Training courses

Kernel and Embedded Linux

Bootlin training courses

Embedded Linux, kernel,
Yocto Project, Buildroot, real-time,
graphics, boot time, debugging...

Bootlin logo

Elixir Cross Referencer

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
.\"	$NetBSD: ftpd.8,v 1.87 2018/04/28 13:38:00 riastradh Exp $
.\"
.\" Copyright (c) 1997-2008 The NetBSD Foundation, Inc.
.\" All rights reserved.
.\"
.\" This code is derived from software contributed to The NetBSD Foundation
.\" by Luke Mewburn.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\"    notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\"    notice, this list of conditions and the following disclaimer in the
.\"    documentation and/or other materials provided with the distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
.\" POSSIBILITY OF SUCH DAMAGE.
.\"
.\" Copyright (c) 1985, 1988, 1991, 1993
.\"	The Regents of the University of California.  All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\"    notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\"    notice, this list of conditions and the following disclaimer in the
.\"    documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of the University nor the names of its contributors
.\"    may be used to endorse or promote products derived from this software
.\"    without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\"     @(#)ftpd.8	8.2 (Berkeley) 4/19/94
.\"
.Dd May 1, 2009
.Dt FTPD 8
.Os
.Sh NAME
.Nm ftpd
.Nd
Internet File Transfer Protocol server
.Sh SYNOPSIS
.Nm
.Op Fl 46DdfHlnQqrsUuWwX
.Op Fl a Ar anondir
.Op Fl C Ar user Ns Op @ Ns Ar host
.Op Fl c Ar confdir
.Op Fl e Ar emailaddr
.Op Fl h Ar hostname
.Op Fl L Ar xferlogfile
.Op Fl P Ar dataport
.Op Fl V Ar version
.Sh DESCRIPTION
.Nm
is the Internet File Transfer Protocol server process.
The server uses the
.Tn TCP
protocol and listens at the port specified in the
.Dq ftp
service specification; see
.Xr services 5 .
.Pp
Available options:
.Bl -tag -width Ds
.It Fl 4
When
.Fl D
is specified, bind to IPv4 addresses only.
.It Fl 6
When
.Fl D
is specified, bind to IPv6 addresses only.
.It Fl a Ar anondir
Define
.Ar anondir
as the directory to
.Xr chroot 2
into for anonymous logins.
Default is the home directory for the ftp user.
This can also be specified with the
.Xr ftpd.conf 5
.Sy chroot
directive.
.It Fl C Ar user Ns Op @ Ns Ar host
Check whether
.Ar user
.Po
as if connecting from
.Ar host ,
if provided
.Pc
would be granted access under
the restrictions given in
.Xr ftpusers 5 ,
and exit without attempting a connection.
.Nm
exits with an exit code of 0 if access would be granted, or 1 otherwise.
This can be useful for testing configurations.
.It Fl c Ar confdir
Change the root directory of the configuration files from
.Dq Pa /etc
to
.Ar confdir .
This changes the directory for the following files:
.Pa /etc/ftpchroot ,
.Pa /etc/ftpusers ,
.Pa /etc/ftpwelcome ,
.Pa /etc/motd ,
and the file specified by the
.Xr ftpd.conf 5
.Sy limit
directive.
.It Fl D
Run as daemon.
.Nm
will listen on the default FTP port for incoming connections
and fork a child for each connection.
This is lower overhead than starting
.Nm
from
.Xr inetd 8
and thus might be useful on busy servers to reduce load.
.It Fl d
Debugging information is written to the syslog using a facility of
.Dv LOG_FTP .
.It Fl e Ar emailaddr
Use
.Ar emailaddr
for the
.Dq "\&%E"
escape sequence (see
.Sx Display file escape sequences )
.It Fl f
Stops the
.Fl D
flag from detaching from the tty and going into the background.
.It Fl H
Equivalent to
.Do
-h
`hostname`
.Dc .
.It Fl h Ar hostname
Explicitly set the hostname to advertise as to
.Ar hostname .
The default is the hostname associated with the IP address that
.Nm
is listening on.
This ability (with or without
.Fl h ) ,
in conjunction with
.Fl c Ar confdir ,
is useful when configuring
.Sq virtual
.Tn FTP
servers, each listening on separate addresses as separate names.
Refer to
.Xr inetd.conf 5
for more information on starting services to listen on specific IP addresses.
.It Fl L Ar xferlogfile
Log
.Tn wu-ftpd
style
.Sq xferlog
entries to
.Ar xferlogfile .
