CAVECCHIA@ITNCISCA.BITNET (07/03/90)
I have two simple (simple?) questions: 1) About anonymous ftp I have configured my site with the "anonymous ftp" facility. Some of the directories in ~ftp are symbolic links to other directories on a remote disk mounted via NFS. I have discovered that if I connect as anonymous there is no way to do a CD to those directories (!). Another (less complicated) question is the following: Is there any way to log any anonymous login (I mean user, host and what he downloads) to a file? 2) utmp.h problems I guessed that the struct utmp in /usr/lib/utmp.h should have the ut_name and ut_host fields but the second one is missing. Is there a way to get the user name and host of a remote user? There is another strange thing: when I telnet to my site from another machine the shell environment variable REMOTEHOST is correctly setted, but REMOTEUSER is "UNKNOWN". I'm running IRIX 3.2.1 on a Personal Iris. Is there anyone who can help me? Thanks a lot in advance. --------------------------------------------------------------------------- | Valter V. Cavecchia | Bitnet: cavecchi@itncisca | | Centro di Fisica del C.N.R. | cavecchia@itnvax.cineca.it | | I-38050 Povo (TN) - Italy | Decnet: itnvax::cavecchia (37.65) | ---------------------------------------------------------------------------
fsfacca@AVELON.LERC.NASA.GOV (Tony Facca) (07/03/90)
> 1) About anonymous ftp > > I have configured my site with the "anonymous ftp" facility. Some of > the directories in ~ftp are symbolic links to other directories on a > remote disk mounted via NFS. I have discovered that if I connect as > anonymous there is no way to do a CD to those directories (!). This is the way NFS works. You will also notice that if you have a file system mounted from one host to a second host, then rlogin (telnet) from a third host, you won't be able to access the NFS mounted file system either. > Another (less complicated) question is the following: > Is there any way to log any anonymous login (I mean user, host and what he > downloads) to a file? Edit the file /usr/etc/inetd.conf and change the ftp line to look like this: ftp stream tcp nowait root /usr/etc/ftpd ftpd -d -l The -d switch will print debugging information in the /usr/adm/SYSLOG file and the -l switch logs ftp sessions. Then restart the inetd daemon. -- [1;7m [1;53H Tony Facca [2;53Hfsfacca@avelon.lerc.nasa.gov [m [38;1H
vjs@rhyolite.wpd.sgi.com (Vernon Schryver) (07/04/90)
In article <5690>, CAVECCHIA@ITNCISCA.BITNET writes: > I have two simple (simple?) questions: > > 1) About anonymous ftp > > I have configured my site with the "anonymous ftp" facility. Some of > the directories in ~ftp are symbolic links to other directories on a > remote disk mounted via NFS. I have discovered that if I connect as > anonymous there is no way to do a CD to those directories (!). Are you sure that some of the directories are NFS mounts matters? It is true that the NFS protocol does not allow "double hops," or NFS mounts of remote file systems that are themselves NFS mounted. However, that does not seem to be involved in the description above. "Anonymous ftp" chroot(2)'s into ~ftp. This means that all symbolic links from within ~ftp must terminate somewhere in the ~ftp tree, or they will appear to be dangling. It also means that all programs in ~ftp/bin must either not be linked with shared libraries, or their must be appropriate shared libraries in the ~ftp tree. Similar considerations apply to familiar databases like /etc/passwd and /etc/group. > Another (less complicated) question is the following: > Is there any way to log any anonymous login (I mean user, host and what he > downloads) to a file? In IRIX 3.3 some limited logging can be turned on by editing /usr/etc/inetd.conf. See ftpd(1M). > 2) utmp.h problems > > I guessed that the struct utmp in /usr/lib/utmp.h should have the > ut_name and ut_host fields but the second one is missing. Is there a way to > get the user name and host of a remote