From owner-wu-ftpd@wugate.wustl.edu Tue Dec 1 00:33:50 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id AAA09579; Tue, 1 Dec 1998 00:33:48 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id AAA29544; Tue, 1 Dec 1998 00:25:55 -0600 (CST) Received: from dagobert.piro.net (dagobert.piro.net [194.64.31.2]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id AAA29575 for ; Tue, 1 Dec 1998 00:20:36 -0600 (CST) Received: from ITS.DE (gwmail.its.de [194.195.99.74]) by dagobert.piro.net (8.8.8/8.8.8/PN-980513) with SMTP id HAA18354 for ; Tue, 1 Dec 1998 07:20:31 +0100 (MET) Received: from ITS#u#Reisen-Message_Server by ITS.DE with Novell_GroupWise; Tue, 01 Dec 1998 07:20:01 +0100 Message-Id: Date: Tue, 01 Dec 1998 07:19:29 +0100 Reply-To: Peter.Bechara@ITS.DE Sender: owner-wu-ftpd@wugate.wustl.edu From: "Peter Bechara" To: wu-ftpd@wugate.wustl.edu Subject: unsuscribe Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Disposition: inline Content-Transfer-Encoding: 8bit X-Mailer: Novell GroupWise 5.2 X-MIME-Autoconverted: from quoted-printable to 8bit by wugate.wustl.edu id AAA23160 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN unsuscribe From owner-wu-ftpd@wugate.wustl.edu Tue Dec 1 08:19:22 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id IAA13493; Tue, 1 Dec 1998 08:19:21 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id IAA01172; Tue, 1 Dec 1998 08:14:31 -0600 (CST) Received: from gis-mail.gis-online.de (gis.gis-online.de [195.88.182.250]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id IAA16160 for ; Tue, 1 Dec 1998 08:06:47 -0600 (CST) Received: from produktion.gis-online.de (dfsbvr1x1 [10.224.10.11]) by gis-mail.gis-online.de (8.8.5/8.8.5) with ESMTP id OAA10289 for ; Tue, 1 Dec 1998 14:51:31 +0100 (MET) Received: from produktion.gis-online.de ([5.10.6.142]) by produktion.gis-online.de (8.8.5/8.8.5) with ESMTP id PAA13499 for ; Tue, 1 Dec 1998 15:05:52 +0100 (MET) Message-Id: <3663F7CF.2CC07DFF@produktion.gis-online.de> Date: Tue, 01 Dec 1998 15:06:07 +0100 Reply-To: robin.breyl@produktion.gis-online.de Sender: owner-wu-ftpd@wugate.wustl.edu From: Robin Breyl To: wu-ftpd@wugate.wustl.edu Subject: Download progress bar in Netscape MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Sender: breyl@produktion.gis-online.de X-Mailer: Mozilla 4.5 [en] (X11; I; SunOS 5.6 sun4u) X-Accept-Language: en X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Hello, I'm using Wu-ftp 2.4.2 (Beta17) on a Solrais 2.5.1 machine without any problems so far. But recently I got a call, that users who are downloading files with Netscape Navigator from my site don't get a download-progress bar, as they do get from many other sites. I figured, that netscape might do a "ls -l" or a "dir" to get the actual filesize and checked both comands. Both work fine, ls is static linked and I cann't imagine any problem here. Does anyone know what causes Netscape Navigator to the get the filesize as "unknown"? Robin -- _________________________________________________________________ / \ | Robin Breyl Geno RZ | | ------------- | | Saonestrasse 3a | | 60528 Frankfurt am Main | | | | E-Mail (Office): robin.breyl@gis-online.de | | E-Mail (Home): robin@breyl.de | | | | Tel.: +49 69 / 75690-369 Fax.: +49 69 / 75690-925 | \_________________________________________________________________/ From owner-wu-ftpd@wugate.wustl.edu Tue Dec 1 10:38:09 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id KAA15197; Tue, 1 Dec 1998 10:38:08 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id KAA18856; Tue, 1 Dec 1998 10:33:31 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id KAA17543 for ; Tue, 1 Dec 1998 10:28:24 -0600 (CST) Received: (from lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) id LAA22834 for wu-ftpd@wugate.wustl.edu; Tue, 1 Dec 1998 11:28:17 -0500 Message-Id: <199812011628.LAA22834@mail.vr.net> Date: Tue, 1 Dec 1998 12:00:00 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: WU-FTPD Discussion List Subject: [VR11] More enhancements and bug fixes for beta-18 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN The VR11 patch set for WU-FTPD 2.4.2 (beta-18) is now available. This set includes additional features requested over the years by the user community and includes a number of bug fixes for both the base (beta-18) release and earlier VR patch sets. These are available as both patches and pre-patched tarballs at my ftp site: ftp://ftp.vr.net/pub/wu-ftpd/ If you take just the patch files, please remember: they are cumulative. you cannot apply fixes from one set without earlier sets already having been applied. The first set for BETA-18 is VR3; VR1 and VR2 were for BETA-17 only. Several pre-compiled binaries for VR11 are also available. These include: Sun/SunOS --------- sunos41x-ftpbin.tar.gz (FTP support executables, ls etc.) wu-ftpd-2.4.2-beta-18-vr11-SunOS-4.1.3-U1.tar.gz Sun/Solaris ----------- FTP242b18.wu-ftpd.2.4.2-beta18-VR11.SPARC.ULTRASparc.2.5.1.2.5.pkg.tar.Z FTP242b18.wu-ftpd.2.4.2-beta18-VR11.SPARC.ULTRASparc.2.5.1.2.5.pkg.tar.gz wu-ftpd-2.4.2-beta-18-vr11-Solaris-2.6.tar.gz Sun/NetBSD ---------- wu-ftpd-2.4.2-beta-18-vr11-NetBSD-1.3I.tar.gz Sun/Linux --------- wu-ftpd-2.4.2-beta-18-vr11-linux-sparc.tar.gz SGI/IRIX -------- irix62-ftpbin.tar.gz (FTP support executables, ls etc.) wu-ftpd-2.4.2-beta-18-vr11-IRIX-6.2.tar.gz IBM/AIX ------- wu-ftpd-2.4.2-beta-18-vr11-AIX.3.2.5.tar.gz DEC/Unix -------- wu-ftpd-2.4.2-beta-18-vr11-OSF1-3.2-C2.tar.gz Intel/BSDI ---------- wu-ftpd-2.4.2-beta-18-vr11-BSDI-2.1.tar.gz wu-ftpd-2.4.2-beta-18-vr11-BSDI-3.1.tar.gz Intel/Linux ----------- ftp.bin.linux.i386.tar.gz (FTP support executables, ls etc.) wu-ftpd-2.4.2-beta-18-vr11.linux.i386.tar.gz Thanks to all those who helped with debugging and built the pre-compiled binaries. This is a list of fixes to BETA 18 with VR10 applied from lundberg@vr.net --------------------------------------------------------------------------- Add -r option to chroot the daemon during startup. From a discussion on the mailing list with on 12 Nov 1998. Linux library includes no longer #define MAXMNTENT so if it's not there #define it in extensions.c until someone has the time to fix this right. Probably RedHat 5.1-ism. Linux libraries now define some paths already in src/pathnames.h so we need to #include first. Did this in config/config.lnx. Probably RedHat 5.1-ism. Added syslog message if started as a standalone daemon and there is no ftpaccess file being used. Add an option to completely disable PASV mode and/or PORT mode. Another old request I found again. Don't remember who first requested it. This was originally rants trying to block web clients. I've put it in since it seems blocking PORT is a good idea and blocking PASV is orthagonal to that feature. initsetproctitle was once again causing signal 11 crashes. Moved the call further up yet again and they're not happening. Discovered in testing. I believe there have been some reports of this but could never get enough info to track it down. A bad extern in ftpcmd.y caused garbage to be logged for the remoteident. Discovered in testing. I believe I had a vague report of this. stanonik@nprdc.navy.mil noted on 20 Nov 1998 the byte count for ASCII mode file reception is off by a few characters. This bug has been there for a very long time. richard@swansong.stg.brown.edu suggested on 1 Nov 1998 a change to the lslong and lsshort ftpaccess clauses to support more complex command lines as well as the addition of lsplain to modify the default 'ls' behaviour. neighorn@quatloo.scn.rain.com reported problems with the new realpath.c on SunOS. He sent a patch on 23 Nov 1998 which fixes the problem. Basically, the getcwd() function on SunOS is too buggy to use so we had to switch to getwd instead. SunOS has joined AIX as systems which do not provide the runtime support needed to avoid all buffer overruns in realpath(). *sigh* ayamura@ayamura.org on 25 Nov 1998 reported a problem with CWD when no parameter is given and the user is anonymous or guest. The command should work but returns an error instead; the error reveals the underlying file system. CWD should work like CWD ~. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Tue Dec 1 12:14:58 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id MAA16283; Tue, 1 Dec 1998 12:14:58 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id MAA12956; Tue, 1 Dec 1998 12:10:39 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id MAA24896 for ; Tue, 1 Dec 1998 12:07:54 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id NAA23851; Tue, 1 Dec 1998 13:07:51 -0500 Message-Id: Date: Tue, 1 Dec 1998 13:07:50 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: WU-FTPD Discussion List Cc: "Denis N. Antonioli" Subject: NFS fix for realpath in VR11 MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN I have updated this patch for VR11 and commited it to my CVS tree. It came in too late to make it into VR11, so it will appear in VR12 (due out January 1, 1999). This patch is available at: ftp://ftp.vr.net/pub/wu-ftpd/unsupported/vr11.1.patch You only need it if you NFS mount parts of your FTP area. ---- Original Message ---- >From antonio@ifi.unizh.ch Tue Dec 1 11:54:05 1998 Date: Sun, 29 Nov 1998 15:23:52 +0100 (MET) From: Denis N. Antonioli To: WU-FTPD Discussion List Subject: Re: realpath in 2.4.2-beta-18-vr10 On Fri, 27 Nov 1998, Gregory A Lundberg wrote: > On Fri, 27 Nov 1998, Denis N. Antonioli wrote: > > > Maybe ftpd could seteuid(0) only if a normal access failed? > > Sounds fine. The seteuid(0) stuff is there mainly to support people > who've revoked read access on the common directory containing the users' > home directories as in: > > d--x--x--x root root /home > drwx------ greg greg /home/greg > > Where 'greg' is a guest user chroot'd to /home/./greg and we want him to > be able to cd, pwd, etc., but not see the other users in /home Ok. Here then is a patch for realpath.c. Happy programming, Denis N. Antonioli ---- Updated patch ---- Index: realpath.c =================================================================== RCS file: /cvsroot/wu-ftpd/src/realpath.c,v retrieving revision 1.1.1.1.2.6.2.6 retrieving revision 1.1.1.1.2.6.2.7 diff -c -w -r1.1.1.1.2.6.2.6 -r1.1.1.1.2.6.2.7 *** realpath.c 1998/11/23 17:42:37 1.1.1.1.2.6.2.6 --- realpath.c 1998/12/01 17:30:50 1.1.1.1.2.6.2.7 *************** *** 108,114 **** int fd, n, rootd, serrno; char *p, *q, wbuf[MAXPATHLEN]; int symlinks = 0; - uid_t userid; int resultcode; #ifdef HAS_NO_FCHDIR /* AIX Has no fchdir() so we hope the getcwd() call doesn't overrun the buffer! */ --- 108,113 ---- *************** *** 117,123 **** #endif /* Save the starting point. */ ! userid = geteuid(); delay_signaling(); /* we can't allow any signals while euid==0: kinch */ seteuid(0); #ifdef HAS_NO_FCHDIR --- 116,128 ---- #endif /* Save the starting point. */ ! #ifdef HAS_NO_FCHDIR ! pcwd = getcwd(cwd, sizeof (cwd)); ! #else ! fd = open(".", O_RDONLY); ! #endif ! if (EACCES == errno) { ! uid_t userid = geteuid(); delay_signaling(); /* we can't allow any signals while euid==0: kinch */ seteuid(0); #ifdef HAS_NO_FCHDIR *************** *** 131,141 **** #endif seteuid(userid); enable_signaling(); /* we can allow signals once again: kinch */ #ifdef HAS_NO_FCHDIR ! if (pcwd == NULL) { #else ! if (fd < 0) { #endif (void)strcpy(resolved, "."); return (NULL); } --- 136,148 ---- #endif seteuid(userid); enable_signaling(); /* we can allow signals once again: kinch */ + } #ifdef HAS_NO_FCHDIR ! if (pcwd == NULL) #else ! if (fd < 0) #endif + { (void)strcpy(resolved, "."); return (NULL); } *************** *** 163,174 **** q[1] = '\0'; q = resolved; } ! userid = geteuid(); delay_signaling(); /* we can't allow any signals while euid==0: kinch */ seteuid(0); resultcode = chdir(q); seteuid(userid); enable_signaling(); /* we can allow signals once again: kinch */ if (resultcode < 0) goto err1; } else --- 170,184 ---- q[1] = '\0'; q = resolved; } ! resultcode = chdir(q); ! if (EACCES == errno) { ! uid_t userid = geteuid(); delay_signaling(); /* we can't allow any signals while euid==0: kinch */ seteuid(0); resultcode = chdir(q); seteuid(userid); enable_signaling(); /* we can allow signals once again: kinch */ + } if (resultcode < 0) goto err1; } else *************** *** 176,211 **** /* Deal with the last component. */ if (*p != '\0') { ! userid = geteuid(); delay_signaling(); /* we can't allow any signals while euid==0: kinch */ seteuid(0); resultcode = lstat(p, &sb); seteuid(userid); enable_signaling(); /* we can allow signals once again: kinch */ if (resultcode == 0) { if (S_ISLNK(sb.st_mode)) { if (++symlinks > MAXSYMLINKS) { errno = ELOOP; goto err1; } ! userid = geteuid(); delay_signaling(); /* we can't allow any signals while euid==0: kinch */ seteuid(0); n = readlink(p, resolved, MAXPATHLEN); seteuid(userid); enable_signaling(); /* we can allow signals once again: kinch */ if (n < 0) goto err1; resolved[n] = '\0'; goto loop; } if (S_ISDIR(sb.st_mode)) { ! userid = geteuid(); delay_signaling(); /* we can't allow any signals while euid==0: kinch */ seteuid(0); resultcode = chdir(p); seteuid(userid); enable_signaling(); /* we can allow signals once again: kinch */ if (resultcode < 0) goto err1; p = ""; --- 186,230 ---- /* Deal with the last component. */ if (*p != '\0') { ! resultcode = lstat(p, &sb); ! if (EACCES == errno) { ! uid_t userid = geteuid(); delay_signaling(); /* we can't allow any signals while euid==0: kinch */ seteuid(0); resultcode = lstat(p, &sb); seteuid(userid); enable_signaling(); /* we can allow signals once again: kinch */ + } if (resultcode == 0) { if (S_ISLNK(sb.st_mode)) { if (++symlinks > MAXSYMLINKS) { errno = ELOOP; goto err1; } ! n = readlink(p, resolved, MAXPATHLEN); ! if (EACCES == errno) { ! uid_t userid = geteuid(); delay_signaling(); /* we can't allow any signals while euid==0: kinch */ seteuid(0); n = readlink(p, resolved, MAXPATHLEN); seteuid(userid); enable_signaling(); /* we can allow signals once again: kinch */ + } if (n < 0) goto err1; resolved[n] = '\0'; goto loop; } if (S_ISDIR(sb.st_mode)) { ! resultcode = chdir(p); ! if (EACCES == errno) { ! uid_t userid = geteuid(); delay_signaling(); /* we can't allow any signals while euid==0: kinch */ seteuid(0); resultcode = chdir(p); seteuid(userid); enable_signaling(); /* we can allow signals once again: kinch */ + } if (resultcode < 0) goto err1; p = ""; *************** *** 218,224 **** * the current directory. */ (void)strcpy(wbuf, p); ! userid = geteuid(); delay_signaling(); /* we can't allow any signals while euid==0: kinch */ seteuid(0); #ifdef HAVE_GETCWD --- 237,253 ---- * the current directory. */ (void)strcpy(wbuf, p); ! #ifdef HAVE_GETCWD ! resultcode = getcwd(resolved, MAXPATHLEN) == NULL ? 0 : 1; ! #else ! resultcode = getwd(resolved) == NULL ? 0 : 1; ! if (resolved[MAXPATHLEN -1 ] != '\0') { ! resultcode = 0; ! errno = ERANGE; ! } ! #endif ! if (EACCES == errno) { ! udt_t userid = geteuid(); delay_signaling(); /* we can't allow any signals while euid==0: kinch */ seteuid(0); #ifdef HAVE_GETCWD *************** *** 232,237 **** --- 261,267 ---- #endif seteuid(userid); enable_signaling(); /* we can allow signals once again: kinch */ + } if (resultcode == 0) goto err1; *************** *** 255,261 **** } /* Go back to where we came from. */ ! userid = geteuid(); delay_signaling(); /* we can't allow any signals while euid==0: kinch */ seteuid(0); #ifdef HAS_NO_FCHDIR --- 285,297 ---- } /* Go back to where we came from. */ ! #ifdef HAS_NO_FCHDIR ! resultcode = chdir(cwd); ! #else ! resultcode = fchdir(fd); ! #endif ! if (EACCES == errno) { ! uid_t userid = geteuid(); delay_signaling(); /* we can't allow any signals while euid==0: kinch */ seteuid(0); #ifdef HAS_NO_FCHDIR *************** *** 265,270 **** --- 301,307 ---- #endif seteuid(userid); enable_signaling(); /* we can allow signals once again: kinch */ + } if (resultcode < 0) { serrno = errno; goto err2; *************** *** 277,283 **** return (resolved); err1: serrno = errno; ! userid = geteuid(); delay_signaling(); /* we can't allow any signals while euid==0: kinch */ seteuid(0); #ifdef HAS_NO_FCHDIR --- 314,326 ---- return (resolved); err1: serrno = errno; ! #ifdef HAS_NO_FCHDIR ! (void)chdir(cwd); ! #else ! (void)fchdir(fd); ! #endif ! if (EACCES == errno) { ! uid_t userid = geteuid(); delay_signaling(); /* we can't allow any signals while euid==0: kinch */ seteuid(0); #ifdef HAS_NO_FCHDIR *************** *** 287,292 **** --- 330,336 ---- #endif seteuid(userid); enable_signaling(); /* we can allow signals once again: kinch */ + } #ifdef HAS_NO_FCHDIR err2: errno = serrno; #else -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Tue Dec 1 17:50:51 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id RAA20036; Tue, 1 Dec 1998 17:50:50 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id RAA21866; Tue, 1 Dec 1998 17:45:14 -0600 (CST) Received: from expresscopy.com (root@caffeine.expresscopy.com [206.163.205.68]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id RAA30397 for ; Tue, 1 Dec 1998 17:43:37 -0600 (CST) Received: from admin.expresscopy.com (admin.expresscopy.com [206.163.205.70]) by expresscopy.com (8.8.8/8.8.8) with ESMTP id PAA12865 for ; Tue, 1 Dec 1998 15:41:36 -0800 (PST) (envelope-from dan@expresscopy.com) Message-Id: Date: Tue, 1 Dec 1998 15:44:25 -0800 (PST) Reply-To: dan@expresscopy.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Dan To: wu-ftpd@wugate.wustl.edu Subject: Not overwrite, but rename... MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Currently, my company is using the default FreeBSD ftpd to receive printable postscript files over the internet for color copying. I like the flexibility and control that wu-ftpd offers, as well as it's logging facilities, and therefore I would like to switch. By default, the FreeBSD ftpd does not overwrite an existing file in the incoming dir, but instead appends a .1 to the end of the file, and allows the user to upload without overwriting the older file. Because of the skill level of our customers, this is a requirement for us. Is this possible with wu-ftpd? Thanks, Dan -- Dan Herrera (dan@expresscopy.com) ------------------------------------ From owner-wu-ftpd@wugate.wustl.edu Wed Dec 2 09:07:49 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id JAA27790; Wed, 2 Dec 1998 09:07:48 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id JAA14325; Wed, 2 Dec 1998 09:01:36 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id IAA25715 for ; Wed, 2 Dec 1998 08:57:05 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id JAA30442; Wed, 2 Dec 1998 09:56:59 -0500 Message-Id: Date: Wed, 2 Dec 1998 09:56:59 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Dan Cc: wu-ftpd@wugate.wustl.edu Subject: Re: Not overwrite, but rename... In-Reply-To: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Tue, 1 Dec 1998, Dan wrote: > Currently, my company is using the default FreeBSD ftpd to receive > printable postscript files over the internet for color copying. I > like the flexibility and control that wu-ftpd offers, as well as it's > logging facilities, and therefore I would like to switch. > > By default, the FreeBSD ftpd does not overwrite an existing file in > the incoming dir, but instead appends a .1 to the end of the file, and > allows the user to upload without overwriting the older file. > > Because of the skill level of our customers, this is a requirement for > us. Is this possible with wu-ftpd? No, but it's an interesting idea. I've put it in my pile of such things for the VR extensions. Does anyone else have any comments or suggestions? -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Wed Dec 2 11:39:42 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id LAA29731; Wed, 2 Dec 1998 11:39:40 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id LAA15052; Wed, 2 Dec 1998 11:33:51 -0600 (CST) Received: from cyhpr142.ug.eds.com (cyhpr142.ug.eds.com [134.244.99.93]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id LAA17976 for ; Wed, 2 Dec 1998 11:30:06 -0600 (CST) Received: (from jung@localhost) by cyhpr142.ug.eds.com (8.7.1/8.7.1) id JAA21315 for wu-ftpd@wugate.wustl.edu; Wed, 2 Dec 1998 09:32:58 -0800 (PST) Message-Id: <199812021732.JAA21315@cyhpr142.ug.eds.com> Date: Wed, 02 Dec 1998 9:32:57 PST Reply-To: jung@cyhpr142.ug.eds.com Sender: owner-wu-ftpd@wugate.wustl.edu From: John Jung To: wu-ftpd@wugate.wustl.edu Subject: Directory-Level Password Protection? X-Mailer: Elm [revision: 212.2] X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Hi All, We've got WU-FTPD 2.4 (yeah, I know it's old, but management is skittish on the "beta" tag for the other releases) running fine here. However, management now has a new requirement and wants to know if it can be done. I don't think it can, but I want to double check with everybody else: Can WU-FTPD handle directory-level access restrictions? Management is looking for something similar to ".htaccess" for Apache, but for WU-FTPD. I don't think it's do-able because I think WU-FTPD only does authentication once, and that's at login. Am I wrong? Is it possible to do directory-level access restrictions? If so, how would this be done? Thanks for your help. John +-------------------------------------+-------------------------------------+ | John Jung (jung@ugsolutions.com) | Unigraphics Solutions | | Global Technical Access Center | 10824 Hope Street, 1S-241 | | Operating Systems Group | Cypress, California 90630 | +---------------------------(800) 955-0000x3-586----------------------------+ From owner-wu-ftpd@wugate.wustl.edu Wed Dec 2 12:04:54 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id MAA00122; Wed, 2 Dec 1998 12:04:53 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id LAA03719; Wed, 2 Dec 1998 11:59:43 -0600 (CST) Received: from tower.ti.com (tower.ti.com [192.94.94.5]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id LAA23478 for ; Wed, 2 Dec 1998 11:59:15 -0600 (CST) Received: from dadd.ti.com ([172.24.154.51]) by tower.ti.com (8.8.8) with ESMTP id LAA10290; Wed, 2 Dec 1998 11:58:08 -0600 (CST) Received: from pavis.asic.sc.ti.com by dadd.ti.com (8.8.4/) id LAA11995; Wed, 2 Dec 1998 11:58:07 -0600 (CST) Received: by pavis.asic.sc.ti.com id ; Wed, 2 Dec 1998 11:58:06 -0600 Message-Id: <199812021758.AA255531486@pavis.asic.sc.ti.com> Date: Wed, 2 Dec 98 11:58:06 CST Reply-To: bobl@ti.com (Bob Luckin) Sender: owner-wu-ftpd@wugate.wustl.edu From: Bob Luckin To: jung@cyhpr142.ug.eds.com Cc: wu-ftpd@wugate.wustl.edu Subject: Re: Directory-Level Password Protection? In-Reply-To: <199812021732.JAA21315@cyhpr142.ug.eds.com>; from "John Jung" at Dec 02, 98 9:32 am X-Mimi-Options: HEADERS TI2 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN John, > We've got WU-FTPD 2.4 (yeah, I know it's old, but management is skittish on > the "beta" tag for the other releases) running fine here. However, management > now has a new requirement and wants to know if it can be done. I don't think > it can, but I want to double check with everybody else: > > Can WU-FTPD handle directory-level access restrictions? > > Management is looking for something similar to ".htaccess" for Apache, but > for WU-FTPD. I don't think it's do-able because I think WU-FTPD only does > authentication once, and that's at login. > > Am I wrong? Is it possible to do directory-level access restrictions? If > so, how would this be done? I'm not aware of a such a feature. However, you may be able to use UNIX group permissions to restrict access to specific directories via the SITE GROUP and SITE GPASS commands. (You'd have to issue the relevant password to the folks you want to have access to the protected directory.) For more detail, see the "private yes" command in the ftpaccess man page. I use this method and it seems to work fine. Of course, it may be that this solution is not suitable for your particular problem... Cheers, Bob From owner-wu-ftpd@wugate.wustl.edu Wed Dec 2 12:46:28 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id MAA00705; Wed, 2 Dec 1998 12:46:27 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id MAA21992; Wed, 2 Dec 1998 12:38:32 -0600 (CST) Received: from quartz.nbnet.nb.ca (quartz.nbnet.nb.ca [198.164.200.18]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id MAA09521 for ; Wed, 2 Dec 1998 12:34:14 -0600 (CST) Received: from asgtechnologies.com ([198.164.220.73]) by quartz.nbnet.nb.ca (Post.Office MTA v3.1.2 release (PO203-101c) ID# 607-54382U75000L75000S0V35) with ESMTP id AAA10013 for ; Wed, 2 Dec 1998 14:34:13 -0400 Message-Id: <36658A14.2521F45@asgtechnologies.com> Date: Wed, 02 Dec 1998 14:42:29 -0400 Reply-To: Cameron.Lemon@asgtechnologies.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Cameron Lemon To: wu-ftpd@wugate.wustl.edu Subject: Adding FTP module to Apache HTTPD, or reverse engineer Wu-FTPD MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="------------8254B1010305B5991EC1310B" X-Mailer: Mozilla 4.5 [en] (WinNT; I) X-Accept-Language: en X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN This is a multi-part message in MIME format. --------------8254B1010305B5991EC1310B Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit I have submitted an idea to the Apache development group wondering if they would be able to add an FTPD module to the Apache HTTPD. As Apache provides the framework, adding an FTP module that could utilise access control, connection throttling, daemon routines, stability and such, it would be great if a module where available. Also, Apache could branch off and reuse alot of the Apache HTTPD code, and insert the FTPD code for one kick-ass FTP Daemon. Any thoughts on this? Cameron Lemon > Bob Luckin wrote: > > > John, > > > > > We've got WU-FTPD 2.4 (yeah, I know it's old, but management is skittish on > > > the "beta" tag for the other releases) running fine here. However, management > > > now has a new requirement and wants to know if it can be done. I don't think > > > it can, but I want to double check with everybody else: > > > > > > Can WU-FTPD handle directory-level access restrictions? > > > > > > Management is looking for something similar to ".htaccess" for Apache, but > > > for WU-FTPD. I don't think it's do-able because I think WU-FTPD only does > > > authentication once, and that's at login. > > > > > > Am I wrong? Is it possible to do directory-level access restrictions? If > > > so, how would this be done? > > > > I'm not aware of a such a feature. However, you may be able to use UNIX > > group permissions to restrict access to specific directories via the > > SITE GROUP and SITE GPASS commands. (You'd have to issue the relevant > > password to the folks you want to have access to the protected directory.) > > For more detail, see the "private yes" command in the ftpaccess man page. > > > > I use this method and it seems to work fine. Of course, it may be that > > this solution is not suitable for your particular problem... > > > > Cheers, Bob --------------8254B1010305B5991EC1310B Content-Type: text/x-vcard; charset=us-ascii; name="Cameron.Lemon.vcf" Content-Transfer-Encoding: 7bit Content-Description: Card for Cameron Lemon Content-Disposition: attachment; filename="Cameron.Lemon.vcf" begin:vcard n:Lemon;Cameron tel;fax:506.460.5411 tel;work:506.460.5400 x-mozilla-html:FALSE url:www.asgtechnologies.com org:Atlantic Systems Group;Professional Services version:2.1 email;internet:Cameron.Lemon@asgtechnologies.com title:Systems & Network Architect adr;quoted-printable:;;Garland Court=0D=0AIncuTech Centre;Fredericton;New Brunswick;E3B 6C2;Canada fn:Cameron Lemon end:vcard --------------8254B1010305B5991EC1310B-- From owner-wu-ftpd@wugate.wustl.edu Wed Dec 2 14:26:35 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id OAA01955; Wed, 2 Dec 1998 14:26:33 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id OAA02426; Wed, 2 Dec 1998 14:21:52 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id OAA05060 for ; Wed, 2 Dec 1998 14:19:40 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id PAA02268; Wed, 2 Dec 1998 15:19:22 -0500 Message-Id: Date: Wed, 2 Dec 1998 15:19:21 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Cameron Lemon Cc: wu-ftpd@wugate.wustl.edu Subject: Re: Adding FTP module to Apache HTTPD, or reverse engineer Wu-FTPD In-Reply-To: <36658A14.2521F45@asgtechnologies.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Wed, 2 Dec 1998, Cameron Lemon wrote: > I have submitted an idea to the Apache development group wondering if > they would be able to add an FTPD module to the Apache HTTPD. As > Apache provides the framework, adding an FTP module that could utilise > access control, connection throttling, daemon routines, stability and > such, it would be great if a module where available. Also, Apache > could branch off and reuse alot of the Apache HTTPD code, and insert > the FTPD code for one kick-ass FTP Daemon. I've heard from some of the Apache folk in the past, and they've asked along the same lines, so the idea isn't new. In fact, I've thought about it quite often over the past two years or so. As I read your message, I see 'they would be able to add' .. I think the answer to that is probably going to be: You write it, and submit it to the module registry, and they'll be happy. I seriously doubt they'll write it for you. Personally, merging FTP and HTTP into a single daemon seems like feature bloat. Sure there's a lot of similarity, but it would be better to grab what works from the Apache source kit and dump the rubbish (from FTP's point of view). Really, do you need content negotiation for FTP? I'm sure there's a lot of other features of Apache which have nothing to do with FTP but content negotiation is what they're talking about today, so it's in my mind. As for access control, the new FTP specifications will make it imperitive the daemon upgrade the view of the file system. Along with that will come access control. From what I've seen, the Apache model will not lend itself to the full virtual file system envisioned by the new FTP so the entire file access and file access control system in Apache is probably a write-off. If you mean user-level access control, the FTP protocol does not lend itself to much more than a simple login, do whatever, logout model. While some daemons allow multiple logins in a single session, with wuftpd it's not possible since upon login the daemon chroot's and the authentication subsystem is no longer fully available. This is one of the most significant strengths to wu-ftpd and I'd be loath to see it go away. What we're left with from Apache is a base of code which accepts and manages connections, spawning and managing processes (threads, maybe someday) to serve those connections, and a few support functions. All in all, I'd estimate that less than 20 percent of the Apache core code would survive. At that rate, it's easier to lump Apache in with Bind and Sendmail .. it's a good place from which to yank specific working functions, but it's not a good place to leap off from for a new project. Alright? I've got my flame-retardant suit on ... -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Wed Dec 2 16:03:25 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id QAA03171; Wed, 2 Dec 1998 16:03:24 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id PAA03170; Wed, 2 Dec 1998 15:58:53 -0600 (CST) Received: from quartz.nbnet.nb.ca (quartz.nbnet.nb.ca [198.164.200.18]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id PAA07707 for ; Wed, 2 Dec 1998 15:58:21 -0600 (CST) Received: from asgtechnologies.com ([198.164.220.73]) by quartz.nbnet.nb.ca (Post.Office MTA v3.1.2 release (PO203-101c) ID# 607-54382U75000L75000S0V35) with ESMTP id AAA26861 for ; Wed, 2 Dec 1998 17:58:18 -0400 Message-Id: <3665B9EA.FDBF090E@asgtechnologies.com> Date: Wed, 02 Dec 1998 18:06:35 -0400 Reply-To: Cameron.Lemon@asgtechnologies.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Cameron Lemon To: wu-ftpd@wugate.wustl.edu Subject: Re: Adding FTP module to Apache HTTPD, or reverse engineer Wu-FTPD References: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="------------7914510C6EEF13EA225B9D0C" X-Mailer: Mozilla 4.5 [en] (WinNT; I) X-Accept-Language: en X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN This is a multi-part message in MIME format. --------------7914510C6EEF13EA225B9D0C Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Gregory A Lundberg wrote: > On Wed, 2 Dec 1998, Cameron Lemon wrote: > > > I have submitted an idea to the Apache development group wondering if > > they would be able to add an FTPD module to the Apache HTTPD. As > > Apache provides the framework, adding an FTP module that could utilise > > access control, connection throttling, daemon routines, stability and > > such, it would be great if a module where available. Also, Apache > > could branch off and reuse alot of the Apache HTTPD code, and insert > > the FTPD code for one kick-ass FTP Daemon. > > I've heard from some of the Apache folk in the past, and they've asked > along the same lines, so the idea isn't new. In fact, I've thought about > it quite often over the past two years or so. There are very few new ideas these days. Somebody usually beats you to it whether you know it or not. > > > As I read your message, I see 'they would be able to add' .. I think the > answer to that is probably going to be: You write it, and submit it to the > module registry, and they'll be happy. I seriously doubt they'll write it > for you. Should have caught "they would be able to add" before I clicked on 'send'. > Personally, merging FTP and HTTP into a single daemon seems like feature > bloat. Sure there's a lot of similarity, but it would be better to grab > what works from the Apache source kit and dump the rubbish (from FTP's > point of view). Really, do you need content negotiation for FTP? I'm > sure there's a lot of other features of Apache which have nothing to do > with FTP but content negotiation is what they're talking about today, so > it's in my mind. Not necessarily enclose both daemons within the same daemon, but base FTPD upon the model of Apache HTTPD. > > As for access control, the new FTP specifications will make it imperitive > the daemon upgrade the view of the file system. Along with that will come > access control. From what I've seen, the Apache model will not lend > itself to the full virtual file system envisioned by the new FTP so the > entire file access and file access control system in Apache is probably a > write-off. Oh. > > > If you mean user-level access control, the FTP protocol does not lend > itself to much more than a simple login, do whatever, logout model. While > some daemons allow multiple logins in a single session, with wuftpd it's > not possible since upon login the daemon chroot's and the authentication > subsystem is no longer fully available. This is one of the most > significant strengths to wu-ftpd and I'd be loath to see it go away. I agree. > > > What we're left with from Apache is a base of code which accepts and > manages connections, spawning and managing processes (threads, maybe > someday) to serve those connections, and a few support functions. > > All in all, I'd estimate that less than 20 percent of the Apache core code > would survive. At that rate, it's easier to lump Apache in with Bind and > Sendmail .. it's a good place from which to yank specific working > functions, but it's not a good place to leap off from for a new project. > > Alright? I've got my flame-retardant suit on ... You won't need your suit for this one as there are more than enough flammers giving hell to anyone that'll listen, plus you didn't hurt my feelings by airing your concerns in a logical fashion. The idea utilising some of the Apache code/functionality was just a brain-fart myself and a collegue had while chowing down at a local Italian restaurant, and was far from investigated thoroughly. Maybe the garlic affected our power of reasoning. ;-) Cameron Lemon Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 --------------7914510C6EEF13EA225B9D0C Content-Type: text/x-vcard; charset=us-ascii; name="Cameron.Lemon.vcf" Content-Transfer-Encoding: 7bit Content-Description: Card for Cameron Lemon Content-Disposition: attachment; filename="Cameron.Lemon.vcf" begin:vcard n:Lemon;Cameron tel;fax:506.460.5411 tel;work:506.460.5400 x-mozilla-html:FALSE url:www.asgtechnologies.com org:Atlantic Systems Group;Professional Services version:2.1 email;internet:Cameron.Lemon@asgtechnologies.com title:Systems & Network Architect adr;quoted-printable:;;Garland Court=0D=0AIncuTech Centre;Fredericton;New Brunswick;E3B 6C2;Canada fn:Cameron Lemon end:vcard --------------7914510C6EEF13EA225B9D0C-- From owner-wu-ftpd@wugate.wustl.edu Wed Dec 2 16:35:35 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id QAA03538; Wed, 2 Dec 1998 16:35:34 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id QAA14802; Wed, 2 Dec 1998 16:31:02 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id QAA28180 for ; Wed, 2 Dec 1998 16:30:01 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id RAA01335; Wed, 2 Dec 1998 17:29:54 -0500 Message-Id: Date: Wed, 2 Dec 1998 17:29:54 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Cameron Lemon Cc: wu-ftpd@wugate.wustl.edu Subject: Re: Adding FTP module to Apache HTTPD, or reverse engineer Wu-FTPD In-Reply-To: <3665B9EA.FDBF090E@asgtechnologies.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Wed, 2 Dec 1998, Cameron Lemon wrote: > The idea utilising some of the Apache code/functionality was just a > brain-fart myself and a collegue had while chowing down at a local > Italian restaurant, and was far from investigated thoroughly. Maybe > the garlic affected our power of reasoning. ;-) Garlic? For me it's usually the .. er .. 'oregano' I smo .. um .. consume when I get a brilliant flash like that. Seriously .. while I personally am opposed to the idea of merging WU-FTPD and Apache it's not because I've been working on the code or have any love for the code. Let's face it, the code for both sucks but the code for Wu-FTPD sucks far harder. I work with it because it's there and I'm not (yet) inclined to toss it all. I guess my major objection is _this_ is wu-ftpd. Warts and all. It may not be pretty but it's what we all know. It does one job and does it well so, except for those few of us who actually _like_ to tinker, it's all that's needed. I remember reading (somewhere, don't remember where) on the Information Superhighway, Apache is the Ferrari (neat, sexy, fast .. what everyone wants) where WU-FTPD is a Mac truck (it aint pretty, it's sometimes slow, but it hauls the freight and gets the job done). I like this analogy a lot. Apache's primary job is shovelling a large number of small files out the door as quickly as possible. FTP, on the other hand, is meant to push massive amounts of information. Sure either can do the others job, but the design goals and implementation choices for each should reflect that basic difference. If one were to implement it on the Apache model using Apache's runtime support as much as possible, I rather doubt it would have any resembalance to wu-ftpd. In fact, why bother with wu-ftpd at all? All you'd really be using is the name. It would be better, especially considering the baggage you'd be picking up with the Apache code base, to lose the baggage of wu-ftpd and make a fresh start. All it takes is someone with the will, the time, and the programming abililty. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Wed Dec 2 20:48:39 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id UAA06428; Wed, 2 Dec 1998 20:48:39 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id UAA12294; Wed, 2 Dec 1998 20:43:56 -0600 (CST) Received: from b5.eng.internex.net (b5.eng.internex.net [207.88.8.14]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id UAA32733 for ; Wed, 2 Dec 1998 20:38:44 -0600 (CST) Received: from localhost by b5.eng.internex.net (8.9.1/8.9.1) with SMTP id SAA11589 for ; Wed, 2 Dec 1998 18:38:10 -0800 (PST) Message-Id: Date: Wed, 2 Dec 1998 18:38:09 -0800 (PST) Reply-To: ctran@concentric.