FTPACCESS man page on SmartOS

Man page or keyword search:  
man Server   16655 pages
apropos Keyword Search (all sections)
Output format
SmartOS logo
[printable version]

FTPACCESS(4)							  FTPACCESS(4)

NAME
       ftpaccess - FTP Server configuration file

SYNOPSIS
       /etc/ftpd/ftpaccess

DESCRIPTION
       The  ftpaccess  file  is	 used  to  configure  the operation of the FTP
       Server.

   Access Capabilities
       The following access capabilities are supported:

       autogroup groupname class class...

	   If an anonymous user is a member of any of class,  the  FTP	Server
	   will perform a setegid(2) to groupname. This allows access to group
	   and owner read-only files and directories to a particular class  of
	   anonymous  users.  groupname	 is  a	valid group returned by getgr‐
	   nam(3C).

       class class typelist addrglobaddrglob...

	   Define class of users, with source addresses of the form  addrglob.
	   Multiple  members  of  class	 may be defined. There may be multiple
	   class commands listing additional members of the class. If multiple
	   class  commands  can	 apply	to  the current session, the first one
	   listed in the access file is used. If a valid class for a  host  is
	   not	defined,  access will be denied. typelist is a comma-separated
	   list of any of the keywords anonymous, guest, and real. If the real
	   keyword  is included, the class can match users using FTP to access
	   real accounts. If the anonymous keyword is included the  class  can
	   match  users	 using	anonymous FTP. The guest keyword matches guest
	   access accounts.

	   addrglob may be a globbed domain name or  a	globbed	 numeric  IPv4
	   address.   It may also be the name of a file, starting with a slash
	   ('/'),  which  contains  additional	address	 globs.	 IPv4  numeric
	   addresses  may  also	 be  specified	in the form address:netmask or
	   address/CIDR. IPv6 numeric addresses can only be specified with  an
	   optional CIDR, not using globs or netmasks.

	   Placing an exclamation (!) before an addrglob negates the test. For
	   example,

	     class rmtuser real !*.example.com

	   will classify real users from outside the example.com domain as the
	   class  rmtuser.  Use care with this option. Remember, the result of
	   each test is OR'ed with other tests on the line.

       deny addrglob [message_file]

	   Deny access	to  host(s)  that  match  addrglob  and	 display  mes‐
	   sage_file.  If the value of addrglob is !nameserved access to sites
	   without a working nameservers is denied. message_file  may  contain
	   magic cookies. See message for more details.

       guestgroup groupname groupname...
       guestuser username username...
       realgroup groupname groupname...
       realuser username username...

	   For	guestgroup,  if	 a real user is a member of any groupname, the
	   session is set up like anonymous FTP. groupname is  a  valid	 group
	   returned  by getgrnam(3C). The user's home directory must be set up
	   exactly as anonymous FTP would be. The home directory field of  the
	   passwd  entry  is  divided into two directories. The first field is
	   the root directory that will be the argument to the chroot(2) call.
	   The second field is the user's home directory, relative to the root
	   directory. Use a "/./" to separate the two fields. For example, the
	   following is the real entry in /etc/passwd:

	     guest1:x:100:92:Guest FTP:/export/home/guests/./guest1:/bin/true

	   When	 guest1	 successfully logs in, the FTP Server will chroot() to
	   /export/home/guests and then chdir(2) to /guest1.  The  guest  user
	   will	  only	be  able  to  access  the  directory  structure	 under
	   /export/home/guests, which will look and act as / to	 guest1,  just
	   as  an  anonymous  FTP user would. The d option to ftpconfig(1M) is
	   useful when creating guest FTP user accounts. The group name may be
	   specified  by either name or numeric ID. To use a numeric group ID,
	   place a percent sign (%) before the number. You  can	 give  ranges.
	   Use an asterisk to indicate all groups. guestuser works like guest‐
	   group, except that it uses the user name or	numeric	 ID.  realuser
	   and	realgroup have the same syntax, but they reverse the effect of
	   guestuser and guestgroup.  They allow real  user  access  when  the
	   remote user would otherwise be determined a guest.

	     guestuser *
	     realgroup admin

	   causes  all	non-anonymous  users  to be treated as guest, with the
	   sole exception of users in the admin group, who  are	 granted  real
	   user access.

       nice nice-delta class

	   Adjust  the	process	 nice  value  of the FTP server process by the
	   indicated nice-delta value if the remote user is a  member  of  the
	   named class.	 If class is not specified, then use nice-delta as the
	   default adjustment to the  FTP  server  process  nice  value.  This
	   default  nice  value adjustment is used to adjust the nice value of
	   the server process only for those users who do not  belong  to  any
	   class  for  which  a	 class-specific	 nice  directive exists in the
	   ftpaccess file.

       defumask umask class

	   Set the umask applied to files created by the  FTP  server  if  the
	   remote  user is a member of the named class. If class is not speci‐
	   fied, then use the umask as the default for	classes	 that  do  not
	   have	 one specified.. The mode of files created may be specified by
	   using the upload directive.

       tcpwindow size class

	   Set the TCP window size (socket buffer size) for the	 data  connec‐
	   tion.  Use  this to control network traffic. For instance, slow PPP
	   dialin links may need smaller TCP windows to speed  up  throughput.
	   If you do not know what this does, do not set it.

       ipcos control|data value [typelist]

	   Set	the IP Class of Service for either the control or data connec‐
	   tion.

	   For connections using AF_INET type sockets, this sets the  Type  of
	   Service field in the IP header to the value specified.

	   For	connections using AF_INET6 type sockets, this sets the Traffic
	   Class field in the IP header to the value specified.

