FTPD(8) MachTen System Manager’s Manual FTPD(8)
NAME
ftpd - Internet File Transfer Protocol server
SYNOPSIS
ftpd [-dl] [-T maxtimeout] [-t timeout]
DESCRIPTION
Ftpd is the Internet File Transfer Protocol server process.
The server
uses the TCP protocol and listens at the port specified in
the ‘‘ftp’’
service specification; see services(5).
Available options:
-d Debugging information is written to the syslog using LOG_FTP.
-l Each successful and failed
ftp(1) session is logged using syslog
with a facility of LOG_FTP. If this option is specified
twice,
the retrieve (get), store (put), append, delete, make
directory,
remove directory and rename operations and their filename
argu-
ments are also logged.
-T A client may also request a
different timeout period; the maximum
period allowed may be set to timeout seconds with the -T
option.
The default limit is 2 hours.
-t The inactivity timeout period
is set to timeout seconds (the de-
fault is 15 minutes).
The file /etc/nologin can be
used to disable ftp access. If the file ex-
ists, ftpd displays it and exits. If the file
/etc/ftpwelcome exists,
ftpd prints it before issuing the
‘‘ready’’ message. If the file
/etc/motd exists, ftpd prints it after a successful
login.
The ftp server currently
supports the following ftp requests. The case
of the requests is ignored.
Request Description
ABOR abort previous command
ACCT specify account (ignored)
ALLO allocate storage (vacuously)
APPE append to a file
CDUP change to parent of current working directory
CWD change working directory
DELE delete a file
HELP give help information
LIST give list files in a directory (‘‘ls
-lgA’’)
MKD make a directory
MDTM show last modification time of file
MODE specify data transfer mode
NLST give name list of files in directory
NOOP do nothing
PASS specify password
PASV prepare for server-to-server transfer
PORT specify data connection port
PWD print the current working directory
QUIT terminate session
REST restart incomplete transfer
RETR retrieve a file
RMD remove a directory
RNFR specify rename-from file name
RNTO specify rename-to file name
SITE non-standard commands (see next section)
SIZE return size of file
STAT return status of server
STOR store a file
STOU store a file with a unique name
STRU specify data transfer structure
SYST show operating system type of server system
TYPE specify data transfer type
USER specify user name
XCUP change to parent of current working directory
(deprecated)
XCWD change working directory (deprecated)
XMKD make a directory (deprecated)
XPWD print the current working directory (deprecated)
XRMD remove a directory (deprecated)
The following non-standard or
UNIX specific commands are supported by the
SITE request.
Request Description
UMASK change umask, e.g. ‘‘SITE UMASK
002’’
IDLE set idle-timer, e.g. ‘‘SITE IDLE
60’’
CHMOD change mode of a file, e.g. ‘‘SITE CHMOD0
0CHMOD1
1CHMOD2
HELP give help information.
The remaining ftp requests
specified in Internet RFC 959 are recognized,
but not implemented. MDTM and SIZE are not specified in RFC
959, but
will appear in the next updated FTP RFC.
The ftp server will abort an
active file transfer only when the ABOR com-
mand is preceded by a Telnet "Interrupt Process"
(IP) signal and a Telnet
"Synch" signal in the command Telnet stream, as
described in Internet RFC
959. If a STAT command is received during a data transfer,
preceded by a
Telnet IP and Synch, transfer status will be returned.
Ftpd interprets file names
according to the ‘‘globbing’’
conventions used
by csh(1). This allows users to utilize the metacharacters
‘‘*?[]{}~’’.
Ftpd authenticates users according to three rules.
1. The login name must be in the
password data base, /etc/passwd,
and not have a null password. In this case a password must
be
provided by the client before any file operations may be
per-
formed.
2. The login name must not appear in the file /etc/ftpusers.
3. The user must have a standard
shell returned by
getusershell(3).
4. If the user name is
‘‘anonymous’’ or
‘‘ftp’’, an anonymous ftp
account must be present in the password file (user
‘‘ftp’’).
In this case the user is allowed to log in by specifying any
password (by convention an email address for the user should
be used as the password).
In the last case, ftpd takes
special measures to restrict the client’s
access privileges. The server performs a chroot(2) to the
home directory
of the ‘‘ftp’’ user. In order that
system security is not breached, it
is recommended that the ‘‘ftp’’
subtree be constructed with care, follow-
ing these rules:
~ftp Make the home directory owned by ‘‘root’’ and unwritable
by anyone.
~ftp/bin Make this directory
owned by ‘‘root’’ and unwritable by
anyone (mode 555). The program ls(1) must be present to
support the list command. This program should be mode
111.
~ftp/etc Make this directory
owned by ‘‘root’’ and unwritable by
anyone (mode 555). The files passwd(5) and group(5) must
be present for the ls command to be able to produce owner
names rather than numbers. The password field in passwd
is not used, and should not contain real passwords. The
file motd, if present, will be printed after a successful
login. These files should be mode 444.
~ftp/pub Make this directory
mode 777 and owned by ‘‘ftp’’.
Guests
can then place files which are to be accessible via the
anonymous account in this directory.
FILES
/etc/ftpusers List of unwelcome/restricted users.
/etc/ftpwelcome Welcome notice.
/etc/motd Welcome notice after login.
/etc/nologin Displayed and access refused.
SEE ALSO
ftp(1), getusershell(3), syslogd(8)
BUGS
The server must run as the super-user to create sockets with
privileged
port numbers. It maintains an effective user id of the
logged in user,
reverting to the super-user only when binding addresses to
sockets. The
possible security holes have been extensively scrutinized,
but are possi-
bly incomplete.
HISTORY
The ftpd command appeared in 4.2BSD.
4.2 Berkeley Distribution April 19, 1994 3