command allows the remote client to establish a higher value
		      for the idle timeout. The maxidle clause sets  the  upper  limit	that  the
		      client  may  request.  The  default  can	also be overridden by using the T
		      option at the command-line. This access clause overrides both. The  default
		      is 7200 seconds.

	   RFC931     The  maximum  time the FTP server allows for the entire RFC931 (AUTH/ident)
		      conversation. Setting this to zero(0) disables the server's  use  of  this
		      protocol.  The  information  obtained by means of RFC931 is recorded in the
		      system logs and is not actually used in any authentication. The default  is
		      10 seconds.

       file-limit raw in|out|total count class

	   Limit  the  number of data files a user in the given class may transfer. The limit may
	   be placed on files in, out, or total. If no class  is  specified,  the  limit  is  the
	   default  for  classes  which do not have a limit specified. The optional parameter raw
	   applies the limit to the total traffic rather than just data files.

       data-limit [raw] in|out|total count [class]

	   Limit the number of data bytes a user in the given class may transfer. The  limit  may
	   be  placed  on  bytes  in,  out,  or total. If no class is specified, the limit is the
	   default for classes which do not have a limit specified. Note that once  it	has  been
	   exceeded,  this  limit will prevent transfers, but it will not terminate a transfer in
	   progress. The optional parameter raw applies the limit to total  traffic  rather  than
	   just data files.

       limit-time *|anonymous|guest minutes

	   Limit the total time a session can take. By default, there is no limit. Real users are
	   never limited.

       guestserver [hostname...]

	   Control which hosts may be used for anonymous access. If used  without  hostname,  all
	   anonymous  access  is  denied  to  this site. More than one hostname may be specified.
	   Anonymous access will only be allowed on the named machines. If access is denied,  the
	   user will be asked to use the first hostname listed.

       limit class n times [message_file]

	   Limit  class  to n users at times times, displaying message_file if the user is denied
	   access. A limit check is performed at login time only. If multiple limit commands  can
	   apply  to  the  current session, the first applicable one is used. Failing to define a
	   valid limit, or a limit of -1, is equivalent to no limits. The format of times is:

	     day[day...][time-range][|day[day...][time-range]]...

	   The value of day can be Su, Mo, Tu, We, Th, Fr, Sa, Wk (for any weekday Monday through
	   Friday), or Any. time-range is in 24-hour clock notation. If a time range is not spec-
	   ified, any time of the day is matched. Multiple day and time-range may be specified by
	   the	"|" symbol. For example, Wk1730-0900|Sa|Su specifies 5:30 p.m. to 9:00 a.m., Mon-
	   day through Friday, and anytime on weekends. message_file may contain  magic  cookies.
	   See message for more details.

       noretrieve [absolute|relative]
       [class=classname...][-] filename [filename...]

	   Always  deny  retrievability  of  these  files.  If filename specifies a pathname that
	   begins with '/' character, then only those files are marked no retrieve. Otherwise all
	   files   that  match	the  filename  are  refused  transfer.	For  example,  noretrieve
	   /etc/passwd core  specifies no one will be able to retrieve the /etc/passwd file.  You
	   will be allowed to transfer any file named passwd that is not in /etc.

	   On  the  other  hand,  no one will be able to get files named core, wherever they are.
	   Directory specifications mark all files and	subdirectories	in  the  named	directory
	   unretrievable. The filename may be specified as a file glob. For example,

	     noretrieve /etc /home/*/.htaccess

	   specifies  that  no files in /etc or any of its subdirectories may be retrieved. Also,
	   no files named .htaccess anywhere under the /home  directory  may  be  retrieved.  The
	   optional first parameter selects whether names are interpreted as absolute or relative
	   to the current chroot'd environment. The default is to interpret names beginning  with
	   a slash as absolute. The noretrieve restrictions may be placed upon members of partic-
	   ular classes. If any class= is specified, the named files cannot be retrieved only  if
	   the current user is a member of one of the given classes.

       allow-retrieve [absolute|relative]
       [class=classname...][-] filename [filename...]

	   Allows retrieval of files which would otherwise be denied by noretrieve.

       loginfails number

	   After number login failures, log a "repeated login failures" message and terminate the
	   FTP connection. The default value for number is 5.

       private yes | no

	   Allow or deny use of the SITE GROUP and SITE GPASS commands after the  user	logs  in.
	   The SITE GROUP and SITE GPASS commands specify an enhanced access group and associated
	   password. If the group name and password are valid, the user becomes a member  of  the
	   group  specified  in the group access file /etc/ftpd/ftpgroups by means of setegid(2).
	   See ftpgroups(4) for the format of the file. For this option to work for anonymous FTP
	   users, the  FTP Server must keep /etc/group permanently open and load the group access
	   file into memory. This means that the FTP Server now has an additional file descriptor
	   open,  and  the necessary passwords and access privileges granted to users by means of
	   SITE GROUP will be static for the duration of an FTP session. If you  have  an  urgent
	   need to change the access groups or passwords now, you have to kill all of the running
	   FTP Servers.

