From owner-freebsd-questions@FreeBSD.ORG Wed Apr 23 14:35:16 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5813637B401 for ; Wed, 23 Apr 2003 14:35:16 -0700 (PDT) Received: from smtp.infracaninophile.co.uk (happy-idiot-talk.infracaninophile.co.uk [81.2.69.218]) by mx1.FreeBSD.org (Postfix) with ESMTP id 964C743F85 for ; Wed, 23 Apr 2003 14:35:14 -0700 (PDT) (envelope-from m.seaman@infracaninophile.co.uk) Received: from happy-idiot-talk.infracaninophile.co.uk (localhost [127.0.0.1]) h3NLZ58x062600 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 23 Apr 2003 22:35:05 +0100 (BST) (envelope-from matthew@happy-idiot-talk.infracaninophile.co.uk) Received: (from matthew@localhost)h3NLZ595062599; Wed, 23 Apr 2003 22:35:05 +0100 (BST) (envelope-from matthew) Date: Wed, 23 Apr 2003 22:35:05 +0100 From: Matthew Seaman To: Brent Bailey Message-ID: <20030423213505.GA62181@happy-idiot-talk.infracaninophi> Mail-Followup-To: Matthew Seaman , Brent Bailey , freebsd-questions@FreeBSD.ORG References: <2449.66.63.99.171.1051127529.squirrel@bmyster.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="d6Gm4EdcadzBjdND" Content-Disposition: inline In-Reply-To: <2449.66.63.99.171.1051127529.squirrel@bmyster.com> User-Agent: Mutt/1.5.4i X-Spam-Status: No, hits=-38.8 required=5.0 tests=EMAIL_ATTRIBUTION,IN_REP_TO,PGP_SIGNATURE_2, QUOTED_EMAIL_TEXT,REFERENCES,REPLY_WITH_QUOTES, USER_AGENT_MUTT version=2.53 X-Spam-Checker-Version: SpamAssassin 2.53 (1.174.2.15-2003-03-30-exp) cc: freebsd-questions@FreeBSD.ORG Subject: Re: chrooted ftpd X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Apr 2003 21:35:16 -0000 --d6Gm4EdcadzBjdND Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Apr 23, 2003 at 03:52:09PM -0400, Brent Bailey wrote: > thank you for your reponse......Your kidding me ...the stock ftpd that > comes with FBSD 4.8 is so different that it no longer supports chroot ??? > Are we expected to to deinstall the package and installl some other port > to just do chroot ? > Are there any other ftp servers that can be used besides lukemftpd other > than wu-ftpd...just to keep my options open. > what about proftpd ?? No, the stock ftpd(8) apparently no longer supports the FTPD_INTERNAL_LS compilation option. It still does all of the expected chroot(2) things. The lukemftpd(8) that I mentioned seems to have internal ls functionality by default: % find /usr/src -type f -print | xargs grep INTERNAL_LS /usr/src/contrib/lukemftpd/src/cmds.c: char *argv[] =3D { INTERNAL_LS,= "-lgA", "", NULL }; /usr/src/contrib/lukemftpd/src/extern.h:#define INTERNAL_LS "/bin/l= s" /usr/src/contrib/lukemftpd/src/ftpcmd.y: char *a= rgv[] =3D { INTERNAL_LS, "-lgA", NULL }; /usr/src/contrib/lukemftpd/src/ftpcmd.y: char *a= rgv[] =3D { INTERNAL_LS, "-lgA", NULL, NULL }; /usr/src/contrib/lukemftpd/src/ftpd.c: if (strcmp(argv[0], INT= ERNAL_LS) =3D=3D 0) { /usr/src/contrib/lukemftpd/src/ftpd.c: char *a= rgv[] =3D { INTERNAL_LS, "", NULL }; /usr/src/contrib/lukemftpd/src/popen.c:#ifndef NO_INTERNAL_LS /usr/src/contrib/lukemftpd/src/popen.c: isls =3D (strcmp(sl->sl_str[0],= INTERNAL_LS) =3D=3D 0); /usr/src/contrib/lukemftpd/src/popen.c:#ifndef NO_INTERNAL_LS /usr/src/contrib/lukemftpd/acconfig.h:#undef NO_INTERNAL_LS /usr/src/contrib/lukemftpd/config.h.in:#undef NO_INTERNAL_LS /usr/src/contrib/lukemftpd/configure:#define NO_INTERNAL_LS 1 /usr/src/contrib/lukemftpd/configure.in: AC_DEFINE(NO_INTERNAL_L= S,1) /usr/src/libexec/lukemftpd/config.h:/* #undef NO_INTERNAL_LS */ ... and the man page states: ftpd has internal support for handling remote requests to list files, = and will not execute /bin/ls in either a chrooted or non-chrooted environ- ment. The ~/bin/ls executable need not be placed into the chrooted tr= ee, nor need the ~/bin directory exist. There's no need to install any ports to get this functionality: lukemftpd(8) is part of the base system. All you need to do is edit /etc/inetd.conf so that it calls /usr/libexec/lukemftpd rather than /usr/libexec/ftpd. The big difference seems to be that lukemftpd(8) has more bells and whistles to make it more suitable for running a serious anonymous FTP site, whereas ftpd(8) has IPv6 support. Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK --d6Gm4EdcadzBjdND Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+pwcJdtESqEQa7a0RAmNfAJ0WAszu++Q9XxOrBvg3sNk6EGbDngCggZfN a45rPylQjrY/2ozL/qOub64= =xCw5 -----END PGP SIGNATURE----- --d6Gm4EdcadzBjdND--