Board index Unix Questions

wu-ftpd, ftpaccess, UMASK, upload problem... HELP!

wu-ftpd, ftpaccess, UMASK, upload problem... HELP!

Post by NO_f93-eaa_S.. » Fri, 01 May 1998 04:00:00


Hi! I am using wu-ftpd-2.4.2-beta-16 on Slackware Linux, kernel
2.1.89. Anonymous upload into ~ftp/incoming works for uploading
directly into ~ftp/incoming, but if the anonymous ftp user creates
directories under ~ftp/incoming he cannot upload files into those
directories. I spent several hours yesterday reading manpages
and searching DejaNews, but I still could not solve my problem.

The permissions are as follows:
dr-xr-xr-x   6 root     ftp          1024 Apr 22 11:25 ftp/

drwxrwxrwx   8 root     root         1024 Apr 28 14:21 incoming/

If I create directories under ~ftp/incoming with the ncftp client,
I get something like
drwx------   2 ftp      ftp          1024 Apr 29 11:18 tzt/

(see note about UMASK later)

Here are some parts of my /etc/ftpaccess file:
-----------------------
# all the following default to "yes" for everybody
delete          no      guest,anonymous         # delete permission?
overwrite       no      guest,anonymous         # overwrite permission?
rename                  no              guest,anonymous                 # rename permission?
chmod           no      anonymous               # chmod permission?
umask           no      anonymous               # umask permission?

# specify the upload directory information
upload  /home/ftp  *             no
upload  /home/ftp  /incoming     yes     ftp    daemon  0666 dirs
upload  /home/ftp  /bin          no
upload  /home/ftp  /etc          no

# path-filter...
path-filter  anonymous  /etc/pathmsg  ^[-A-Za-z0-9_\.]*$  ^\.  ^-
path-filter  guest      /etc/pathmsg  ^[-A-Za-z0-9_\.]*$  ^\.  ^-

-----------------------------

I have also tried starting the wu-ftpd in /etc/inetd.conf with a different
UMASK (077) with the command
ftp     stream  tcp     nowait  root    /usr/sbin/tcpd  wu.ftpd -l -i -a -u077

but nothing helps, I still cannot upload anonymously to directories I've
created anonymously under ~ftp/incoming. Am I missing something here?

Thanks in advance for any help!

--

Erik Alapaeae


 
 
 
Top

wu-ftpd, ftpaccess, UMASK, upload problem... HELP!

Post by Dmitry E. Kiselyo » Fri, 01 May 1998 04:00:00



> Hi! I am using wu-ftpd-2.4.2-beta-16 on Slackware Linux, kernel
> 2.1.89. Anonymous upload into ~ftp/incoming works for uploading
> directly into ~ftp/incoming, but if the anonymous ftp user creates
> directories under ~ftp/incoming he cannot upload files into those
> directories. I spent several hours yesterday reading manpages
> and searching DejaNews, but I still could not solve my problem.

  There's no problem at all. Wu-ftpd allows downloads only into those directories that appear in
ftpaccess file and to which the downloads is permitted. So you can't donwload into newly created
directories.

--
Dmitry E. Kiselyov
Nizhny Novgorod City Health Emergency Station


 
 
 
Top

wu-ftpd, ftpaccess, UMASK, upload problem... HELP!

Post by NO_f93-eaa_S.. » Wed, 06 May 1998 04:00:00




>> Hi! I am using wu-ftpd-2.4.2-beta-16 on Slackware Linux, kernel
>> 2.1.89. Anonymous upload into ~ftp/incoming works for uploading
>> directly into ~ftp/incoming, but if the anonymous ftp user creates
>> directories under ~ftp/incoming he cannot upload files into those
>> directories. I spent several hours yesterday reading manpages
>> and searching DejaNews, but I still could not solve my problem.
>  There's no problem at all. Wu-ftpd allows downloads only into those directories that appear in
>ftpaccess file and to which the downloads is permitted. So you can't donwload into newly created
>directories.

Is there no way of allowing uploads into newly created subdirectories
under /incoming ??

--

Erik Alapaeae

 
 
 
Top

wu-ftpd, ftpaccess, UMASK, upload problem... HELP!

Post by Tim Hayne » Thu, 07 May 1998 04:00:00


Hi,
Erm... your line:
ftp     stream  tcp     nowait  root    /usr/sbin/tcpd  wu.ftpd -l -i -a -u077

I wouldn't have said specifying -u077 was wise here. Surely the problem is
that you want to run with umask 022 instead?

Or am I barking up the wrong tree? :-)

Best regards,

Tim Haynes


> Hi! I am using wu-ftpd-2.4.2-beta-16 on Slackware Linux, kernel
> 2.1.89. Anonymous upload into ~ftp/incoming works for uploading
> directly into ~ftp/incoming, but if the anonymous ftp user creates
> directories under ~ftp/incoming he cannot upload files into those
> directories. I spent several hours yesterday reading manpages
> and searching DejaNews, but I still could not solve my problem.

