bin/60662: [sysinstall] 5.2 Anonymous FTP server out dated

Olafur Osvaldsson oli at isnic.is
Fri Nov 12 16:50:34 PST 2004 

The following reply was made to PR bin/60662; it has been noted by GNATS.

From: Olafur Osvaldsson <oli at isnic.is>
To: freebsd-gnats-submit at FreeBSD.org
Cc: fbsd_user at a1poweruser.com
Subject: Re: bin/60662: [sysinstall] 5.2 Anonymous FTP server out dated
Date: Sat, 13 Nov 2004 00:41:25 +0000

 --OgqxwSJOaUobr8KG
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: inline
 
 I've attached a patch that:
  - moves the ftpmotd file to /etc/ftpmotd wich is the correct place
  - does not create the ~ftp/bin directory
  - makes skipping the creation of ~ftp/incoming an option by leaving the
    directory name empty.
  - Added text to the Anon-FTP config prompt that points out the previous change
    and advises the user to add -r to the ftpd command-line options in inetd.conf
  - creates pwd.db instead of passwd in ~ftp/etc
  - does not include group and pwd.db entries that start with - or + incase the
    user is using compat mode for the passwd database
 
 My opinion on other suggestions:
  - ~ftp/pub is still mentioned in the ftpd(8) man page and should therefor be made
  - the ftp/anonymous user does not need to be in the ftpchroot file, it is
    chrooted by default
  - not everyone wants all anon downloads logged so the -S should be up to the user
  - quota for the ftp user is not needed if the ~ftp/ dir is not writeable and the
    ftpd(8) has the -r option set
 
 /Oli
 
 -- 
 Olafur Osvaldsson
 Systems Administrator
 Internet a Islandi hf.
 Tel:   +354 525-5291
 Email: oli at isnic.is
 
 --OgqxwSJOaUobr8KG
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: attachment; filename="sysinstall.diff"
 
 diff -ruN sysinstall.orig/anonFTP.c sysinstall/anonFTP.c
 --- sysinstall.orig/anonFTP.c	Thu Mar 11 11:58:15 2004
 +++ sysinstall/anonFTP.c	Sat Nov 13 00:38:18 2004
 @@ -105,7 +105,7 @@
        tconf.homedir, STRINGOBJ, NULL },
  #define LAYOUT_UPLOAD		4
      { 14, 20, 22, ANONFTP_UPLOAD_LEN - 1,
 -      "Upload Subdirectory:", "Designated sub-directory that holds uploads",
 +      "Upload Subdirectory:", "Designated sub-directory that holds uploads (leave empty for none)",
        tconf.upload, STRINGOBJ, NULL },
  #define LAYOUT_OKBUTTON		5
      { 19, 15, 0, 0,
 @@ -248,6 +248,9 @@
  		 "ftpd(8) in inetd.conf(5) for FTP services to be available.  If you\n"
  		 "did not do so earlier, you will have the opportunity to enable inetd(8)\n"
  		 "again later.\n\n"
 +                 "If you want the server to be read-only you should leave the upload\n"
 +                 "directory option empty and add the -r command-line option to ftpd(8)\n"
 +                 "in inetd.conf(5)\n\n"
  		 "Do you wish to continue configuring anonymous FTP?")) {
  	return DITEM_FAILURE;
      }
 @@ -268,9 +271,6 @@
      if (!tconf.group[0])
  	SAFE_STRCPY(tconf.group, FTP_GROUP);
      
 -    if (!tconf.upload[0])
 -	SAFE_STRCPY(tconf.upload, FTP_UPLOAD);
 -    
      /*** If the user did not specify a directory, use default ***/
      
      if (tconf.homedir[strlen(tconf.homedir) - 1] == '/')
 @@ -287,18 +287,19 @@
      if (directory_exists(tconf.homedir)) {
  	msgNotify("Configuring %s for use by anon FTP.", tconf.homedir);
  	vsystem("chmod 555 %s && chown root.%s %s", tconf.homedir, tconf.group, tconf.homedir);
 -	vsystem("mkdir %s/bin && chmod 555 %s/bin", tconf.homedir, tconf.homedir);
 -	vsystem("cp /bin/ls %s/bin && chmod 111 %s/bin/ls", tconf.homedir, tconf.homedir);
 -	vsystem("cp /bin/date %s/bin && chmod 111 %s/bin/date", tconf.homedir, tconf.homedir);
  	vsystem("mkdir %s/etc && chmod 555 %s/etc", tconf.homedir, tconf.homedir);
  	vsystem("mkdir -p %s/pub", tconf.homedir);
 -	vsystem("mkdir -p %s/%s", tconf.homedir, tconf.upload);
 -	vsystem("chmod 1777 %s/%s", tconf.homedir, tconf.upload);
 +        if (tconf.upload[0]) {
 +	    vsystem("mkdir -p %s/%s", tconf.homedir, tconf.upload);
 +	    vsystem("chmod 1777 %s/%s", tconf.homedir, tconf.upload);
 +        }
  	
  	if (DITEM_STATUS(createFtpUser()) == DITEM_SUCCESS) {
  	    msgNotify("Copying password information for anon FTP.");
 -	    vsystem("awk -F: '{if ($3 < 10 || $1 == \"ftp\") print $0}' /etc/passwd > %s/etc/passwd && chmod 444 %s/etc/passwd", tconf.homedir, tconf.homedir);
 -	    vsystem("awk -F: '{if ($3 < 100) print $0}' /etc/group > %s/etc/group && chmod 444 %s/etc/group", tconf.homedir, tconf.homedir);
 +	    vsystem("awk -F: '{if ((substr($1, 1, 1) != \"+\") && (substr($1, 1, 1) != \"-\") && ($3 < 10 || $1 == \"ftp\")) print $0}' /etc/master.passwd > %s/etc/master.passwd", tconf.homedir);
 +	    vsystem("/usr/sbin/pwd_mkdb -d %s/etc %s/etc/master.passwd && chmod 444 %s/etc/pwd.db", tconf.homedir, tconf.homedir, tconf.homedir);
 +	    vsystem("rm -f %s/etc/master.passwd %s/etc/spwd.db", tconf.homedir, tconf.homedir);
 +	    vsystem("awk -F: '{if ((substr($1, 1, 1) != \"+\") && (substr($1, 1, 1) != \"-\") && ($3 < 100)) print $0}' /etc/group > %s/etc/group && chmod 444 %s/etc/group", tconf.homedir, tconf.homedir);
  	    vsystem("chown -R root.%s %s/pub", tconf.group, tconf.homedir);
  	}
  	else {
 @@ -308,8 +309,8 @@
  	
  	if (!msgYesNo("Create a welcome message file for anonymous FTP users?")) {
  	    char cmd[256];
 -	    vsystem("echo Your welcome message here. > %s/etc/%s", tconf.homedir, MOTD_FILE);
 -	    sprintf(cmd, "%s %s/etc/%s", variable_get(VAR_EDITOR), tconf.homedir, MOTD_FILE);
 +	    vsystem("echo Your welcome message here. > /etc/%s", MOTD_FILE);
 +	    sprintf(cmd, "%s /etc/%s", variable_get(VAR_EDITOR), MOTD_FILE);
  	    if (!systemExecute(cmd))
  		i = DITEM_SUCCESS;
  	    else
 
 --OgqxwSJOaUobr8KG--

More information about the freebsd-qa mailing list