user? There is another strange thing: > when I telnet to my site from another machine the shell environment variable > REMOTEHOST is correctly setted, but REMOTEUSER is "UNKNOWN". The environment variables REMOTEHOST and REMOTEUSER are Silicon Graphics features (i.e. hacks) that date from the days when we did not have fancy BSD style /etc/*tmp files. They are set by the appropriate deamons or login. The rlogin and rsh protocols includes sending the local user name to the remote machine, and so rlogind and login can correctly set REMOTEUSER. The telnet protocol does not include sending the local user name, and so telnetd on the remote machine sets REMOTEUSER to UNKNOWN. IRIX 3.3 has /etc/*tmp files, so that who(1), w(1), last(1), etc. say more. Vernon Schryver vjs@sgi.com
meyer@gorgo.ifi.unizh.ch (Urs Meyer) (07/05/90)
In article <9007031228.AA02562@avelon.lerc.nasa.gov> fsfacca@AVELON.LERC.NASA.GOV (Tony Facca) writes: > >> Is there any way to log any anonymous login (I mean user, host and what he >> downloads) to a file? > >Edit the file /usr/etc/inetd.conf and change the ftp line to look like this: > >ftp stream tcp nowait root /usr/etc/ftpd ftpd -d -l > >The -d switch will print debugging information in the /usr/adm/SYSLOG file and >the -l switch logs ftp sessions. Then restart the inetd daemon. > >[1;53H Tony Facca >[2;53Hfsfacca@avelon.lerc.nasa.gov BE WARNED, ftpd will log everything, PASSWORDS INCLUDED, even when a regular (not anonymous) user logs in. DO NOT USE THE DEBUG (-d) OPTION! This is a serious bug. Will it be fixed in 3.3? Excerpt from /usr/adm/SYSLOG (SD3.2.1): Jul 4 19:18:27 zeus ftpd[3000]: connection from claude Jul 4 19:18:27 zeus ftpd[3000]: <--- 220 Jul 4 19:18:27 zeus ftpd[3000]: zeus FTP server (SGI 3.2.1 version 4.160 Oct 5 1989 14:43) ready. Jul 4 19:18:34 zeus ftpd[3000]: FTPD: command: USER meyer^M Jul 4 19:18:34 zeus ftpd[3000]: <--- 331 Jul 4 19:18:34 zeus ftpd[3000]: Password required for meyer. Jul 4 19:18:40 zeus ftpd[3000]: FTPD: command: PASS XXXXXXXX^M [cleartext password overwritten by the poster] Jul 4 19:18:40 zeus ftpd[3000]: <--- 230 Jul 4 19:18:40 zeus ftpd[3000]: User meyer logged in. Jul 4 19:18:44 zeus ftpd[3000]: FTPD: command: PORT 130,60,48,8,19,31^M Jul 4 19:18:44 zeus ftpd[3000]: <--- 200 Jul 4 19:18:44 zeus ftpd[3000]: PORT command successful. Jul 4 19:18:44 zeus ftpd[3000]: FTPD: command: LIST^M Jul 4 19:18:44 zeus ftpd[3000]: <--- 150 Jul 4 19:18:44 zeus ftpd[3000]: Opening data connection for /bin/ls (ascii mode) (0 bytes). Jul 4 19:18:44 zeus ftpd[3000]: <--- 226 Jul 4 19:18:44 zeus ftpd[3000]: Transfer complete. Jul 4 19:19:06 zeus ftpd[3000]: FTPD: command: QUIT^M Jul 4 19:19:06 zeus ftpd[3000]: <--- 221 Jul 4 19:19:06 zeus ftpd[3000]: Goodbye. Urs Meyer ---------- meyer@ifi.unizh.ch, {uunet,...}!mcsun!cernvax!unizh!meyer University of Zurich, Dept of Computer Science, Multimedia Lab, CH-8057 Zurich
fsfacca@AVELON.LERC.NASA.GOV (Tony Facca) (07/06/90)
>> >>Edit the file /usr/etc/inetd.conf and change the ftp line to look like this: >> >>ftp stream tcp nowait root /usr/etc/ftpd ftpd -d -l >> >>The -d switch will print debugging information in the /usr/adm/SYSLOG file and >>the -l switch logs ftp sessions. Then restart the inetd daemon. >> > >BE WARNED, ftpd will log everything, PASSWORDS INCLUDED, even when a regular >(not anonymous) user logs in. > This is true. You should change the permissions on the SYSLOG file to 600. Also, if you have a cron which rotates SYSLOG, be sure to change the permissions there as well. Of course, this doesn't prevent people with root privilege from looking up passwords in the SYSLOG file. But then, NO ONE keeps the same password on more than one machine, do they? ;-) -- ----------------------------------------------------------------------------- Tony Facca | phone: 216-433-8318 NASA Lewis Research Center | Cleveland, Ohio 44135 | email: fsfacca@avelon.lerc.nasa.gov -----------------------------------------------------------------------------