	   When configured through inetd.conf(4),  the	socket	type  is  con‐
	   trolled  by	the protocol field of the ftp service. When running in
	   standalone  mode  the  default  socket  type	  is   AF_INET6.   The
	   in.ftpd(1M) 4 option selects AF_INET.

	   typelist  is	 a  comma-separated list of any of the keywords anony‐
	   mous, guest, real, and class=. When class= appears, it must be fol‐
	   lowed by a class name.

       keepalive yes|no

	   Set	the TCP SO_KEEPALIVE option for control and data sockets. This
	   can be used to control network disconnect. If yes, then set it.  If
	   no, then use the system default (usually off). You probably want to
	   set this.

       timeout accept seconds
       timeout connect seconds
       timeout data seconds
       timeout idle seconds
       timeout maxidle seconds
       timeout RFC931 seconds

	   Set various timeout conditions.

	   accept
		      How long the FTP Server will wait for an incoming (PASV)
		      data connection. The default is 120 seconds.

	   connect
		      How  long	 the FTP Server will wait attempting to estab‐
		      lish an outgoing (PORT) data  connection.	 This  effects
		      the  actual connection attempt. The daemon makes several
		      attempts, sleeping between each attempt,	before	giving
		      up. The default is 120 seconds.

	   data
		      How  long	 the FTP Server will wait for some activity on
		      the data connection. You should keep this	 long  because
		      the remote client may have a slow link, and there can be
		      quite a bit of data queued for the client.  The  default
		      is 1200 seconds.

	   idle
		      How  long the FTP Server will wait for the next command.
		      The default is 900 seconds.  The	default	 can  also  be
		      overridden  by  using  the t option at the command-line.
		      This access clause overrides both.

	   maxidle
		      The SITE IDLE command allows the remote client to estab‐
		      lish  a  higher  value for the idle timeout. The maxidle
		      clause sets the upper limit that the client may request.
		      The default can also be overridden by using the T option
		      at the command-line. This access clause overrides	 both.
		      The default is 7200 seconds.

	   RFC931
		      The  maximum  time  the FTP server allows for the entire
		      RFC931 (AUTH/ident) conversation. Setting this  to  zero
		      (0)  disables  the  server's  use	 of this protocol. The
		      information obtained by means of RFC931 is  recorded  in
		      the  system logs and is not actually used in any authen‐
		      tication. The default is 10 seconds.

       file-limit raw in|out|total count class

	   Limit the number of data files a user in the given class may trans‐
	   fer.	 The  limit  may  be  placed on files in, out, or total. If no
	   class is specified, the limit is the default for classes  which  do
	   not	have a limit specified. The optional parameter raw applies the
	   limit to the total traffic rather than just data files.

       data-limit [raw] in|out|total count [class]

	   Limit the number of data bytes a user in the given class may trans‐
	   fer.	 The  limit  may  be  placed on bytes in, out, or total. If no
	   class is specified, the limit is the default for classes  which  do
	   not	have  a	 limit specified. Note that once it has been exceeded,
	   this limit will prevent transfers, but  it  will  not  terminate  a
	   transfer  in progress. The optional parameter raw applies the limit
	   to total traffic rather than just data files.

       limit-time *|anonymous|guest minutes

	   Limit the total time a session can take. By default,	 there	is  no
	   limit. Real users are never limited.

       guestserver [hostname...]

	   Control which hosts may be used for anonymous access. If used with‐
	   out hostname, all anonymous access is denied	 to  this  site.  More
	   than	 one  hostname may be specified. Anonymous access will only be
	   allowed on the named machines. If access is denied, the  user  will
	   be asked to use the first hostname listed.

       limit class n times [message_file]

	   Limit  class	 to n users at times times, displaying message_file if
	   the user is denied access. A limit check is performed at login time
	   only.  If multiple limit commands can apply to the current session,
	   the first applicable one is used. Failing to define a valid	limit,
	   or  a  limit of -1, is equivalent to no limits. The format of times
	   is:

	     day[day...][time-range][|day[day...][time-range]]...

	   The value of day can be Su, Mo, Tu, We, Th, Fr,  Sa,	 Wk  (for  any
	   weekday  Monday  through  Friday), or Any. time-range is in 24-hour
	   clock notation. If a time range is not specified, any time  of  the
	   day is matched. Multiple day and time-range may be specified by the
	   "|" symbol. For example, Wk1730-0900|Sa|Su specifies 5:30  p.m.  to
	   9:00	 a.m.,	Monday	through	 Friday, and anytime on weekends. mes‐
	   sage_file may contain magic cookies.	 See message for more details.

       noretrieve [absolute|relative]
       [class=classname...][-] filename [filename...]

	   Always deny retrievability of these files. If filename specifies  a
	   pathname  that begins with '/' character, then only those files are
	   marked no retrieve. Otherwise all files that match the filename are
	   refused  transfer. For example, noretrieve /etc/passwd core	speci‐
	   fies no one will be able to retrieve the /etc/passwd file. You will
	   be allowed to transfer any file named passwd that is not in /etc.

	   On  the  other  hand,  no one will be able to get files named core,
	   wherever they are. Directory specifications mark all files and sub‐
	   directories	in the named directory unretrievable. The filename may
	   be specified as a file glob. For example,

	     noretrieve /etc /home/*/.htaccess

	   specifies that no files in /etc or any of its subdirectories may be
	   retrieved.  Also, no files named .htaccess anywhere under the /home
	   directory may be retrieved. The optional  first  parameter  selects
	   whether  names  are interpreted as absolute or relative to the cur‐
	   rent chroot'd environment. The default is to interpret names begin‐
	   ning	 with  a slash as absolute. The noretrieve restrictions may be
	   placed upon members of particular classes. If any class= is	speci‐
	   fied,  the named files cannot be retrieved only if the current user
	   is a member of one of the given classes.

       allow-retrieve [absolute|relative]
       [class=classname...][-] filename [filename...]

