ftpaccess man page on Solaris

Man page or keyword search:  
man Server   20652 pages
apropos Keyword Search (all sections)
Output format
Solaris logo
[printable version]

ftpaccess(4)			 File Formats			  ftpaccess(4)

NAME
       ftpaccess - FTP Server configuration file

SYNOPSIS
       /etc/ftpd/ftpaccess

DESCRIPTION
       The  ftpaccess  file  is	 used  to  configure  the operation of the FTP
       Server.

   Access Capabilities
       The following access capabilities are supported:

       autogroup groupname class class...

	   If an anonymous user is a member of any of class,  the  FTP	Server
	   performs a setegid(2) to groupname. This allows access to group and
	   owner read-only files and directories  to  a	 particular  class  of
	   anonymous  users.  groupname	 is  a	valid group returned by getgr‐
	   nam(3C).

       class class typelist addrglobaddrglob...

	   Define class of users, with source addresses of the form  addrglob.
	   Multiple  members  of  class	 may be defined. There may be multiple
	   class commands listing additional members of the class. If multiple
	   class  commands  can	 apply	to  the current session, the first one
	   listed in the access file is used. If a valid class for a  host  is
	   not	defined,  access is denied. typelist is a comma-separated list
	   of any of the keywords anonymous, guest, and real. If the real key‐
	   word	 is  included,	the  class can match users using FTP to access
	   real accounts. If the anonymous keyword is included the  class  can
	   match  users	 using	anonymous FTP. The guest keyword matches guest
	   access accounts.

	   addrglob may be a globbed domain name or  a	globbed	 numeric  IPv4
	   address.  It	 may also be the name of a file, starting with a slash
	   ('/'),  which  contains  additional	address	 globs.	 IPv4  numeric
	   addresses  may  also	 be  specified	in the form address:netmask or
	   address/CIDR. IPv6 numeric addresses can only be specified with  an
	   optional CIDR, not using globs or netmasks.

	   Placing an exclamation (!) before an addrglob negates the test. For
	   example,

	     class rmtuser real !*.example.com

	   classifies real users from outside the example.com  domain  as  the
	   class  rmtuser.  Use care with this option. Remember, the result of
	   each test is OR'ed with other tests on the line.

       deny addrglob [message_file]

	   Deny access	to  host(s)  that  match  addrglob  and	 display  mes‐
	   sage_file.  If the value of addrglob is !nameserved access to sites
	   without a working nameservers is denied. message_file  may  contain
	   magic cookies. See message for more details.

       guestgroup groupname groupname...
       guestuser username username...
       realgroup groupname groupname...
       realuser username username...

	   For	guestgroup,  if	 a real user is a member of any groupname, the
	   session is set up like anonymous FTP. groupname is  a  valid	 group
	   returned  by getgrnam(3C). The user's home directory must be set up
	   exactly as anonymous FTP would be. The home directory field of  the
	   passwd  entry  is  divided into two directories. The first field is
	   the root directory that is the argument to the chroot(2) call.  The
	   second  field  is  the  user's home directory, relative to the root
	   directory. Use a "/./" to separate the two fields. For example, the
	   following is the real entry in /etc/passwd:

	     guest1:x:100:92:Guest FTP:/export/home/guests/./guest1:/bin/true

	   When	 guest1	 successfully  logs  in,  the  FTP  Server  performs a
	   chroot() to /export/home/guests and then chdir(2) to	 /guest1.  The
	   guest  user	is  only  able to access the directory structure under
	   /export/home/guests, which looks and act as / to guest1, just as an
	   anonymous  FTP  user would. The d option to ftpconfig(1M) is useful
	   when creating guest FTP user accounts. The group name may be speci‐
	   fied by either name or numeric ID. To use a numeric group ID, place
	   a percent sign (%) before the number. You can give ranges.  Use  an
	   asterisk  to	 indicate all groups. guestuser works like guestgroup,
	   except that it uses the user name or numeric ID. realuser and real‐
	   group  have	the  same syntax, but they reverse the effect of gues‐
	   tuser and guestgroup. They allow real user access when  the	remote
	   user would otherwise be determined a guest.

	     guestuser *
	     realgroup admin

	   causes  all	non-anonymous  users  to be treated as guest, with the
	   sole exception of users in the admin group, who  are	 granted  real
	   user access.

       nice nice-delta class

	   Adjust  the	process	 nice  value  of the FTP server process by the
	   indicated nice-delta value if the remote user is a  member  of  the
	   named  class. If class is not specified, then use nice-delta as the
	   default adjustment to the  FTP  server  process  nice  value.  This
	   default  nice  value adjustment is used to adjust the nice value of
	   the server process only for those users who do not  belong  to  any
	   class  for  which  a	 class-specific	 nice  directive exists in the
	   ftpaccess file.

       defumask umask class

	   Set the umask applied to files created by the  FTP  server  if  the
	   remote  user is a member of the named class. If class is not speci‐
	   fied, then use the umask as the default for	classes	 that  do  not
	   have	 one specified.. The mode of files created may be specified by
	   using the upload directive.

       tcpwindow size class

	   Set the TCP window size (socket buffer size) for the	 data  connec‐
	   tion.  Use  this to control network traffic. For instance, slow PPP
	   dialin links may need smaller TCP windows to speed  up  throughput.
	   If you do not know what this does, do not set it.

       ipcos control|data value [typelist]

	   Set	the IP Class of Service for either the control or data connec‐
	   tion.

	   For connections using AF_INET type sockets, this sets the  Type  of
	   Service field in the IP header to the value specified.

	   For	connections using AF_INET6 type sockets, this sets the Traffic
	   Class field in the IP header to the value specified.

