Date: Fri, 14 Aug 2015 21:47:25 +0200 From: "O. Hartmann" <ohartman@zedat.fu-berlin.de> To: Matthew Seaman <matthew@freebsd.org> Cc: freebsd-current@freebsd.org Subject: Re: r286615: /usr/libexec/ftpd broken! Message-ID: <20150814214725.18947fe8.ohartman@zedat.fu-berlin.de> In-Reply-To: <55CDE7D1.10607@freebsd.org> References: <20150811074041.6700e943@freyja.zeit4.iv.bundesimmobilien.de> <20150811104451.2031fff2@freyja.zeit4.iv.bundesimmobilien.de> <CABh_MKm9tD=Fa1MZTGLUkF=MF7y%2Bf8Oy6n3oy5Ty93pWrBohHA@mail.gmail.com> <20150814134533.690e2091@freyja.zeit4.iv.bundesimmobilien.de> <55CDE7D1.10607@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--Sig_/AhkoB87TBX1zo=e9msbgt/W Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable Am Fri, 14 Aug 2015 14:06:25 +0100 Matthew Seaman <matthew@freebsd.org> schrieb: > On 08/14/15 12:45, O. Hartmann wrote: > > Man page "ftpusers(5)" states, that an entry "username allow" will allo= w access > > to ftpd. But every user listed in /etc/ftpusers is denied access, no ma= tter > > whether there is "allow" appended to the entry or not! This is strange. > > Whenever I delete a user's name from that file I wish to have access to= the > > ftpd service, that user can login - but addig the users even as "userna= me > > allow" (no * in the file, nothing else but the initial users names) acc= ess is > > denied. >=20 > If you've got a ftpusers(5) that presumably comes from some ported > software -- doesn't exist in the base system. There is pam_ftpusers(8) > in base, although that doesn't seem to be in use by default. After you mentioned this, I checked and you're correct!The manpage was inst= alled by package heimdal-1.5.3_4 according with another ftpd located under /usr/loca= l/libexec. >=20 > Traditionally 'ftpusers' was just a plain list of usernames or groups > (indicated by a leading '@' character). According to ftpd(8) it lists > the people *not* allowed access via FTP. I got this. >=20 > However, other implementations of FTP servers have adopted the ftpusers > file and expanded its capabilities in various ways, by adding some > additional flag fields for each username. It depends on what ftpd > you're using exactly what syntax is used there. Properly ported > software should really be using /usr/local/etc/ftpusers though. I use NanoBSD for some very small appliance/server system and use the FreeB= SD base system to start with - avoiding unncessary package installation. Reading the heimd= al man page, configuring then according to heimdal's /usr/local/etc/ftpusers's explanati= ons and then running the FreeBSD ftpd from its natural starting point with the misconfigured /etc/ftpusers will end in a mess. So it is my fault. But anyway, cleaning up the mess doesn't resolve the weird issues with Free= BSD's own ftpd. >=20 > Cheers, >=20 > Matthew >=20 >=20 >=20 >=20 Thank you for that hint. Regards, Oliver --Sig_/AhkoB87TBX1zo=e9msbgt/W Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJVzkXNAAoJEOgBcD7A/5N8uV8IAOQYYgYpD87lSRA+Zts3Gvzp CmP5r7gKrnzXSrMtiZDwfzVrEmHdlBbcNwdjAG1dUMh4RI/bDNaJ6afckFS7EWCT 4xYSPKj7yYAg7M9Sq5Gtjp4nlKgp3jE8NsyZ+CIcG9M3ypFQ6ZNuNEvcVGT4g+Z9 qQ+yIKw6ljPMo5hK2y//WtrYV6m6VTqdNdyHTL1cEY/bj+BNkMVJ8HO3WN3TFu1z oUI6gTw8teipDyWce/80N9f5eNJypEqL5BDvHdgWpBHuBJr1YDztqxDpEeS+i3KI tDxFNTnQN75394lp2MfG2BfrXHwsK6OWLVHE+L3LkVfCcY2HpQ0zoM7TPd1h7pE= =J6qq -----END PGP SIGNATURE----- --Sig_/AhkoB87TBX1zo=e9msbgt/W--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150814214725.18947fe8.ohartman>