wuftpd admin questions

wuftpd admin questions

Post by Dave Wres » Fri, 13 Feb 1998 04:00:00

Date: Thu, 12 Feb 1998 04:41:17 -0500 (EST)

Subject: wu-ftpd configuration questions

Hi all.  I have a working installation of wuftpd-beta16 and there are a
few questions I had about configuring it.  This is mostly under a Linux
system, but Solaris needs to be considered as well, but that shouldn't be
a problem, since these are primarily configuration questions.

1.  How exactly do I use the 'class' directive?  The example from the
stock configuration is:

class   local   real,guest *.domain

which I interpret to mean the host must have a DNS entry in order to
connect.  Correct?  And would be the default address perhaps? What
classifies a user as a remote user, versus a local user?  Some internal
users don't have reverse DNS entries, yet I don't want to allow anyone
from the outside to access the machine that doesn't have a reverse DNS
entry.  Is this possible?

2.  There may eventually be as many as 500 users on this machine, all in
the guestgroup.  Is there any concept of multiple guestgroups?  I was
thinking it might be beneficial to have a format similiar to /etc/group,
if for nothing else than to be descriptive..  Also, I'll have to check how
the guestgroup string length limit is set...

3.  I'd also like real users to be able to ftp to the box.  I'm concerned,
though, that someone might use a real account to compromise the box.  How
can I put some sort of restrictions on real user usage?  Perhaps from
specific IP/domains?

4.  I'd like to implement password aging.  Do we still use chage for that?
What if we're not using shadow, but rather pam?  Any tips on some sort of
pre-change warning system?

5.  Regarding the 'upload' directive.  I found it is necessary to
specify a user/group name in order to take advantage of the permissions
and dirs/nodirs feature.  I'm using the umask setting in inetd.conf

Many of the directories are shared by multiple people, and are owned by
root, and a group name of all the users in that particular group.  sgid is
also set on the directory.

So my problem is I can't restrict some groups from creating directories,
while allowing others to be able to do so.   I would have to list the home
directory for each group in /etc/ftpaccess, which could eventually lead to
more than 500 entries.  How much coding change would be necessary, if any,
to do something like:

# format: <home> <path> <write> <owner> <group> <perms> <dirs|nodirs>
upload /home/ftp /home/* yes     *        *       0444    dirs

or some other format to signify 'everyone' that writes to that directory
is allowed to create directories with 0444 permissons? It would simply use
the existing operating system permissions already specified for that
particular directory.  I hope that's clear.

Dave Wreski


1. admin user can't admin non-admin groups

In the attributes for user profile "jean" I've specified "adminstrative
user=true" and "administrative group=staff".

In the "staff" group profile attributes I've specified "administrative
group=false" and "administrator list=jean".

The above were done as by "root".

When I then sign in as "jean" and look at the "staff" group attributes
(via SMIT) it shows "adminstrative group=true" and the "administrator
list=" parameter is blank.  If I try to make an addition, say, to
the "user list=" parameter and hit OK, SMIT dies and the change doesn't
get made.  Further, if I go into Application Manager as "jean" and try
to edit "staff" group I am told "you do not have access to edit this

Have I got a bug or am I doing something wrong in the way I set
up "jean" and "staff"?


Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.

2. ISDN modems recommendations and Linux setup?

3. WUftpd update question

4. 2.5.52: Many, many unresolved symbols!?

5. question on wuftpd. pls help.

6. modem blaster

7. Ipforwarding issues AND wuFTPD question

8. Can only enter X as root after installing Suse XServer AT3D

9. wuftpd guestgroup question

10. admin vs admin

11. admin chores for a non-admin guy

12. Survey - GUI based admin. vs. text based admin

13. Wanted: Solaris System Admin and Network Admin Training Material