summaryrefslogtreecommitdiff
path: root/libexec/ftpd/ftpd.8
diff options
context:
space:
mode:
authorJason McIntyre <jmc@cvs.openbsd.org>2003-11-20 12:32:35 +0000
committerJason McIntyre <jmc@cvs.openbsd.org>2003-11-20 12:32:35 +0000
commit4a9ee222b08edc7d5f12edb906ae1a85b57a17eb (patch)
tree2f5f98524cf8458b7aa590d7b3aabe954a8f10a6 /libexec/ftpd/ftpd.8
parent4e4695d344952de50dfc7a463584f193faf700fc (diff)
ftpd.8:
- simpler macros - sort options - some updates ftpd.c: - sync usage()
Diffstat (limited to 'libexec/ftpd/ftpd.8')
-rw-r--r--libexec/ftpd/ftpd.8154
1 files changed, 81 insertions, 73 deletions
diff --git a/libexec/ftpd/ftpd.8 b/libexec/ftpd/ftpd.8
index b813d252ec6..6be1d27920b 100644
--- a/libexec/ftpd/ftpd.8
+++ b/libexec/ftpd/ftpd.8
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ftpd.8,v 1.60 2003/09/04 21:17:47 jmc Exp $
+.\" $OpenBSD: ftpd.8,v 1.61 2003/11/20 12:32:34 jmc Exp $
.\" $NetBSD: ftpd.8,v 1.8 1996/01/14 20:55:23 thorpej Exp $
.\"
.\" Copyright (c) 1985, 1988, 1991, 1993
@@ -38,7 +38,7 @@
.Nd Internet File Transfer Protocol server
.Sh SYNOPSIS
.Nm ftpd
-.Op Fl AdDlMnPSU46
+.Op Fl 46ADdlMnPSU
.Op Fl T Ar maxtimeout
.Op Fl t Ar timeout
.Op Fl u Ar mask
@@ -55,6 +55,18 @@ service specification; see
.Pp
The options are as follows:
.Bl -tag -width Ds
+.It Fl 4
+When
+.Fl D
+is specified, forces
+.Nm
+to use IPv4 addresses only.
+.It Fl 6
+When
+.Fl D
+is specified, forces
+.Nm
+to use IPv6 addresses only.
.It Fl A
Permit only anonymous ftp connections, accounts listed in
.Pa /etc/ftpchroot
@@ -62,8 +74,6 @@ or users in a login class with the
.Dq ftp-chroot
variable set (see below).
Other connection attempts are refused.
-.It Fl d
-Debugging information is written to the syslog using LOG_FTP.
.It Fl D
With this option set,
.Nm
@@ -74,10 +84,14 @@ This has lower overhead than starting
from
.Xr inetd 8
and is thus useful on busy servers to reduce load.
+.It Fl d
+Debugging information is written to the syslog using
+.Dv LOG_FTP .
.It Fl l
Each successful and failed
.Xr ftp 1
-session is logged using syslog with a facility of LOG_FTP.
+session is logged using syslog with a facility of
+.Dv LOG_FTP .
If this option is specified twice, the retrieve (get), store (put), append,
delete, make directory, remove directory and rename operations and
their filename arguments are also logged.
@@ -106,25 +120,6 @@ With this option set,
logs all anonymous downloads to the file
.Pa /var/log/ftpd
when this file exists.
-.It Fl U
-Each concurrent
-.Xr ftp 1
-session is logged to the file
-.Pa /var/run/utmp ,
-making them visible to commands such as
-.Xr who 1 .
-.It Fl 4
-When
-.Fl D
-is specified, forces
-.Nm
-to use IPv4 addresses only.
-.It Fl 6
-When
-.Fl D
-is specified, forces
-.Nm
-to use IPv6 addresses only.
.It Fl T Ar maxtimeout
A client may also request a different timeout period;
the maximum period allowed may be set to
@@ -137,6 +132,13 @@ The default limit is 2 hours.
The inactivity timeout period is set to
.Ar timeout
seconds (the default is 15 minutes).
+.It Fl U
+Each concurrent
+.Xr ftp 1
+session is logged to the file
+.Pa /var/run/utmp ,
+making them visible to commands such as
+.Xr who 1 .