   Informational Capabilities
       The following informational capabilities are supported:

       greeting full|brief|terse
       greeting text message

	   The greeting command allows you to control how much information is  given  out  before
	   the remote user logs in. greeting full, which is the default greeting, shows the host-
	   name and daemon version. greeting brief shows the  hostname.   greeting  terse  simply
	   says "FTP Server ready." Although full is the default, brief is suggested.

	   The	text  form allows you to specify any greeting message. message can be any string.
	   Whitespace (spaces and tabs) is converted to a single space.

       banner path

	   The banner command operates similarly to the message command, except that  the  banner
	   is  displayed  before  the  user enters the username. The path is relative to the real
	   system root, not to the base of the anonymous FTP directory.

	   Use of the banner command can completely prevent non-compliant FTP clients from making
	   use	of  the FTP Server. Not all clients can handle multi-line responses, which is how
	   the banner is displayed.

       email name

	   Use this command to define the email address for the FTP  Server  administrator.  This
	   string will be printed every time the %E magic cookie is used in message files.

       hostname some.host.name

	   Defines  the  default  host name of the FTP Server. This string will be printed on the
	   greeting message and every time the %L magic cookie is used. The host name for virtual
	   servers  overrides this value. If no host name is specified, the default host name for
	   the local machine is used.

       message path [when [class...]]

	   Define a file with path such that the FTP Server will display the contents of the file
	   to the user at login time or upon using the change working directory command. The when
	   parameter may be LOGIN or CWD=dirglob. If whenis CWD=dirglob,  dirglob  specifies  the
	   new default directory that will trigger the notification. A dirglob of "*" matches all
	   directories.

	   The optional class specification allows the message to be displayed only to members of
	   a particular class. More than one class may be specified.

	   "Magic cookies" can be present in path that cause the FTP Server to replace the cookie
	   with a specified text string:

	   %T	 Local time. For example, Thu Nov 15 17:12:42 1990.

	   %F	 Free space in partition of CWD, in Kbytes.

	   %C	 Current working directory.

	   %E	 The email address for the FTP Server administrator.

	   %R	 Remote host name.

	   %L	 Local host name.

	   %U	 Username given at login time.

	   %u	 Username as defined by means of RFC 931 authentication.

	   %M	 Maximum allowed number of users in this class.

	   %N	 Current number of users in this class.

	   The following quota magic cookies are also supported  but  not  always  set	(see  the
	   quota-info capability):

	   %B	 absolute limit on disk blocks allocated

	   %b	 preferred limit on disk blocks

	   %Q	 current block count

	   %I	 maximum number of allocated inodes (+1)

	   %i	 preferred inode limit

	   %q	 current number of allocated inodes

	   %H	 time limit for excessive disk use

	   %h	 time limit for excessive files

	   The message is displayed only once to avoid annoying the user. Remember that when mes-
	   sages are triggered by an anonymous or guest FTP user, they must be	relative  to  the
	   base of the anonymous or guest FTP directory tree.

       quota-info uid-range [uid-range...]

	   Enable  retrieval  of  quota  information  for users matching uid-range. This sets the
	   quota magic cookies. Retrieving quota information might cause a significant delay when
	   logging into the server.

	   uid-range  can  be  a  username,  single  UID, or a UID range. Place a percent sign(%)
	   before a number. An asterisk means "all users."

       readme pathglob [when [class...]]

	   Define a file with pathglob such that the FTP Server will notify  the  user	at  login
	   time  or  upon using the change working directory command that the file exists and the
	   date that it was modified. The when parameter may be LOGIN or CWD=dirglob. If when  is
	   CWD=dirglob, dirglob specifies the new default directory that will trigger the notifi-
	   cation. A dirglob of "*" matches all directories. The message will only  be	displayed
	   once, to avoid bothering users. Remember that when README messages are triggered by an
	   anonymous or guest FTP user, the pathglob must be relative to the base of  the  anony-
	   mous or guest FTP directory tree.

	   The optional class specification allows the message to be displayed only to members of
	   a particular class. You can specify more than one class.

