Re: r286615: /usr/libexec/ftpd broken!

From: O. Hartmann <ohartman_at_zedat.fu-berlin.de>
Date: Fri, 14 Aug 2015 21:47:25 +0200
Am Fri, 14 Aug 2015 14:06:25 +0100
Matthew Seaman <matthew_at_freebsd.org> schrieb:

> On 08/14/15 12:45, O. Hartmann wrote:
> > Man page "ftpusers(5)" states, that an entry "username allow" will allow access
> > to ftpd. But every user listed in /etc/ftpusers is denied access, no matter
> > whether there is "allow" appended to the entry or not! This is strange.
> > Whenever I delete a user's name from that file I wish to have access to the
> > ftpd service, that user can login - but addig the users even as "username
> > allow" (no * in the file, nothing else but the initial users names) access is
> > denied.
> 
> If you've got a ftpusers(5) that presumably comes from some ported
> software -- doesn't exist in the base system.  There is pam_ftpusers(8)
> in base, although that doesn't seem to be in use by default.

After you mentioned this, I checked and you're correct!The manpage was installed by
package heimdal-1.5.3_4 according with another ftpd located under /usr/local/libexec.

> 
> Traditionally 'ftpusers' was just a plain list of usernames or groups
> (indicated by a leading '_at_' character).  According to ftpd(8) it lists
> the people *not* allowed access via FTP.

I got this.

> 
> However, other implementations of FTP servers have adopted the ftpusers
> file and expanded its capabilities in various ways, by adding some
> additional flag fields for each username.  It depends on what ftpd
> you're using exactly what syntax is used there.  Properly ported
> software should really be using /usr/local/etc/ftpusers though.

I use NanoBSD for some very small appliance/server system and use the FreeBSD base system
to start with - avoiding unncessary package installation. Reading the heimdal man page,
configuring then according to heimdal's /usr/local/etc/ftpusers's explanations and then
running the FreeBSD ftpd from its natural starting point with the
misconfigured /etc/ftpusers will end in a mess. So it is my fault.

But anyway, cleaning up the mess doesn't resolve the weird issues with FreeBSD's own ftpd.

> 
> 	Cheers,
> 
> 	Matthew
> 
> 
> 
> 


Thank you for that hint.

Regards,
Oliver

Received on Fri Aug 14 2015 - 17:47:34 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:59 UTC