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Che Tran To: wu-ftpd@wugate.wustl.edu Subject: BeroFTPD 1.2.1 passwd & shadow files MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN After a successful compilation with the --enable passwd switch, I was able to use the passwd and shadow directives in ftpaccess. However, I found that in order to log in successfully, I have to log in the 2nd time. Am I missing something? Secondly, the internal ls does not seem to function 100%, as I'm still getting the following complaint when doing 'ls -al': remote: -al How do I use an ldd to find its dependencies since it's internal? On the side note, does anyone know how to use the useradd and passwd commands to direct it to another file such as /usr/local/etc/wuftpd/passwd and /usr/local/etc/wuftpd/shadow instead of /etc/passwd and /etc/shadow? Thanks, you guys are cool!! (and a lot better than apache's mailing list/news group, just kidding). -ctran From owner-wu-ftpd@wugate.wustl.edu Thu Dec 3 06:54:18 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id GAA12866; Thu, 3 Dec 1998 06:54:16 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id GAA13235; Thu, 3 Dec 1998 06:46:59 -0600 (CST) Received: from harry.informatik.rwth-aachen.de (harry.Informatik.RWTH-Aachen.DE [137.226.116.28]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id GAA08558 for ; Thu, 3 Dec 1998 06:36:11 -0600 (CST) Received: from microsoft.sucks.eu.org (IDENT:root@s4m215.dialup.RWTH-Aachen.DE [137.226.8.215]) by harry.informatik.rwth-aachen.de (8.9.1a/8.9.1/1) with SMTP id NAA05579; Thu, 3 Dec 1998 13:35:38 +0100 (MET) Message-Id: Date: Thu, 3 Dec 1998 12:50:14 +0100 (CET) Reply-To: bero@microsoft.sucks.eu.org Sender: owner-wu-ftpd@wugate.wustl.edu From: Bernhard Rosenkraenzer To: Che Tran Cc: wu-ftpd@wugate.wustl.edu Subject: Re: BeroFTPD 1.2.1 passwd & shadow files In-Reply-To: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Wed, 2 Dec 1998, Che Tran wrote: > After a successful compilation with the --enable passwd switch, I was > able to use the passwd and shadow directives in ftpaccess. However, I > found that in order to log in successfully, I have to log in the 2nd time. > Am I missing something? I can't reproduce this - are you getting any odd entries in syslog? > Secondly, the internal ls does not seem to function 100%, as I'm still > getting the following complaint when doing 'ls -al': > > remote: -al Another "works for me" thing. This is almost certainly a matter of your client. If you telnet into port 21 and do things by hand, you'll see... Some clients think that -l means "output to local file", for example. > How do I use an ldd to find its dependencies since it's internal? There's no such thing as an external ls command embedded and called... The internal ls is just a procedure that does pretty much the same thing calling ls would do. It doesn't have any special dependencies. > On the side note, does anyone know how to use the useradd and passwd > commands to direct it to another file such as /usr/local/etc/wuftpd/passwd > and /usr/local/etc/wuftpd/shadow instead of /etc/passwd and /etc/shadow? At least in the versions I'm using (=whatever is installed by default on RedHat 5.2 and FreeBSD 3.0-current), it's not possible - you'd have to patch the source to handle another command line parameter, or create different binaries (maybe useradd-ftp and passwd-ftp) with hardcoded different paths for the files. At least the latter shouldn't be much of a problem. LLaP bero -- Windows 98 supports real multitasking - it can boot and crash simultaneously. *** Anyone sending unwanted advertising e-mail to this address will be charged $25 for network traffic and computing time. By extracting my address from this message or its header, you agree to these terms. From owner-wu-ftpd@wugate.wustl.edu Thu Dec 3 07:00:19 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id HAA12934; Thu, 3 Dec 1998 07:00:18 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id GAA02076; Thu, 3 Dec 1998 06:54:51 -0600 (CST) Received: from harry.informatik.rwth-aachen.de (harry.Informatik.RWTH-Aachen.DE [137.226.116.28]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id GAA26082 for ; Thu, 3 Dec 1998 06:36:32 -0600 (CST) Received: from microsoft.sucks.eu.org (IDENT:root@s4m215.dialup.RWTH-Aachen.DE [137.226.8.215]) by harry.informatik.rwth-aachen.de (8.9.1a/8.9.1/1) with SMTP id NAA05601; Thu, 3 Dec 1998 13:36:00 +0100 (MET) Message-Id: Date: Thu, 3 Dec 1998 13:21:55 +0100 (CET) Reply-To: bero@microsoft.sucks.eu.org Sender: owner-wu-ftpd@wugate.wustl.edu From: Bernhard Rosenkraenzer To: beroftpd-users@aachen.linux.de, beroftpd-bugs@aachen.linux.de, beroftpd-devel@aachen.linux.de Cc: wu-ftpd@wugate.wustl.edu Subject: BeroFTPD 1.2.3 released MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN I've just released BeroFTPD 1.2.3. It can be found at ftp://beroftpd.unix.eu.org/pub/BeroFTPD/ ftp://ftp.croftj.net/usr/bero/BeroFTPD/ ftp://ftp.sunet.se/pub/nir/ftp/servers/BeroFTPD/ ftp://sunsite.cnlab-switch.ch/mirror/BeroFTPD/ 1.3.1 (which will include the most recent VR patches) will follow soon (probably Monday). Changes: + Add PAM support (adapted from RedHat's patches to wu-ftpd) (from 1.3.0, which has been tested well enough) PAM support will possibly work only on Linux, so it is disabled by default. * Fix compilation with --disable-virtual * Fix a bug (not clearing memory after a malloc) that might cause crashes on some systems -- Windows 98 supports real multitasking - it can boot and crash simultaneously. *** Anyone sending unwanted advertising e-mail to this address will be charged $25 for network traffic and computing time. By extracting my address from this message or its header, you agree to these terms. From owner-wu-ftpd@wugate.wustl.edu Thu Dec 3 14:24:50 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id OAA17765; Thu, 3 Dec 1998 14:24:36 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id OAA20816; Thu, 3 Dec 1998 14:13:27 -0600 (CST) Received: from lexmark.lexmark.com (interlock2.lexmark.com [192.146.101.10]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id OAA08513 for ; Thu, 3 Dec 1998 14:12:11 -0600 (CST) Received: by interlock2.lexmark.com id AA23216 (InterLock SMTP Gateway 3.0 for wu-ftpd@wugate.wustl.edu); Thu, 3 Dec 1998 15:12:04 -0500 Received: by interlock2.lexmark.com (Protected-side Proxy Mail Agent-1); Thu, 3 Dec 1998 15:12:04 -0500 Message-Id: <199812032012.AA23216@interlock2.lexmark.com> Date: Thu, 3 Dec 1998 15:11:00 -0500 Reply-To: mowrer@lexmark.com Sender: owner-wu-ftpd@wugate.wustl.edu From: mowrer@lexmark.com To: wu-ftpd@wugate.wustl.edu Subject: normal ftp works, browser ftp dont Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Lotus-Fromdomain: LEXMARK@LEXMTA X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Running beta 15 on an AIX box and getting this problem.. when normal ftp into box as a user, all is well. VIA any browser, I get logged on and put in my home directory, but I can not click on a file and have it ftp'd to me. Get following error: FTP Transfer Failed The requested file or directory /C316-B3-981202.trim.gz could not be retrieved from ftp.lexmark.com It appears that we are chroot to our home directory and then the browser or WU_FTP looks in root (/) for file and of course does not find it. Proper premission are set and owned by right ID.. this has worked in past> any help out there ? Jim From owner-wu-ftpd@wugate.wustl.edu Thu Dec 3 14:33:02 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id OAA17952; Thu, 3 Dec 1998 14:33:00 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id OAA02228; Thu, 3 Dec 1998 14:26:06 -0600 (CST) Received: from ljcqs016.cnf.com (mailhost.cnf.com [205.185.108.240]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id OAA11058 for ; Thu, 3 Dec 1998 14:23:39 -0600 (CST) Received: from cnfvs008.cnf.com (cnfvs008.cnf.com [10.0.2.114]) by ljcqs016.cnf.com (8.8.7/8.8.7) with ESMTP id MAA17333; Thu, 3 Dec 1998 12:23:08 -0800 (PST) Received: by cnfvs008.cnf.com with Internet Mail Service (5.5.2232.9) id ; Thu, 3 Dec 1998 12:23:05 -0800 Message-Id: Date: Thu, 3 Dec 1998 12:23:16 -0800 Reply-To: Speier.Guy@cnf.com Sender: owner-wu-ftpd@wugate.wustl.edu From: "Speier, Guy J - CNF" To: wu-ftpd@wugate.wustl.edu, "'mowrer@lexmark.com'" Subject: RE: normal ftp works, browser ftp dont MIME-Version: 1.0 Content-Type: text/plain X-Mailer: Internet Mail Service (5.5.2232.9) X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN I believe that this could be a firewall probelm. Are you running a firewall, and if so, what version? > ---------- > From: mowrer@lexmark.com[SMTP:mowrer@lexmark.com] > Reply To: mowrer@lexmark.com > Sent: Thursday, December 03, 1998 12:11 PM > To: wu-ftpd@wugate.wustl.edu > Subject: normal ftp works, browser ftp dont > > > > Running beta 15 on an AIX box and getting this problem.. when normal ftp > into > box as a user, > all is well. VIA any browser, I get logged on and put in my home > directory, but > I can not click on a file and have it ftp'd to me. Get following error: > > FTP Transfer Failed > The requested file or directory /C316-B3-981202.trim.gz could not be > retrieved > from ftp.lexmark.com > > It appears that we are chroot to our home directory and then the browser > or > WU_FTP looks in root (/) for file and of course does not find it. > > Proper premission are set and owned by right ID.. this has worked in past> > any help out there ? Jim > > > > > > From owner-wu-ftpd@wugate.wustl.edu Thu Dec 3 15:07:16 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id PAA18405; Thu, 3 Dec 1998 15:07:15 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id OAA21270; Thu, 3 Dec 1998 14:58:22 -0600 (CST) Received: from lexmark.lexmark.com (interlock2.lexmark.com [192.146.101.10]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id OAA14369 for ; Thu, 3 Dec 1998 14:56:06 -0600 (CST) Received: by interlock2.lexmark.com id AA27664 (InterLock SMTP Gateway 3.0 for wu-ftpd@wugate.wustl.edu); Thu, 3 Dec 1998 15:56:05 -0500 Received: by interlock2.lexmark.com (Protected-side Proxy Mail Agent-1); Thu, 3 Dec 1998 15:56:05 -0500 Message-Id: <199812032056.AA27664@interlock2.lexmark.com> Date: Thu, 3 Dec 1998 15:54:31 -0500 Reply-To: mowrer@lexmark.com Sender: owner-wu-ftpd@wugate.wustl.edu From: mowrer@lexmark.com To: wu-ftpd@wugate.wustl.edu Subject: RE: normal ftp works, browser ftp dont Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Lotus-Fromdomain: LEXMARK@LEXMTA X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Running ANS firewall version 41M . ---------------------- Forwarded by Jim Mowrer/Lex/Lexmark on 12/03/98 03:53 PM --------------------------- Speier.Guy%cnf.com@interlock.lexmark.com on 12/03/98 03:23:16 PM To: wu-ftpd%wugate.wustl.edu@interlock.lexmark.com, Jim Mowrer@LEXMARK cc: Subject: RE: normal ftp works, browser ftp dont I believe that this could be a firewall probelm. Are you running a firewall, and if so, what version? > ---------- > From: mowrer@lexmark.com[SMTP:mowrer@lexmark.com] > Reply To: mowrer@lexmark.com > Sent: Thursday, December 03, 1998 12:11 PM > To: wu-ftpd@wugate.wustl.edu > Subject: normal ftp works, browser ftp dont > > > > Running beta 15 on an AIX box and getting this problem.. when normal ftp > into > box as a user, > all is well. VIA any browser, I get logged on and put in my home > directory, but > I can not click on a file and have it ftp'd to me. Get following error: > > FTP Transfer Failed > The requested file or directory /C316-B3-981202.trim.gz could not be > retrieved > from ftp.lexmark.com > > It appears that we are chroot to our home directory and then the browser > or > WU_FTP looks in root (/) for file and of course does not find it. > > Proper premission are set and owned by right ID.. this has worked in past> > any help out there ? Jim > > > > > > From owner-wu-ftpd@wugate.wustl.edu Thu Dec 3 15:18:15 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id PAA18498; Thu, 3 Dec 1998 15:18:14 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id PAA07867; Thu, 3 Dec 1998 15:11:02 -0600 (CST) Received: from lexmark.lexmark.com (interlock2.lexmark.com [192.146.101.10]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id PAA21418 for ; Thu, 3 Dec 1998 15:07:45 -0600 (CST) Received: by interlock2.lexmark.com id AA28846 (InterLock SMTP Gateway 3.0 for wu-ftpd@wugate.wustl.edu); Thu, 3 Dec 1998 16:07:39 -0500 Received: by interlock2.lexmark.com (Protected-side Proxy Mail Agent-1); Thu, 3 Dec 1998 16:07:39 -0500 Message-Id: <199812032107.AA28846@interlock2.lexmark.com> Date: Thu, 3 Dec 1998 16:06:18 -0500 Reply-To: mowrer@lexmark.com Sender: owner-wu-ftpd@wugate.wustl.edu From: mowrer@lexmark.com To: wu-ftpd@wugate.wustl.edu Subject: RE: normal ftp works, browser ftp dont Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Lotus-Fromdomain: LEXMARK@LEXMTA X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN This did work ok outside of the firewall.. Thanks for help Jim Running ANS firewall version 41M . ---------------------- Forwarded by Jim Mowrer/Lex/Lexmark on 12/03/98 03:53 PM --------------------------- Speier.Guy%cnf.com@interlock.lexmark.com on 12/03/98 03:23:16 PM To: wu-ftpd%wugate.wustl.edu@interlock.lexmark.com, Jim Mowrer@LEXMARK cc: Subject: RE: normal ftp works, browser ftp dont I believe that this could be a firewall probelm. Are you running a firewall, and if so, what version? > ---------- > From: mowrer@lexmark.com[SMTP:mowrer@lexmark.com] > Reply To: mowrer@lexmark.com > Sent: Thursday, December 03, 1998 12:11 PM > To: wu-ftpd@wugate.wustl.edu > Subject: normal ftp works, browser ftp dont > > > > Running beta 15 on an AIX box and getting this problem.. when normal ftp > into > box as a user, > all is well. VIA any browser, I get logged on and put in my home > directory, but > I can not click on a file and have it ftp'd to me. Get following error: > > FTP Transfer Failed > The requested file or directory /C316-B3-981202.trim.gz could not be > retrieved > from ftp.lexmark.com > > It appears that we are chroot to our home directory and then the browser > or > WU_FTP looks in root (/) for file and of course does not find it. > > Proper premission are set and owned by right ID.. this has worked in past> > any help out there ? Jim > > > > > > From owner-wu-ftpd@wugate.wustl.edu Thu Dec 3 15:35:25 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id PAA18650; Thu, 3 Dec 1998 15:35:25 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id PAA01898; Thu, 3 Dec 1998 15:26:45 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id PAA24006 for ; Thu, 3 Dec 1998 15:19:42 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id QAA09128; Thu, 3 Dec 1998 16:19:35 -0500 Message-Id: Date: Thu, 3 Dec 1998 16:19:35 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: mowrer@lexmark.com Cc: wu-ftpd@wugate.wustl.edu Subject: RE: normal ftp works, browser ftp dont In-Reply-To: <199812032056.AA27664@interlock2.lexmark.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Thu, 3 Dec 1998 mowrer@lexmark.com wrote: > Running ANS firewall version 41M > I believe that this could be a firewall probelm. Are you running > a firewall, and if so, what version? > > Running beta 15 on an AIX box and getting this problem.. when normal ftp > > into box as a user, all is well. VIA any browser, I get logged on > > and put in my home directory, but I can not click on a file and have > > it ftp'd to me. Get following error: It does sound like you've got a firewall problem. Most web browsers use PASV to retrieve files (including directory listings). In PASV mode, the daemon opens a random non-privileged port (1024-65535) and awaits a connection from the remote client (also from a non-privileged port). The problem is, this is very tough to handle with firewalls. You could open the entire non-privileged port range on your firewall to allow incoming connections. In fact, without changing the daemon software, that is the only way you'll get it to work. It's best if you do this that you assign an IP number solely for the FTP server so you can open the smallest hole needed. The VR series offers some help with this. There are added configuration commands which limit the port ranges chosen by the daemon, making the hole in the firewall smaller yet. Also, some networks use Network Address Translation when passing through the firewall. this gives FTP all sorts of grief. The VR series has additional options to assist with this problem as well. The current version of the VR series is VR11 and is available at: ftp://ftp.vr.net/pub/wu-ftpd/ in both patch, pre-patched tarball, and pre-compiled binary forms. If your site is also in need of multiple virtual hosts, you will probably also want to check out BeroFTPD (also available from my FTP site). BeroFTPD has a much improved virtual hosting scheme (Kent Landfield's NEWVIRT-050) and has most of the VR series changes as well. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Thu Dec 3 17:23:19 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id RAA19776; Thu, 3 Dec 1998 17:23:18 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id RAA02793; Thu, 3 Dec 1998 17:14:20 -0600 (CST) Received: from oscar.tvdata.com (oscar.tvdata.com [204.97.140.252]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id RAA01300 for ; Thu, 3 Dec 1998 17:11:13 -0600 (CST) Received: (from daemon@localhost) by oscar.tvdata.com (8.6.9/8.6.9) id SAA13745 for ; Thu, 3 Dec 1998 18:11:11 -0500 Received: from emmy.tvdata.com(172.16.10.253), claiming to be "emmy" via SMTP by oscar.tvdata.com, id smtpdAAAa13741; Thu Dec 3 23:11:01 1998 Received: from [172.16.20.81] (brett.tvdata.com) by emmy (5.0/SMI-SVR4) id AA06476; Thu, 3 Dec 1998 18:10:59 +0500 Message-Id: Date: Thu, 3 Dec 1998 18:11:02 -0500 Reply-To: brett@tvdata.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Brett Goldstock To: wu-ftpd@wugate.wustl.edu Subject: VR10 broke anonymous uploads? In-Reply-To: References: <199812032056.AA27664@interlock2.lexmark.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Sender: bgoldstock@mailhost.tvdata.com X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN I just loaded VR10 the other day and I _believe_ it might be the cause of an upload problem. I've got an anonymous area with an "incoming" directory set up as a blind dropoff area (chmod'd 1733). It used to be you could drop files off in this directory but not see them there. Now I can't upload to there logging in as anonymous. Changing the protection to 777 doesn't make any difference. I haven't changed anything with this setup recently and nothing is syslog isn't reporting anything. Downloads still work fine. Can anyone confirm this or maybe tell me what I'm doing wrong? -Brett |Brett M. Goldstock brett@tvdata.com| |Senior Technical Analyst/Sys Admin http://www.tvdata.com| |TVData 800/833-9581| | "We tell the world what's on TV." | From owner-wu-ftpd@wugate.wustl.edu Thu Dec 3 17:45:02 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id RAA20010; Thu, 3 Dec 1998 17:45:01 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id RAA17953; Thu, 3 Dec 1998 17:40:20 -0600 (CST) Received: from extfw.dmz.lpl.com (extfw.lpl.com [208.129.246.15]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id RAA20556 for ; Thu, 3 Dec 1998 17:37:23 -0600 (CST) Received: by extfw.dmz.lpl.com; (5.65v3.2/1.3/10May95) id AA26133; Thu, 3 Dec 1998 15:37:21 -0800 Message-Id: <01J4WMSZESDI0003FT@sd3100.sd.lpl.com> Date: Thu, 03 Dec 1998 15:33 -0800 (PST) Reply-To: LARRY.CLEGG@LPL.COM Sender: owner-wu-ftpd@wugate.wustl.edu From: LARRY.CLEGG@LPL.COM To: wu-ftpd@wugate.wustl.edu Subject: SUBJECT: Restricting Real Users to Home Directories Mime-Version: 1.0 Content-Type: TEXT/PLAIN X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Greetings, My environment: Digital Unix V4.0d w/C2-security enabled WU-FTP 2.4 Our FTP server is behind a firewall - DUNIX V4.0b/AltaVista FW 97. Two problems: 1) Users who have a password longer than 8 characters are denied access. I haven't been able to find what is enforcing this limitation. 2) I have a group of users in the 'ftponly' group - I want these users to only be able to see what's in their home directories and nothing else. Right now they can 'cd' to just about any directory. I've not been able to figure out what I need to change. Yes, I've read the FAQ and didn't see these issues addressed. I did see the info about restricting accounts to ftp access only i.e. no telnet, but that's not what I want to do in #2 above. I want to restrict them only when they're in via ftp. Any hints and/or advice would be much appreciated. Thanks, Larry Clegg LPL Financial Services San Diego, California larry.clegg@lpl.com From owner-wu-ftpd@wugate.wustl.edu Thu Dec 3 18:24:09 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id SAA20389; Thu, 3 Dec 1998 18:24:08 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id SAA04842; Thu, 3 Dec 1998 18:19:30 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id SAA12432 for ; Thu, 3 Dec 1998 18:18:53 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id TAA10486; Thu, 3 Dec 1998 19:18:48 -0500 Message-Id: Date: Thu, 3 Dec 1998 19:18:48 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Brett Goldstock Cc: wu-ftpd@wugate.wustl.edu Subject: Re: VR10 broke anonymous uploads? In-Reply-To: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Thu, 3 Dec 1998, Brett Goldstock wrote: > I just loaded VR10 the other day and I _believe_ it might be the cause > of an upload problem. I've got an anonymous area with an "incoming" > directory set up as a blind dropoff area (chmod'd 1733). It used to be > you could drop files off in this directory but not see them there. Now > I can't upload to there logging in as anonymous. Changing the > protection to 777 doesn't make any difference. > > I haven't changed anything with this setup recently and nothing is > syslog isn't reporting anything. Downloads still work fine. Can anyone > confirm this or maybe tell me what I'm doing wrong? Probably the upload statement you had never worked and your didn't notice. The VR series fixed a lot of problems with the upload clause. I'd have to see yours to tell what's wrong. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Thu Dec 3 18:36:54 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id SAA20567; Thu, 3 Dec 1998 18:36:53 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id SAA09616; Thu, 3 Dec 1998 18:32:36 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id SAA15219 for ; Thu, 3 Dec 1998 18:27:04 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id TAA10525; Thu, 3 Dec 1998 19:26:21 -0500 Message-Id: Date: Thu, 3 Dec 1998 19:26:21 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: LARRY.CLEGG@LPL.COM Cc: wu-ftpd@wugate.wustl.edu Subject: Re: SUBJECT: Restricting Real Users to Home Directories In-Reply-To: <01J4WMSZESDI0003FT@sd3100.sd.lpl.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Thu, 3 Dec 1998 LARRY.CLEGG@LPL.COM wrote: > Digital Unix V4.0d w/C2-security enabled > WU-FTP 2.4 You're running an ancient version and should upgrade. The current version is 2.4.2 (beta-18) and don't let the 'beta' fool you. It's stable and you want it no matter what management says about beta software. The location of the latest version of wu-ftpd can be found in the directory ftp://ftp.academ.com/pub/wu-ftpd/private/ You can't see the directory contents, so read the message informing you of the actual filename to retrieve. It's there. wu-ftpd Resource Center: http://www.landfield.com/wu-ftpd/ wu-ftpd FAQ: http://www.cetis.hvu.nl/~koos/wu-ftpd-faq.html wu-ftpd list archive: http://www.landfield.com/wu-ftpd/mail-archive/ > Our FTP server is behind a firewall - DUNIX V4.0b/AltaVista FW 97. See my earlier posting today about firewalls. > 1) Users who have a password longer than 8 characters are denied access. > I haven't been able to find what is enforcing this limitation. This could be a problem in the ancient version you're running or it could be a runtime problem. Dunno. I don't run DU, but updating the software would eliminate a lot of problems and make your site far more secure than it is now. > 2) I have a group of users in the 'ftponly' group - I want these users to > only be able to see what's in their home directories and nothing else. > Right now they can 'cd' to just about any directory. I've not been > able to figure out what I need to change. Again, upgrading to the current version might help a lot. Once you've done that, if it still doesn't work, take a look at the way the ftponly group access is set up. > Yes, I've read the FAQ and didn't see these issues addressed. I did see > the info about restricting accounts to ftp access only i.e. no telnet, > but that's not what I want to do in #2 above. I want to restrict them > only when they're in via ftp. Any hints and/or advice would be much > appreciated. See the manpage for ftpaccess, look at the 'guestgroup' feature. It's what you want. I'm thinking you used 'autogroup ftponly' and that's not what you want. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Thu Dec 3 18:43:29 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id SAA20671; Thu, 3 Dec 1998 18:43:28 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id SAA01632; Thu, 3 Dec 1998 18:38:56 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id SAA01494 for ; Thu, 3 Dec 1998 18:32:22 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id TAA10566; Thu, 3 Dec 1998 19:32:16 -0500 Message-Id: Date: Thu, 3 Dec 1998 19:32:16 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Brett Goldstock Cc: wu-ftpd@wugate.wustl.edu Subject: Re: VR10 broke anonymous uploads? In-Reply-To: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Thu, 3 Dec 1998, Gregory A Lundberg wrote: > On Thu, 3 Dec 1998, Brett Goldstock wrote: > > > I just loaded VR10 the other day and I _believe_ it might be the cause > > of an upload problem. I've got an anonymous area with an "incoming" > > directory set up as a blind dropoff area (chmod'd 1733). It used to be > > you could drop files off in this directory but not see them there. Now > > I can't upload to there logging in as anonymous. Changing the > > protection to 777 doesn't make any difference. > > > > I haven't changed anything with this setup recently and nothing is > > syslog isn't reporting anything. Downloads still work fine. Can anyone > > confirm this or maybe tell me what I'm doing wrong? > > Probably the upload statement you had never worked and your didn't notice. > The VR series fixed a lot of problems with the upload clause. I'd have to > see yours to tell what's wrong. One change with the VR series recently was the permissions for anonymous access changed from a default of "yes, you may" to "no, you may not" so if your upload clause was never being used on the old software, the upload appeared to work anyway and you probably protected the rest of the site with permissions rather than the ftp configuration (I know I had to do it that way). Now, in VR10, you cannot upload as anonymous unless you match an upload clause. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Fri Dec 4 07:32:57 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id HAA27572; Fri, 4 Dec 1998 07:32:56 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id HAA01605; Fri, 4 Dec 1998 07:24:49 -0600 (CST) Received: from xns.usit.net (XNS.USIT.NET [199.1.48.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id HAA18319 for ; Fri, 4 Dec 1998 07:19:17 -0600 (CST) Received: from localhost (jspears@localhost) by xns.usit.net (8.8.5/8.8.5) with ESMTP id IAA08134 for ; Fri, 4 Dec 1998 08:19:16 -0500 (EST) Message-Id: Date: Fri, 4 Dec 1998 08:19:16 -0500 (EST) Reply-To: jspears@usit.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Jason Spears To: wu-ftpd@wugate.wustl.edu Subject: whence wu-ftpd? MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Authentication-Warning: xns.usit.net: jspears owned process doing -bs X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN I haven't seen a release of the 'official' wu-ftpd in months. Are there plans for development to continue, or is the 'official' development tree dead? Still hoping for a sensible virtual hosting scheme to be rolled into the official source. Jason Spears From owner-wu-ftpd@wugate.wustl.edu Fri Dec 4 10:27:42 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id KAA00396; Fri, 4 Dec 1998 10:27:41 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id KAA26952; Fri, 4 Dec 1998 10:22:54 -0600 (CST) Received: from abaforum.es (scugat4.abaforum.es [194.179.88.4]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id KAA02220 for ; Fri, 4 Dec 1998 10:21:45 -0600 (CST) Received: from abaforum.es [195.77.101.136] by abaforum.es with ESMTP (SMTPD32-4.06) id AE018670116; Fri, 04 Dec 1998 16:21:37 +01d0 Message-Id: <36680ABB.3C9F8E95@abaforum.es> Date: Fri, 04 Dec 1998 17:15:55 +0100 Reply-To: cls@abaforum.es Sender: owner-wu-ftpd@wugate.wustl.edu From: Enric Staromiejski To: "wu-ftpd@wugate.wustl.edu" Subject: unsuscribe MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Mailer: Mozilla 4.07 [en] (Win95; I) X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN unsuscribe From owner-wu-ftpd@wugate.wustl.edu Fri Dec 4 19:01:48 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id TAA05547; Fri, 4 Dec 1998 19:01:47 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id SAA06397; Fri, 4 Dec 1998 18:55:38 -0600 (CST) Received: from andromeda.veritel.com.br (andromeda.veritel.com.br [200.230.193.1]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id SAA09833 for ; Fri, 4 Dec 1998 18:52:01 -0600 (CST) Received: from localhost (yann@localhost) by andromeda.veritel.com.br (8.9.1/8.9.1) with SMTP id WAA05437; Fri, 4 Dec 1998 22:51:23 -0200 (EDT) Message-Id: Date: Fri, 4 Dec 1998 22:51:22 -0200 (EDT) Reply-To: yann@veritel.com.br Sender: owner-wu-ftpd@wugate.wustl.edu From: Yann To: wu-ftpd@wugate.wustl.edu Cc: Yann Subject: ftp prompt return MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Sender: yann@andromeda X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN I would like to know if it's possible to change the first line that return when I use the ftp program. When I open ftp to my host, I receive: Connected to my_ftp_server_name I would like that display: Connected to IP_my_ftp_server Yann From owner-wu-ftpd@wugate.wustl.edu Fri Dec 4 20:03:35 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id UAA09356; Fri, 4 Dec 1998 20:03:33 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id UAA28179; Fri, 4 Dec 1998 20:00:35 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id TAA08071 for ; Fri, 4 Dec 1998 19:55:23 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id UAA18147; Fri, 4 Dec 1998 20:54:48 -0500 Message-Id: Date: Fri, 4 Dec 1998 20:54:48 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Yann Cc: wu-ftpd@wugate.wustl.edu Subject: Re: ftp prompt return In-Reply-To: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Fri, 4 Dec 1998, Yann wrote: > When I open ftp to my host, I receive: > > Connected to my_ftp_server_name > > I would like that display: > > Connected to IP_my_ftp_server That's the client on your end, not the server. You might look at the DNS entries for your FTP machine. Other than that, there's not much you can do. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Sat Dec 5 11:14:18 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id LAA01188; Sat, 5 Dec 1998 11:14:16 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id LAA21904; Sat, 5 Dec 1998 11:09:07 -0600 (CST) Received: from mail.zing.net (titan.os.com [209.113.221.17]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id LAA13425 for ; Sat, 5 Dec 1998 11:04:55 -0600 (CST) Received: from theranch [209.113.221.242] by mail.zing.net (SMTPD32-4.06) id A84243100136; Sat, 05 Dec 1998 12:07:14 EST5EDT Message-Id: <000701be2071$a72ba040$d288e8c7@theranch> Date: Sat, 5 Dec 1998 12:06:50 -0500 Reply-To: craigs@os.com Sender: owner-wu-ftpd@wugate.wustl.edu From: "Craig Shrimpton" To: Subject: Managing large numbers of guest users MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.3155.0 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3155.0 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Folks, I need to know the best method of managing guests. I'm running wu-ftpd on FreeBSD so I'm only able to have 200 users in a guest group. Each user is added to their own group and then to ftponly as a secondary. This works, but doesn't scale past 200 users. Is there a way to have all users automatically considered guests and a select few as real? I need to do this while maintaining each individual's group as the primary. Thanks, Craig From owner-wu-ftpd@wugate.wustl.edu Sat Dec 5 11:49:22 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id LAA01579; Sat, 5 Dec 1998 11:49:21 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id LAA23055; Sat, 5 Dec 1998 11:46:21 -0600 (CST) Received: from mail.zing.net (titan.os.com [209.113.221.17]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id LAA20654 for ; Sat, 5 Dec 1998 11:39:51 -0600 (CST) Received: from theranch [209.113.221.242] by mail.zing.net (SMTPD32-4.06) id A0721B3E013C; Sat, 05 Dec 1998 12:42:10 EST5EDT Message-Id: <000901be2076$8875bdc0$d288e8c7@theranch> Date: Sat, 5 Dec 1998 12:41:47 -0500 Reply-To: craigs@os.com Sender: owner-wu-ftpd@wugate.wustl.edu From: "Craig Shrimpton" To: Subject: Is this security policy possible? MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.3155.0 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3155.0 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Folks, I'd like to set up access like so: 1) anonymous users can access the server from anywhere 2) real users can access the server only if they are in ftphosts 3) guest users can access the server from the local net *or* remotely if in the ftphosts file I've been fooling around with classes but I can't get it to work quite right. Any pointers? Thanks, Craig From owner-wu-ftpd@wugate.wustl.edu Sat Dec 5 12:22:18 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id MAA01874; Sat, 5 Dec 1998 12:22:17 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id MAA30623; Sat, 5 Dec 1998 12:18:20 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id MAA20759 for ; Sat, 5 Dec 1998 12:12:28 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id NAA21120; Sat, 5 Dec 1998 13:12:10 -0500 Message-Id: Date: Sat, 5 Dec 1998 13:12:10 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Craig Shrimpton Cc: wu-ftpd@wugate.wustl.edu Subject: Re: Managing large numbers of guest users In-Reply-To: <000701be2071$a72ba040$d288e8c7@theranch> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Sat, 5 Dec 1998, Craig Shrimpton wrote: > I need to know the best method of managing guests. I'm running > wu-ftpd on FreeBSD so I'm only able to have 200 users in a guest > group. Each user is added to their own group and then to ftponly as a > secondary. This works, but doesn't scale past 200 users. Get VR11 and forget about the Unix group. Just tell the server everyone's a guest unless you specify otherwise. BeroFTPD included this feature as well. ftp://ftp.vr.net/pub/wu-ftpd/ > Is there a way to have all users automatically considered guests and a > select few as real? I need to do this while maintaining each > individual's group as the primary. Exactly the way I manage my site. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Sat Dec 5 12:22:24 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id MAA01882; Sat, 5 Dec 1998 12:22:23 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id MAA09464; Sat, 5 Dec 1998 12:19:31 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id MAA30447 for ; Sat, 5 Dec 1998 12:15:44 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id NAA21157; Sat, 5 Dec 1998 13:15:41 -0500 Message-Id: Date: Sat, 5 Dec 1998 13:15:41 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Craig Shrimpton Cc: wu-ftpd@wugate.wustl.edu Subject: Re: Is this security policy possible? In-Reply-To: <000901be2076$8875bdc0$d288e8c7@theranch> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Sat, 5 Dec 1998, Craig Shrimpton wrote: > 1) anonymous users can access the server from anywhere > 2) real users can access the server only if they are in ftphosts > 3) guest users can access the server from the local net *or* remotely if in > the ftphosts file > > I've been fooling around with classes but I can't get it to work quite > right. 1) ftphosts is checked before class is determined. Depending on what you're trying to do, ftphosts may not even be required. 2) order is important; both in ftphosts and ftpaccess For specific hints, I'd need specific examples or what you do / do not want to happen. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Sat Dec 5 12:34:04 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id MAA01942; Sat, 5 Dec 1998 12:34:03 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id MAA12504; Sat, 5 Dec 1998 12:31:15 -0600 (CST) Received: from corbu.gamsau.archi.fr (corbu.gamsau.archi.fr [193.50.232.12]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id MAA25392 for ; Sat, 5 Dec 1998 12:25:12 -0600 (CST) Received: from gamsau.archi.fr ([193.50.232.53]) by corbu.gamsau.archi.fr (8.8.4/jtpda-5.2) with ESMTP id TAA26502 for ; Sat, 5 Dec 1998 19:25:08 +0100 (MET) Message-Id: <36697B06.7C34D603@gamsau.archi.fr> Date: Sat, 05 Dec 1998 19:27:18 +0100 Reply-To: Anne.Sauvage@gamsau.archi.fr Sender: owner-wu-ftpd@wugate.wustl.edu From: Anne Sauvage To: Liste WU ftp Subject: the ftp user can note delete files he has transferred MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Mailer: Mozilla 4.5 [en] (WinNT; I) X-Accept-Language: fr-FR,en X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN I am using wu-2-4-2 (beta 18) on Solaris. drwxrwxr-x 3 ftpmap ftpgroup 512 Oct 30 18:30 incoming The ftpaccess file contains the line : upload /usr/people/ftpwu /incoming yes ftpmap ftpgroup 0600 dirs and the line guestgroup ftp ftpgroup My user ftpmap (group ftpgroup) transfers the file error.wav for example (using the software fetch or ws_ftp) : -rwxrwx--- 1 ftpmap ftpgroup 10008 Dec 5 18:38 error.wav But he can not delete or rename it (error : permission denied). Any idea? -- Anne Sauvage GAMSAU - MAP Ecole d'Architecture de Marseille 184 av de Luminy - 13288 Marseille Cedex 09 tel : 04 91 82 71 62/70 - fax : 04 91 82 71 71 From owner-wu-ftpd@wugate.wustl.edu Sat Dec 5 13:13:16 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id NAA02188; Sat, 5 Dec 1998 13:13:15 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id NAA18540; Sat, 5 Dec 1998 13:10:15 -0600 (CST) Received: from mail.zing.net (titan.os.com [209.113.221.17]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id NAA30345 for ; Sat, 5 Dec 1998 13:07:26 -0600 (CST) Received: from theranch [209.113.221.242] by mail.zing.net (SMTPD32-4.06) id A4F72144014A; Sat, 05 Dec 1998 14:09:43 EST5EDT Message-Id: <000201be2082$c3670ae0$d288e8c7@theranch> Date: Sat, 5 Dec 1998 14:05:20 -0500 Reply-To: craigs@os.com Sender: owner-wu-ftpd@wugate.wustl.edu From: "Craig Shrimpton" To: Cc: Subject: Re: Is this security policy possible? MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.3155.0 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3155.0 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Basically, I'm running a public web server and I'm trying to reduce password snarfing as much as possible. I have users who log in as guests over the Internet and most use easily crakable/sniffable passwords. I want to set it up so any anonymous login from anywhere is permitted. class remote anonymous * Next, I want people who login to my dialup server to access the server as guest or anonymous. class local guest *.domain 0.0.0.0 1.1.1.1 (I assume I replace *.domain and 0.0.0.0, etc. with my domain and globbed ips) Finally, I want real or guest users to to be able to login from sites considerd non-local if and only if they are in the ftphosts. I.E., I want special control for those users that don't use my ISP for server access. Some users I may want to let in from any ip (*) or some from predefined ips. The last class entry is what I'm not sure of. Thanks, Craig -----Original Message----- From: Gregory A Lundberg To: Craig Shrimpton Cc: wu-ftpd@wugate.wustl.edu Date: Saturday, December 05, 1998 8:25 AM Subject: Re: Is this security policy possible? > >For specific hints, I'd need specific examples or what you do / do not >want to happen. > >-- From owner-wu-ftpd@wugate.wustl.edu Sat Dec 5 16:01:40 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id QAA03353; Sat, 5 Dec 1998 16:01:39 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id PAA09595; Sat, 5 Dec 1998 15:58:41 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id PAA22869 for ; Sat, 5 Dec 1998 15:53:54 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id QAA22135; Sat, 5 Dec 1998 16:53:49 -0500 Message-Id: Date: Sat, 5 Dec 1998 16:53:49 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Craig Shrimpton Cc: wu-ftpd@wugate.wustl.edu Subject: Re: Is this security policy possible? In-Reply-To: <000201be2082$c3670ae0$d288e8c7@theranch> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Sat, 5 Dec 1998, Craig Shrimpton wrote: > Basically, I'm running a public web server and I'm trying to reduce > password snarfing as much as possible. I have users who log in as > guests over the Internet and most use easily crakable/sniffable > passwords. I want to set it up so any anonymous login from anywhere > is permitted. > > class remote anonymous * > > Next, I want people who login to my dialup server to access the server as > guest or anonymous. > > class local guest *.domain 0.0.0.0 1.1.1.1 > > (I assume I replace *.domain and 0.0.0.0, etc. with my domain and > globbed ips) > > Finally, I want real or guest users to to be able to login from sites > considerd non-local if and only if they are in the ftphosts. I.E., I > want special control for those users that don't use my ISP for server > access. Some users I may want to let in from any ip (*) or some from > predefined ips. > > The last class entry is what I'm not sure of. I run the VR version so I'll use CIDR to specify this stuff, but you should be able to work it out using old-stlye address globs. Just remember that there are ways to fool with DNS to get arround addrglobs. Here's the security model I'll stipulate: 1) Anonymous FTP allowed from everywhere. 2) All users are guests (chroot'd) unless I say otherwise 3) All users from 'my' network are allowed 4) I have a few users, small enough to manage specially, who I want to allow from specific machines or networks. 5) Except for (3) and (4), all other non-anonymous access is not allowed. My network is 205.133.13.0/24 and, for discussion, we'll say I also run a 10-net, 10.0.0.0/8 First, let's address ftphosts. I need to allow 'anonymous' and 'ftp' from everywhere. I need to allow '*' (everyone) from my networks. And I have two users 'orville' and 'wilbur' who I want to allow special non-local access from their home machines. Orville comes in from somewhere at Wright State University (*.wright.edu) and Wilbur uses a machine which doesn't have a name (I'll use the non-routable 192.168.0.5). So, my /etc/ftphosts should look like: # /etc/ftphosts # # Allow anonymous FTP from anywhere # allow ftp 0.0.0.0/0 allow anonymous 0.0.0.0/0 # # Allow Orville from Wright State only # This can be a risk .. I'm trusting the hostmaster at wright.edu to have # set things up right and not deligated any subdomains to non-trusted # people. Considering it's an EDU domain, probably a bad choice but what # the heck, this is _just_ an example. # allow orville *.wright.edu deny orville 0.0.0.0/0 # # Allow Wilbur from his machine only # This is a risk only if I allow people on my network so they can spoof # the IP address. I don't and my upstream doesn't, so it's pretty safe on # this end. At Wilbur's end someone could spoof his IP address. Ah well, # such is the Internet. # allow wilbur 192.168.0.5/32 deny wilbur 0.0.0.0/0 # # Allow anyone from my local network (this includes Orville and Wilbur) # No risk here .. I control these numbers and the physical network. # allow * 205.133.13.0/24 allow * 10.0.0.0/8 # # Deny everyone else # deny * 0.0.0.0/0 # # eof Now, I need to set up my ftpaccess. I'm using VR so I can also show the everyone's a guest feature as well: # /etc/ftpaccess # # Separate local and remote for each type so we can do different limits # class localanon anonymous 205.133.13.0/24 10.0.0.0/8 class localguest guest 205.133.13.0/24 10.0.0.0/8 class localreal real 205.133.13.0/24 10.0.0.0/8 class remoteanon anonymous 0.0.0.0/0 class remoteguest guest 0.0.0.0/0 class remotereal real 0.0.0.0/0 # # Everyone's a guest, we'll use UID and forget about Unix groups. # guestuser * # # Well, I'm a real user and so is 'ftp' for anonymous. # This 'ftp' thing is an anachonism. # realuser ftp realuser lundberg # # Also, let's be nice to anything else running on the machine. # nice 15 # # Let's limit anonymous users to an hour total connect time. # This doesn't effect transfers in progress when the limit is passed. # limit-time anonymous 60 # # Limit remote anonymous to 25 sessions # remote guest to 2 sessions (there's just the two of 'em). # remote real to 1 (just me) # local sessions are limited to 50 each, except me .. I'm not # limited (which is a risk of DoS if someone breaks into my # account .. I don't _really_ unlimit myself, this is a example) # limit remoteanon 25 Any limit remoteguest 2 Any limit remotereal 1 Any limit localanon 50 Any limit localguest 50 Any limit localreal -1 Any # # There's a few files and directories that are just to dangerous, so let's # keep people from retrieving them. The last one is so I don't do # anything really *dumb* like try to RETR /dev/zero # noretrieve core noretrieve /home/users/bin/ /home/users/etc/ noretrieve /boot/ /dev/ /lost+found/ /proc/ /home/lost+found/ # # People mainly use clients nowadays, so let's set the login failure limit # low. # loginfails 2 # # Not using /etc/ftpgroups # private no # # I don't like to show the version number on the greeting. # greeting brief # # And the machine is multihomed so let's be sure the hostname on the # greeting is what we want it to be. # hostname ftp.vr.net # # Any comments to my ftp alias # email ftp@vr.net # # Let's support message and readme files # message .welcome login message .message cwd=* readme README* cwd=* readme readme* cwd=* # # Let's log the important stuff # log transfers real,guest,anonymous inbound,outbound log security real,guest,anonymous # # And let's let people do on-the-fly compress and tar for downloads. # compress yes * tar yes * # # Let's make sure anonymous users can't change anything. This is the # default, but I like it here anyway. # chmod no anonymous delete no anonymous overwrite no anonymous rename no anonymous umask no anonymous # # And let's do a quick check on anonymous passwords. # passwd-check rfc822 warn # # For uploads, let's only allow clean names. I don't allow spaces in # names, although I guess I should nowadays. # path-filter anonymous,guest /etc/pathmsg ^[-A-Za-z0-9_\.]*$ ^\. ^- # # Here's the meat. The upload limitations ... # # I'm the only real user but I limit myself to safe things anyway. # upload /home/users/lundberg * no upload /home/users/lundberg /tmp yes nodirs upload /home/users/lundberg /home/users/lundberg yes upload /home/users/lundberg /home/users/lundberg/* yes upload /home/users/lundberg /home/ftp/incoming yes vrnet vrnet 440 nodirs upload /home/users/lundberg /home/ftp/incoming/* yes vrnet vrnet 440 nodirs upload /home/users/lundberg /home/ftp/private/*/incoming yes * * 440 nodirs upload /home/users/lundberg /home/ftp/private/*/incoming/* yes * * 440 nodirs # # Anonymous users can only upload into the incoming areas. This first # line is the default but I like to state it anyway. # upload /home/ftp * no upload /home/ftp /incoming yes vrnet vrnet 440 nodirs upload /home/ftp /incoming/* yes vrnet vrnet 440 nodirs upload /home/ftp /private/*/incoming yes * * 440 nodirs upload /home/ftp /private/*/incoming/* yes * * 440 nodirs # # Guests .. I use Unix permissions to keep them out of each other's areas # and since they're chroot'd I only need worry about the system-level # stuff. # upload /home/users/* / no upload /home/users/* /bin no upload /home/users/* /bin/* no upload /home/users/* /etc no upload /home/users/* /etc/* no # # Let's set the anonymous root here so I don't have to mess with # /etc/passwd # anonymous-root /home/ftp # # And set the guest root, again so I don't have to fight with the home # directory entries in /etc/passwd. # guest-root /home/users # # There's a lot of special UID and GID used for system management and we # don't want anyone trying to spoof as on of them! This makes # /etc/ftpusers unneeded. # # Anyone trying to log in with a UID or GID less than 100 on my system is # not welcome. Also, my company-files owner and group isn't allowed to # use FTP .. employees use their accounts and nobody uses the company # account. # deny-uid %-99 vrnet deny-gid %-99 vrnet allow-uid ftp allow-gid ftp # # eof Special note to non-VR (non-BeroFTPD) users. Several of the features discussed above are available in other ways, or not available at all, in the standard WU-FTPD 2.4.2 (Beta-18) release. Final note: while a lot of this is what's in my running /etc/ftpaccess, a lot is here just for example. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Sat Dec 5 16:05:13 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id QAA03374; Sat, 5 Dec 1998 16:05:12 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id PAA27009; Sat, 5 Dec 1998 15:59:44 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id PAA32275 for ; Sat, 5 Dec 1998 15:57:44 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id QAA22146; Sat, 5 Dec 1998 16:57:37 -0500 Message-Id: Date: Sat, 5 Dec 1998 16:57:36 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Anne.Sauvage@gamsau.archi.fr Cc: Liste WU ftp Subject: Re: the ftp user can note delete files he has transferred In-Reply-To: <36697B06.7C34D603@gamsau.archi.fr> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Sat, 5 Dec 1998, Anne Sauvage wrote: > I am using wu-2-4-2 (beta 18) on Solaris. > > drwxrwxr-x 3 ftpmap ftpgroup 512 Oct 30 18:30 incoming > > The ftpaccess file contains the line : > upload /usr/people/ftpwu /incoming yes ftpmap ftpgroup > 0600 dirs > and the line > guestgroup ftp ftpgroup > > My user ftpmap (group ftpgroup) transfers the file error.wav for example > (using the software fetch or ws_ftp) : > -rwxrwx--- 1 ftpmap ftpgroup 10008 Dec 5 18:38 error.wav > > But he can not delete or rename it (error : permission denied). The user is 'ftp' and ftp doesn't own the file. The permission denied message means your ftpaccess is too loose. It should have prevented the _attempt_ to delete the file. Add delete no anonymous And live with the restriction. To allow anonymous delete is possible (change the upload statement) but means your security just bye-bye! so don't do that. If it's a specific user, look at 'guest' access (guestgroup) in the FAQ The location of the latest version of wu-ftpd can be found in the directory ftp://ftp.academ.com/pub/wu-ftpd/private/ You can't see the directory contents, so read the message informing you of the actual filename to retrieve. It's there. wu-ftpd Resource Center: http://www.landfield.com/wu-ftpd/ wu-ftpd FAQ: http://www.cetis.hvu.nl/~koos/wu-ftpd-faq.html wu-ftpd list archive: http://www.landfield.com/wu-ftpd/mail-archive/ -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Sat Dec 5 21:38:25 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id VAA05507; Sat, 5 Dec 1998 21:38:24 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id VAA05300; Sat, 5 Dec 1998 21:30:22 -0600 (CST) Received: from mail.zing.net (titan.os.com [209.113.221.17]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id VAA30774 for ; Sat, 5 Dec 1998 21:22:30 -0600 (CST) Received: from theranch [209.113.221.242] by mail.zing.net (SMTPD32-4.06) id A9023000FC; Sat, 05 Dec 1998 22:24:50 EST5EDT Message-Id: <001601be20c7$e8871460$d288e8c7@theranch> Date: Sat, 5 Dec 1998 22:24:17 -0500 Reply-To: craigs@os.com Sender: owner-wu-ftpd@wugate.wustl.edu From: "Craig Shrimpton" To: Cc: Subject: Re: Managing large numbers of guest users MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.3155.0 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3155.0 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN > >Get VR11 and forget about the Unix group. Just tell the server everyone's >a guest unless you specify otherwise. BeroFTPD included this feature as >well. > > ftp://ftp.vr.net/pub/wu-ftpd/ > What's the difference between BeroFTPD and VR11 ? I see a FreeBSD port for Bero 1.2.1 but nothing for VR. Are they the same thing? -Craig From owner-wu-ftpd@wugate.wustl.edu Sun Dec 6 04:24:46 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id EAA08613; Sun, 6 Dec 1998 04:24:45 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id EAA23471; Sun, 6 Dec 1998 04:17:59 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id EAA15358 for ; Sun, 6 Dec 1998 04:14:55 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id FAA24665; Sun, 6 Dec 1998 05:14:46 -0500 Message-Id: Date: Sun, 6 Dec 1998 05:14:46 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Craig Shrimpton Cc: wu-ftpd@wugate.wustl.edu Subject: Re: Managing large numbers of guest users In-Reply-To: <001601be20c7$e8871460$d288e8c7@theranch> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Sat, 5 Dec 1998, Craig Shrimpton wrote: > What's the difference between BeroFTPD and VR11 ? I see a FreeBSD > port for Bero 1.2.1 but nothing for VR. Are they the same thing? VR11 is extensions to the base, beta-18, code. BeroFTPD includes many (not all) of the VR changes. It also includes Kent Landfield's NEWVIRT virtual hosting scheme. My goal for the VR series has been simply to address bugs, change requests and submitted patches from the mailing list over the past few years. Bernard's has been to get it working using GNU autoconf, adding several of the new/upcoming FTP features (FTPSEC, HOST, etc.) and building 'ls' into the daemon. I'm sure I'm missing some of Bernard's goals, but he can speak up if I did. For most people, the base beta-18 is still the best choice. If you need some of the more commonly requested features (like those I talked about yesterday), VR is for you. If you have a need for strong virtual hosting as well, go with BeroFTPD. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Sun Dec 6 13:47:10 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id NAA12844; Sun, 6 Dec 1998 13:47:09 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id NAA09789; Sun, 6 Dec 1998 13:40:29 -0600 (CST) Received: from smtp.enteract.com (thor.enteract.com [207.229.143.11]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id NAA05270 for ; Sun, 6 Dec 1998 13:36:38 -0600 (CST) Received: (qmail 24632 invoked from network); 6 Dec 1998 19:36:32 -0000 Received: from hal-isdn-1.sa.enteract.com (HELO hippo.roxor.org) (207.229.136.105) by thor.enteract.com with SMTP; 6 Dec 1998 19:36:32 -0000 Received: (from hal@localhost) by hippo.roxor.org (8.8.8/8.8.8) id NAA08287; Sun, 6 Dec 1998 13:35:04 -0600 (CST) (envelope-from hal) Message-Id: <8790glukrc.fsf@hippo.roxor.org> Date: 06 Dec 1998 13:35:03 -0600 Reply-To: hal@enteract.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Hal Snyder To: wu-ftpd@wugate.wustl.edu Subject: Re: Managing large numbers of guest users In-Reply-To: Gregory A Lundberg's message of "Sun, 6 Dec 1998 05:14:46 -0500 (EST)" References: X-Mailer: Gnus v5.6.44/Emacs 20.3 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN While we're comparing servers, can anyone comment on pro-ftpd vs the variants below? I'm setting up a commercial site that with an anonymous area plus support for a few dozen guest accounts. I'd prefer not to create Unix logins for the guests, and hand off all guest account maintenance to a person who happens not to be a system administrator. Gregory A Lundberg writes: > On Sat, 5 Dec 1998, Craig Shrimpton wrote: > > > What's the difference between BeroFTPD and VR11 ? I see a FreeBSD > > port for Bero 1.2.1 but nothing for VR. Are they the same thing? ... From owner-wu-ftpd@wugate.wustl.edu Sun Dec 6 14:30:47 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id OAA13212; Sun, 6 Dec 1998 14:30:46 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id OAA21340; Sun, 6 Dec 1998 14:25:29 -0600 (CST) Received: from mail.zing.net (titan.os.com [209.113.221.17]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id OAA27570 for ; Sun, 6 Dec 1998 14:19:50 -0600 (CST) Received: from theranch [209.113.221.242] by mail.zing.net (SMTPD32-4.06) id A7751C19014C; Sun, 06 Dec 1998 15:22:13 EST5EDT Message-Id: <001201be2156$07695440$4688e8c7@theranch> Date: Sun, 6 Dec 1998 15:21:36 -0500 Reply-To: craigs@os.com Sender: owner-wu-ftpd@wugate.wustl.edu From: "Craig Shrimpton" To: Cc: Subject: Re: Managing large numbers of guest users MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.3155.0 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3155.0 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN In terms of security are they equivalent? I got cracked on wu-ftpd 2.1 and I'm wicked paranoid now. -Craig > >For most people, the base beta-18 is still the best choice. > >If you need some of the more commonly requested features (like those I >talked about yesterday), VR is for you. > >If you have a need for strong virtual hosting as well, go with BeroFTPD. > From owner-wu-ftpd@wugate.wustl.edu Sun Dec 6 14:38:23 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id OAA13285; Sun, 6 Dec 1998 14:38:22 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id OAA27109; Sun, 6 Dec 1998 14:31:51 -0600 (CST) Received: from harry.informatik.rwth-aachen.de (harry.Informatik.RWTH-Aachen.DE [137.226.116.28]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id OAA13958 for ; Sun, 6 Dec 1998 14:28:36 -0600 (CST) Received: from microsoft.sucks.eu.org (IDENT:root@s4m221.dialup.RWTH-Aachen.DE [137.226.8.221]) by harry.informatik.rwth-aachen.de (8.9.1a/8.9.1/1) with SMTP id VAA03899; Sun, 6 Dec 1998 21:26:41 +0100 (MET) Message-Id: Date: Sun, 6 Dec 1998 21:28:20 +0100 (CET) Reply-To: bero@microsoft.sucks.eu.org Sender: owner-wu-ftpd@wugate.wustl.edu From: Bernhard Rosenkraenzer To: Hal Snyder Cc: wu-ftpd@wugate.wustl.edu Subject: Re: Managing large numbers of guest users In-Reply-To: <8790glukrc.fsf@hippo.roxor.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On 6 Dec 1998, Hal Snyder wrote: > While we're comparing servers, can anyone comment on pro-ftpd vs the > variants below? I haven't used pro-ftpd much (just to get some ideas to implement in BeroFTPD), but from what I've seen, I'd say it works well and it's code is much more readable than that of any wu-ftpd derived daemon. However, it is currently lacking some (IMO important) features, like reasonable virtual hosting. > I'm setting up a commercial site that with an anonymous area plus > support for a few dozen guest accounts. I'd prefer not to create Unix > logins for the guests, and hand off all guest account maintenance to a > person who happens not to be a system administrator. BeroFTPD 1.2.3 can do this for you using the passwd directive in ftpaccess. LLaP bero -- Windows 98 supports real multitasking - it can boot and crash simultaneously. *** Anyone sending unwanted advertising e-mail to this address will be charged $25 for network traffic and computing time. By extracting my address from this message or its header, you agree to these terms. From owner-wu-ftpd@wugate.wustl.edu Sun Dec 6 14:46:29 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id OAA13370; Sun, 6 Dec 1998 14:46:26 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id OAA08298; Sun, 6 Dec 1998 14:38:20 -0600 (CST) Received: from harry.informatik.rwth-aachen.de (harry.Informatik.RWTH-Aachen.DE [137.226.116.28]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id OAA01508 for ; Sun, 6 Dec 1998 14:33:26 -0600 (CST) Received: from microsoft.sucks.eu.org (IDENT:root@s4m221.dialup.RWTH-Aachen.DE [137.226.8.221]) by harry.informatik.rwth-aachen.de (8.9.1a/8.9.1/1) with SMTP id VAA03969; Sun, 6 Dec 1998 21:31:16 +0100 (MET) Message-Id: Date: Sun, 6 Dec 1998 21:33:02 +0100 (CET) Reply-To: bero@microsoft.sucks.eu.org Sender: owner-wu-ftpd@wugate.wustl.edu From: Bernhard Rosenkraenzer To: Jason Spears Cc: wu-ftpd@wugate.wustl.edu Subject: Re: whence wu-ftpd? In-Reply-To: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Fri, 4 Dec 1998, Jason Spears wrote: > I haven't seen a release of the 'official' wu-ftpd in months. Neither has anyone else - and that's precisely the reason why there are a couple of derived servers (such as BeroFTPD or the VR patches) now. > Are there plans for development to continue, or is the 'official' development > tree dead? It's been presumed dead a couple of times before (for example, before the beta-18 release). But any changes to the official tree will be merged into the derived servers, as well (if the changes aren't taken from there - I think it's about time for the official tree to take over the realpath() changes. Currently, the official tree has a major security problem) - so using one of them should be save. > Still hoping for a sensible virtual hosting scheme to be rolled into the > official source. Have a look at BeroFTPD - it's been in there for months. LLaP bero -- Windows 98 supports real multitasking - it can boot and crash simultaneously. *** Anyone sending unwanted advertising e-mail to this address will be charged $25 for network traffic and computing time. By extracting my address from this message or its header, you agree to these terms. From owner-wu-ftpd@wugate.wustl.edu Sun Dec 6 15:16:02 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id PAA13621; Sun, 6 Dec 1998 15:16:01 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id PAA10172; Sun, 6 Dec 1998 15:10:41 -0600 (CST) Received: from harry.informatik.rwth-aachen.de (harry.Informatik.RWTH-Aachen.DE [137.226.116.28]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id PAA16682 for ; Sun, 6 Dec 1998 15:09:07 -0600 (CST) Received: from microsoft.sucks.eu.org (IDENT:root@s4m221.dialup.RWTH-Aachen.DE [137.226.8.221]) by harry.informatik.rwth-aachen.de (8.9.1a/8.9.1/1) with SMTP id WAA04520; Sun, 6 Dec 1998 22:03:02 +0100 (MET) Message-Id: Date: Sun, 6 Dec 1998 22:02:45 +0100 (CET) Reply-To: bero@microsoft.sucks.eu.org Sender: owner-wu-ftpd@wugate.wustl.edu From: Bernhard Rosenkraenzer To: Craig Shrimpton Cc: lundberg+wuftpd@vr.net, wu-ftpd@wugate.wustl.edu Subject: Re: Managing large numbers of guest users In-Reply-To: <001201be2156$07695440$4688e8c7@theranch> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Sun, 6 Dec 1998, Craig Shrimpton wrote: > In terms of security are they equivalent? I got cracked on wu-ftpd 2.1 and > I'm wicked paranoid now. No. Both VR and BeroFTPD are actually more secure than the base beta-18, which has a buffer overflow-type bug in its realpath() function. I have not seen an exploit for this bug yet, but it's there, and it's reproducable. LLaP bero -- Windows 98 supports real multitasking - it can boot and crash simultaneously. *** Anyone sending unwanted advertising e-mail to this address will be charged $25 for network traffic and computing time. By extracting my address from this message or its header, you agree to these terms. From owner-wu-ftpd@wugate.wustl.edu Sun Dec 6 15:36:47 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id PAA13750; Sun, 6 Dec 1998 15:36:46 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id PAA28464; Sun, 6 Dec 1998 15:30:04 -0600 (CST) Received: from sam.nic.com (nic.com [204.141.60.10]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id PAA11999 for ; Sun, 6 Dec 1998 15:25:03 -0600 (CST) Received: from localhost by sam.nic.com (8.9.1/8.9.1) with SMTP id QAA09576; Sun, 6 Dec 1998 16:24:14 -0500 (EST) Message-Id: Date: Sun, 6 Dec 1998 16:24:14 -0500 (EST) Reply-To: dave@nic.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Dave Wreski To: Bernhard Rosenkraenzer Cc: Craig Shrimpton , lundberg+wuftpd@vr.net, wu-ftpd@wugate.wustl.edu Subject: Re: Managing large numbers of guest users In-Reply-To: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN > No. Both VR and BeroFTPD are actually more secure than the base beta-18, > which has a buffer overflow-type bug in its realpath() function. > I have not seen an exploit for this bug yet, but it's there, and it's > reproducable. Does the fact that there is a bug, which hasn't been exploited, in one software program automatically make another software program more secure, overall? I would think the maintainers of wu-ftpd would be made aware of this, and a fix be issued? Dave From owner-wu-ftpd@wugate.wustl.edu Sun Dec 6 16:05:01 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id QAA14025; Sun, 6 Dec 1998 16:05:00 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id PAA31877; Sun, 6 Dec 1998 15:58:00 -0600 (CST) Received: from harry.informatik.rwth-aachen.de (harry.Informatik.RWTH-Aachen.DE [137.226.116.28]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id PAA32338 for ; Sun, 6 Dec 1998 15:55:12 -0600 (CST) Received: from microsoft.sucks.eu.org (IDENT:root@s4m034.dialup.RWTH-Aachen.DE [137.226.8.34]) by harry.informatik.rwth-aachen.de (8.9.1a/8.9.1/1) with SMTP id WAA05180; Sun, 6 Dec 1998 22:50:49 +0100 (MET) Message-Id: Date: Sun, 6 Dec 1998 22:52:14 +0100 (CET) Reply-To: bero@microsoft.sucks.eu.org Sender: owner-wu-ftpd@wugate.wustl.edu From: Bernhard Rosenkraenzer To: Dave Wreski Cc: Craig Shrimpton , lundberg+wuftpd@vr.net, wu-ftpd@wugate.wustl.edu Subject: Re: Managing large numbers of guest users In-Reply-To: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Sun, 6 Dec 1998, Dave Wreski wrote: > > No. Both VR and BeroFTPD are actually more secure than the base beta-18, > > which has a buffer overflow-type bug in its realpath() function. > > I have not seen an exploit for this bug yet, but it's there, and it's > > reproducable. > > Does the fact that there is a bug, which hasn't been exploited, in one > software program automatically make another software program more secure, > overall? In this particular case, yes, because the code base is the same in all three programs we're talking about. The other versions didn't change much affecting security (BeroFTPD added the option to have different passwd/shadow files for virtual hosts as well as PAM support, both of which MIGHT introduce new security problems, but can be turned off at compile time if you don't trust them), but fixed the realpath() issue. > I would think the maintainers of wu-ftpd would be made aware of this, They are. It has been mentioned several times on this list. > and a fix be issued? One of the biggest problems with the "official" wu-ftpd is that new releases are made VERY rarely. (Just look at the number of postings in this list asking if there was any development at all.) Even though a fix has been available for months (it is included in both VR and BeroFTPD; anyone could simply copy the new realpath() function and copy it back to the base version), nobody seems to do something about it. Just another reason to say the inofficial versions are more secure. LLaP bero -- Windows 98 supports real multitasking - it can boot and crash simultaneously. *** Anyone sending unwanted advertising e-mail to this address will be charged $25 for network traffic and computing time. By extracting my address from this message or its header, you agree to these terms. From owner-wu-ftpd@wugate.wustl.edu Sun Dec 6 22:43:58 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id WAA17776; Sun, 6 Dec 1998 22:43:58 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id WAA29746; Sun, 6 Dec 1998 22:37:09 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id WAA05600 for ; Sun, 6 Dec 1998 22:30:39 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id XAA28635; Sun, 6 Dec 1998 23:30:28 -0500 Message-Id: Date: Sun, 6 Dec 1998 23:30:28 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Craig Shrimpton Cc: wu-ftpd@wugate.wustl.edu Subject: Re: Managing large numbers of guest users In-Reply-To: <001201be2156$07695440$4688e8c7@theranch> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Sun, 6 Dec 1998, Craig Shrimpton wrote: > In terms of security are they equivalent? I got cracked on wu-ftpd > 2.1 and I'm wicked paranoid now. > > > >For most people, the base beta-18 is still the best choice. > > > >If you need some of the more commonly requested features (like those I > >talked about yesterday), VR is for you. > > > >If you have a need for strong virtual hosting as well, go with BeroFTPD. In increasing security, 2.4 (should never be used), 2.4.2 (beta 18), VR11, BeroFTPD. It's a toss up between VR11 and BeroFTP depending on how many of my fixes Bernard has put in. I rank Bero higher because of its superior virtual hosting. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Sun Dec 6 23:14:37 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id XAA18025; Sun, 6 Dec 1998 23:14:37 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id XAA24327; Sun, 6 Dec 1998 23:09:16 -0600 (CST) Received: from Dlmnet (root@www.cd-music.com [205.177.241.21]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id XAA11243 for ; Sun, 6 Dec 1998 23:03:52 -0600 (CST) Received: from pcnet (asc200.idsonline.com [207.176.21.200]) by Dlmnet (8.8.7/8.8.7) with SMTP id AAA12176 for ; Mon, 7 Dec 1998 00:03:49 -0500 Message-Id: <3.0.5.32.19981207000243.0082ac60@mail.lmnet.com> Date: Mon, 07 Dec 1998 00:02:43 -0500 Reply-To: webmaster@lmnet.com Sender: owner-wu-ftpd@wugate.wustl.edu From: William Henry To: wu-ftpd@wugate.wustl.edu Subject: Better way to stop hammering??? Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Sender: bob@mail.lmnet.com X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.5 (32) X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Hi all, Is there a better way to deal with people who insist on attempting to connect to an FTP site every second for hours on end, then by placing them in a deny list that uses /usr/dict/words as the message? That's what I've been doing, and it at least slows them down. I know it's like hitting yourself in the hand with a hammer to punish someone else, but I can't think of any other way. It at least seems to get most people to stop and consider what's happening, at which point they eventually stop. It also appears that some versions of some browsers like to try and retry on a connection at some randomly devised number of tries, but I haven't been able to figure out which ones, and if there's a consistent number of tries or if it just picks a number and stops when it reaches it. Any ideas there? William Henry webmaster@lmnet.com http://www.primeconsult.com From owner-wu-ftpd@wugate.wustl.edu Mon Dec 7 07:36:33 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id HAA21292; Mon, 7 Dec 1998 07:36:33 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id HAA20605; Mon, 7 Dec 1998 07:27:10 -0600 (CST) Received: from vortex.more.net (vortex.more.net [198.209.253.70]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id HAA28126 for ; Mon, 7 Dec 1998 07:19:43 -0600 (CST) Received: from more.net (glenn.modempool.more.net [198.102.253.81]) by vortex.more.net (8.9.1a/8.9.1) with ESMTP id HAA01033; Mon, 7 Dec 1998 07:19:39 -0600 (CST) Message-Id: <366BD652.B4EDCD50@more.net> Date: Mon, 07 Dec 1998 07:21:22 -0600 Reply-To: glenn@more.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Glenn Nielsen To: jung@cyhpr142.ug.eds.com Cc: wu-ftpd@wugate.wustl.edu Subject: Re: Directory-Level Password Protection? References: <199812021732.JAA21315@cyhpr142.ug.eds.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Transfer-Encoding: 7bit X-Sender: glenn@more.net X-Mailer: Mozilla 4.5 [en] (X11; I; FreeBSD 2.2.6-RELEASE i386) X-Accept-Language: en X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN We have a set of patches we maintain that restrict an authenticated user to their home directory. This is a method we use to place users into the sandbox of their home directory so they can not see files outside of it. We also use this for creating accounts whose home directory is within web space. When these accounts use ftp they can only modify content in the home directory for their "webmaster" account. These "webmaster" accounts do not have a shell so the only means we give them for managing content is ftp. These patches are current as of wuftpd 2.4.2 Beta 18. Glenn Nielsen Unix System Programmer MOREnet University of Missouri System John Jung wrote: > > Hi All, > > We've got WU-FTPD 2.4 (yeah, I know it's old, but management is skittish on > the "beta" tag for the other releases) running fine here. However, management > now has a new requirement and wants to know if it can be done. I don't think > it can, but I want to double check with everybody else: > > Can WU-FTPD handle directory-level access restrictions? > > Management is looking for something similar to ".htaccess" for Apache, but > for WU-FTPD. I don't think it's do-able because I think WU-FTPD only does > authentication once, and that's at login. > > Am I wrong? Is it possible to do directory-level access restrictions? If > so, how would this be done? > > Thanks for your help. > > John > > +-------------------------------------+-------------------------------------+ > | John Jung (jung@ugsolutions.com) | Unigraphics Solutions | > | Global Technical Access Center | 10824 Hope Street, 1S-241 | > | Operating Systems Group | Cypress, California 90630 | > +---------------------------(800) 955-0000x3-586----------------------------+ From owner-wu-ftpd@wugate.wustl.edu Mon Dec 7 07:41:48 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id HAA21343; Mon, 7 Dec 1998 07:41:47 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id HAA29212; Mon, 7 Dec 1998 07:36:26 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id HAA29988 for ; Mon, 7 Dec 1998 07:32:40 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id IAA30566; Mon, 7 Dec 1998 08:32:36 -0500 Message-Id: Date: Mon, 7 Dec 1998 08:32:35 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: William Henry Cc: wu-ftpd@wugate.wustl.edu Subject: Re: Better way to stop hammering??? In-Reply-To: <3.0.5.32.19981207000243.0082ac60@mail.lmnet.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Mon, 7 Dec 1998, William Henry wrote: > Is there a better way to deal with people who insist on attempting to > connect to an FTP site every second for hours on end, then by placing > them in a deny list that uses /usr/dict/words as the message? That's > what I've been doing, and it at least slows them down. I know it's > like hitting yourself in the hand with a hammer to punish someone > else, but I can't think of any other way. It at least seems to get > most people to stop and consider what's happening, at which point they > eventually stop. I find a filter on my router works fine and is kinder on my server. Usually only need leave it in place for a day or so. I see this kind of crap with Windoze Networking (smb, ports 137 et al) more often than FTP. > It also appears that some versions of some browsers like to try and > retry on a connection at some randomly devised number of tries, but I > haven't been able to figure out which ones, and if there's a > consistent number of tries or if it just picks a number and stops when > it reaches it. Any ideas there? Never had any problems with broswers doing this. The real question which pops into my mind is _why_ are you having so many failed connections? If it's because you have something popular in your site that's one thing, but a large number of failed connections could indicate a network reliability problem. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Mon Dec 7 09:57:33 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id JAA22479; Mon, 7 Dec 1998 09:57:32 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id JAA06631; Mon, 7 Dec 1998 09:53:10 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id JAA21194 for ; Mon, 7 Dec 1998 09:47:52 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id KAA31542 for ; Mon, 7 Dec 1998 10:47:51 -0500 Message-Id: Date: Mon, 7 Dec 1998 10:47:51 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: WU-FTPD Discussion List Subject: [VR11] Additional binaries available. MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN A new member has joined the VR-series support/testers/builders group who is building additional pre-compiled binaries. The new binaries are marked with an asterisk to the left of the list below. Patches, tarballs and binaries are available at: ftp://ftp.vr.net/pub/wu-ftpd/ The complete list of pre-compiled binaries is: * DEC/NetBSD * ---------- * wu-ftpd-2.4.2-beta-18-vr11-NetBSDalpha-1.3I.tar.gz DEC/Unix -------- wu-ftpd-2.4.2-beta-18-vr11-OSF1-3.2-C2.tar.gz * wu-ftpd-2.4.2-beta-18-vr11-OSF1-4.0-A.tar.gz * OSF1-4.0-B is having some problems but should be available with VR12. IBM/AIX ------- wu-ftpd-2.4.2-beta-18-vr11-AIX.3.2.5.tar.gz Intel/BSDI ---------- wu-ftpd-2.4.2-beta-18-vr11-BSDI-2.1.tar.gz wu-ftpd-2.4.2-beta-18-vr11-BSDI-3.1.tar.gz * Intel/FreeBSD * ------------- * wu-ftpd-2.4.2-beta-18-vr11-FreeBSD-2.2.7.tar.gz Intel/Linux ----------- ftp.bin.linux.i386.tar.gz (FTP support executables, ls etc.) wu-ftpd-2.4.2-beta-18-vr11.linux.i386.tar.gz * Intel/NetBSD * ------------ * wu-ftpd-2.4.2-beta-18-vr11-NetBSDi386-1.3I.tar.gz SGI/IRIX -------- irix62-ftpbin.tar.gz (FTP support executables, ls etc.) wu-ftpd-2.4.2-beta-18-vr11-IRIX-6.2.tar.gz Sun/Linux --------- wu-ftpd-2.4.2-beta-18-vr11-linux-sparc.tar.gz Sun/NetBSD ---------- wu-ftpd-2.4.2-beta-18-vr11-NetBSD-1.3I.tar.gz Sun/Solaris ----------- FTP242b18.wu-ftpd.2.4.2-beta18-VR11.SPARC.ULTRASparc.2.5.1.2.5.pkg.tar.Z FTP242b18.wu-ftpd.2.4.2-beta18-VR11.SPARC.ULTRASparc.2.5.1.2.5.pkg.tar.gz wu-ftpd-2.4.2-beta-18-vr11-Solaris-2.6.tar.gz Sun/SunOS --------- sunos41x-ftpbin.tar.gz (FTP support executables, ls etc.) wu-ftpd-2.4.2-beta-18-vr11-SunOS-4.1.3-U1.tar.gz -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Mon Dec 7 11:02:42 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id LAA23180; Mon, 7 Dec 1998 11:02:41 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id KAA22809; Mon, 7 Dec 1998 10:59:10 -0600 (CST) Received: from aristo.tau.ac.il (postfix@aristo.tau.ac.il [132.66.32.10]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id KAA15555 for ; Mon, 7 Dec 1998 10:55:37 -0600 (CST) Received: by aristo.tau.ac.il (Postfix, from userid 20001) id 3BF7A38116; Mon, 7 Dec 1998 18:55:28 +0200 (IST) Message-Id: <19981207185527.A13041@aristo.tau.ac.il> Date: Mon, 7 Dec 1998 18:55:27 +0200 Reply-To: eilon@aristo.tau.ac.il Sender: owner-wu-ftpd@wugate.wustl.edu From: Eilon Gishri To: Glenn Nielsen Cc: jung@cyhpr142.ug.eds.com, wu-ftpd@wugate.wustl.edu Subject: Re: Directory-Level Password Protection? In-Reply-To: <366BD652.B4EDCD50@more.net>; from Glenn Nielsen on Mon, Dec 07, 1998 at 07:21:22AM -0600 References: <199812021732.JAA21315@cyhpr142.ug.eds.com> <366BD652.B4EDCD50@more.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.94.17i X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Mon, Dec 07, 1998 at 07:21:22AM -0600, Glenn Nielsen wrote: > We have a set of patches we maintain that restrict an authenticated > user to their home directory. This is a method we use to place users > into the sandbox of their home directory so they can not see files > outside of it. We also use this for creating accounts whose home > directory is within web space. When these accounts use ftp they > can only modify content in the home directory for their "webmaster" > account. These "webmaster" accounts do not have a shell so the only > means we give them for managing content is ftp. > > These patches are current as of wuftpd 2.4.2 Beta 18. > Are those patches available for the public some where ? > Glenn Nielsen > > Unix System Programmer > MOREnet > University of Missouri System > > John Jung wrote: > > > > Hi All, > > > > We've got WU-FTPD 2.4 (yeah, I know it's old, but management is skittish on > > the "beta" tag for the other releases) running fine here. However, management > > now has a new requirement and wants to know if it can be done. I don't think > > it can, but I want to double check with everybody else: > > > > Can WU-FTPD handle directory-level access restrictions? > > > > Management is looking for something similar to ".htaccess" for Apache, but > > for WU-FTPD. I don't think it's do-able because I think WU-FTPD only does > > authentication once, and that's at login. > > > > Am I wrong? Is it possible to do directory-level access restrictions? If > > so, how would this be done? > > > > Thanks for your help. > > > > John > > > > +-------------------------------------+-------------------------------------+ > > | John Jung (jung@ugsolutions.com) | Unigraphics Solutions | > > | Global Technical Access Center | 10824 Hope Street, 1S-241 | > > | Operating Systems Group | Cypress, California 90630 | > > +---------------------------(800) 955-0000x3-586----------------------------+ -- Eilon Gishri eilon@aristo.tau.ac.il Security Consultant Office: +972-3-6406723 Israel Inter University Computation Center Fax: +972-3-6409118 /* On a matter of national security */ Home: +972-3-5078671 From owner-wu-ftpd@wugate.wustl.edu Tue Dec 8 05:10:13 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id FAA22384; Tue, 8 Dec 1998 05:10:12 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id FAA00388; Tue, 8 Dec 1998 05:04:57 -0600 (CST) Received: from isk.de (manfred.remsmurr.de [194.97.228.5]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id EAA13952 for ; Tue, 8 Dec 1998 04:55:41 -0600 (CST) Received: (qmail 18645 invoked from network); 8 Dec 1998 10:55:38 -0000 Received: from unknown (HELO ) (194.97.228.128) by manfred.remsmurr.de with SMTP; 8 Dec 1998 10:55:38 -0000 Message-Id: Date: Tue, 8 Dec 1998 11:55:40 +0100 Reply-To: service@isk.de Sender: owner-wu-ftpd@wugate.wustl.edu From: Service ISK To: "WU-FTPD" Subject: access denied probs !? Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: PostMe 2.0 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Hello I have a problem with a running wu-ftpd on an freebsd 2.2.2 (wu-2.4(1) as package from freebsd). All runs very well, but at one time I edited the /usr/local/etc/ftphosts for a new user, no user couldn't come in (530 access denied) and (name in /usr/local/etc/ftphosts). Nothing changed only this file. my .../ftphosts: allow user1 * allow usern * deny * * all other files like sample from wu-ftpd but no anonymous. Users are in passwd with .../false. The first time this happend I searched and searched and didn't found something was wrong. Then if I comment out the line "deny * *" in the ../ftphosts file all runs well!? I didn't understand this, but it worked. Now it happens an second time and nothing want't to go to run it up. What is wrong or what did I wrong and why is this happening? Someone an idea or help? I have wu-ftpd on an other freebsd machine running and this one runs well all the time. I did control over both the rights but didn't found some other. Please help, I think my hairs go out. ;-) Regards and sorry for my bad english. Sigi. From owner-wu-ftpd@wugate.wustl.edu Tue Dec 8 07:14:56 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id HAA23581; Tue, 8 Dec 1998 07:14:55 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id HAA08903; Tue, 8 Dec 1998 07:10:49 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id HAA17492 for ; Tue, 8 Dec 1998 07:06:54 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id IAA06609; Tue, 8 Dec 1998 08:06:37 -0500 Message-Id: Date: Tue, 8 Dec 1998 08:06:37 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Service ISK Cc: WU-FTPD Subject: Re: access denied probs !? In-Reply-To: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Tue, 8 Dec 1998, Service ISK wrote: > All runs very well, but at one time I edited the > /usr/local/etc/ftphosts for a new user, no user couldn't come in (530 > access denied) and (name in /usr/local/etc/ftphosts). Nothing changed > only this file. > > my .../ftphosts: > allow user1 * > allow usern * > deny * * > all other files like sample from wu-ftpd but no anonymous. > > The first time this happend I searched and searched and didn't found > something was wrong. Then if I comment out the line "deny * *" in the > ../ftphosts file all runs well!? You need to allow 'ftp' and 'anonymous' in ftphosts. # /etc/ftphosts # # Allow anonymous FTP from anywhere # allow ftp * allow anonymous * # # Allow real/guest users 'user1' and 'usern' from anywhere. # allow user1 * allow usern * # # Deny *EVERYONE* else from *EVERYWHERE* # deny * * # # eof -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Tue Dec 8 07:39:27 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id HAA23755; Tue, 8 Dec 1998 07:39:26 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id HAA05165; Tue, 8 Dec 1998 07:36:31 -0600 (CST) Received: from isk.de (manfred.remsmurr.de [194.97.228.5]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id HAA30904 for ; Tue, 8 Dec 1998 07:35:52 -0600 (CST) Received: (qmail 24401 invoked from network); 8 Dec 1998 13:35:46 -0000 Received: from unknown (HELO ) (194.97.228.128) by manfred.remsmurr.de with SMTP; 8 Dec 1998 13:35:46 -0000 Message-Id: Date: Tue, 8 Dec 1998 14:35:41 +0100 Reply-To: service@isk.de Sender: owner-wu-ftpd@wugate.wustl.edu From: Service ISK To: Gregory A Lundberg Cc: WU-FTPD Subject: Re: access denied probs !? References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: PostMe 2.0 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN >On Tue, 8 Dec 1998, Service ISK wrote: > >> All runs very well, but at one time I edited the >> /usr/local/etc/ftphosts for a new user, no user couldn't come in >(530 >> access denied) and (name in /usr/local/etc/ftphosts). Nothing >changed >> only this file. >> >> my .../ftphosts: >> allow user1 * >> allow usern * >> deny * * >> all other files like sample from wu-ftpd but no anonymous. >> >> The first time this happend I searched and searched and didn't >found >> something was wrong. Then if I comment out the line "deny * *" in >the >> ../ftphosts file all runs well!? > >You need to allow 'ftp' and 'anonymous' in ftphosts. Thanks for your quick reply. Hmmm, why do I need this? I don't want anonymous and ftp to log in! And it was running further without this two entries! If I do them in, it is the same --> access denied and in syslog "name in /usr/local/etc/ftphosts". Regards Sigi. ># /etc/ftphosts ># ># Allow anonymous FTP from anywhere ># >allow ftp * >allow anonymous * ># ># Allow real/guest users 'user1' and 'usern' from anywhere. ># >allow user1 * >allow usern * ># ># Deny *EVERYONE* else from *EVERYWHERE* ># >deny * * ># ># eof > >-- > >Gregory A Lundberg Senior Partner, VRnet Company >1441 Elmdale Drive lundberg+wuftpd@vr.net >Kettering, OH 45409-1615 USA 1-800-809-2195 > > From owner-wu-ftpd@wugate.wustl.edu Tue Dec 8 07:53:53 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id HAA23877; Tue, 8 Dec 1998 07:53:52 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id HAA15273; Tue, 8 Dec 1998 07:49:37 -0600 (CST) Received: from harry.informatik.rwth-aachen.de (harry.Informatik.RWTH-Aachen.DE [137.226.116.28]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id HAA30957 for ; Tue, 8 Dec 1998 07:38:37 -0600 (CST) Received: from microsoft.sucks.eu.org (IDENT:root@s4m230.dialup.RWTH-Aachen.DE [137.226.8.230]) by harry.informatik.rwth-aachen.de (8.9.1a/8.9.1/1) with SMTP id OAA11774; Tue, 8 Dec 1998 14:34:09 +0100 (MET) Message-Id: Date: Tue, 8 Dec 1998 14:34:43 +0100 (CET) Reply-To: bero@microsoft.sucks.eu.org Sender: owner-wu-ftpd@wugate.wustl.edu From: Bernhard Rosenkraenzer To: William Henry Cc: wu-ftpd@wugate.wustl.edu Subject: Re: Better way to stop hammering??? In-Reply-To: <3.0.5.32.19981207000243.0082ac60@mail.lmnet.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Mon, 7 Dec 1998, William Henry wrote: > Is there a better way to deal with people who insist on attempting to > connect to an FTP site every second for hours on end, then by placing them > in a deny list that uses /usr/dict/words as the message? You can use the deny directive in ftphosts to block their IP... Maybe they'll stop if they see they aren't even getting a connection. LLaP bero -- Windows 98 supports real multitasking - it can boot and crash simultaneously. *** Anyone sending unwanted advertising e-mail to this address will be charged $25 for network traffic and computing time. By extracting my address from this message or its header, you agree to these terms. From owner-wu-ftpd@wugate.wustl.edu Tue Dec 8 08:25:20 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id IAA24240; Tue, 8 Dec 1998 08:25:19 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id IAA30020; Tue, 8 Dec 1998 08:22:00 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id IAA29547 for ; Tue, 8 Dec 1998 08:21:24 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id JAA06950; Tue, 8 Dec 1998 09:21:19 -0500 Message-Id: Date: Tue, 8 Dec 1998 09:21:19 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Service ISK Cc: WU-FTPD Subject: Re: access denied probs !? In-Reply-To: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Tue, 8 Dec 1998, Service ISK wrote: > >You need to allow 'ftp' and 'anonymous' in ftphosts. > > Hmmm, why do I need this? > I don't want anonymous and ftp to log in! > And it was running further without this two entries! Sorry, my misunderstanding. I thought your complaint was anonymous FTP wasn't working. > If I do them in, it is the same --> access denied and in syslog "name > in /usr/local/etc/ftphosts". > ># /etc/ftphosts > ># > ># Allow anonymous FTP from anywhere > ># > >allow ftp * > >allow anonymous * > ># > ># Allow real/guest users 'user1' and 'usern' from anywhere. > ># > >allow user1 * > >allow usern * > ># > ># Deny *EVERYONE* else from *EVERYWHERE* > ># > >deny * * > ># > ># eof The deny * means if the name is not *EXACTLY* equal to 'user1' or 'usern' then _deny_ access to _everyone_ _else_ (the first *) from _everywhere_ (the second *). That means the user named 'greg' cannot FTP in. It doesn't matter whether 'greg' is set up correctly or not. He cannot use FTP because the ftphosts says so. If you want 'user6' to be allowed to FTP you need to either add him in ftphosts _before_ the deny or remove the deny and allow everyone. So what is the problem? -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Tue Dec 8 09:04:04 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id JAA25398; Tue, 8 Dec 1998 09:04:03 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id JAA04145; Tue, 8 Dec 1998 09:00:44 -0600 (CST) Received: from isk.de (manfred.remsmurr.de [194.97.228.5]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id IAA03758 for ; Tue, 8 Dec 1998 08:56:39 -0600 (CST) Received: (qmail 26985 invoked from network); 8 Dec 1998 14:56:38 -0000 Received: from unknown (HELO ) (194.97.228.128) by manfred.remsmurr.de with SMTP; 8 Dec 1998 14:56:38 -0000 Message-Id: Date: Tue, 8 Dec 1998 15:56:38 +0100 Reply-To: service@isk.de Sender: owner-wu-ftpd@wugate.wustl.edu From: Service ISK To: Gregory A Lundberg Cc: WU-FTPD Subject: Re: access denied probs !? References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: PostMe 2.0 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN >On Tue, 8 Dec 1998, Service ISK wrote: > >> >You need to allow 'ftp' and 'anonymous' in ftphosts. >> >> Hmmm, why do I need this? >> I don't want anonymous and ftp to log in! >> And it was running further without this two entries! > >Sorry, my misunderstanding. I thought your complaint was anonymous >FTP wasn't working. > >> If I do them in, it is the same --> access denied and in syslog >"name >> in /usr/local/etc/ftphosts". > >> ># /etc/ftphosts >> ># >> ># Allow anonymous FTP from anywhere >> ># >> >allow ftp * >> >allow anonymous * >> ># >> ># Allow real/guest users 'user1' and 'usern' from anywhere. >> ># >> >allow user1 * >> >allow usern * >> ># >> ># Deny *EVERYONE* else from *EVERYWHERE* >> ># >> >deny * * >> ># >> ># eof > >The deny * means if the name is not *EXACTLY* equal to 'user1' or >'usern' >then _deny_ access to _everyone_ _else_ (the first *) from >_everywhere_ >(the second *). > >That means the user named 'greg' cannot FTP in. It doesn't matter >whether 'greg' is set up correctly or not. He cannot use FTP >because the >ftphosts says so. > >If you want 'user6' to be allowed to FTP you need to either add him >in >ftphosts _before_ the deny or remove the deny and allow everyone. > >So what is the problem? :-) Excuse, maybe I didn't explain exactly: wu-ftpd is running for a long while very fine. I have the users in passwd with group ftponly. In ftpaccess I have ftponly as guestgroup. No anonymous login needed, only users for webspace. In ftphosts I have all users like "allow username *". So it worked. Now after I edited ftphosts (first time) for a new user no user come in the ftp server, all get "access denied" and "name in .../ftphosts". I searched and searched but found no error. Then I did an "#" bevor the "deny * *" line in ftphosts and all worked fine. I don't understand why. Now it happend twice. I edited the ftphosts for a new user and after that nobody can get in, all get "access denied" and "name in ../ftphosts". I edit as root and I did always so. I had copied the ftpaccess.sample, but this worked although not. I hope you understand my problem now. Sorry for my bad english. Sigi. >-- > >Gregory A Lundberg Senior Partner, VRnet Company >1441 Elmdale Drive lundberg+wuftpd@vr.net >Kettering, OH 45409-1615 USA 1-800-809-2195 > > From owner-wu-ftpd@wugate.wustl.edu Tue Dec 8 09:30:43 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id JAA25762; Tue, 8 Dec 1998 09:30:42 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id JAA02223; Tue, 8 Dec 1998 09:27:15 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id JAA05030 for ; Tue, 8 Dec 1998 09:25:51 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id KAA07559; Tue, 8 Dec 1998 10:25:45 -0500 Message-Id: Date: Tue, 8 Dec 1998 10:25:45 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Service ISK Cc: WU-FTPD Subject: Re: access denied probs !? In-Reply-To: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Tue, 8 Dec 1998, Service ISK wrote: > wu-ftpd is running for a long while very fine. I have the users in > passwd with group ftponly. In ftpaccess I have ftponly as guestgroup. > No anonymous login needed, only users for webspace. In ftphosts I have > all users like "allow username *". So it worked. Now after I edited > ftphosts (first time) for a new user no user come in the ftp server, > all get "access denied" and "name in .../ftphosts". I searched and > searched but found no error. Then I did an "#" bevor the "deny * *" > line in ftphosts and all worked fine. I don't understand why. Now it > happend twice. I edited the ftphosts for a new user and after that > nobody can get in, all get "access denied" and "name in ../ftphosts". > I edit as root and I did always so. If you have a user, 'user1', do you want to restrict that user to only accessing the ftp site from a specific machine or network? If not the following command will fix your problem: rm -f /etc/ftphosts If do need this restriction, you need to specifically list each user in /etc/ftphosts. This sounces like what you have done. If it is not working there is a typographical error in your /etc/ftphosts file. If you only need to restrict some users but do not care where others come from, you need to be more specific in your deny: # /etc/ftphosts # # Allow user1 from the machine 'user1.sample.com' and no other machine # allow user1 user1.sample.com deny user1 * # # Allow all other users from everywhere. This is the default, so we # do not need to say anything! # # eof Given everything you have said, and looking at the example you sent in your first email, I suggest the correct solution is: rm -f /etc/ftphosts -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Tue Dec 8 10:32:05 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id KAA26522; Tue, 8 Dec 1998 10:32:04 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id KAA08300; Tue, 8 Dec 1998 10:25:58 -0600 (CST) Received: from isk.de (manfred.remsmurr.de [194.97.228.5]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id KAA05251 for ; Tue, 8 Dec 1998 10:19:34 -0600 (CST) Received: (qmail 29475 invoked from network); 8 Dec 1998 16:19:22 -0000 Received: from unknown (HELO ) (194.97.228.128) by manfred.remsmurr.de with SMTP; 8 Dec 1998 16:19:22 -0000 Message-Id: Date: Tue, 8 Dec 1998 17:19:29 +0100 Reply-To: service@isk.de Sender: owner-wu-ftpd@wugate.wustl.edu From: Service ISK To: Gregory A Lundberg Cc: WU-FTPD Subject: Re: access denied probs !? References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: PostMe 2.0 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN >On Tue, 8 Dec 1998, Service ISK wrote: > >> wu-ftpd is running for a long while very fine. I have the users in >> passwd with group ftponly. In ftpaccess I have ftponly as >guestgroup. >> No anonymous login needed, only users for webspace. In ftphosts I >have >> all users like "allow username *". So it worked. Now after I edited >> ftphosts (first time) for a new user no user come in the ftp >server, >> all get "access denied" and "name in .../ftphosts". I searched and >> searched but found no error. Then I did an "#" bevor the "deny * *" >> line in ftphosts and all worked fine. I don't understand why. Now >it >> happend twice. I edited the ftphosts for a new user and after that >> nobody can get in, all get "access denied" and "name in >../ftphosts". >> I edit as root and I did always so. > > >If you have a user, 'user1', do you want to restrict that user to >only >accessing the ftp site from a specific machine or network? > >If not the following command will fix your problem: > > rm -f /etc/ftphosts Many thanks. In the moment I need no restrictions on this server. Sigi. >If do need this restriction, you need to specifically list each user >in >/etc/ftphosts. This sounces like what you have done. If it is not >working >there is a typographical error in your /etc/ftphosts file. > >If you only need to restrict some users but do not care where others >come >from, you need to be more specific in your deny: > ># /etc/ftphosts ># ># Allow user1 from the machine 'user1.sample.com' and no other >machine ># >allow user1 user1.sample.com >deny user1 * ># ># Allow all other users from everywhere. This is the default, so we ># do not need to say anything! ># ># eof > >Given everything you have said, and looking at the example you sent >in >your first email, I suggest the correct solution is: > > rm -f /etc/ftphosts > >-- > >Gregory A Lundberg Senior Partner, VRnet Company >1441 Elmdale Drive lundberg+wuftpd@vr.net >Kettering, OH 45409-1615 USA 1-800-809-2195 > > From owner-wu-ftpd@wugate.wustl.edu Tue Dec 8 10:32:26 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id KAA26546; Tue, 8 Dec 1998 10:32:25 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id KAA32524; Tue, 8 Dec 1998 10:26:45 -0600 (CST) Received: from vortex.amorfhia.com.mx (amorfhia.amorfhia.com.mx [200.23.177.253]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id KAA11601 for ; Tue, 8 Dec 1998 10:22:58 -0600 (CST) Received: from aarroyo.amorfhia.com.mx ([200.23.177.250]) by vortex.amorfhia.com.mx (Netscape Mail Server v2.01) with ESMTP id AAA12326; Tue, 8 Dec 1998 10:20:02 -0500 Message-Id: <366D54FF.A1D21967@vortex.amorfhia.com.mx> Date: Tue, 08 Dec 1998 10:34:10 -0600 Reply-To: aarroyo@amorfhia.com.mx Sender: owner-wu-ftpd@wugate.wustl.edu From: aarroyo@amorfhia.com.mx (Agustin Arroyo Sotomayor) To: lundberg+wuftpd@vr.net Cc: Service ISK , WU-FTPD Subject: Re: access denied probs !? References: MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Mailer: Mozilla 4.01 [en] (Win95; I) X-Priority: 3 (Normal) X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN I would like to unsubscribe form the WU-FTPD mailing list. Could some one explain me how to do it. Thanks Gregory A Lundberg wrote: > On Tue, 8 Dec 1998, Service ISK wrote: > > > wu-ftpd is running for a long while very fine. I have > the users in > > passwd with group ftponly. In ftpaccess I have ftponly > as guestgroup. > > No anonymous login needed, only users for webspace. In > ftphosts I have > > all users like "allow username *". So it worked. Now > after I edited > > ftphosts (first time) for a new user no user come in the > ftp server, > > all get "access denied" and "name in .../ftphosts". I > searched and > > searched but found no error. Then I did an "#" bevor the > "deny * *" > > line in ftphosts and all worked fine. I don't understand > why. Now it > > happend twice. I edited the ftphosts for a new user and > after that > > nobody can get in, all get "access denied" and "name in > ../ftphosts". > > I edit as root and I did always so. > > If you have a user, 'user1', do you want to restrict that > user to only > accessing the ftp site from a specific machine or network? > > If not the following command will fix your problem: > > rm -f /etc/ftphosts > > If do need this restriction, you need to specifically list > each user in > /etc/ftphosts. This sounces like what you have done. If > it is not working > there is a typographical error in your /etc/ftphosts file. > > If you only need to restrict some users but do not care > where others come > from, you need to be more specific in your deny: > > # /etc/ftphosts > # > # Allow user1 from the machine 'user1.sample.com' and no > other machine > # > allow user1 user1.sample.com > deny user1 * > # > # Allow all other users from everywhere. This is the > default, so we > # do not need to say anything! > # > # eof > > Given everything you have said, and looking at the example > you sent in > your first email, I suggest the correct solution is: > > rm -f /etc/ftphosts > > -- > > Gregory A Lundberg Senior Partner, VRnet > Company > 1441 Elmdale Drive lundberg+wuftpd@vr.net > Kettering, OH 45409-1615 USA 1-800-809-2195 -- ******************************* Agustín Arroyo Sotomayor Amorfhia, S.A. de C.V. Tels.