	   Allows retrieval of files which would otherwise be denied by	 nore‐
	   trieve.

       loginfails number

	   After  number  login failures, log a "repeated login failures" mes‐
	   sage and terminate the FTP connection. The default value for number
	   is 5.

       private yes | no

	   Allow  or  deny use of the SITE GROUP and SITE GPASS commands after
	   the user logs in. The SITE GROUP and SITE GPASS commands specify an
	   enhanced  access  group  and associated password. If the group name
	   and password are valid, the user becomes  a	member	of  the	 group
	   specified  in the group access file /etc/ftpd/ftpgroups by means of
	   setegid(2). See ftpgroups(4) for the format of the file.  For  this
	   option  to  work for anonymous FTP users, the  FTP Server must keep
	   /etc/group permanently open and load the  group  access  file  into
	   memory.  This  means that the FTP Server now has an additional file
	   descriptor open, and the necessary passwords and access  privileges
	   granted  to	users  by  means  of SITE GROUP will be static for the
	   duration of an FTP session. If you have an urgent  need  to	change
	   the	access	groups	or  passwords now, you have to kill all of the
	   running FTP Servers.

   Informational Capabilities
       The following informational capabilities are supported:

       greeting full|brief|terse
       greeting text message

	   The greeting command allows you to control how much information  is
	   given  out  before the remote user logs in. greeting full, which is
	   the default greeting, shows the hostname and daemon version. greet‐
	   ing	brief  shows  the  hostname.   greeting terse simply says "FTP
	   Server ready." Although full is the default, brief is suggested.

	   The text form allows you to specify any greeting  message.  message
	   can	be  any string. Whitespace (spaces and tabs) is converted to a
	   single space.

       banner path

	   The banner command  operates	 similarly  to	the  message  command,
	   except  that	 the  banner  is  displayed before the user enters the
	   username. The path is relative to the real system root, not to  the
	   base of the anonymous FTP directory.

	   Use	of the banner command can completely prevent non-compliant FTP
	   clients from making use of the FTP Server. Not all clients can han‐
	   dle multi-line responses, which is how the banner is displayed.

       email name

	   Use	this  command  to  define the email address for the FTP Server
	   administrator.  This string will be printed every time the %E magic
	   cookie is used in message files.

       hostname some.host.name

	   Defines  the	 default host name of the FTP Server. This string will
	   be printed on the greeting message and  every  time	the  %L	 magic
	   cookie  is  used.  The host name for virtual servers overrides this
	   value. If no host name is specified, the default host name for  the
	   local machine is used.

       message path [when [class...]]

	   Define  a  file with path such that the FTP Server will display the
	   contents of the file to the user at login time or  upon  using  the
	   change  working  directory command. The when parameter may be LOGIN
	   or CWD=dirglob. If whenis CWD=dirglob, dirglob  specifies  the  new
	   default  directory that will trigger the notification. A dirglob of
	   "*" matches all directories.

	   The optional class specification allows the message to be displayed
	   only	 to  members of a particular class. More than one class may be
	   specified.

	   "Magic cookies" can be present in path that cause the FTP Server to
	   replace the cookie with a specified text string:

	   %T
		 Local time. For example, Thu Nov 15 17:12:42 1990.

	   %F
		 Free space in partition of CWD, in Kbytes.

	   %C
		 Current working directory.

	   %E
		 The email address for the FTP Server administrator.

	   %R
		 Remote host name.

	   %L
		 Local host name.

	   %U
		 Username given at login time.

	   %u
		 Username as defined by means of RFC 931 authentication.

	   %M
		 Maximum allowed number of users in this class.

	   %N
		 Current number of users in this class.

	   The following quota magic cookies are also supported but not always
	   set (see the quota-info capability):

	   %B
		 absolute limit on disk blocks allocated

	   %b
		 preferred limit on disk blocks

	   %Q
		 current block count

	   %I
		 maximum number of allocated inodes (+1)

	   %i
		 preferred inode limit

	   %q
		 current number of allocated inodes

	   %H
		 time limit for excessive disk use

	   %h
		 time limit for excessive files

	   The message is displayed only once  to  avoid  annoying  the	 user.
	   Remember  that when messages are triggered by an anonymous or guest
	   FTP user, they must be relative to the base	of  the	 anonymous  or
	   guest FTP directory tree.

       quota-info uid-range [uid-range...]

	   Enable retrieval of quota information for users matching uid-range.
	   This sets the quota magic  cookies.	Retrieving  quota  information
	   might cause a significant delay when logging into the server.

	   uid-range  can  be  a username, single UID, or a UID range. Place a
	   percent sign(%) before a number. An asterisk means "all users."

       readme pathglob [when [class...]]

	   Define a file with pathglob such that the FTP  Server  will	notify
	   the	user  at login time or upon using the change working directory
	   command that the file exists and the date that it was modified. The
	   when parameter may be LOGIN or CWD=dirglob. If when is CWD=dirglob,
	   dirglob specifies the new default directory that will  trigger  the
	   notification. A dirglob of "*" matches all directories. The message
	   will only be displayed once, to avoid  bothering  users.   Remember
	   that	 when  README  messages are triggered by an anonymous or guest
	   FTP user, the pathglob must be relative to the base of  the	anony‐
	   mous or guest FTP directory tree.

	   The optional class specification allows the message to be displayed
	   only to members of a particular class. You can  specify  more  than
	   one class.

