From owner-freebsd-questions@FreeBSD.ORG Fri Jul 11 13:44:35 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1BF3C37B401 for ; Fri, 11 Jul 2003 13:44:35 -0700 (PDT) Received: from smtp.infracaninophile.co.uk (ns0.infracaninophile.co.uk [81.2.69.218]) by mx1.FreeBSD.org (Postfix) with ESMTP id 97F4343F75 for ; Fri, 11 Jul 2003 13:44:33 -0700 (PDT) (envelope-from m.seaman@infracaninophile.co.uk) Received: from happy-idiot-talk.infracaninophile.co.uk (localhost [127.0.0.1]) h6BKiQwX029840 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 11 Jul 2003 21:44:29 +0100 (BST) (envelope-from matthew@happy-idiot-talk.infracaninophile.co.uk) Received: (from matthew@localhost)h6BKiPrg029775; Fri, 11 Jul 2003 21:44:25 +0100 (BST) (envelope-from matthew) Date: Fri, 11 Jul 2003 21:44:25 +0100 From: Matthew Seaman To: Paul MacKenzie Message-ID: <20030711204425.GA69739@happy-idiot-talk.infracaninophile.co.uk> Mail-Followup-To: Matthew Seaman , Paul MacKenzie , freebsd-questions@freebsd.org References: <5.2.0.9.2.20030711124510.03ec53c8@mail.elehost.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="/04w6evG8XlLl3ft" Content-Disposition: inline In-Reply-To: <5.2.0.9.2.20030711124510.03ec53c8@mail.elehost.com> User-Agent: Mutt/1.5.4i X-Spam-Status: No, hits=-11.4 required=5.0 tests=AWL,BAYES_00,EMAIL_ATTRIBUTION,IN_REP_TO,PGP_SIGNATURE_2, QUOTED_EMAIL_TEXT,REFERENCES,REPLY_WITH_QUOTES, USER_AGENT_MUTT autolearn=ham version=2.55 X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp) cc: freebsd-questions@freebsd.org Subject: Re: Lukemftpd and directory permission X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Jul 2003 20:44:35 -0000 --/04w6evG8XlLl3ft Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Jul 11, 2003 at 12:55:35PM -0400, Paul MacKenzie wrote: > Hi, >=20 > I was testing out the lukemftpd in stable and ran into this problem which= =20 > is probably easy to fix but is stumping me. >=20 > When we create a directory under any class, the read and execute=20 > permissions on the Other bit is disabled (no "Other" read permissions on= =20 > any directory created via FTP). This poses a problem as any directory=20 > created under FTP will not be readable for web purposes. >=20 > Here is the command we had in Inetd.conf >=20 > ftp stream tcp nowait root /usr/libexec/lukemftpd ftpd -ll -= r=20 > -u >=20 > Any ideas why this is happening? Yes. The default umask for lukemftpd(8) is 027. Read the ftpd.conf(5) manpage for detailed instructions on how to modify that value, but you probably want to create a /etc/ftpd.conf file and include within it: umask real 022 You should also read ftpusers(5) and make sure you've set up your users with the right classes etc. For backwards compatibility, just listing the username in /etc/ftpusers disables that account from using the FTP service. Certainly you should disable FTP access for root and all pseudo-users. Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK --/04w6evG8XlLl3ft Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE/DyGpdtESqEQa7a0RAmkrAJwNyhWWIxmjN3cx7uynTCwnqQZMjgCfZuFq /kSUbBhlZsMwniBvoSa0gmQ= =zUOy -----END PGP SIGNATURE----- --/04w6evG8XlLl3ft--