HPE Community
Operating System - HP-UX
1754861 Members
5358 Online
108827 Solutions
New Discussion юеВ

anon ftp & permissions denied (upload)

 
SOLVED
Go to solution
Lisa Sorbo
Frequent Advisor

тАО07-25-2007 08:13 AM

тАО07-25-2007 08:13 AM

anon ftp & permissions denied (upload)

I've searched and seen the various threads but not found a resolution. we've moved from a B.11.0 server to 11.23 i64 serve. I have a requirement to ensure that the user "ftp" continues to be able to upload files to /home/ftp.
Currently - a "put" results in this message:
ftp> put unq-a9.txt
200 PORT command successful.
553 unq-A9.txt: Permission denied on server. (Upload)

---
as this was working on the previous server, this is considered imperitive for me to get working "as is" (and address why this isn't a good idea later).
I have no idea where to start. The directory permissions are same as prev server:
drwxrwxrwx 2 ftp users 8192 Jul 25 11:36 ftp
---
any help would be greatly appreciated.
Lisa
0 Kudos
Reply
11 REPLIES 11
A. Clay Stephenson
Acclaimed Contributor

тАО07-25-2007 08:19 AM

тАО07-25-2007 08:19 AM

Re: anon ftp & permissions denied (upload)

You are now running a later version of ftpd and has much more security. Examine the ftpaccess file and I think your problems will be obvious. Do a man ftpaccess and look for "upload".
If it ain't broke, I can fix that.
0 Kudos
Reply
Lisa Sorbo
Frequent Advisor

тАО07-25-2007 08:49 AM

тАО07-25-2007 08:49 AM

Re: anon ftp & permissions denied (upload)

I'm afraid I'm really dense here - I read the man page for ftpaccess and am still not 100% sure what to do.

I can sort of see what I need to do in the example for the user "ftp" -

all of my normal users that need to ftp files up and down are currently working fine.

if I issue those ftpaccess upload command for ftp -- will all my other users remain uneffected?

if I mess up the command that I issue - can it be undone?
0 Kudos
Reply
A. Clay Stephenson
Acclaimed Contributor

тАО07-25-2007 09:08 AM

тАО07-25-2007 09:08 AM

Re: anon ftp & permissions denied (upload)

It's a bit difficult to tell you what to do when the ftpaccess file isn't visible. You could post the ftpaccess file (and change any actual usernames and sensitive directory names that you might have to something innocuous). On the other hand, as long as you keep a backup copy of your current file, you shouldn't be able to disrupt more than a few new connections before reverting to the backup copy. I THINK that ftpaccess is only consulted when a new instance of ftpd is spawned (ie a new session).
If it ain't broke, I can fix that.
0 Kudos
Reply
Lisa Sorbo
Frequent Advisor

тАО07-25-2007 09:14 AM

тАО07-25-2007 09:14 AM

Re: anon ftp & permissions denied (upload)

in my current /etc/ftpd directory
there is no file named ftpaccess at all.

do I just "vi" a new one and make an entry there?
0 Kudos
Reply
Lisa Sorbo
Frequent Advisor

тАО07-25-2007 09:32 AM

тАО07-25-2007 09:32 AM

Re: anon ftp & permissions denied (upload)

I have made an ftpaccess file and still have the same result (permission denied upload).

here is what I have in the file and in /etc/ftp: (names xxx zzz are sanitized)

hqdxxx01:/etc/ftpd # more ftpaccess
upload /home/ftp * yes ftp zzz 0666
hqdxxx01:/etc/ftpd # ll
total 16
dr-xr-xr-x 2 bin bin 96 Sep 8 2004 ftp-exec
-rw-rw-r-- 1 root sys 36 Jul 25 14:29 ftpaccess
dr-xr--r-- 2 bin bin 96 Sep 8 2004 pids
0 Kudos
Reply
A. Clay Stephenson
Acclaimed Contributor

тАО07-25-2007 09:33 AM

тАО07-25-2007 09:33 AM

Re: anon ftp & permissions denied (upload)

Ok, since you do not have an ftpaccess, you are running standard ftp security. Foe the time being, I would add the -A option to the ftpd entry in /etc/inetd.conf and then execute inetd -c. This will just tell the system not to use the ftpaccess file if it isn't set already.

Now, do a man ftpd (the ftpd daemon) and read the entire section dealing with anonymous users and follow the Yellow Brick Road exactly and your anonymous users should be able to put files.
If it ain't broke, I can fix that.
0 Kudos
Reply
Lisa Sorbo
Frequent Advisor

тАО07-25-2007 10:39 AM

тАО07-25-2007 10:39 AM

Re: anon ftp & permissions denied (upload)

I read man ftpd

by "follow the yellow brick road", do you mean to say I have to build all those subdirs and files under /home/ftp ? none of that is on my old server in /home/ftp.
0 Kudos
Reply
Lisa Sorbo
Frequent Advisor

тАО07-25-2007 10:49 AM

тАО07-25-2007 10:49 AM

Re: anon ftp & permissions denied (upload)

I haven't done all that yet. but I did try "get" - that is fine. just "put" gives the error. so it's half up I guess.
0 Kudos
Reply
A. Clay Stephenson
Acclaimed Contributor

тАО07-25-2007 11:05 AM

тАО07-25-2007 11:05 AM

Solution

Re: anon ftp & permissions denied (upload)

Yes, I meant build all those subdirs and populate them just as directed. You have to realize the an anonymous ftp login does a chroot to the anonymous users home directory. This means that from that point on, "/" (the top of the filetree) no longer is the system root directory for this user so you have to have a separate etc with passwd and group and well as other directories.
If it ain't broke, I can fix that.
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.