	   When configured through inetd.conf(4),  the	socket	type  is  con‐
	   trolled  by	the protocol field of the ftp service. When running in
	   standalone  mode  the  default  socket  type	  is   AF_INET6.   The
	   in.ftpd(1M) 4 option selects AF_INET.

	   typelist  is	 a  comma-separated list of any of the keywords anony‐
	   mous, guest, real, and class=. When class= appears, it must be fol‐
	   lowed by a class name.

       keepalive yes|no

	   Set	the TCP SO_KEEPALIVE option for control and data sockets. This
	   can be used to control network disconnect. If yes, then set it.  If
	   no, then use the system default (usually off). You probably want to
	   set this.

       timeout accept seconds
       timeout connect seconds
       timeout data seconds
       timeout glob seconds
       timeout idle seconds
       timeout maxidle seconds
       timeout RFC931 seconds

	   Set various timeout conditions.

	   accept     How long the FTP Server waits  for  an  incoming	(PASV)
		      data connection. The default is 120 seconds.

	   connect    How  long the FTP Server waits and attempts to establish
		      an outgoing (PORT) data  connection.  This  effects  the
		      actual  connection  attempt.  The	 daemon	 makes several
		      attempts, sleeping between each attempt,	before	giving
		      up. The default is 120 seconds.

	   data	      How  long	 the FTP Server waits for some activity on the
		      data connection. You should keep this long  because  the
		      remote  client  may  have	 a slow link, and there can be
		      quite a bit of data queued for the client.  The  default
		      is 1200 seconds.

	   glob	      How  long	 the FTP server generates pathnames matching a
		      pattern from wild cards. The default is 120 seconds.

	   idle	      How long the FTP Server waits for the next command.  The
		      default is 900 seconds. The default can also be overrid‐
		      den by using the t  option  at  the  command-line.  This
		      access clause overrides both.

	   maxidle    The SITE IDLE command allows the remote client to estab‐
		      lish a higher value for the idle	timeout.  The  maxidle
		      clause sets the upper limit that the client may request.
		      The default can also be overridden by using the T option
		      at  the command-line. This access clause overrides both.
		      The default is 7200 seconds.

	   RFC931     The maximum time the FTP server allows  for  the	entire
		      RFC931  (AUTH/ident)  conversation. Setting this to zero
		      (0) disables the server's	 use  of  this	protocol.  The
		      information  obtained  by means of RFC931 is recorded in
		      the system logs and is not actually used in any  authen‐
		      tication. The default is 10 seconds.

       file-limit raw in|out|total count class

	   Limit the number of data files a user in the given class may trans‐
	   fer. The limit may be placed on files in,  out,  or	total.	If  no
	   class  is  specified, the limit is the default for classes which do
	   not have a limit specified. The optional parameter raw applies  the
	   limit to the total traffic rather than just data files.

       data-limit [raw] in|out|total count [class]

	   Limit the number of data bytes a user in the given class may trans‐
	   fer. The limit may be placed on bytes in,  out,  or	total.	If  no
	   class  is  specified, the limit is the default for classes which do
	   not have a limit specified. Note that once it  has  been  exceeded,
	   this limit prevents transfers, but it does not terminate a transfer
	   in progress. The optional parameter raw applies the limit to	 total
	   traffic rather than just data files.

       limit-time *|anonymous|guest minutes

	   Limit  the  total  time a session can take. By default, there is no
	   limit. Real users are never limited.

       guestserver [hostname...]

	   Control which hosts may be used for anonymous access. If used with‐
	   out	hostname,  all	anonymous  access is denied to this site. More
	   than one hostname may  be  specified.  Anonymous  access  are  only
	   allowed  on	the  named  machines. If access is denied, the user is
	   asked to use the first hostname listed.

       limit class n times [message_file]

	   Limit class to n users at times times, displaying  message_file  if
	   the user is denied access. A limit check is performed at login time
	   only. If multiple limit commands can apply to the current  session,
	   the	first applicable one is used. Failing to define a valid limit,
	   or a limit of -1, is equivalent to no limits. The format  of	 times
	   is:

	     day[day...][time-range][|day[day...][time-range]]...

	   The	value  of  day	can be Su, Mo, Tu, We, Th, Fr, Sa, Wk (for any
	   weekday Monday through Friday), or Any. time-range  is  in  24-hour
	   clock  notation.  If a time range is not specified, any time of the
	   day is matched. Multiple day and time-range may be specified by the
	   "|"	symbol.	 For example, Wk1730-0900|Sa|Su specifies 5:30 p.m. to
	   9:00 a.m., Monday through Friday, and  anytime  on  weekends.  mes‐
	   sage_file may contain magic cookies. See message for more details.

       noretrieve [absolute|relative]
       [class=classname...][-] filename [filename...]

	   Always  deny retrievability of these files. If filename specifies a
	   pathname that begins with '/' character, then only those files  are
	   marked no retrieve. Otherwise all files that match the filename are
	   refused transfer. For example, noretrieve /etc/passwd  core	speci‐
	   fies	 no  one  is  able  to	retrieve the /etc/passwd file. You are
	   allowed to transfer any file named passwd that is not in /etc.

	   On the other hand, no one is able to get files named core, wherever
	   they	 are.  Directory specifications mark all files and subdirecto‐
	   ries in the named directory	unretrievable.	The  filename  may  be
	   specified as a file glob. For example,

	     noretrieve /etc /home/*/.htaccess

	   specifies that no files in /etc or any of its subdirectories may be
	   retrieved. Also, no files named .htaccess anywhere under the	 /home
	   directory  may  be  retrieved. The optional first parameter selects
	   whether names are interpreted as absolute or relative to  the  cur‐
	   rent chroot'd environment. The default is to interpret names begin‐
	   ning with a slash as absolute. The noretrieve restrictions  may  be
	   placed  upon members of particular classes. If any class= is speci‐
	   fied, the named files cannot be retrieved only if the current  user
	   is a member of one of the given classes.

       allow-retrieve [absolute|relative]
       [class=classname...][-] filename [filename...]