   Logging Capabilities
       The following logging capabilities are supported:

       log commands typelist

	   Enables logging of the individual FTP commands sent by users. typelist is a comma-sep-
	   arated  list of any of the keywords anonymous, guest, and real. Command logging infor-
	   mation is written to the system log.

       log transfers typelist directions

	   Log file transfers made by FTP users to  the  xferlog(4)  file.  Logging  of  incoming
	   transfers  to  the  server  can be enabled separately from outbound transfers from the
	   server. directions is a comma-separated list of any of the two  keywords  inbound  and
	   outbound,  and  will  respectively  cause transfers to be logged for files sent to and
	   from the server.

       log security typelist

	   Enables logging of violations of security rules to the system log, including for exam-
	   ple, noretrieve and .notar.

       log syslog
       log syslog+xferlog

	   Redirect  the  logging messages for incoming and outgoing transfers to syslog. Without
	   this option the messages are written to xferlog. When you specify syslog+xferlog,  the
	   transfer log messages are sent to both the system log file and the xferlog file.

       xferlog format formatstring

	   Customize  the  format  of  the  transfer  log  entry written. formatstring can be any
	   string, which might include magic cookies. Strings of whitespace characters	are  con-
	   verted into a single space.

	   The	following transfer-specific magic cookies are recognized only immediately after a
	   transfer has been completed:

	   %Xt	  transfer-time

	   %Xn	  bytes-transferred

	   %XP	  filename

	   %Xp	  chroot-filename

	   %Xy	  transfer-type

	   %Xf	  special-action-flag

	   %Xd	  direction

	   %Xm	  access-mode

	   %Xa	  authentication-method

	   %Xc	  completion-status

	   %Xs	  file-size

	   %Xr	  restart-offset

	   xferlog(4) includes a description of these fields.  If  no  xferlog	format	entry  is
	   present, the default is:

	     xferlog format %T %Xt %R %Xn %XP %Xy %Xf %Xd %Xm %U ftp %Xa %u %Xc

   Miscellaneous Capabilities
       The following miscellaneous capabilities are supported:

       alias string dir

	   Define an alias,  string, for a directory. Use this command to add the concept of log-
	   ical directories. For example: alias rfc: /pub/doc/rfc would allow the user to  access
	   /pub/doc/rfc from any directory by the command "cd rfc:". Aliases only apply to the cd
	   command.

       cdpath dir

	   Define an entry in the cdpath. This command defines a search path that  is  used  when
	   changing directories. For example:

	     cdpath /pub/packages
	     cdpath /.aliases

	   would  allow  the user to move into any directory directly under either the /pub/pack-
	   ages or the /.aliases directories. The search path is defined by the  order	in  which
	   the	lines  appear in the ftpaccess file. If the user were to give the command ftp> cd
	   foo the directory will be searched for in the following order:

	       o      ./foo

	       o      an alias called foo

	       o      /pub/packages/foo

	       o      /.aliases/foo
	   The cdpath is only available with the cd command.  If  you  have  a	large  number  of
	   aliases,  you might want to set up an aliases directory with links to all of the areas
	   you wish to make available to users.

       compress yes|no classglob [classglob...]
       tar yes|no classglob [classglob...]

	   Enable the use of conversions marked with  the  O_COMPRESS,	O_UNCOMPRESS,  and  O_TAR
	   options in /etc/ftpd/ftpconversions. See ftpconversions(4).

       shutdown path

	   If the file pointed to by path exists, the server will check the file regularly to see
	   if the server is going to be shut down. If a shutdown is planned, the  user	is  noti-
	   fied.  New connections are denied after a specified time before shutdown. Current con-
	   nections are dropped at a specified time before shutdown.

	   The format of the file specified by path is:

	     year month day hour minute deny_offset disc_offset text

	   year 	  A value of 1970 or greater.

	   month	  A value of 0 to 11.

	   day		  A value of 1 to 31.

	   hour 	  A value of 0 to 23.

	   minute	  A value of 0 to 59.

	   deny_offset	  The offsets in HHMM format that new  connections  will  be  denied  and
	   disc_offset	  existing connections will be disconnected before the shutdown time.

	   text 	  Follows  the	normal	rules  for  any message. The following additional
			  magic cookies are available:

			  %s	The time at which the system is going to shut down.

			  %r	The time at which new connections will be denied.

			  %d	The time at which current connections will be dropped.

