Commit Graph

71 Commits

Author SHA1 Message Date
Yaroslav Tykhiy
f1daaa3efe Touch .Dd because the last commit was content-related. 2006-01-29 13:10:38 +00:00
Yaroslav Tykhiy
125b96351a Use pidfile(3) provided by libutil to manage the deamon's pid file.
By default, create a pid file at the standard location, /var/run/ftpd.pid,
in accord with the expected behavior of a stock system daemon.

MFC after:	5 days
2006-01-21 12:21:41 +00:00
Ruslan Ermilov
a3ac07a54e Sort sections. 2005-01-18 09:29:40 +00:00
Ruslan Ermilov
c481aa05e8 Mechanically kill hard sentence breaks. 2004-07-02 21:28:50 +00:00
Ruslan Ermilov
53ee59fe53 There's no such beast like AF_INET4, even when powered by whiskey. 2004-05-16 22:11:40 +00:00
Hajimu UMEMOTO
206fe568bf Don't depend on IPv4-mapped IPv6 address to bind to both IPv4
and IPv6.

Wrote at:	Hakone.
Powered by:	Warner Losh's scotch whisky.
Requested by:	nork
2003-09-14 16:42:46 +00:00
Ceri Davies
a707b683e7 Add a note that the -u option can be overridden by settings in login.conf(5).
PR:		docs/56017
Submitted by:	Josef El-Rayes <j.el-rayes@daemon.li>
2003-08-31 07:45:48 +00:00
Philippe Charnier
42161502bd Add section number to .Xr 2003-06-08 12:40:50 +00:00
Ruslan Ermilov
c00ee5e567 mdoc(7) police: Properly markup the previous revision.
Approved by:	re (blanket)
2003-05-16 21:36:10 +00:00
Mike Silbersack
d28af25586 Update the description of the -u option to mention that IP_PORTRANGE_HIGH
and _DEFAULT are the same for 5.x.

Committed under threat of action from:	The mdoc police
2003-03-25 22:20:02 +00:00
Ruslan Ermilov
ace5be682d mdoc(7) police: Scheduled sweep. 2003-02-24 22:53:26 +00:00
Yaroslav Tykhiy
c152df28e5 Add a new option to ftpd(8), "-h", to disable printing any
host-specific information in FTP server messages (so paranoid
admins can sleep at night :-)

PR:		bin/16705
MFC after:	1 week
2003-01-29 10:58:58 +00:00
Yaroslav Tykhiy
ce9287fc02 Give the code around chroot(2)/chdir(2) a major overhaul by
separating its part around chroot(2) from that around initial
chdir(2).  This makes the below changes really easy.

Move seteuid(to user's uid) to before calling chdir(2).  There are
two goals to achieve by that.  First, NFS mounted home directories
with restrictive permissions become accessible (local superuser
can't access them if not mapped to uid 0 on the remote side
explicitly.)  Second, all the permissions to the home directory
pathname components become effective; previously a user could be
carried to any local directory despite its permissions since the
chdir(2) was done with euid 0.  This reduces possible impact from
FTP server misconfiguration, e.g., assigning a wrong home directory
to a user.

Implement the "/./" feature.  Now a guest or user subject to chrooting
may have "/./" in his login directory, which separates his chroot
directory from his home directory inside the chrooted environment.
This works for ftpchroot(5) as well.

PR:		bin/17843 bin/23944
2003-01-29 10:07:27 +00:00
Yaroslav Tykhiy
8657b576d8 Extend the format of /etc/ftpchroot so an alternative chroot
directory can be specified for a user or a group.

Add the manpage ftpchroot(5) since the file's format has grown
complex enough.

PR:			bin/45327
Portions submitted by:	Hideki SAKAMOTO <sakamoto@hlla.is.tsukuba.ac.jp>
MFC after:		1 week
2003-01-26 19:02:56 +00:00
Yaroslav Tykhiy
63591ba5c8 - Add a new option, ``-P port'', to specify the port for ftpd(8)
to listen at in daemon mode.
- Use the port by 1 less than the control port as the default
  data port instead of always using hard-coded port 20.

Submitted by:	roam
MFC after:	1 week
2003-01-23 18:39:48 +00:00
Jens Schweikhardt
57bd0fc6e8 english(4) police. 2002-12-27 12:15:40 +00:00
Ruslan Ermilov
d939fc70a7 mdoc(7) police:
Properly sort options, spell "file system" correctly, expand contraction.

