HPE Community
Operating System - HP-UX
1833555 Members
3181 Online
110061 Solutions
New Discussion

Re: wu-ftpd ftpusers not working?

 
Peter Barlow
Occasional Contributor

‎09-12-2001 07:43 AM

‎09-12-2001 07:43 AM

wu-ftpd ftpusers not working?

I've installed the latest version of wu-ftpd (from the hp site - not the porting centre). Most things seem to work correctly (e.g. I've been playing with the options in ftpaccess to make the incoming directory write only) however the settings in /etc/ftpd/ftpusers seem to have no effect. I took the issued file (which contains an entry for root) but as long as I supply the correct password I can still log in as root. Can anyone tell me what I'm doing wrong here?

Pete
0 Kudos
Reply
8 REPLIES 8
James R. Ferguson
Acclaimed Contributor

‎09-12-2001 07:57 AM

‎09-12-2001 07:57 AM

Re: wu-ftpd ftpusers not working?

Hi Peter:

Make sure that the 'ftpd' daemon is started with '-a' and not '-A' in /etc/inetd.conf (see "man 1M ftpd").

If it is necessary to correct this, restart the 'inetd' daemon with:

# /usr/sbin/inetd -c

Regards!

...JRF...
0 Kudos
Reply
Peter Barlow
Occasional Contributor

‎09-12-2001 08:09 AM

‎09-12-2001 08:09 AM

Re: wu-ftpd ftpusers not working?

James, it was set to -a. As the man page says setting it to -A would disable the ftpaccess file which is not what I'm seeing
0 Kudos
Reply
linuxfan
Honored Contributor

‎09-12-2001 09:03 AM

‎09-12-2001 09:03 AM

Re: wu-ftpd ftpusers not working?

Hi Peter,

When you install wu_ftpd, i believe it installs it in /opt/wu_ftpd. So make sure you copy the ftpusers to the appropriate directory (/opt/wu_ftpd/etc/ftpusers) and also /etc/inetd.conf is reflecting the correct binary (/opt/wu_ftpd/sbin/ftpd).

If you make any changes, make sure you reread your configuration file, by running
"/usr/sbin/inetd -c"

-HTH
Ramesh
They think they know but don't. At least I know I don't know - Socrates
0 Kudos
Reply
Peter Barlow
Occasional Contributor

‎09-13-2001 12:21 AM

‎09-13-2001 12:21 AM

Re: wu-ftpd ftpusers not working?

Ramesh,
At 2.6.1 it seems to install into /usr/contrib/wuftpd and the config files then go into /etc/ftpd. These all seem to be o.k. - there is a script to check the config /usr/contrib/wuftpd/usr/bin/ckconfig and this runs correctly. Also changes I make to /etc/ftpd/ftpaccess take effect so I'm sure it's picking up the correct file. The installation creates links so that /usr/lbin/ftpd (referenced in /etc/inetd.conf) points to /usr/contrib/wuftpd/usr/lbin/ftpd.

Pete
0 Kudos
Reply
Vincent Stedema
Esteemed Contributor

‎09-13-2001 12:33 AM

‎09-13-2001 12:33 AM

Re: wu-ftpd ftpusers not working?

Hi,

You might want to check your PAM configuration as this determines which authentication mechanisms are used. Does you system have an /etc/pam.conf or /etc/pam.d/ftp ? If so, could you post the contents of these files.


Regards,

Vincent
0 Kudos
Reply
Peter Barlow
Occasional Contributor

‎09-13-2001 01:39 AM

‎09-13-2001 01:39 AM

Re: wu-ftpd ftpusers not working?

Vincent here is /etc/pam.conf

#
# PAM configuration
#
# Authentication management
#
login auth required /usr/lib/security/libpam_unix.1
su auth required /usr/lib/security/libpam_unix.1
ftp auth required /usr/lib/security/libpam_unix.1
OTHER auth required /usr/lib/security/libpam_unix.1
#
# Account management
#
login account required /usr/lib/security/libpam_unix.1
su account required /usr/lib/security/libpam_unix.1
ftp account required /usr/lib/security/libpam_unix.1
#
OTHER account required /usr/lib/security/libpam_unix.1
#
# Session management
#
login session required /usr/lib/security/libpam_unix.1
OTHER session required /usr/lib/security/libpam_unix.1
#
# Password management
#
login password required /usr/lib/security/libpam_unix.1
passwd password required /usr/lib/security/libpam_unix.1
OTHER password required /usr/lib/security/libpam_unix.1

Pete
0 Kudos
Reply
Vincent Stedema
Esteemed Contributor

‎09-17-2001 04:37 AM

‎09-17-2001 04:37 AM

Re: wu-ftpd ftpusers not working?

Hi,

I'm nowhere near an hp-ux machine right now so I can't check the validity of your /etc/pam.conf. I'm not sure whether the pam_unix.so module also checks against /etc/ftpusers. The Linux /etc/pam.conf, for example, uses the pam_listfile.so library for ftp to authenticate against /etc/ftpusers.

Anyway, there is another option: use the deny-uid directive in /etc/ftpd/ftpaccess (or /etc/ftpaccess). For example:

deny-uid root

Do a kill -HUP of inetd afterwards to make the changes active.

Hope this helps.

Regards,

Vincent
0 Kudos
Reply
Brian Markus
Valued Contributor

‎10-02-2001 09:35 AM

‎10-02-2001 09:35 AM

Re: wu-ftpd ftpusers not working?

I personally got sick of all the security holes and disfunctionality of wu-ftpd. I use proftpd. I can allow specific users to be limited by directory. As well as limit their abilitys in that directory. Here's an example:


User oracle
Group users
AnonRequirePassword on



AllowAll


DenyAll




Just a thought. It made my life easy.


Brian
When a sys-admin say's maybe, they don't mean 'yes'!
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.