	   All times are in the form: ddd MMM DD hh:mm:ss YYYY. Only one shutdown command can  be
	   present  in	the  configuration  file. You can use the external program ftpshut(1M) to
	   automate generation of this file.

       daemonaddress address

	   Listen only on the IP address specified. If the value is not set, then the FTP  Server
	   will listen for connections on every IP address. This applies only when the FTP Server
	   is run in standalone mode.

       virtual address root|banner|logfile path

	   Enable the FTP Server limited virtual hosting capabilities.	The  address  is  the  IP
	   address  of	the virtual server. The second argument specifies that the path is either
	   the path to the root of the filesystem for this virtual server, the	banner	presented
	   to the user when connecting to this virtual server, or the logfile where transfers are
	   recorded for this virtual server. If the logfile is not specified the default log file
	   will be used. All other message files and permissions as well as any other settings in
	   this file apply to all virtual servers. The address may also be specified as  a  host-
	   name  rather  than  as an IP number. This is strongly discouraged since, if DNS is not
	   available at the time the FTP session begins, the hostname will not be matched.

       root|logfile path

	   In contrast to limited virtual hosting, complete virtual hosting allows separate  con-
	   figuration  files  to  be virtual host specific. See ftpservers(4). The only additions
	   that are necessary in a virtual host's ftpaccess  file  is  the  root  directive  that
	   ensures  the correct root directory is used for the virtual host. This only works with
	   complete virtual hosting, which in contrast to limited virtual hosting,  allows  sepa-
	   rate configuration files to be specified for each virtual host.

	   path is either the root of the filesystem for this virtual server or the logfile where
	   transfers for this virtual server are recorded. root and logfile may only be specified
	   when not preceded by virtual address in a virtual hosts's ftpaccess file.

       virtual address hostname|email string

	   Set	the  hostname  shown  in  the  greeting  message and status command, or the email
	   address used in message files and on the HELP command, to the given string.

       virtual address allow username [username...]
       virtual address deny username [username...]

	   By default, real and guest users are not allowed to log  in	on  the  virtual  server,
	   unless  they are guests that are chroot'd to the virtual root. The users listed on the
	   virtual allow line(s) are granted access. You can grant access to all users by  giving
	   '*'	as  the  username. The virtual deny clauses are processed after the virtual allow
	   clauses. Thus specific users can be denied access although all users were  allowed  in
	   an earlier clause.

       virtual address private

	   Deny  log in access to anonymous users on the virtual server. Anonymous users are gen-
	   erally allowed to log in on the virtual server if this option is not specified.

       virtual address passwd file

	   Use a different passwd file for the virtual host.

       virtual address shadow file

	   Use a different shadow file for the virtual host.

       defaultserver deny username [username...]
       defaultserver allow username [username...]

	   By default, all users are allowed access to the non-virtual FTP Server.  Use  default-
	   server  deny  to  revoke access for specific real and guest users. Specify '*' to deny
	   access to all users, except anonymous users. Specific real and guest users can then be
	   allowed access by using defaultserver allow.

       defaultserver private

	   By  default,  all users are allowed access to the non-virtual FTP Server. Use default-
	   server private to revoke access for anonymous users.

	   The virtual and defaultserver allow, deny and private clauses provide a means to  con-
	   trol which users are allowed access to which FTP Servers.

       passive address externalip cidr

	   Allow  control of the address reported in response to a passive command. When any con-
	   trol connection matching cidr requests a passive data connection  (PASV),  the  exter-
	   nalip  address  is reported. This does not change the address that the daemon actually
	   listens on, only the address reported to the client. This feature allows the daemon to
	   operate correctly behind IP renumbering firewalls. For example:

	     passive address 10.0.1.15	 10.0.0.0/8
	     passive address 192.168.1.5 0.0.0.0/0

	   Clients  connecting from the class-A network 10 will be told the passive connection is
	   listening on IP address 10.0.1.15 while all others will be told the connection is lis-
	   tening  on 192.168.1.5. Multiple passive addresses may be specified to handle complex,
	   or multi-gatewayed, networks.

       passive ports cidr min max

	   Allows control of the TCP port numbers which may be used for a  passive  data  connec-
	   tion.  If the control connection matches the cidr, a port in the range min to max will
	   be randomly selected for the daemon to listen on. This  feature  allows  firewalls  to
	   limit the ports that remote clients may use to connect into the protected network.

	   cidr  is  shorthand	for an IP address followed by a slash and the number of left-most
	   bits that represent the network address, as opposed to the machine address. For  exam-
	   ple,  if  you  are  using  the  reserved  class-A  network 10, instead of a netmask of
	   255.0.0.0, use a CIDR of /8, as in 10.0.0.0/8, to represent your network.