.It Fl u Ar mask
Force the umask to
.Ar mask ,
@@ -152,6 +154,11 @@ can be used to disable ftp access.
If the file exists,
.Nm
displays it and exits.
+Note: this method will disable
+.Em all
+non-root logins; see
+.Xr login 1
+for further details.
If the file
.Pa /etc/ftpwelcome
exists,
@@ -175,20 +182,20 @@ The case of the requests is ignored.
.Bl -column "Request" -offset indent
.It Sy Request Ta Sy Description
.It ABOR Ta "abort previous command"
-.It ACCT Ta "specify account (ignored)"
+.It ACCT Ta "specify account (not implemented)"
.It ALLO Ta "allocate storage (vacuously)"
.It APPE Ta "append to a file"
.It CDUP Ta "change to parent of current working directory"
.It CWD Ta "change working directory"
.It DELE Ta "delete a file"
-.It EPSV Ta "prepare for server-to-server transfer"
.It EPRT Ta "specify data connection port"
+.It EPSV Ta "prepare for server-to-server transfer"
.It HELP Ta "give help information"
-.It LIST Ta "give list files in a directory" Pq Dq Li "ls -lgA"
-.It LPSV Ta "prepare for server-to-server transfer"
+.It LIST Ta "give list of files in a directory" Pq Li "ls -lgA"
.It LPRT Ta "specify data connection port"
-.It MKD Ta "make a directory"
+.It LPSV Ta "prepare for server-to-server transfer"
.It MDTM Ta "show last modification time of file"
+.It MKD Ta "make a directory"
.It MODE Ta "specify data transfer" Em mode
.It NLST Ta "give name list of files in directory"
.It NOOP Ta "do nothing"
@@ -197,6 +204,7 @@ The case of the requests is ignored.
.It PORT Ta "specify data connection port"
.It PWD Ta "print the current working directory"
.It QUIT Ta "terminate session"
+.It REIN Ta "reinitialize (not implemented)"
.It REST Ta "restart incomplete transfer"
.It RETR Ta "retrieve a file"
.It RMD Ta "remove a directory"
@@ -204,14 +212,15 @@ The case of the requests is ignored.
.It RNTO Ta "specify rename-to file name"
.It SITE Ta "non-standard commands (see next section)"
.It SIZE Ta "return size of file"
+.It SMNT Ta "structure mount (not implemented)"
.It STAT Ta "return status of server"
.It STOR Ta "store a file"
.It STOU Ta "store a file with a unique name"
.It STRU Ta "specify data transfer" Em structure
.It SYST Ta "show operating system type of server system"
.It TYPE Ta "specify data transfer" Em type
-.It USER Ta "specify user name, not valid after login"
-.It XCUP Ta "change to parent of current working directory (deprecated)"
+.It USER Ta "specify user name; not valid after login"
+.It XCUP Ta "change to parent of current working directory (deprec.)"
.It XCWD Ta "change working directory (deprecated)"
.It XMKD Ta "make a directory (deprecated)"
.It XPWD Ta "print the current working directory (deprecated)"
@@ -222,21 +231,19 @@ The following non-standard or
.Tn UNIX
specific commands are supported
by the
-SITE request.
-.Pp
+SITE request:
.Bl -column Request -offset indent
.It Sy Request Ta Sy Description
-.It UMASK Ta change umask, e.g., ``SITE UMASK 002''
-.It IDLE Ta set idle-timer, e.g., ``SITE IDLE 60''
-.It CHMOD Ta change mode of a file, e.g., ``SITE CHMOD 755 filename''
-.It HELP Ta give help information
+.It CHMOD Ta "change mode of a file, e.g., SITE CHMOD 755 filename"
+.It HELP Ta "give help information"
+.It IDLE Ta "set idle-timer, e.g., SITE IDLE 60"
+.It UMASK Ta "change umask, e.g., SITE UMASK 002"
.El
.Pp
-The remaining ftp requests specified in Internet RFC 959
-are
-recognized, but not implemented.
-MDTM and SIZE are not specified in RFC 959, but will appear in the
-next updated FTP RFC.
+The remaining ftp requests specified in Internet RFC 959 are recognized,
+but not implemented.
