NAME
ftpd.conf
-
ftpd(8)
configuration file
DESCRIPTION
The
ftpd.conf
file specifies various configuration options for
ftpd(8)
that apply once a user has authenticated their connection.
ftpd.conf
consists of a series of lines, each of which may contain a
configuration directive, a comment, or a blank line.
Directives that appear later in the file override settings by previous
directives.
This allows
`wildcard'
entries to define defaults, and then have class-specific overrides.
A directive line has the format:
command
class
[arguments]
A
``\''
is the escape character; it can be used to escape the meaning of the
comment character, or if it is the last character on a line, extends
a configuration directive across multiple lines.
A
``#''
is the comment character, and all characters from it to the end of
line are ignored (unless it is escaped with the escape character).
Each authenticated user is a member of a
class,
which is determined by
ftpusers(5).
class
is used to determine which
ftpd.conf
entries apply to the user.
The following special classes exist when parsing entries in
:
- all
-
Matches any class.
- none
-
Matches no class.
Each class has a type, which may be one of:
- GUEST
-
Guests (as per the
``anonymous''
and
``ftp''
logins).
A
chroot(2)
is performed after login.
- CHROOT
-
chroot(2)ed
users (as per
ftpchroot(5)).
A
chroot(2)
is performed after login.
- REAL
-
Normal users.
The
ftpd(8)
STAT
command will return the class settings for the current user as defined by
,
unless the
private
directive is set for the class.
Each configuration line may be one of:
- advertize class[ host]
-
Set the address to advertise in the response to the
PASV
and
LPSV
commands to the address for
host
(which may be either a host name or IP address).
This may be useful in some firewall configurations, although many
ftp clients may not work if the address being advertised is different
to the address that they've connected to.
If
class
is
``none''
or
host
not is specified, disable this.
- checkportcmd class[ off]
-
Check the
PORT
command for validity.
The
PORT
command will fail if the IP address specified does not match the
FTP
command connection, or if the remote TCP port number is less than
IPPORT_RESERVED
.
It is
strongly
encouraged that this option be used, especially for sites concerned
with potential security problems with
FTP
bounce attacks.
If
class
is
``none''
or
off
is specified, disable this feature, otherwise enable it.
- chroot class[ pathformat]
-
If
pathformat
is not specified or
class
is
``none'',
use the default behavior (see below).
Otherwise,
pathformat
is parsed to create a directory to create as the root directory with
chroot(2)
into upon login.
pathformat
can contain the following escape strings:
- Escape
-
Description
- %c
-
Class name.
- %d
-
Home directory of user.
- %u
-
User name.
- %%
-
A
``%''
character.
The default root directory is:
- CHROOT
-
The user's home directory.
- GUEST
-
If
-a anondir
is specified, use
anondir,
otherwise the home directory of the
`ftp'
user.
- REAL
-
By default no
chroot(2)
is performed.
- classtype class type
-
Set the class type of
class
to
type
(see above).
- Xo conversion class
-
suffix[ type disable command]
Define an automatic in-line file conversion.
If a file to retrieve ends in
suffix,
and a real file (sans
suffix)
exists, then the output of
command
is returned instead of the contents of the file.
- suffix
-
The suffix to initiate the conversion.
- type
-
A list of valid file types for the conversion.
Valid types are:
`f'
(file), and
`d'
(directory).
- disable
-
The name of file that will prevent conversion if it exists.
A file name of
``
.
''
will prevent this disabling action
(i.e., the conversion is always permitted.)
- command
-
The command to run for the conversion.
The first word should be the full path name
of the command, as
execv(3)
is used to execute the command.
All instances of the word
``%s''
in
command
are replaced with the requested file (sans
suffix).
Conversion directives specified later in the file override earlier
conversions with the same suffix.
- denyquick class[ off]
-
Enforce
ftpusers(5)
rules after the
USER
command is received, rather than after the
PASS
command is received.