	   When min and max are both 0, the kernel rather than the FTP	server	selects  the  TCP
	   port  to listen on. Kernel port selection is usually not desirable if the kernel allo-
	   cates TCP ports sequentially. If in doubt, let the FTP server do the port selection.

       pasv-allow class [addrglob...]
       port-allow class [addrglob...]

	   Normally, the FTP Server does not allow a PORT command to specify an address different
	   than  that of the control connection. Nor does it allow a PASV connection from another
	   address.

	   The port-allow clause provides a list of addresses that the specified  class  of  user
	   may	give on a PORT command. These addresses will be allowed even if they do not match
	   the IP address of the client-side of the control connection.

	   The pasv-allow clause provides a list of addresses that the specified  class  of  user
	   may	make  data  connections from. These addresses will be allowed even if they do not
	   match the IP address of the client-side of the control connection.

       lslong command [options...]
       lsshort command [options...]
       lsplain command [options...]

	   Use the lslong, lsshort, and lsplain clauses to specify the commands  and  options  to
	   use to generate directory listings. The options cannot contain spaces, and the default
	   values for these clauses are generally correct. Use lslong, lsshort, or  lsplain  only
	   if absolutely necessary.

       mailserver hostname

	   Specify  the  name  of a mail server that will accept upload notifications for the FTP
	   Server. Multiple mail servers may be listed. The FTP Server will  attempt  to  deliver
	   the	upload	notification to each, in order, until one accepts the message. If no mail
	   servers are specified, localhost is used. This option is only meaningful if anyone  is
	   to be notified of anonymous uploads. See incmail.

       incmail emailaddress
       virtual address incmail emailaddress
       defaultserver incmail emailaddress

	   Specify email addresses to be notified of anonymous uploads. Multiple addresses can be
	   specified. Each will receive a notification. If no addresses are specified, no notifi-
	   cations are sent.

	   If addresses are specified for a virtual host, only those addresses will be sent noti-
	   fication of anonymous uploads on that host. Otherwise, notifications will be  sent  to
	   the global addresses.

	   defaultserver  addresses  only apply when the FTP session is not using one of the vir-
	   tual hosts. In this way, you can receive  notifications  for  your  default	anonymous
	   area,  but not see notifications to virtual hosts that do not have their own notifica-
	   tions.

       mailfrom emailaddress
       virtual address mailfrom emailaddress
       defaultserver mailfrom emailaddress

	   Specify the sender's email  address	for  anonymous	upload	notifications.	Only  one
	   address may be specified. If no mailfrom applies, email is sent from the default mail-
	   box name wu-ftpd. To avoid problems if the recipient attempts to reply to a	notifica-
	   tion,  or if downstream mail problems generate bounces, you should ensure the mailfrom
	   address is deliverable.

       sendbuf size [typelist]
       recvbuf size [typelist]

	   Set the send or receive buffer sizes used for binary transfers. They have no effect on
	   ASCII transfers.

       rhostlookup yes|no [addrglob ...]

	   Allows  or  disallows  the lookup of the remote host's name. Name lookups can be slow,
	   but skipping them means that places where an addrglob is matched (for example, in  the
	   class capability) will match only an IP address, not a name. Also deny !nameserved and
	   dns refuse_no_reverse or refuse_mismatch will deny access when a name  lookup  is  not
	   done. The default is to lookup the remote host's name.

	   Only IP addresses, not names, are matched in addrglob.

       flush-wait yes|no [typelist]

	   Controls  the behavior at the end of a download or directory listing. If yes, shutdown
	   the data connection for sending and wait for the client to close its end before  send-
	   ing a transfer complete reply on the control connection. This is the default behavior.
	   If no, close the data connection and send the transfer complete reply without  waiting
	   for the client. With this behavior, data loss can go undetected.

	   If a client hangs at the end of a directory listing, or the system has many sockets in
	   the FIN_WAIT_2 state, try setting to no as a workaround for broken client behavior.

   Permission Capabilities
       The following permission capabilities are supported:

       chmod yes|no typelist
       delete yes|no typelist
       overwrite yes|no typelist
       rename yes|no typelist
       umask yes|no typelist

	   Allows or disallows the ability to perform the specified  function.	By  default,  all
	   real  and  guest  users  are  allowed.  Anonymous users are only allowed overwrite and
	   umask.

	   typelist is a comma-separated list of any of the keywords anonymous, guest,	real  and
	   class=.  When  class=  appears,  it	must  be  followed  by a classname. If any class=
	   appears, the typelist restriction applies only to users in that class.

       passwd-check none|trivial|rfc822 [enforce|warn]

	   Define the level and enforcement of password checking  done	by  the  FTP  Server  for
	   anonymous FTP.