- +52(5)-5132812/2872/2751 Fax.- +52(5)-6551783 mailto:aarroyo@amorfhia.com.mx http://www.amorfhia.com.mx ******************************* From owner-wu-ftpd@wugate.wustl.edu Tue Dec 8 12:36:20 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id MAA28760; Tue, 8 Dec 1998 12:36:19 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id MAA14274; Tue, 8 Dec 1998 12:30:28 -0600 (CST) Received: from isk.de (manfred.remsmurr.de [194.97.228.5]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id MAA16882 for ; Tue, 8 Dec 1998 12:24:01 -0600 (CST) Received: (qmail 2902 invoked from network); 8 Dec 1998 18:23:57 -0000 Received: from unknown (HELO ) (194.97.228.128) by manfred.remsmurr.de with SMTP; 8 Dec 1998 18:23:57 -0000 Message-Id: Date: Tue, 8 Dec 1998 19:24:02 +0100 Reply-To: service@isk.de Sender: owner-wu-ftpd@wugate.wustl.edu From: Service ISK To: Gregory A Lundberg Cc: WU-FTPD Subject: Re: access denied probs !? References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: PostMe 2.0 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN >On Tue, 8 Dec 1998, Service ISK wrote: > >> wu-ftpd is running for a long while very fine. I have the users in >> passwd with group ftponly. In ftpaccess I have ftponly as >guestgroup. >> No anonymous login needed, only users for webspace. In ftphosts I >have >> all users like "allow username *". So it worked. Now after I edited >> ftphosts (first time) for a new user no user come in the ftp >server, >> all get "access denied" and "name in .../ftphosts". I searched and >> searched but found no error. Then I did an "#" bevor the "deny * *" >> line in ftphosts and all worked fine. I don't understand why. Now >it >> happend twice. I edited the ftphosts for a new user and after that >> nobody can get in, all get "access denied" and "name in >../ftphosts". >> I edit as root and I did always so. > > >If you have a user, 'user1', do you want to restrict that user to >only >accessing the ftp site from a specific machine or network? > >If not the following command will fix your problem: > > rm -f /etc/ftphosts >Many thanks. In the moment I need no restrictions on this server. Oooh NOOOOO. That doesn't work. Now all users can change in other directories! The "..././:..." in the passwd doesn't work more!? Please help. Sigi. >If do need this restriction, you need to specifically list each user >in >/etc/ftphosts. This sounces like what you have done. If it is not >working >there is a typographical error in your /etc/ftphosts file. > >If you only need to restrict some users but do not care where others >come >from, you need to be more specific in your deny: > ># /etc/ftphosts ># ># Allow user1 from the machine 'user1.sample.com' and no other >machine ># >allow user1 user1.sample.com >deny user1 * ># ># Allow all other users from everywhere. This is the default, so we ># do not need to say anything! ># ># eof > >Given everything you have said, and looking at the example you sent >in >your first email, I suggest the correct solution is: > > rm -f /etc/ftphosts > >-- > >Gregory A Lundberg Senior Partner, VRnet Company >1441 Elmdale Drive lundberg+wuftpd@vr.net >Kettering, OH 45409-1615 USA 1-800-809-2195 > > From owner-wu-ftpd@wugate.wustl.edu Tue Dec 8 12:42:37 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id MAA29446; Tue, 8 Dec 1998 12:42:36 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id MAA18995; Tue, 8 Dec 1998 12:36:48 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id MAA18118 for ; Tue, 8 Dec 1998 12:30:29 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id NAA08893; Tue, 8 Dec 1998 13:30:21 -0500 Message-Id: Date: Tue, 8 Dec 1998 13:30:21 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Service ISK Cc: WU-FTPD Subject: Re: access denied probs !? In-Reply-To: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Tue, 8 Dec 1998, Service ISK wrote: > Oooh NOOOOO. That doesn't work. Now all users can change in other > directories! > The "..././:..." in the passwd doesn't work more!? Of course it does. Check the FAQ. Probably you don't have -a on the command line. Or you forgot to kill -HUP inetd. Or the users are not in the guest group. Or the guestgroup in the ftpaccess isn't there or names the wrong group. Or the daemon's using a different ftpaccess file than the one you're editing. All this has NOTHING to do with /etc/ftphosts. If it doesn't work now, it never worked before. You probably never checked. -- The location of the latest version of wu-ftpd can be found in the directory ftp://ftp.academ.com/pub/wu-ftpd/private/ You can't see the directory contents, so read the message informing you of the actual filename to retrieve. It's there. wu-ftpd Resource Center: http://www.landfield.com/wu-ftpd/ wu-ftpd FAQ: http://www.cetis.hvu.nl/~koos/wu-ftpd-faq.html wu-ftpd list archive: http://www.landfield.com/wu-ftpd/mail-archive/ -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Tue Dec 8 13:09:35 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id NAA29853; Tue, 8 Dec 1998 13:09:34 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id NAA25366; Tue, 8 Dec 1998 13:03:48 -0600 (CST) Received: from Dlmnet (root@www.cd-music.com [205.177.241.21]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id MAA00108 for ; Tue, 8 Dec 1998 12:57:18 -0600 (CST) Received: from pcnet (asc140.idsonline.com [207.176.21.140]) by Dlmnet (8.8.7/8.8.7) with SMTP id NAA01927; Tue, 8 Dec 1998 13:56:57 -0500 Message-Id: <3.0.5.32.19981208135407.008afea0@mail.lmnet.com> Date: Tue, 08 Dec 1998 13:54:07 -0500 Reply-To: webmaster@lmnet.com Sender: owner-wu-ftpd@wugate.wustl.edu From: William Henry To: Bernhard Rosenkraenzer Cc: wu-ftpd@wugate.wustl.edu Subject: Re: Better way to stop hammering??? In-Reply-To: References: <3.0.5.32.19981207000243.0082ac60@mail.lmnet.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Sender: bob@mail.lmnet.com X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.5 (32) X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN At 02:34 PM 12/8/98 +0100, Bernhard Rosenkraenzer wrote: >On Mon, 7 Dec 1998, William Henry wrote: > >> Is there a better way to deal with people who insist on attempting to >> connect to an FTP site every second for hours on end, then by placing them >> in a deny list that uses /usr/dict/words as the message? > >You can use the deny directive in ftphosts to block their IP... Maybe >they'll stop if they see they aren't even getting a connection. > Unfortunately, these appear to be some kind of unattended automated retrievals. They have a specific file/location they wish to recieve, and it won't stop until they've retrieved it. It's gotten so bad that I've actually had to manually manipulate ftpaccess to let them in and then move the real file to a temp file and create a small text file with off-color words in it, and put that in it's place. So now they successfully download a 40 or 50 byte file, and move on. Otherwise, it just never stops. It's probably about 1 to 3 per hour like this, there must be some absolutely inconsiderate ftp client developers out there making infinite-retry automated file transfer clients. William Henry webmaster@lmnet.com http://www.primeconsult.com From owner-wu-ftpd@wugate.wustl.edu Tue Dec 8 13:16:09 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id NAA29992; Tue, 8 Dec 1998 13:16:08 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id NAA21164; Tue, 8 Dec 1998 13:10:06 -0600 (CST) Received: from isk.de (manfred.remsmurr.de [194.97.228.5]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id NAA01496 for ; Tue, 8 Dec 1998 13:05:47 -0600 (CST) Received: (qmail 3974 invoked from network); 8 Dec 1998 19:05:38 -0000 Received: from unknown (HELO ) (194.97.228.128) by manfred.remsmurr.de with SMTP; 8 Dec 1998 19:05:38 -0000 Message-Id: Date: Tue, 8 Dec 1998 20:05:36 +0100 Reply-To: service@isk.de Sender: owner-wu-ftpd@wugate.wustl.edu From: Service ISK To: Gregory A Lundberg Cc: WU-FTPD Subject: Re: access denied probs !? References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: PostMe 2.0 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN >On Tue, 8 Dec 1998, Service ISK wrote: > >> Oooh NOOOOO. That doesn't work. Now all users can change in other >> directories! >> The "..././:..." in the passwd doesn't work more!? > >Of course it does. No, it doesn't (on my machine)! >Check the FAQ. > >Probably you don't have -a on the command line. I never had an "-a" in the command line and it worked. I tested with and without --> the same. >Or you forgot to kill -HUP inetd. I made it. >Or the users are not in the guest group. They are. >Or the guestgroup in the ftpaccess isn't there or names the wrong >group. >Or the daemon's using a different ftpaccess file than the one you're >editing. I didn't change the ftpd, the ftpaccess and there is no other ftpaccess on the machine! The ftpd is from an freebsd package and worked until now. >All this has NOTHING to do with /etc/ftphosts. If it doesn't work >now, it never worked before. You probably never checked. I check every installing new user and it worked always bevor !! Oh, I think that is a silly little problem wich isn't found in all the snow here. ;-) Sigi. >-- > >The location of the latest version of wu-ftpd can be found in the >directory > > ftp://ftp.academ.com/pub/wu-ftpd/private/ > >You can't see the directory contents, so read the message informing >you >of the actual filename to retrieve. It's there. > >wu-ftpd Resource Center: http://www.landfield.com/wu-ftpd/ >wu-ftpd FAQ: >http://www.cetis.hvu.nl/~koos/wu-ftpd-faq.html >wu-ftpd list archive: >http://www.landfield.com/wu-ftpd/mail-archive/ > >-- > >Gregory A Lundberg Senior Partner, VRnet Company >1441 Elmdale Drive lundberg+wuftpd@vr.net >Kettering, OH 45409-1615 USA 1-800-809-2195 > > From owner-wu-ftpd@wugate.wustl.edu Tue Dec 8 13:22:01 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id NAA00117; Tue, 8 Dec 1998 13:22:00 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id NAA28314; Tue, 8 Dec 1998 13:16:23 -0600 (CST) Received: from spook.navinet.net (spook.navinet.net [206.25.93.69]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id NAA00144 for ; Tue, 8 Dec 1998 13:10:36 -0600 (CST) Received: from forrie (black.navinet.net [206.25.93.86]) by spook.navinet.net (8.9.1/8.9.1) with SMTP id OAA52963; Tue, 8 Dec 1998 14:11:33 -0500 (EST) Message-Id: <4.1.19981208140919.00951290@206.25.93.69> Date: Tue, 08 Dec 1998 14:09:46 -0500 Reply-To: forrie@navinet.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Forrest Aldrich To: webmaster@lmnet.com, Bernhard Rosenkraenzer Cc: wu-ftpd@wugate.wustl.edu Subject: Re: Better way to stop hammering??? In-Reply-To: <3.0.5.32.19981208135407.008afea0@mail.lmnet.com> References: <3.0.5.32.19981207000243.0082ac60@mail.lmnet.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Sender: forrie@206.25.93.8 X-Mailer: QUALCOMM Windows Eudora Pro Version 4.1 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Someone is probably using NCFtp with the redial/reconnect option, set at low intervals. Forrest At 01:54 PM 12/8/98 -0500, William Henry wrote: >At 02:34 PM 12/8/98 +0100, Bernhard Rosenkraenzer wrote: >>On Mon, 7 Dec 1998, William Henry wrote: >> >>> Is there a better way to deal with people who insist on attempting to >>> connect to an FTP site every second for hours on end, then by placing them >>> in a deny list that uses /usr/dict/words as the message? >> >>You can use the deny directive in ftphosts to block their IP... Maybe >>they'll stop if they see they aren't even getting a connection. >> > >Unfortunately, these appear to be some kind of unattended automated >retrievals. They have a specific file/location they wish to recieve, and >it won't stop until they've retrieved it. > >It's gotten so bad that I've actually had to manually manipulate ftpaccess >to let them in and then move the real file to a temp file and create a >small text file with off-color words in it, and put that in it's place. So >now they successfully download a 40 or 50 byte file, and move on. >Otherwise, it just never stops. It's probably about 1 to 3 per hour like >this, there must be some absolutely inconsiderate ftp client developers out >there making infinite-retry automated file transfer clients. > > > > > > >William Henry >webmaster@lmnet.com >http://www.primeconsult.com From owner-wu-ftpd@wugate.wustl.edu Tue Dec 8 14:31:00 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id OAA01017; Tue, 8 Dec 1998 14:30:58 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id OAA12462; Tue, 8 Dec 1998 14:27:39 -0600 (CST) Received: from isk.de (manfred.remsmurr.de [194.97.228.5]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id OAA06728 for ; Tue, 8 Dec 1998 14:24:02 -0600 (CST) Received: (qmail 5929 invoked from network); 8 Dec 1998 20:24:04 -0000 Received: from unknown (HELO ) (194.97.228.128) by manfred.remsmurr.de with SMTP; 8 Dec 1998 20:24:04 -0000 Message-Id: Date: Tue, 8 Dec 1998 21:24:02 +0100 Reply-To: service@isk.de Sender: owner-wu-ftpd@wugate.wustl.edu From: Service ISK To: "WU-FTPD" Subject: names in ftphosts Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: PostMe 2.0 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN hello how do I have an volume name for more than one user in ftphosts? I have users like "cw..." and want only one entry in that file. "allow cw* *" doesn't work. Any idea? Regards Sigi. From owner-wu-ftpd@wugate.wustl.edu Tue Dec 8 14:43:24 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id OAA01160; Tue, 8 Dec 1998 14:43:23 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id OAA25616; Tue, 8 Dec 1998 14:40:21 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id OAA25917 for ; Tue, 8 Dec 1998 14:38:46 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id PAA09895; Tue, 8 Dec 1998 15:38:40 -0500 Message-Id: Date: Tue, 8 Dec 1998 15:38:40 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Service ISK Cc: WU-FTPD Subject: Re: names in ftphosts In-Reply-To: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Tue, 8 Dec 1998, Service ISK wrote: > how do I have an volume name for more than one user in ftphosts? I > have users like "cw..." and want only one entry in that file. "allow > cw* *" doesn't work. You are running 2.4, you should upgrade to 2.4.2 (beta-18). I don't know what 2.4 did. In beta-18 (certainly more advanced that 2.4) you can use either a full name or an asterisk ('*'). you cannot use globs (ie., 'cw*' meaning anything starting with 'cw'). Most of your problems will be solved by upgrading to 2.4.2 beta-18. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Tue Dec 8 19:35:36 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id TAA05324; Tue, 8 Dec 1998 19:35:34 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id TAA28187; Tue, 8 Dec 1998 19:31:48 -0600 (CST) Received: from airlink.com ([199.108.92.4]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id TAA04688 for ; Tue, 8 Dec 1998 19:26:52 -0600 (CST) Received: from [199.108.92.6] by airlink.com (SMTPD32-3.02) id A207F4800B6; Tue, 08 Dec 1998 17:27:35 -0800 Message-Id: <000001be2312$b7e08240$065c6cc7@dagobah.AirLink.com> Date: Tue, 8 Dec 1998 17:24:51 -0800 Reply-To: edwardb@AirLink.com Sender: owner-wu-ftpd@wugate.wustl.edu From: "Edward Baichtal" To: Subject: Reverse DNS... MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2377.0 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.2106.4 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN How do I turn off reverse DNS lookups in wu-ftpd? Or is this a function of Linux that I need to do? If so where is it (if you happen to know)? -------------------------- Edward Baichtal edwardb@AirLink.com http://www.airlink.com From owner-wu-ftpd@wugate.wustl.edu Wed Dec 9 07:59:39 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id HAA10672; Wed, 9 Dec 1998 07:59:38 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id HAA31887; Wed, 9 Dec 1998 07:54:03 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id HAA11015 for ; Wed, 9 Dec 1998 07:49:20 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id IAA16247; Wed, 9 Dec 1998 08:49:16 -0500 Message-Id: Date: Wed, 9 Dec 1998 08:49:16 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Edward Baichtal Cc: wu-ftpd@wugate.wustl.edu Subject: Re: Reverse DNS... In-Reply-To: <000001be2312$b7e08240$065c6cc7@dagobah.AirLink.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Tue, 8 Dec 1998, Edward Baichtal wrote: > How do I turn off reverse DNS lookups in wu-ftpd? Or is this a > function of Linux that I need to do? If so where is it (if you happen > to know)? If you're set up using tcpd (tcpwrappers) in your inetd.conf you can remove tcpd and eliminate one source of reverse-DNS lookups. The daemon itself does another set of reverse-DNS lookups. Running the standard beta-18 release, you cannot disable this. The VR-series includes a compile-time option to remove all DNS activity (forward and reverse). Removing reverse-DNS from the daemon disables all abilities to use machine names in ftpaccess and ftphosts and any security checks based upon name in the daemon. It was put in at the request of very busy FTP sites and should not be used unless you are *completely* aware of the risks involved. If you're just looking to eliminate a few dozen lines per hour of DNS messages from your bind, my recommendation would be to live with the log messages. If it's a particular site causing problems, notify the DNS admin for that site and have the problem corrected. Personally, I see a few thousand FTP-related DNS errors a day and ignore them. Mostly their lame deligations with a few responses from unexpected sources and the occassional NODATA. As long as the pattern stays as expected, I don't worry .. there's a lot of very messed up corporate and academic networks out there. I allow myself one-a-day to investigate fully and notify the DNS admin of the results; I find most admins are unaware of the problems and greatly appeciate the report and suggestions. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Wed Dec 9 09:06:02 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id JAA11292; Wed, 9 Dec 1998 09:06:01 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id JAA03339; Wed, 9 Dec 1998 09:02:41 -0600 (CST) Received: from baz.ch (mail.baz.ch [194.191.38.1]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id IAA15761 for ; Wed, 9 Dec 1998 08:59:14 -0600 (CST) Received: by baz-s-fw.baz.ch id <29574-1>; Wed, 9 Dec 1998 16:57:56 +0100 Message-Id: <98Dec9.165756gmt+0100.29574-1@baz-s-fw.baz.ch> Date: Wed, 9 Dec 1998 15:58:38 +0100 Reply-To: c.studer@baz.ch Sender: owner-wu-ftpd@wugate.wustl.edu From: "c.studer" To: wu-ftpd@wugate.wustl.edu Subject: solaris 2.6, ls -l, and guest Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Sender: c.studer@baz.ch X-Mailer: Windows Eudora Light Version 1.5.4 (32) X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Hi everybody, We have a Sun with solaris 2.6 and wu-ftpd beta 18 installed. When I log in with anonymous, I can make an ls -l and I get the File Names with permissions, owner, etc... But if I log in with a guest account, the ls -l brings me only the File Names. Does anybody know why? Claude Studer, Basler Zeitung, c.studer@baz.ch From owner-wu-ftpd@wugate.wustl.edu Wed Dec 9 09:18:55 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id JAA11421; Wed, 9 Dec 1998 09:18:54 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id JAA05262; Wed, 9 Dec 1998 09:15:50 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id JAA10394 for ; Wed, 9 Dec 1998 09:09:00 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id KAA17609; Wed, 9 Dec 1998 10:08:52 -0500 Message-Id: Date: Wed, 9 Dec 1998 10:08:52 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: "c.studer" Cc: wu-ftpd@wugate.wustl.edu Subject: Re: solaris 2.6, ls -l, and guest In-Reply-To: <98Dec9.165756gmt+0100.29574-1@baz-s-fw.baz.ch> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Wed, 9 Dec 1998, c.studer wrote: > We have a Sun with solaris 2.6 and wu-ftpd beta 18 installed. When I > log in with anonymous, I can make an ls -l and I get the File Names > with permissions, owner, etc... But if I log in with a guest account, > the ls -l brings me only the File Names. > > Does anybody know why? There are two 'ls' commands in FTP, LIST and NLST. LIST just lists files names and NLST looks like a real 'ls' output. The choise of which to run is left to the client. If you're sure the same command is being used, it is probably an incomplete setup of the guest area. See the FAQ. The location of the latest version of wu-ftpd can be found in the directory ftp://ftp.academ.com/pub/wu-ftpd/private/ You can't see the directory contents, so read the message informing you of the actual filename to retrieve. It's there. wu-ftpd Resource Center: http://www.landfield.com/wu-ftpd/ wu-ftpd FAQ: http://www.cetis.hvu.nl/~koos/wu-ftpd-faq.html wu-ftpd list archive: http://www.landfield.com/wu-ftpd/mail-archive/ -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Wed Dec 9 09:39:00 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id JAA11790; Wed, 9 Dec 1998 09:38:59 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id JAA16424; Wed, 9 Dec 1998 09:35:43 -0600 (CST) Received: from globespan1.net (p1.globespan.net [209.191.59.250]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id JAA32522 for ; Wed, 9 Dec 1998 09:29:03 -0600 (CST) Received: (qmail 29564 invoked from network); 9 Dec 1998 15:28:34 -0000 Received: from unknown (HELO globespan.net) (135.26.146.198) by p1.globespan.net with SMTP; 9 Dec 1998 15:28:34 -0000 Received: from patels.globespan.net by globespan.net (SMI-8.6/SMI-SVR4) id KAA19231; Wed, 9 Dec 1998 10:27:49 -0500 Received: by patels.globespan.net with Microsoft Mail id <01BE235F.2981CBB0@patels.globespan.net>; Wed, 9 Dec 1998 10:32:03 -0500 Message-Id: <01BE235F.2981CBB0@patels.globespan.net> Date: Wed, 9 Dec 1998 10:32:02 -0500 Reply-To: patels@globespan.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Shilpa Patel To: "wu-ftpd@wugate.wustl.edu" Subject: Installing wu-ftpd on FreeBSD MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by wugate.wustl.edu id JAA20835 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Hi, I had installed wu-ftpd on FreeBSD. I edited the inetd.conf file and made wu-ftpd pint to a different port. But if I try to telnet to that port from remote workstation, I can't connect. Can anybody please let me know where I have to make the changes ? Thanks, > Shilpa Patel From owner-wu-ftpd@wugate.wustl.edu Wed Dec 9 09:59:57 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id JAA12070; Wed, 9 Dec 1998 09:59:56 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id JAA23955; Wed, 9 Dec 1998 09:56:04 -0600 (CST) Received: from quartz.nbnet.nb.ca (quartz.nbnet.nb.ca [198.164.200.18]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id JAA00319 for ; Wed, 9 Dec 1998 09:54:45 -0600 (CST) Received: from asgtechnologies.com ([198.164.220.73]) by quartz.nbnet.nb.ca (Post.Office MTA v3.1.2 release (PO203-101c) ID# 607-54382U75000L75000S0V35) with ESMTP id AAA4245 for ; Wed, 9 Dec 1998 11:54:44 -0400 Message-Id: <366E9F37.980C31D1@asgtechnologies.com> Date: Wed, 09 Dec 1998 12:03:03 -0400 Reply-To: Cameron.Lemon@asgtechnologies.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Cameron Lemon To: wu-ftpd@wugate.wustl.edu Cc: "wu-ftpd@wugate.wustl.edu" Subject: Re: Installing wu-ftpd on FreeBSD References: <01BE235F.2981CBB0@patels.globespan.net> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="------------812E9480E2CFFA584463C653" X-Mailer: Mozilla 4.5 [en] (WinNT; I) X-Accept-Language: en X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN This is a multi-part message in MIME format. --------------812E9480E2CFFA584463C653 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Did you send the inetd a -HUP signal to have it re-read /etc/inetd.conf? Did you allocate new ports for both the control and data ports? Shilpa Patel wrote: > Hi, > > I had installed wu-ftpd on FreeBSD. I edited the inetd.conf file and made wu-ftpd pint to a different port. But if I try to telnet to that port from remote workstation, I can't connect. Can anybody please let me know where I have to make the changes ? > > Thanks, > > Shilpa Patel --------------812E9480E2CFFA584463C653 Content-Type: text/x-vcard; charset=us-ascii; name="Cameron.Lemon.vcf" Content-Transfer-Encoding: 7bit Content-Description: Card for Cameron Lemon Content-Disposition: attachment; filename="Cameron.Lemon.vcf" begin:vcard n:Lemon;Cameron tel;fax:506.460.5411 tel;work:506.460.5400 x-mozilla-html:FALSE url:www.asgtechnologies.com org:Atlantic Systems Group;Professional Services version:2.1 email;internet:Cameron.Lemon@asgtechnologies.com title:Systems & Network Architect adr;quoted-printable:;;Garland Court=0D=0AIncuTech Centre;Fredericton;New Brunswick;E3B 6C2;Canada fn:Cameron Lemon end:vcard --------------812E9480E2CFFA584463C653-- From owner-wu-ftpd@wugate.wustl.edu Wed Dec 9 10:07:24 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id KAA12175; Wed, 9 Dec 1998 10:07:23 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id KAA18840; Wed, 9 Dec 1998 10:02:24 -0600 (CST) Received: from globespan1.net (p1.globespan.net [209.191.59.250]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id KAA21807 for ; Wed, 9 Dec 1998 10:01:57 -0600 (CST) Received: (qmail 318 invoked from network); 9 Dec 1998 16:01:27 -0000 Received: from unknown (HELO globespan.net) (135.26.146.198) by p1.globespan.net with SMTP; 9 Dec 1998 16:01:27 -0000 Received: from patels.globespan.net by globespan.net (SMI-8.6/SMI-SVR4) id LAA23022; Wed, 9 Dec 1998 11:00:40 -0500 Received: by patels.globespan.net with Microsoft Mail id <01BE2363.BFB6B830@patels.globespan.net>; Wed, 9 Dec 1998 11:04:53 -0500 Message-Id: <01BE2363.BFB6B830@patels.globespan.net> Date: Wed, 9 Dec 1998 11:04:52 -0500 Reply-To: patels@globespan.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Shilpa Patel To: "'Cameron.Lemon@asgtechnologies.com'" , "wu-ftpd@wugate.wustl.edu" Subject: RE: Installing wu-ftpd on FreeBSD MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by wugate.wustl.edu id KAA29469 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN I allocated new ports for wu-ftd and restarted the inetd process again. Even, I rebooted the system. But didn't work. > Shilpa Patel -----Original Message----- From: Cameron Lemon [mailto:Cameron.Lemon@asgtechnologies.com] Sent: Wednesday, December 09, 1998 11:03 AM To: wu-ftpd@wugate.wustl.edu Cc: wu-ftpd@wugate.wustl.edu Subject: Re: Installing wu-ftpd on FreeBSD << File: Cameron.Lemon.vcf >> Did you send the inetd a -HUP signal to have it re-read /etc/inetd.conf? Did you allocate new ports for both the control and data ports? Shilpa Patel wrote: > Hi, > > I had installed wu-ftpd on FreeBSD. I edited the inetd.conf file and made wu-ftpd pint to a different port. But if I try to telnet to that port from remote workstation, I can't connect. Can anybody please let me know where I have to make the changes ? > > Thanks, > > Shilpa Patel From owner-wu-ftpd@wugate.wustl.edu Wed Dec 9 10:18:25 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id KAA12288; Wed, 9 Dec 1998 10:18:24 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id KAA28634; Wed, 9 Dec 1998 10:15:24 -0600 (CST) Received: from vortex.amorfhia.com.mx (amorfhia.amorfhia.com.mx [200.23.177.253]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id KAA31181 for ; Wed, 9 Dec 1998 10:13:07 -0600 (CST) Received: from aarroyo.amorfhia.com.mx ([200.23.177.250]) by vortex.amorfhia.com.mx (Netscape Mail Server v2.01) with ESMTP id AAA14269 for ; Wed, 9 Dec 1998 10:10:22 -0500 Message-Id: <366EA441.E12C6A95@vortex.amorfhia.com.mx> Date: Wed, 09 Dec 1998 10:24:35 -0600 Reply-To: aarroyo@amorfhia.com.mx Sender: owner-wu-ftpd@wugate.wustl.edu From: aarroyo@amorfhia.com.mx (Agustin Arroyo Sotomayor) To: wuftp list Subject: Help MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Mailer: Mozilla 4.01 [en] (Win95; I) X-Priority: 3 (Normal) X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN I can't unsubscribe from the Wu-ftpd list. Could some one please help me. Thanks. From owner-wu-ftpd@wugate.wustl.edu Wed Dec 9 12:09:24 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id MAA13710; Wed, 9 Dec 1998 12:09:23 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id MAA21580; Wed, 9 Dec 1998 12:05:58 -0600 (CST) Received: from sam.nic.com (nic.com [204.141.60.10]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id LAA25866 for ; Wed, 9 Dec 1998 11:59:23 -0600 (CST) Received: from localhost by sam.nic.com (8.9.1/8.9.1) with SMTP id NAA04637 for ; Wed, 9 Dec 1998 13:00:59 -0500 (EST) Message-Id: Date: Wed, 9 Dec 1998 13:00:55 -0500 (EST) Reply-To: dave@nic.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Dave Wreski To: wuftpd list Subject: passive mode questions MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Hi all. I'm currently using wu-ftpd-2.4beta17, and have a question about passive mode. If I have web browser clients, I require passive mode, correct? Passive mode is also the preferred method, because it allows the server to define the ports available, correct? It seems using passive mode I can create a form of denial-of-service by repeatedly making a passive mode connection. Is anyone familiar with this problem, and how can it be fixed? Thanks, Dave From owner-wu-ftpd@wugate.wustl.edu Wed Dec 9 13:00:06 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id NAA14522; Wed, 9 Dec 1998 13:00:05 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id MAA07641; Wed, 9 Dec 1998 12:57:03 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id MAA12986 for ; Wed, 9 Dec 1998 12:56:05 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id NAA20119; Wed, 9 Dec 1998 13:55:50 -0500 Message-Id: Date: Wed, 9 Dec 1998 13:55:49 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Shilpa Patel Cc: "wu-ftpd@wugate.wustl.edu" Subject: RE: Installing wu-ftpd on FreeBSD In-Reply-To: <01BE2363.BFB6B830@patels.globespan.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Wed, 9 Dec 1998, Shilpa Patel wrote: > I allocated new ports for wu-ftd and restarted the inetd process > again. Even, I rebooted the system. But didn't work. > > > I had installed wu-ftpd on FreeBSD. I edited the inetd.conf file and > > made wu-ftpd pint to a different port. But if I try to telnet to > > that port from remote workstation, I can't connect. Can anybody > > please let me know where I have to make the changes ? In /etc/services, add a line, for instance: wuftpd-data 200/tcp # Data port for WU-FTPD wuftpd 201/tcp # WU-FTPD testing Notice you need two ports for FTP. This may, or may not, work to allocate the data port since the daemon has a long-standing issue on the mailing list about that. There's a feature in VR11 which allows you to specify the ports on the command line. I believe BeroFTPD also has this feature. In /etc/inetd.conf, add a line, for instance: wuftpd stream tcp nowait root /pathto/wuftpd/bin/ftpd -l -a The exact syntax for the inetd.conf line caries from system to system. The above works for Redhat 4.2 Tell inetd to reload inetd.conf: killall -HUP inetd TELNET to the new control port and test it out in raw FTP: telnet localhost wuftpd 220 ftp.vr.net FTP server ready. USER ftp 331 Guest login ok, send your complete e-mail address as password. PASS root@ 230 Guest login ok, access restrictions apply. STAT 211-ftp.vr.net FTP server status: Version wu-2.4.2-academ[BETA-18-VR10](1) Fri Oct 30 14:34:21 EST 1998 Connected to localhost (127.0.0.1) Logged in anonymously TYPE: ASCII, FORM: Nonprint; STRUcture: File; transfer MODE: Stream No data connection 0 data bytes received in 0 files 0 data bytes transmitted in 0 files 0 data bytes total in 0 files 28 traffic bytes received in 0 transfers 567 traffic bytes transmitted in 0 transfers 644 traffic bytes total in 0 transfers 211 End of status QUIT 221-You have transferred 0 bytes in 0 files. 221-Total traffic for this session was 754 bytes in 0 transfers. 221-Thank you for using the FTP service on ftp.vr.net. 221 Goodbye. Connection closed by foreign host. The command line FTP client which came with my Radhat 4.2 doesn't understand named ports on the command line, but does understand numeric ports. ftp localhost 201 Connected to localhost. 220 ftp.vr.net FTP server ready. Name (localhost:lundberg): ftp 331 Guest login ok, send your complete e-mail address as password. Password: 230 Guest login ok, access restrictions apply. Remote system type is UNIX. Using binary mode to transfer files. ftp> ls 200 PORT command successful. 150 Opening ASCII mode data connection for /bin/ls. total 8 dr-xr-xr-x 7 root root 1024 Nov 13 15:13 . dr-xr-xr-x 7 root root 1024 Nov 13 15:13 .. -r--r--r-- 1 root root 13 Jun 9 1998 .forward -r--r--r-- 1 root root 0 Jun 9 1998 .notar -r--r--r-- 1 root root 0 Jun 9 1998 .rhosts d--x--x--x 3 root root 1024 Sep 14 16:40 bin d--x--x--x 2 root root 1024 Nov 13 15:13 etc drwxrws-wx 2 vrnet vrnet 1024 Oct 8 00:43 incoming drwxrws--t 9 vrnet vrnet 1024 Aug 18 21:30 private drwxrwsr-t 4 vrnet vrnet 1024 Aug 15 15:04 pub 226 Transfer complete. ftp> quit 221-You have transferred 0 bytes in 0 files. 221-Total traffic for this session was 996 bytes in 1 transfers. 221-Thank you for using the FTP service on ftp.vr.net. 221 Goodbye. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Wed Dec 9 13:26:30 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id NAA14851; Wed, 9 Dec 1998 13:26:29 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id NAA19808; Wed, 9 Dec 1998 13:22:53 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id NAA19415 for ; Wed, 9 Dec 1998 13:18:58 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id OAA20360; Wed, 9 Dec 1998 14:18:52 -0500 Message-Id: Date: Wed, 9 Dec 1998 14:18:51 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Dave Wreski Cc: wuftpd list Subject: Re: passive mode questions In-Reply-To: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Wed, 9 Dec 1998, Dave Wreski wrote: > Hi all. I'm currently using wu-ftpd-2.4beta17, and have a question > about passive mode. If I have web browser clients, I require passive > mode, correct? Passive mode is also the preferred method, because it > allows the server to define the ports available, correct? You are correct, most web broswers only support PASV mode. As an FTP site administrator, you prefer PASV mode because your server cannot be used to attack other servers with it. for that reason, WU-FTPD does not allow PORT to instruct the server to connect back to any machine other than the machine issuing the PORT command. The daemon and the protocol actually do not really care which method is used. The server does not 'define' the ports available, however. It simply asks the system to give it a client port to listen on. On most systems that port number is randomly chosen (making a DoS difficult) but on some it's sequentially chosen and an attacker can predict which port will be next used for a PASV connection. The attacker can then steal the connection to send/receive whatever the client/victim was doing. There is an extension in the VR-series (and in BeroFTPD) which allow the admin to restrict the range of ports chosen for PASV mode. This is intended to make the range smaller to easy firewall administration. Currently, the code in VR uses a linear search and is, therefore, vulnerable socket stealing. I have an improved random-selection scheme in hand but have not had time yet to code it up. > It seems using passive mode I can create a form of denial-of-service > by repeatedly making a passive mode connection. Is anyone familiar > with this problem, and how can it be fixed? I'm not sure what you're asking here. If you mean you can steal the PASV port; yes, on some systems, you can. That's not a DoS, though. If you mean repeatedly issuing a PASV command to the server; no, you should not be able to create a DoS. The deamon closes the previous port prior to honoring the new PASV command, freeing that resource back to the system. I've tested this on Linux and the port is freed very quickly, it does not hang about in a TCP WAIT state. I imagine it's possible to issues a large number of STOR/PASV or RETR/PASV sequences with sufficiently short files that you may have a number of sockets laying about in TCP WAIT but, at least on my Linux system, I have been unable to cause and significant backlog of such sockets. Some time ago, running a much older Linux kernel, I was able to force resource starvation due to bugs in the TCP WAIT state. I saw this more with HTTP sockets than FTP, and the problem was corrected by the time I upgraded to Redhat 4.2 All of my testing has been on Beta-18 and with the VR patches. I have never tried these tests against Beta-17. I imaging it's possible (although unlikely) there's a problem with the PASV mode in earlier versions. There are a few patches in the VR sets which address some issues concerning port openning/closing for both PORT and PASV mode. these patches, however, were to correct sequencing (especially when switching between the two modes) so the report for the STAT command was correct. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Wed Dec 9 14:17:39 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id OAA16067; Wed, 9 Dec 1998 14:17:39 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id OAA01289; Wed, 9 Dec 1998 14:14:35 -0600 (CST) Received: from airlink.com ([199.108.92.4]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id OAA27048 for ; Wed, 9 Dec 1998 14:12:13 -0600 (CST) Received: from [199.108.92.6] by airlink.com (SMTPD32-3.02) id A9E7FF600A2; Wed, 09 Dec 1998 12:13:27 -0800 Message-Id: <001801be23af$fe569a50$065c6cc7@dagobah.AirLink.com> Date: Wed, 9 Dec 1998 12:10:40 -0800 Reply-To: edwardb@AirLink.com Sender: owner-wu-ftpd@wugate.wustl.edu From: "Edward Baichtal" To: Subject: Mixing old server with new... MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2377.0 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.2106.4 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN If I take wu-ftpd 2.4.2 Beta 17, and replace the in.ftpd executable with VR 11, will I have to change other files too, like ftpaccess, etc.? Are there obsolete things in those files that might make VR 11 complain? -------------------------- Edward Baichtal edwardb@AirLink.com http://www.airlink.com From owner-wu-ftpd@wugate.wustl.edu Wed Dec 9 15:35:43 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id PAA16932; Wed, 9 Dec 1998 15:35:42 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id PAA21542; Wed, 9 Dec 1998 15:32:20 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id PAA21780 for ; Wed, 9 Dec 1998 15:26:26 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id QAA21361; Wed, 9 Dec 1998 16:26:13 -0500 Message-Id: Date: Wed, 9 Dec 1998 16:26:13 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Edward Baichtal Cc: wu-ftpd@wugate.wustl.edu Subject: Re: Mixing old server with new... In-Reply-To: <001801be23af$fe569a50$065c6cc7@dagobah.AirLink.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Wed, 9 Dec 1998, Edward Baichtal wrote: > If I take wu-ftpd 2.4.2 Beta 17, and replace the in.ftpd executable > with VR 11, will I have to change other files too, like ftpaccess, > etc.? Are there obsolete things in those files that might make VR 11 > complain? You should be able to drop VR11 in in place of Beta-17 or Beta-18 without trouble. There were no features obsoleted and removed in the VR-series. A few new features do render some other, older features, rather meaningless, but support for those older features remains in full. Some sites will have problems with the VR-series' insistence upon full pathnames. Places to look for problems are upload clauses and log analysis scripts. Upload clauses tend to be the biggest source of problems. I believe the current (beta-18) man page for ftpaccess does not jibe with the actual implementation; I strived to correct what I saw as the abiguities. Sites that will have problems will most likely be those that had upload clauses which appeared correct (by the maan page) yet didn't actually do what was intended. As always, careful testing to see the upload clauses work properly is warranted. Another issue is to make sure the guest/anonymous ftp areas are internally consistent. By that, I mean, the local etc/passwd files should show home directories within the confines of the chroot'd environment. This has always been the case, but a few of the VR features are more critical of problems in this area. Generally, you shouldn't simply copy your master /etc/passwd into each area if for no other reason than it exposes the underlying file system layout to people within the confines of the chroot'd area. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Thu Dec 10 10:23:07 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id KAA29635; Thu, 10 Dec 1998 10:23:06 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id KAA10362; Thu, 10 Dec 1998 10:17:24 -0600 (CST) Received: from hahp9k.harte-lyne.ca (hahp9k.harte-lyne.ca [209.47.131.101]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id KAA24784 for ; Thu, 10 Dec 1998 10:05:38 -0600 (CST) Received: from u01 (hal_ham_g01_u01.harte-lyne.ca [209.47.131.111]) by hahp9k.harte-lyne.ca (8.8.7/8.8.7) with SMTP id LAA11209 for ; Thu, 10 Dec 1998 11:07:31 -0500 (EST) Message-Id: <199812101607.LAA11209@hahp9k.harte-lyne.ca> Date: Thu, 10 Dec 1998 11:00:03 -0500 Reply-To: byrnejb@harte-lyne.ca Sender: owner-wu-ftpd@wugate.wustl.edu From: "James B. Byrne" To: wu-ftpd@wugate.wustl.edu Subject: SSLeay and wu-ftp In-Reply-To: MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT X-pmrqc: 1 X-mailer: Pegasus Mail for Win32 (v3.01b) X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Is there a method of including SSL support in wu-ftp or has someone already done this? This is an emerging requirement for me and I am vague on the details of SSL. We currently run wu-ftp 2.4b18 with Kent Landfield's NEWVIRT_050 patches. Is it possible (practical? easy?) to add SSL support to wu-ftp? I presume that such support would also require a modified client? Does NS-4.x or MS-IE 4.x have an SSL ftp client? What I really need is someone to take a few minutes and tell me what I am headed for and whether this is at all possible or useful. Regards, Jim --- James B. Byrne Harte & Lyne Limited vox: +1 905 561 1241 9 Brockley Drive fax: +1 905 561 0757 Hamilton, Ontario mailto:byrnejb@harte-lyne.ca Canada L8E 3C3 From owner-wu-ftpd@wugate.wustl.edu Thu Dec 10 10:42:40 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id KAA29826; Thu, 10 Dec 1998 10:42:39 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id KAA05134; Thu, 10 Dec 1998 10:39:30 -0600 (CST) Received: from krjda.com (webserver.krjda.com [204.249.105.134] (may be forged)) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id KAA21225 for ; Thu, 10 Dec 1998 10:31:15 -0600 (CST) Received: from krjda.com [204.249.105.150] by krjda.com with Novonyx SMTP Server $Revision: 1.76 $; Thu, 10 Dec 1998 11:30:44 -0500 (EDT) Message-Id: <366FF732.889AD702@krjda.com> Date: Thu, 10 Dec 1998 11:30:43 -0500 Reply-To: bdelph@krjda.