eftaccess

Langue: en

Version: 300997 (debian - 07/07/09)

Section: 5 (Format de fichier)

Name

eftaccess - eftd configuration file

Description

The eftaccess file is used to configure the operation of eftd(1).

Access Capabilities

autogroup <groupname> <class> [<class> ...]
If an ANONYMOUS user is a member of any of <class>, the ftp server will perform a setegid() to <groupname>. This allows access to group-and-owner-read-only files and directories to a particular class of anonymous users. <groupname> is a valid group from /etc/group (or wherever mechanism your getgrent(2) library routine uses).
class <class> <typelist> <addrglob> [<addrglob> ...]
Define <class> of users, with source addresses of the form <addrglob>. Multiple members of <class> may be defined. There may be multiple "class" commands listing additional members of the class. If multiple "class" commands can apply to the current session, the first one listed in the access file is used. Failing to define a valid class for a host will cause access to be denied. <typelist> is a comma-separated list of any of the keywords "anonymous", "guest" and "real". If the "real" keyword is included, the class can match users using FTP to access real accounts, and if the "anonymous" keyword is included the class can match users using anonymous FTP. The "guest" keyword matches guest access accounts (see "guestgroup" for more information)

<addrglob> may be a globbed isdn number.

deny <addrglob> <message_file>
Always deny access to host(s) matching <addrglob>. <message_file> is displayed.
guestgroup <groupname> [<groupname> ...]
If a REAL user is a member of any of <groupname>, the session is set up exactly as with anonymous FTP. In other words, a chroot() is done, and the user is no longer permitted to issue the USER and PASS commands. <groupname> is a valid group from /etc/group (or whatever mechanism your getgrent(3) library routine uses).

The user's home directory must be properly set up, exactly as anonymous FTP would be. The home directory field of the passwd entry is divided into two directories. The first field is the root directory which will be the argument to the chroot(2) call. The second half is the user's home directory relative to the root directory. The two halves are separated by a "/./".

Example:

in /etc/passwd, the real entry:

guest1:<passwd>:100:92:Guest Account:/ftp/./incoming:/etc/ftponly

When guest1 successfully logs in, the ftp server will chroot("/ftp") and then chdir("/incoming"). The guest user will only be able to access the directory structure under /ftp (which will look and act as / to guest1), just as an anonymous FTP user would.

limit <class> <n> <times> <message_file>
(currently not applicable to eftd)

Limit <class> to <n> users at times <times>, displaying <message_file> if user is denied access. Limit check is performed at login time only. If multiple "limit" commands can apply to the current session, the first applicable one is used. Failing to define a valid limit, or a limit of -1, is equivalent to unlimited. <times> is in same format as the times in the UUCP L.sys file.

noretrieve <filename> <filename> ....
(currently not applicable to eftd)

Always deny retrieve-ability of these files. If the files are an absolute path specification (i.e. begins with '/' character) then only those files are marked un-gettable, otherwise all files with matching the filename are refused transfer. Example:

        noretrieve /etc/passwd core

specifies no one will be able to get the file /etc/passwd whereas they will be allowed to transfer a file `passwd' if it is not in /etc. On the other hand no one will be able to get files named `core' wherever it is.

No globbing is done.

loginfails <number>
(currently not applicable to eftd)

After <number> login failures, log a "repeated login failures" message and terminate the FTP connection. Default value is 5.

Informational Capabilities

banner <path>
Works similarly to the message command, except that the banner is displayed before the user enters the username/password. The <path> is relative to the real system root, not the base of the anonymous FTP directory.
email <name>
Defines the email address of the ftp archive maintainer. This string will be printed every time the %E magic cookie is used.
message <path> {<when> {<class> ...}}
(currently not applicable to eftd)

Define a file with <path> such that ftpd will display the contents of the file to the user login time or upon using the change working directory command. The <when> parameter may be "LOGIN" or "CWD=<dir>". If <when> is "CWD=<dir>", <dir> specifies the new default directory which will trigger the notification.

The optional <class> specification allows the message to be displayed only to members of a particular class. More than one class may be specified.

There can be "magic cookies" in the readme file which cause the ftp server to replace the cookie with a specified text string:


      %T      local time (form Thu Nov 15 17:12:42 1990)
      %F      free space in partition of CWD (kbytes)
              [not supported on all systems]
      %C      current working directory
      %E      the maintainer's email address as defined in ftpaccess
      %R      remote host name
      %L      local host name
      %u      username as determined via RFC931 authentication
      %U      username given at login time
      %M      maximum allowed number of users in this class
      %N      current number of users in this class

The message will only be displayed once to avoid annoying the user. Remember that when MESSAGEs are triggered by an anonymous FTP user, the <path> must be relative to the base of the anonymous FTP directory tree.

readme <path> {<when> {<class>}}
Define a file with <path> such that ftpd will notify user at login time or upon using the change working directory command that the file exists and was modified on such-and-such date. The <when> parameter may be "LOGIN" or "CWD=<dir>". If <when> is "CWD=<dir>", <dir> specifies the new default directory which will trigger the notification. The message will only be displayed once, to avoid bothering users. Remember that when README messages are triggered by an anonymous FTP user, the <path> must be relative to the base of the anonymous FTP directory tree.