	   none       No password checking is performed.

	   trivial    The password must contain an '@'.

	   rfc822     The password must be RFC 822 compliant.

	   warn       Warn, but permit the login.

	   enforce    Notify and deny the login.

       deny-email case-insensitive-emailaddress

	   Consider  the email address given as an argument as invalid. If passwd-check is set to
	   enforce, anonymous users giving this address as a password cannot log  in.  That  way,
	   you	can  stop users from having stupid WWW browsers use fake addresses like IE?0User@
	   or mozilla@. (by using this, you are not shutting out users using a	WWW  browser  for
	   ftp	-  you	just  make  them  configure their browser correctly.) Only one address is
	   allowed per line, but you can have as many deny-email addresses as you like.

       path-filter typelist message allowed_regexp
       [disallowed_regexp...]

	   For users in typelist, path-filter defines regular expressions that control what char-
	   acters can be used in the filename of an uploaded file or created directory. There may
	   be multiple disallowed regular expressions. If a filename is invalid due to failure to
	   match  the  regular	expression  criteria,  message will be displayed to the user. For
	   example:

	     path-filter anonymous /etc/pathmsg ^[-A-Za-z0-9._]*$ ^. ^-

	   specifies that all upload filenames for anonymous users must be made of only the char-
	   acters A-Z, a-z, 0-9, and "._-" and may not begin with a "." or a "-". If the filename
	   is invalid, /etc/pathmsg will be displayed to the user.

       upload [absolute|relative] [class=classname]... [-]
       root-dir dirglob yes|no owner group mode
       [dirs|nodirs] [d_mode]

	   Define a directory with dirglob that permits or denies  uploads.  If  it  does  permit
	   uploads,  all newly created files will be owned by owner and group and will have their
	   permissions set according to mode. Existing files that  are	overwritten  will  retain
	   their  original  ownership  and  permissions.  Directories are matched on a best-match
	   basis. For example:

	     upload /var/ftp  *  no
	     upload /var/ftp /incoming yes ftp daemon 0666
	     upload /var/ftp /incoming/gifs yes jlc guest 0600 nodirs

	   would only allow uploads into /incoming and /incoming/gifs. Files that  were  uploaded
	   to  /incoming  are owned by ftp/daemon and have permissions of 0666. Files uploaded to
	   /incoming/gifs are owned by jlc/guest and  have  permissions  of  0600.  The  optional
	   "dirs" and "nodirs" keywords can be specified to allow or disallow the creation of new
	   subdirectories using the mkdir command. If the upload command is used, directory  cre-
	   ation is allowed by default. To turn it off by default, you must specify a user, group
	   and mode followed by the "nodirs" keyword as the first line where the  upload  command
	   is used in this file. If directories are permitted, the optional d_mode determines the
	   permissions for a newly created directory. If d_mode is omitted, the  permissions  are
	   inferred  from mode. The permissions are 0777 if mode is also omitted. The upload key-
	   word only applies to users who have a home directory  of  root-dir.	root-dir  may  be
	   specified as "*" to match any home directory. The owner or group may each be specified
	   as "*", in which case any uploaded files or directories will be created with the  own-
	   ership  of  the  directory  in  which  they	are created. The optional first parameter
	   selects whether root-dir names are interpreted as absolute or relative to the  current
	   chroot'd  environment.  The	default is to interpret <root-dir> names as absolute. You
	   can specify any number of class=classname restrictions. If  any  are  specified,  this
	   upload clause only takes effect if the current user is a member of one of the classes.

	   In  the  absence  of any matching upload clause, real and guest users can upload files
	   and make directories, but anonymous users cannot. The mode of uploaded files is  0666.
	   For	created  directories,  the  mode  is 0777. Both modes are modified by the current
	   umask setting.

       throughput root-dir subdir-glob file-glob-list
       bytes-per-second bytes-per-second-multiply remote-glob-list