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Bill Delphenich To: Wu ftpd List Subject: Partition recommendations MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Sender: bdelph X-Mailer: Mozilla 4.5C-Caldera [en] (X11; I; Linux 2.0.35 i686) X-Accept-Language: en X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN What are the recommendations of this group for partitioning of a hard disk that will be used as an F TP and a Web server? I have a 4.5 GB SCSI hard disk and I'm starting over from scratch, running Caldera OpenLinux v1.3. I assume that I will want /home on its own partition. Thanks. From owner-wu-ftpd@wugate.wustl.edu Thu Dec 10 10:57:07 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id KAA29938; Thu, 10 Dec 1998 10:57:06 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id KAA01099; Thu, 10 Dec 1998 10:52:33 -0600 (CST) Received: from quartz.nbnet.nb.ca (quartz.nbnet.nb.ca [198.164.200.18]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id KAA11227 for ; Thu, 10 Dec 1998 10:50:46 -0600 (CST) Received: from asgtechnologies.com ([198.164.220.73]) by quartz.nbnet.nb.ca (Post.Office MTA v3.1.2 release (PO203-101c) ID# 607-54382U75000L75000S0V35) with ESMTP id AAA11219 for ; Thu, 10 Dec 1998 12:50:45 -0400 Message-Id: <366FFDE8.4BEBDF96@asgtechnologies.com> Date: Thu, 10 Dec 1998 12:59:20 -0400 Reply-To: Cameron.Lemon@asgtechnologies.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Cameron Lemon To: Wu ftpd List Subject: Re: Partition recommendations References: <366FF732.889AD702@krjda.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="------------C02BAEAD97324D4D8BD2151B" X-Mailer: Mozilla 4.5 [en] (WinNT; I) X-Accept-Language: en X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN This is a multi-part message in MIME format. --------------C02BAEAD97324D4D8BD2151B Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit In summary form, the following partitions should be defined. The sizes of these slices naturally will differ depending on the OS and amount of OS installed. Also, a firewall would not have all of the extra filesystems [ from /local on down ], but an FTP and/or WEB server may have all of these plus a few others [ /data/ ]. My .02 cents worth. Cameron / swap /usr /var /local /opt or /local/apps /data/ftp /data /data/ /home Bill Delphenich wrote: > What are the recommendations of this group for partitioning of a hard > disk that will be used as an F TP and a Web server? > I have a 4.5 GB SCSI hard disk and I'm starting over from scratch, > running Caldera OpenLinux v1.3. > > I assume that I will want /home on its own partition. > > Thanks. --------------C02BAEAD97324D4D8BD2151B Content-Type: text/x-vcard; charset=us-ascii; name="Cameron.Lemon.vcf" Content-Transfer-Encoding: 7bit Content-Description: Card for Cameron Lemon Content-Disposition: attachment; filename="Cameron.Lemon.vcf" begin:vcard n:Lemon;Cameron tel;fax:506.460.5411 tel;work:506.460.5400 x-mozilla-html:FALSE url:www.asgtechnologies.com org:Atlantic Systems Group;Professional Services version:2.1 email;internet:Cameron.Lemon@asgtechnologies.com title:Systems & Network Architect adr;quoted-printable:;;Garland Court=0D=0AIncuTech Centre;Fredericton;New Brunswick;E3B 6C2;Canada fn:Cameron Lemon end:vcard --------------C02BAEAD97324D4D8BD2151B-- From owner-wu-ftpd@wugate.wustl.edu Thu Dec 10 11:22:32 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id LAA00220; Thu, 10 Dec 1998 11:22:31 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id LAA13865; Thu, 10 Dec 1998 11:19:07 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id LAA03953 for ; Thu, 10 Dec 1998 11:15:33 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id MAA27539; Thu, 10 Dec 1998 12:15:21 -0500 Message-Id: Date: Thu, 10 Dec 1998 12:15:21 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Bill Delphenich Cc: Wu ftpd List Subject: Re: Partition recommendations In-Reply-To: <366FF732.889AD702@krjda.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Thu, 10 Dec 1998, Bill Delphenich wrote: > What are the recommendations of this group for partitioning of a hard > disk that will be used as an F TP and a Web server? I have a 4.5 GB > SCSI hard disk and I'm starting over from scratch, running Caldera > OpenLinux v1.3. > > I assume that I will want /home on its own partition. Root partition: / Temporary files, world-writable directories: /tmp /var/tmp If users will have homes on the machine: /home If your anonymous FTP site will allow uploads: /home/ftp/incoming If you'll be running sendmail: /var/spool/mqueue If users will have local Unix mailboxes on the machine: /var/spool/mail The basic phylosophy is that you have a separate partition for each class of service which is world-writable, or user-writable. The idea is to protect the machine from abuse in these various areas. The root partition should contain only things which do not change (or at least, not often). It should be as small as practical, allowing some room for growth. Personally, I use a completely different spindle for the /home. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Thu Dec 10 11:41:45 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id LAA00401; Thu, 10 Dec 1998 11:41:44 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id LAA19807; Thu, 10 Dec 1998 11:38:02 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id LAA11017 for ; Thu, 10 Dec 1998 11:31:36 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id MAA27710; Thu, 10 Dec 1998 12:31:29 -0500 Message-Id: Date: Thu, 10 Dec 1998 12:31:29 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: "James B. Byrne" Cc: wu-ftpd@wugate.wustl.edu Subject: Re: SSLeay and wu-ftp In-Reply-To: <199812101607.LAA11209@hahp9k.harte-lyne.ca> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Thu, 10 Dec 1998, James B. Byrne wrote: > Is there a method of including SSL support in wu-ftp or has someone > already done this? > > This is an emerging requirement for me and I am vague on the details > of SSL. We currently run wu-ftp 2.4b18 with Kent Landfield's > NEWVIRT_050 patches. Is it possible (practical? easy?) to add SSL > support to wu-ftp? I presume that such support would also require a > modified client? Does NS-4.x or MS-IE 4.x have an SSL ftp client? > > What I really need is someone to take a few minutes and tell me what I > am headed for and whether this is at all possible or useful. I believe someone has done this to an FTP server (either WU-FTPD or the old BSD FTPD) and the BSD-ish client. I do not recall where I ran across it, probably in the mailing list archives, maybe on a web search. The details of SSL are available at the Netscape site. They're not for the faint of heart. Yes, it's possible to do. I doubt it will be easy. Yes, it will require a modified client. No, that won't be easy either. I do not know about the web browsers' support for FTP with SSL. I'd be a little surprised if any support it. You will want to be very careful with how you deploy SSL, especially with respect to Canadian international boarders and foreign laws. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Thu Dec 10 11:48:06 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id LAA00469; Thu, 10 Dec 1998 11:48:05 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id LAA24187; Thu, 10 Dec 1998 11:44:43 -0600 (CST) Received: from scruz.net (nic.scruz.net [165.227.1.2]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id LAA00506 for ; Thu, 10 Dec 1998 11:42:26 -0600 (CST) Received: from artwork (artwork.com [205.179.74.1]) by scruz.net (8.8.5/1.34) with SMTP id JAA29667 for ; Thu, 10 Dec 1998 09:42:21 -0800 (PST) Received: from asmsc15 by artwork (4.1/SMI-4.1) id AA00212; Thu, 10 Dec 98 09:56:54 PST Message-Id: <3.0.2.32.19981210093851.009891e0@artwork.com> Date: Thu, 10 Dec 1998 09:38:51 -0800 Reply-To: steve@artwork.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Steve DiBartolomeo To: wu-ftpd@wugate.wustl.edu Subject: How to time out dead ftpd processes Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Sender: steve@artwork.com X-Mailer: QUALCOMM Windows Eudora Light Version 3.0.2 (32) X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Having a problem with incoming ftp connections that don't do anything and tie up my system. I am running an anonymous ftp server on SunOS 4.1 (Sparc 2 with 64M ram). Because we have only a 128K ISDN connection I have limited the max number of concurrent users to 4. Most of my clients download data via a WEB browser - typical file size is 1-6 MB and generally no connection lasts more than an hour. Here is the approriate line in my ftpaccess file: class all real,anonymous * limit all 4 Any /etc/msgs/msg.dead In the last weeks we're getting lots of emails telling us that the ftp login is denied. It turns out that someone seems to be logging in multiple times over a few minutes until the max is reached. The connections are never closed but no data is transferred. Here is a typical process summary ...... $ ps -auxw | grep ftpd ftp 27247 0.0 0.0 816 0 ? IW 16:56 0:00 -xxx.75.223.1: anonymous/IE30User@: R (ftpd) ftp 27250 0.0 0.0 816 0 ? IW 16:57 0:00 -xxx.75.223.1: anonymous/IE30User@: R (ftpd) ftp 27251 0.0 0.0 816 0 ? IW 16:58 0:00 -xxx.75.223.1: anonymous/IE30User@: R (ftpd) ftp 27249 0.0 0.0 816 0 ? IW 16:57 0:00 -xxx.75.223.1: anonymous/IE30User@: R (ftpd) ftp 27243 0.0 0.0 816 0 ? IW 16:55 0:00 -xxx.75.223.1: anonymous/IE30User@: R (ftpd) As you can see the same guy hit the ftp server 5 times within 3 minutes - the xferlog shows that no files were transferred. (I've xxx'd out part of his IP address) I kill all the processes and things are OK again for a while. Then the next day the problem gets repeated. Short of removing the max limit and cleaning up the dead processes regularly is there a way to deal with this? If I add deny xxx.75.223.1 to the ftpaccess file will this at least prevent this guy from locking up my system? The last few incidences have always been the same IP address.... Is there a way to time out any connection that has not transferred data say in 5 minutes? Steve DiBartolomeo T (831) 426-6163 Applications Manager F (831) 426-2824 Artwork Conversion Software, Inc. steve@artwork.com Santa Cruz, CA 95060 http://www.artwork.com From owner-wu-ftpd@wugate.wustl.edu Thu Dec 10 13:12:15 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id NAA01512; Thu, 10 Dec 1998 13:12:14 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id NAA24841; Thu, 10 Dec 1998 13:08:52 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id NAA17055 for ; Thu, 10 Dec 1998 13:05:42 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id OAA28573; Thu, 10 Dec 1998 14:05:23 -0500 Message-Id: Date: Thu, 10 Dec 1998 14:05:23 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Steve DiBartolomeo Cc: wu-ftpd@wugate.wustl.edu Subject: Re: How to time out dead ftpd processes In-Reply-To: <3.0.2.32.19981210105010.0098c380@artwork.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Thu, 10 Dec 1998, Steve DiBartolomeo wrote: > In reply to my message about timing out dead processes you wrote: > > ------------------------------------------------------------------------- > Set the idle time limit down. Sayeth 'man ftpd': > > The ftp server will timeout an inactive session after 15 minutes. > If the -t option is specified, the inactivity timeout period will > be set to timeout seconds. A client may also request a different > timeout period; the maximum period allowed may be set to timeout > seconds with the -T option. The default limit is 2 hours. > > ------------------------------------------------------------------------- > > Thanks, but this begs the question: > > 1. why, if the default idle is 15 minutes, does this guy not get knocked > off after 15 minutes? In most cases these processes remain alive > indefinitely until I manually kill them. But are they idle all that time? I think not. > 2. If the max default timeout -T = 2hours why isn't this guy knocked > off after two hours? Is it possible he keeps sending commands from > time to time.? Almost certainly. Either he does or he's going through a proxy which does for him. I've seen a bit of that, increasingly, recently. > 3. Is there anyway I can determine if a client is sending a very > large timeout period himself? The -T limits the very-large-ness the client may set. What you didn't give in your first posting was the version you're running. There are some bugs in some older versions (circa beta-8 through beta-12) which left phantoms laying arround. If you're not running beta-18, upgrade to that version. If you're running beta-18, then the guy is probably sending a NOOP every few whiles to prevent the timeout. The VR-series includes an option (on by default) to deny NOOP reseting the timeout limits. It also includes a total-connect-time limit which you can configure in the ftpaccess file. Current version is WU-FTPD 2.4.2 (beta-18) VR11, available from: ftp://ftp.vr.net/pub/wu-ftpd/ with several pre-compiled binaries available. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Thu Dec 10 13:18:53 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id NAA01558; Thu, 10 Dec 1998 13:18:52 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id NAA24170; Thu, 10 Dec 1998 13:15:34 -0600 (CST) Received: from rte.com (mail.rte.com [207.10.95.11]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id NAA28927 for ; Thu, 10 Dec 1998 13:09:59 -0600 (CST) Received: from rte.com by rte.com (SMI-8.6/SMI-SVR4) id NAA20012; Thu, 10 Dec 1998 13:23:35 -0500 Message-Id: <3670133A.8EE69B53@rte.com> Date: Thu, 10 Dec 1998 13:30:18 -0500 Reply-To: scott_mackay@mail.rte.com Sender: owner-wu-ftpd@wugate.wustl.edu From: "Scott D. MacKay" To: wu-ftp Subject: Re: How to time out dead ftpd processes References: <3.0.2.32.19981210093851.009891e0@artwork.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Sender: sdm@mail.rte.com X-Mailer: Mozilla 4.5 [en] (X11; I; SunOS 5.5 sun4m) X-Accept-Language: en X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN S > > $ ps -auxw | grep ftpd > > ftp 27247 0.0 0.0 816 0 ? IW 16:56 0:00 -xxx.75.223.1: anonymous/IE30User@: R (ftpd) > ftp 27250 0.0 0.0 816 0 ? IW 16:57 0:00 -xxx.75.223.1: anonymous/IE30User@: R (ftpd) > ftp 27251 0.0 0.0 816 0 ? IW 16:58 0:00 -xxx.75.223.1: anonymous/IE30User@: R (ftpd) > ftp 27249 0.0 0.0 816 0 ? IW 16:57 0:00 -xxx.75.223.1: anonymous/IE30User@: R (ftpd) > ftp 27243 0.0 0.0 816 0 ? IW 16:55 0:00 -xxx.75.223.1: anonymous/IE30User@: R (ftpd) > > As you can see the same guy hit the ftp server 5 times within 3 minutes - the xferlog shows > that no files were transferred. (I've xxx'd out part of his IP address) I kill all the processes > and things are OK again for a while. Then the next day the problem gets repeated. > > Short of removing the max limit and cleaning up the dead processes regularly is there a way to > deal with this? Actually, a nice feature would be to limit # connections from 1 IP..... > > ------------------------- | Scott MacKay : Postmaster | sdm@rte.com | postmaster@rte.com | ICQ 12191982 | (716) 383-1290 | Real Time Enterprises, Pittsford NY | -Electronic Document Imaging-System Integration-Software Development- | 'The opinions shared here only reflect the poster's | views and may not reflect the views of the company.' From owner-wu-ftpd@wugate.wustl.edu Thu Dec 10 13:22:23 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id NAA01601; Thu, 10 Dec 1998 13:22:22 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id NAA30449; Thu, 10 Dec 1998 13:19:10 -0600 (CST) Received: from scruz.net (nic.scruz.net [165.227.1.2]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id NAA17561 for ; Thu, 10 Dec 1998 13:12:55 -0600 (CST) Received: from artwork (artwork.com [205.179.74.1]) by scruz.net (8.8.5/1.34) with SMTP id KAA10137; Thu, 10 Dec 1998 10:53:42 -0800 (PST) Received: from asmsc15 by artwork (4.1/SMI-4.1) id AA00386; Thu, 10 Dec 98 11:08:13 PST Message-Id: <3.0.2.32.19981210105010.0098c380@artwork.com> Date: Thu, 10 Dec 1998 10:50:10 -0800 Reply-To: steve@artwork.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Steve DiBartolomeo To: lundberg+wuftpd@vr.net Cc: wu-ftpd@wugate.wustl.edu Subject: Re: How to time out dead ftpd processes Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Sender: steve@artwork.com X-Mailer: QUALCOMM Windows Eudora Light Version 3.0.2 (32) X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN In reply to my message about timing out dead processes you wrote: ------------------------------------------------------------------------- Set the idle time limit down. Sayeth 'man ftpd': The ftp server will timeout an inactive session after 15 minutes. If the -t option is specified, the inactivity timeout period will be set to timeout seconds. A client may also request a different timeout period; the maximum period allowed may be set to timeout seconds with the -T option. The default limit is 2 hours. ------------------------------------------------------------------------- Thanks, but this begs the question: 1. why, if the default idle is 15 minutes, does this guy not get knocked off after 15 minutes? In most cases these processes remain alive indefinitely until I manually kill them. 2. If the max default timeout -T = 2hours why isn't this guy knocked off after two hours? Is it possible he keeps sending commands from time to time.? 2. Is there anyway I can determine if a client is sending a very large timeout period himself? Steve DiBartolomeo T (831) 426-6163 Applications Manager F (831) 426-2824 Artwork Conversion Software, Inc. steve@artwork.com Santa Cruz, CA 95060 http://www.artwork.com From owner-wu-ftpd@wugate.wustl.edu Thu Dec 10 13:31:46 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id NAA01738; Thu, 10 Dec 1998 13:31:45 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id NAA31083; Thu, 10 Dec 1998 13:28:34 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id NAA12965 for ; Thu, 10 Dec 1998 13:24:28 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id OAA28729; Thu, 10 Dec 1998 14:23:59 -0500 Message-Id: Date: Thu, 10 Dec 1998 14:23:59 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: "Scott D. MacKay" Cc: wu-ftp Subject: Re: How to time out dead ftpd processes In-Reply-To: <3670133A.8EE69B53@rte.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Thu, 10 Dec 1998, Scott D. MacKay wrote: > Actually, a nice feature would be to limit # connections from 1 > IP..... That's been on Stan's TODO for a couple years now. Actually, it's about 3 items down on my TODO for the VR-series, so I'll probably be getting to in in a month or so (no promises, though .. watch for the announcement). -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Thu Dec 10 13:50:47 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id NAA01958; Thu, 10 Dec 1998 13:50:46 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id NAA09753; Thu, 10 Dec 1998 13:47:26 -0600 (CST) Received: from mail.vr.net (root@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id NAA06535 for ; Thu, 10 Dec 1998 13:43:42 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id NAA28298; Thu, 10 Dec 1998 13:26:26 -0500 Message-Id: Date: Thu, 10 Dec 1998 13:26:25 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Steve DiBartolomeo Cc: wu-ftpd@wugate.wustl.edu Subject: Re: How to time out dead ftpd processes In-Reply-To: <3.0.2.32.19981210093851.009891e0@artwork.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Thu, 10 Dec 1998, Steve DiBartolomeo wrote: > Having a problem with incoming ftp connections that don't do anything > and tie up my system. > > I am running an anonymous ftp server on SunOS 4.1 (Sparc 2 with 64M > ram). Because we have only a 128K ISDN connection I have limited the > max number of concurrent users to 4. Most of my clients download data > via a WEB browser - typical file size is 1-6 MB and generally no > connection lasts more than an hour. > > In the last weeks we're getting lots of emails telling us that the ftp > login is denied. It turns out that someone seems to be logging in > multiple times over a few minutes until the max is reached. The > connections are never closed but no data is transferred. > > As you can see the same guy hit the ftp server 5 times within 3 > minutes - the xferlog shows that no files were transferred. (I've > xxx'd out part of his IP address) I kill all the processes and things > are OK again for a while. Then the next day the problem gets repeated. > > Short of removing the max limit and cleaning up the dead processes > regularly is there a way to deal with this? > > Is there a way to time out any connection that has not transferred > data say in 5 minutes? Set the idle time limit down. Sayeth 'man ftpd': The ftp server will timeout an inactive session after 15 minutes. If the -t option is specified, the inactivity timeout period will be set to timeout seconds. A client may also request a different timeout period; the maximum period allowed may be set to timeout seconds with the -T option. The default limit is 2 hours. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Thu Dec 10 13:57:47 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id NAA02016; Thu, 10 Dec 1998 13:57:46 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id NAA32008; Thu, 10 Dec 1998 13:53:52 -0600 (CST) Received: from oscar.tvdata.com (oscar.tvdata.com [204.97.140.252]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id NAA27127 for ; Thu, 10 Dec 1998 13:46:04 -0600 (CST) Received: (from daemon@localhost) by oscar.tvdata.com (8.6.9/8.6.9) id OAA08728 for ; Thu, 10 Dec 1998 14:45:32 -0500 Received: from emmy.tvdata.com(172.16.10.253), claiming to be "emmy" via SMTP by oscar.tvdata.com, id smtpdAAAa08726; Thu Dec 10 19:45:23 1998 Received: from [172.16.20.81] (brett.tvdata.com) by emmy (5.0/SMI-SVR4) id AA10124; Thu, 10 Dec 1998 14:45:20 +0500 Message-Id: Date: Thu, 10 Dec 1998 14:45:18 -0500 Reply-To: brett@tvdata.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Brett Goldstock To: wu-ftpd@wugate.wustl.edu Subject: Using symbolic links In-Reply-To: References: <3670133A.8EE69B53@rte.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Sender: bgoldstock@mailhost.tvdata.com X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN According to the FAQ, symbolic links can be used in a chrooted environment with loopback mounts. I'm running under Solaris where this allegedly works, but I'm not familiar with this. Can someone provide detail on how this works? -Brett |Brett M. Goldstock brett@tvdata.com| |Senior Technical Analyst/Sys Admin http://www.tvdata.com| |TVData 800/833-9581| | "We tell the world what's on TV." | From owner-wu-ftpd@wugate.wustl.edu Thu Dec 10 14:00:03 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id OAA02053; Thu, 10 Dec 1998 14:00:02 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id NAA15012; Thu, 10 Dec 1998 13:56:39 -0600 (CST) Received: from tarkin.fdt.net (tarkin.fdt.net [209.212.128.45]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id NAA22381 for ; Thu, 10 Dec 1998 13:47:40 -0600 (CST) Received: from localhost (jlewis@localhost) by tarkin.fdt.net (8.8.5/8.8.5) with SMTP id OAA10695; Thu, 10 Dec 1998 14:47:19 -0500 Message-Id: Date: Thu, 10 Dec 1998 14:47:18 -0500 (EST) Reply-To: jlewis@inorganic5.fdt.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Jon Lewis To: "Scott D. MacKay" Cc: wu-ftp Subject: Re: How to time out dead ftpd processes In-Reply-To: <3670133A.8EE69B53@rte.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Sender: jlewis@tarkin.fdt.net X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Thu, 10 Dec 1998, Scott D. MacKay wrote: > > Short of removing the max limit and cleaning up the dead processes > regularly is there a way to > deal with this? What version was being used above? This was supposedly fixed a while back. ----don't waste your cpu, crack rc5...www.distributed.net team enzo--- Jon Lewis | Spammers will be winnuked or Network Administrator | nestea'd...whatever it takes Florida Digital Turnpike | to get the job done. ______http://inorganic5.fdt.net/~jlewis/pgp for PGP public key________ From owner-wu-ftpd@wugate.wustl.edu Thu Dec 10 14:44:12 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id OAA02481; Thu, 10 Dec 1998 14:44:11 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id OAA01527; Thu, 10 Dec 1998 14:39:54 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id OAA06500 for ; Thu, 10 Dec 1998 14:37:18 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id PAA29124; Thu, 10 Dec 1998 15:37:14 -0500 Message-Id: Date: Thu, 10 Dec 1998 15:37:13 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Brett Goldstock Cc: wu-ftpd@wugate.wustl.edu Subject: Re: Using symbolic links In-Reply-To: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Thu, 10 Dec 1998, Brett Goldstock wrote: > According to the FAQ, symbolic links can be used in a chrooted > environment with loopback mounts. I'm running under Solaris where this > allegedly works, but I'm not familiar with this. Can someone provide > detail on how this works? Best rule-of-thumb: symbolic links do NOT work. Actual fact: they work fine if, and only if, the destination of the link is relative and visible. Consider, we chroot to /ftp/root ... /home/badtarget /ftp/root/badlink -> /home/badtarget This link fails, the target is outside the chroot and not visible. /ftp/root/dira/badtarget /ftp/root/dirb/badlink -> /ftp/root/dira/badtarget This link fails, the target is inside the chrrot, but not relative. The /ftp/root part is outside the chroot and not visible. some Unix systems may allow this. Don't count on it; don't use it (if for no other reason than it lets your chroot'd ftp user know there's more to the file system and they can see a bit of how it's laid out). /ftp/root/dira/goodtarget /ftp/root/dirb/goodlink -> ../dira/goodtarget This link succeeds. It's relative and stays inside the visible area of the chroot. Notice all these links will work fine to a normal (non-chroot'd) shell user. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Thu Dec 10 15:21:43 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id PAA03212; Thu, 10 Dec 1998 15:21:42 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id PAA25905; Thu, 10 Dec 1998 15:18:31 -0600 (CST) Received: from tower.ti.com (tower.ti.com [192.94.94.5]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id PAA22867 for ; Thu, 10 Dec 1998 15:15:09 -0600 (CST) Received: from dadd.ti.com ([172.24.154.51]) by tower.ti.com (8.8.8) with ESMTP id PAA27734 for ; Thu, 10 Dec 1998 15:14:36 -0600 (CST) Received: from pavis.asic.sc.ti.com by dadd.ti.com (8.8.4/) id PAA21093; Thu, 10 Dec 1998 15:14:35 -0600 (CST) Received: by pavis.asic.sc.ti.com id ; Thu, 10 Dec 1998 15:14:34 -0600 Message-Id: <199812102114.AA012944474@pavis.asic.sc.ti.com> Date: Thu, 10 Dec 98 15:14:34 CST Reply-To: bobl@ti.com (Bob Luckin) Sender: owner-wu-ftpd@wugate.wustl.edu From: Bob Luckin To: wu-ftpd@wugate.wustl.edu Subject: Re: How to time out dead ftpd processes In-Reply-To: <3670133A.8EE69B53@rte.com>; from "Scott D. MacKay" at Dec 10, 98 1:30 pm X-Mimi-Options: HEADERS TI2 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN > > ftp 27247 0.0 0.0 816 0 ? IW 16:56 0:00 -xxx.75.223.1: anonymous/IE30User@: R (ftpd) > > ftp 27250 0.0 0.0 816 0 ? IW 16:57 0:00 -xxx.75.223.1: anonymous/IE30User@: R (ftpd) > > ftp 27251 0.0 0.0 816 0 ? IW 16:58 0:00 -xxx.75.223.1: anonymous/IE30User@: R (ftpd) > > ftp 27249 0.0 0.0 816 0 ? IW 16:57 0:00 -xxx.75.223.1: anonymous/IE30User@: R (ftpd) > > ftp 27243 0.0 0.0 816 0 ? IW 16:55 0:00 -xxx.75.223.1: anonymous/IE30User@: R (ftpd) > > > > As you can see the same guy hit the ftp server 5 times within 3 minutes - the xferlog shows > > that no files were transferred. (I've xxx'd out part of his IP address) I kill all the processes > > and things are OK again for a while. Then the next day the problem gets repeated. > > > > Short of removing the max limit and cleaning up the dead processes regularly is there a way to > > deal with this? > > Actually, a nice feature would be to limit # connections from 1 IP..... Can't you do this already by defining a class containing the IP address you want to limit, and limiting that class to 1 connection ? Or am I misunderstanding something here (I deleted the original message, so there may be some other aspect I've missed out on) ? Check the ftpaccess.5 man page and examples, but I think something like :- class nasty anonymous xxx.75.223.1 limit nasty 1 Any /etc/msgs/msg.whatever would allow you to limit logins from that IP address to 1. Admittedly, this doesn't solve the problem of a hanging session - if it really is hung instead of being kept open via the client polling NOOPs every now and then. But it should limit the number of sessions this this IP address can hang this way. Cheers, Bob -- Bob Luckin bobl@ti.com "A man, a plan, a canal, Suez !" [http://www.dhc.net/~luckin/palindromes.html] From owner-wu-ftpd@wugate.wustl.edu Thu Dec 10 15:34:46 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id PAA03345; Thu, 10 Dec 1998 15:34:43 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id PAA16730; Thu, 10 Dec 1998 15:31:27 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id PAA11814 for ; Thu, 10 Dec 1998 15:25:04 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id QAA29389; Thu, 10 Dec 1998 16:24:57 -0500 Message-Id: Date: Thu, 10 Dec 1998 16:24:57 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Bob Luckin Cc: wu-ftpd@wugate.wustl.edu Subject: Re: How to time out dead ftpd processes In-Reply-To: <199812102114.AA012944474@pavis.asic.sc.ti.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Thu, 10 Dec 1998, Bob Luckin wrote: > > Actually, a nice feature would be to limit # connections from 1 IP..... > > Can't you do this already by defining a class containing the IP > address you want to limit, and limiting that class to 1 connection ? > Or am I misunderstanding something here (I deleted the original > message, so there may be some other aspect I've missed out on) ? In a specific case, as he was reporting, you're right this will work. The question is the ability to state, as a general rule, only N connections per IP number. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Fri Dec 11 03:10:18 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id DAA08980; Fri, 11 Dec 1998 03:10:17 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id DAA05888; Fri, 11 Dec 1998 03:05:41 -0600 (CST) Received: from perdita.zdv.Uni-Mainz.de (perdita.zdv.Uni-Mainz.DE [134.93.8.147]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id CAA19151 for ; Fri, 11 Dec 1998 02:50:51 -0600 (CST) Received: (from schoepf@localhost) by perdita.zdv.Uni-Mainz.de (8.8.8/8.8.8) id JAA02744; Fri, 11 Dec 1998 09:47:49 +0100 (MET) Message-Id: <13936.56371.53045.919049@perdita.zdv.Uni-Mainz.de> Date: Fri, 11 Dec 1998 09:47:47 +0100 (MET) Reply-To: schoepf@uni-mainz.de Sender: owner-wu-ftpd@wugate.wustl.edu From: Rainer Schoepf To: byrnejb@harte-lyne.ca Cc: wu-ftpd@wugate.wustl.edu Subject: Re: SSLeay and wu-ftp In-Reply-To: <199812101607.LAA11209@hahp9k.harte-lyne.ca> References: <199812101607.LAA11209@hahp9k.harte-lyne.ca> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Mailer: VM 6.62 under Emacs 19.34.1 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN James B. Byrne writes: > Is there a method of including SSL support in wu-ftp or has > someone already done this? You can go through edssl, a non-SSL<->SSL translator daemon. We are using this for our (non-SSL) POP and IMAP servers. It can be configured for both server and client side translation. ftp://ftp.fh-rosenheim.de/pub/mirror/ftp.replay.com/crypto/SSLapps/SSLlynx/edssl83.tgz Rainer Schöpf -- Rainer Schöpf Zentrum für Datenverarbeitung A point of view can be a dangerous der Universität Mainz luxury when substituted for insight Anselm-Franz-von-Bentzel-Weg 12 and understanding. D-55099 Mainz Germany Herbert Marshall McLuhan: The Gutenberg Galaxy From owner-wu-ftpd@wugate.wustl.edu Fri Dec 11 08:33:15 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id IAA10843; Fri, 11 Dec 1998 08:33:14 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id IAA13548; Fri, 11 Dec 1998 08:27:49 -0600 (CST) Received: from mail.telekabel.nl (arnhem.telekabel.nl [194.134.132.130]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id IAB15223 for ; Fri, 11 Dec 1998 08:24:31 -0600 (CST) Received: from n031.arnhem.telekabel.euronet.nl (root@n031.arnhem.telekabel.euronet.nl [194.134.144.41]) by mail.telekabel.nl (8.8.8/8.8/EuroNet) with ESMTP id PAA02461 from for ; Fri, 11 Dec 1998 15:24:26 +0100 (MET) Received: from alpha (alphaNT.nerd.org [192.168.0.150]) by n031.arnhem.telekabel.euronet.nl (8.9.1a/8.9.1/Debian/GNU) with SMTP id PAA06779 for ; Fri, 11 Dec 1998 15:26:03 +0100 Message-Id: <199812111426.PAA06779@n031.arnhem.telekabel.euronet.nl> Date: Fri, 11 Dec 1998 15:34:12 +0100 Reply-To: fnijen@bos.nl Sender: owner-wu-ftpd@wugate.wustl.edu From: fnijen To: wu-ftpd@wugate.wustl.edu Subject: uploading problems with wu-ftp Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Sender: fnijen@195.81.38.21 X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0.1 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN I've de wu-2.4.2-academ ftp server running on my debian linux box but have uploading problems to the 'upload' directory. The server is only accesible with anonymous logins , no normal user accounts are allowed. Directly in de ftp root is the 'upload' directory with all rights set, so all users and groups can read and write, owner is root:root. In de ftpaccess config file I've put the following configuration: # FTP-home-dir archiv-dir allow? owner group mode dirs? upload /drive2/ftp lib no upload /drive2/ftp et no upload /drive2/ftp pu no upload /drive2/ftp bin no upload /drive2/ftp * no upload /drive2/ftp /incoming yes root sys 0777 dirs People can now upload directly in de 'upload', are able to create subdirectory's but rights are set to: >ls -l >drwxr-xr-x 2 ftp staff 1024 Dec 11 15:20 test So no write rights! and notice the ownership. I killed the inetd with _HUP after changes to the ftpaccess, guess that's even not needed. I've got ftp daemons in the /usr/sbin, I did a 'strings' on the ftpd and in.ftpd, saw that the ftpd was the correct one. So I really don't know anymore where to look. oh, and I tried to add in the /etc/inetd the command -u077 behind the 'ftp stream tcp nowait root /usr/sbin/tpcd /usr/sbin/ftpd -a' , but then the rights on newly created directories ended up even odder "d----------". Guess, I'm doing something terribly wrong, but what? Frank From owner-wu-ftpd@wugate.wustl.edu Fri Dec 11 08:53:21 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id IAA11072; Fri, 11 Dec 1998 08:53:20 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id IAA13954; Fri, 11 Dec 1998 08:46:34 -0600 (CST) Received: from hahp9k.harte-lyne.ca (hahp9k.harte-lyne.ca [209.47.131.101]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id IAA31369 for ; Fri, 11 Dec 1998 08:45:38 -0600 (CST) Received: from u01 (hal_ham_g01_u01.harte-lyne.ca [209.47.131.111]) by hahp9k.harte-lyne.ca (8.8.7/8.8.7) with SMTP id JAA28711; Fri, 11 Dec 1998 09:46:21 -0500 (EST) Message-Id: <199812111446.JAA28711@hahp9k.harte-lyne.ca> Date: Fri, 11 Dec 1998 09:32:55 -0500 Reply-To: byrnejb@harte-lyne.ca Sender: owner-wu-ftpd@wugate.wustl.edu From: "James B. Byrne" To: schoepf@uni-mainz.de, wu-ftpd@wugate.wustl.edu Subject: Re: SSLeay and wu-ftp In-Reply-To: <13936.56371.53045.919049@perdita.zdv.Uni-Mainz.de> References: <199812101607.LAA11209@hahp9k.harte-lyne.ca> MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT X-mailer: Pegasus Mail for Win32 (v3.01b) X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On 11 Dec 98, at 9:47, Rainer Schoepf wrote: > You can go through edssl, a non-SSL<->SSL translator daemon. We are using > this for our (non-SSL) POP and IMAP servers. It can be configured for both > server and client side translation. > Thanks. Regards, Jim --- James B. Byrne Harte & Lyne Limited vox: +1 905 561 1241 9 Brockley Drive fax: +1 905 561 0757 Hamilton, Ontario mailto:byrnejb@harte-lyne.ca Canada L8E 3C3 From owner-wu-ftpd@wugate.wustl.edu Fri Dec 11 09:49:08 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id JAA11701; Fri, 11 Dec 1998 09:49:07 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id JAA10527; Fri, 11 Dec 1998 09:44:24 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id JAA22574 for ; Fri, 11 Dec 1998 09:39:06 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id KAA01780; Fri, 11 Dec 1998 10:38:40 -0500 Message-Id: Date: Fri, 11 Dec 1998 10:38:40 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: fnijen Cc: wu-ftpd@wugate.wustl.edu Subject: Re: uploading problems with wu-ftp In-Reply-To: <199812111426.PAA06779@n031.arnhem.telekabel.euronet.nl> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Fri, 11 Dec 1998, fnijen wrote: > I've de wu-2.4.2-academ ftp server running on my debian linux box but > have uploading problems to the 'upload' directory. The server is only > accesible with anonymous logins , no normal user accounts are allowed. > Directly in de ftp root is the 'upload' directory with all rights set, > so all users and groups can read and write, owner is root:root. In de > ftpaccess config file I've put the following configuration: > > # FTP-home-dir archiv-dir allow? owner group mode dirs? > upload /drive2/ftp lib no > upload /drive2/ftp et no > upload /drive2/ftp pu no > upload /drive2/ftp bin no > upload /drive2/ftp * no > upload /drive2/ftp /incoming yes root sys 0777 dirs > > People can now upload directly in de 'upload', are able to create > subdirectory's but rights are set to: > >ls -l > >drwxr-xr-x 2 ftp staff 1024 Dec 11 15:20 test > > So no write rights! and notice the ownership. I killed the inetd with > _HUP after changes to the ftpaccess, guess that's even not needed. > I've got ftp daemons in the /usr/sbin, I did a 'strings' on the ftpd > and in.ftpd, saw that the ftpd was the correct one. > > So I really don't know anymore where to look. > > oh, and I tried to add in the /etc/inetd the command -u077 behind the > 'ftp stream tcp nowait root /usr/sbin/tpcd /usr/sbin/ftpd -a' , but > then the rights on newly created directories ended up even odder > "d----------". > > Guess, I'm doing something terribly wrong, but what? Several things. First, I'd change the ownership from root.sys to something a little less dangerous. Second, you just tripped across one of the bugs in the upload clause. It does not have any way to specify the permissions for newly created directories. Not many people notice because it's very unsafe to allow anonymous users to create directories anyway. If you're not running 2.4.2 (beta-18), upgrade to it. Then visit my example site: ftp://ftp.vr.net/pub/wu-ftpd/examples/ To see a fairly secure setup showing proper permissions and ownerships. If you really need to allow anonymous users to create directories in the upload area, I'd suggest upgrading to 2.4.2 (beta-18) VR11, which has a number of extensions and bug fixes not available in the base release. It is available from: ftp://ftp.vr.net/pub/wu-ftpd/ There are a number of prebuilt binaries (including Linux) also available. The location of the latest version of wu-ftpd can be found in the directory ftp://ftp.academ.com/pub/wu-ftpd/private/ You can't see the directory contents, so read the message informing you of the actual filename to retrieve. It's there. wu-ftpd Resource Center: http://www.landfield.com/wu-ftpd/ wu-ftpd FAQ: http://www.cetis.hvu.nl/~koos/wu-ftpd-faq.html wu-ftpd list archive: http://www.landfield.com/wu-ftpd/mail-archive/ -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Fri Dec 11 11:32:23 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id LAA12922; Fri, 11 Dec 1998 11:32:22 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id LAA00955; Fri, 11 Dec 1998 11:28:54 -0600 (CST) Received: from nis.acs.uci.edu (nis.acs.uci.edu [128.200.16.34]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id LAA31728 for ; Fri, 11 Dec 1998 11:25:09 -0600 (CST) Received: from nis.acs.uci.edu (bingy.acs.uci.edu [128.200.34.36]) by nis.acs.uci.edu (8.8.8/) with ESMTP id JAA02213; Fri, 11 Dec 1998 09:24:10 -0800 (PST) Message-Id: <36715538.359B2F44@nis.acs.uci.edu> Date: Fri, 11 Dec 1998 09:24:09 -0800 Reply-To: strombrg@nis.acs.uci.edu Sender: owner-wu-ftpd@wugate.wustl.edu From: Dan Stromberg To: schoepf@uni-mainz.de Cc: byrnejb@harte-lyne.ca, wu-ftpd@wugate.wustl.edu Subject: Re: SSLeay and wu-ftp References: <199812101607.LAA11209@hahp9k.harte-lyne.ca> <13936.56371.53045.919049@perdita.zdv.Uni-Mainz.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Sender: strombrg@nis.acs.uci.edu X-Mailer: Mozilla 4.5 [en] (X11; I; SunOS 5.7 sun4u) X-Accept-Language: en X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Rainer Schoepf wrote: > James B. Byrne writes: > > > Is there a method of including SSL support in wu-ftp or has > > someone already done this? > > You can go through edssl, a non-SSL<->SSL translator daemon. We are using > this for our (non-SSL) POP and IMAP servers. It can be configured for > both server and client side translation. > > ftp://ftp.fh-rosenheim.de/pub/mirror/ftp.replay.com/crypto/SSLapps/SSLlynx/edssl83.tgz > I'm not sure, but if I had to guess, I'd say edssl (and similar programs) would work fine for things like imap and pop, but probably wouldn't work for something with a two-socket design like ftp. From owner-wu-ftpd@wugate.wustl.edu Fri Dec 11 11:58:42 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id LAA13183; Fri, 11 Dec 1998 11:58:41 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id LAA07795; Fri, 11 Dec 1998 11:54:31 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id LAA21703 for ; Fri, 11 Dec 1998 11:53:36 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id MAA02504; Fri, 11 Dec 1998 12:53:14 -0500 Message-Id: Date: Fri, 11 Dec 1998 12:53:14 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Rainer Schoepf Cc: byrnejb@harte-lyne.ca, wu-ftpd@wugate.wustl.edu Subject: Re: SSLeay and wu-ftp In-Reply-To: <13936.56371.53045.919049@perdita.zdv.Uni-Mainz.de> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Fri, 11 Dec 1998, Rainer Schoepf wrote: > James B. Byrne writes: > > > Is there a method of including SSL support in wu-ftp or has > > someone already done this? > > You can go through edssl, a non-SSL<->SSL translator daemon. We are using > this for our (non-SSL) POP and IMAP servers. It can be configured for > both server and client side translation. > > ftp://ftp.fh-rosenheim.de/pub/mirror/ftp.replay.com/crypto/SSLapps/SSLlynx/edssl83.tgz Found it. ftp://ftp.psy.uq.oz.au/pub/Crypto/SSLapps/wu-2.4.2-beta11+SSL.diff.gz ftp://ftp.psy.uq.oz.au/pub/Crypto/SSLapps/SSLftp-0.13.tar.gz -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Fri Dec 11 12:33:40 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id MAA13582; Fri, 11 Dec 1998 12:33:39 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id MAA25405; Fri, 11 Dec 1998 12:26:42 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id MAA15107 for ; Fri, 11 Dec 1998 12:25:41 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id NAA02696 for ; Fri, 11 Dec 1998 13:25:40 -0500 Message-Id: Date: Fri, 11 Dec 1998 13:25:40 -0500 (EST) Reply-To: lundberg@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: WU-FTPD Discussion List Subject: Re: SSLeay and wu-ftp In-Reply-To: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Fri, 11 Dec 1998, Gregory A Lundberg wrote: > Found it. > > ftp://ftp.psy.uq.oz.au/pub/Crypto/SSLapps/wu-2.4.2-beta11+SSL.diff.gz > ftp://ftp.psy.uq.oz.au/pub/Crypto/SSLapps/SSLftp-0.13.tar.gz If someone wants to work on updating this, I have a CVS tree where you could apply the patches against (beta-11) and merge the diffs up through (beta-18) and VR11+. Contact me privately. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Fri Dec 11 12:39:25 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id MAA13638; Fri, 11 Dec 1998 12:39:24 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id MAA29361; Fri, 11 Dec 1998 12:33:16 -0600 (CST) Received: from nis.acs.uci.edu (nis.acs.uci.edu [128.200.16.34]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id MAA14770 for ; Fri, 11 Dec 1998 12:31:03 -0600 (CST) Received: from nis.acs.uci.edu (bingy.acs.uci.edu [128.200.34.36]) by nis.acs.uci.edu (8.8.8/) with ESMTP id KAA06447; Fri, 11 Dec 1998 10:30:05 -0800 (PST) Message-Id: <367164AB.4BDA800C@nis.acs.uci.edu> Date: Fri, 11 Dec 1998 10:30:03 -0800 Reply-To: strombrg@nis.acs.uci.edu Sender: owner-wu-ftpd@wugate.wustl.edu From: Dan Stromberg To: lundberg+wuftpd@vr.net Cc: Rainer Schoepf , byrnejb@harte-lyne.ca, wu-ftpd@wugate.wustl.edu Subject: Re: SSLeay and wu-ftp References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Sender: strombrg@nis.acs.uci.edu X-Mailer: Mozilla 4.5 [en] (X11; I; SunOS 5.7 sun4u) X-Accept-Language: en X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Gregory A Lundberg wrote: > On Fri, 11 Dec 1998, Rainer Schoepf wrote: > > > James B. Byrne writes: > > > > > Is there a method of including SSL support in wu-ftp or has > > > someone already done this? > > > > You can go through edssl, a non-SSL<->SSL translator daemon. We are using > > this for our (non-SSL) POP and IMAP servers. It can be configured for > > both server and client side translation. > > > > ftp://ftp.fh-rosenheim.de/pub/mirror/ftp.replay.com/crypto/SSLapps/SSLlynx/edssl83.tgz > > Found it. > > ftp://ftp.psy.uq.oz.au/pub/Crypto/SSLapps/wu-2.4.2-beta11+SSL.diff.gz > ftp://ftp.psy.uq.oz.au/pub/Crypto/SSLapps/SSLftp-0.13.tar.gz Gee, it sure would be nifty if these patches made it into the mainline as ifdef's. ...or one of the derived servers... From owner-wu-ftpd@wugate.wustl.edu Fri Dec 11 12:58:16 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id MAA13822; Fri, 11 Dec 1998 12:58:16 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id MAA11701; Fri, 11 Dec 1998 12:52:21 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id MAA08180 for ; Fri, 11 Dec 1998 12:52:06 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id NAA02858; Fri, 11 Dec 1998 13:51:42 -0500 Message-Id: Date: Fri, 11 Dec 1998 13:51:42 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Dan Stromberg Cc: Rainer Schoepf , byrnejb@harte-lyne.ca, wu-ftpd@wugate.wustl.edu Subject: Re: SSLeay and wu-ftp In-Reply-To: <367164AB.4BDA800C@nis.acs.uci.edu> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Fri, 11 Dec 1998, Dan Stromberg wrote: > Gregory A Lundberg wrote: > > > On Fri, 11 Dec 1998, Rainer Schoepf wrote: > > > > > James B. Byrne writes: > > > > > > > Is there a method of including SSL support in wu-ftp or has > > > > someone already done this? > > > > > > You can go through edssl, a non-SSL<->SSL translator daemon. We are using > > > this for our (non-SSL) POP and IMAP servers. It can be configured for > > > both server and client side translation. > > > > > > ftp://ftp.fh-rosenheim.de/pub/mirror/ftp.replay.com/crypto/SSLapps/SSLlynx/edssl83.tgz > > > > Found it. > > > > ftp://ftp.psy.uq.oz.au/pub/Crypto/SSLapps/wu-2.4.2-beta11+SSL.diff.gz > > ftp://ftp.psy.uq.oz.au/pub/Crypto/SSLapps/SSLftp-0.13.tar.gz > > Gee, it sure would be nifty if these patches made it into the mainline as ifdef's. > > ...or one of the derived servers... The work, including any support and/or download sites for it, would have to be done outside the US/Canada. If I did it, I would have to restrict access to US/Canadian citizens accessing from sites verifiably within those countries. Other countries may have even bigger problems (for instance, I understand it would be completely illegal in France no matter how it was obtained). Perhaps Bernard could do it. But if he did it as #ifdef's in his main tree, those of us offering downloads of his version inside the US/Canada would have to either restrict downloads or stop offering it. It will have to be a completely separate source tree from the main server and variants if full, free access to all is to be maintained. Those of us doing work on the server can feed our (non-cryptographic) work to the effort, and we can accept non-cryptographic patches and features from it, but we cannot merge any direct support of strong crytographic methods (such as SSL requires) into the general code base. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Fri Dec 11 14:38:28 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id OAA14846; Fri, 11 Dec 1998 14:38:27 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id OAA17192; Fri, 11 Dec 1998 14:33:12 -0600 (CST) Received: from orr.pwgsc.gc.ca (orr.pwgsc.gc.ca [198.103.167.14]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id OAA05030 for ; Fri, 11 Dec 1998 14:29:47 -0600 (CST) Received: id PAA25772; Fri, 11 Dec 1998 15:18:14 -0500 Received: by gateway ??? Received: by gateway id OAA07556 for ; Fri, 11 Dec 1998 14:50:27 -0500 (EST) Message-Id: <199812111950.OAA07556@tiger.ncr.pwgsc.gc.ca> Date: Fri, 11 Dec 1998 14:50:27 -0500 (EST) Reply-To: Rocker UNIX/NT Support 991-2604 Sender: owner-wu-ftpd@wugate.wustl.edu From: Rocker UNIX/NT Support 991-2604 To: wu-ftpd@wugate.wustl.edu Subject: socks MIME-Version: 1.0 Content-Type: TEXT/plain; charset=us-ascii Content-MD5: pokavVw7lqKZ7T+cvXGq+w== X-Mailer: dtmail 1.2.0 CDE Version 1.2 SunOS 5.6 sun4u sparc X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Hello. Is the following log info generated by a client going through a firewall that uses socks ? It looks like an illegal port command from a pasv connection. > Dec 10 22:21:46 hwcweb ftpd[1462]: refused PORT 0.0.0.0,0 from this.place.ca > Dec 10 22:21:47 hwcweb ftpd[1462]: refused PORT 0.0.0.0,0 from this.place.ca > Dec 10 22:21:48 hwcweb ftpd[1462]: refused PORT 0.0.0.0,0 from this.place.ca > Dec 10 22:21:49 hwcweb ftpd[1462]: refused PORT 0.0.0.0,0 from this.place.ca Thanks -- Rocke Robertson PWGSC/GTIS (613)991-2604 rocker@tiger.ncr.pwgsc.gc.ca From owner-wu-ftpd@wugate.wustl.edu Fri Dec 11 15:06:04 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id PAA15102; Fri, 11 Dec 1998 15:06:03 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id PAA26596; Fri, 11 Dec 1998 15:02:26 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id OAA18722 for ; Fri, 11 Dec 1998 14:58:21 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id PAA03651; Fri, 11 Dec 1998 15:58:04 -0500 Message-Id: Date: Fri, 11 Dec 1998 15:58:04 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Rocker UNIX/NT Support 991-2604 Cc: wu-ftpd@wugate.wustl.edu Subject: Re: socks In-Reply-To: <199812111950.OAA07556@tiger.ncr.pwgsc.gc.ca> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Fri, 11 Dec 1998, Rocker UNIX/NT Support 991-2604 wrote: > Hello. Is the following log info generated by a client going through a > firewall that uses socks ? It looks like an illegal port command from > a pasv connection. > > > Dec 10 22:21:46 hwcweb ftpd[1462]: refused PORT 0.0.0.0,0 from this.place.ca > > Dec 10 22:21:47 hwcweb ftpd[1462]: refused PORT 0.0.0.0,0 from this.place.ca > > Dec 10 22:21:48 hwcweb ftpd[1462]: refused PORT 0.0.0.0,0 from this.place.ca > > Dec 10 22:21:49 hwcweb ftpd[1462]: refused PORT 0.0.0.0,0 from this.place.ca The daemon requires the PORT (note: this isn't a PASV connection) to tell it to connect back to the same machine as the FTP control connection originates from. As a guess, I'd say the proxy has never been configured. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Fri Dec 11 15:26:31 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id PAA15318; Fri, 11 Dec 1998 15:26:28 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id PAA24855; Fri, 11 Dec 1998 15:21:44 -0600 (CST) Received: from orr.pwgsc.gc.ca (orr.pwgsc.gc.ca [198.103.167.14]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id PAA01350 for ; Fri, 11 Dec 1998 15:18:33 -0600 (CST) Received: id PAA28036; Fri, 11 Dec 1998 15:48:12 -0500 Received: by gateway ??? Received: by gateway id PAA07832 for ; Fri, 11 Dec 1998 15:29:41 -0500 (EST) Message-Id: <36718154.93CD6B69@tiger.ncr.pwgsc.gc.ca> Date: Fri, 11 Dec 1998 15:32:20 -0500 Reply-To: rocker@tiger.ncr.pwgsc.gc.ca Sender: owner-wu-ftpd@wugate.wustl.edu From: "Robertson, Rocke" To: wuftpd Subject: [Fwd: ] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Mailer: Mozilla 4.03 [en] (WinNT; U) X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Hello, I had some posting problems, so if this is the second time it has been posted, sorry. In any event, is the following log entry generated by a client communicating from behind a firewall using socks ? It looks like an illegal port command for a pasv connection. Just want to make sure I understand what this means. Any help would be appreciated. > Dec 10 22:21:46 hwcweb ftpd[1462]: refused PORT 0.0.0.0,0 from this.place.ca > Dec 10 22:21:47 hwcweb ftpd[1462]: refused PORT 0.0.0.0,0 from this.place.ca > Dec 10 22:21:48 hwcweb ftpd[1462]: refused PORT 0.0.0.0,0 from this.place.ca > Dec 10 22:21:49 hwcweb ftpd[1462]: refused PORT 0.0.0.0,0 from this.place.ca Thanks -- Rocke Robertson PWGSC/GTIS (613)991-2604 rocker@tiger.ncr.pwgsc.gc.ca From owner-wu-ftpd@wugate.wustl.edu Fri Dec 11 17:04:03 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id RAA17215; Fri, 11 Dec 1998 17:04:02 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id QAA28051; Fri, 11 Dec 1998 16:59:43 -0600 (CST) Received: from mail.ucsf.edu (mail.ucsf.EDU [128.218.95.23]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id QAA07629 for ; Fri, 11 Dec 1998 16:54:04 -0600 (CST) Received: from itsa.ucsf.edu (itsa [128.218.95.21]) by mail.ucsf.edu (8.8.7/CDR8.8.7) with SMTP id OAA21768 for ; Fri, 11 Dec 1998 14:54:01 -0800 (PST) Message-Id: Date: Fri, 11 Dec 1998 14:54:02 -0800 (PST) Reply-To: joed@itsa.ucsf.edu Sender: owner-wu-ftpd@wugate.wustl.edu From: Joe DeBattista To: Discussion about the WUARCHIVE-FTPD project Subject: Allowing users to ftp to different directories In-Reply-To: <199811170602.AAA01272@wugate.wustl.edu> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Greetings, I'm having a problem getting a user access to subdirectories that aren't under his own home directory. I'm running AIX 4.1.5 and wu-ftpd-2.4.11. The user has responsibility for maintaining a directory called "licenses", which is under "~user/public_html". Both "public_html" and "licenses have the same group ownership and permissions, to allow read and write access. If the user logs in and then does a cd to ~user/public_html/licenses, then he can read or write without any problems. However, if he ftps to his account and then tries to create a file in ~user/public_html/licenses, he gets permission denied. I haven't modified any of the ftp config files, and did notice the "private" option in the ftpaccess file, but that sounded like it was used to add an additional level of security. Is there anything else I'm missing? Joe DeBattista UCSF, Administrative Computing INTERNET: joed@itsa..ucsf.edu From owner-wu-ftpd@wugate.wustl.edu Fri Dec 11 20:18:38 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id UAA27842; Fri, 11 Dec 1998 20:18:37 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id UAA06639; Fri, 11 Dec 1998 20:13:48 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id UAA15083 for ; Fri, 11 Dec 1998 20:10:45 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id VAA05018; Fri, 11 Dec 1998 21:10:41 -0500 Message-Id: Date: Fri, 11 Dec 1998 21:10:40 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Joe DeBattista Cc: WU-FTPD Discussion List Subject: Re: Allowing users to ftp to different directories In-Reply-To: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Fri, 11 Dec 1998, Joe DeBattista wrote: > I'm having a problem getting a user access to subdirectories that > aren't under his own home directory. I'm running AIX 4.1.5 and > wu-ftpd-2.4.11. The user has responsibility for maintaining a > directory called "licenses", which is under "~user/public_html". > Both "public_html" and "licenses have the same group ownership and > permissions, to allow read and write access. If the user logs in and > then does a cd to ~user/public_html/licenses, then he can read or > write without any problems. However, if he ftps to his account and > then tries to create a file in ~user/public_html/licenses, he gets > permission denied. I haven't modified any of the ftp config files, > and did notice the "private" option in the ftpaccess file, but that > sounded like it was used to add an additional level of security. Is > there anything else I'm missing? The upload clause is what you're looking for. The permission denied sounds like there's a problem with the Unix ownership and/or permissions for the directory. Private is not what you want. The location of the latest version of wu-ftpd can be found in the directory ftp://ftp.academ.com/pub/wu-ftpd/private/ You can't see the directory contents, so read the message informing you of the actual filename to retrieve. It's there. wu-ftpd Resource Center: http://www.landfield.com/wu-ftpd/ wu-ftpd FAQ: http://www.cetis.hvu.nl/~koos/wu-ftpd-faq.html wu-ftpd list archive: http://www.landfield.com/wu-ftpd/mail-archive/ -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Tue Dec 15 00:56:28 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id AAA06748; Tue, 15 Dec 1998 00:56:28 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id AAA06835; Tue, 15 Dec 1998 00:51:57 -0600 (CST) Received: from enterprise.interpath.net (kbaucom@enterprise.interpath.net [199.72.1.6]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id AAA06868 for ; Tue, 15 Dec 1998 00:45:22 -0600 (CST) Received: from localhost (kbaucom@localhost) by enterprise.interpath.net (8.8.5/v0.9) with SMTP id BAA08282 for ; Tue, 15 Dec 1998 01:45:20 -0500 (EST) Message-Id: Date: Tue, 15 Dec 1998 01:45:20 -0500 (EST) Reply-To: "J. Kirk Baucom" Sender: owner-wu-ftpd@wugate.wustl.edu From: "J. Kirk Baucom" To: wu-ftpd@wugate.wustl.edu Subject: pam patch MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Hi Could anyone let me know where I could find the PAM patch for wu-ftpd? ------ Kirk Baucom - System Administrator Interpath Communications, Inc. http://www.interpath.com From owner-wu-ftpd@wugate.wustl.edu Tue Dec 15 07:37:30 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id HAA08995; Tue, 15 Dec 1998 07:37:29 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id HAA11129; Tue, 15 Dec 1998 07:32:36 -0600 (CST) Received: from harry.informatik.rwth-aachen.de (harry.Informatik.RWTH-Aachen.DE [137.226.116.28]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id HAA20563 for ; Tue, 15 Dec 1998 07:29:52 -0600 (CST) Received: from microsoft.sucks.eu.org (IDENT:root@s4m094.dialup.RWTH-Aachen.DE [137.226.8.94]) by harry.informatik.rwth-aachen.de (8.9.1a/8.9.1/1) with SMTP id OAA02948; Tue, 15 Dec 1998 14:26:54 +0100 (MET) Message-Id: Date: Tue, 15 Dec 1998 13:15:42 +0100 (CET) Reply-To: bero@microsoft.sucks.eu.org Sender: owner-wu-ftpd@wugate.wustl.edu From: Bernhard Rosenkraenzer To: "J. Kirk Baucom" Cc: wu-ftpd@wugate.wustl.edu Subject: Re: pam patch In-Reply-To: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Tue, 15 Dec 1998, J. Kirk Baucom wrote: > Could anyone let me know where I could find the PAM patch for wu-ftpd? You can either get BeroFTPD 1.2.3 (which is a wu-ftpd version with a lot of patches, including PAM), or download the RPM from redhat.com, which contains a PAM patch. LLaP bero -- Windows 98 supports real multitasking - it can boot and crash simultaneously. *** Anyone sending unwanted advertising e-mail to this address will be charged $25 for network traffic and computing time. By extracting my address from this message or its header, you agree to these terms. From owner-wu-ftpd@wugate.wustl.edu Wed Dec 16 15:04:27 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id PAA27840; Wed, 16 Dec 1998 15:04:26 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id OAA14788; Wed, 16 Dec 1998 14:59:15 -0600 (CST) Received: from mailrelay1.prc.com (mailrelay1.prc.com [140.188.64.5]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id OAA24526 for ; Wed, 16 Dec 1998 14:51:22 -0600 (CST) Received: from MCL2.PRC.COM (ems.prc.com [140.188.192.202]) by mailrelay1.prc.com (8.9.1/8.9.1) with ESMTP id PAA22022 for ; Wed, 16 Dec 1998 15:52:09 -0500 Received: by ems.prc.com with Internet Mail Service (5.5.2232.9) id ; Wed, 16 Dec 1998 15:50:14 -0500 Message-Id: <4154CB59D182D211ACC20060080CEC6B445B66@MCL6.prc.com> Date: Wed, 16 Dec 1998 15:50:26 -0500 Reply-To: Kirwan_Marty@prc.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Kirwan Marty To: wu-ftpd@wugate.wustl.edu Subject: NEWBIE Question MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" X-Mailer: Internet Mail Service (5.5.2232.9) X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Hello, I recently subscribed to this list hoping to find out about WU-Ftpd. Alot of the recent messages have dealt with BeroFTP and VR10. Here is the newbie question: Are these preferable to WU-Ftpd? Why? Where can I find them? I would like to run one off them on a MkLinux box, is that a problem? Thanks in advance, Marty Kirwan From owner-wu-ftpd@wugate.wustl.edu Wed Dec 16 15:29:54 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id PAA28190; Wed, 16 Dec 1998 15:29:53 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id PAA28860; Wed, 16 Dec 1998 15:23:36 -0600 (CST) Received: from abyss.lhsc.on.ca (abyss.lhsc.on.ca [142.158.2.20]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id PAA02398 for ; Wed, 16 Dec 1998 15:20:24 -0600 (CST) Received: from LHSC.ON.CA by abyss.lhsc.on.ca with SMTP id QAA06073; Wed, 16 Dec 1998 16:20:14 -0500 (EST) Received: from LHSC-Message_Server by LHSC.ON.CA with Novell_GroupWise; Wed, 16 Dec 1998 16:23:22 -0500 Message-Id: Date: Wed, 16 Dec 1998 16:22:56 -0500 Reply-To: steve.vanderburg@LHSC.ON.CA Sender: owner-wu-ftpd@wugate.wustl.edu From: Steve van der Burg To: wu-ftpd@wugate.wustl.edu Subject: Anyone interested in integrating this into the wu-ftpd code? Mime-Version: 1.0 Content-Type: text/plain Content-Disposition: inline X-Mailer: Novell GroupWise 4.1 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN [ A long-winded message follows that asks: "Does anyone else think that giving wu-ftpd the ability to use a modified "guest" user type, where authentication is done against a database that can be manipulated via non-root CGI processes (ie. a web interface), is useful?" I've added just that (to wu-ftpd 2.42-beta18) and it's pretty handy for me. ] First, thanks to all the people who work on, and have worked on, the wu-ftpd code. A few months ago, I went out on a limb and said (to the company that I work for) that I would: i) throw away a vendor's ftpd (the Solaris 2.6 daemon) ii) grab source for a more configurable, logging, and (more) securable ftp server and get it running iii) hack a "leased, non-anonymous" ftp account feature into it, with a web interface. (i) and (ii) were easy -- the build, install and configure documentation for wu-ftpd 2.42-beta18 is pretty good, so it didn't take long. (iii) is now done. To explain further: I liked that wu-ftpd supported three types of users -- real, anonymous, and guest. The "guest" user type was close to what I wanted -- guests could be pinned down (chroot()ed and chdir()ed) and weren't anonymous. What I wanted to do was give users where I work the ability to "grant" (ie. create) guest ftp accounts that would exist for a limited time only. We deal a lot with vendors and other companies, etc, that don't run their own FTP servers, but need to exchange files with people at my company. Everybody's got privacy concerns -- the vendors and users -- and none of them are savvy enough to be able to use anonymous FTP set up in a "you can put and get, but you can't get a list of files" security-through-obscurity configuration. I also couldn't have anyone telnetting to my ftp server to create or edit users (to set passwords, etc), and didn't want to bother with setting up setuid (root!) scripts to make it easier, or use sudo, or all the other things that I've done when regular users need to do administrative-type things. In short (except I can't seem to handle "short" today!), I wanted: - to predefine a bunch of ftp-only (no shell) guest users with locked accounts, and have a little web application that users could grant "leases" -- credentials to use with the ftp accounts that expired after a given time -- with. - create a mechanism that expired the leases, killed ftp daemons that were connected with an expired lease, delete all the files associated with a lease, etc. I implemented this by hacking wu-ftpd in the following way: ftpd.c: - adding a clone of checkuser() that checks another file that lists "leasable" users - hacking in a check of submitted credentials against those stored in a gdbm database for a "leased" account - hacking in some extra logging (again into a database) that lets lease-granting users see when their leased accounts have been accessed, and from where. elsewhere: - hacking in references to pathnames for database files - adding in all the necessary compiler and linker stuff to get gdbm linked into the server Once that was done, the web interface was created, in Perl. It does just two things: - grants new leases by generating ugly, hard-to-guess passwords, encrypting them and storing them in the lease credentials database. - shows access information on leases Also, another process, running as root and launched periodically by cron, checks for expired leases, kills any ftp daemons associated with a just-expired lease, cleans up an expired lease user's home directory, etc, and then flags that the lease user is ready to be reused. - - - That was all hacked together in a couple of days, and is working very well. For me to submit it as a patch, I'd need to put #ifdef blocks around all my code (right now I've got comments with my initials around everything) and write some real documentation for it. My question is: Would anyone else like to see it? Or try it out? Or integrate it into the code a bit better (with ftpaccess support, for instance)? It fills an obvious need at the company where I work, but I don't know how useful it is to anyone else. Sorry for the rambling message. I don't seem to be able to write any other way today. ...Steve -- Steve van der Burg Technical Analyst, Information Services London Health Sciences Centre London, Ontario, Canada steve.vanderburg@lhsc.on.ca From owner-wu-ftpd@wugate.wustl.edu Wed Dec 16 16:14:34 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id QAA28702; Wed, 16 Dec 1998 16:14:32 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id QAA11239; Wed, 16 Dec 1998 16:10:45 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id QAA24001 for ; Wed, 16 Dec 1998 16:05:10 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id RAA01201; Wed, 16 Dec 1998 17:05:01 -0500 Message-Id: Date: Wed, 16 Dec 1998 17:05:01 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Kirwan Marty Cc: wu-ftpd@wugate.wustl.edu Subject: Re: NEWBIE Question In-Reply-To: <4154CB59D182D211ACC20060080CEC6B445B66@MCL6.prc.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Wed, 16 Dec 1998, Kirwan Marty wrote: > I recently subscribed to this list hoping to find out about WU-Ftpd. > Alot of the recent messages have dealt with BeroFTP and VR10. Here is > the newbie question: > Are these preferable to WU-Ftpd? Why? For most people, no, the base beta-18 version is preferrable. Why? Because it's the 'official' version. The VR-series offers a number of enhancements and bug fixes not available in the base beta-18 version. If you have a need for one of these, you will find it preferrable. BeroFTPD has rolled in many of the VR patches as well as Kent's NEWVIRT virtual hosting scheme. Bernard has also done a lot of work cleaning up the source code, getting it to use GNU autoconf, and adding a number of new and/or upcoming FTP features. If you have high-end multi-hosting needs or need to begin working with the evolving output of the FTP Working Group, you will want BeroFTPD. So why do you hear so much about these two versions on the mailing list? Because Bernard and I are _actively_ working on the daemon. Stan, the maintainer of the base source kit, has been notably absent and is notoriously slow in releasing updates or addressing user concerns. Development on the base code has been slow .. nobody wants to say its completely stopped so let's just characterise it as 'glacial'. > Where can I find them? The VR-series (current version is VR11, btw) is available from ftp://ftp.vr.net/pub/wu-ftpd/ Bernard has a few sites but I don't recall them. He'll probably post the list in a bit .. if not ask and I'll dig it out of my mail archives. I have the current version of BerFTPD in ftp.vr.net as well. The location of the latest version of wu-ftpd can be found in the directory ftp://ftp.academ.com/pub/wu-ftpd/private/ You can't see the directory contents, so read the message informing you of the actual filename to retrieve. It's there. wu-ftpd Resource Center: http://www.landfield.com/wu-ftpd/ wu-ftpd FAQ: http://www.cetis.hvu.nl/~koos/wu-ftpd-faq.html wu-ftpd list archive: http://www.landfield.com/wu-ftpd/mail-archive/ > I would like to run one off them on a MkLinux box, is that a problem? Considering I run Linux, and I believer Bernard does as well, you should have no problems running any version of WU-FTPD on your box. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Wed Dec 16 18:17:32 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id SAA29860; Wed, 16 Dec 1998 18:17:30 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id SAA04484; Wed, 16 Dec 1998 18:13:53 -0600 (CST) Received: from airlink.com ([199.108.92.4]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id SAA21399 for ; Wed, 16 Dec 1998 18:08:43 -0600 (CST) Received: from [199.108.92.6] by airlink.com (SMTPD32-3.02) id ABC135400A6; Wed, 16 Dec 1998 16:09:37 -0800 Message-Id: <002c01be2951$1c2a0c00$065c6cc7@dagobah.AirLink.com> Date: Wed, 16 Dec 1998 16:06:35 -0800 Reply-To: edwardb@AirLink.com Sender: owner-wu-ftpd@wugate.wustl.edu From: "Edward Baichtal" To: Subject: /incoming stopped working... In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2377.0 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.2106.4 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN I think I saw this answer a couple weeks ago go by on this list. Just put up VR 11 in place of beta 17, and notice that /incoming stopped working. Anonymous users get the following message when trying to upload: 553 file.zip: Permission denied. (Upload) I forgot what the fix was. Please forward that e-mail to me. -------------------------- Edward Baichtal edwardb@AirLink.com http://www.airlink.com From owner-wu-ftpd@wugate.wustl.edu Wed Dec 16 18:42:50 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id SAA00174; Wed, 16 Dec 1998 18:42:49 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id SAA12125; Wed, 16 Dec 1998 18:39:41 -0600 (CST) Received: from harry.informatik.rwth-aachen.de (harry.Informatik.RWTH-Aachen.DE [137.226.116.28]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id SAA30536 for ; Wed, 16 Dec 1998 18:34:09 -0600 (CST) Received: from microsoft.sucks.eu.org (IDENT:root@s4m165.dialup.RWTH-Aachen.DE [137.226.8.165]) by harry.informatik.rwth-aachen.de (8.9.1a/8.9.1/1) with SMTP id BAA13000; Thu, 17 Dec 1998 01:33:47 +0100 (MET) Message-Id: Date: Thu, 17 Dec 1998 00:02:41 +0100 (CET) Reply-To: bero@microsoft.sucks.eu.org Sender: owner-wu-ftpd@wugate.wustl.edu From: Bernhard Rosenkraenzer To: Kirwan Marty Cc: wu-ftpd@wugate.wustl.edu Subject: Re: NEWBIE Question In-Reply-To: <4154CB59D182D211ACC20060080CEC6B445B66@MCL6.prc.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Wed, 16 Dec 1998, Kirwan Marty wrote: > I recently subscribed to this list hoping to find out about WU-Ftpd. Alot > of the recent messages have dealt with BeroFTP and VR10. Here is the newbie > question: Are these preferable to WU-Ftpd? They are wu-ftpd springoffs, and IMO both of them are preferrable to base wu-ftpd, primarily because they're actively maintained. (speaking of it: the next version of BeroFTPD will be released as soon as I'm done with another project, probably early next week) Also, the base wu-ftpd version currently has a serious security bug (search the archives for realpath), which has been fixed in the other versions about a month ago. The VR* patches contain a lot of bug fixes and new features, BeroFTPD contains most of the VR patches, the newvirt patches (better way to handle virtual hosts), an internal ls command, and many other additional features. > Where can I find them? VR: ftp://ftp.vr.net/pub/wu-ftpd BeroFTPD: ftp://beroftpd.unix.eu.org/pub/BeroFTPD/ ftp://ftp.croftj.net/usr/bero/BeroFTPD/ ftp://ftp.sunet.se/pub/nir/ftp/servers/BeroFTPD/ ftp://sunsite.cnlab-switch.ch/mirror/BeroFTPD/ > I would like to run one off them on a MkLinux box, is that a problem? Shouldn't be one. LLaP bero -- Windows 98 supports real multitasking - it can boot and crash simultaneously. *** Anyone sending unwanted advertising e-mail to this address will be charged $25 for network traffic and computing time. By extracting my address from this message or its header, you agree to these terms. From owner-wu-ftpd@wugate.wustl.edu Wed Dec 16 18:43:54 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id SAA00182; Wed, 16 Dec 1998 18:43:53 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id SAA25579; Wed, 16 Dec 1998 18:40:22 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id SAA00698 for ; Wed, 16 Dec 1998 18:35:30 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id TAA01847; Wed, 16 Dec 1998 19:35:13 -0500 Message-Id: Date: Wed, 16 Dec 1998 19:35:12 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Edward Baichtal Cc: wu-ftpd@wugate.wustl.edu Subject: Re: /incoming stopped working... In-Reply-To: <002c01be2951$1c2a0c00$065c6cc7@dagobah.AirLink.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Wed, 16 Dec 1998, Edward Baichtal wrote: > Date: Wed, 16 Dec 1998 16:06:35 -0800 > From: Edward Baichtal > To: wu-ftpd@wugate.wustl.edu > Subject: /incoming stopped working... > > I think I saw this answer a couple weeks ago go by on this list. Just put > up VR 11 in place of beta 17, and notice that /incoming stopped working. > Anonymous users get the following message when trying to upload: > > 553 file.zip: Permission denied. (Upload) > > I forgot what the fix was. Please forward that e-mail to me. add (or check) an upload clause for the incoming area. VR changed the default from allow-unless-denied (for anonymous) to deny-unless-allowed. simplest cause: no upload clause at all less-obvious, but probably more common, cause: the upload doesn't match for the anonymous user. Check the examples in my site: ftp://ftp.vr.net/pub/wu-ftpd/examples/ -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Wed Dec 16 18:55:44 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id SAA00249; Wed, 16 Dec 1998 18:55:43 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id SAA27836; Wed, 16 Dec 1998 18:52:38 -0600 (CST) Received: from iodine2.house.gov ([137.18.234.12]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id SAA11719 for ; Wed, 16 Dec 1998 18:50:48 -0600 (CST) Received: from msg09.house.gov (msg09.house.gov [143.231.53.68]) by iodine2.house.gov (8.9.1/8.9.1) with SMTP id RAA24826 for ; Wed, 16 Dec 1998 17:44:18 -0500 Received: by msg09.house.gov with SMTP (Microsoft Exchange Server Internet Mail Connector Version 4.0.996.62) id <01BE28E3.EEDE0ED0@msg09.house.gov>; Wed, 16 Dec 1998 11:05:04 -0500 Message-Id: Date: Wed, 16 Dec 1998 11:04:57 -0500 Reply-To: Debbie.Pomerance@mail.house.gov Sender: owner-wu-ftpd@wugate.wustl.edu From: "Pomerance, Debbie" To: "'wu-ftpd@wugate.wustl.edu'" Subject: msgs upon login X-Mailer: Microsoft Exchange Server Internet Mail Connector Version 4.0.996.62 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN I'm confused -- using beta 18 with both real and guest users message /usr/local/etc/msgs/welcome.msg login gets shown for real users after login ------------------ I tried several different iterations of this syntax to get this to work with real and guest... I tried message /usr/local/etc/msgs/welcome.msg login real message /usr/special/home/docs/etc/welcome.msg login guest <-- msg is world readable.. and I do have the same perms and owners as what I have for pathmsg which is working for guest, in the chrooted environment (although that path is relative to the chroot - as in /etc/pathmsg under docs). or message /usr/local/etc/msgs/welcome.msg login real,guest NOW I have none working.... except if I go back to my first one which just works with real... I need it working with both... where am I going wrong... I did look at the man page - I hope that's noticable :-) thanks in advance. Debbie Pomerance ------------------------------------------------------------- Deborah Pomerance (202) 226-6255 mailto:debbie.pomerance@mail.house.gov Unix System Administration U.S. House of Representatives / House Information Resources From owner-wu-ftpd@wugate.wustl.edu Wed Dec 16 21:23:28 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id VAA01333; Wed, 16 Dec 1998 21:23:26 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id VAA24386; Wed, 16 Dec 1998 21:18:42 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id VAA03787 for ; Wed, 16 Dec 1998 21:11:30 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id WAA02538; Wed, 16 Dec 1998 22:08:17 -0500 Message-Id: Date: Wed, 16 Dec 1998 22:08:17 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: "Pomerance, Debbie" Cc: "'wu-ftpd@wugate.wustl.edu'" Subject: Re: msgs upon login In-Reply-To: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Wed, 16 Dec 1998, Pomerance, Debbie wrote: > I'm confused -- using beta 18 with both real and guest users > > message /usr/local/etc/msgs/welcome.msg login > > gets shown for real users after login > > I tried several different iterations of this syntax to get this to work > with real and guest. message is realive to the chroot environment for guest and anonymous. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Thu Dec 17 10:59:53 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id KAA08598; Thu, 17 Dec 1998 10:59:52 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id KAA12648; Thu, 17 Dec 1998 10:54:18 -0600 (CST) Received: from rte.com (mail.rte.com [207.10.95.11]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id KAA17841 for ; Thu, 17 Dec 1998 10:46:35 -0600 (CST) Received: from rte.com by rte.com (SMI-8.6/SMI-SVR4) id LAA27081; Thu, 17 Dec 1998 11:40:22 -0500 Message-Id: <36793598.4691D2FD@rte.com> Date: Thu, 17 Dec 1998 11:47:20 -0500 Reply-To: scott_mackay@mail.rte.com Sender: owner-wu-ftpd@wugate.wustl.edu From: "Scott D. MacKay" To: wu-ftp Subject: wu-ftp and Solaris 7 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Sender: sdm@mail.rte.com X-Mailer: Mozilla 4.5 [en] (X11; I; SunOS 5.5 sun4m) X-Accept-Language: en X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Does anyone have a tree layour for anonymous users under Solaris 7? My ftpd does not run when I allow name resolution using 'dns', but does when using files.... I think I am missing a config file or library which DNS needs, but file lookup does not. -Scott -- ------------------------- | Scott MacKay : Postmaster | sdm@rte.com | postmaster@rte.com | ICQ 12191982 | (716) 383-1290 | Real Time Enterprises, Pittsford NY | -Electronic Document Imaging-System Integration-Software Development- | 'The opinions shared here only reflect the poster's | views and may not reflect the views of the company.' From owner-wu-ftpd@wugate.wustl.edu Thu Dec 17 11:17:17 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id LAA08769; Thu, 17 Dec 1998 11:17:16 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id LAA19114; Thu, 17 Dec 1998 11:11:30 -0600 (CST) Received: from rte.com (mail.rte.com [207.10.95.11]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id LAA01872 for ; Thu, 17 Dec 1998 11:00:05 -0600 (CST) Received: from rte.com by rte.com (SMI-8.6/SMI-SVR4) id LAA27168; Thu, 17 Dec 1998 11:53:47 -0500 Message-Id: <367938BD.C4ED2354@rte.com> Date: Thu, 17 Dec 1998 12:00:45 -0500 Reply-To: scott_mackay@mail.rte.com Sender: owner-wu-ftpd@wugate.wustl.edu From: "Scott D. MacKay" To: wu-ftp Subject: Re: wu-ftp and Solaris 7 References: <36793598.4691D2FD@rte.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Sender: sdm@mail.rte.com X-Mailer: Mozilla 4.5 [en] (X11; I; SunOS 5.5 sun4m) X-Accept-Language: en X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN "Scott D. MacKay" wrote: > > Does anyone have a tree layour for anonymous users under Solaris 7? > My ftpd does not run when I allow name resolution using 'dns', but does > when using files.... > I think I am missing a config file or library which DNS needs, but file > lookup does not. > Why yes, Scott. You need to include the libresolv objects as per resolver(3N) :) Doh! -Scott -- ------------------------- | Scott MacKay : Postmaster | sdm@rte.com | postmaster@rte.com | ICQ 12191982 | (716) 383-1290 | Real Time Enterprises, Pittsford NY | -Electronic Document Imaging-System Integration-Software Development- | 'The opinions shared here only reflect the poster's | views and may not reflect the views of the company.' From owner-wu-ftpd@wugate.wustl.edu Thu Dec 17 12:43:48 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id MAA09818; Thu, 17 Dec 1998 12:43:47 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id MAA28646; Thu, 17 Dec 1998 12:36:14 -0600 (CST) Received: from smtp.enteract.com (thor.enteract.com [207.229.143.11]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id MAA15401 for ; Thu, 17 Dec 1998 12:34:05 -0600 (CST) Received: (qmail 11817 invoked from network); 17 Dec 1998 18:34:03 -0000 Received: from hal-isdn-1.sa.enteract.com (HELO hippo.roxor.org) (207.229.136.105) by thor.enteract.com with SMTP; 17 Dec 1998 18:34:03 -0000 Received: (from hal@localhost) by hippo.roxor.org (8.8.8/8.8.8) id MAA03699; Thu, 17 Dec 1998 12:33:46 -0600 (CST) (envelope-from hal) Message-Id: <87n24mlit1.fsf@hippo.roxor.org> Date: 17 Dec 1998 12:33:46 -0600 Reply-To: hal@enteract.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Hal Snyder To: wu-ftpd@wugate.wustl.edu Subject: Re: NEWBIE Question In-Reply-To: Gregory A Lundberg's message of "Wed, 16 Dec 1998 17:05:01 -0500 (EST)" References: X-Mailer: Gnus v5.6.44/Emacs 20.3 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Thank you for the information. It's good to see things are amicable between VR11 and BeroFTP camps! I started configuring proftpd for a site I administer and am having second thoughts [and am now behind schedule :-( ]. If BeroFTP has VR patches rolled in and is tracking the FTP Working Group, why would someone prefer VR11? Gregory A Lundberg writes: > ... > BeroFTPD has rolled in many of the VR patches as well as Kent's > NEWVIRT virtual hosting scheme. Bernard has also done a lot of work > cleaning up the source code, getting it to use GNU autoconf, and > adding a number of new and/or upcoming FTP features. If you have > high-end multi-hosting needs or need to begin working with the > evolving output of the FTP Working Group, you will want BeroFTPD. > ... From owner-wu-ftpd@wugate.wustl.edu Thu Dec 17 15:44:00 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id PAA12262; Thu, 17 Dec 1998 15:43:59 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id PAA23005; Thu, 17 Dec 1998 15:37:35 -0600 (CST) Received: from att.com (cagw1.att.com [192.128.52.89]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id PAA06694 for ; Thu, 17 Dec 1998 15:35:34 -0600 (CST) Received: from caig1.fw.att.com by cagw1.att.com (AT&T/IPNS/UPAS-1.0) for wugate.wustl.edu!wu-ftpd sender lynx.lz.att.com!rah (lynx.lz.att.com!rah); Thu Dec 17 12:12 EST 1998 Received: from merlin.lz.att.com (lynx.lz.att.com [135.25.200.5]) by caig1.fw.att.com (AT&T/IPNS/GW-1.0) with SMTP id MAA08628 for ; Thu, 17 Dec 1998 12:21:16 -0500 (EST) Received: by merlin.lz.att.com with SMTP (Microsoft Exchange Server Internet Mail Connector Version 4.0.996.62) id <01BE29B7.B1FF38C0@merlin.lz.att.com>; Thu, 17 Dec 1998 12:20:55 -0500 Message-Id: Date: Thu, 17 Dec 1998 12:20:54 -0500 Reply-To: rah@lynx.lz.att.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Roger Hanke To: "'Bernhard Rosencranz'" Cc: "'WUFTPD List'" Subject: BeroFTPD handling of pid file contention MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Exchange Server Internet Mail Connector Version 4.0.996.62 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Bernhard, First I apologize since I am pretty sure I remember reading about this a while back, but since everyone is asking you for info on your version.... How are you handling the situation when the fcntl lock of the pid file fails? We do get flooded by these messages at times when a lot of connect requests come in a short period. We are not using the class maximum limits currently so was curious if there is any way to avoid this lookup/recording step completely? Thanx, Roger Hanke ----------------------------------------------------- Roger A. Hanke AT&T Web Site Services (732)576-5738 rhanke@att.com FAX (732)576-6041 http://lynxhub.att.com/~rah/ ----------------------------------------------------- From owner-wu-ftpd@wugate.wustl.edu Thu Dec 17 16:33:49 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id QAA13152; Thu, 17 Dec 1998 16:33:48 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id QAA26255; Thu, 17 Dec 1998 16:29:02 -0600 (CST) Received: from harry.informatik.rwth-aachen.de (harry.Informatik.RWTH-Aachen.DE [137.226.116.28]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id QAA19636 for ; Thu, 17 Dec 1998 16:24:31 -0600 (CST) Received: from microsoft.sucks.eu.org (IDENT:root@s4m213.dialup.RWTH-Aachen.DE [137.226.8.213]) by harry.informatik.rwth-aachen.de (8.9.1a/8.9.1/1) with SMTP id XAA06000; Thu, 17 Dec 1998 23:24:07 +0100 (MET) Message-Id: Date: Thu, 17 Dec 1998 23:15:31 +0100 (CET) Reply-To: bero@microsoft.sucks.eu.org Sender: owner-wu-ftpd@wugate.wustl.edu From: Bernhard Rosenkraenzer To: Roger Hanke Cc: "'WUFTPD List'" Subject: Re: BeroFTPD handling of pid file contention In-Reply-To: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Thu, 17 Dec 1998, Roger Hanke wrote: > How are you handling the situation when the fcntl > lock of the pid file fails? We do get flooded by > these messages at times when a lot of connect requests > come in a short period. I haven't changed anything about this - so it's the same as in VR9. I'll have a look at it and see if I can add the possibility to disable the messages in 1.3.1. LLaP bero -- Windows 98 supports real multitasking - it can boot and crash simultaneously. *** Anyone sending unwanted advertising e-mail to this address will be charged $25 for network traffic and computing time. By extracting my address from this message or its header, you agree to these terms. From owner-wu-ftpd@wugate.wustl.edu Thu Dec 17 16:43:08 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id QAA13260; Thu, 17 Dec 1998 16:43:07 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id QAA32005; Thu, 17 Dec 1998 16:39:48 -0600 (CST) Received: from harry.informatik.rwth-aachen.de (harry.Informatik.RWTH-Aachen.DE [137.226.116.28]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id QAA13840 for ; Thu, 17 Dec 1998 16:24:28 -0600 (CST) Received: from microsoft.sucks.eu.org (IDENT:root@s4m213.dialup.RWTH-Aachen.DE [137.226.8.213]) by harry.informatik.rwth-aachen.de (8.9.1a/8.9.1/1) with SMTP id XAA06015; Thu, 17 Dec 1998 23:24:15 +0100 (MET) Message-Id: Date: Thu, 17 Dec 1998 23:25:55 +0100 (CET) Reply-To: bero@microsoft.sucks.eu.org Sender: owner-wu-ftpd@wugate.wustl.edu From: Bernhard Rosenkraenzer To: Hal Snyder Cc: wu-ftpd@wugate.wustl.edu Subject: Re: NEWBIE Question In-Reply-To: <87n24mlit1.fsf@hippo.roxor.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On 17 Dec 1998, Hal Snyder wrote: > I started configuring proftpd for a site I administer and am having > second thoughts [and am now behind schedule :-( ]. proftpd is IMO a workable alternative to wu-ftpd, if you don't need virtual hosting. > If BeroFTP has VR patches rolled in and is tracking the FTP Working > Group, why would someone prefer VR11? There are a couple of reasons - first of all, I still have to catch up with the latest VR patches (VR10 and 11 have still to be merged in). Second, BeroFTPD has completely rewritten the build scheme to use autoconf. On many systems, this is beneficial, but it might not compile at all on some other systems. I'm using Linux and FreeBSD myself, and I've had reports that BeroFTPD works on SunOS, Solaris, NetBSD and OpenBSD, but I'm not sure about things like HPUX or AIX (if someone tried, please let me know). Last, new features might introduce new bugs (but since most new features of BeroFTPD (such as the internal ls or improved handling of virtual hosts) can be turned off at compile time, this should not be too important in this particular case. LLaP bero -- Windows 98 supports real multitasking - it can boot and crash simultaneously. *** Anyone sending unwanted advertising e-mail to this address will be charged $25 for network traffic and computing time. By extracting my address from this message or its header, you agree to these terms. From owner-wu-ftpd@wugate.wustl.edu Thu Dec 17 17:04:39 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id RAA13722; Thu, 17 Dec 1998 17:04:38 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id QAA29938; Thu, 17 Dec 1998 16:59:46 -0600 (CST) Received: from mail.vr.net (root@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id QAA00327 for ; Thu, 17 Dec 1998 16:53:09 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id RAA08518 for ; Thu, 17 Dec 1998 17:09:43 -0500 Message-Id: Date: Thu, 17 Dec 1998 17:09:42 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: WU-FTPD Discussion List Subject: Drat. Missed it by _that_ much! MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN My last posting (which may folow this one in your email) had a patch which was incomplete. This fixes it. Apply the patch about supressing PID lock sleeping messages first, then apply this one. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 -- Index: access.c =================================================================== RCS file: /cvsroot/wu-ftpd/src/access.c,v retrieving revision 1.1.1.1.2.7.2.9 diff -c -r1.1.1.1.2.7.2.9 access.c *** access.c 1998/12/17 22:00:05 1.1.1.1.2.7.2.9 --- access.c 1998/12/17 22:05:57 *************** *** 1167,1173 **** --- 1167,1175 ---- syslog(LOG_ERR, "sleeping: fcntl lock of pid file failed: %s", #endif #endif + #ifndef NO_PID_SLEEP_MSGS strerror(errno)); + #endif sleep(1); } lseek(pidfd, (off_t)0, L_SET); *************** *** 1248,1254 **** --- 1250,1258 ---- syslog(LOG_ERR, "sleeping: fcntl lock of pid file failed: %s", #endif #endif + #ifndef NO_PID_SLEEP_MSGS strerror(errno)); + #endif sleep(1); } *************** *** 1353,1359 **** --- 1357,1365 ---- syslog(LOG_ERR, "sleeping: fcntl lock of pid file failed: %s", #endif #endif + #ifndef NO_PID_SLEEP_MSGS strerror(errno)); + #endif sleep(1); } From owner-wu-ftpd@wugate.wustl.edu Thu Dec 17 17:08:23 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id RAA13768; Thu, 17 Dec 1998 17:08:22 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id RAA08991; Thu, 17 Dec 1998 17:02:10 -0600 (CST) Received: from mail.vr.net (root@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id QAA30075 for ; Thu, 17 Dec 1998 16:53:22 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id QAA08310; Thu, 17 Dec 1998 16:53:24 -0500 Message-Id: Date: Thu, 17 Dec 1998 16:53:24 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Roger Hanke Cc: "'Bernhard Rosencranz'" , "'WUFTPD List'" Subject: Re: BeroFTPD handling of pid file contention In-Reply-To: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Thu, 17 Dec 1998, Roger Hanke wrote: > How are you handling the situation when the fcntl lock of the pid > file fails? We do get flooded by these messages at times when a lot of > connect requests come in a short period. We are not using the class > maximum limits currently so was curious if there is any way to avoid > this lookup/recording step completely? Does the system operate normally, just you're getting slammed with all the log messages? If so, how about a compile-time patch to disable this message to the system log? -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 -- Index: config.h =================================================================== RCS file: /cvsroot/wu-ftpd/config.h,v retrieving revision 1.1.1.1.2.7.2.9 diff -c -r1.1.1.1.2.7.2.9 config.h *** config.h 1998/11/20 17:12:19 1.1.1.1.2.7.2.9 --- config.h 1998/12/17 21:47:22 *************** *** 248,250 **** --- 248,256 ---- */ #undef DISABLE_PORT #undef DISABLE_PASV + + /* + * Define this to suppress messages about PID locks causing the daemon to + * sleep. This should only be needed at busy sites. + */ + #undef NO_PID_SLEEP_MSGS Index: src/access.c =================================================================== RCS file: /cvsroot/wu-ftpd/src/access.c,v retrieving revision 1.1.1.1.2.7.2.8 diff -c -r1.1.1.1.2.7.2.8 access.c *** src/access.c 1998/12/01 22:07:07 1.1.1.1.2.7.2.8 --- src/access.c 1998/12/17 21:50:11 *************** *** 1156,1168 **** --- 1156,1172 ---- #ifdef HAVE_FLOCK while (flock(pidfd, LOCK_EX)) { + #ifndef NO_PID_SLEEP_MSGS syslog(LOG_ERR, "sleeping: flock of pid file failed: %s", + #endif #else arg.l_type = F_WRLCK; arg.l_whence = arg.l_start = arg.l_len = 0; while ( -1 == fcntl( pidfd, F_SETLK, &arg) ) { + #ifndef NO_PID_SLEEP_MSGS syslog(LOG_ERR, "sleeping: fcntl lock of pid file failed: %s", #endif + #endif strerror(errno)); sleep(1); } *************** *** 1233,1245 **** --- 1237,1253 ---- #ifdef HAVE_FLOCK while (flock(pidfd, LOCK_EX)) { + #ifndef NO_PID_SLEEP_MSGS syslog(LOG_ERR, "sleeping: flock of pid file failed: %s", + #endif #else arg.l_type = F_WRLCK; arg.l_whence = arg.l_start = arg.l_len = 0; while ( -1 == fcntl( pidfd, F_SETLK, &arg) ) { + #ifndef NO_PID_SLEEP_MSGS syslog(LOG_ERR, "sleeping: fcntl lock of pid file failed: %s", #endif + #endif strerror(errno)); sleep(1); } *************** *** 1334,1345 **** --- 1342,1357 ---- #ifdef HAVE_FLOCK while (flock(pidfd, LOCK_EX)) { + #ifndef NO_PID_SLEEP_MSGS syslog(LOG_ERR, "sleeping: flock of pid file failed: %s", + #endif #else arg.l_type = F_WRLCK; arg.l_whence = arg.l_start = arg.l_len = 0; while ( -1 == fcntl( pidfd, F_SETLK, &arg) ) { + #ifndef NO_PID_SLEEP_MSGS syslog(LOG_ERR, "sleeping: fcntl lock of pid file failed: %s", + #endif #endif strerror(errno)); sleep(1); From owner-wu-ftpd@wugate.wustl.edu Thu Dec 17 17:10:59 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id RAA13833; Thu, 17 Dec 1998 17:10:57 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id RAA24480; Thu, 17 Dec 1998 17:06:23 -0600 (CST) Received: from att.com (kcgw1.att.com [192.128.133.151]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id RAA28940 for ; Thu, 17 Dec 1998 17:03:39 -0600 (CST) Received: from kcig1.att.att.com by kcgw1.att.com (AT&T/IPNS/UPAS-1.0) for wugate.wustl.edu!wu-ftpd sender lynx.lz.att.com!rah (lynx.lz.att.com!rah); Thu Dec 17 17:03 CST 1998 Received: from merlin.lz.att.com (lynx.lz.att.com [135.25.200.5]) by kcig1.att.att.com (AT&T/IPNS/GW-1.0) with SMTP id RAA07912 for ; Thu, 17 Dec 1998 17:03:28 -0600 (CST) Received: by merlin.lz.att.com with SMTP (Microsoft Exchange Server Internet Mail Connector Version 4.0.996.62) id <01BE29E7.56EEB020@merlin.lz.att.com>; Thu, 17 Dec 1998 18:01:58 -0500 Message-Id: Date: Thu, 17 Dec 1998 18:01:56 -0500 Reply-To: rah@lynx.lz.att.