Provided by: wu-ftpd_2.6.2-20_i386 bug

NAME

       ftpd - Internet File Transfer Protocol server

SYNOPSIS

       ftpd  [ -d ] [ -v ] [ -l ] [ -t timeout ] [ -T maxtimeout ] [ -a ] [ -A
       ] [ -L ] [ -i ] [ -I ] [ -o ] [ -p ctrlport ] [ -P dataport ] [ -q ]  [
       -Q  ]  [ -r rootdir ] [ -R ] [ -s ] [ -S ] [ -u umask ] [ -V ] [ -w ] [
       -W ] [ -X ]

DESCRIPTION

       Ftpd is the Internet File Transfer Protocol server process.  The server
       uses  the TCP protocol and listens at the port specified in the ‘‘ftp’’
       service specification; see services(5).

       The -V option causes the  program  to  display  copyright  and  version
       information, then terminate.

       If  the  -d or -v option is specified, debugging information is written
       to the syslog.

       If the -l option is specified,  each  ftp  session  is  logged  in  the
       syslog.

       The  ftp  server will timeout an inactive session after 15 minutes.  If
       the -t option is specified, the inactivity timeout period will  be  set
       to  timeout  seconds.   A  client  may also request a different timeout
       period; the maximum period allowed may be set to timeout  seconds  with
       the -T option.  The default limit is 2 hours.

       If   the   -a   option  is  specified,  the  use  of  the  ftpaccess(5)
       configuration file is enabled.

       If the -A option is specified, use of  the  ftpaccess(5)  configuration
       file is disabled. This is the default.

       If the -L option is specified, commands sent to the ftpd(8) server will
       be logged to the syslog.  The -L option is overridden by the use of the
       ftpaccess(5)  file.  If the -L flag is used, command logging will be on
       by default as soon as the ftp server is invoked.  This will  cause  the
       server  to log all USER commands, which if a user accidentally enters a
       password for that command instead of the username, will cause passwords
       to be logged via syslog.

       If  the  -i  option  is specified, files received by the ftpd(8) server
       will be logged to the xferlog(5).  The -i option is overridden  by  the
       use of the ftpaccess(5) file.

       The  -I  option  disables  the use of RFC931 (AUTH/ident) to attempt to
       determine the username on the client.

       If the -o option is specified, files transmitted by the ftpd(8)  server
       will  be  logged to the xferlog(5).  The -o option is overridden by the
       use of the ftpaccess(5) file.  If  the  -X  option  is  specified,  the
       output  created  by  the  -i and -o options is not saved to the xferlog
       file but saved via syslog so you can collect output from several  hosts
       on one central loghost.

       If the -u option is specified, the default umask is set to umask.

       If  the -W option is specified user logins are not recorded in the wtmp
       file.  The default ( -w ) is to record every login and logout.

       The -s and -S options place the daemon in  standalone  operation  mode.
       The  -S  option  runs  the  daemon  in  the background and is useful in
       startup scripts during system initialization (ie., in  rc.local).   The
       -s  option  leaves  the daemon in foreground and is useful when running
       from init (ie., /etc/inittab).

       The -p and -P options override the port numbers  used  by  the  daemon.
       Normally,  the  daemon  determines  the  port  numbers  by  looking  in
       /etc/services for "ftp" and "ftp-data".  If there is  no  /etc/services
       entry  for  "ftp-data"  and  the -P option is not specified, the daemon
       uses the port just prior to the control connection port.  The -p option
       is only available if running as a standalone daemon.

       The  -q  and -Q options deterine whether the daemon uses the PID files.
       These files are required by the limit directive to determine the number
       of  current  users  in each access class.  Disabling the use of the PID
       files disables user limits.  The default ( -q  )  is  to  use  the  PID
       files.  Specify -Q when testing the server as a normal user when access
       permissions prevent the use of the PID files.  Large, busy sites  which
       do not wish to impose limits on the number of concurrent users may also
       consider disabling the PID files.

       The -r option instructs  the  daemon  to  chroot(2)  to  the  specified
       rootdir  immedeately upon loading.  This can improve system security by
       limiting the files which may be damaged should a breakin occur  through
       the  daemon.   Set  is  much  like anonymous FTP, with additional files
       needed which vary from system to system.

