HP-UX Reference (11i v1 05/09) - 4 File Formats (vol 8)
f
ftpaccess(4) ftpaccess(4)
noretrieve filename filename ....
Always deny retrievability of these files. If the files are an absolute path specification (i.e. begins with
/ character), then only those files are marked unretrievable. Otherwise all files with the matching
filename are refused transfer. Example:
noretrieve /etc/passwd core
specifies that no one is able to get the file
/etc/passwd , whereas they are allowed to transfer a file,
passwd, if it is not in
/etc. On the other hand, no one is be able to get a file named core
wher-
ever it is.
No globbing is done.
loginfails number
After number login failures, log a message and terminate the FTP connection. Default value is 5.
private yes|no
After a user logs in, the SITE GROUP
and SITE GPASS ftpd commands may be used to specify
an enhanced access group and associated password. If the group name and password are valid, the
user becomes (via
setgid()) a member of the group specified in the group access file,
/etc/ftpd/ftpgroups
.
The format of the group access file is:
access_group_name:encrypted_password:real_group_name
where access_group_name
is an arbitrary (alphanumeric and punctuation) string.
encrypted_password
is the password encrypted via crypt() (see crypt(3C)) exactly like in
/etc/passwd . real_group_name
is the name of a valid group listed in /etc/group.
NOTE: For this option to work for anonymous FTP users, the ftp server must keep
/etc/group
permanently open and the group access file is loaded into memory. This means that: (1) the ftp server
now has an additional file descriptor open, and (2) the necessary passwords and access privileges
granted to users via SITE GROUP (see ftpd(1M)) will be static for the duration of an FTP session. If
you have an urgent need to change the access groups and/or passwords now, you just kill all of the
running FTP servers.
Informational Capabilities
banner path
Works similarly to the message command (see below), except that the banner is displayed before the
user enters the username and password. The path is relative to the real system root, not the base of
the anonymous FTP directory.
email name
Defines the email address of the ftp archive maintainer. This string will be printed every time the
%E
magic cookie is used.
message path [ when [ class... ]]
Define a file with path such that ftpd will display the contents of the file to the user at login time or
upon using the change working directory command. The when parameter may be LOGIN or
CWD=<dir>.Ifwhen is CWD=<dir>, dir specifies the new default directory which will trigger the
notification.
The optional class specification allows the message to be displayed only to members of a particular
class. More than one class may be specified.
In the message file the user can key in a message and use the ‘macros’ or ‘magic cookies’ that are
available. The ftp server will replace the cookie with a specified text string. The following magic cook-
ies are available:
%T local time (form Thu Nov 15 17:12:42 1990)
%C current working directory
%E the maintainer’s email address as defined in ftpaccess
%R remote host name
%L local host name
Section 4−−62 Hewlett-Packard Company − 2 − HP-UX 11i Version 1: September 2005