> The permissions are as follows:
> dr-xr-xr-x   6 root     ftp          1024 Apr 22 11:25 ftp/

> drwxrwxrwx   8 root     root         1024 Apr 28 14:21 incoming/

> If I create directories under ~ftp/incoming with the ncftp client,
> I get something like
> drwx------   2 ftp      ftp          1024 Apr 29 11:18 tzt/

> (see note about UMASK later)

> Here are some parts of my /etc/ftpaccess file:
> -----------------------
> # all the following default to "yes" for everybody
> delete          no      guest,anonymous         # delete permission?
> overwrite       no      guest,anonymous         # overwrite permission?
> rename                  no              guest,anonymous                 # rename permission?
> chmod           no      anonymous               # chmod permission?
> umask           no      anonymous               # umask permission?

> # specify the upload directory information
> upload  /home/ftp  *             no
> upload  /home/ftp  /incoming     yes     ftp    daemon  0666 dirs
> upload  /home/ftp  /bin          no
> upload  /home/ftp  /etc          no

> # path-filter...
> path-filter  anonymous  /etc/pathmsg  ^[-A-Za-z0-9_\.]*$  ^\.  ^-
> path-filter  guest      /etc/pathmsg  ^[-A-Za-z0-9_\.]*$  ^\.  ^-

> -----------------------------

> I have also tried starting the wu-ftpd in /etc/inetd.conf with a different
> UMASK (077) with the command
> ftp     stream  tcp     nowait  root    /usr/sbin/tcpd  wu.ftpd -l -i -a -u077

> but nothing helps, I still cannot upload anonymously to directories I've
> created anonymously under ~ftp/incoming. Am I missing something here?

> Thanks in advance for any help!

> --

> Erik Alapaeae


--
 
 
 
Top

wu-ftpd, ftpaccess, UMASK, upload problem... HELP!

Post by NO_f93-eaa_S.. » Fri, 08 May 1998 04:00:00



>Hi,
>Erm... your line:
>ftp     stream  tcp     nowait  root    /usr/sbin/tcpd  wu.ftpd -l -i -a -u077
>I wouldn't have said specifying -u077 was wise here. Surely the problem is
>that you want to run with umask 022 instead?
>Or am I barking up the wrong tree? :-)
>Best regards,
>Tim Haynes

Nope, umask 022 doesn't help. Can it really be true that wu-ftpd
cannot be configured to allow anonymous users to ftp in, create
directories and upload stuff into those directories. If so, that
really sucks! OK, maybe it's insecure, but if I want it that way, I should be
able to configure it that way! I guess i'll have to hack the source myself
when I can find the time. :-(

--

Erik Alapaeae

 
 
 
Top

1. wu-ftpd "upload" ftpaccess directive

Trying to secure ftpd anonymous uploads (ugh, sometimes
I wish the customers would just go away).

Been using wu-ftpd for three years or so, but today is
the first time I've tried to use the "upload" directives
in the ftpaccess file.  I added the following line, which
I would think would apply to anonymous users only:

 upload  /home1/ftp  /* yes  nobody  users   0060  nodirs

Well, anonymous uploads /do/ get created as user "nobody",
group "users", mode 0600, and MKDIR is disallowed.

However, the "nodirs" flag is restricting "real" users from
creating directories as well, although the rest of
the line has no effect (i.e. permissions/ownership are those
of the real user).

I thought that ftpd looked up the supplied username
in /etc/passwd, and if that user's home directory matched
that given above (e.g. /home1/ftp) then that "upload" line
would apply?  That would seem to restrict the above to the
user "ftp" (and "anonymous") only.  Am I reading the
manpage wrong?

This is wu-ftpd-2.4.2-academ[BETA-11](3).

Thanks.

--

Avtel Communications, Santa Barbara, CA                 +1-805-730-7740
  PGP fingerprint =  B1 57 EB A8 1D B9 87 86  5F 5C 51 A4 F2 5E ED FD

2. New way to do QOS and limit bandwidth with Linux, new site , new software Howto Included

3. wu-ftp upload - is UMASK or ftpaccess incorrect?

4. LS-210

5. wu-ftpd ftpaccess -Help-

6. Help with Package installations

7. Wu-ftpd wont read the ftpaccess file!Help please

8. DNS Problem with RedHat 6.1

9. Wu-ftpd wont read ftpaccess.Help please!

10. wu-ftpd: ftpaccess problems

11. wu-ftpd /etc/ftpaccess question.

12. WU-FTPD DOESN'T RECOGNIZE FTPACCESS

13. wu-ftpd and ftpaccess file


All times are UTC
Board index