   Logging Capabilities
       The following logging capabilities are supported:

       log commands typelist

	   Enables logging of the individual FTP commands sent by users. type‐
	   list is a comma-separated list of any of  the  keywords  anonymous,
	   guest, and real. Command logging information is written to the sys‐
	   tem log.

       log transfers typelist directions

	   Log file transfers made by FTP users to the xferlog(4)  file.  Log‐
	   ging	 of incoming transfers to the server can be enabled separately
	   from outbound transfers from the server. directions is a comma-sep‐
	   arated  list	 of  any of the two keywords inbound and outbound, and
	   will respectively cause transfers to be logged for  files  sent  to
	   and from the server.

       log security typelist

	   Enables  logging of violations of security rules to the system log,
	   including for example, noretrieve and .notar.

       log syslog
       log syslog+xferlog

	   Redirect the logging messages for incoming and  outgoing  transfers
	   to syslog. Without this option the messages are written to xferlog.
	   When you specify syslog+xferlog, the transfer log messages are sent
	   to both the system log file and the xferlog file.

       xferlog format formatstring

	   Customize  the  format  of  the transfer log entry written. format‐
	   string can be  any  string,	which  might  include  magic  cookies.
	   Strings of whitespace characters are converted into a single space.

	   The	following  transfer-specific magic cookies are recognized only
	   immediately after a transfer has been completed:

	   %Xt
		  transfer-time

	   %Xn
		  bytes-transferred

	   %XP
		  filename

	   %Xp
		  chroot-filename

	   %Xy
		  transfer-type

	   %Xf
		  special-action-flag

	   %Xd
		  direction

	   %Xm
		  access-mode

	   %Xa
		  authentication-method

	   %Xc
		  completion-status

	   %Xs
		  file-size

	   %Xr
		  restart-offset

	   xferlog(4) includes a description of these fields.  If  no  xferlog
	   format entry is present, the default is:

	     xferlog format %T %Xt %R %Xn %XP %Xy %Xf %Xd %Xm %U ftp %Xa %u %Xc

   Miscellaneous Capabilities
       The following miscellaneous capabilities are supported:

       alias string dir

	   Define  an alias,  string, for a directory. Use this command to add
	   the	concept	 of  logical  directories.  For	 example:  alias  rfc:
	   /pub/doc/rfc	 would	allow the user to access /pub/doc/rfc from any
	   directory by the command "cd rfc:". Aliases only apply  to  the  cd
	   command.

       cdpath dir

	   Define  an  entry in the cdpath. This command defines a search path
	   that is used when changing directories. For example:

	     cdpath /pub/packages
	     cdpath /.aliases

	   would allow the user to move	 into  any  directory  directly	 under
	   either  the	/pub/packages or the /.aliases directories. The search
	   path is defined by the order in  which  the	lines  appear  in  the
	   ftpaccess  file.  If	 the user were to give the command ftp> cd foo
	   the directory will be searched for in the following order:

	       o      ./foo

	       o      an alias called foo

	       o      /pub/packages/foo

	       o      /.aliases/foo
	   The cdpath is only available with the cd command.  If  you  have  a
	   large number of aliases, you might want to set up an aliases direc‐
	   tory with links to all of the areas you wish to make	 available  to
	   users.

       compress yes|no classglob [classglob...]
       tar yes|no classglob [classglob...]

	   Enable  the use of conversions marked with the O_COMPRESS, O_UNCOM‐
	   PRESS, and O_TAR options in /etc/ftpd/ftpconversions.  See  ftpcon‐
	   versions(4).

       shutdown path

	   If  the  file  pointed to by path exists, the server will check the
	   file regularly to see if the server is going to be shut down. If  a
	   shutdown  is	 planned,  the	user  is notified. New connections are
	   denied after a specified time before shutdown. Current  connections
	   are dropped at a specified time before shutdown.

	   The format of the file specified by path is:

	     year month day hour minute deny_offset disc_offset text

	   year
			  A value of 1970 or greater.

	   month
			  A value of 0 to 11.

	   day
			  A value of 1 to 31.

	   hour
			  A value of 0 to 23.

	   minute
			  A value of 0 to 59.

	   deny_offset
	   disc_offset
			  The offsets in HHMM format that new connections will
			  be denied and existing connections will  be  discon‐
			  nected before the shutdown time.

	   text
			  Follows  the	normal rules for any message. The fol‐
			  lowing additional magic cookies are available:

			  %s
				The time at which the system is going to  shut
				down.

			  %r
				The  time  at  which  new  connections will be
				denied.

			  %d
				The time at which current connections will  be
				dropped.

	   All times are in the form: ddd MMM DD hh:mm:ss YYYY. Only one shut‐
	   down command can be present in the configuration file. You can  use
	   the	external  program  ftpshut(1M)	to automate generation of this
	   file.

       daemonaddress address

	   Listen only on the IP address specified. If the value is  not  set,
	   then	 the  FTP  Server  will	 listen	 for  connections  on every IP
	   address. This applies only when the FTP Server is run in standalone
	   mode.

       virtual address root|banner|logfile path

	   Enable  the	FTP  Server  limited virtual hosting capabilities. The
	   address is the IP address of the virtual server. The	 second	 argu‐
	   ment	 specifies that the path is either the path to the root of the
	   filesystem for this virtual server, the  banner  presented  to  the
	   user	 when  connecting to this virtual server, or the logfile where
	   transfers are recorded for this virtual server. If the  logfile  is
	   not	specified the default log file will be used. All other message
	   files and permissions as well as any other settings	in  this  file
	   apply  to all virtual servers. The address may also be specified as
	   a hostname rather than as an IP number. This is  strongly  discour‐
	   aged	 since,	 if  DNS  is not available at the time the FTP session
	   begins, the hostname will not be matched.

       root|logfile path

	   In contrast to limited virtual hosting,  complete  virtual  hosting
	   allows  separate  configuration  files to be virtual host specific.
	   See ftpservers(4). The only additions that are necessary in a  vir‐
	   tual	 host's	 ftpaccess file is the root directive that ensures the
	   correct root directory is used for  the  virtual  host.  This  only
	   works  with	complete virtual hosting, which in contrast to limited
	   virtual hosting, allows separate configuration files to  be	speci‐
	   fied for each virtual host.

	   path	 is  either the root of the filesystem for this virtual server
	   or  the  logfile  where  transfers  for  this  virtual  server  are
	   recorded.  root and logfile may only be specified when not preceded
	   by virtual address in a virtual hosts's ftpaccess file.

       virtual address hostname|email string

	   Set the hostname shown in the greeting message and status  command,
	   or the email address used in message files and on the HELP command,
	   to the given string.

       virtual address allow username [username...]
       virtual address deny username [username...]