Whilst enabling this feature may allow information leakage about
available accounts (for example, if you allow some users of a
REAL
or
CHROOT
class but not others), it is useful in preventing a denied user
(such as
`root')
from entering their password across an insecure connection.
This option is
strongly
recommended for servers which run an anonymous-only service.
If
class
is
``none''
or
off
is specified, disable this feature, otherwise enable it.
- display class[ file]
-
If
file
is not specified or
class
is
``none'',
disable this.
Otherwise, each time the user enters a new directory, check if
file
exists, and if so, display its contents to the user.
Escape sequences are supported; refer to
Display file escape sequences
in
ftpd(8)
for more information.
- hidesymlinks class[ off]
-
If
class
is
``none''
or
off
is specified, disable this feature.
Otherwise, the
LIST
command lists symbolic links as the file or directory the link
references
(``
ls -LlA
'').
Servers which run an anonymous service may wish to enable this
feature for
GUEST
users, so that symbolic links do not leak names in
directories that are not searchable by
GUEST
users.
- homedir class[ pathformat]
-
If
pathformat
is not specified or
class
is
``none'',
use the default behavior (see below).
Otherwise,
pathformat
is parsed to create a directory to change into upon login, and to use
as the
`home'
directory of the user for tilde expansion in pathnames, etc.
pathformat
is parsed as per the
chroot
directive.
The default home directory is the home directory of the user for
REAL
users, and
/
for
GUEST
and
CHROOT
users.
- Xo limit class
-
[count[ file]]
Limit the maximum number of concurrent connections for
class
to
count,
with
`-1'
meaning unlimited connections.
If the limit is exceeded and
file
is specified, display its contents to the user.
If
class
is
``none''
or
count
is not specified, disable this.
If
file
is a relative path, it will be searched for in
/etc
(which can be overridden with
-c confdir).
- maxfilesize class[ size]
-
Set the maximum size of an uploaded file to
size,
with
`-1'
meaning unlimited connections.
If
class
is
``none''
or
size
is not specified, disable this.
- maxtimeout class[ time]
-
Set the maximum timeout period that a client may request,
defaulting to two hours.
This cannot be less than 30 seconds, or the value for
timeout.
If
class
is
``none''
or
time
is not specified, use the default.
- mmapsize class[ size]
-
Set the size of the sliding window to map a file using
mmap(2).
If zero,
ftpd(8)
will use
read(2)
instead.
The default is zero.
This option affects only binary transfers.
If
class
is
``none''
or
size
is not specified, use the default.
- modify class[ off]
-
If
class
is
``none''
or
off
is specified, disable the following commands:
CHMOD,
DELE,
MKD,
RMD,
RNFR,
and
UMASK.
Otherwise, enable them.
- motd class[ file]
-
If
file
is not specified or
class
is
``none'',
disable this.
Otherwise, use
file
as the message of the day file to display after login.
Escape sequences are supported; refer to
Display file escape sequences
in
ftpd(8)
for more information.
If
file
is a relative path, it will be searched for in
/etc
(which can be overridden with
-c confdir).
- notify class[ fileglob]
-
If
fileglob
is not specified or
class
is
``none'',
disable this.
Otherwise, each time the user enters a new directory,
notify the user of any files matching
fileglob.
- passive class[ off]
-
If
class
is
``none''
or
off
is specified, prevent passive
(PASV,
LPSV,
and
EPSV)
connections.
Otherwise, enable them.
min max
[
- portrange class
- ]
Set the range of port number which will be used for the passive data port.
max
must be greater than
min,
and both numbers must be be between
IPPORT_RESERVED
(1024) and 65535.
If
class
is
``none''
or no arguments are specified, disable this.
- private class[ off]
-
If
class
is
``none''
or
off
is specified, do not display class information in the output of the
STAT
command.
Otherwise, display the information.
- rateget class[ rate]
-
Set the maximum get
(RETR)
transfer rate throttle for
class
to
rate
bytes per second.
If
rate
is 0, the throttle is disabled.
If
class
is
``none''
or
rate
is not specified, disable this.
