HP-UX Reference (11i v1 00/12) - 4 File Formats (vol 8)

ManualsBrandsHP ManualsSoftwareHP-UX Reference Manuals

__________________________________________________________________________________________________________________________________________________________________________________________________

STANDARD Printed by: Nora Chuang [nchuang] STANDARD

/build/1111/BRICK/man4/!!!intro.4

________________________________________________________________

___ ___

ftpaccess(4) ftpaccess(4)

NAME

ftpaccess - ftpd conﬁguration ﬁle

SYNOPSIS

/etc/ftpd/ftpaccess

DESCRIPTION

The /etc/ftpd/ftpaccess ﬁle is used to conﬁgure the operation of ftpd (see ftpd(1M)).

Access Capabilities

autogroup groupname class [ class ... ]

If an anonymous user is a member of any of class, the ftp server will perform a setgid() to

groupname. This allows access to group-and-owner-read-only ﬁles and directories to a particular class

of anonymous users. groupname is a valid group from /etc/group (or whatever mechanism your

getgrent() library routine uses; see getgrent(3C)).

class class typelist addrglob [ addrglob ... ]

Deﬁne class of users, with source addresses of the form addrglob. Multiple members of class may be

deﬁned. There may be multiple

class commands, listing additional members of the class. If multi-

ple

class commands can apply to the current session, the ﬁrst one listed in the access ﬁle is used.

Failing to deﬁne a valid class for a host will cause access to be denied. typelist is a comma-separated

list of any of the keywords

anonymous, guest and real. If the real keyword is included, the

class can match users using FTP to access real accounts, and if the

anonymous keyword is included,

the class can match users using anonymous FTP. The

guest keyword matches guest access accounts

(see

guestgroup below for more information)

addrglob may be a globbed domain name or a globbed numeric address. There can be multiple

addrglob’s for this directive. To avoid confusion when you have multiple addrglob’s, you can put all

the addrglob’s in a ﬁle and specify the path of the ﬁle in place of the addrglob’s.

deny addrglob message_ﬁle

Always deny access to the host(s) matching addrglob. message_ﬁle is the ﬁle from which denial mes-

sage is displayed to the hosts that are denied access. addrglob may be

!nameserved to deny access

to sites without a working nameserver.

guestgroup groupname [ groupname ... ]

If a real user is a member of any of groupname, the session is set up exactly as with anonymous

FTP. In other words, a chroot() is done, and the user is no longer permitted to issue the

USER

and PASS commands. groupname is a valid group from /etc/group (or whatever mechanism your

getgrent() library routine uses).

The user’s home directory must be properly set up, exactly as anonymous FTP would be. The home

directory ﬁeld of the passwd entry is divided into two directories. The ﬁrst ﬁeld is the root directory

which will be the argument to the chroot call. The second half is the user’s home directory relative

to the root directory. The two halves are separated by a /./.

Example:

In the /etc/passwd ﬁle, the sample entry is:

guest1:<passwd>:100:92:Guest Account:/ftp/./incoming:/etc/ftponly

When guest1 successfully logs in, the ftp server will chroot (/ftp) and then chdir (

/incom-

ing

). The guest user will only be able to access the directory structure under /ftp (which will look

and act as

/ to guest1), just as an anonymous FTP user would.

limit class n times message_ﬁle

Limit class to n users at speciﬁed times, displaying message_ﬁle if user is denied access. The limit

check is performed at login time only. If multiple limit commands apply to the current session, the

ﬁrst applicable one is used. Failing to deﬁne a valid limit, or a limit of -1, is equivalent to unlimited.

The format for times can any of the following:

Any Any week day

Fr Friday

Any0900-1300 Any day of week between 9.00 - 13.00 hrs.

Section 4−−62 − 1 − HP-UX Release 11i: December 2000

___