chrooted ftpd
Matthew Seaman
m.seaman at infracaninophile.co.uk
Wed Apr 23 14:35:16 PDT 2003
On Wed, Apr 23, 2003 at 03:52:09PM -0400, Brent Bailey wrote:
> thank you for your reponse......Your kidding me ...the stock ftpd that
> comes with FBSD 4.8 is so different that it no longer supports chroot ???
> Are we expected to to deinstall the package and installl some other port
> to just do chroot ?
> Are there any other ftp servers that can be used besides lukemftpd other
> than wu-ftpd...just to keep my options open.
> what about proftpd ??
No, the stock ftpd(8) apparently no longer supports the
FTPD_INTERNAL_LS compilation option. It still does all of the
expected chroot(2) things.
The lukemftpd(8) that I mentioned seems to have internal ls
functionality by default:
% find /usr/src -type f -print | xargs grep INTERNAL_LS
/usr/src/contrib/lukemftpd/src/cmds.c: char *argv[] = { INTERNAL_LS, "-lgA", "", NULL };
/usr/src/contrib/lukemftpd/src/extern.h:#define INTERNAL_LS "/bin/ls"
/usr/src/contrib/lukemftpd/src/ftpcmd.y: char *argv[] = { INTERNAL_LS, "-lgA", NULL };
/usr/src/contrib/lukemftpd/src/ftpcmd.y: char *argv[] = { INTERNAL_LS, "-lgA", NULL, NULL };
/usr/src/contrib/lukemftpd/src/ftpd.c: if (strcmp(argv[0], INTERNAL_LS) == 0) {
/usr/src/contrib/lukemftpd/src/ftpd.c: char *argv[] = { INTERNAL_LS, "", NULL };
/usr/src/contrib/lukemftpd/src/popen.c:#ifndef NO_INTERNAL_LS
/usr/src/contrib/lukemftpd/src/popen.c: isls = (strcmp(sl->sl_str[0], INTERNAL_LS) == 0);
/usr/src/contrib/lukemftpd/src/popen.c:#ifndef NO_INTERNAL_LS
/usr/src/contrib/lukemftpd/acconfig.h:#undef NO_INTERNAL_LS
/usr/src/contrib/lukemftpd/config.h.in:#undef NO_INTERNAL_LS
/usr/src/contrib/lukemftpd/configure:#define NO_INTERNAL_LS 1
/usr/src/contrib/lukemftpd/configure.in: AC_DEFINE(NO_INTERNAL_LS,1)
/usr/src/libexec/lukemftpd/config.h:/* #undef NO_INTERNAL_LS */
... and the man page states:
ftpd has internal support for handling remote requests to list files, and
will not execute /bin/ls in either a chrooted or non-chrooted environ-
ment. The ~/bin/ls executable need not be placed into the chrooted tree,
nor need the ~/bin directory exist.
There's no need to install any ports to get this functionality:
lukemftpd(8) is part of the base system. All you need to do is edit
/etc/inetd.conf so that it calls /usr/libexec/lukemftpd rather than
/usr/libexec/ftpd. The big difference seems to be that lukemftpd(8)
has more bells and whistles to make it more suitable for running a
serious anonymous FTP site, whereas ftpd(8) has IPv6 support.
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks
Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey Marlow
Tel: +44 1628 476614 Bucks., SL7 1TH UK
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20030423/92b3913e/attachment-0001.bin
More information about the freebsd-questions
mailing list