Re: about ftp site command

chuanpeng.wang · ‎12-11-2006

How to disable ftp site command such as chmod, umask?

I have try the ftpaccess but it does not work.

Steven Schweda · ‎12-11-2006

"man ftpaccess" discusses this under
"Permission Capabilities":

chmod { yes|no } typelist
delete { yes|no } typelist
overwrite { yes|no } typelist
rename { yes|no } typelist
umask { yes|no } typelist

What, exactly, did you try?

chuanpeng.wang · ‎12-11-2006

My ftpaccess, but it does not work.

rp3440dl[/etc/ftpd]#cat ftpaccess
# @(#)B.11.11_LR
#
loginfails 2

class local real,guest,anonymous *.domain 0.0.0.0
class remote real,guest,anonymous *

limit local 20 Any /etc/msgs/msg.toomany
limit remote 100 SaSu|Any1800-0600 /etc/msgs/msg.toomany
limit remote 60 Any /etc/msgs/msg.toomany

readme README* login
readme README* cwd=*

message /welcome.msg login
message .message cwd=*

compress yes local remote
tar yes local remote

# allow use of private file for SITE GROUP and SITE GPASS?
private yes

# passwd-check []
passwd-check rfc822 warn

log commands real
log transfers anonymous,real inbound,outbound
shutdown /etc/shutmsg

# all the following default to "yes" for everybody
delete no guest,anonymous # delete permission?
overwrite no guest,anonymous # overwrite permission?
rename no guest,anonymous # rename permission?
chmod no guest,ftp1,users,anonymous # chmod permission?
umask no anonymous # umask permission?

# specify the upload directory information
upload /var/ftp * no
upload /var/ftp /incoming yes root daemon 0600 dirs
upload /var/ftp /bin no
upload /var/ftp /etc no

# directory aliases
alias inc /incoming

# cdpath
cdpath /incoming
cdpath /pub
cdpath /

# path-filter...
path-filter anonymous /etc/pathmsg ^[-A-Za-z0-9_\.]*$ ^\. ^-
path-filter guest /etc/pathmsg ^[-A-Za-z0-9_\.]*$ ^\. ^-

# specify which group of users will be treated as "guests".
guestgroup ftponly

email user@hostname

In /etc/inetd.conf
ftp stream tcp nowait root /usr/lbin/ftpd ftpd -l -a

The username ftp1 is the ftp username.
What's wrong with it?

Steven Schweda · ‎12-11-2006

All I know is what I read on the "man" page,
but that says:

chmod { yes|no } typelist
[...]
typelist is a comma-separated list of any of the keywords
anonymous, guest, real and class=. When class= appears, it must
be followed by a classname. If any class= appears, the typelist
restriction applies only to users in that class.

"ftp1" is not "anonymous", "guest", "real",
or "class=class_name". (And what's "users"?)

I'd guess that you need to define a class
which includes the real user "ftp1", and then
specify that class. Something like:

class peons real ftp1
chmod no class=peons

I assume that you can specify more than one
"chmod" restriction, so that you could add
these, too:

chmod no anonymous,guest

chuanpeng.wang · ‎12-11-2006

Thanks.

I have resolved the problem.

In ftpaccess

chmod no real,guest,anonymous

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: about ftp site command

about ftp site command