	   Allows  retrieval of files which would otherwise be denied by nore‐
	   trieve.

       loginfails number

	   After number login failures, log a repeated login failures  message
	   and	terminate  the FTP connection. The default value for number is
	   5.

       private yes | no

	   Allow or deny use of the SITE GROUP and SITE GPASS  commands	 after
	   the user logs in. The SITE GROUP and SITE GPASS commands specify an
	   enhanced access group and associated password. If  the  group  name
	   and	password  are  valid,  the  user becomes a member of the group
	   specified in the group access file /etc/ftpd/ftpgroups by means  of
	   setegid(2).	See  ftpgroups(4) for the format of the file. For this
	   option to work for anonymous FTP users, the FTP  Server  must  keep
	   /etc/group  permanently  open  and  load the group access file into
	   memory. This means that the FTP Server now has an  additional  file
	   descriptor  open, and the necessary passwords and access privileges
	   granted to users by means of SITE GROUP is static for the  duration
	   of  an FTP session. If you have an urgent need to change the access
	   groups or passwords now, you have to kill all of  the  running  FTP
	   Servers.

   Informational Capabilities
       The following informational capabilities are supported:

       greeting full|brief|terse
       greeting text message

	   The	greeting command allows you to control how much information is
	   given out before the remote user logs in. greeting full,  which  is
	   the default greeting, shows the hostname and daemon version. greet‐
	   ing brief shows the hostname. greeting terse simply says FTP Server
	   ready. Although full is the default, brief is suggested.

	   The	text  form allows you to specify any greeting message. message
	   can be any string. Whitespace (spaces and tabs) is converted	 to  a
	   single space.

       banner path

	   The	banner	command	 operates  similarly  to  the message command,
	   except that the banner is displayed	before	the  user  enters  the
	   username.  The path is relative to the real system root, not to the
	   base of the anonymous FTP directory.

	   Use of the banner command can completely prevent non-compliant  FTP
	   clients from making use of the FTP Server. Not all clients can han‐
	   dle multi-line responses, which is how the banner is displayed.

       email name

	   Use this command to define the email address	 for  the  FTP	Server
	   administrator.  This	 string	 is  printed  every  time the %E magic
	   cookie is used in message files.

       hostname some.host.name

	   Defines the default host name of the FTP  Server.  This  string  is
	   printed  on the greeting message and every time the %L magic cookie
	   is used. The host name for virtual servers overrides this value. If
	   no  host  name  is  specified,  the default host name for the local
	   machine is used.

       message path [when [class...]]

	   Define a file with path such that the FTP Server displays  the con‐
	   tents  of  the  file	 to  the  user at login time or upon using the
	   change working directory command. The when parameter may  be	 LOGIN
	   or  CWD=dirglob.  If	 whenis CWD=dirglob, dirglob specifies the new
	   default directory that triggers the notification. A dirglob of  "*"
	   matches all directories.

	   The optional class specification allows the message to be displayed
	   only to members of a particular class. More than one class  may  be
	   specified.

	   Magic  cookies  can be present in path that cause the FTP Server to
	   replace the cookie with a specified text string:

	   %T	 Local time. For example, Thu Nov 15 17:12:42 1990.

	   %F	 Free space in partition of CWD, in Kbytes.

	   %C	 Current working directory.

	   %E	 The email address for the FTP Server administrator.

	   %R	 Remote host name.

	   %L	 Local host name.

	   %U	 Username given at login time.

	   %u	 Username as defined by means of RFC 931 authentication.

	   %M	 Maximum allowed number of users in this class.

	   %N	 Current number of users in this class.

	   The following quota magic cookies are also supported but not always
	   set (see the quota-info capability):

	   %B	 absolute limit on disk blocks allocated

	   %b	 preferred limit on disk blocks

	   %Q	 current block count

	   %I	 maximum number of allocated inodes (+1)

	   %i	 preferred inode limit

	   %q	 current number of allocated inodes

	   %H	 time limit for excessive disk use

	   %h	 time limit for excessive files

	   The	message	 is  displayed	only  once to avoid annoying the user.
	   Remember that when messages are triggered by an anonymous or	 guest
	   FTP	user,  they  must  be relative to the base of the anonymous or
	   guest FTP directory tree.

       quota-info uid-range [uid-range...]

	   Enable retrieval of quota information for users matching uid-range.
	   This	 sets  the  quota  magic cookies. Retrieving quota information
	   might cause a significant delay when logging into the server.

	   uid-range can be a username, single UID, or a UID  range.  Place  a
	   percent sign(%) before a number. An asterisk means "all users."

       readme pathglob [when [class...]]

	   Define  a  file with pathglob such that the FTP Server notifies the
	   user at login time or upon using the change working directory  com‐
	   mand	 that  the  file exists and the date that it was modified. The
	   when parameter may be LOGIN or CWD=dirglob. If when is CWD=dirglob,
	   dirglob specifies the new default directory that triggers the noti‐
	   fication. A dirglob of "*" matches all directories. The message  is
	   only	 displayed  once, to avoid bothering users. Remember that when
	   README messages are triggered by an anonymous or  guest  FTP	 user,
	   the pathglob must be relative to the base of the anonymous or guest
	   FTP directory tree.

	   The optional class specification allows the message to be displayed
	   only	 to  members  of a particular class. You can specify more than
	   one class.

