Subject: Re: chroot'ed ftp accounts (patches for /usr/libexec/ftpd)
To: None <>
From: Mark P. Gooderum <>
List: current-users
Date: 04/06/1994 10:37:19
I've been able to get similar functionality with the wu ftpd.

> The problem:  You want to distribute one (or rather several) set of files
> by ftp. 
> 1) You want password protection (per set) for some rudimentary access
> restriction. 
> 2) No unintentional access to other files than those in a given set put up
> for ftp.

The wu ftpd has this ability in general, but it only allows logins to
valid accounts (valid uname and valid shell).

Create a group, say "ftpguest" and add it to the "guestgroup" config entry.
Then create an account with this as the login group.  You get password
protection and the chroot(). 

We use one root fs for chroot()ed ftp, esp. on the Suns' since it's a pain
to setup, then we use things like 750/550/700/500 permissions to keep
different ftp accounts out of each others area.  You don't really need
to mess with supplementary groups since the wu ftpd allows multiple 
"guest" groups.

The only final thing is disallowing "real" login access.  As of the version
we have (2.1ish) it would only allow a login from an account that had a valid
user shell.  Two workarounds are add something like /dev/null or /bin/hostname
to /etc/shells or add a special check to the code before the call
to getusershell() and then set that command as the login shell.
Beware that some logins always prints the /etc/motd before
they exec() the login shell so don't put anything in there you don't
want read if someone tries to login w/ an ftp account (NetBSD's of course
only prints it if there's no .hushlogin file).

Nothing wrong with the NetBSD ftpd, but if you want to have the extra
access control, logging, and configurability then the wu-ftpd is nice 
and does what you want.