- rateput class[ rate]
-
Set the maximum put
(STOR)
transfer rate throttle for
class
to
rate
bytes per second.
If
rate
is 0, the throttle is disabled.
If
class
is
``none''
or
rate
is not specified, disable this.
- readsize class[ size]
-
Set the size of the read buffer to
read(2)
a file.
The default is the file system block size.
This option affects only binary transfers.
If
class
is
``none''
or
size
is not specified, use the default.
- recvbufsize class[ size]
-
Set the size of the socket receive buffer.
The default is zero and the system default value will be used.
This option affects only passive transfers.
If
class
is
``none''
or
size
is not specified, use the default.
- sanenames class[ off]
-
If
class
is
``none''
or
off
is specified, allow uploaded file names to contain any characters valid for a
file name.
Otherwise, only permit file names which don't start with a
`.'
and only comprise of characters from the set
``[-+,._A-Za-z0-9]''.
- sendbufsize class[ size]
-
Set the size of the socket send buffer.
The default is zero and the system default value will be used.
This option affects only binary transfers.
If
class
is
``none''
or
size
is not specified, use the default.
- sendlowat class[ size]
-
Set the low water mark of socket send buffer.
The default is zero and system default value will be used.
This option affects only for binary transfer.
If
class
is
``none''
or
size
is not specified, use the default.
- template class[ refclass]
-
Define
refclass
as the
`template'
for
class;
any reference to
refclass
in following directives will also apply to members of
class.
This is useful to define a template class so that other classes which are
to share common attributes can be easily defined without unnecessary
duplication.
There can be only one template defined at a time.
If
refclass
is not specified, disable the template for
class.
- timeout class[ time]
-
Set the inactivity timeout period.
(the default is fifteen minutes).
This cannot be less than 30 seconds, or greater than the value for
maxtimeout.
If
class
is
``none''
or
time
is not specified, use the default.
- umask class[ umaskval]
-
Set the umask to
umaskval.
If
class
is
``none''
or
umaskval
is not specified, set to the default of
027
.
- upload class[ off]
-
If
class
is
``none''
or
off
is specified, disable the following commands:
APPE,
STOR,
and
STOU,
as well as the modify commands:
CHMOD,
DELE,
MKD,
RMD,
RNFR,
and
UMASK.
Otherwise, enable them.
- writesize class[ size]
-
Limit the number of bytes to
write(2)
at a time.
The default is zero, which means all the data available as a result of
mmap(2)
or
read(2)
will be written at a time.
This option affects only binary transfers.
If
class
is
``none''
or
size
is not specified, use the default.
Numeric argument suffix parsing
Where command arguments are numeric, a decimal number is expected.
Two or more numbers may be separated by an
``x''
to indicate a product.
Each number may have one of the following optional suffixes:
- b
-
Block; multiply by 512
- k
-
Kibi; multiply by 1024 (1 KiB)
- m
-
Mebi; multiply by 1048576 (1 MiB)
- g
-
Gibi; multiply by 1073741824 (1 GiB)
- t
-
Tebi; multiply by 1099511627776 (1 TiB)
- w
-
Word; multiply by the number of bytes in an integer
See
strsuftoll(3)
for more information.
DEFAULTS
The following defaults are used:
-
checkportcmd all
classtype chroot CHROOT
classtype guest GUEST
classtype real REAL
display none
limit all -1 # unlimited connections
maxtimeout all 7200 # 2 hours
modify all
motd all motd
notify none
passive all
timeout all 900 # 15 minutes
umask all 027
upload all
modify guest off
umask guest 0707
FILES
/etc/ftpd.conf
-
This file.
/usr/share/examples/ftpd/ftpd.conf
-
A sample
ftpd.conf
file.
SEE ALSO
strsuftoll(3),
ftpchroot(5),
ftpusers(5),
ftpd(8)
HISTORY
The
ftpd.conf
functionality was implemented in
NetBSD1.3
and later releases by Luke Mewburn, based on work by Simon Burge.