   Logging Capabilities
       The following logging capabilities are supported:

       log commands typelist

	   Enables logging of the individual FTP commands sent by users. type‐
	   list	 is  a	comma-separated list of any of the keywords anonymous,
	   guest, and real. Command logging information is written to the sys‐
	   tem log.

       log transfers typelist directions

	   Log	file  transfers made by FTP users to the xferlog(4) file. Log‐
	   ging of incoming transfers to the server can be enabled  separately
	   from outbound transfers from the server. directions is a comma-sep‐
	   arated list of any of the two keywords inbound  and	outbound,  and
	   respectively	 causes	 transfers  to be logged for files sent to and
	   from the server.

       log security typelist

	   Enables logging of violations of security rules to the system  log,
	   including for example, noretrieve and .notar.

       log syslog
       log syslog+xferlog

	   Redirect  the  logging messages for incoming and outgoing transfers
	   to syslog. Without this option the messages are written to xferlog.
	   When you specify syslog+xferlog, the transfer log messages are sent
	   to both the system log file and the xferlog file.

       xferlog format formatstring

	   Customize the format of the transfer	 log  entry  written.  format‐
	   string  can	be  any	 string,  which	 might	include magic cookies.
	   Strings of whitespace characters are converted into a single space.

	   The following transfer-specific magic cookies are  recognized  only
	   immediately after a transfer has been completed:

	   %Xt	  transfer-time

	   %Xn	  bytes-transferred

	   %XP	  filename

	   %Xp	  chroot-filename

	   %Xy	  transfer-type

	   %Xf	  special-action-flag

	   %Xd	  direction

	   %Xm	  access-mode

	   %Xa	  authentication-method

	   %Xc	  completion-status

	   %Xs	  file-size

	   %Xr	  restart-offset

	   xferlog(4)  includes	 a  description of these fields. If no xferlog
	   format entry is present, the default is:

	     xferlog format %T %Xt %R %Xn %XP %Xy %Xf %Xd %Xm %U ftp %Xa %u %Xc

   Miscellaneous Capabilities
       The following miscellaneous capabilities are supported:

       alias string dir

	   Define an alias, string, for a directory. Use this command  to  add
	   the	concept	 of  logical  directories.  For	 example:  alias  rfc:
	   /pub/doc/rfc would allow the user to access /pub/doc/rfc  from  any
	   directory by the command cd rfc:. Aliases only apply to the cd com‐
	   mand.

       cdpath dir

	   Define an entry in the cdpath. This command defines a  search  path
	   that is used when changing directories. For example:

	     cdpath /pub/packages
	     cdpath /.aliases

	   would  allow	 the  user  to	move into any directory directly under
	   either the /pub/packages or the /.aliases directories.  The	search
	   path	 is  defined  by  the  order  in which the lines appear in the
	   ftpaccess file. If the user were to give the command	 ftp>  cd  foo
	   the directory is searched for in the following order:

	       o      ./foo

	       o      an alias called foo

	       o      /pub/packages/foo

	       o      /.aliases/foo
	   The	cdpath	is  only  available with the cd command. If you have a
	   large number of aliases, you might want to set up an aliases direc‐
	   tory	 with  links to all of the areas you wish to make available to
	   users.

       compress yes|no classglob [classglob...]
       tar yes|no classglob [classglob...]

	   Enable the use of conversions marked with the O_COMPRESS,  O_UNCOM‐
	   PRESS,  and	O_TAR options in /etc/ftpd/ftpconversions. See ftpcon‐
	   versions(4).

       shutdown path

	   If the file pointed to by path exists, the server checks  the  file
	   regularly to see if the server is going to be shut down. If a shut‐
	   down is planned, the user is notified. New connections  are	denied
	   after  a  specified	time  before shutdown. Current connections are
	   dropped at a specified time before shutdown.

	   The format of the file specified by path is:

	     year month day hour minute deny_offset disc_offset text

	   year		  A value of 1970 or greater.

	   month	  A value of 0 to 11.

	   day		  A value of 1 to 31.

	   hour		  A value of 0 to 23.

	   minute	  A value of 0 to 59.

	   deny_offset	  The offsets in HHMM format that new  connections  is
	   disc_offset	  denied  and  existing	 connections  is  disconnected
			  before the shutdown time.

	   text		  Follows the normal rules for any message.  The  fol‐
			  lowing additional magic cookies are available:

			  %s	The  time at which the system is going to shut
				down.

			  %r	The time at which new connections is denied.

			  %d	The  time  at  which  current  connections  is
				dropped.

	   All times are in the form: ddd MMM DD hh:mm:ss YYYY. Only one shut‐
	   down command can be present in the configuration file. You can  use
	   the	external  program  ftpshut(1M)	to automate generation of this
	   file.

       daemonaddress address

	   Listen only on the IP address specified. If the value is  not  set,
	   then	 the  FTP  Server listens for connections on every IP address.
	   This applies only when the FTP Server is run in standalone mode.

       virtual address root|banner|logfile path

	   Enable the FTP Server limited  virtual  hosting  capabilities.  The
	   address  is	the IP address of the virtual server. The second argu‐
	   ment specifies that the path is either the path to the root of  the
	   filesystem  for  this  virtual  server, the banner presented to the
	   user when connecting to this virtual server, or the	logfile	 where
	   transfers  are  recorded for this virtual server. If the logfile is
	   not specified the default log file is used. All other message files
	   and permissions as well as any other settings in this file apply to
	   all virtual servers. The address may also be specified as  a	 host‐
	   name	 rather	 than  as  an  IP number. This is strongly discouraged
	   since, if DNS is not available at the time the FTP session  begins,
	   the hostname	 is not matched.

       root|logfile path

	   In  contrast	 to  limited virtual hosting, complete virtual hosting
	   allows separate configuration files to be  virtual  host  specific.
	   See	ftpservers(4). The only additions that are necessary in a vir‐
	   tual host's ftpaccess file is the root directive that  ensures  the
	   correct  root  directory  is	 used  for the virtual host. This only
	   works with complete virtual hosting, which in contrast  to  limited
	   virtual  hosting,  allows separate configuration files to be speci‐
	   fied for each virtual host.

	   path is either the root of the filesystem for this  virtual	server
	   or  the  logfile  where  transfers  for  this  virtual  server  are
	   recorded. root and logfile may only be specified when not  preceded
	   by virtual address in a virtual hosts's ftpaccess file.

       virtual address hostname|email string

	   Set	the hostname shown in the greeting message and status command,
	   or the email address used in message files and on the HELP command,
	   to the given string.

       virtual address allow username [username...]
       virtual address deny username [username...]