       When started with -R the daemon  will  not  honour  the  REST  command,
       possibly preventing "download managers" from hogging your bandwidth.

       The  ftp  server currently supports the following ftp requests; case is
       not distinguished.

       Request        Description
       ABOR           abort previous command
       ACCT           specify account (ignored)
       ALLO           allocate storage (vacuously)
       APPE           append to a file
       CDUP           change to parent of current working directory
       CWD            change working directory
       DELE           delete a file
       HELP           give help information
       LIST           give list files in a directory (‘‘ls -lgA’’)
       MKD            make a directory
       MDTM           show last modification time of file
       MODE           specify data transfer mode
       NLST           give name list of files in directory
       NOOP           do nothing
       PASS           specify password
       PASV           prepare for server-to-server transfer
       PORT           specify data connection port
       PWD            print the current working directory
       QUIT           terminate session
       REST           restart incomplete transfer
       RETR           retrieve a file
       RMD            remove a directory
       RNFR           specify rename-from file name
       RNTO           specify rename-to file name
       SITE           non-standard commands (see next section)
       SIZE           return size of file
       STAT           return status of server
       STOR           store a file
       STOU           store a file with a unique name
       STRU           specify data transfer structure
       SYST           show operating system type of server system
       TYPE           specify data transfer type
       USER           specify user name
       XCUP           change to parent of current working directory (deprecated)
       XCWD           change working directory (deprecated)
       XMKD           make a directory (deprecated)
       XPWD           print the current working directory (deprecated)
       XRMD           remove a directory (deprecated)

       The following non-standard or UNIX specific commands are  supported  by
       the SITE request.

       Request        Description
       UMASK          change umask. E.g. SITE UMASK 002
       IDLE           set idle-timer. E.g. SITE IDLE 60
       CHMOD          change mode of a file. E.g. SITE CHMOD 755 filename
       HELP           give help information. E.g. SITE HELP
       NEWER          list files newer than a particular date
       MINFO          like SITE NEWER, but gives extra information
       GROUP          request special group access. E.g. SITE GROUP foo
       GPASS          give special group access password. E.g. SITE GPASS bar
       EXEC           execute a program.  E.g. SITE EXEC program params

       The   remaining   ftp  requests  specified  in  Internet  RFC  959  are
       recognized, but not implemented.  MDTM and SIZE are  not  specified  in
       RFC 959, but will appear in the next updated FTP RFC.

       The  ftp  server  will abort an active file transfer only when the ABOR
       command is preceded by a Telnet "Interrupt Process" (IP) signal  and  a
       Telnet  "Synch"  signal  in  the command Telnet stream, as described in
       Internet RFC 959.   If  a  STAT  command  is  received  during  a  data
       transfer,  preceded  by  a Telnet IP and Synch, transfer status will be
       returned.

       Ftpd interprets file names according to  the  ‘‘globbing’’  conventions
       used  by  csh(1).   This  allows  users  to  utilize the metacharacters
       ‘‘*?[]{}~’’.

       Ftpd authenticates users according to four rules.

       1)     The user name must be in the password data base, /etc/passwd, or
              whatever  is  appropriate  for  the  operating  system,  and the
              password must not be null.  In this  case  a  password  must  be
              provided  by  the  client  before  any  file  operations  may be
              performed.

       2)     The user name must not appear in the file /etc/ftpusers.

       3)     The user must have a standard shell returned by getusershell(3).

       4)     If  the  user name is ‘‘anonymous’’ or ‘‘ftp’’, an anonymous ftp
              account must be present in the password file (user ‘‘ftp’’).  In
              this  case  the  user  is  allowed  to  log in by specifying any
              password (by convention this  is  given  as  the  client  host’s
              name).

       In  the last case, ftpd takes special measures to restrict the client’s
       access privileges.  The server performs a chroot(2) command to the home
       directory  of  the  ‘‘ftp’’ user.  In order that system security is not
       breached, it is recommended that the  ‘‘ftp’’  subtree  be  constructed
       with care;  the following rules are recommended.

