chrooted ftpd

Matthew Seaman m.seaman at infracaninophile.co.uk
Wed Apr 23 14:35:16 PDT 2003


On Wed, Apr 23, 2003 at 03:52:09PM -0400, Brent Bailey wrote:
> thank you for your reponse......Your kidding me ...the stock ftpd that
> comes with FBSD 4.8 is so different that it no longer supports chroot ???
> Are we expected to to deinstall the package and installl some other port
> to just do chroot ?
> Are there any other ftp servers that can be used besides lukemftpd other
> than wu-ftpd...just to keep my options open.
> what about proftpd ??

No, the stock ftpd(8) apparently no longer supports the
FTPD_INTERNAL_LS compilation option.  It still does all of the
expected chroot(2) things.

The lukemftpd(8) that I mentioned seems to have internal ls
functionality by default:

    % find /usr/src -type f -print | xargs grep INTERNAL_LS
    /usr/src/contrib/lukemftpd/src/cmds.c:  char *argv[] = { INTERNAL_LS, "-lgA", "", NULL };
    /usr/src/contrib/lukemftpd/src/extern.h:#define INTERNAL_LS     "/bin/ls"
    /usr/src/contrib/lukemftpd/src/ftpcmd.y:                        char *argv[] = { INTERNAL_LS, "-lgA", NULL };
    /usr/src/contrib/lukemftpd/src/ftpcmd.y:                        char *argv[] = { INTERNAL_LS, "-lgA", NULL, NULL };
    /usr/src/contrib/lukemftpd/src/ftpd.c:          if (strcmp(argv[0], INTERNAL_LS) == 0) {
    /usr/src/contrib/lukemftpd/src/ftpd.c:                          char *argv[] = { INTERNAL_LS, "", NULL };
    /usr/src/contrib/lukemftpd/src/popen.c:#ifndef NO_INTERNAL_LS
    /usr/src/contrib/lukemftpd/src/popen.c: isls = (strcmp(sl->sl_str[0], INTERNAL_LS) == 0);
    /usr/src/contrib/lukemftpd/src/popen.c:#ifndef NO_INTERNAL_LS
    /usr/src/contrib/lukemftpd/acconfig.h:#undef NO_INTERNAL_LS
    /usr/src/contrib/lukemftpd/config.h.in:#undef NO_INTERNAL_LS
    /usr/src/contrib/lukemftpd/configure:#define NO_INTERNAL_LS 1
    /usr/src/contrib/lukemftpd/configure.in:        AC_DEFINE(NO_INTERNAL_LS,1)
    /usr/src/libexec/lukemftpd/config.h:/* #undef NO_INTERNAL_LS */

 ... and the man page states:

     ftpd has internal support for handling remote requests to list files, and
     will not execute /bin/ls in either a chrooted or non-chrooted environ-
     ment.  The ~/bin/ls executable need not be placed into the chrooted tree,
     nor need the ~/bin directory exist.

There's no need to install any ports to get this functionality:
lukemftpd(8) is part of the base system.  All you need to do is edit
/etc/inetd.conf so that it calls /usr/libexec/lukemftpd rather than
/usr/libexec/ftpd.  The big difference seems to be that lukemftpd(8)
has more bells and whistles to make it more suitable for running a
serious anonymous FTP site, whereas ftpd(8) has IPv6 support.

	Cheers,

	Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.                       26 The Paddocks
                                                      Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey         Marlow
Tel: +44 1628 476614                                  Bucks., SL7 1TH UK
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20030423/92b3913e/attachment-0001.bin


More information about the freebsd-questions mailing list