	   By  default,	 real and guest users are not allowed to log in on the
	   virtual server, unless they are guests that	are  chroot'd  to  the
	   virtual  root.  The	users  listed on the virtual allow line(s) are
	   granted access. You can grant access to all users by giving '*'  as
	   the username. The virtual deny clauses are processed after the vir‐
	   tual allow clauses.	Thus  specific	users  can  be	denied	access
	   although all users were allowed in an earlier clause.

       virtual address private

	   Deny log in access to anonymous users on the virtual server. Anony‐
	   mous users are generally allowed to log in on the virtual server if
	   this option is not specified.

       virtual address passwd file

	   Use a different passwd file for the virtual host.

       virtual address shadow file

	   Use a different shadow file for the virtual host.

       defaultserver deny username [username...]
       defaultserver allow username [username...]

	   By  default,	 all  users  are allowed access to the non-virtual FTP
	   Server. Use defaultserver deny to revoke access for	specific  real
	   and	guest  users.  Specify '*' to deny access to all users, except
	   anonymous users. Specific real and guest users can then be  allowed
	   access by using defaultserver allow.

       defaultserver private

	   By  default,	 all  users  are allowed access to the non-virtual FTP
	   Server. Use defaultserver private to revoke	access	for  anonymous
	   users.

	   The	virtual and defaultserver allow, deny and private clauses pro‐
	   vide a means to control which users are allowed access to which FTP
	   Servers.

       passive address externalip cidr

	   Allow control of the address reported in response to a passive com‐
	   mand. When any control connection matching cidr requests a  passive
	   data	 connection  (PASV),  the externalip address is reported. This
	   does not change the address that the daemon	actually  listens  on,
	   only	 the  address  reported to the client. This feature allows the
	   daemon to operate correctly behind IP  renumbering  firewalls.  For
	   example:

	     passive address 10.0.1.15	 10.0.0.0/8
	     passive address 192.168.1.5 0.0.0.0/0

	   Clients  connecting from the class-A network 10 is told the passive
	   connection is listening on IP address 10.0.1.15 while all others is
	   told	 the  connection is listening on 192.168.1.5. Multiple passive
	   addresses may be specified to handle complex,  or  multi-gatewayed,
	   networks.

       passive ports cidr min max

	   Allows control of the TCP port numbers which may be used for a pas‐
	   sive data connection. If the control connection matches the cidr, a
	   port in the range min to max is randomly selected for the daemon to
	   listen on. This feature allows firewalls to limit  the  ports  that
	   remote clients may use to connect into the protected network.

	   cidr	 is  shorthand	for  an IP address followed by a slash and the
	   number of left-most bits that represent  the	 network  address,  as
	   opposed  to	the machine address. For example, if you are using the
	   reserved class-A network 10, instead of a netmask of 255.0.0.0, use
	   a CIDR of /8, as in 10.0.0.0/8, to represent your network.

	   When	 min and max are both 0, the kernel rather than the FTP server
	   selects the TCP port to listen on. Kernel port selection is usually
	   not desirable if the kernel allocates TCP ports sequentially. If in
	   doubt, let the FTP server do the port selection.

       pasv-allow class [addrglob...]
       port-allow class [addrglob...]

	   Normally, the FTP Server does not allow a PORT command  to  specify
	   an  address different than that of the control connection. Nor does
	   it allow a PASV connection from another address.

	   The port-allow clause provides a list of addresses that the	speci‐
	   fied	 class	of user may give on a PORT command. These addresses is
	   allowed even if they do not match the IP address of the client-side
	   of the control connection.

	   The	pasv-allow clause provides a list of addresses that the speci‐
	   fied class of user may make data connections from. These  addresses
	   are allowed even if they do not match the IP address of the client-
	   side of the control connection.

       lslong command [options...]
       lsshort command [options...]
       lsplain command [options...]

	   Use the lslong, lsshort, and lsplain clauses to  specify  the  com‐
	   mands  and  options	to  use	 to  generate  directory listings. The
	   options cannot contain spaces, and the  default  values  for	 these
	   clauses are generally correct. Use lslong, lsshort, or lsplain only
	   if absolutely necessary.

       mailserver hostname

	   Specify the name of a mail server that  accepts   upload  notifica‐
	   tions  for the FTP Server. Multiple mail servers may be listed. The
	   FTP Server attempts to deliver the upload notification to each,  in
	   order, until one accepts the message. If no mail servers are speci‐
	   fied, localhost is used. This option is only meaningful  if	anyone
	   is to be notified of anonymous uploads. See incmail.

       incmail emailaddress
       virtual address incmail emailaddress
       defaultserver incmail emailaddress

	   Specify email addresses to be notified of anonymous uploads. Multi‐
	   ple addresses can be specified. Each receives a notification. If no
	   addresses are specified, no notifications are sent.

