Commit | Line | Data |
---|---|---|
fdb56acd | 1 | .\" Copyright (c) 1985, 1988 The Regents of the University of California. |
43c671de | 2 | .\" All rights reserved. |
917eb9fe | 3 | .\" |
43c671de KB |
4 | .\" Redistribution and use in source and binary forms are permitted |
5 | .\" provided that the above copyright notice and this paragraph are | |
6 | .\" duplicated in all such forms and that any documentation, | |
7 | .\" advertising materials, and other materials related to such | |
8 | .\" distribution and use acknowledge that the software was developed | |
9 | .\" by the University of California, Berkeley. The name of the | |
10 | .\" University may not be used to endorse or promote products derived | |
11 | .\" from this software without specific prior written permission. | |
12 | .\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR | |
13 | .\" IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED | |
14 | .\" WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. | |
917eb9fe | 15 | .\" |
fdb56acd | 16 | .\" @(#)ftpd.8 6.7 (Berkeley) %G% |
43c671de | 17 | .\" |
fdb56acd | 18 | .TH FTPD 8 "February 23, 1989" |
917eb9fe KM |
19 | .UC 5 |
20 | .SH NAME | |
21 | ftpd \- DARPA Internet File Transfer Protocol server | |
22 | .SH SYNOPSIS | |
23 | .B /etc/ftpd | |
24 | [ | |
25 | .B \-d | |
26 | ] [ | |
27 | .B \-l | |
28 | ] [ | |
29 | .BR \-t timeout | |
fdb56acd MK |
30 | ] [ |
31 | .BR \-T maxtimeout | |
917eb9fe KM |
32 | ] |
33 | .SH DESCRIPTION | |
34 | .I Ftpd | |
fdb56acd | 35 | is the DARPA Internet File Transfer Protocol |
917eb9fe KM |
36 | server process. The server uses the TCP protocol |
37 | and listens at the port specified in the ``ftp'' | |
38 | service specification; see | |
39 | .IR services (5). | |
40 | .PP | |
41 | If the | |
42 | .B \-d | |
43 | option is specified, | |
2c32d7db | 44 | debugging information is written to the syslog. |
917eb9fe KM |
45 | .PP |
46 | If the | |
47 | .B \-l | |
48 | option is specified, | |
2c32d7db | 49 | each ftp session is logged in the syslog. |
917eb9fe KM |
50 | .PP |
51 | The ftp server | |
2c32d7db | 52 | will timeout an inactive session after 15 minutes. |
917eb9fe KM |
53 | If the |
54 | .B \-t | |
55 | option is specified, | |
56 | the inactivity timeout period will be set to | |
fdb56acd MK |
57 | .I timeout |
58 | seconds. | |
59 | A client may also request a different timeout period; | |
60 | the maximum period allowed may be set to | |
61 | .I timeout | |
62 | seconds with the | |
63 | .B \-T | |
64 | option. | |
65 | The default limit is 2 hours. | |
917eb9fe KM |
66 | .PP |
67 | The ftp server currently supports the following ftp | |
fdb56acd | 68 | requests; case is not distinguished. |
917eb9fe KM |
69 | .PP |
70 | .nf | |
71 | .ta \w'Request 'u | |
72 | \fBRequest Description\fP | |
1bd029de | 73 | ABOR abort previous command |
917eb9fe KM |
74 | ACCT specify account (ignored) |
75 | ALLO allocate storage (vacuously) | |
76 | APPE append to a file | |
1bd029de | 77 | CDUP change to parent of current working directory |
917eb9fe KM |
78 | CWD change working directory |
79 | DELE delete a file | |
80 | HELP give help information | |
fdb56acd | 81 | LIST give list files in a directory (``ls -lgA'') |
1bd029de | 82 | MKD make a directory |
fdb56acd | 83 | MDTM show last modification time of file |
917eb9fe | 84 | MODE specify data transfer \fImode\fP |
fdb56acd | 85 | NLST give name list of files in directory |
917eb9fe KM |
86 | NOOP do nothing |
87 | PASS specify password | |
1bd029de | 88 | PASV prepare for server-to-server transfer |
917eb9fe | 89 | PORT specify data connection port |
1bd029de | 90 | PWD print the current working directory |
917eb9fe | 91 | QUIT terminate session |
fdb56acd | 92 | REST restart incomplete transfer |
917eb9fe | 93 | RETR retrieve a file |
1bd029de | 94 | RMD remove a directory |
917eb9fe KM |
95 | RNFR specify rename-from file name |
96 | RNTO specify rename-to file name | |
fdb56acd MK |
97 | SITE non-standard commands (see next section) |
98 | SIZE return size of file | |
99 | STAT return status of server | |
917eb9fe | 100 | STOR store a file |
1bd029de | 101 | STOU store a file with a unique name |
917eb9fe | 102 | STRU specify data transfer \fIstructure\fP |
843d1a1c | 103 | SYST show operating system type of server system |
917eb9fe KM |
104 | TYPE specify data transfer \fItype\fP |
105 | USER specify user name | |
fdb56acd MK |
106 | XCUP change to parent of current working directory (deprecated) |
107 | XCWD change working directory (deprecated) | |
108 | XMKD make a directory (deprecated) | |