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Roger Hanke To: "'Bernhard Rosenkraenzer'" , "'Gregory A. Lundberg'" Cc: "'WUFTPD List'" Subject: RE: BeroFTPD handling of pid file contention MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Exchange Server Internet Mail Connector Version 4.0.996.62 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN That would be fine. Sounds like neither Gregory or you thought it was worthwhile to turn off writing of the pids completely? Realizing this would mean you were also turning off limits capabilities? Roger Hanke -----Original Message----- From: Bernhard Rosenkraenzer [mailto:bero@microsoft.sucks.eu.org] Sent: Thursday, December 17, 1998 5:16 PM To: Roger Hanke Cc: 'WUFTPD List' Subject: Re: BeroFTPD handling of pid file contention On Thu, 17 Dec 1998, Roger Hanke wrote: > How are you handling the situation when the fcntl > lock of the pid file fails? We do get flooded by > these messages at times when a lot of connect requests > come in a short period. I haven't changed anything about this - so it's the same as in VR9. I'll have a look at it and see if I can add the possibility to disable the messages in 1.3.1. LLaP bero -- Windows 98 supports real multitasking - it can boot and crash simultaneously. *** Anyone sending unwanted advertising e-mail to this address will be charged $25 for network traffic and computing time. By extracting my address from this message or its header, you agree to these terms. From owner-wu-ftpd@wugate.wustl.edu Fri Dec 18 08:24:08 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id IAA26904; Fri, 18 Dec 1998 08:24:07 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id IAA08114; Fri, 18 Dec 1998 08:19:19 -0600 (CST) Received: from sphinx.publicis.fr (root@sphinx.publicis.fr [194.51.107.3]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id IAA14497 for ; Fri, 18 Dec 1998 08:12:54 -0600 (CST) Received: from publicis.fr (farzy@karma.sgip.fr [194.51.108.11]) by sphinx.publicis.fr (8.8.8/8.8.8/Debian/GNU) with ESMTP id PAA19061; Fri, 18 Dec 1998 15:12:53 +0100 Message-Id: <367A62E5.F2916890@publicis.fr> Date: Fri, 18 Dec 1998 15:12:53 +0100 Reply-To: groue@publicis.fr Sender: owner-wu-ftpd@wugate.wustl.edu From: "Gwend'" To: wu-ftpd@wugate.wustl.edu Subject: When a unique user can't DIR MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Sender: farzy@publicis.fr X-Mailer: Mozilla 4.5 [en] (X11; I; Linux 2.1.110 i686) X-Accept-Language: fr, fr-FR, en X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Hi I have a little problem, which should not be very nasty. Sorry if I'm a new wu-ftpd user... Well, I've created an user, and averyting is OK : he sees only what he needs to see, he's restricted to the needed area, he gets, puts, etc. BUT nor LS nor DIR commands work properly. They both answer : ftp> dir 200 PORT command successful. 150 Opening ASCII mode data connection for /bin/ls. 226 Transfer complete. Many files should appear, and they don't. Consider that this is the only user rising such a problem. Other ones can LS and DIR normally. What could be the difference between he and them ? Thank you. Gwendal Roué From owner-wu-ftpd@wugate.wustl.edu Fri Dec 18 09:15:08 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id JAA27362; Fri, 18 Dec 1998 09:15:07 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id JAA08023; Fri, 18 Dec 1998 09:11:52 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id JAA21883 for ; Fri, 18 Dec 1998 09:05:51 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id KAA12616; Fri, 18 Dec 1998 10:05:32 -0500 Message-Id: Date: Fri, 18 Dec 1998 10:05:31 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: "Gwend'" Cc: wu-ftpd@wugate.wustl.edu Subject: Re: When a unique user can't DIR In-Reply-To: <367A62E5.F2916890@publicis.fr> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Fri, 18 Dec 1998, Gwend' wrote: > BUT nor LS nor DIR commands work properly. They both answer : > Many files should appear, and they don't. Missing libraries, programs or other glue. Check the FAQ. The location of the latest version of wu-ftpd can be found in the directory ftp://ftp.academ.com/pub/wu-ftpd/private/ You can't see the directory contents, so read the message informing you of the actual filename to retrieve. It's there. wu-ftpd Resource Center: http://www.landfield.com/wu-ftpd/ wu-ftpd FAQ: http://www.cetis.hvu.nl/~koos/wu-ftpd-faq.html wu-ftpd list archive: http://www.landfield.com/wu-ftpd/mail-archive/ -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Fri Dec 18 09:23:09 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id JAA27462; Fri, 18 Dec 1998 09:23:08 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id JAA17699; Fri, 18 Dec 1998 09:18:26 -0600 (CST) Received: from sphinx.publicis.fr (root@sphinx.publicis.fr [194.51.107.3]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id JAA05084 for ; Fri, 18 Dec 1998 09:13:43 -0600 (CST) Received: from publicis.fr (farzy@karma.sgip.fr [194.51.108.11]) by sphinx.publicis.fr (8.8.8/8.8.8/Debian/GNU) with ESMTP id QAA20690; Fri, 18 Dec 1998 16:13:38 +0100 Message-Id: <367A7122.28DB4311@publicis.fr> Date: Fri, 18 Dec 1998 16:13:38 +0100 Reply-To: groue@publicis.fr Sender: owner-wu-ftpd@wugate.wustl.edu From: "Gwend'" To: Gregory A Lundberg Cc: wu-ftpd@wugate.wustl.edu Subject: Re: When a unique user can't DIR References: MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Sender: farzy@publicis.fr X-Mailer: Mozilla 4.5 [en] (X11; I; Linux 2.1.110 i686) X-Accept-Language: fr, fr-FR, en X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Gregory A Lundberg wrote: > > On Fri, 18 Dec 1998, Gwend' wrote: > > > BUT nor LS nor DIR commands work properly. They both answer : > > Many files should appear, and they don't. > > Missing libraries, programs or other glue. Check the FAQ. Well, thank you, but I'm not sure this is the solution. Remember only ONE user raises the problem... I won't install multiple libraries for multiple users... Gwendal Roué Publicis Technology From owner-wu-ftpd@wugate.wustl.edu Fri Dec 18 10:42:38 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id KAA28457; Fri, 18 Dec 1998 10:42:37 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id KAA23804; Fri, 18 Dec 1998 10:35:55 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id KAA28236 for ; Fri, 18 Dec 1998 10:31:37 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id LAA13124; Fri, 18 Dec 1998 11:31:17 -0500 Message-Id: Date: Fri, 18 Dec 1998 11:31:17 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: "Gwend'" Cc: wu-ftpd@wugate.wustl.edu Subject: Re: When a unique user can't DIR In-Reply-To: <367A7122.28DB4311@publicis.fr> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Fri, 18 Dec 1998, Gwend' wrote: > I won't install multiple libraries for multiple users... then you need to re-think your security model. Here, I use the following general rules: - anonymous ftp chroot'd to its own area, gets a copy of the glue. - all users are guests and chroot'd to a common point with a copy of the glue shared between them all - each virtual host chroot's to its own area and gets a copy of the glue - guest and anonymous users for the virtual hosts chroot to the host's area and share that glue instead of the general-user area's To assist in copying the glue, I have the parts needed in loop-back mount filesystems which I mount read-only into each chroot area so I'm really only paying for the files once. All this _IS_ covered in the FAQ, but may require some thinking to see how to apply it. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Fri Dec 18 10:49:30 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id KAA28535; Fri, 18 Dec 1998 10:49:29 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id QAA17623; Thu, 17 Dec 1998 16:45:27 -0600 (CST) Received: from orion.starshadow.com (ghent@starshadow.com [206.183.10.120]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id QAA30180 for ; Thu, 17 Dec 1998 16:27:33 -0600 (CST) Received: from localhost (ghent@localhost) by orion.starshadow.com (8.9.1a/8.9.1a) with ESMTP id RAA07749 for ; Thu, 17 Dec 1998 17:32:54 -0500 Message-Id: Date: Thu, 17 Dec 1998 17:32:53 -0500 (EST) Reply-To: ghent@starshadow.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Ghent To: wu-ftpd@wugate.wustl.edu Subject: banner files MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Hi, I've been reading through as much info as I can find, but I haven't come up with the answer to my question. I'm trying to find a list of symbols that you can put into a banner file (~ftp/welcome.msg) that the ftp server can parse before login. (ie. %M = max clients). I would like a full list, if that documented anywhere. Thanks! - Ryan [===================================================] [- Ryan McLean - Network/System Administrator ] [-- Starshadow Communications ] [--- Calgary, Alberta, Canada - Cleveland, Ohio USA ] [---- http://www.starshadow.com ] [===================================================] From owner-wu-ftpd@wugate.wustl.edu Fri Dec 18 11:38:22 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id LAA29133; Fri, 18 Dec 1998 11:38:21 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id LAA20262; Fri, 18 Dec 1998 11:33:55 -0600 (CST) Received: from orion.starshadow.com (ghent@starshadow.com [206.183.10.120]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id LAA17682 for ; Fri, 18 Dec 1998 11:32:14 -0600 (CST) Received: from localhost (ghent@localhost) by orion.starshadow.com (8.9.1a/8.9.1a) with ESMTP id MAA32187 for ; Fri, 18 Dec 1998 12:37:48 -0500 Message-Id: Date: Fri, 18 Dec 1998 12:37:48 -0500 (EST) Reply-To: ghent@starshadow.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Ghent To: wu-ftpd@wugate.wustl.edu Subject: Re: When a unique user can't DIR In-Reply-To: <367A7122.28DB4311@publicis.fr> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=X-UNKNOWN Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from QUOTED-PRINTABLE to 8bit by wugate.wustl.edu id LAA18904 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN I would say it's a permission problem, most likely on the directory. That may seem a little easy, but you didn't mention what the permissions were, so that's what I would check first - Ryan [===================================================] [- Ryan McLean - Network/System Administrator ] [-- Starshadow Communications ] [--- Calgary, Alberta, Canada - Cleveland, Ohio USA ] [---- http://www.starshadow.com ] [===================================================] On Fri, 18 Dec 1998, Gwend' wrote: > Gregory A Lundberg wrote: > > > > On Fri, 18 Dec 1998, Gwend' wrote: > > > > > BUT nor LS nor DIR commands work properly. They both answer : > > > Many files should appear, and they don't. > > > > Missing libraries, programs or other glue. Check the FAQ. > > > Well, thank you, but I'm not sure this is the solution. Remember only > ONE user raises the problem... > > I won't install multiple libraries for multiple users... > > > Gwendal Roué > Publicis Technology > From owner-wu-ftpd@wugate.wustl.edu Fri Dec 18 12:03:56 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id MAA29342; Fri, 18 Dec 1998 12:03:55 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id MAA17145; Fri, 18 Dec 1998 12:00:25 -0600 (CST) Received: from bluto.uwex.edu (bluto.uwex.edu [144.92.106.147]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id LAA01950 for ; Fri, 18 Dec 1998 11:55:03 -0600 (CST) Received: from localhost (paulw@localhost) by bluto.uwex.edu (8.8.7/8.8.7) with SMTP id LAA49586; Fri, 18 Dec 1998 11:54:22 -0600 Message-Id: Date: Fri, 18 Dec 1998 11:54:21 -0600 (CST) Reply-To: paulw@uwex.edu Sender: owner-wu-ftpd@wugate.wustl.edu From: "Paul F. Williams" To: Ghent Cc: wu-ftpd@wugate.wustl.edu Subject: Re: When a unique user can't DIR In-Reply-To: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=X-UNKNOWN Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from QUOTED-PRINTABLE to 8bit by wugate.wustl.edu id LAA03667 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN I ran into what may be a similar problem. The 'ls' command would work but 'dir' did not produce any file listing. It was caused by the ./lib entries I don't understand how it works but there is some critical libraries such as libc.a libcurses.a that must be the correct versions. The FAQ makes an off comment about library files but it was not obvious to me what was happening. When I put in the correct lib files the 'dir' command started working. This may be what is happening on your system. (Perhaps not) paulw On Fri, 18 Dec 1998, Ghent wrote: > I would say it's a permission problem, most likely on the directory. That > may seem a little easy, but you didn't mention what the permissions were, > so that's what I would check first > > - Ryan > > [===================================================] > [- Ryan McLean - Network/System Administrator ] > [-- Starshadow Communications ] > [--- Calgary, Alberta, Canada - Cleveland, Ohio USA ] > [---- http://www.starshadow.com ] > [===================================================] > > On Fri, 18 Dec 1998, Gwend' wrote: > > > Gregory A Lundberg wrote: > > > > > > On Fri, 18 Dec 1998, Gwend' wrote: > > > > > > > BUT nor LS nor DIR commands work properly. They both answer : > > > > Many files should appear, and they don't. > > > > > > Missing libraries, programs or other glue. Check the FAQ. > > > > > > Well, thank you, but I'm not sure this is the solution. Remember only > > ONE user raises the problem... > > > > I won't install multiple libraries for multiple users... > > > > > > Gwendal Roué > > Publicis Technology > > > ------------------------------------------------------------ Paul F. Williams, Network Administrator, Information Systems UW-Extension, 432 N. Lake St., Madison, WI 53706 paulw@uwex.edu, 608-262-6011, FAX 608-262-2343 ------------------------------------------------------------ From owner-wu-ftpd@wugate.wustl.edu Sat Dec 19 07:47:27 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id HAA25724; Sat, 19 Dec 1998 07:47:25 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id HAA15139; Sat, 19 Dec 1998 07:42:59 -0600 (CST) Received: from access.lipetsk.ru (access.lipetsk.ru [195.34.224.67]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id HAA19125 for ; Sat, 19 Dec 1998 07:40:22 -0600 (CST) Received: from lstu by access.lipetsk.ru with UUCP id <93525-25728>; Sat, 19 Dec 1998 16:40:12 +0300 Received: (from star@localhost) by maverick.stu.int (8.8.7/8.8.5) id QAA26085; Sat, 19 Dec 1998 16:24:07 +0300 (MSK) Message-Id: <19981219162406.35759@maverick.stu.int> Date: Sat, 19 Dec 1998 16:24:06 +0300 Reply-To: star@stu.lipetsk.su Sender: owner-wu-ftpd@wugate.wustl.edu From: "Alexey V. Maskalyanov" To: wu-ftpd@wugate.wustl.edu Subject: How to unsubscribe? [empty] Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.89.1 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Hi With my best regards. Olorin Starlight. From owner-wu-ftpd@wugate.wustl.edu Sat Dec 19 20:38:11 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id UAA29593; Sat, 19 Dec 1998 20:38:11 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id UAA21459; Sat, 19 Dec 1998 20:33:39 -0600 (CST) Received: from differential.com (differential.com [207.126.113.254]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id UAA16499 for ; Sat, 19 Dec 1998 20:31:04 -0600 (CST) Received: from liar4.differential.net (liar4.sc.scruznet.com [204.139.14.4]) by differential.com (8.8.8/8.8.8) with SMTP id SAA00807; Sat, 19 Dec 1998 18:30:45 -0800 (PST) Message-Id: <3.0.32.19981219183018.011cbd88@differential.com> Date: Sat, 19 Dec 1998 18:30:43 -0800 Reply-To: jevans@differential.com Sender: owner-wu-ftpd@wugate.wustl.edu From: DJ To: schoepf@uni-mainz.de, byrnejb@harte-lyne.ca Cc: wu-ftpd@wugate.wustl.edu Subject: Re: SSLeay and wu-ftp Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit X-Sender: jevans@differential.com X-Mailer: Windows Eudora Pro Version 3.0 (32) X-MIME-Autoconverted: from quoted-printable to 8bit by wugate.wustl.edu id UAA27921 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN FYI There is a commercial version of wu-ftpd that supports SSL, X.509, securID and a host of other security features available at www.filedrive.com DJ At 09:47 AM 12/11/98 +0100, Rainer Schoepf wrote: >James B. Byrne writes: > > > Is there a method of including SSL support in wu-ftp or has > > someone already done this? > >You can go through edssl, a non-SSL<->SSL translator daemon. We are using >this for our (non-SSL) POP and IMAP servers. It can be configured for >both server and client side translation. > >ftp://ftp.fh-rosenheim.de/pub/mirror/ftp.replay.com/crypto/SSLapps/SSLlynx/ edssl83.tgz > >Rainer Schöpf > >-- > Rainer Schöpf > Zentrum für Datenverarbeitung A point of view can be a dangerous > der Universität Mainz luxury when substituted for insight > Anselm-Franz-von-Bentzel-Weg 12 and understanding. > D-55099 Mainz > Germany Herbert Marshall McLuhan: > The Gutenberg Galaxy > > From owner-wu-ftpd@wugate.wustl.edu Sat Dec 19 22:27:51 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id WAA00634; Sat, 19 Dec 1998 22:27:50 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id WAA32743; Sat, 19 Dec 1998 22:23:24 -0600 (CST) Received: from internexus.net (qmailr@internexus.net [206.152.14.2]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id WAA15966 for ; Sat, 19 Dec 1998 22:20:10 -0600 (CST) Received: (qmail 14739 invoked by uid 501); 20 Dec 1998 04:20:09 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 20 Dec 1998 04:20:09 -0000 Message-Id: Date: Sat, 19 Dec 1998 23:20:09 -0500 (EST) Reply-To: master@internexus.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Laszlo Vecsey To: wu-ftpd@wugate.wustl.edu Subject: beta 18 still latest? MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN I havent heard from the list since Nov 12, everyone out there ok? :) Are there any plans to integrate 'ls' into the daemon itself, are there any reasons against doing that.. - lv From owner-wu-ftpd@wugate.wustl.edu Sun Dec 20 00:59:42 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id AAA01499; Sun, 20 Dec 1998 00:59:40 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id AAA20826; Sun, 20 Dec 1998 00:55:10 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id AAA19320 for ; Sun, 20 Dec 1998 00:48:55 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id BAA21977; Sun, 20 Dec 1998 01:48:52 -0500 Message-Id: Date: Sun, 20 Dec 1998 01:48:51 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Laszlo Vecsey Cc: wu-ftpd@wugate.wustl.edu Subject: Re: beta 18 still latest? In-Reply-To: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN >From Academ, yes, Beta-18 is current. If you're looking for people working on the daemon, Bernard and I have been doing quite a bit of work for some time now. On Sat, 19 Dec 1998, Laszlo Vecsey wrote: > I havent heard from the list since Nov 12, everyone out there ok? :) Well now. I've noticed problems with the list over the past few weeks, but nothing that bad. A few times it's taken a couple days for a posting to go through is all. I have also noticed the web interface to the mailing list archives has crashed. The FTP files, in Unix mailbox format, though are fine. > Are there any plans to integrate 'ls' into the daemon itself, are > there any reasons against doing that.. BeroFTPD has done just that. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Sun Dec 20 13:15:11 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id NAA06153; Sun, 20 Dec 1998 13:15:10 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id NAA10708; Sun, 20 Dec 1998 13:10:59 -0600 (CST) Received: from rte.com (mail.rte.com [207.10.95.11]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id NAA09610 for ; Sun, 20 Dec 1998 13:08:40 -0600 (CST) Received: from rte.com by rte.com (SMI-8.6/SMI-SVR4) id OAA00423; Sun, 20 Dec 1998 14:02:21 -0500 Message-Id: <367D4B64.11003C92@rte.com> Date: Sun, 20 Dec 1998 14:09:24 -0500 Reply-To: scott_mackay@mail.rte.com Sender: owner-wu-ftpd@wugate.wustl.edu From: "Scott D. MacKay" To: wu-ftp Subject: passwd & chroot MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Sender: sdm@mail.rte.com X-Mailer: Mozilla 4.5 [en] (X11; I; SunOS 5.5 sun4m) X-Accept-Language: en X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Hiya! I am using the wu-ftp in a pure chroot environment (so all UIDs are based off a differend passwd/shadow that /etc. For me, I have a directory /export/data/ftp which contains my entire FTP site (configured via anonymous ftp rules). I am happy fluffy; All users can log in, do commands, etc. I can use chown, chmod, chgrp using the alternate passwd/shadow (chroot /export/data/ftp /bin/chgrp 777 thisdir) and everything is wonderful, except for passwd. It does not seem to like being in a chroot environment, giving the informative "Permission denied" message (and yes, a copy exists in /export/data/ftp/bin)., even as root. Does anyone have ideas on why it would say this or know of a PD passwd source I can use & alter? -Scott -- ------------------------- | Scott MacKay : Postmaster | sdm@rte.com | postmaster@rte.com | ICQ 12191982 | (716) 383-1290 | Real Time Enterprises, Pittsford NY | -Electronic Document Imaging-System Integration-Software Development- | 'The opinions shared here only reflect the poster's | views and may not reflect the views of the company.' From owner-wu-ftpd@wugate.wustl.edu Sun Dec 20 18:17:23 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id SAA07789; Sun, 20 Dec 1998 18:17:21 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id SAA24380; Sun, 20 Dec 1998 18:11:35 -0600 (CST) Received: from harry.informatik.rwth-aachen.de (harry.Informatik.RWTH-Aachen.DE [137.226.116.28]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id SAA22554 for ; Sun, 20 Dec 1998 18:07:46 -0600 (CST) Received: from microsoft.sucks.eu.org (IDENT:root@s4m021.dialup.RWTH-Aachen.DE [137.226.8.21]) by harry.informatik.rwth-aachen.de (8.9.1a/8.9.1/1) with SMTP id BAA21137; Mon, 21 Dec 1998 01:07:27 +0100 (MET) Message-Id: Date: Mon, 21 Dec 1998 01:09:45 +0100 (CET) Reply-To: bero@microsoft.sucks.eu.org Sender: owner-wu-ftpd@wugate.wustl.edu From: Bernhard Rosenkraenzer To: BeroFTPD-users@aachen.linux.de, beroftpd-devel@aachen.linux.de Cc: wu-ftpd@wugate.wustl.edu Subject: BeroFTPD 1.3.1 released MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN I've just released BeroFTPD 1.3.1 to the usual places: ftp://beroftpd.unix.eu.org/pub/BeroFTPD/ ftp://ftp.croftj.net/usr/bero/BeroFTPD/ ftp://ftp.sunet.se/pub/nir/ftp/servers/BeroFTPD/ ftp://sunsite.cnlab-switch.ch/mirror/BeroFTPD/ Changes: + Merge in changes from wu-ftpd VR10 (ftp://ftp.vr.net/pub/wu-ftpd): + -P, -q, -Q switches + ident (RFC931) support * cleanups + Merge in changes from wu-ftpd VR11 (ftp://ftp.vr.net/pub/wu-ftpd): + -r switch + add option to disable PASV mode and/or PORT mode + better support for (external) ls * bug/compatibility fixes * Fix up quota support; related cleanup * code cleanups LLaP bero -- Windows 98 supports real multitasking - it can boot and crash simultaneously. *** Anyone sending unwanted advertising e-mail to this address will be charged $25 for network traffic and computing time. By extracting my address from this message or its header, you agree to these terms. From owner-wu-ftpd@wugate.wustl.edu Mon Dec 21 09:54:01 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id JAA14049; Mon, 21 Dec 1998 09:54:00 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id JAA03876; Mon, 21 Dec 1998 09:46:24 -0600 (CST) Received: from mserver.fh-koblenz.de (mserver.fh-koblenz.de [143.93.144.2]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id JAA15546 for ; Mon, 21 Dec 1998 09:42:10 -0600 (CST) Received: from ss1000e0.fhkoblenz (ss1000e0 [143.93.145.200]) by mserver.fh-koblenz.de (8.8.8/8.8.8-ms) with SMTP id QAA13365; Mon, 21 Dec 1998 16:38:23 +0100 (MET) Received: by ss1000e0.fhkoblenz (SMI-8.6/SMI-SVR4) id QAA03918; Mon, 21 Dec 1998 16:39:55 +0100 Message-Id: <199812211539.QAA03918@ss1000e0.fhkoblenz> Date: Mon, 21 Dec 1998 16:39:54 +0100 (MET) Reply-To: mschmidt@Fh-Koblenz.DE Sender: owner-wu-ftpd@wugate.wustl.edu From: mschmidt@Fh-Koblenz.DE (M. Schmidt) To: wu-ftpd@wugate.wustl.edu Cc: mschmidt@Fh-Koblenz.DE (M. Schmidt) Subject: wu-ftpd (BETA-18) doesn't know users? MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Mailer: ELM [version 2.4 PL25] X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Hi, the machine I'm trying to run wu-ftpd (BETA-18) on is a HP-UX. I have looked into the configuration files, but I don't know what I'm doing wrong. Every time I try to ftp to the ftpd, whether anonymous or real users doesn't matter, I get back an error message after typing the user name, e.g. "530 User ftp unknown.". The ~ftp/etc/group and ~ftp/etc/passwd files have been setup as recommended. Nevertheless: What's going wrong there? Please be so nice to send me your help as soon as possible. Thanks in advance. Have a nice day Michael -- Michael Schmidt mschmidt@fh-koblenz.de Mirror of: SAMBA: IPFilter, Server for Win95, Linux-HOWTO, XEmacs-beta WinNT, LANManager From owner-wu-ftpd@wugate.wustl.edu Mon Dec 21 11:15:00 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id LAA14947; Mon, 21 Dec 1998 11:14:59 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id LAA24627; Mon, 21 Dec 1998 11:08:18 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id LAA17698 for ; Mon, 21 Dec 1998 11:01:05 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id MAA28899; Mon, 21 Dec 1998 12:00:41 -0500 Message-Id: Date: Mon, 21 Dec 1998 12:00:40 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: "M. Schmidt" Cc: wu-ftpd@wugate.wustl.edu Subject: Re: wu-ftpd (BETA-18) doesn't know users? In-Reply-To: <199812211539.QAA03918@ss1000e0.fhkoblenz> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Mon, 21 Dec 1998, M. Schmidt wrote: > the machine I'm trying to run wu-ftpd (BETA-18) on is a HP-UX. I have > looked into the configuration files, but I don't know what I'm doing > wrong. > > Every time I try to ftp to the ftpd, whether anonymous or real users > doesn't matter, I get back an error message after typing the user > name, e.g. "530 User ftp unknown.". This message means there is no user named 'ftp' in the *real* /etc/passwd file. check that the user exists. On some systems (ie., DEC, I believe) you may have to wave your hands a bit to get the system to accept the newly created user. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Mon Dec 21 11:26:53 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id LAA15069; Mon, 21 Dec 1998 11:26:52 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id LAA15233; Mon, 21 Dec 1998 11:20:43 -0600 (CST) Received: from gw1.bfg.com (gateway.bfg.com [131.187.253.2]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id LAA29201 for ; Mon, 21 Dec 1998 11:16:36 -0600 (CST) Received: (from uucp@localhost) by gw1.bfg.com (8.8.8/8.8.8) id MAA18444; Mon, 21 Dec 1998 12:16:08 -0500 (EST) Received: from ns1.bfg.com(192.73.67.20) by gw1.bfg.com via smap (V2.1) id sma017794; Mon, 21 Dec 98 12:15:21 -0500 Received: from localhost (keller@localhost) by ns1.bfg.com (8.8.8/8.8.8) with SMTP id MAA19515; Mon, 21 Dec 1998 12:15:09 -0500 (EST) Message-Id: Date: Mon, 21 Dec 1998 12:15:01 -0500 (EST) Reply-To: keller@bfg.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Ted Keller To: "M. Schmidt" Cc: wu-ftpd@wugate.wustl.edu Subject: Re: wu-ftpd (BETA-18) doesn't know users? In-Reply-To: <199812211539.QAA03918@ss1000e0.fhkoblenz> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Michael, I believe you have to also create a file /etc/shells and add your users shell into this file.... /bin/sh /bin/csh /bin/true or whatever your OS requires. Note, not all shells are required, only the ones for those users who will use your ftp daemon. Hope this helps. ted keller - bfg.com On Mon, 21 Dec 1998, M. Schmidt wrote: > > Hi, > > the machine I'm trying to run wu-ftpd (BETA-18) on is a HP-UX. > I have looked into the configuration files, but I don't know > what I'm doing wrong. > > Every time I try to ftp to the ftpd, whether anonymous or real users > doesn't matter, I get back an error message after typing the user name, > e.g. "530 User ftp unknown.". > > The ~ftp/etc/group and ~ftp/etc/passwd files have been setup > as recommended. Nevertheless: > What's going wrong there? > > Please be so nice to send me your help as soon as possible. > Thanks in advance. > > Have a nice day > Michael > > -- > Michael Schmidt > mschmidt@fh-koblenz.de > Mirror of: SAMBA: > IPFilter, Server for Win95, > Linux-HOWTO, XEmacs-beta WinNT, LANManager > From owner-wu-ftpd@wugate.wustl.edu Mon Dec 21 13:03:19 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id NAA16564; Mon, 21 Dec 1998 13:03:18 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id MAA16651; Mon, 21 Dec 1998 12:57:44 -0600 (CST) Received: from amber.ccs.neu.edu (root@amber.ccs.neu.edu [129.10.116.51]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id MAA11552 for ; Mon, 21 Dec 1998 12:49:46 -0600 (CST) Received: from cythera.ccs.neu.edu (aris@cythera.ccs.neu.edu [129.10.116.57]) by amber.ccs.neu.edu (8.9.1a/8.9.1) with ESMTP id NAA10911 for ; Mon, 21 Dec 1998 13:49:45 -0500 (EST) Message-Id: Date: Mon, 21 Dec 1998 13:49:45 -0500 (EST) Reply-To: aris@ccs.neu.edu Sender: owner-wu-ftpd@wugate.wustl.edu From: Aris Yannopoulos To: wu-ftpd@wugate.wustl.edu Subject: Virtual hosting In-Reply-To: <199812211539.QAA03918@ss1000e0.fhkoblenz> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Is all ftp virtual hosting automatically IP based or can it also be name based? Ari(= -= Madness is not an illness... it's a privilege... =- From owner-wu-ftpd@wugate.wustl.edu Mon Dec 21 13:56:22 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id NAA17722; Mon, 21 Dec 1998 13:56:21 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id NAA15595; Mon, 21 Dec 1998 13:52:55 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id NAA26848 for ; Mon, 21 Dec 1998 13:51:27 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id OAA29598; Mon, 21 Dec 1998 14:51:16 -0500 Message-Id: Date: Mon, 21 Dec 1998 14:51:16 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Aris Yannopoulos Cc: wu-ftpd@wugate.wustl.edu Subject: Re: Virtual hosting In-Reply-To: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Mon, 21 Dec 1998, Aris Yannopoulos wrote: > Is all ftp virtual hosting automatically IP based or can it also be > name based? All FTP hosting is IP-number based. The protocol specifications do not provide for name-based FTP. There is an IETF-Draft-Specification for name-based FTP using a new feature, the HOST command. BeroFTPD has support for the HOST command, but you should consider that *VERY* experimental and you will probably have to write a client which uses it since there are currently no known clients supporting the HOST command. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Tue Dec 22 05:21:54 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id FAA14284; Tue, 22 Dec 1998 05:21:53 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id FAA22051; Tue, 22 Dec 1998 05:17:23 -0600 (CST) Received: from marvin.so-net.co.uk (root@[195.129.28.130]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id FAA22768 for ; Tue, 22 Dec 1998 05:07:33 -0600 (CST) Received: from uk.so-net.com (marvin [172.20.14.1]) by marvin.so-net.co.uk (8.7.6/8.7.3) with ESMTP id LAA29967 for ; Tue, 22 Dec 1998 11:04:04 GMT Message-Id: <367F7CA3.5E5A7DE1@uk.so-net.com> Date: Tue, 22 Dec 1998 11:04:03 +0000 Reply-To: keith@uk.so-net.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Keith Oborn To: wu-ftpd@wugate.wustl.edu Subject: guestgroup and chroot MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Sender: keith@marvin.so-net.co.uk X-Mailer: Mozilla 4.5 [en] (X11; I; Linux 2.0.30 i686) X-Accept-Language: en X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN I came across this problem a coupel of years back on a SCO system: it didn't matter then and I put it down to SCO. Now I have the same problem under Solaris 2.6, and it does matter. The setup is: wu-2.4.2-academ[BETA-18] /etc/ftpaccess has a line: guestgroup customer /etc/group has the relevant entry: customer::100:testuser and /etc/passwd has: testuser:x:3000:100:Testuser:/home1/sonyadm/htdocs/testuser/./:/bin/false /bin/false is in /etc/shells. So, when testuser arrives he is correctly dropped in his home directory (the requirement is that each such user should be isolated in his own ~home, so the chdir part of the /etc/passwd entry is set to /./, and the root part to ~home. BUT, there doesn't seem to have been a chroot - testuser can cd .. and roam around to his heart's content. What's happening here, does anyone know? -- Keith Oborn Sony Communication Network 0171 426 8655 15th Floor, Commercial Union Tower, 1, Undershaft, London EC3A 8NP keith@uk.so-net.com From owner-wu-ftpd@wugate.wustl.edu Tue Dec 22 09:16:02 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id JAA15789; Tue, 22 Dec 1998 09:16:01 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id JAA11055; Tue, 22 Dec 1998 09:07:16 -0600 (CST) Received: from mserver.fh-koblenz.de (mserver.fh-koblenz.de [143.93.144.2]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id JAA23253 for ; Tue, 22 Dec 1998 09:03:59 -0600 (CST) Received: from ss1000e0.fhkoblenz (ss1000e0 [143.93.145.200]) by mserver.fh-koblenz.de (8.8.8/8.8.8-ms) with SMTP id QAA19596; Tue, 22 Dec 1998 16:00:45 +0100 (MET) Received: by ss1000e0.fhkoblenz (SMI-8.6/SMI-SVR4) id QAA23033; Tue, 22 Dec 1998 16:02:13 +0100 Message-Id: <199812221502.QAA23033@ss1000e0.fhkoblenz> Date: Tue, 22 Dec 1998 16:02:13 +0100 (MET) Reply-To: mschmidt@Fh-Koblenz.DE Sender: owner-wu-ftpd@wugate.wustl.edu From: mschmidt@Fh-Koblenz.DE (M. Schmidt) To: lundberg+wuftpd@vr.net Cc: mschmidt@Fh-Koblenz.DE, wu-ftpd@wugate.wustl.edu Subject: Re: wu-ftpd (BETA-18) doesn't know users? In-Reply-To: from "Gregory A Lundberg" at Dec 21, 98 12:00:40 pm MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Mailer: ELM [version 2.4 PL25] X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN > From: Gregory A Lundberg > Subject: Re: wu-ftpd (BETA-18) doesn't know users? > > On Mon, 21 Dec 1998, M. Schmidt wrote: [...] > > Every time I try to ftp to the ftpd, whether anonymous or real users > > doesn't matter, I get back an error message after typing the user > > name, e.g. "530 User ftp unknown.". > > This message means there is no user named 'ftp' in the *real* /etc/passwd > file. check that the user exists. On some systems (ie., DEC, I believe) > you may have to wave your hands a bit to get the system to accept the > newly created user. Hi, the user ftp has been there (really!). But there must ne a difference between BETA-18 and BETA-15, with the same setup and configuration BETA-18 doesn't work here under HP-UX, but BETA-15 does work. Curious, isn't it? So I have built wu-ftpd BETA-15. An other problem: It isn't really 100% wuftpd related, but does anybody on this list run a HP-UX-10.20 machine? I have GNU gcc and GNU binutils on our HP-UX-10.20 machine. As it's recommended to have a statically linked ls in ~ftp/bin I tried to build one, but I can't build a static version of GNU ls as a curious error message occurs. Just for testing an other program could be build statically. Please, any help available here?? Thanks in advance. Have a nice day Michael -- Michael Schmidt mschmidt@fh-koblenz.de Mirror of: SAMBA: IPFilter, Server for Win95, Linux-HOWTO, XEmacs-beta WinNT, LANManager From owner-wu-ftpd@wugate.wustl.edu Tue Dec 22 09:49:16 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id JAA16132; Tue, 22 Dec 1998 09:49:13 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id JAA17959; Tue, 22 Dec 1998 09:45:43 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id JAA04196 for ; Tue, 22 Dec 1998 09:44:21 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id KAA01968; Tue, 22 Dec 1998 10:44:05 -0500 Message-Id: Date: Tue, 22 Dec 1998 10:44:05 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Keith Oborn Cc: wu-ftpd@wugate.wustl.edu Subject: Re: guestgroup and chroot In-Reply-To: <367F7CA3.5E5A7DE1@uk.so-net.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Tue, 22 Dec 1998, Keith Oborn wrote: > BUT, there doesn't seem to have been a chroot - testuser can cd .. and > roam around to his heart's content. Let's check the easy stuff first. Make sure you're using -a on the ftpd command line and test that the ftpaccess file is actually being used. I'd add a noretrieve for a file the user can see and download and ensure I get a 'is marked unretrievable' message. Then I'd run through the FAQ: The location of the latest version of wu-ftpd can be found in the directory ftp://ftp.academ.com/pub/wu-ftpd/private/ You can't see the directory contents, so read the message informing you of the actual filename to retrieve. It's there. wu-ftpd Resource Center: http://www.landfield.com/wu-ftpd/ wu-ftpd FAQ: http://www.cetis.hvu.nl/~koos/wu-ftpd-faq.html wu-ftpd list archive: http://www.landfield.com/wu-ftpd/mail-archive/ -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Tue Dec 22 10:12:17 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id KAA16347; Tue, 22 Dec 1998 10:12:14 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id KAA22066; Tue, 22 Dec 1998 10:06:09 -0600 (CST) Received: from sco.COM (scol.london.sco.COM [150.126.1.48]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id KAA01115 for ; Tue, 22 Dec 1998 10:02:15 -0600 (CST) Received: from tyne.london.sco.COM(150.126.1.103), claiming to be "tyne.sco.com" via SMTP by scol.london.sco.COM, id smtpdGEAa003iN; Tue Dec 22 15:53:18 1998 Message-Id: <9812221201.aa12723@tyne.sco.com> Date: Tue, 22 Dec 98 12:01:57 GMT Reply-To: ianw@sco.COM Sender: owner-wu-ftpd@wugate.wustl.edu From: Ian Willis To: keith@uk.so-net.com Cc: wu-ftpd@wugate.wustl.edu Subject: Re: guestgroup and chroot X-Mailer: SCO OpenServer Mail Release 5.0 X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Check that ftpd is called with the -a option in /etc/inetd.conf. Ian Willis SCO Internet Engineering Group, Watford, England From owner-wu-ftpd@wugate.wustl.edu Tue Dec 22 11:15:49 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id LAA16904; Tue, 22 Dec 1998 11:15:46 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id LAA32153; Tue, 22 Dec 1998 11:10:29 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id LAA08281 for ; Tue, 22 Dec 1998 11:07:05 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id MAA02483; Tue, 22 Dec 1998 12:06:55 -0500 Message-Id: Date: Tue, 22 Dec 1998 12:06:55 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: "M. Schmidt" Cc: wu-ftpd@wugate.wustl.edu Subject: Re: wu-ftpd (BETA-18) doesn't know users? In-Reply-To: <199812221502.QAA23033@ss1000e0.fhkoblenz> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Tue, 22 Dec 1998, M. Schmidt wrote: > > > Every time I try to ftp to the ftpd, whether anonymous or real users > > > doesn't matter, I get back an error message after typing the user > > > name, e.g. "530 User ftp unknown.". > > > > This message means there is no user named 'ftp' in the *real* /etc/passwd > > file. check that the user exists. On some systems (ie., DEC, I believe) > > you may have to wave your hands a bit to get the system to accept the > > newly created user. > > the user ftp has been there (really!). > > But there must ne a difference between BETA-18 and BETA-15, with the > same setup and configuration BETA-18 doesn't work here under HP-UX, > but BETA-15 does work. Curious, isn't it? So I have built wu-ftpd > BETA-15. You really don't want to live in beta-15 for very long. Some important security errors were fixed on the way to beta-18. Hmm .. let's see .. between beta-16 and beta-18 there were - a lot of documentation changes - a change in 'build' for an error message - lots and lots of manpage corrections New features added - ALTERNATE_CD compile-time added - UNRESTRICTED_CHMOD compile-time option added - NO_PRIVATE compile-time option added ( Strange, isn't it, Stan Barber's avowed policy is not to add new features and yet ... ) ( Ah .. here's the meat ... ) in the base Makefile: - changes for permissions when installing in access.c: - off-by-one fix for LIMIT clause start-stop times - umask 0 wrapped arround open for PID files - casting 0 to (off_t)0 for lseek (duh, ok) added auth.c for BSDI in extensions.c: - change %M cookie so -1 displays aas unlimited instead of 0 - enhance %U cookie to not claim [unknown] user so often for LOG_FAILED - change 553 responses to 550 in ftpcmd.y - trivial whitespace changes - ensure RNTO has a target pathname before proceeding - UNRESTRICTED_CHMOD added - make sure we don't free NULL pointers in ftpcount.c - fix some parsing errors - trivial casts probably to support a lame compiler somewhere - more whitespace changes in ftpd.c - added support for SecureWare under SECUREOSF - added support for HPUX_10_TRUSTED - fixed selection of 'ls' for AIX and Solaris 2 - fixed S/Key for BSD (BSD_AUTH, auth.c added) - wrapped umask 0 arround open for log files - added parameter to wu_logwtmp() function - some fixes for directory modes on UPLOAD clauses - log PASV conections which don't match control - reset timeout signal for SIGURG - fix some error handling - some fixes for the STAT command - more response code/format changes for RFC correctness - move the RENAME check to a more appropriate location - cleanup setproctitle - claim we're ftpd not sendmail on setproctitle in ftpshut.c - die on errors in glob.c - some support for ALTERNATE_CD (?) in hostacc.c - changes in error handling and memory management in logwtmp.c - add 4th parameter (int login) - whitespace prettied up in pathnames.h - support for SOLARIS_2 - support for USE_LOCAL_ETC - support for USE_OPT_FTPD in popen.c - handle SIGCHLD - use /dev/null for stderr in src/config (misc changes) - config.aix - config.bdi - config.dec - config.fbs - config.hpx - config.lnx - config.nbs in src/makefiles (misc changes) - Makefile.aix - Makefile.bdi - Makefile.dec - Makefile.gen - Makefile.hpx - Makefile.lnx - Makefile.nbs in support/authuser.c - corrections for authenticating remote user via RFC 931, something to do with trying to bind a port (0=any?) early in the game. added support/ftruncate.c in support/snprintf.c - added support for Solaris 2 and Solaris 2.6 in support/syslog.c - added support for DEC added support/vsnprintf.c in support/makefiles (misc changes) - Makefile.dec - Makefile.lnx - Makefile.nbs - Makefile.sol in util/xferstats - change default domain from wustl.edu to academ.com - move default logfile location > It isn't really 100% wuftpd related, but does anybody on this list run > a HP-UX-10.20 machine? I have two but due to contractual requirements I cannot run any test builds on them. > I have GNU gcc and GNU binutils on our HP-UX-10.20 machine. As it's > recommended to have a statically linked ls in ~ftp/bin I tried to > build one, but I can't build a static version of GNU ls as a curious > error message occurs. Just for testing an other program could be build > statically. Please, any help available here?? What is the curious message? Statically linked programs are a help and a hinderance. They help make the site easier to set up, but they can be a pain if the lilibrary updates since you'd need to rebuild the binaries rather than replace the libraries. If your site works with shared libraries, stay with them and don't worry about statically linked. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundber+wuftpdg@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Mon Dec 28 14:16:38 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id OAA06041; Mon, 28 Dec 1998 14:16:37 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id OAA04914; Mon, 28 Dec 1998 14:07:42 -0600 (CST) Received: from home.pmi-usa.com (ppp.pmi-usa.com [216.17.136.12] (may be forged)) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id OAA13838 for ; Mon, 28 Dec 1998 14:03:45 -0600 (CST) Received: (from daemon@localhost) by home.pmi-usa.com (8.8.5/8.8.5) id MAA05312 for ; Mon, 28 Dec 1998 12:57:08 -0700 (MST) Received: from pmiisdn210.ppp.frii.net(216.17.146.210), claiming to be "[216.17.146.210]" via SMTP by home.pmi-usa.com, id smtpdId5310; Mon Dec 28 19:57:05 1998 Message-Id: Date: Mon, 28 Dec 1998 12:57:12 -0700 Reply-To: webmaster@professionaljobnetwork.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Chris Baar To: wu-ftpd@wugate.wustl.edu Subject: Configuring to use CHROOT Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Sender: cjbaar@mail.pmi-usa.com (Unverified) X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN I have installed wu-ftpd on a machine running FreeBSD 3.0. Since the machine is primarily a web server, I have only a few users (2, in fact) that will have FTP access. However, I want to use chroot to limit these users to a specific directory tree. According the man pages I have read, I need to use the "guestgroup" directive in the ftpaccess file. However when I do this, I can't get listings in all directories. Sometimes I get a listing, sometimes I get an empty directory. All directories and files are generally chmod the same... r/w by user/group. If I disable the guestgroup directive, I can see all my files, but of course the chroot is out of effect and the user can get anywhere in the system. Any ideas on something I may have overlooked here? Thanks in advance. Chris Baar webmaster@professionaljobnetwork.com From owner-wu-ftpd@wugate.wustl.edu Mon Dec 28 14:33:13 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id OAA06181; Mon, 28 Dec 1998 14:33:12 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id OAA16507; Mon, 28 Dec 1998 14:25:24 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id OAA13105 for ; Mon, 28 Dec 1998 14:22:21 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id PAA00866; Mon, 28 Dec 1998 15:22:11 -0500 Message-Id: Date: Mon, 28 Dec 1998 15:22:11 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Chris Baar Cc: wu-ftpd@wugate.wustl.edu Subject: Re: Configuring to use CHROOT In-Reply-To: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Mon, 28 Dec 1998, Chris Baar wrote: > According the man pages I have read, I need to use the "guestgroup" > directive in the ftpaccess file. However when I do this, I can't get > listings in all directories. Sometimes I get a listing, sometimes I > get an empty directory. All directories and files are generally chmod > the same... r/w by user/group. you're missing the supporting programs 'ls' and/or libraries, devices, etc. this is a FAQ The location of the latest version of wu-ftpd can be found in the directory ftp://ftp.academ.com/pub/wu-ftpd/private/ You can't see the directory contents, so read the message informing you of the actual filename to retrieve. It's there. wu-ftpd Resource Center: http://www.landfield.com/wu-ftpd/ wu-ftpd FAQ: http://www.cetis.hvu.nl/~koos/wu-ftpd-faq.html wu-ftpd list archive: http://www.landfield.com/wu-ftpd/mail-archive/ -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Mon Dec 28 14:46:51 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id OAA06319; Mon, 28 Dec 1998 14:46:51 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id OAA13483; Mon, 28 Dec 1998 14:38:23 -0600 (CST) Received: from gw1.bfg.com (gateway.bfg.com [131.187.253.2]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id OAA04627 for ; Mon, 28 Dec 1998 14:37:23 -0600 (CST) Received: (from uucp@localhost) by gw1.bfg.com (8.8.8/8.8.8) id PAA03648; Mon, 28 Dec 1998 15:37:21 -0500 (EST) Received: from ns1.bfg.com(192.73.67.20) by gw1.bfg.com via smap (V2.1) id sma003093; Mon, 28 Dec 98 15:36:23 -0500 Received: from localhost (keller@localhost) by ns1.bfg.com (8.8.8/8.8.8) with SMTP id PAA19051; Mon, 28 Dec 1998 15:36:19 -0500 (EST) Message-Id: Date: Mon, 28 Dec 1998 15:36:15 -0500 (EST) Reply-To: keller@bfg.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Ted Keller To: Chris Baar Cc: wu-ftpd@wugate.wustl.edu Subject: Re: Configuring to use CHROOT In-Reply-To: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Chris, I suspect you have not copied a working copy of ls to your chrooted area. Also remember, if your system doesn't have statically linked binaries, you will also have to copy the shared libraries to your chrooted area. Normally, you will copy the ls command to chroot/bin and any libraries to chroot/lib. Hope this helps. ted keller - bfg.com On Mon, 28 Dec 1998, Chris Baar wrote: > I have installed wu-ftpd on a machine running FreeBSD 3.0. Since the > machine is primarily a web server, I have only a few users (2, in fact) > that will have FTP access. However, I want to use chroot to limit these > users to a specific directory tree. > > According the man pages I have read, I need to use the "guestgroup" > directive in the ftpaccess file. However when I do this, I can't get > listings in all directories. Sometimes I get a listing, sometimes I get an > empty directory. All directories and files are generally chmod the same... > r/w by user/group. > > If I disable the guestgroup directive, I can see all my files, but of > course the chroot is out of effect and the user can get anywhere in the > system. Any ideas on something I may have overlooked here? Thanks in > advance. > > > Chris Baar > webmaster@professionaljobnetwork.com > > From owner-wu-ftpd@wugate.wustl.edu Mon Dec 28 18:13:02 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id SAA08295; Mon, 28 Dec 1998 18:13:01 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id SAA16133; Mon, 28 Dec 1998 18:05:37 -0600 (CST) Received: from murmur.arch.gatech.edu (mta@murmur.arch.gatech.edu [130.207.85.142]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id SAA26662 for ; Mon, 28 Dec 1998 18:02:27 -0600 (CST) Received: from murmur.arch.gatech.edu ([127.0.0.1]) by murmur.arch.gatech.edu (Netscape Messaging Server 3.6) with SMTP id AAA1D07; Mon, 28 Dec 1998 18:57:07 -0500 Message-Id: <19981228235706.AAA7430@murmur.arch.gatech.edu> Date: Mon, 28 Dec 1998 18:57:06 -0500 (EST) Reply-To: siva@arch.gatech.edu Sender: owner-wu-ftpd@wugate.wustl.edu From: "Ramachandramurthy Sivakumar" To: wu-ftpd@wugate.wustl.edu Cc: siva@arch.gatech.edu Subject: Is this safe! MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Hello, I have installed the latest wu-ftpd archive on a Sun Ultra2, Solaris 2.5.1. machine. The machine is used as a webserver/ ftpserver/fileserver. The wu-ftp archive seems to work fine. I want users belonging to a particular group (let's say the real group called "xyz" in my system's /etc/group) be able to add and delete files to the /ftphome/pub/outgoing directory. This is what I do: * Make the directory /ftphome/pub/outgoing owned by "root" and set the group to be the real group "xyz" * The directory permission for /ftphome/pub/outgoing is set to 775. With the above set up real users belonging to the group "xyz" is able to add/delete files to the /ftphome/pub/outgoing directory. Is the above procedure safe? Thanks in advance for the help! --siva (siva@arch.gatech.edu) Georgia Institute of Technology From owner-wu-ftpd@wugate.wustl.edu Tue Dec 29 09:55:24 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id JAA03327; Tue, 29 Dec 1998 09:55:23 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id JAA06193; Tue, 29 Dec 1998 09:50:34 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id JAA32176 for ; Tue, 29 Dec 1998 09:42:20 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id KAA05162; Tue, 29 Dec 1998 10:42:10 -0500 Message-Id: Date: Tue, 29 Dec 1998 10:42:09 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Ramachandramurthy Sivakumar Cc: wu-ftpd@wugate.wustl.edu Subject: Re: Is this safe! In-Reply-To: <19981228235706.AAA7430@murmur.arch.gatech.edu> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Mon, 28 Dec 1998, Ramachandramurthy Sivakumar wrote: > * Make the directory /ftphome/pub/outgoing owned by "root" > and set the group to be the real group "xyz" > * The directory permission for /ftphome/pub/outgoing is set to 775. > > With the above set up real users belonging to the group "xyz" is able > to add/delete files to the /ftphome/pub/outgoing directory. If you're talking about FTP-only access to the area, this is the wrong approach. Make the users guests and use upload/noretrieve clauses, etc, in the ftpaccess file to strictly control their access. You'll still want to use Unix permissions/ownership but they are a backstop to the security features of the daemon rather than your front-line. You should be OK if the idea is Unix shell sharing of the area, but here's a few considerations: - ownership by non-root; the superuser should never play in this area. - umask 002 or higher for users in the group; watch for world permissions you'll have to instruct/monitor/admonish the users to check the permissions carefully - sticky bit; so users cannot play with each others files - setgid on the directory; so stuff created in the directory is owned by the group. you'll have to instruct/monitor/admonish the users to watch ownership, especially if they move files into the area with rename. - only well-trusted users in the group; at least users who well-trust each other. - don't allow hard links at all; only allow local (to the directory or ftp site) symlinks if you must allow them at all. Once again, though, all you can do is watch over the users and hope they don't mess up too badly or that you catch the mistakes before they cause problems. - If you're dealing here with students or faculty consider the box permanently security-compromised. Backups are good, but fdisk is better. -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Tue Dec 29 11:51:05 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id LAA04481; Tue, 29 Dec 1998 11:51:04 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id LAA18152; Tue, 29 Dec 1998 11:44:03 -0600 (CST) Received: from mail.rdc1.sfba.home.com (imail@ha1.rdc1.sfba.home.com [24.0.0.66]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id LAA21303 for ; Tue, 29 Dec 1998 11:39:42 -0600 (CST) Received: from notgod.com ([24.1.16.4]) by mail.rdc1.sfba.home.com (InterMail v4.0 201-221-107) with ESMTP id <19981229173940.GURZ2574.mail.rdc1.sfba.home.com@notgod.com> for ; Tue, 29 Dec 1998 09:39:40 -0800 Message-Id: <368914B1.35914389@notgod.com> Date: Tue, 29 Dec 1998 09:43:13 -0800 Reply-To: notgod@notgod.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Brian Nelson To: wu-ftpd@wugate.wustl.edu Subject: guest accounts... MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Mailer: Mozilla 4.5 [en] (Win98; I) X-Accept-Language: en X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN I am running Wu-Ftpd beta 18, and I am having problems with guest accounts on a FreeBSD 2.2.8-STABLE machine. I can create accounts, and everything works dandy. People can upload files. However, they are not able to list the files in their directory, even if chmod'd to 777 I have the bin and etc directories built under these directories to spec. From owner-wu-ftpd@wugate.wustl.edu Tue Dec 29 12:08:00 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id MAA04640; Tue, 29 Dec 1998 12:07:59 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id MAA24404; Tue, 29 Dec 1998 12:03:14 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id LAA01890 for ; Tue, 29 Dec 1998 11:55:53 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id MAA05651; Tue, 29 Dec 1998 12:55:47 -0500 Message-Id: Date: Tue, 29 Dec 1998 12:55:47 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Brian Nelson Cc: wu-ftpd@wugate.wustl.edu Subject: Re: guest accounts... In-Reply-To: <368914B1.35914389@notgod.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN On Tue, 29 Dec 1998, Brian Nelson wrote: > I am running Wu-Ftpd beta 18, and I am having problems with guest > accounts on a FreeBSD 2.2.8-STABLE machine. I can create accounts, > and everything works dandy. People can upload files. However, they > are not able to list the files in their directory, even if chmod'd to > 777 > > I have the bin and etc directories built under these directories to > spec. Porbably missing some device files, or a library. Check the FAQ. The location of the latest version of wu-ftpd can be found in the directory ftp://ftp.academ.com/pub/wu-ftpd/private/ You can't see the directory contents, so read the message informing you of the actual filename to retrieve. It's there. wu-ftpd Resource Center: http://www.landfield.com/wu-ftpd/ wu-ftpd FAQ: http://www.cetis.hvu.nl/~koos/wu-ftpd-faq.html wu-ftpd list archive: http://www.landfield.com/wu-ftpd/mail-archive/ -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Tue Dec 29 12:57:19 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id MAA05081; Tue, 29 Dec 1998 12:57:18 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id MAA12472; Tue, 29 Dec 1998 12:53:35 -0600 (CST) Received: from seattle.3com.com (seattle.3com.com [129.213.128.97]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id MAA06852 for ; Tue, 29 Dec 1998 12:50:01 -0600 (CST) Received: from new-york.3com.com (new-york.3com.com [129.213.157.12]) by seattle.3com.com (8.8.8/8.8.8) with ESMTP id KAA17886 for ; Tue, 29 Dec 1998 10:50:00 -0800 (PST) Received: from hqoutbound.ops.3com.com (hqoutbound.OPS.3Com.COM [139.87.48.104]) by new-york.3com.com (8.8.8/8.8.8) with SMTP id KAA28940 for ; Tue, 29 Dec 1998 10:50:00 -0800 (PST) Received: by hqoutbound.ops.3com.com(Lotus SMTP MTA v4.6.1 (569.2 2-6-1998)) id 882566E9.00676394 ; Tue, 29 Dec 1998 10:49:17 -0800 Message-Id: <882566E9.0066053D.00@hqoutbound.ops.3com.com> Date: Tue, 29 Dec 1998 10:49:05 -0800 Reply-To: Jim_Martinez@3com.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Jim_Martinez@3com.com To: wu-ftpd@wugate.wustl.edu Subject: help setup Solaris 2.6 Mime-Version: 1.0 Content-type: text/plain; charset=us-ascii Content-Disposition: inline X-Lotus-FromDomain: 3COM X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Hello, I've downloaded the wu-ftpd-2.4.2-beta-18.tar.Z version on my Solaris 2.6 machine and am having trouble with the ./build CC=gcc sol command. I get a bunch of errors. Below is the output. Anywhere I can look for a step-by-step setup procedure? Help is much appreciated! /Jim Martinez *************************************************************************** *** ./build CC=gcc sol make args are : make opts are : CC=gcc Linking Makefiles. Makefile already present in root directory Makefile already present in src directory config.h already present in src directory Makefile already present in support directory Making support library. gcc -O -DSOLARIS2 -c authuser.c In file included from /usr/include/sys/turnstile.h:12, from /usr/include/sys/t_lock.h:20, from /usr/include/sys/vnode.h:37, from /usr/include/sys/stream.h:21, from /usr/include/netinet/in.h:38, from /usr/include/netdb.h:96, from authuser.c:17: /opt/GCC2721/lib/gcc-lib/sparc-sun-solaris2.5/2.7.2.1/include/sys/param.h:1 85: warning: `NBBY' redefined /usr/include/sys/select.h:45: warning: this is the location of the previous definition In file included from /usr/include/sys/stream.h:26, from /usr/include/netinet/in.h:38, from /usr/include/netdb.h:96, from authuser.c:17: /usr/include/sys/model.h:32: #error "No DATAMODEL_NATIVE specified" *** Error code 1 make: Fatal error: Command failed for target `authuser.o' Making ftpd. gcc -g -I.. -I../support -L../support -c ftpd.c In file included from ftpd.c:54: /opt/GCC2721/lib/gcc-lib/sparc-sun-solaris2.5/2.7.2.1/include/sys/param.h:1 85: warning: `NBBY' redefined /usr/include/sys/select.h:45: warning: this is the location of the previous definition In file included from /usr/include/sys/stream.h:26, from /usr/include/netinet/in.h:38, from ftpd.c:70: /usr/include/sys/model.h:32: #error "No DATAMODEL_NATIVE specified" *** Error code 1 make: Fatal error: Command failed for target `ftpd.o' Making ftpcount. gcc -g -I.. -I../support -L../support -o ftpcount ftpcount.c vers.o -lsupport -lsocket -lnsl -lgen In file included from /usr/include/sys/turnstile.h:12, from /usr/include/sys/t_lock.h:20, from /usr/include/sys/file.h:17, from ftpcount.c:49: /opt/GCC2721/lib/gcc-lib/sparc-sun-solaris2.5/2.7.2.1/include/sys/param.h:1 85: warning: `NBBY' redefined /usr/include/sys/select.h:45: warning: this is the location of the previous definition ld: fatal: library -lsupport: not found ld: fatal: File processing errors. No output written to ftpcount *** Error code 1 make: Fatal error: Command failed for target `ftpcount' Making ftpshut. gcc -g -I.. -I../support -L../support -o ftpshut ftpshut.c vers.o -lsupport -lsocket -lnsl -lgen In file included from /usr/include/sys/turnstile.h:12, from /usr/include/sys/t_lock.h:20, from /usr/include/sys/file.h:17, from ftpshut.c:47: /opt/GCC2721/lib/gcc-lib/sparc-sun-solaris2.5/2.7.2.1/include/sys/param.h:1 85: warning: `NBBY' redefined /usr/include/sys/select.h:45: warning: this is the location of the previous definition ld: fatal: library -lsupport: not found ld: fatal: File processing errors. No output written to ftpshut *** Error code 1 make: Fatal error: Command failed for target `ftpshut' Making ckconfig. `ckconfig' is up to date. ln: cannot create ckconfig: File exists Links to executables are in bin directory: size: bin/ftpd: cannot open size: bin/ftpcount: cannot open size: bin/ftpshut: cannot open size: bin/ftpwho: cannot open bin/ckconfig: 4272 + 332 + 332 = 4936 Done From owner-wu-ftpd@wugate.wustl.edu Tue Dec 29 14:21:34 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id OAA05939; Tue, 29 Dec 1998 14:21:33 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id OAA00470; Tue, 29 Dec 1998 14:18:04 -0600 (CST) Received: from murmur.arch.gatech.edu (mta@murmur.arch.gatech.edu [130.207.85.142]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id OAA10505 for ; Tue, 29 Dec 1998 14:13:56 -0600 (CST) Received: from murmur.arch.gatech.edu ([127.0.0.1]) by murmur.arch.gatech.edu (Netscape Messaging Server 3.6) with SMTP id AAA397B; Tue, 29 Dec 1998 15:08:28 -0500 Message-Id: <19981229200827.AAA14713@murmur.arch.gatech.edu> Date: Tue, 29 Dec 1998 15:08:27 -0500 (EST) Reply-To: siva@arch.gatech.edu Sender: owner-wu-ftpd@wugate.wustl.edu From: "Ramachandramurthy Sivakumar" To: Jim_Martinez@3com.com Cc: wu-ftpd@wugate.wustl.edu Subject: Re: help setup Solaris 2.6 In-Reply-To: <882566E9.0066053D.00@hqoutbound.ops.3com.com> from "Jim_Martinez@3com.com" at Dec 29, 98 10:49:05 am MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Jim, Compiled binaries for Solaris 2.6 is available from ftp://ftp.vr.net/pub/wu-ftpd/binaries/sun/solaris. I have installed it successfully on solaris 2.5.1. -- Rama Sivakumar siva@arch.gatech.edu Georgia Institute of Technology > > Hello, > > I've downloaded the wu-ftpd-2.4.2-beta-18.tar.Z version on my Solaris 2.6 > machine and am having trouble with the ./build CC=gcc sol command. I get a > bunch of errors. Below is the output. Anywhere I can look for a > step-by-step setup procedure? > From owner-wu-ftpd@wugate.wustl.edu Tue Dec 29 14:34:32 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id OAA06050; Tue, 29 Dec 1998 14:34:31 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id OAA18262; Tue, 29 Dec 1998 14:30:44 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id OAA02847 for ; Tue, 29 Dec 1998 14:25:10 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id PAA06409; Tue, 29 Dec 1998 15:24:49 -0500 Message-Id: Date: Tue, 29 Dec 1998 15:24:49 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Ramachandramurthy Sivakumar Cc: Jim_Martinez@3com.com, wu-ftpd@wugate.wustl.edu Subject: Re: help setup Solaris 2.6 In-Reply-To: <19981229200827.AAA14713@murmur.arch.gatech.edu> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN those binaries are not pure beta-18 .. they include the VR patches .. just so you know. On Tue, 29 Dec 1998, Ramachandramurthy Sivakumar wrote: > Compiled binaries for Solaris 2.6 is available from > ftp://ftp.vr.net/pub/wu-ftpd/binaries/sun/solaris. > > I have installed it successfully on solaris 2.5.1. > > > > I've downloaded the wu-ftpd-2.4.2-beta-18.tar.Z version on my Solaris 2.6 > > machine and am having trouble with the ./build CC=gcc sol command. I get a > > bunch of errors. Below is the output. Anywhere I can look for a > > step-by-step setup procedure? -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Tue Dec 29 15:34:37 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id PAA06675; Tue, 29 Dec 1998 15:34:35 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id PAA08685; Tue, 29 Dec 1998 15:28:45 -0600 (CST) Received: from seattle.3com.com (seattle.3com.com [129.213.128.97]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id PAA32717 for ; Tue, 29 Dec 1998 15:26:17 -0600 (CST) Received: from new-york.3com.com (new-york.3com.com [129.213.157.12]) by seattle.3com.com (8.8.8/8.8.8) with ESMTP id NAA08884 for ; Tue, 29 Dec 1998 13:26:10 -0800 (PST) Received: from hqoutbound.ops.3com.com (hqoutbound.OPS.3Com.COM [139.87.48.104]) by new-york.3com.com (8.8.8/8.8.8) with SMTP id NAA19743 for ; Tue, 29 Dec 1998 13:26:09 -0800 (PST) Received: by hqoutbound.ops.3com.com(Lotus SMTP MTA v4.6.1 (569.2 2-6-1998)) id 882566E9.0075AF84 ; Tue, 29 Dec 1998 13:25:26 -0800 Message-Id: <882566E9.0074DEEF.00@hqoutbound.ops.3com.com> Date: Tue, 29 Dec 1998 13:24:39 -0800 Reply-To: Jim_Martinez@3com.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Jim_Martinez@3com.com To: wu-ftpd@wugate.wustl.edu Subject: SUMMARY - Re: help setup Solaris 2.6 Mime-Version: 1.0 Content-type: text/plain; charset=us-ascii Content-Disposition: inline X-Lotus-FromDomain: 3COM X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Thanks folks, My problem was that I had an old version of gcc. Keith Bayer open my eyes to this one. The build went fine after removing the Solaris 2.5.1 version and loading 2.7.2.3 of gnu-gcc. Here's the response from Keith... Since I've got practically the same set up, I thought I'd just send off this quick note to you. My advice would be to get a more recent copy of gcc and try again. I'm using gnu-gcc 2.7.2.3 Solaris 2.6 Ultra 5 and didn't have any problem compiling wu-ftpd-2.4.2-beta-18 Getting it working was a bit tougher :-) Just a thought. Keith /Jim From owner-wu-ftpd@wugate.wustl.edu Tue Dec 29 18:46:57 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id SAA08342; Tue, 29 Dec 1998 18:46:56 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id SAA30815; Tue, 29 Dec 1998 18:43:33 -0600 (CST) Received: from online.no (pilt-s.online.no [148.122.208.18]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id SAA20333 for ; Tue, 29 Dec 1998 18:41:25 -0600 (CST) Received: from a.online.no (opus.nextel.no [193.212.0.2]) by online.no (8.9.1/8.9.1) with ESMTP id BAA28404; Wed, 30 Dec 1998 01:41:23 +0100 (MET) Received: (from gjermund@localhost) by a.online.no (8.9.1/8.8.7) id BAA04053; Wed, 30 Dec 1998 01:41:22 +0100 (MET) Message-Id: <199812300041.BAA04053@a.online.no> Date: Wed, 30 Dec 1998 01:41:22 +0100 (MET) Reply-To: gjermund@nextel.no Sender: owner-wu-ftpd@wugate.wustl.edu From: "Gjermund Sørseth" To: Jim_Martinez@3com.com Cc: wu-ftpd@wugate.wustl.edu Subject: Re: help setup Solaris 2.6 In-Reply-To: <882566E9.0066053D.00@hqoutbound.ops.3com.com> (Jim_Martinez@3com.com) Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit X-NCC-RegID: no.telenor X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN > I've downloaded the wu-ftpd-2.4.2-beta-18.tar.Z version on my Solaris 2.6 > machine and am having trouble with the ./build CC=gcc sol command. I get a > bunch of errors. Below is the output. Anywhere I can look for a > step-by-step setup procedure? > > Help is much appreciated! > > /Jim Martinez It looks like you are running a gcc that was installed for Solaris 2.5 on your 2.6 machine. This often causes trouble since OS include files change between OS versions and gcc keeps it's private copies of them. -- Gjermund Sørseth From owner-wu-ftpd@wugate.wustl.edu Wed Dec 30 17:44:03 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id RAA20359; Wed, 30 Dec 1998 17:44:02 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id RAA31498; Wed, 30 Dec 1998 17:39:11 -0600 (CST) Received: from stsmtp2.stcorp.com (stsmtp2.stcorp.com [207.203.33.6]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id RAA01674 for ; Wed, 30 Dec 1998 17:34:12 -0600 (CST) Received: by stsmtp2.stcorp.com(Lotus SMTP MTA v1.2 (600.1 3-26-1998)) id 862566EA.0081205F ; Wed, 30 Dec 1998 17:30:24 -0600 Message-Id: <862566EA.0080F3DD.00@stsmtp2.stcorp.com> Date: Wed, 30 Dec 1998 17:29:55 -0600 Reply-To: Nathan.Gillison@SouthTrust.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Nathan.Gillison@SouthTrust.com To: wu-ftpd@wugate.wustl.edu Subject: Solaris 2.6 Mime-Version: 1.0 Content-type: text/plain; charset=us-ascii Content-Disposition: inline X-Lotus-FromDomain: STCORP X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Hello, Our goal is to setup guest FTP on a Solaris 2.6 Server SPARC Platform Sun E5000. We don't have a compiler so we downloaded the gnu-gcc 2.7.2.3 compiler. We have a bit of a catch-22 because this gcc compiler file is gzipped. We downloaded the gzip source, but of course it needs to be compiled. Is there anywhere we can get the gzip binaries or some utility to decompress the gnu-gcc 2.7.2.3 compiler? Thank you for any suggestions you have. Nathan From owner-wu-ftpd@wugate.wustl.edu Wed Dec 30 19:45:49 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id TAA21210; Wed, 30 Dec 1998 19:45:48 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id TAA21501; Wed, 30 Dec 1998 19:41:27 -0600 (CST) Received: from online.no (pilt-s.online.no [148.122.208.18]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id TAA18022 for ; Wed, 30 Dec 1998 19:38:05 -0600 (CST) Received: from a.online.no (opus.nextel.no [193.212.0.2]) by online.no (8.9.1/8.9.1) with ESMTP id CAA14638; Thu, 31 Dec 1998 02:38:04 +0100 (MET) Received: (from gjermund@localhost) by a.online.no (8.9.1/8.8.7) id CAA13329; Thu, 31 Dec 1998 02:38:03 +0100 (MET) Message-Id: <199812310138.CAA13329@a.online.no> Date: Thu, 31 Dec 1998 02:38:03 +0100 (MET) Reply-To: gjermund@nextel.no Sender: owner-wu-ftpd@wugate.wustl.edu From: "Gjermund Sørseth" To: Nathan.Gillison@SouthTrust.com Cc: wu-ftpd@wugate.wustl.edu Subject: Re: Solaris 2.6 In-Reply-To: <862566EA.0080F3DD.00@stsmtp2.stcorp.com> (Nathan.Gillison@SouthTrust.com) Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit X-NCC-RegID: no.telenor X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN > Our goal is to setup guest FTP on a Solaris 2.6 Server SPARC Platform Sun > E5000. We don't have a compiler so we downloaded the gnu-gcc 2.7.2.3 > compiler. We have a bit of a catch-22 because this gcc compiler file is > gzipped. We downloaded the gzip source, but of course it needs to be > compiled. > > Is there anywhere we can get the gzip binaries or some utility to > decompress the gnu-gcc 2.7.2.3 compiler? Yes, www.sunfreeware.com is the place you are looking for. -- Gjermund Sørseth From owner-wu-ftpd@wugate.wustl.edu Wed Dec 30 19:57:11 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id TAA21302; Wed, 30 Dec 1998 19:57:10 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id TAA10564; Wed, 30 Dec 1998 19:53:59 -0600 (CST) Received: from jupiter.nikonrca.com (mail.nikonrca.com [209.220.32.29]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id TAA32465 for ; Wed, 30 Dec 1998 19:51:03 -0600 (CST) Received: from nikonrca.com (pluto.nikonrca.com [128.216.1.48]) by jupiter.nikonrca.com (8.9.0/8.9.0) with ESMTP id RAA18649 for ; Wed, 30 Dec 1998 17:52:18 -0800 (PST) Message-Id: <368AE0C4.A6EE1E46@nikonrca.com> Date: Wed, 30 Dec 1998 18:26:12 -0800 Reply-To: okeblawi@nikonrca.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Omar Keblawi To: wu-ftpd@wugate.wustl.edu Subject: conflicting declaration "realpath" MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Sender: okeblawi@nikonrca.com X-Mailer: Mozilla 4.05 [en] (X11; I; IRIX 6.2 IP22) X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Hi, I'm setting up wu-ftpd for the first time and I'm stuck now with a "previous declaration" error. What should I do? For additional info my path is #echo $PATH /usr/sbin:/bin:/usr/bin:/usr/ucb:/etc:/usr/local/bin:/usr/ccs/bin:. Should I take one of the includes out? If so which one and where should I do this? Thanks for your Help. Omar ftpsrvr# ./build sol make args are : make opts are : Linking Makefiles. ln: makefiles/Makefile.sol and Makefile are identical ln: makefiles/Makefile.sol and Makefile are identical ln: config/config.sol and config.h are identical ln: makefiles/Makefile.sol and Makefile are identical Making support library. rm -f libsupport.a ar cq libsupport.a fnmatch.o strcasestr.o strsep.o authuser.o touch libsupport.a Making ftpd. gcc -g -DDEBUG -I.. -I../support -L../support -c ftpd.c -o ftpd.o ftpd.c:143: conflicting types for `realpath' /usr/include/stdlib.h:180: previous declaration of `realpath' make: *** [ftpd.o] Error 1 From owner-wu-ftpd@wugate.wustl.edu Thu Dec 31 03:16:35 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id DAA24267; Thu, 31 Dec 1998 03:16:34 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id DAA02587; Thu, 31 Dec 1998 03:12:04 -0600 (CST) Received: from correo.ctv.es (correo.ctv.es [212.25.129.11]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id DAA13602 for ; Thu, 31 Dec 1998 03:03:40 -0600 (CST) Received: from ctv.es (ctv21225129132.ctv.es [212.25.129.132]) by correo.ctv.es (8.9.1/8.9.1) with ESMTP id KAA16045 for ; Thu, 31 Dec 1998 10:03:07 +0100 (MET) Message-Id: <368B3CEC.88B1E8EC@ctv.es> Date: Thu, 31 Dec 1998 09:59:24 +0100 Reply-To: carles.ctv@ctv.es Sender: owner-wu-ftpd@wugate.wustl.edu From: Carles Xavier Munyoz =?iso-8859-1?Q?Bald=F3?= To: Lista WU-FTP Subject: Users in a DBM file. MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Sender: carles@correo.ctv.es X-Envelope-To: X-Mailer: Mozilla 4.5 [en] (X11; I; Linux 2.0.35 i586) X-Accept-Language: en X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Hello, I'm modifying the source code of the wu-ftpd, to use a user DBM file instead of the /etc/passwd file. May someone help me with docs about the source code and other helps? Many thanks. --- CTV Internet [http://www.ctv.es] Carles Xavier Munyoz Baldó / carles.ctv@ctv.es / postmaster@ctv.es http://www.ctv.es/USERS/carles Clave pública PGP / PGP public KEY http://www.ctv.es/PGP-STAFF/carles.html Dpto. Sistemas / Ingeniero Informático Tel: +34 (9)6 5845291 - Fax: +34 (9)6 5844896 --- From owner-wu-ftpd@wugate.wustl.edu Thu Dec 31 10:28:27 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id KAA27497; Thu, 31 Dec 1998 10:28:26 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id KAA14664; Thu, 31 Dec 1998 10:24:00 -0600 (CST) Received: from jupiter.nikonrca.com (mail.nikonrca.com [209.220.32.29]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id KAA16807 for ; Thu, 31 Dec 1998 10:20:55 -0600 (CST) Received: from nikonrca.com (pluto.nikonrca.com [128.216.1.48]) by jupiter.nikonrca.com (8.9.0/8.9.0) with ESMTP id IAA24009; Thu, 31 Dec 1998 08:22:09 -0800 (PST) Message-Id: <368BACA7.2B194988@nikonrca.com> Date: Thu, 31 Dec 1998 08:56:07 -0800 Reply-To: okeblawi@nikonrca.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Omar Keblawi To: wu-ftpd@wugate.wustl.edu Subject: realpath conflict MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Sender: okeblawi@nikonrca.com X-Mailer: Mozilla 4.05 [en] (X11; I; IRIX 6.2 IP22) X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Hi, I'm having difficulties compiling wu-ftp on sparc solaris 2.6. The conflict is that realpath is declared in /usr/include/stdlib.h as "extern" differently than that in "extensions.c" and "fptd.c" How should I correct the problem? Detail instructions would be much appreciated, since I don't normally "play" with these things. Thanks, Omar ftpsrvr# make ftpd gcc -g -DDEBUG -I.. -I../support -L../support -c ftpd.c -o ftpd.o ftpd.c:143: conflicting types for `realpath' /usr/include/stdlib.h:180: previous declaration of `realpath' make: *** [ftpd.o] Error 1 It's conflicting with this file.... /usr/include/stdlib.h extern char *realpath(const char *, char *); extern char *realpath(); /export/home/local/src/wu-ftpd-2.4-academ/src ftpsrvr# grep realpath * extensions.c: (void) realpath(".", cwd); extensions.c: if ((realpath(path, cwdir)) == NULL) { extensions.c: if ((realpath(path, cwdir)) == NULL) { ftpd.c: *realpath(char *pathname, char *result); ftpd.c: realpath(logname ? logname : name, namebuf); ftpd.c: realpath(name, namebuf); ftpd.c: realpath(name, path); realpath.c:realpath(char *pathname, char *result) From owner-wu-ftpd@wugate.wustl.edu Thu Dec 31 11:34:37 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id LAA27959; Thu, 31 Dec 1998 11:34:36 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id LAA15008; Thu, 31 Dec 1998 11:29:18 -0600 (CST) Received: from jupiter.nikonrca.com (mail.nikonrca.com [209.220.32.29]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id LAA00470 for ; Thu, 31 Dec 1998 11:25:38 -0600 (CST) Received: from nikonrca.com (pluto.nikonrca.com [128.216.1.48]) by jupiter.nikonrca.com (8.9.0/8.9.0) with ESMTP id JAA24412; Thu, 31 Dec 1998 09:26:52 -0800 (PST) Message-Id: <368BBBD2.E1DBBE8A@nikonrca.com> Date: Thu, 31 Dec 1998 10:00:50 -0800 Reply-To: okeblawi@nikonrca.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Omar Keblawi To: wu-ftpd@wugate.wustl.edu Subject: realpath question MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Sender: okeblawi@nikonrca.com X-Mailer: Mozilla 4.05 [en] (X11; I; IRIX 6.2 IP22) X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Hey, I think I solved the "realpath" declaration problem. Could somebody tell me if this was the *right* thing to do? Are there any bad consequences to doing it this way? Thanks, Omar Here's what I did. I modified ftpd.c and realpath.c to include the "const". ftpsrvr# diff ftpd-orig.c ftpd.c 143c143 < *realpath(char *pathname, char *result); --- > *realpath(const char *pathname, char *result); ftpsrvr# diff realpath-orig.c realpath.c 45c45 < realpath(char *pathname, char *result) --- > realpath(const char *pathname, char *result) From owner-wu-ftpd@wugate.wustl.edu Thu Dec 31 11:52:01 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id LAA28235; Thu, 31 Dec 1998 11:51:59 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id LAA20805; Thu, 31 Dec 1998 11:48:42 -0600 (CST) Received: from jupiter.nikonrca.com (mail.nikonrca.com [209.220.32.29]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id LAA08134 for ; Thu, 31 Dec 1998 11:44:18 -0600 (CST) Received: from nikonrca.com (pluto.nikonrca.com [128.216.1.48]) by jupiter.nikonrca.com (8.9.0/8.9.0) with ESMTP id JAA24540 for ; Thu, 31 Dec 1998 09:45:33 -0800 (PST) Message-Id: <368BC032.DE8B4852@nikonrca.com> Date: Thu, 31 Dec 1998 10:19:30 -0800 Reply-To: okeblawi@nikonrca.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Omar Keblawi To: wu-ftpd@wugate.wustl.edu Subject: libc.a and values-Xa.o ....? MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Sender: okeblawi@nikonrca.com X-Mailer: Mozilla 4.05 [en] (X11; I; IRIX 6.2 IP22) X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Hello again... I'm making some progress. 1. I don't have /lib/libc.a but I to have /usr/lib/libc.so How would I modify the "Makefile" to use libc.so instead of libc.a? Would it be find just to replace "/lib/libc.a" with "/usr/lib/libc.so"? Can I do that? make: *** No rule to make target `/lib/libc.a', needed by `ftpd'. Stop. 2. How do I fix this? I'm missing values-Xa.o, but I don't know where it's reference. ld: fatal: file values-Xa.o: open failed: No such file or directory 3. Is the the "gen" library necessary? ld: fatal: library -lgen: not found Much Appreciated. Omar ........Details below........ ftpsrvr# ./build sol make args are : make opts are : Linking Makefiles. Making support library. gcc -g -DDEBUG -c fnmatch.c gcc -g -DDEBUG -c strcasestr.c gcc -g -DDEBUG -c strsep.c gcc -g -DDEBUG -c authuser.c rm -f libsupport.a ar cq libsupport.a fnmatch.o strcasestr.o strsep.o authuser.o touch libsupport.a Making ftpd. gcc -g -DDEBUG -I.. -I../support -L../support -c ftpd.c -o ftpd.o yacc ftpcmd.y mv -f y.tab.c ftpcmd.c gcc -g -DDEBUG -I.. -I../support -L../support -c ftpcmd.c -o ftpcmd.o gcc -g -DDEBUG -I.. -I../support -L../support -c glob.c -o glob.o gcc -g -DDEBUG -I.. -I../support -L../support -c logwtmp.c -o logwtmp.o gcc -g -DDEBUG -I.. -I../support -L../support -c popen.c -o popen.o sh newvers.sh gcc -g -DDEBUG -I.. -I../support -L../support -c vers.c gcc -g -DDEBUG -I.. -I../support -L../support -c access.c -o access.o gcc -g -DDEBUG -I.. -I../support -L../support -c extensions.c -o extensions.o gcc -g -DDEBUG -I.. -I../support -L../support -c realpath.c -o realpath.o gcc -g -DDEBUG -I.. -I../support -L../support -c acl.c -o acl.o gcc -g -DDEBUG -I.. -I../support -L../support -c private.c -o private.o gcc -g -DDEBUG -I.. -I../support -L../support -c authenticate.c -o authenticate.o gcc -g -DDEBUG -I.. -I../support -L../support -c conversions.c -o conversions.o gcc -g -DDEBUG -I.. -I../support -L../support -c hostacc.c -o hostacc.o make: *** No rule to make target `/lib/libc.a', needed by `ftpd'. Stop. Making ftpcount. gcc -g -DDEBUG -I.. -I../support -L../support -o ftpcount ftpcount.c vers.o -lsupport -lsocket -lnsl -lgen ld: fatal: file values-Xa.o: open failed: No such file or directory ld: fatal: library -lgen: not found ld: fatal: File processing errors. No output written to ftpcount make: *** [ftpcount] Error 1 From owner-wu-ftpd@wugate.wustl.edu Thu Dec 31 12:30:24 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id MAA28595; Thu, 31 Dec 1998 12:30:23 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id MAA05712; Thu, 31 Dec 1998 12:27:14 -0600 (CST) Received: from online.no (pilt-s.online.no [148.122.208.18]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id MAA30363 for ; Thu, 31 Dec 1998 12:25:19 -0600 (CST) Received: from a.online.no (opus.nextel.no [193.212.0.2]) by online.no (8.9.1/8.9.1) with ESMTP id TAA03537; Thu, 31 Dec 1998 19:25:18 +0100 (MET) Received: (from gjermund@localhost) by a.online.no (8.9.1/8.8.7) id TAA16747; Thu, 31 Dec 1998 19:25:17 +0100 (MET) Message-Id: <199812311825.TAA16747@a.online.no> Date: Thu, 31 Dec 1998 19:25:17 +0100 (MET) Reply-To: gjermund@nextel.no Sender: owner-wu-ftpd@wugate.wustl.edu From: "Gjermund Sørseth" To: carles.ctv@ctv.es Cc: wu-ftpd@wugate.wustl.edu Subject: Re: Users in a DBM file. In-Reply-To: <368B3CEC.88B1E8EC@ctv.es> (message from Carles Xavier Munyoz =?iso-8859-1?Q?Bald=F3?= on Thu, 31 Dec 1998 09:59:24 +0100) Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit X-NCC-RegID: no.telenor X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN > Hello, > > I'm modifying the source code of the wu-ftpd, to use a user DBM file > instead of the /etc/passwd file. > May someone help me with docs about the source code and other helps? This is not a good solution, there is no need to modify the source code to achieve that. Instead create a (possibly shared) library that implements the handful of getpwnam() (and so on) passwd-lookup routines which wu-ftpd (and all other programs) use, where you use gdbm (GNU dbm) to look up users. Then, you can either link your lib into the executable (re-link wu-ftpd) once and for all, or make a shell wrapper, something like "LD_PRELOAD=mylib wu-ftpd" (that was a Solaris example) which links in your shared library at run time. (I made such a package long ago that we use at my site, but I haven't gotten around to putting it up on an ftp server yet, sorry) -- Gjermund Sørseth From owner-wu-ftpd@wugate.wustl.edu Thu Dec 31 13:03:28 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id NAA28928; Thu, 31 Dec 1998 13:03:27 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id MAA01992; Thu, 31 Dec 1998 12:59:44 -0600 (CST) Received: from mail.vr.net (lundberg@mail.vr.net [205.133.13.8]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id MAA24510 for ; Thu, 31 Dec 1998 12:55:45 -0600 (CST) Received: from localhost (lundberg@localhost) by mail.vr.net (8.9.1a/8.9.1) with ESMTP id NAA17037; Thu, 31 Dec 1998 13:55:26 -0500 Message-Id: Date: Thu, 31 Dec 1998 13:55:25 -0500 (EST) Reply-To: lundberg+wuftpd@vr.net Sender: owner-wu-ftpd@wugate.wustl.edu From: Gregory A Lundberg To: Omar Keblawi Cc: wu-ftpd@wugate.wustl.edu Subject: Re: all your emails In-Reply-To: <368BC032.DE8B4852@nikonrca.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN 1) On 'realpath', the correct solution is to #define it to something else 2) On 'libc.a', sounds like you're using the wrong version compiler 3) On 'values-Xa.o', sounds like something in the runtime 4) On '-lgen', depends upon the system you're running It sounds to me like - you may be building an old, old version. The current version of the ftp daemon is 2.4.2 (Beta-18) and is available from the site below. - you may be building using old GNU gcc or libraries - you need to read the FAQ There's a site with just referenced on this list which handles free software for Sun systems. Also, there's a pre-compiled version with the VR patches available at my ftp site. The location of the latest version of wu-ftpd can be found in the directory ftp://ftp.academ.com/pub/wu-ftpd/private/ You can't see the directory contents, so read the message informing you of the actual filename to retrieve. It's there. wu-ftpd Resource Center: http://www.landfield.com/wu-ftpd/ wu-ftpd FAQ: http://www.cetis.hvu.nl/~koos/wu-ftpd-faq.html wu-ftpd list archive: http://www.landfield.com/wu-ftpd/mail-archive/ -- Gregory A Lundberg Senior Partner, VRnet Company 1441 Elmdale Drive lundberg+wuftpd@vr.net Kettering, OH 45409-1615 USA 1-800-809-2195 From owner-wu-ftpd@wugate.wustl.edu Thu Dec 31 14:20:59 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id OAA00711; Thu, 31 Dec 1998 14:20:58 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id OAA24498; Thu, 31 Dec 1998 14:17:42 -0600 (CST) Received: from jupiter.nikonrca.com (mail.nikonrca.com [209.220.32.29]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id OAA17612 for ; Thu, 31 Dec 1998 14:15:56 -0600 (CST) Received: from nikonrca.com (pluto.nikonrca.com [128.216.1.48]) by jupiter.nikonrca.com (8.9.0/8.9.0) with ESMTP id MAA25464; Thu, 31 Dec 1998 12:14:24 -0800 (PST) Message-Id: <368BE316.266DDDB7@nikonrca.com> Date: Thu, 31 Dec 1998 12:48:22 -0800 Reply-To: okeblawi@nikonrca.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Omar Keblawi To: Gregory A Lundberg Cc: wu-ftpd@wugate.wustl.edu Subject: Re: all your emails References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Sender: okeblawi@nikonrca.com X-Mailer: Mozilla 4.05 [en] (X11; I; IRIX 6.2 IP22) X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Gregory, Thanks for your help. I downloaded the latest one and you are right there where no problems with the "realpath". But the other problems still do appear. The gcc I'm using is a pkg installed that I downloaded from www.sunfreeware.com. ftpsrvr# gcc -v Reading specs from /usr/local/lib/gcc-lib/sparc-sun-solaris2.6/2.8.1/specs gcc version 2.8.1 Omar Making ftpd. make: *** No rule to make target `/lib/libc.a', needed by `ftpd'. Stop. Making ftpcount. gcc -g -I.. -I../support -L../support -o ftpcount ftpcount.c vers.o -lsupport -lsocket -lnsl -lgen ld: fatal: file values-Xa.o: open failed: No such file or directory ld: fatal: library -lgen: not found ld: fatal: File processing errors. No output written to ftpcount make: *** [ftpcount] Error 1 From owner-wu-ftpd@wugate.wustl.edu Thu Dec 31 14:46:52 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id OAA00881; Thu, 31 Dec 1998 14:46:51 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id OAA13886; Thu, 31 Dec 1998 14:43:33 -0600 (CST) Received: from jupiter.nikonrca.com (mail.nikonrca.com [209.220.32.29]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id OAA04278 for ; Thu, 31 Dec 1998 14:40:22 -0600 (CST) Received: from nikonrca.com (pluto.nikonrca.com [128.216.1.48]) by jupiter.nikonrca.com (8.9.0/8.9.0) with ESMTP id MAA25647 for ; Thu, 31 Dec 1998 12:41:37 -0800 (PST) Message-Id: <368BE977.2ECE1445@nikonrca.com> Date: Thu, 31 Dec 1998 13:15:35 -0800 Reply-To: okeblawi@nikonrca.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Omar Keblawi To: wu-ftpd@wugate.wustl.edu Subject: developement environment for Solaris 2.6 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Sender: okeblawi@nikonrca.com X-Mailer: Mozilla 4.05 [en] (X11; I; IRIX 6.2 IP22) X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Hi, I believe I might not have all the packages installed on Solaris 2.6 (sparc sun4m) to compile wu-ftpd. Could somebody email a listing from "pkginfo" so that I can compare and find what I might be missing. Thanks Much, Omar From owner-wu-ftpd@wugate.wustl.edu Thu Dec 31 15:06:39 1998 Received: from wugate.wustl.edu (wugate.wustl.edu [128.252.120.1]) by landfield.com (8.9.0/8.9.0) with ESMTP id PAA01092; Thu, 31 Dec 1998 15:06:38 -0600 (CST) Received: from host (wugate.wustl.edu [128.252.120.1]) by wugate.wustl.edu (8.8.8/8.8.5) with SMTP id PAA12180; Thu, 31 Dec 1998 15:02:49 -0600 (CST) Received: from jupiter.nikonrca.com (mail.nikonrca.com [209.220.32.29]) by wugate.wustl.edu (8.8.8/8.8.5) with ESMTP id OAA13333 for ; Thu, 31 Dec 1998 14:58:26 -0600 (CST) Received: from nikonrca.com (pluto.nikonrca.com [128.216.1.48]) by jupiter.nikonrca.com (8.9.0/8.9.0) with ESMTP id MAA25760 for ; Thu, 31 Dec 1998 12:59:17 -0800 (PST) Message-Id: <368BED9B.26A9F6DF@nikonrca.com> Date: Thu, 31 Dec 1998 13:33:15 -0800 Reply-To: okeblawi@nikonrca.com Sender: owner-wu-ftpd@wugate.wustl.edu From: Omar Keblawi To: wu-ftpd@wugate.wustl.edu Subject: I was missing a Solaris package MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Sender: okeblawi@nikonrca.com X-Mailer: Mozilla 4.05 [en] (X11; I; IRIX 6.2 IP22) X-Listprocessor-Version: 8.0 -- ListProcessor(tm) by CREN Hi. I found it. and It now compiles!!! I was missing the Solaris pkg "SUNWarc" This put in the missing libary libgen . . . etc.... Thanks for your help. Omar