	   If addresses are specified for a virtual host, only those addresses
	   are sent notification of anonymous uploads on that host. Otherwise,
	   notifications are sent to the global addresses.

	   defaultserver  addresses  only  apply  when	the FTP session is not
	   using one of the virtual hosts. In this way, you can receive	 noti‐
	   fications  for  your	 default anonymous area, but not see notifica‐
	   tions to virtual hosts that do not have their own notifications.

       mailfrom emailaddress
       virtual address mailfrom emailaddress
       defaultserver mailfrom emailaddress

	   Specify the sender's email address for anonymous  upload  notifica‐
	   tions.  Only	 one address may be specified. If no mailfrom applies,
	   email is sent from the default mailbox name wu-ftpd. To avoid prob‐
	   lems	 if  the  recipient attempts to reply to a notification, or if
	   downstream mail problems generate bounces, you  should  ensure  the
	   mailfrom address is deliverable.

       sendbuf size [typelist]
       recvbuf size [typelist]

	   Set	the  send  or  receive buffer sizes used for binary transfers.
	   They have no effect on ASCII transfers.

       rhostlookup yes|no [addrglob ...]

	   Allows or disallows the lookup of  the  remote  host's  name.  Name
	   lookups  can	 be slow, but skipping them means that places where an
	   addrglob is matched (for example, in the class capability)  matches
	   only	 an  IP	 address,  not	a  name. Also deny !nameserved and dns
	   refuse_no_reverse or refuse_mismatch	 denies	 access	 when  a  name
	   lookup  is  not  done.  The	default is to lookup the remote host's
	   name.

	   Only IP addresses, not names, are matched in addrglob.

       flush-wait yes|no [typelist]

	   Controls the behavior at the end of a download or  directory	 list‐
	   ing.	 If yes, shutdown the data connection for sending and wait for
	   the client to close its end	before	sending	 a  transfer  complete
	   reply  on  the control connection. This is the default behavior. If
	   no, close the data connection and send the transfer complete	 reply
	   without  waiting  for the client. With this behavior, data loss can
	   go undetected.

	   If a client hangs at the end of a directory listing, or the	system
	   has	many  sockets  in the FIN_WAIT_2 state, try setting to no as a
	   workaround for broken client behavior.

   Permission Capabilities
       The following permission capabilities are supported:

       chmod yes|no typelist
       delete yes|no typelist
       overwrite yes|no typelist
       rename yes|no typelist
       umask yes|no typelist

	   Allows or disallows the ability to perform the specified  function.
	   By  default,	 all real and guest users are allowed. Anonymous users
	   are only allowed overwrite and umask.

	   typelist is a comma-separated list of any of	 the  keywords	anony‐
	   mous,  guest, real and class=. When class= appears, it must be fol‐
	   lowed by a classname. If any class= appears, the typelist  restric‐
	   tion applies only to users in that class.

       passwd-check none|trivial|rfc822 [enforce|warn]

	   Define  the	level and enforcement of password checking done by the
	   FTP Server for anonymous FTP.

	   none	      No password checking is performed.

	   trivial    The password must contain an '@'.

	   rfc822     The password must be RFC 822 compliant.

	   warn	      Warn, but permit the login.

	   enforce    Notify and deny the login.

       deny-email case-insensitive-emailaddress

	   Consider the email address given as	an  argument  as  invalid.  If
	   passwd-check is set to enforce, anonymous users giving this address
	   as a password cannot log in. That way, you can stop users from hav‐
	   ing	stupid	WWW  browsers  use  fake  addresses  like IE?0User@ or
	   mozilla@. (by using this, you are not shutting out  users  using  a
	   WWW	browser	 for  ftp - you just make them configure their browser
	   correctly.) Only one address is allowed per line, but you can  have
	   as many deny-email addresses as you like.

       path-filter typelist message allowed_regexp
       [disallowed_regexp...]

	   For users in typelist, path-filter defines regular expressions that
	   control what characters can be used in the filename of an  uploaded
	   file or created directory. There may be multiple disallowed regular
	   expressions. If a filename is invalid due to failure to  match  the
	   regular  expression criteria, message is displayed to the user. For
	   example:

	     path-filter anonymous /etc/pathmsg ^[-A-Za-z0-9._]*$ ^. ^-

	   specifies that all upload filenames for  anonymous  users  must  be
	   made	 of  only  the	characters  A-Z, a-z, 0-9, and ._- and may not
	   begin with a . or a -. If the filename is invalid, /etc/pathmsg  is
	   displayed to the user.

       upload [absolute|relative] [class=classname]... [-]
       root-dir dirglob yes|no owner group mode
       [dirs|nodirs] [d_mode]

	   Define  a directory with dirglob that permits or denies uploads. If
	   it does permit uploads, all newly created files is owned  by	 owner
	   and group and has their permissions set according to mode. Existing
	   files that are overwritten retains  their  original	ownership  and
	   permissions.	 Directories  are  matched  on a best-match basis. For
	   example:

	     upload /var/ftp  *	 no
	     upload /var/ftp /incoming yes ftp daemon 0666
	     upload /var/ftp /incoming/gifs yes jlc guest 0600 nodirs

	   would only allow uploads into /incoming and	/incoming/gifs.	 Files
	   that	 were  uploaded	 to /incoming are owned by ftp/daemon and have
	   permissions of 0666. Files uploaded to /incoming/gifs are owned  by
	   jlc/guest  and  have	 permissions  of  0600.	 The optional dirs and
	   nodirs keywords can be specified to allow or disallow the  creation
	   of  new  subdirectories using the mkdir command. If the upload com‐
	   mand is used, directory creation is allowed by default. To turn  it
	   off by default, you must specify a user, group and mode followed by
	   the nodirs keyword as the first line where the  upload  command  is
	   used	 in  this  file.  If  directories  are permitted, the optional
	   d_mode determines the permissions for a newly created directory. If
	   d_mode is omitted, the permissions are inferred from mode. The per‐
	   missions are 0777 if mode is also omitted. The upload keyword  only
	   applies  to	users  who have a home directory of root-dir. root-dir
	   may be specified as * to match any home  directory.	The  owner  or
	   group  may each be specified as *, in which case any uploaded files
	   or directories are created with the ownership of the	 directory  in
	   which  they	are  created.  The  optional  first  parameter selects
	   whether root-dir names are interpreted as absolute or  relative  to
	   the	current	 chroot'd  environment.	 The  default  is to interpret
	   <root-dir> names  as	 absolute.  You	 can  specify  any  number  of
	   class=classname  restrictions.  If  any  are specified, this upload
	   clause only takes effect if the current user is a member of one  of
	   the classes.