	   By default, real and guest users are not allowed to log in  on  the
	   virtual  server,  unless  they  are guests that are chroot'd to the
	   virtual root. The users listed on the  virtual  allow  line(s)  are
	   granted  access. You can grant access to all users by giving '*' as
	   the username. The virtual deny clauses are processed after the vir‐
	   tual	 allow	clauses.  Thus	specific  users	 can  be denied access
	   although all users were allowed in an earlier clause.

       virtual address private

	   Deny log in access to anonymous users on the virtual server. Anony‐
	   mous users are generally allowed to log in on the virtual server if
	   this option is not specified.

       virtual address passwd file

	   Use a different passwd file for the virtual host.

       virtual address shadow file

	   Use a different shadow file for the virtual host.

       defaultserver deny username [username...]
       defaultserver allow username [username...]

	   By default, all users are allowed access  to	 the  non-virtual  FTP
	   Server.  Use	 defaultserver deny to revoke access for specific real
	   and guest users. Specify '*' to deny access to  all	users,	except
	   anonymous users.  Specific real and guest users can then be allowed
	   access by using defaultserver allow.

       defaultserver private

	   By default, all users are allowed access  to	 the  non-virtual  FTP
	   Server.  Use	 defaultserver	private to revoke access for anonymous
	   users.

	   The virtual and defaultserver allow, deny and private clauses  pro‐
	   vide a means to control which users are allowed access to which FTP
	   Servers.

       passive address externalip cidr

	   Allow control of the address reported in response to a passive com‐
	   mand.  When any control connection matching cidr requests a passive
	   data connection (PASV), the externalip address  is  reported.  This
	   does	 not  change  the address that the daemon actually listens on,
	   only the address reported to the client. This  feature  allows  the
	   daemon  to  operate	correctly behind IP renumbering firewalls. For
	   example:

	     passive address 10.0.1.15	 10.0.0.0/8
	     passive address 192.168.1.5 0.0.0.0/0

	   Clients connecting from the class-A network 10  will	 be  told  the
	   passive  connection	is listening on IP address 10.0.1.15 while all
	   others will be told the connection  is  listening  on  192.168.1.5.
	   Multiple  passive  addresses may be specified to handle complex, or
	   multi-gatewayed, networks.

       passive ports cidr min max

	   Allows control of the TCP port numbers which may be used for a pas‐
	   sive data connection. If the control connection matches the cidr, a
	   port in the range min to max will be randomly selected for the dae‐
	   mon	to listen on. This feature allows firewalls to limit the ports
	   that remote clients may use to connect into the protected network.

	   cidr is shorthand for an IP address followed by  a  slash  and  the
	   number  of  left-most  bits	that represent the network address, as
	   opposed to the machine address. For example, if you are  using  the
	   reserved class-A network 10, instead of a netmask of 255.0.0.0, use
	   a CIDR of /8, as in 10.0.0.0/8, to represent your network.

	   When min and max are both 0, the kernel rather than the FTP	server
	   selects the TCP port to listen on. Kernel port selection is usually
	   not desirable if the kernel allocates TCP ports sequentially. If in
	   doubt, let the FTP server do the port selection.

       pasv-allow class [addrglob...]
       port-allow class [addrglob...]

	   Normally,  the  FTP Server does not allow a PORT command to specify
	   an address different than that of the control connection. Nor  does
	   it allow a PASV connection from another address.

	   The	port-allow clause provides a list of addresses that the speci‐
	   fied class of user may give on a PORT command. These addresses will
	   be  allowed even if they do not match the IP address of the client-
	   side of the control connection.

	   The pasv-allow clause provides a list of addresses that the	speci‐
	   fied	 class of user may make data connections from. These addresses
	   will be allowed even if they do not match the  IP  address  of  the
	   client-side of the control connection.

       lslong command [options...]
       lsshort command [options...]
       lsplain command [options...]

	   Use	the  lslong,  lsshort, and lsplain clauses to specify the com‐
	   mands and options  to  use  to  generate  directory	listings.  The
	   options  cannot  contain  spaces,  and the default values for these
	   clauses are generally correct.  Use	lslong,	 lsshort,  or  lsplain
	   only if absolutely necessary.

       mailserver hostname

	   Specify the name of a mail server that will accept upload notifica‐
	   tions for the FTP Server. Multiple mail servers may be listed.  The
	   FTP Server will attempt to deliver the upload notification to each,
	   in order, until one accepts the message. If	no  mail  servers  are
	   specified,  localhost  is  used.  This option is only meaningful if
	   anyone is to be notified of anonymous uploads. See incmail.

       incmail emailaddress
       virtual address incmail emailaddress
       defaultserver incmail emailaddress

	   Specify email addresses to be notified of anonymous uploads. Multi‐
	   ple	addresses  can be specified. Each will receive a notification.
	   If no addresses are specified, no notifications are sent.