.It Fl l
Each successful and failed
.Tn FTP
session is logged using syslog with a facility of
.Dv LOG_FTP .
If this option is specified more than once, the retrieve (get), store (put),
append, delete, make directory, remove directory and rename operations and
their file name arguments are also logged.
.It Fl n
Don't attempt translation of IP addresses to hostnames.
.It Fl P Ar dataport
Use
.Ar dataport
as the data port, overriding the default of using the port one less
that the port
.Nm
is listening on.
.It Fl Q
Disable the use of pid files for keeping track of the number of logged-in
users per class.
This may reduce the load on heavily loaded
.Tn FTP
servers.
.It Fl q
Enable the use of pid files for keeping track of the number of logged-in
users per class.
This is the default.
.It Fl r
Permanently drop root privileges once the user is logged in.
The use of this option may result in the server using a port other
than the (listening-port - 1) for
.Sy PORT
style commands, which is contrary to the
.Cm RFC 959
specification, but in practice very few clients rely upon this behaviour.
See
.Sx SECURITY CONSIDERATIONS
below for more details.
.It Fl s
Require a secure authentication mechanism like Kerberos or S/Key to be used.
.It Fl U
Don't log each concurrent
.Tn FTP
session to
.Pa /var/run/utmp .
This is the default.
.It Fl u
Log each concurrent
.Tn FTP
session to
.Pa /var/run/utmp ,
making them visible to commands such as
.Xr who 1 .
.It Fl V Ar version
Use
.Ar version
as the version to advertise in the login banner and in the output of
.Sy STAT
and
.Sy SYST
instead of the default version information.
If
.Ar version
is empty or
.Sq -
then don't display any version information.
.It Fl W
Don't log each
.Tn FTP
session to
.Pa /var/log/wtmp .
.It Fl w
Log each
.Tn FTP
session to
.Pa /var/log/wtmp ,
making them visible to commands such as
.Xr last 1 .
This is the default.
.It Fl X
Log
.Tn wu-ftpd
style
.Sq xferlog
entries to the syslog, prefixed with
.Dq "xferlog:\ " ,
using a facility of
.Dv LOG_FTP .
These syslog entries can be converted to a
.Tn wu-ftpd
style
.Pa xferlog
file suitable for input into a third-party log analysis tool with a command
similar to:
.Dl "sed -ne 's/^.*xferlog: //p' /var/log/xferlog > wuxferlog"
.El
.Pp
The file
.Pa /etc/nologin
can be used to disable
.Tn FTP
access.
If the file exists,
.Nm
displays it and exits.
If the file
.Pa /etc/ftpwelcome
exists,
.Nm
prints it before issuing the
.Dq ready
message.
If the file
.Pa /etc/motd
exists (under the chroot directory if applicable),
.Nm
prints it after a successful login.
This may be changed with the
.Xr ftpd.conf 5
directive
.Sy motd .
.Pp
The
.Nm
server currently supports the following
.Tn FTP
requests.
The case of the requests is ignored.
.Bl -column "Request" "Description" -offset indent
.It Sy Request Ta Sy Description
.It ABOR Ta "abort previous command"
.It ACCT Ta "specify account (ignored)"
.It ALLO Ta "allocate storage (vacuously)"
.It APPE Ta "append to a file"
.It CDUP Ta "change to parent of current working directory"
.It CWD Ta "change working directory"
.It DELE Ta "delete a file"
.It EPSV Ta "prepare for server-to-server transfer"
.It EPRT Ta "specify data connection port"
.It FEAT Ta "list extra features that are not defined in" Cm "RFC 959"
.It HELP Ta "give help information"
.It LIST Ta "give list files in a directory" Pq Dq Li "ls -lA"
.It LPSV Ta "prepare for server-to-server transfer"
.It LPRT Ta "specify data connection port"
.It MLSD Ta "list contents of directory in a machine-processable form"
.It MLST Ta "show a pathname in a machine-processable form"
.It MKD Ta "make a directory"
.It MDTM Ta "show last modification time of file"
.It MODE Ta "specify data transfer" Em mode
.It NLST Ta "give name list of files in directory"
.It NOOP Ta "do nothing"
.It OPTS Ta "define persistent options for a given command"
.It PASS Ta "specify password"
.It PASV Ta "prepare for server-to-server transfer"
.It PORT Ta "specify data connection port"
.It PWD Ta "print the current working directory"
.It QUIT Ta "terminate session"
.It REST Ta "restart incomplete transfer"
.It RETR Ta "retrieve a file"
.It RMD Ta "remove a directory"
.It RNFR Ta "specify rename-from file name"
.It RNTO Ta "specify rename-to file name"
.It SITE Ta "non-standard commands (see next section)"
.It SIZE Ta "return size of file"
.It STAT Ta "return status of server"
.It STOR Ta "store a file"
.It STOU Ta "store a file with a unique name"
.It STRU Ta "specify data transfer" Em structure
.It SYST Ta "show operating system type of server system"
.It TYPE Ta "specify data transfer" Em type
.It USER Ta "specify user name"
.It XCUP Ta "change to parent of current working directory (deprecated)"
.It XCWD Ta "change working directory (deprecated)"
.It XMKD Ta "make a directory (deprecated)"
.It XPWD Ta "print the current working directory (deprecated)"
.It XRMD Ta "remove a directory (deprecated)"
.El
.Pp
The following non-standard or
.Ux
specific commands are supported by the SITE request.