	   In  the absence of any matching upload clause, real and guest users
	   can upload files and make directories, but anonymous users  cannot.
	   The	mode  of  uploaded files is 0666. For created directories, the
	   mode is 0777. Both modes are modified by the current umask setting.

       throughput root-dir subdir-glob file-glob-list
       bytes-per-second bytes-per-second-multiply remote-glob-list

	   Define files by means of a comma-separated file-glob-list in subdir
	   matched by subdir-glob under root-dir that have restricted transfer
	   throughput of bytes-per-second on download when the remote hostname
	   or  remote IP address matches the comma-separated remote-glob-list.
	   Entries are matched on a best-match basis. For example:

	     throughput /e/ftp *    *	   oo	-   *
	     throughput /e/ftp /sw* *	   1024 0.5 *
	     throughput /e/ftp /sw* README oo	-   *
	     throughput /e/ftp /sw* *	   oo	-   *.foo.com

	   would set maximum throughput per default, but restrict download  to
	   1024	 bytes	per second for any files under /e/ftp/sw/ that are not
	   named README. The only exceptions are remote hosts from within  the
	   domain  foo.com  which  always get maximum throughput. Every time a
	   remote client has retrieved a file under /e/ftp/sw/ the  bytes  per
	   seconds  of	the  matched entry line are internally multiplied by a
	   factor, here 0.5. When the remote client retrieves its second file,
	   it  is  served  with 512 bytes per second, the third time with only
	   256 bytes per second, the fourth time with only 128 bytes per  sec‐
	   ond,	 and so on. The string oo for the bytes per second field means
	   no throughput restriction. A multiply factor of 1.0 or -  means  no
	   change of the throughput after every successful transfer. The root-
	   dir here must match the home directory specified  in	 the  password
	   database  . The throughput keyword only applies to users who have a
	   home directory of root-dir.

       anonymous-root root-dir [class...]

	   root-dir specifies the chroot() path for  anonymous	users.	If  no
	   anonymous-root  is  matched,	 the  old  method  of parsing the home
	   directory for the FTP user is used. If no class is specified,  this
	   is  the  root  directory  for  anonymous users who do not match any
	   other anonymous-root specification. Multiple classes may be	speci‐
	   fied on this line. If an anonymous-root is chosen for the user, the
	   FTP user's home directory in the root-dir/etc/passwd file  is  used
	   to  determine  the initial directory and the FTP user's home direc‐
	   tory in the system-wide /etc/passwd is not used. For example:

	     anonymous-root /home/ftp
	     anonymous-root /home/localftp localnet

	   causes  all	anonymous  users  to  be  chroot'd  to	the  directory
	   /home/ftp.  If  the	FTP user exists in /home/ftp/etc/passwd, their
	   initial CWD is that home directory. Anonymous users	in  the	 class
	   localnet, however, are chroot'd to the directory /home/localftp and
	   their initial CWD is taken from the FTP user's  home	 directory  in
	   /home/localftp/etc/passwd.

       guest-root root-dir [uid-range...]

	   root-dir  specifies the chroot() path for guest users. If no guest-
	   root is matched, the old method of parsing the user's  home	direc‐
	   tory is used. If no uid-range is specified, this is the root direc‐
	   tory for guestusers who do not match any other guest-root  specifi‐
	   cation.  Multiple UID ranges may be given on this line. If a guest-
	   root is chosen for the user, the user's home directory in the root-
	   dir/etc/passwd  file is used to determine the initial directory and
	   the home directory in the system-wide /etc/passwd is not used. uid-
	   range  specifies names or numeric UID values. To use numbers, put a
	   percent sign (%) symbol before it or before the range.  Ranges  are
	   specified  by  giving the lower and upper bounds (inclusive), sepa‐
	   rated by a dash. If the lower bound is omitted, it means all up to.
	   If  the  upper  bound  is  omitted, it means all starting from. For
	   example:

	     guest-root /home/users
	     guest-root /home/staff %100-999 sally
	     guest-root /home/users/owner/ftp frank

	   causes all guest users to chroot() to /home/users then starts  each
	   user	   in	 the	user's	  home	 directory,   as   specifiedin
	   /home/users/etc/passwd. Users in the range 100 through 999,	inclu‐
	   sive,  and  user  sally,  is chroot'd to /home/staff and the CWD is
	   taken from their entries in /home/staff/etc/passwd. The single user
	   frank  is chroot'd to /home/users/owner/ftp and the CWD is from his
	   entry in /home/users/owner/ftp/etc/passwd.

	   The order is important for both anonymous-root and guest-root. If a
	   user would match multiple clauses, only the first applies; with the
	   exception of the clause which has  no  class	 or  uid-range,	 which
	   applies only if no other clause matches.

       deny-uid uid-range [uid-range...]
       deny-gid gid-range [gid-range...]
       allow-uid uid-range [uid-range...]
       allow-gid gid-range [gid-range...]