	   If addresses are specified for a virtual host, only those addresses
	   will be sent notification of anonymous uploads on that host. Other‐
	   wise, notifications will be sent to the global addresses.

	   defaultserver addresses only apply when  the	 FTP  session  is  not
	   using  one of the virtual hosts. In this way, you can receive noti‐
	   fications for your default anonymous area, but  not	see  notifica‐
	   tions to virtual hosts that do not have their own notifications.

       mailfrom emailaddress
       virtual address mailfrom emailaddress
       defaultserver mailfrom emailaddress

	   Specify  the	 sender's email address for anonymous upload notifica‐
	   tions. Only one address may be specified. If no  mailfrom  applies,
	   email is sent from the default mailbox name wu-ftpd. To avoid prob‐
	   lems if the recipient attempts to reply to a	 notification,	or  if
	   downstream  mail  problems  generate bounces, you should ensure the
	   mailfrom address is deliverable.

       sendbuf size [typelist]
       recvbuf size [typelist]

	   Set the send or receive buffer sizes	 used  for  binary  transfers.
	   They have no effect on ASCII transfers.

       rhostlookup yes|no [addrglob ...]

	   Allows  or  disallows  the  lookup  of the remote host's name. Name
	   lookups can be slow, but skipping them means that places  where  an
	   addrglob  is	 matched  (for	example, in the class capability) will
	   match only an IP address, not a name. Also deny !nameserved and dns
	   refuse_no_reverse  or  refuse_mismatch will deny access when a name
	   lookup is not done. The default is  to  lookup  the	remote	host's
	   name.

	   Only IP addresses, not names, are matched in addrglob.

       flush-wait yes|no [typelist]

	   Controls  the  behavior at the end of a download or directory list‐
	   ing. If yes, shutdown the data connection for sending and wait  for
	   the	client	to  close  its	end before sending a transfer complete
	   reply on the control connection. This is the default	 behavior.  If
	   no,	close the data connection and send the transfer complete reply
	   without waiting for the client.  With this behavior, data loss  can
	   go undetected.

	   If  a client hangs at the end of a directory listing, or the system
	   has many sockets in the FIN_WAIT_2 state, try setting to  no	 as  a
	   workaround for broken client behavior.

   Permission Capabilities
       The following permission capabilities are supported:

       chmod yes|no typelist
       delete yes|no typelist
       overwrite yes|no typelist
       rename yes|no typelist
       umask yes|no typelist

	   Allows  or disallows the ability to perform the specified function.
	   By default, all real and guest users are allowed.  Anonymous	 users
	   are only allowed overwrite and umask.

	   typelist  is	 a  comma-separated list of any of the keywords anony‐
	   mous, guest, real and class=. When class= appears, it must be  fol‐
	   lowed  by a classname. If any class= appears, the typelist restric‐
	   tion applies only to users in that class.

       passwd-check none|trivial|rfc822 [enforce|warn]

	   Define the level and enforcement of password checking done  by  the
	   FTP Server for anonymous FTP.

	   none
		      No password checking is performed.

	   trivial
		      The password must contain an '@'.

	   rfc822
		      The password must be RFC 822 compliant.

	   warn
		      Warn, but permit the login.

	   enforce
		      Notify and deny the login.

       deny-email case-insensitive-emailaddress

	   Consider  the  email	 address  given	 as an argument as invalid. If
	   passwd-check is set to enforce, anonymous users giving this address
	   as a password cannot log in. That way, you can stop users from hav‐
	   ing stupid WWW  browsers  use  fake	addresses  like	 IE?0User@  or
	   mozilla@.  (by  using  this, you are not shutting out users using a
	   WWW browser for ftp - you just make them  configure	their  browser
	   correctly.)	Only one address is allowed per line, but you can have
	   as many deny-email addresses as you like.

       path-filter typelist message allowed_regexp
       [disallowed_regexp...]

	   For users in typelist, path-filter defines regular expressions that
	   control  what characters can be used in the filename of an uploaded
	   file or created directory. There may be multiple disallowed regular
	   expressions.	 If  a filename is invalid due to failure to match the
	   regular expression criteria, message will be displayed to the user.
	   For example:

	     path-filter anonymous /etc/pathmsg ^[-A-Za-z0-9._]*$ ^. ^-

	   specifies  that  all	 upload	 filenames for anonymous users must be
	   made of only the characters A-Z, a-z, 0-9, and "._-"	 and  may  not
	   begin   with	 a  "."	 or  a	"-".   If  the	filename  is  invalid,
	   /etc/pathmsg will be displayed to the user.

       upload [absolute|relative] [class=classname]... [-]
       root-dir dirglob yes|no owner group mode
       [dirs|nodirs] [d_mode]

	   Define a directory with dirglob that permits or denies uploads.  If
	   it  does  permit  uploads, all newly created files will be owned by
	   owner and group and will have their permissions  set	 according  to
	   mode.  Existing files that are overwritten will retain their origi‐
	   nal ownership and permissions. Directories are matched on  a	 best-
	   match basis. For example:

	     upload /var/ftp  *	 no
	     upload /var/ftp /incoming yes ftp daemon 0666
	     upload /var/ftp /incoming/gifs yes jlc guest 0600 nodirs