Catch up to the src/etc/syslog.conf,v 1.23 change: ftpd(8) session logs
are now by default get logged to /var/log/xferlog.

Approved by:	re
2002-11-25 15:20:06 +00:00
Yaroslav Tykhiy
5d7e0128ff Add option '-W': don't log FTP sessions to wtmp.
Submitted by:	maxim
MFC after:	1 week
2002-08-23 09:06:28 +00:00
Yaroslav Tykhiy
a117c34534 Rework storing files thoroughly. This includes:
o Remove the race between stat(2) & fopen(3) when creating
  a unique file.

o Improve bound checking when generating a unique name from
  a given pathname.

o Ignore REST marker on APPE.  No RFC specifies this case,
  but the idea of resuming APPE's implies this.

o By default, deny upload resumes and appends by anonymous users.
  Previously these commands were translated to STOU silently,
  which led to broken files on server without any notification
  to the user.

o Add an option, -m, to allow anonymous users to modify
  existing files (e.g., to resume uploads) if filesystem
  permissions permit.

Portions obrainded from:	OpenBSD
MFC after:			3 weeks
2002-08-08 17:53:52 +00:00
Yaroslav Tykhiy
255a70376b Reflect in the ftpd(8) manpage the fact that ASCII SIZE
requests against large files will be denied.

MFC after:	10 days
2002-08-05 13:37:18 +00:00
Yaroslav Tykhiy
93bd9dc528 Make the -v' option a synonym for -d'
(as it was intended initially)
and document it in the manpage.

MFC after:	2 weeks
2002-07-26 16:07:19 +00:00
Yaroslav Tykhiy
38ed70b1ae Document the -u (set umask) option
(which has been there at least since 4.4BSD-Lite!)

MFC after:	2 weeks
2002-07-26 16:01:24 +00:00
Yaroslav Tykhiy
0e063efefb Sort command-line options according to the mostly used style:
alphabetical order, lower and upper case of the same letter
stick together, lower case first.

MFC after:	2 weeks
2002-07-26 15:46:08 +00:00
Philippe Charnier
3f162cb85d The .Nm utility 2002-07-06 19:19:48 +00:00
Matthew N. Dodd
d186bb1240 Implement a flag to disable directory creation for anonymous users.
PR:		misc/38987
Submitted by:	Peter da Silva <peter@abbnm.com>
MFC after:	1 week
2002-07-01 02:30:11 +00:00
Ruslan Ermilov
a8838c5351 mdoc(7) police: markup nits. 2001-10-01 12:58:03 +00:00
Mike Heffner
9ba6d8e420 Improve the description on how to construct ~ftp/pub. Specifically,
don't instruct users to set the directory mode 777.

PR:		30690
Obtained from:	NetBSD (with modification)
MFC after:	2 weeks
2001-09-25 02:43:45 +00:00
Sheldon Hearn
481435871c Do the best we can with respect to fixing command-line option disorder
in the SYNOPSIS and DESCRIPTION.

Note that -l remains an ugly exception, to which no known rules apply,
since the specification of a single option multiple times isn't normal
standards-compliant CLI behaviour.

While here, mark AF_INET* and LOG_* defined values up with Dv.
2001-09-04 09:22:21 +00:00
Sheldon Hearn
1cc9f0bb31 Extend the functionality offered by the -o option into a new option
-O, which limits the impact of the write-only restriction to guest
users.

*) The existing manual page's SYNOPSIS and option listing in the
   DESCRIPTION are already horribly disordered.  No attempt has been
   made to fix this.

*) The existing source's getopt() optstring and option handling switch
   are already horribly disordered.  No attempt has been made to fix
   this.

Discussed with: nik, -audit
2001-09-02 17:24:19 +00:00
Nik Clayton
62513e761e Add a new option, '-o', for "Write-only". Disables the RETR command,
preventing anyone from downloading files.  In conjunction with -A, and some
appropriate file permissions, this lets you create an anonymous FTP drop
box for people to upload files to.

