Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help 
FTPUSERS(5)		      File Formats Manual		   FTPUSERS(5)

NAME
       ftpusers, ftpchroot -- tnftpd(8)	access control file

DESCRIPTION
       The  ftpusers file provides user	access control for tnftpd(8) by	defin-
       ing which users may login.

       If the ftpusers file does not exist, all	users are denied access.

       A "\" is	the escape character; it can be	used to	escape the meaning  of
       the  comment  character,	 or if it is the last character	on a line, ex-
       tends a configuration directive across multiple lines.  A  "#"  is  the
       comment	character,  and	 all characters	from it	to the end of line are
       ignored (unless it is escaped with the escape character).

       The syntax of each line is:
	     userglob[:groupglob][@host] [directive [class]]

       These elements are:

	     userglob	matched	against	the user name, using  fnmatch(3)  glob
			matching (e.g, `f*').

	     groupglob	matched	against	all the	groups that the	user is	a mem-
			ber of,	using fnmatch(3) glob matching (e.g, `*src').

	     host	either	a  CIDR	address	(refer to inet_net_pton(3)) to
			match against the remote address (e.g,	`1.2.3.4/24'),
			or  an	fnmatch(3)  glob  to  match against the	remote
			hostname (e.g, `*.NetBSD.org').

	     directive	If "allow" or "yes" the	user is	 allowed  access.   If
			"deny" or "no",	or directive is	not given, the user is
			denied access.

	     class	defines	the class to use in ftpd.conf(5).

       If class	is not given, it defaults to one of the	following:

	     chroot  If	there is a match in "/usr/local/etc/ftpchroot" for the
		     user.

	     guest   If	the user name is "anonymous" or	`ftp'.

	     real    If	neither	of the above is	true.

       No  further comparisons are attempted after the first successful	match.
       If no match is found, the user is granted access.  This syntax is back-
       ward-compatible with the	old syntax.

       If a user requests a guest login, the tnftpd(8) server  checks  to  see
       that  both  "anonymous" and "ftp" have access, so if you	deny all users
       by default, you will need to add	both "anonymous	allow" and "ftp	allow"
       to /usr/local/etc/ftpusers in order to allow guest logins.

   /usr/local/etc/ftpchroot
       The file	/usr/local/etc/ftpchroot is used to determine which users will
       have their session's root directory changed (using  chroot(2)),	either
       to  the	directory  specified  in the ftpd.conf(5) chroot directive (if
       set), or	to the home directory of the user.  If the file	does  not  ex-
       ist, the	root directory change is not performed.

       The  syntax  is	similar	to ftpusers, except that the class argument is
       ignored.	 If there's a positive match, the session's root directory  is
       changed.	 No further comparisons	are attempted after the	first success-
       ful match.  This	syntax is backward-compatible with the old syntax.

FILES
       /usr/local/etc/ftpchroot			  List	of  normal  users  who
						  should have their  ftp  ses-
						  sion's     root    directory
						  changed by using chroot(2).
       /usr/local/etc/ftpusers			  This file.
       /usr/local/share/examples/tnftpd/ftpusers  A sample ftpusers file.

SEE ALSO
       fnmatch(3), inet_net_pton(3), ftpd.conf(5), tnftpd(8)

FreeBSD	ports 15.0		 July 17, 2000			   FTPUSERS(5)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=ftpusers&sektion=5&manpath=FreeBSD+Ports+15.0>

home | help