	   would  only	allow uploads into /incoming and /incoming/gifs. Files
	   that were uploaded to /incoming are owned by	 ftp/daemon  and  have
	   permissions	of 0666. Files uploaded to /incoming/gifs are owned by
	   jlc/guest and have permissions of 0600.  The	 optional  "dirs"  and
	   "nodirs"  keywords  can  be specified to allow or disallow the cre‐
	   ation of new subdirectories using the mkdir command. If the	upload
	   command  is used, directory creation is allowed by default. To turn
	   it off by default, you must specify a user, group and mode followed
	   by  the "nodirs" keyword as the first line where the upload command
	   is used in this file. If directories are  permitted,	 the  optional
	   d_mode determines the permissions for a newly created directory. If
	   d_mode is omitted, the permissions are inferred from mode. The per‐
	   missions  are 0777 if mode is also omitted. The upload keyword only
	   applies to users who have a home directory  of  root-dir.  root-dir
	   may	be  specified as "*" to match any home directory. The owner or
	   group may each be specified as "*",	in  which  case	 any  uploaded
	   files  or  directories  will	 be  created with the ownership of the
	   directory in which they are created. The optional  first  parameter
	   selects whether root-dir names are interpreted as absolute or rela‐
	   tive to the current chroot'd environment. The default is to	inter‐
	   pret	 <root-dir>  names  as absolute. You can specify any number of
	   class=classname restrictions. If any	 are  specified,  this	upload
	   clause  only takes effect if the current user is a member of one of
	   the classes.

	   In the absence of any matching upload clause, real and guest	 users
	   can	upload files and make directories, but anonymous users cannot.
	   The mode of uploaded files is 0666. For  created  directories,  the
	   mode is 0777. Both modes are modified by the current umask setting.

       throughput root-dir subdir-glob file-glob-list
       bytes-per-second bytes-per-second-multiply remote-glob-list

	   Define files by means of a comma-separated file-glob-list in subdir
	   matched by subdir-glob under root-dir that have restricted transfer
	   throughput of bytes-per-second on download when the remote hostname
	   or remote IP address matches the comma-separated  remote-glob-list.
	   Entries are matched on a best-match basis. For example:

	     throughput /e/ftp *    *	   oo	-   *
	     throughput /e/ftp /sw* *	   1024 0.5 *
	     throughput /e/ftp /sw* README oo	-   *
	     throughput /e/ftp /sw* *	   oo	-   *.foo.com

	   would  set maximum throughput per default, but restrict download to
	   1024 bytes per second for any files under /e/ftp/sw/ that  are  not
	   named  README. The only exceptions are remote hosts from within the
	   domain foo.com which always get maximum throughput.	Every  time  a
	   remote  client  has retrieved a file under /e/ftp/sw/ the bytes per
	   seconds of the matched entry line are internally  multiplied	 by  a
	   factor, here 0.5. When the remote client retrieves its second file,
	   it is served with 512 bytes per second, the third  time  with  only
	   256	bytes per second, the fourth time with only 128 bytes per sec‐
	   ond, and so on. The string "oo" for	the  bytes  per	 second	 field
	   means  no  throughput  restriction. A multiply factor of 1.0 or "-"
	   means no change of the throughput after every successful  transfer.
	   The	root-dir  here	must match the home directory specified in the
	   password database . The throughput keyword only  applies  to	 users
	   who have a home directory of root-dir.

       anonymous-root root-dir [class...]

	   root-dir  specifies	the  chroot()  path for anonymous users. If no
	   anonymous-root is matched, the  old	method	of  parsing  the  home
	   directory  for the FTP user is used. If no class is specified, this
	   is the root directory for anonymous users  who  do  not  match  any
	   other anonymous-root specification.	Multiple classes may be speci‐
	   fied on this line. If an anonymous-root is chosen for the user, the
	   FTP	user's	home directory in the root-dir/etc/passwd file is used
	   to determine the initial directory and the FTP user's  home	direc‐
	   tory in the system-wide /etc/passwd is not used. For example:

	     anonymous-root /home/ftp
	     anonymous-root /home/localftp localnet

	   causes  all	anonymous  users  to  be  chroot'd  to	the  directory
	   /home/ftp. If the FTP user exists  in  /home/ftp/etc/passwd,	 their
	   initial  CWD	 is  that home directory. Anonymous users in the class
	   localnet, however, are chroot'd to the directory /home/localftp and
	   their  initial  CWD	is taken from the FTP user's home directory in
	   /home/localftp/etc/passwd.

       guest-root root-dir [uid-range...]

	   root-dir specifies the chroot() path for guest users. If no	guest-
	   root	 is  matched, the old method of parsing the user's home direc‐
	   tory is used. If no uid-range is specified, this is the root direc‐
	   tory	 for guestusers who do not match any other guest-root specifi‐
	   cation. Multiple UID ranges may be given on this line. If a	guest-
	   root is chosen for the user, the user's home directory in the root-
	   dir/etc/passwd file is used to determine the initial directory  and
	   the home directory in the system-wide /etc/passwd is not used. uid-
	   range specifies names or numeric UID values. To use numbers, put  a
	   percent  sign  (%) symbol before it or before the range. Ranges are
	   specified by giving the lower and upper bounds  (inclusive),	 sepa‐
	   rated by a dash. If the lower bound is omitted, it means all up to.
	   If the upper bound is omitted, it  means  all  starting  from.  For
	   example:

	     guest-root /home/users
	     guest-root /home/staff %100-999 sally
	     guest-root /home/users/owner/ftp frank

	   causes  all guest users to chroot() to /home/users then starts each
	   user	  in   the   user's    home    directory,    as	   specifiedin
	   /home/users/etc/passwd.  Users in the range 100 through 999, inclu‐
	   sive, and user sally, will be chroot'd to /home/staff and  the  CWD
	   will	 be  taken  from  their entries in /home/staff/etc/passwd. The
	   single user frank will be chroot'd to /home/users/owner/ftp and the
	   CWD will be from his entry in /home/users/owner/ftp/etc/passwd.

	   The order is important for both anonymous-root and guest-root. If a
	   user would match multiple clauses, only the first applies; with the
	   exception  of  the  clause  which  has no class or uid-range, which
	   applies only if no other clause matches.

       deny-uid uid-range [uid-range...]
       deny-gid gid-range [gid-range...]
       allow-uid uid-range  [uid-range...]
       allow-gid gid-range [gid-range...]