The more obvious "-w" flag is already taken by NetBSD's ftpd.  "-o" was
available as an option letter in all three BSDs.
2001-08-28 11:59:21 +00:00
Dima Dorfman
7ebcc426ef Remove whitespace at EOL. 2001-07-15 07:53:42 +00:00
Ruslan Ermilov
0efe23d669 mdoc(7) police: removed HISTORY info from the .Os call. 2001-07-10 10:49:54 +00:00
Ruslan Ermilov
eb0838029f mdoc(7) police: normalize .Nd. 2001-04-18 15:54:10 +00:00
Ruslan Ermilov
6a01974b78 Document that SITE extensions are disabled for anonymous logins.
Obtained from:	logdaemon package by Wietse Venema
2001-04-16 14:51:11 +00:00
Poul-Henning Kamp
53ba84a69e Add the "SITE MD5 filename" facility.
This allows you to determine if the file on the other side is the same
as the one you have without transferring the entire file to compare.

Needless to say, if the server end lies to you this check doesn't work,
but on the other hand, if it lies to you about the files checksum,
what can you trust from it ?
2001-04-15 20:59:29 +00:00
Ruslan Ermilov
19a05e112f mdoc(7) police: removed hard sentence breaks, run through spell-checker. 2000-12-18 08:33:25 +00:00
Dmitry Sivachenko
3276496d94 Fix typo.
PR:		23591
Submitted by:	mavetju@chello.nl
2000-12-17 17:45:22 +00:00
Poul-Henning Kamp
a4b77a2aaa Add option -E to disable EPSV which throws certain stateful firewalls
into confusion.

Add option -r to make ftpd support only read-only operations.

Submitted by:	Flemming (F3) Jacobsen <fj@batmule.dk>
Reviewed by:	phk
2000-12-16 19:19:19 +00:00
Ruslan Ermilov
760819894e mdoc(7) police: use the new features of the Nm macro. 2000-11-20 14:42:24 +00:00
Ben Smithurst
a611641f01 Explain that the -S option only logs file downloads, not all transfers.
PR:		16934
Submitted by:	Kurt Zeilenga <kurt@OpenLDAP.org>
2000-07-11 11:42:29 +00:00
Peter Wemm
05c1f99bee Doc fix: remove references to ~ftp/bin/ls as we have FTPD_INTERNAL_LS
unconditionally active already.

Noticed by:	obrien
2000-02-17 02:14:11 +00:00
Yoshinobu Inoue
4dd8b5ab79 another tcp apps IPv6 updates.(should be make world safe)
ftp, telnet, ftpd, faithd
  also telnet related sync with crypto, secure, kerberosIV

Obtained from: KAME project
2000-01-27 09:28:38 +00:00
Peter Wemm
7f3dea244c $Id$ -> $FreeBSD$ 1999-08-28 00:22:10 +00:00
Peter Wemm
1713064734 unifdef -DINTERNAL_LS - it's too useful to be off by default. If anyone
really dislikes this, we could add a switch to disable it at runtime and
check in popen.c.
1999-08-26 00:45:36 +00:00
Mike Pritchard
a206edcdb7 Update the SYNOPSIS to reflect that the -l option can be specified
more than once.

Pointed-out-by: sheldonh
1999-06-28 10:50:47 +00:00
Guy Helmer
e57c110bba Add missing -A option to SYNOPSIS.
PR:		docs/10771
1999-05-04 19:42:01 +00:00
Satoshi Asami
0e510aed5b Oops, I missed a few more /etc/nologin references yesterday. It appears
my check of the tree was incomplete.  Sorry guys.

Reported by:	Ben Smithurst <ben@scientia.demon.co.uk>
1999-01-12 14:09:23 +00:00
Bill Fumerola
c711c51d19 Update to correctly reflect the default values of
net.inet.ip.portrange.hifirst and net.inet.ip.portrange.hilast

PR:		docs/6745
Submitted by:	Masachika Ishizuka <ishizuka@ish.org>
1998-12-02 22:11:02 +00:00
Alexander Langer
29a199dbc5 Added double quotes around CHMOD description to prevent garbled output.
PR:		8094
Submitted by:	Christoph Weber-Fahr <wefa@callcenter.systemhaus.net>
1998-09-29 22:02:06 +00:00
Joseph Koshy
d59b62e37b Document the use of lines beginning with a '#' as comment lines.
PR: 5676
1998-07-09 11:38:21 +00:00