109 | XPWD print the current working directory (deprecated) | |
110 | XRMD remove a directory (deprecated) | |
111 | .fi | |
112 | .PP | |
113 | The following non-standard or UNIX specific commands are supported | |
114 | by the SITE request. | |
115 | .PP | |
116 | .nf | |
117 | .ta \w'Request 'u | |
118 | \fBRequest Description\fP | |
119 | UMASK change umask. \fIE.g.\fP SITE UMASK 002 | |
120 | IDLE set idle-timer. \fIE.g.\fP SITE IDLE 60 | |
121 | CHMOD change mode of a file. \fIE.g.\fP SITE CHMOD 755 filename | |
122 | HELP give help information. \fIE.g.\fP SITE HELP | |
917eb9fe KM |
123 | .fi |
124 | .PP | |
1bd029de | 125 | The remaining ftp requests specified in Internet RFC 959 are |
917eb9fe | 126 | recognized, but not implemented. |
fdb56acd MK |
127 | MDTM and SIZE are not specified in |
128 | RFC 959, but will appear in the next updated FTP RFC. | |
917eb9fe | 129 | .PP |
1bd029de GM |
130 | The ftp server will abort an active file transfer only when the |
131 | ABOR command is preceded by a Telnet "Interrupt Process" (IP) | |
132 | signal and a Telnet "Synch" signal in the command Telnet stream, | |
133 | as described in Internet RFC 959. | |
fdb56acd MK |
134 | If a STAT command is received during a data transfer, preceded by a Telnet IP |
135 | and Synch, transfer status will be returned. | |
1bd029de | 136 | .PP |
917eb9fe KM |
137 | .I Ftpd |
138 | interprets file names according to the ``globbing'' | |
139 | conventions used by | |
140 | .IR csh (1). | |
141 | This allows users to utilize the metacharacters ``*?[]{}~''. | |
142 | .PP | |
143 | .I Ftpd | |
144 | authenticates users according to three rules. | |
145 | .IP 1) | |
146 | The user name must be in the password data base, | |
147 | .IR /etc/passwd , | |
148 | and not have a null password. In this case a password | |
149 | must be provided by the client before any file operations | |
150 | may be performed. | |
151 | .IP 2) | |
152 | The user name must not appear in the file | |
153 | .IR /etc/ftpusers . | |
154 | .IP 3) | |
06e77c11 KM |
155 | The user must have a standard shell returned by |
156 | .IR getusershell (3). | |
157 | .IP 4) | |
917eb9fe KM |
158 | If the user name is ``anonymous'' or ``ftp'', an |
159 | anonymous ftp account must be present in the password | |
160 | file (user ``ftp''). In this case the user is allowed | |
161 | to log in by specifying any password (by convention this | |
162 | is given as the client host's name). | |
163 | .PP | |
164 | In the last case, | |
165 | .I ftpd | |
166 | takes special measures to restrict the client's access privileges. | |
167 | The server performs a | |
168 | .IR chroot (2) | |
169 | command to the home directory of the ``ftp'' user. | |
170 | In order that system security is not breached, it is recommended | |
171 | that the ``ftp'' subtree be constructed with care; the following | |
172 | rules are recommended. | |
173 | .IP ~ftp) | |
174 | Make the home directory owned by ``ftp'' and unwritable by anyone. | |
175 | .IP ~ftp/bin) | |
176 | Make this directory owned by the super-user and unwritable by | |
177 | anyone. The program | |
178 | .IR ls (1) | |
fdb56acd | 179 | must be present to support the list command. This |
917eb9fe KM |
180 | program should have mode 111. |
181 | .IP ~ftp/etc) | |
182 | Make this directory owned by the super-user and unwritable by | |
183 | anyone. The files | |
184 | .IR passwd (5) | |
185 | and | |
186 | .IR group (5) | |
187 | must be present for the | |
188 | .I ls | |
fdb56acd MK |
189 | command to be able to produce owner names rather than numbers. |
190 | The password field in | |
191 | .I passwd | |
192 | is not used, and should not contain real encrypted passwords. | |
193 | These files should be mode 444. | |
917eb9fe KM |
194 | .IP ~ftp/pub) |
195 | Make this directory mode 777 and owned by ``ftp''. Users | |
196 | should then place files which are to be accessible via the | |
197 | anonymous account in this directory. | |
198 | .SH "SEE ALSO" | |
43c671de | 199 | ftp(1), getusershell(3), syslogd(8) |
917eb9fe | 200 | .SH BUGS |
917eb9fe KM |
201 | The anonymous account is inherently dangerous and should |
202 | avoided when possible. | |
203 | .PP | |
204 | The server must run as the super-user | |
205 | to create sockets with privileged port numbers. It maintains | |
206 | an effective user id of the logged in user, reverting to | |
207 | the super-user only when binding addresses to sockets. The | |
208 | possible security holes have been extensively | |
209 | scrutinized, but are possibly incomplete. |