r286615: /usr/libexec/ftpd broken!
O. Hartmann
ohartman at zedat.fu-berlin.de
Fri Aug 14 19:47:34 UTC 2015
Am Fri, 14 Aug 2015 14:06:25 +0100
Matthew Seaman <matthew at freebsd.org> schrieb:
> On 08/14/15 12:45, O. Hartmann wrote:
> > Man page "ftpusers(5)" states, that an entry "username allow" will allow access
> > to ftpd. But every user listed in /etc/ftpusers is denied access, no matter
> > whether there is "allow" appended to the entry or not! This is strange.
> > Whenever I delete a user's name from that file I wish to have access to the
> > ftpd service, that user can login - but addig the users even as "username
> > allow" (no * in the file, nothing else but the initial users names) access is
> > denied.
>
> If you've got a ftpusers(5) that presumably comes from some ported
> software -- doesn't exist in the base system. There is pam_ftpusers(8)
> in base, although that doesn't seem to be in use by default.
After you mentioned this, I checked and you're correct!The manpage was installed by
package heimdal-1.5.3_4 according with another ftpd located under /usr/local/libexec.
>
> Traditionally 'ftpusers' was just a plain list of usernames or groups
> (indicated by a leading '@' character). According to ftpd(8) it lists
> the people *not* allowed access via FTP.
I got this.
>
> However, other implementations of FTP servers have adopted the ftpusers
> file and expanded its capabilities in various ways, by adding some
> additional flag fields for each username. It depends on what ftpd
> you're using exactly what syntax is used there. Properly ported
> software should really be using /usr/local/etc/ftpusers though.
I use NanoBSD for some very small appliance/server system and use the FreeBSD base system
to start with - avoiding unncessary package installation. Reading the heimdal man page,
configuring then according to heimdal's /usr/local/etc/ftpusers's explanations and then
running the FreeBSD ftpd from its natural starting point with the
misconfigured /etc/ftpusers will end in a mess. So it is my fault.
But anyway, cleaning up the mess doesn't resolve the weird issues with FreeBSD's own ftpd.
>
> Cheers,
>
> Matthew
>
>
>
>
Thank you for that hint.
Regards,
Oliver
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-current/attachments/20150814/9cfbb55b/attachment.bin>
More information about the freebsd-current
mailing list