.Pp
.Bl -column Request Description -offset indent
.It Sy Request Ta Sy Description
.It CHMOD Ta "change mode of a file, e.g. ``SITE CHMOD 755 filename''"
.It HELP Ta "give help information."
.It IDLE Ta "set idle-timer, e.g. ``SITE IDLE 60''"
.It RATEGET Ta "set maximum get rate throttle in bytes/second, e.g. ``SITE RATEGET 5k''"
.It RATEPUT Ta "set maximum put rate throttle in bytes/second, e.g. ``SITE RATEPUT 5k''"
.It UMASK Ta "change umask, e.g. ``SITE UMASK 002''"
.El
.Pp
The following
.Tn FTP
requests (as specified in
.Cm RFC 959
and
.Cm RFC 2228 )
are recognized, but are not implemented:
.Sy ACCT ,
.Sy ADAT ,
.Sy AUTH ,
.Sy CCC ,
.Sy CONF ,
.Sy ENC ,
.Sy MIC ,
.Sy PBSZ ,
.Sy PROT ,
.Sy REIN ,
and
.Sy SMNT .
.Pp
The
.Nm
server will abort an active file transfer only when the
.Sy ABOR
command is preceded by a Telnet "Interrupt Process" (IP)
signal and a Telnet "Synch" signal in the command Telnet stream,
as described in Internet
.Cm RFC 959 .
If a
.Sy STAT
command is received during a data transfer, preceded by a Telnet IP
and Synch, transfer status will be returned.
.Pp
.Nm
interprets file names according to the
.Dq globbing
conventions used by
.Xr csh 1 .
This allows users to use the metacharacters
.Dq Li \&*?[]{}~ .
.Ss User authentication
.Nm
authenticates users according to five rules.
.Pp
.Bl -enum -offset indent
.It
The login name must be in the password data base,
.Xr passwd 5 ,
and not have a null password.
In this case a password must be provided by the client before any
file operations may be performed.
If the user has an S/Key key, the response from a successful
.Sy USER
command will include an S/Key challenge.
The client may choose to respond with a
.Sy PASS
command giving either
a standard password or an S/Key one-time password.
The server will automatically determine which type of password it
has been given and attempt to authenticate accordingly.
See
.Xr skey 1
for more information on S/Key authentication.
S/Key is a Trademark of Bellcore.
.It
The login name must be allowed based on the information in
.Xr ftpusers 5 .
.It
The user must have a standard shell returned by
.Xr getusershell 3 .
If the user's shell field in the password database is empty, the
shell is assumed to be
.Pa /bin/sh .
As per
.Xr shells 5 ,
the user's shell must be listed with full path in
.Pa /etc/shells .
.It
If directed by the file
.Xr ftpchroot 5
the session's root directory will be changed by
.Xr chroot 2
to the directory specified in the
.Xr ftpd.conf 5
.Sy chroot
directive (if set),
or to the home directory of the user.
This facility may also be triggered by enabling the boolean
.Sy ftp-chroot
in
.Xr login.conf 5 .
However, the user must still supply a password.
This feature is intended as a compromise between a fully anonymous account
and a fully privileged account.
The account should also be set up as for an anonymous account.
.It
If the user name is
.Dq anonymous
or
.Dq ftp ,
an
anonymous
.Tn FTP
account must be present in the password
file (user
.Dq ftp ) .
In this case the user is allowed
to log in by specifying any password (by convention an email address for
the user should be used as the password).
.Pp
The server performs a
.Xr chroot 2
to the directory specified in the
.Xr ftpd.conf 5
.Sy chroot
directive (if set),
the
.Fl a Ar anondir
directory (if set),
or to the home directory of the
.Dq ftp
user.
.Pp
The server then performs a
.Xr chdir 2
to the directory specified in the
.Xr ftpd.conf 5
.Sy homedir
directive (if set), otherwise to
.Pa / .
