root@cca.PUE.UDLAP.MX (Operator) (10/23/90)
Hi Masters! I have a problem installing anonymous ftp. I have done all the steps recommended in "Unix System Administration Handbook", but when I do a FTP to my machine, I can do a "pwd" without problems, but when I do a "ls" or "dir" I got this: ftp> ls 200 PORT command successful. 150 ASCII data connection for /bin/ls (140.148.1.11,1037) (0 bytes). crt0: no /dev/zero 226 ASCII Transfer complete. 21 bytes received in 2e-06 seconds (1e+04 Kbytes/s) ftp> dir 200 PORT command successful. 150 ASCII data connection for /bin/ls (140.148.1.11,1038) (0 bytes). crt0: no /dev/zero 226 ASCII Transfer complete. 21 bytes received in 2e-06 seconds (1e+04 Kbytes/s) ftp> I have seen that in some machines the entry for the "ftp" is something like: ftp::15:15::/usr/ftp:/usr/ftp/new/csh I think, Is it necessary to obtain a different shell (restricted) for the ftp? Any help will be appreciated, thanks _______________________________________________________________________ Ing. Enrique Sanchez Lara Coord. Red de Sun Centro Computo Universidad de las Americas Internet: esanchez@udlapvms.pue.udlap.mx enrique@cca.pue.udlap.mx _______________________________________________________________________
hh@uwasa.fi (Hannu Hirvonen LAKE) (10/24/90)
In article <1990Oct22.182238.7120@cca.PUE.UDLAP.MX> root@cca.PUE.UDLAP.MX (Operator) writes: >Hi Masters! > > I have a problem installing anonymous ftp. I have done >all the steps recommended in "Unix System Administration >Handbook", but when I do a FTP to my machine, I can do a "pwd" >without problems, but when I do a "ls" or "dir" I got this: the easy way out is to install a statically linked version of ls to ~ftp/bin directory. the other alternative is to duplicate the necessary files (i think you'll need at least the shared libraries in addition to /dev/zero). (all this is because ftpd does chroot to the home directory and therefore can't access these files any longer.) >_______________________________________________________________________ >Ing. Enrique Sanchez Lara >Coord. Red de Sun >Centro Computo Universidad de las Americas >Internet: esanchez@udlapvms.pue.udlap.mx > enrique@cca.pue.udlap.mx >_______________________________________________________________________ -- Hannu Hirvonen, Computer Centre, U of Vaasa ! P.O. BOX 297 hh@uwasa.fi, HIRVONEN@FINFUN.bitnet ! SF-65101 Vaasa, Finland
guy@auspex.auspex.com (Guy Harris) (10/31/90)
>the other alternative is to duplicate the >necessary files (i think you'll need at least the shared >libraries in addition to /dev/zero). You need all the files that the FTPD(8C) man page says you need: In the last case, ftpd takes special measures to restrict the client's access privileges. The server performs a chroot(2) command to the home directory of the ftp user. In order that system security is not breached, it is recom- mended that the ftp subtree be constructed with care; the following rules are recommended. ftp Make the home directory owned by ftp and unwritable by anyone. ~ftp/bin Make this directory owned by the super-user and unwritable by anyone. The program ls(1V) must be present to support the list commands. This program should have mode 111. Since the default /bin/ls command is linked with a shared library, so you need to set up the files for dynamic linking as well. ~ftp/usr/lib/ld.so the runtime loader must be present and executable. ~ftp/dev/zero used by the runtime loader, create this with the command mknod zero c 3 12. ~ftp/usr/lib/libc.so.* should be a copy of the latest version of the shared C library. ~ftp/etc Make this directory owned by the super-user and unwritable by anyone. The files passwd(5) and group(5) must be present for the ls command to work properly. These files should be mode 444. ~ftp/pub Make this directory mode 777 and owned by ftp. Users should then place files which are to be acces- sible via the anonymous account in this directory.