       ~ftp)  Make  the  home  directory owned by super-user and unwritable by
              anyone.

       ~ftp/bin)
              Make this directory owned by the super-user  and  unwritable  by
              anyone.   The  program ls(1) must be present to support the list
              command.  This program should have mode 111.

       ~ftp/etc)
              Make this directory owned by the super-user  and  unwritable  by
              anyone.   The  files  passwd(5) and group(5) must be present for
              the ls command to be able to produce  owner  names  rather  than
              numbers.  Depending  on the operating system, there may be other
              required files. Check  your  manual  page  for  the  getpwent(3)
              library  routine.  The password field in passwd is not used, and
              should not contain real encrypted passwords.  These files should
              be mode 444 and owned by the super-user.  Don’t use the system’s
              /etc/passwd file as the password file or the system’s /etc/group
              file as the group file in the ~ftp/etc directory.

       ~ftp/pub)
              Create a subdirectory in ~ftp/pub with the appropriate mode (777
              or 733) if you want to allow normal users to upload files.

AUTHENTICATION MECHANISM ON BSD/OS SYSTEMS ONLY

       The authentication mechanism used by ftpd is determined by the  ‘‘auth-
       ftp’’  entry  in  the  /etc/login.conf  file  (see  login.conf(5)) that
       matches the users class.  If there is no  ‘‘auth-ftp’’  entry  for  the
       class,  the  normal  ‘‘auth’’ entry will be used instead.  An alternate
       authentication mechanism may be specified by appending a colon  (‘‘:’’)
       followed by the authentication style, i.e. ‘‘joe:skey’’.

GENERAL FTP EXTENSIONS

       There  are  some  extensions  to  the  FTP server such that if the user
       specifies a filename (when using a RETRIEVE command) such that:

        True Filename  Specified Filename  Action
        -------------  ------------------  -----------------------------------
        <filename>.Z   <filename>          Decompress file before transmitting
        <filename>     <filename>.Z        Compress <filename> before
                                                   transmitting
        <filename>     <filename>.tar      Tar <filename> before transmitting
        <filename>     <filename>.tar.Z    Tar and compress <filename> before
                                                   transmitting

       Also, the FTP server will attempt to check for valid  e-mail  addresses
       and  chide  the  user if he doesn’t pass the test.  For users whose FTP
       client will hang on "long replies" (i.e. multiline responses), using  a
       dash  as  the first character of the password will disable the server’s
       lreply() function.

       The FTP server can  also  log  all  file  transmission  and  reception,
       keeping the following information for each file transmission that takes
       place.

       Mon Dec  3 18:52:41 1990 1 wuarchive.wustl.edu 568881 /files.lst.Z a _ o a chris@wugate.wustl.edu ftp 0 *

         %.24s %d %s %d %s %c %s %c %c %s %s %d %s
           1   2  3  4  5  6  7  8  9  10 11 12 13

         1 current time in the form DDD MMM dd hh:mm:ss YYYY
         2 transfer time in seconds
         3 remote host name
         4 file size in bytes
         5 name of file
         6 transfer type (a>scii, b>inary)
         7 special action flags (concatenated as needed):
               C   file was compressed
               U   file was uncompressed
               T   file was tar’ed
               _   no action taken
         8 file was sent to user (o>utgoing) or received from
           user (i>ncoming)
         9 accessed anonymously (r>eal, a>nonymous, g>uest) -- mostly for FTP
        10 local username or, if guest, ID string given
           (anonymous FTP password)
        11 service name (’ftp’, other)
        12 authentication method (bitmask)
               0   none
               1   RFC931 Authentication
        13 authenticated user id (if available, ’*’ otherwise)

SEE ALSO

       ftp(1), getusershell(3), syslogd(8), ftpaccess(5), xferlog(5), umask(2)

BUGS

       The  anonymous  account is inherently dangerous and should avoided when
       possible.

       The server must run as the super-user to create sockets with privileged
       port numbers.  It maintains an effective user id of the logged in user,
       reverting to the super-user only when  binding  addresses  to  sockets.
       The  possible security holes have been extensively scrutinized, but are
       possibly incomplete.