.Pp
If other restrictions are required (such as disabling of certain
commands and the setting of a specific umask), then appropriate
entries in
.Xr ftpd.conf 5
are required.
.Pp
If the first character of the password supplied by an anonymous user
is
.Dq - ,
then the verbose messages displayed at login and upon a
.Sy CWD
command are suppressed.
.El
.Ss Display file escape sequences
When
.Nm
displays various files back to the client (such as
.Pa /etc/ftpwelcome
and
.Pa /etc/motd ) ,
various escape strings are replaced with information pertinent
to the current connection.
.Pp
The supported escape strings are:
.Bl -tag -width "Escape" -offset indent -compact
.It Sy "Escape"
.Sy Description
.It "\&%c"
Class name.
.It "\&%C"
Current working directory.
.It "\&%E"
Email address given with
.Fl e .
.It "\&%L"
Local hostname.
.It "\&%M"
Maximum number of users for this class.
Displays
.Dq unlimited
if there's no limit.
.It "\&%N"
Current number of users for this class.
.It "\&%R"
Remote hostname.
.It "\&%s"
If the result of the most recent
.Dq "\&%M"
or
.Dq "\&%N"
was not
.Dq Li 1 ,
print an
.Dq s .
.It "\&%S"
If the result of the most recent
.Dq "\&%M"
or
.Dq "\&%N"
was not
.Dq Li 1 ,
print an
.Dq S .
.It "\&%T"
Current time.
.It "\&%U"
User name.
.It "\&%\&%"
A
.Dq \&%
character.
.El
.Ss Setting up a restricted ftp subtree
In order that system security is not breached, it is recommended
that the
subtrees for the
.Dq ftp
and
.Dq chroot
accounts be constructed with care, following these rules
(replace
.Dq ftp
in the following directory names
with the appropriate account name for
.Sq chroot
users):
.Bl -tag -width "~ftp/incoming" -offset indent
.It Pa ~ftp
Make the home directory owned by
.Dq root
and unwritable by anyone.
.It Pa ~ftp/bin
Make this directory owned by
.Dq root
and unwritable by anyone (mode 555).
Generally any conversion commands should be installed
here (mode 111).
.It Pa ~ftp/etc
Make this directory owned by
.Dq root
and unwritable by anyone (mode 555).
The files
.Pa pwd.db
(see
.Xr passwd 5 )
and
.Pa group
(see
.Xr group 5 )
must be present for the
.Sy LIST
command to be able to display owner and group names instead of numbers.
The password field in
.Xr passwd 5
is not used, and should not contain real passwords.
The file
.Pa motd ,
if present, will be printed after a successful login.
These files should be mode 444.
.It Pa ~ftp/pub
This directory and the subdirectories beneath it should be owned
by the users and groups responsible for placing files in them,
and be writable only by them (mode 755 or 775).
They should
.Em not
be owned or writable by ftp or its group.
.It Pa ~ftp/incoming
This directory is where anonymous users place files they upload.
The owners should be the user
.Dq ftp
and an appropriate group.
Members of this group will be the only users with access to these
files after they have been uploaded; these should be people who
know how to deal with them appropriately.
If you wish anonymous
.Tn FTP
users to be able to see the names of the
files in this directory the permissions should be 770, otherwise
they should be 370.
.Pp
The following
.Xr ftpd.conf 5
directives should be used:
.Dl "modify guest off"
.Dl "umask  guest 0707"
.Dl "upload guest on"
.Pp
This will result in anonymous users being able to upload files to this
directory, but they will not be able to download them, delete them, or
overwrite them, due to the umask and disabling of the commands mentioned
above.
.It Pa ~ftp/tmp
This directory is used to create temporary files which contain
the error messages generated by a conversion or
.Sy LIST
command.
The owner should be the user
.Dq ftp .
The permissions should be 300.
.Pp
If you don't enable conversion commands, or don't want anonymous users
uploading files here (see
.Pa ~ftp/incoming
above), then don't create this directory.
However, error messages from conversion or
.Sy LIST
commands won't be returned to the user.
(This is the traditional behaviour.)
Note that the
.Xr ftpd.conf 5
directive
.Sy upload
can be used to prevent users uploading here.
.El
.Pp
To set up "ftp-only" accounts that provide only
.Tn FTP ,
but no valid shell
login, you can copy/link
.Pa /sbin/nologin
to
.Pa /sbin/ftplogin ,
and enter
.Pa /sbin/ftplogin
to
.Pa /etc/shells
to allow logging-in via
.Tn FTP
into the accounts, which must have
.Pa /sbin/ftplogin
as login shell.
