Name
eftaccess - eftd configuration file
Description
The eftaccess file is used to configure the operation of eftd(1).
Access Capabilities
autogroup <groupname> <class> [<class> ...]
If an ANONYMOUS user is a member of any of <class>, the ftp server
will perform a setegid() to <groupname>. This allows access to
group-and-owner-read-only files and directories to a particular
class of anonymous users. <groupname> is a valid group from
/etc/group (or wherever mechanism your getgrent(2) library routine
uses).
class <class> <typelist> <addrglob> [<addrglob> ...]
Define <class> of users, with source addresses of the form
<addrglob>. Multiple members of <class> may be defined. There
may be multiple "class" commands listing additional members of the
class. If multiple "class" commands can apply to the current
session, the first one listed in the access file is used. Failing
to define a valid class for a host will cause access to be denied.
<typelist> is a comma-separated list of any of the keywords
"anonymous", "guest" and "real". If the "real" keyword is
included, the class can match users using FTP to access real
accounts, and if the "anonymous" keyword is included the class can
match users using anonymous FTP. The "guest" keyword matches
guest access accounts (see "guestgroup" for more information)
<addrglob> may be a globbed isdn number.
deny <addrglob> <message_file>
Always deny access to host(s) matching <addrglob>. <message_file>
is displayed.
guestgroup <groupname> [<groupname> ...]
If a REAL user is a member of any of <groupname>, the session is
set up exactly as with anonymous FTP. In other words, a chroot()
is done, and the user is no longer permitted to issue the USER and
PASS commands. <groupname> is a valid group from /etc/group (or
whatever mechanism your getgrent(3) library routine uses).
The user’s home directory must be properly set up, exactly as
anonymous FTP would be. The home directory field of the passwd
entry is divided into two directories. The first field is the
root directory which will be the argument to the chroot(2) call.
The second half is the user’s home directory relative to the root
directory. The two halves are separated by a "/./".
Example:
in /etc/passwd, the real entry:
guest1:<passwd>:100:92:Guest Account:/ftp/./incoming:/etc/ftponly
When guest1 successfully logs in, the ftp server will
chroot("/ftp") and then chdir("/incoming"). The guest user will
only be able to access the directory structure under /ftp (which
will look and act as / to guest1), just as an anonymous FTP user
would.
limit <class> <n> <times> <message_file>
(currently not applicable to eftd)
Limit <class> to <n> users at times <times>, displaying <message_file>
if user is denied access. Limit check is performed at login time only.
If multiple "limit" commands can apply to the current session, the
first applicable one is used. Failing to define a valid limit, or a
limit of -1, is equivalent to unlimited. <times> is in same format as
the times in the UUCP L.sys file.
noretrieve <filename> <filename> ....
(currently not applicable to eftd)
Always deny retrieve-ability of these files. If the files are an
absolute path specification (i.e. begins with ’/’ character) then only
those files are marked un-gettable, otherwise all files with matching
the filename are refused transfer. Example:
noretrieve /etc/passwd core
specifies no one will be able to get the file /etc/passwd whereas they
will be allowed to transfer a file ‘passwd’ if it is not in /etc. On
the other hand no one will be able to get files named ‘core’ wherever
it is.
No globbing is done.
loginfails <number>
(currently not applicable to eftd)
After <number> login failures, log a "repeated login failures" message
and terminate the FTP connection. Default value is 5.
Informational Capabilities
banner <path>
Works similarly to the message command, except that the banner is
displayed before the user enters the username/password. The
<path> is relative to the real system root, not the base of the
anonymous FTP directory.
email <name>
Defines the email address of the ftp archive maintainer. This
string will be printed every time the %E magic cookie is used.
message <path> {<when> {<class> ...}}
(currently not applicable to eftd)
Define a file with <path> such that ftpd will display the contents of
the file to the user login time or upon using the change working
directory command. The <when> parameter may be "LOGIN" or "CWD=<dir>".
If <when> is "CWD=<dir>", <dir> specifies the new default directory
which will trigger the notification.
The optional <class> specification allows the message to be displayed
only to members of a particular class. More than one class may be
specified.
There can be "magic cookies" in the readme file which cause the ftp
server to replace the cookie with a specified text string:
%T local time (form Thu Nov 15 17:12:42 1990)
%F free space in partition of CWD (kbytes)
[not supported on all systems]
%C current working directory
%E the maintainer’s email address as defined in ftpaccess
%R remote host name
%L local host name
%u username as determined via RFC931 authentication
%U username given at login time
%M maximum allowed number of users in this class
%N current number of users in this class
The message will only be displayed once to avoid annoying the user.
Remember that when MESSAGEs are triggered by an anonymous FTP user, the
<path> must be relative to the base of the anonymous FTP directory
tree.
readme <path> {<when> {<class>}}
Define a file with <path> such that ftpd will notify user at login
time or upon using the change working directory command that the
file exists and was modified on such-and-such date. The <when>
parameter may be "LOGIN" or "CWD=<dir>". If <when> is
"CWD=<dir>", <dir> specifies the new default directory which will
trigger the notification. The message will only be displayed
once, to avoid bothering users. Remember that when README
messages are triggered by an anonymous FTP user, the <path> must
be relative to the base of the anonymous FTP directory tree.