The optional <class> specification allows the message to be displayed only to members of a particular class. More than one class may be specified.

Logging Capabilities

log commands <typelist>
Enables logging of individual commands by users. <typelist> is a comma-separated list of any of the keywords "anonymous", "guest" and "real". If the "real" keyword is included, logging will be done for users using FTP to access real accounts, and if the "anonymous" keyword is included logging will done for users using anonymous FTP. The "guest" keyword matches guest access accounts (see "guestgroup" for more information).
log transfers <typelist> <directions>
Enables logging of file transfers for either real or anonymous FTP users. Logging of transfers TO the server (incoming) can be enabled separately from transfers FROM the server (outbound). <typelist> is a comma-separated list of any of the keywords "anonymous", "guest" and "real". If the "real" keyword is included, logging will be done for users using FTP to access real accounts, and if the "anonymous" keyword is included logging will done for users using anonymous FTP. The "guest" keyword matches guest access accounts (see "guestgroup" for more information). <directions> is a comma-separated list of any of the two keywords "inbound" and "outbound", and will respectively cause transfers to be logged for files sent to the server and sent from the server.

Miscellaneous Capabilities

alias <string> <dir>
Defines an alias, <string>, for a directory. Can be used to add the concept of logical directories.

For example:
  alias   rfc:    /pub/doc/rfc

would allow the user to access /pub/doc/rfc from any directory by the command "cd rfc:". Aliases only apply to the cd command.

cdpath <dir>
Defines an entry in the cdpath. This defines a search path that is used when changing directories.

For example:


  cdpath /pub/packages
  cdpath /.aliases

would allow the user to cd into any directory directly under /pub/packages or /.aliases directories. The search path is defined by the order the lines appear in the ftpaccess file.

If the user were to give the command:


  cd foo

The directory will be searched for in the following order:


  ./foo
  an alias called "foo"
  /pub/packages/foo
  /.aliases/foo

The cd path is only available with the cd command. If you have a large number of aliases you might want to set up an aliases directory with links to all of the areas you wish to make available to users.

Permission Capabilities

(currently not applicable to eftd)
chmod <yes|no> <typelist>
delete <yes|no> <typelist>
overwrite <yes|no> <typelist>
rename <yes|no> <typelist>
umask <yes|no> <typelist>
Allows or disallows the ability to perform the specified function. By default, all users are allowed.

<typelist> is a comma-separated list of any of the keywords "anonymous", "guest" and "real".

passwd-check <none|trivial|rfc822> (<enforce|warn>)
Define the level and enforcement of password checking done by the server for anonymous ftp.


  none      no password checking performed.
  trivial   password must contain an '@'.
  rfc822    password must be an rfc822 compliant address.


  warn      warn the user, but allow them to log in.
  enforce   warn the user, and then log them out.

path-filter <typelist> <mesg> <allowed_charset> {<disallowed regexp> ...}
(currently not applicable to eftd)

For users in <typelist>, path-filter defines regular expressions that control what a filename can or can not be. There may be multiple disallowed regexps. If a filename is invalid due to failure to match the regexp criteria, <mesg> will be displayed to the user. For example:


  path-filter anonymous /etc/pathmsg ^[-A-Za-z0-9._]*$ ^. ^-

specifies that all upload filenames for anonymous users must be made of only the characters A-Z, a-z, 0-9, and "._-" and may not begin with a "." or a "-". If the filename is invalid, /etc/pathmsg will be displayed to the user.

upload <root-dir> <dirglob> <yes|no> <owner> <group> <mode> [dirs|nodirs]
Define a directory with <dirglob> that permits or denies uploads.

If it does permit uploads, all files will be owned by <owner> and <group> and will have the permissions set according to <mode>.

Directories are matched on a best-match basis.

For example:
  upload  /var/ftp  *               no
  upload  /var/ftp  /incoming       yes  ftp  daemon  0666
  upload  /var/ftp  /incoming/gifs  yes  jlc  guest   0600  nodirs

This would only allow uploads into /incoming and /incoming/gifs. Files that were uploaded to /incoming would be owned by ftp/daemon and would have permissions of 0666. File uploaded to /incoming/gifs would be owned by jlc/guest and have permissions of 0600. Note that the <root-dir> here must match the home directory specified in the password database for the "ftp" user.

The optional "dirs" and "nodirs" keywords can be specified to allow or disallow the creation of new subdirectories using the mkdir command.

The upload keyword only applies to users who have a home directory (the argument to the chroot() ) of <root-dir>.

Files

FTPLIB/ftpaccess

See Also

ftpd(8), umask(2), ftplog(5), ftpconversions(5), ftpshut(8)

BUGS

The eftaccess features are mainly untested. Most of this man page is not finished. In particular, don't expect any feature to work that is used for anything else but authenticating a user logging in.