.Sh FILES
.Bl -tag -width /etc/ftpwelcome -compact
.It Pa /etc/ftpchroot
List of normal users whose root directory should be changed via
.Xr chroot 2 .
.It Pa /etc/ftpd.conf
Configure file conversions and other settings.
.It Pa /etc/ftpusers
List of unwelcome/restricted users.
.It Pa /etc/ftpwelcome
Welcome notice before login.
.It Pa /etc/motd
Welcome notice after login.
.It Pa /etc/nologin
If it exists, displayed and access is refused.
.It Pa /var/run/ftpd.pids-CLASS
State file of logged-in processes for the
.Nm
class
.Sq CLASS .
.It Pa /var/run/utmp
List of logged-in users on the system.
.It Pa /var/log/wtmp
Login history database.
.El
.Sh SEE ALSO
.Xr ftp 1 ,
.Xr skey 1 ,
.Xr who 1 ,
.Xr getusershell 3 ,
.Xr ftpchroot 5 ,
.Xr ftpd.conf 5 ,
.Xr ftpusers 5 ,
.Xr login.conf 5 ,
.Xr syslogd 8
.Sh STANDARDS
.Nm
recognizes all commands in
.Cm RFC 959 ,
follows the guidelines in
.Cm RFC 1123 ,
recognizes all commands in
.Cm RFC 2228
(although they are not supported yet),
and supports the extensions from
.Cm RFC 2389 ,
.Cm RFC 2428 ,
and
.Cm RFC 3659 .
.Sh HISTORY
The
.Nm
command appeared in
.Bx 4.2 .
.Pp
Various features such as the
.Xr ftpd.conf 5
functionality,
.Cm RFC 2389 ,
and
.Cm RFC 3659
support was implemented in
.Nx 1.3
and later releases by Luke Mewburn.
.Sh BUGS
The server must run as the super-user to create sockets with
privileged port numbers (i.e, those less than
.Dv IPPORT_RESERVED ,
which is 1024).
If
.Nm
is listening on a privileged port
it maintains an effective user id of the logged in user, reverting
to the super-user only when binding addresses to privileged sockets.
The
.Fl r
option can be used to override this behaviour and force privileges to
be permanently revoked; see
.Sx SECURITY CONSIDERATIONS
below for more details.
.Pp
.Nm
may have trouble handling connections from scoped IPv6 addresses, or
IPv4 mapped addresses
.Po
IPv4 connection on
.Dv AF_INET6
socket
.Pc .
For the latter case, running two daemons,
one for IPv4 and one for IPv6, will avoid the problem.
.Sh SECURITY CONSIDERATIONS
.Cm RFC 959
provides no restrictions on the
.Sy PORT
command, and this can lead to security problems, as
.Nm
can be fooled into connecting to any service on any host.
With the
.Dq checkportcmd
feature of the
.Xr ftpd.conf 5 ,
.Sy PORT
commands with different host addresses, or TCP ports lower than
.Dv IPPORT_RESERVED
will be rejected.
This also prevents
.Sq third-party proxy ftp
from working.
Use of this option is
.Em strongly
recommended, and enabled by default.
.Pp
By default
.Nm
uses a port that is one less than the port it is listening on to
communicate back to the client for the
.Sy EPRT ,
.Sy LPRT ,
and
.Sy PORT
commands, unless overridden with
.Fl P Ar dataport .
As the default port for
.Nm
(21) is a privileged port below
.Dv IPPORT_RESERVED ,
.Nm
retains the ability to switch back to root privileges to bind these
ports.
In order to increase security by reducing the potential for a bug in
.Nm
providing a remote root compromise,
.Nm
will permanently drop root privileges if one of the following is true:
.Bl -enum -offset indent
.It
.Nm
is running on a port greater than
.Dv IPPORT_RESERVED
and the user has logged in as a
.Sq guest
or
.Sq chroot
user.
.It
.Nm
was invoked with
.Fl r .
.El
.Pp
Don't create
.Pa ~ftp/tmp
if you don't want anonymous users to upload files there.
That directory is only necessary if you want to display the error
messages of conversion commands to the user.
Note that if uploads are disabled with the
.Xr ftpd.conf 5
directive
.Sy upload ,
then this directory cannot be abused by the user in this way, so it
should be safe to create.
.Pp
To avoid possible denial-of-service attacks,
.Sy SIZE
requests against files larger than 10240 bytes will be denied if
the current transfer
.Sy TYPE
is
.Sq Li A
(ASCII).