The optional <class> specification allows the message to be
displayed only to members of a particular class. More than one
class may be specified.
Logging Capabilities
log commands <typelist>
Enables logging of individual commands by users. <typelist> is a
comma-separated list of any of the keywords "anonymous", "guest"
and "real". If the "real" keyword is included, logging will be
done for users using FTP to access real accounts, and if the
"anonymous" keyword is included logging will done for users using
anonymous FTP. The "guest" keyword matches guest access accounts
(see "guestgroup" for more information).
log transfers <typelist> <directions>
Enables logging of file transfers for either real or anonymous FTP
users. Logging of transfers TO the server (incoming) can be
enabled separately from transfers FROM the server (outbound).
<typelist> is a comma-separated list of any of the keywords
"anonymous", "guest" and "real". If the "real" keyword is
included, logging will be done for users using FTP to access real
accounts, and if the "anonymous" keyword is included logging will
done for users using anonymous FTP. The "guest" keyword matches
guest access accounts (see "guestgroup" for more information).
<directions> is a comma-separated list of any of the two keywords
"inbound" and "outbound", and will respectively cause transfers to
be logged for files sent to the server and sent from the server.
Miscellaneous Capabilities
alias <string> <dir>
Defines an alias, <string>, for a directory. Can be used to add
the concept of logical directories.
For example:
alias rfc: /pub/doc/rfc
would allow the user to access /pub/doc/rfc from any directory by
the command "cd rfc:". Aliases only apply to the cd command.
cdpath <dir>
Defines an entry in the cdpath. This defines a search path that is
used when changing directories.
For example:
cdpath /pub/packages
cdpath /.aliases
would allow the user to cd into any directory directly under
/pub/packages or /.aliases directories. The search path is defined
by the order the lines appear in the ftpaccess file.
If the user were to give the command:
cd foo
The directory will be searched for in the following order:
./foo
an alias called "foo"
/pub/packages/foo
/.aliases/foo
The cd path is only available with the cd command. If you have a
large number of aliases you might want to set up an aliases
directory with links to all of the areas you wish to make
available to users.
Permission Capabilities
(currently not applicable to eftd)
chmod <yes|no> <typelist>
delete <yes|no> <typelist>
overwrite <yes|no> <typelist>
rename <yes|no> <typelist>
umask <yes|no> <typelist>
Allows or disallows the ability to perform the specified function.
By default, all users are allowed.
<typelist> is a comma-separated list of any of the keywords
"anonymous", "guest" and "real".
passwd-check <none|trivial|rfc822> (<enforce|warn>)
Define the level and enforcement of password checking done by the
server for anonymous ftp.
none no password checking performed.
trivial password must contain an ’@’.
rfc822 password must be an rfc822 compliant address.
warn warn the user, but allow them to log in.
enforce warn the user, and then log them out.
path-filter <typelist> <mesg> <allowed_charset> {<disallowed regexp>
...}
(currently not applicable to eftd)
For users in <typelist>, path-filter defines regular expressions that
control what a filename can or can not be. There may be multiple
disallowed regexps. If a filename is invalid due to failure to match
the regexp criteria, <mesg> will be displayed to the user. For
example:
path-filter anonymous /etc/pathmsg ^[-A-Za-z0-9._]*$ ^. ^-
specifies that all upload filenames for anonymous users must be made of
only the characters A-Z, a-z, 0-9, and "._-" and may not begin with a
"." or a "-". If the filename is invalid, /etc/pathmsg will be
displayed to the user.
upload <root-dir> <dirglob> <yes|no> <owner> <group> <mode>
["dirs"|"nodirs"]
Define a directory with <dirglob> that permits or denies uploads.
If it does permit uploads, all files will be owned by <owner> and
<group> and will have the permissions set according to <mode>.
Directories are matched on a best-match basis.
For example:
upload /var/ftp * no
upload /var/ftp /incoming yes ftp daemon 0666
upload /var/ftp /incoming/gifs yes jlc guest 0600 nodirs
This would only allow uploads into /incoming and /incoming/gifs.
Files that were uploaded to /incoming would be owned by ftp/daemon
and would have permissions of 0666. File uploaded to
/incoming/gifs would be owned by jlc/guest and have permissions of
0600. Note that the <root-dir> here must match the home directory
specified in the password database for the "ftp" user.
The optional "dirs" and "nodirs" keywords can be specified to
allow or disallow the creation of new subdirectories using the
mkdir command.
The upload keyword only applies to users who have a home directory
(the argument to the chroot() ) of <root-dir>.
Files
FTPLIB/ftpaccess
See Also
ftpd(8), umask(2), ftplog(5), ftpconversions(5), ftpshut(8)
BUGS
The eftaccess features are mainly untested. Most of this man page is
not finished. In particular, don’t expect any feature to work that is
used for anything else but authenticating a user logging in.
eftaccess(5)