	   Use	these  clauses	to  specify  UID and GID values that is denied
	   access to the FTP Server. The allow-uid and allow-gid  clauses  may
	   be  used  to allow access for UID and GID values which would other‐
	   wise be denied. These checks	 occur	before	all  others.  deny  is
	   checked before allow. The default is to allow access. These clauses
	   do not apply to anonymous users. Use defaultserver private to  deny
	   access to anonymous users. In most cases, these clauses obviate the
	   need for an ftpusers(4) file. For example,  the  following  clauses
	   deny	 FTP  Server  access  to  all  privileged or special users and
	   groups, except the guest1 user or group.

	     deny-gid %-99 nobody noaccess nogroup
	     deny-uid %-99 nobody noaccess nobody4
	     allow-gid guest1
	     allow-uid guest1

	   Support for the ftpusers file still exists, so it may be used  when
	   changing  the  ftpaccess file is not desired. In any place a single
	   UID or GID is allowed throughout the ftpaccess file,	 either	 names
	   or  numbers	also  may be used. To use a number, put a percent sign
	   (%) symbol before it. In places where a range is allowed,  put  the
	   percent sign before the range. A "*" matches all UIDs or GIDs.

       restricted-uid uid-range [uid-range...]
       restricted-gid gid-range [gid-range...]
       unrestricted-uid uid-range [uid-range...]
       unrestricted-gid gid-range [gid-range...]

	   These clauses control whether or not real or guest users is allowed
	   access to areas on the FTP site  outside  their  home  directories.
	   These  clauses  are	not meant to replace the use of guestgroup and
	   guestuser. Instead, use these clauses to supplement	the  operation
	   of guests. The unrestricted-uid and unrestricted-gid clauses may be
	   used to allow users outside their home directories who would other‐
	   wise be restricted.

	   The	following  example  shows  the intended use for these clauses.
	   Assume user dick has a home directory /home/dick  and  jane	has  a
	   home directory /home/jane:

	     guest-root /home dick jane
	     restricted-uid dick jane

	   While  both dick and jane are chroot'd to /home, they cannot access
	   each other's files because they are restricted to their home direc‐
	   tories.  However,  you should not rely solely upon the FTP restric‐
	   tions to control access. As with all other FTP  access  rules,  you
	   should also use directory and file permissions to support the oper‐
	   ation of the ftpaccess configuration.

       site-exec-max-lines number [class...]

	   The SITE EXEC feature traditionally limits the number of  lines  of
	   output  that	 may  be sent to the remote client. Use this clause to
	   set this limit. If this clause is omitted, the limit is 20 lines. A
	   limit  of  0 (zero) implies no limit. Be very careful if you choose
	   to remove the limit. If a  clause  is  found	 matching  the	remote
	   user's  class, that limit is used. Otherwise, the clause with class
	   '*', or no class given, is used. For example:

	     site-exec-max-lines 200 remote
	     site-exec-max-lines 0 local
	     site-exec-max-lines 25

	   limits output from SITE EXEC (and  therefore	 SITE  INDEX)  to  200
	   lines  for  remote  users,  specifies  there is no limit at all for
	   local users, and sets a limit of 25 lines for all other users.

       dns refuse_mismatch filename [override]

	   Refuse FTP sessions when the forward and reverse  lookups  for  the
	   remote  site do not match. Lookups are done using the system's name
	   service as configured in nsswitch.conf(4). Display the named	 file,
	   like a message file, admonishing the user. If the optional override
	   is specified, allow the connection after complaining.

       dns refuse_no_reverse filename [override]

	   Refuse FTP sessions when the remote host's IP address has no	 asso‐
	   ciated  name.  Lookups  are done using the system's name service as
	   configured in nsswitch.conf(4). Display the named file, such	 as  a
	   message  file,  admonishing	the  user. If the optional override is
	   specified, allow the connection after complaining.

       dns resolveroptions [options]

	   Modify certain internal resolver variables. This only has an effect
	   when	 DNS  is  used	as the system's name service. The line takes a
	   series of options which are used to set the RES_OPTIONS environment
	   variable. See resolv.conf(4) for details. For example:

	     dns resolveroptions rotate attempts:1

	   turns  on  querying	name  servers round-robin and selects querying
	   each name server only once.

       Lines that begin with a # sign are treated as  comment  lines  and  are
       ignored.

FILES
       /etc/ftpd/ftpaccess

ATTRIBUTES
       See attributes(5) for descriptions of the following attributes:

       ┌─────────────────────────────┬─────────────────────────────┐
       │      ATTRIBUTE TYPE	     │	    ATTRIBUTE VALUE	   │
       ├─────────────────────────────┼─────────────────────────────┤
       │Availability		     │SUNWftpr			   │
       ├─────────────────────────────┼─────────────────────────────┤
       │Interface Stability	     │External			   │
       └─────────────────────────────┴─────────────────────────────┘

SEE ALSO
       compress(1), ls(1), tar(1), ftpaddhost(1M), ftpconfig(1M), ftpshut(1M),
       in.ftpd(1M),    chroot(2),     nice(2),	   umask(2),	 getgrnam(3C),
       resolver(3RESOLV),   ftpconversions(4),	 ftpgroups(4),	ftpservers(4),
       ftpusers(4), nsswitch.conf(4), resolv.conf(4), timezone(4), xferlog(4),
       attributes(5), fnmatch(5)

       Crocker,	 David	H.  RFC	 822, Standard For The Format Of ARPA Internet
       Text Messages. Network Information Center. August 1982.

       St. Johns, Michael. RFC 931,  Authentication  Server.  Network  Working
       Group. January 1985.

SunOS 5.10			  28 Dec 2010			  ftpaccess(4)
[top]

List of man pages available for Solaris

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net