	   Define files by means of a comma-separated file-glob-list in subdir matched by subdir-
	   glob  under	root-dir  that have restricted transfer throughput of bytes-per-second on
	   download when the remote hostname or remote IP  address  matches  the  comma-separated
	   remote-glob-list. Entries are matched on a best-match basis. For example:

	     throughput /e/ftp *    *	   oo	-   *
	     throughput /e/ftp /sw* *	   1024 0.5 *
	     throughput /e/ftp /sw* README oo	-   *
	     throughput /e/ftp /sw* *	   oo	-   *.foo.com

	   would set maximum throughput per default, but restrict download to 1024 bytes per sec-
	   ond for any files under /e/ftp/sw/ that are not named README. The only exceptions  are
	   remote hosts from within the domain foo.com which always get maximum throughput. Every
	   time a remote client has retrieved a file under /e/ftp/sw/ the bytes  per  seconds  of
	   the	matched  entry	line  are  internally  multiplied by a factor, here 0.5. When the
	   remote client retrieves its second file, it is served with 512 bytes per  second,  the
	   third  time	with  only  256 bytes per second, the fourth time with only 128 bytes per
	   second, and so on. The string "oo" for the bytes per second field means no  throughput
	   restriction.  A  multiply factor of 1.0 or "-" means no change of the throughput after
	   every successful transfer. The root-dir here must match the home  directory	specified
	   in  the  password  database	. The throughput keyword only applies to users who have a
	   home directory of root-dir.

       anonymous-root root-dir [class...]

	   root-dir specifies the chroot() path for anonymous  users.  If  no  anonymous-root  is
	   matched,  the old method of parsing the home directory for the FTP user is used. If no
	   class is specified, this is the root directory for anonymous users who  do  not  match
	   any	other  anonymous-root  specification.  Multiple  classes may be specified on this
	   line. If an anonymous-root is chosen for the user, the FTP user's  home  directory  in
	   the	root-dir/etc/passwd  file  is used to determine the initial directory and the FTP
	   user's home directory in the system-wide /etc/passwd is not used. For example:

	     anonymous-root /home/ftp
	     anonymous-root /home/localftp localnet

	   causes all anonymous users to be chroot'd to the directory /home/ftp. If the FTP  user
	   exists  in  /home/ftp/etc/passwd,  their initial CWD is that home directory. Anonymous
	   users in the class localnet, however, are chroot'd to the directory /home/localftp and
	   their   initial   CWD   is	taken	from   the   FTP   user's   home   directory   in
	   /home/localftp/etc/passwd.

       guest-root root-dir [uid-range...]

	   root-dir specifies the chroot() path for guest users. If no guest-root is matched, the
	   old method of parsing the user's home directory is used. If no uid-range is specified,
	   this is the root directory for guestusers who do not match any other guest-root speci-
	   fication. Multiple UID ranges may be given on this line. If a guest-root is chosen for
	   the user, the user's home directory in the root-dir/etc/passwd file is used to  deter-
	   mine  the  initial  directory and the home directory in the system-wide /etc/passwd is
	   not used. uid-range specifies names or numeric UID values. To use numbers, put a  per-
	   cent sign (%) symbol before it or before the range. Ranges are specified by giving the
	   lower and upper bounds (inclusive), separated by a dash. If the lower bound	is  omit-
	   ted,  it  means  all up to. If the upper bound is omitted, it means all starting from.
	   For example:

	     guest-root /home/users
	     guest-root /home/staff %100-999 sally
	     guest-root /home/users/owner/ftp frank

	   causes all guest users to chroot() to /home/users then starts each user in the  user's
	   home  directory, as specifiedin /home/users/etc/passwd. Users in the range 100 through
	   999, inclusive, and user sally, will be chroot'd to /home/staff and the  CWD  will  be
	   taken  from	their  entries	in  /home/staff/etc/passwd. The single user frank will be
	   chroot'd  to  /home/users/owner/ftp	and  the  CWD  will  be   from	 his   entry   in
	   /home/users/owner/ftp/etc/passwd.

	   The	order  is important for both anonymous-root and guest-root. If a user would match
	   multiple clauses, only the first applies; with the exception of the clause  which  has
	   no class or uid-range, which applies only if no other clause matches.

       deny-uid uid-range [uid-range...]
       deny-gid gid-range [gid-range...]
       allow-uid uid-range  [uid-range...]
       allow-gid gid-range [gid-range...]

	   Use	these clauses to specify UID and GID values that will be denied access to the FTP
	   Server. The allow-uid and allow-gid clauses may be used to allow access  for  UID  and
	   GID values which would otherwise be denied. These checks occur before all others. deny
	   is checked before allow. The default is to allow access. These clauses do not apply to
	   anonymous  users. Use defaultserver private to deny access to anonymous users. In most
	   cases, these clauses obviate the need for an ftpusers(4) file. For example,	the  fol-
	   lowing  clauses  deny FTP Server access to all privileged or special users and groups,
	   except the guest1 user or group.

	     deny-gid %-99 nobody noaccess nogroup
	     deny-uid %-99 nobody noaccess nobody4
	     allow-gid guest1
	     allow-uid guest1

	   Support for the ftpusers file still exists, so it may be used when changing the ftpac-
	   cess  file  is not desired. In any place a single UID or GID is allowed throughout the
	   ftpaccess file, either names or numbers also may be used. To use a number, put a  per-
	   cent  sign  (%)  symbol before it. In places where a range is allowed, put the percent
	   sign before the range. A "*" matches all UIDs or GIDs.

       restricted-uid uid-range [uid-range...]
       restricted-gid gid-range [gid-range...]
       unrestricted-uid uid-range [uid-range...]
       unrestricted-gid gid-range [gid-range...]