	   Use these clauses to specify UID and GID values that will be denied
	   access  to  the FTP Server. The allow-uid and allow-gid clauses may
	   be used to allow access for UID and GID values which	 would	other‐
	   wise	 be  denied.  These  checks  occur  before all others. deny is
	   checked before allow. The default is to allow access. These clauses
	   do  not apply to anonymous users. Use defaultserver private to deny
	   access to anonymous users. In most cases, these clauses obviate the
	   need	 for  an  ftpusers(4) file. For example, the following clauses
	   deny FTP Server access to  all  privileged  or  special  users  and
	   groups, except the guest1 user or group.

	     deny-gid %-99 nobody noaccess nogroup
	     deny-uid %-99 nobody noaccess nobody4
	     allow-gid guest1
	     allow-uid guest1

	   Support  for the ftpusers file still exists, so it may be used when
	   changing the ftpaccess file is not desired. In any place  a	single
	   UID	or  GID is allowed throughout the ftpaccess file, either names
	   or numbers also may be used. To use a number, put  a	 percent  sign
	   (%)	symbol	before it. In places where a range is allowed, put the
	   percent sign before the range.  A "*" matches all UIDs or GIDs.

       restricted-uid uid-range [uid-range...]
       restricted-gid gid-range [gid-range...]
       unrestricted-uid uid-range [uid-range...]
       unrestricted-gid gid-range [gid-range...]

	   These clauses control whether or not real or guest  users  will  be
	   allowed access to areas on the FTP site outside their home directo‐
	   ries. These clauses are not meant to replace the use of  guestgroup
	   and	guestuser. Instead, use these clauses to supplement the opera‐
	   tion of guests. The unrestricted-uid and  unrestricted-gid  clauses
	   may be used to allow users outside their home directories who would
	   otherwise be restricted.

	   The following example shows the intended  use  for  these  clauses.
	   Assume  user	 dick  has  a home directory /home/dick and jane has a
	   home directory /home/jane:

	     guest-root /home dick jane
	     restricted-uid dick jane

	   While both dick and jane are chroot'd to /home, they cannot	access
	   each other's files because they are restricted to their home direc‐
	   tories. However, you should not rely solely upon the	 FTP  restric‐
	   tions  to  control  access. As with all other FTP access rules, you
	   should also use directory and file permissions to support the oper‐
	   ation of the ftpaccess configuration.

       site-exec-max-lines number [class...]

	   The	SITE  EXEC feature traditionally limits the number of lines of
	   output that may be sent to the remote client. Use  this  clause  to
	   set this limit. If this clause is omitted, the limit is 20 lines. A
	   limit of 0 (zero) implies no limit. Be very careful if  you	choose
	   to  remove  the  limit.  If	a  clause is found matching the remote
	   user's class, that limit is used. Otherwise, the clause with	 class
	   '*', or no class given, is used. For example:

	     site-exec-max-lines 200 remote
	     site-exec-max-lines 0 local
	     site-exec-max-lines 25

	   limits  output  from	 SITE  EXEC  (and therefore SITE INDEX) to 200
	   lines for remote users, specifies there is  no  limit  at  all  for
	   local users, and sets a limit of 25 lines for all other users.

       dns refuse_mismatch filename [override]

	   Refuse  FTP	sessions  when the forward and reverse lookups for the
	   remote site do not match. Lookups are done using the system's  name
	   service  as configured in nsswitch.conf(4). Display the named file,
	   like a message file, admonishing the user. If the optional override
	   is specified, allow the connection after complaining.

       dns refuse_no_reverse filename [override]

	   Refuse  FTP sessions when the remote host's IP address has no asso‐
	   ciated name.	 Lookups are done using the system's name  service  as
	   configured  in  nsswitch.conf(4). Display the named file, such as a
	   message file, admonishing the user. If  the	optional  override  is
	   specified, allow the connection after complaining.

       dns resolveroptions [options]

	   Modify certain internal resolver variables. This only has an effect
	   when DNS is used as the system's name service.  The	line  takes  a
	   series of options which are used to set the RES_OPTIONS environment
	   variable, see resolv.conf(4) for details. For example:

	     dns resolveroptions rotate attempts:1

	   turns on querying name servers  round-robin	and  selects  querying
	   each name server only once.

       Lines  that  begin  with	 a # sign are treated as comment lines and are
       ignored.

FILES
	/etc/ftpd/ftpaccess

ATTRIBUTES
       See attributes(5) for descriptions of the following attributes:

       ┌────────────────────┬─────────────────┐
       │  ATTRIBUTE TYPE    │ ATTRIBUTE VALUE │
       ├────────────────────┼─────────────────┤
       │Interface Stability │ External	      │
       └────────────────────┴─────────────────┘

SEE ALSO
       compress(1), ls(1), tar(1), ftpaddhost(1M), ftpconfig(1M), ftpshut(1M),
       in.ftpd(1M),	chroot(2),     nice(2),	    umask(2),	 getgrnam(3C),
       resolver(3RESOLV),  ftpconversions(4),	ftpgroups(4),	ftpservers(4),
       ftpusers(4), nsswitch.conf(4), resolv.conf(4), timezone(4), xferlog(4),
       attributes(5), fnmatch(5)

       Crocker, David H. RFC 822, Standard For The  Format  Of	ARPA  Internet
       Text Messages. Network Information Center. August 1982.

       St.  Johns,  Michael.  RFC  931, Authentication Server. Network Working
       Group. January 1985.

				 Sep 10, 2003			  FTPACCESS(4)
[top]

List of man pages available for SmartOS

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net