+MDTM and SIZE are not specified in RFC 959,
+but will appear in the next updated FTP RFC.
.Pp
The ftp server will abort an active file transfer only when the
ABOR
@@ -264,12 +271,9 @@ as defined in the
file (see
.Xr login.conf 5 ) .
An authentication style
-may be specified by appending with a colon (
-.Do
-:
-.Dc
-)
-following the authentication style, i.e.
+may be specified by appending with a colon
+.Pq Sq :\&
+following the authentication style, i.e.\&
.Dq joe:skey .
The allowed authentication styles for
.Nm
@@ -280,7 +284,6 @@ entry in
.Pp
.Nm
authenticates users according to five rules.
-.Pp
.Bl -enum -offset indent
.It
The login name must be in the password database and not have a null password.
@@ -294,7 +297,7 @@ The user must have a standard shell as described by
.Xr shells 5 .
.It
If the user name appears in the file
-.Pa /etc/ftpchroot
+.Pa /etc/ftpchroot ,
the session's root will be changed to the user's login directory by
.Xr chroot 2
as for an
@@ -342,11 +345,9 @@ to the approve script:
.El
.Pp
For example (the line is broken to fit the page):
-.sp
-.Bd -ragged -offset indent
-.Pa /usr/libexec/auth/approve_ftpd Fl v
-FTPD_HOST=ftp.mycompany.com \\
-.Dl Ar username Ar class Ar service
+.Bd -literal -offset indent
+/usr/libexec/auth/approve_ftpd -v FTPD_HOST=ftp.mycompany.com \e
+ username class service
.Ed
.Pp
When the user logs in to the anonymous ftp account,
@@ -416,41 +417,41 @@ The remote host (or IP number).
.It bytes
The number of bytes transferred.
.It path
-The full path (relative the ftp chroot space) of the file transferred.
+The full path (relative to the ftp chroot space) of the file transferred.
.It type
The type of transfer; either
-.Dq a
+.Sq a
for ASCII or
-.Dq b
+.Sq b
for binary.
.It unused
Unused field containing a
-.Dq * ,
+.Sq * ,
for compatibility.
.It unused
-Unused field containing a
-.Dq o ,
+Unused field containing an
+.Sq o ,
for compatibility.
.It user type
-The type of user, either
-.Dq a
-for anonymous, or
-.Dq r
+The type of user; either
+.Sq a
+for anonymous or
+.Sq r
for a real user (should always be anonymous).
.It name
Either a system login name or the value given for
.Dq email address
if an anonymous user.
.It unused
-Unused field, containing a
-.Dq 0 ,
+Unused field containing a
+.Sq 0 ,
for compatibility.
.It real name
The system login name if the connection is not anonymous, or a
-.Dq *
+.Sq *
if it is.
-.It virtual host
-The virtual host that the connection was made to.
+.\" .It virtual host
+.\" The virtual host that the connection was made to.
.El
.Pp
Although fields exist for logging information on real users, this file is
@@ -489,13 +490,13 @@ is used.
.Sh PORT ALLOCATION
For passive mode data connections,
.Nm
-will listen to a random high tcp port.
+will listen to a random high TCP port.
The interval of ports used are configurable using
.Xr sysctl 8
variables
-.Li net.inet.ip.porthifirst
+.Va net.inet.ip.porthifirst
and
-.Li net.inet.ip.porthilast .
+.Va net.inet.ip.porthilast .
.Sh FILES
.Bl -tag -width /var/run/ftpd.pid -compact
.It Pa /etc/ftpchroot
@@ -519,13 +520,20 @@ list of users on the system
.El
.Sh SEE ALSO
.Xr ftp 1 ,
+.Xr login 1 ,
.Xr skey 1 ,
.Xr who 1 ,
.Xr chroot 2 ,
+.Xr ctime 3 ,
+.Xr group 5 ,
.Xr login.conf 5 ,
+.Xr motd 5 ,
+.Xr services 5 ,
.Xr shells 5 ,
.Xr ftp-proxy 8 ,
.Xr inetd 8 ,
+.Xr pwd_mkdb 8 ,
+.Xr sysctl 8 ,
.Xr syslogd 8
.Sh HISTORY
The