	   These clauses control whether or not real or guest users will  be  allowed  access  to
	   areas  on  the FTP site outside their home directories. These clauses are not meant to
	   replace the use of guestgroup and guestuser. Instead, use these clauses to  supplement
	   the operation of guests. The unrestricted-uid and unrestricted-gid clauses may be used
	   to allow users outside their home directories who would otherwise be restricted.

	   The following example shows the intended use for these clauses. Assume user dick has a
	   home directory /home/dick and jane has a home directory /home/jane:

	     guest-root /home dick jane
	     restricted-uid dick jane

	   While  both dick and jane are chroot'd to /home, they cannot access each other's files
	   because they are restricted to their home directories. However, you	should	not  rely
	   solely  upon  the  FTP  restrictions  to  control access. As with all other FTP access
	   rules, you should also use directory and file permissions to support the operation  of
	   the ftpaccess configuration.

       site-exec-max-lines number [class...]

	   The	SITE  EXEC feature traditionally limits the number of lines of output that may be
	   sent to the remote client. Use this clause to set this limit. If this clause is  omit-
	   ted,  the  limit is 20 lines. A limit of 0 (zero) implies no limit. Be very careful if
	   you choose to remove the limit. If a clause is found matching the remote user's class,
	   that  limit is used. Otherwise, the clause with class '*', or no class given, is used.
	   For example:

	     site-exec-max-lines 200 remote
	     site-exec-max-lines 0 local
	     site-exec-max-lines 25

	   limits output from SITE EXEC (and therefore SITE INDEX) to 200 lines for remote users,
	   specifies  there  is no limit at all for local users, and sets a limit of 25 lines for
	   all other users.

       dns refuse_mismatch filename [override]

	   Refuse FTP sessions when the forward and reverse lookups for the remote  site  do  not
	   match.  Lookups  are  done  using  the  system's  name  service  as configured in nss-
	   witch.conf(4). Display the named file, like a message file, admonishing the	user.  If
	   the optional override is specified, allow the connection after complaining.

       dns refuse_no_reverse filename [override]

	   Refuse  FTP sessions when the remote host's IP address has no associated name. Lookups
	   are done using the system's name service as configured  in  nsswitch.conf(4).  Display
	   the named file, such as a message file, admonishing the user. If the optional override
	   is specified, allow the connection after complaining.

       dns resolveroptions [options]

	   Modify certain internal resolver variables. This only has an effect when DNS  is  used
	   as the system's name service. The line takes a series of options which are used to set
	   the RES_OPTIONS environment variable, see resolv.conf(4) for details. For example:

	     dns resolveroptions rotate attempts:1

	   turns on querying name servers round-robin and selects querying each name server  only
	   once.

       Lines that begin with a # sign are treated as comment lines and are ignored.

FILES
	/etc/ftpd/ftpaccess

ATTRIBUTES
       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWftpr			   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |External			   |
       +-----------------------------+-----------------------------+

SEE ALSO
       compress(1),  ls(1),  tar(1),  ftpaddhost(1M),  ftpconfig(1M),  ftpshut(1M),  in.ftpd(1M),
       chroot(2), nice(2), umask(2),  getgrnam(3C),  resolver(3RESOLV),  ftpconversions(4),  ftp-
       groups(4),  ftpservers(4),  ftpusers(4),  nsswitch.conf(4),  resolv.conf(4),  timezone(4),
       xferlog(4), attributes(5), fnmatch(5)

       Crocker, David H. RFC 822, Standard For The Format Of ARPA Internet Text Messages. Network
       Information Center. August 1982.

       St. Johns, Michael. RFC 931, Authentication Server. Network Working Group. January 1985.

SunOS 5.11				   10 Sep 2003				     ftpaccess(4)
Unix & Linux Commands & Man Pages : ©2000 - 2018 Unix and Linux Forums


All times are GMT -4. The time now is 01:02 AM.

Unix & Linux Forums Content Copyright©1993-2018. All Rights Reserved.
×
UNIX.COM Login
Username:
Password:  
Show Password





Not a Forum Member?
Forgot Password?