HP-UX Reference (11i v3 07/02) - 4 File Formats (vol 8)

ManualsBrandsHP ManualsSoftwareHP-UX Reference Manuals

111

112

113

114

115

116

117

118

119

120

ftpaccess(4) ftpaccess(4)

The noretrieve restrictions may be placed upon members of particular classes. If any

class= is

speciﬁed, then this option is set only for the users of that particular class.

allow-retrieve

[ absolute|relative ][ class= classname ] ...

[

-] ﬁlename [ ﬁlename ] ...

Allows retrieval of ﬁles which would otherwise be denied by noretrieve.

loginfails number

After number login failures, log a message and terminate the FTP connection. Default value is 5.

private { yes|no }

After a user logs in, the SITE GROUP

and SITE GPASS ftpd commands may be used to specify

an enhanced access group and associated password. If the group name and password are valid, the

user becomes (via

setgid()) a member of the group speciﬁed in the group access ﬁle,

/etc/ftpd/ftpgroups

The format of the group access ﬁle is:

access_group_name

:encrypted_password:real_group_name

where access_group_name is an arbitrary (alphanumeric and punctuation) string.

encrypted_password is the password encrypted via

crypt() (see crypt(3C)) exactly like in

/etc/passwd . real_group_name is the name of a valid group listed in

/etc/group .

NOTE: For this option to work for anonymous FTP users, the ftp server must keep

/etc/group

permanently open and the group access ﬁle is loaded into memory. This means that: (1) the ftp server

now has an additional ﬁle descriptor open, and (2) the necessary passwords and access privileges

granted to users via SITE GROUP (see ftpd(1M)) will be static for the duration of an FTP session. If

you have an urgent need to change the access groups and/or passwords now (immediately), just kill

all of the running FTP servers.

Informational Capabilities

greeting { full|brief|terse }

greeting text message

Allows you to control how much information is given out before the remote user logs in.

greeting

full

is the default and shows the hostname and daemon version. greeting brief shows the

hostname. greeting terse only displays the message "FTP server ready." Also, this message is

printed as the output of the STAT command. Although full is the default, brief is recom-

mended.

NOTE: The two options

suppresshostname

and suppressversion, are not supported. The

greeting option can be used to suppress the hostname or the daemon version.

The

greeting text message form allows you to specify any greeting message you desire. The

message can be any string; whitespace (spaces and tabs) is converted to a single space.

banner path

Works similarly to the message command (see below), except that the banner is displayed before the

user enters the username and password. The path is relative to the real system root, not the base of

the anonymous FTP directory.

WARNING: use of this command can completely prevent non-compliant FTP clients from making use

of the FTP server. Not all clients can handle multi-line responses (which is how the banner is

displayed).

hostname some.host.name

Deﬁnes the default host name of the ftp server. This string will be printed on the greeting message

and every time the %L magic cookie is used. See message below for a list of magic cookies. The

host name for virtual servers overrides this value. If not speciﬁed, the default host name for the local

machine is used.

email name

Deﬁnes the email address of the ftp archive maintainer. This string will be printed every time the %E

magic cookie is used. See message below for a list of magic cookies.

HP-UX 11i Version 3: February 2007 − 4 − Hewlett-Packard Company 113