Discussion:
anonymous ftp on linux
Richard Beaver
2006-09-18 20:19:36 UTC
Permalink
Recently we switched FTP service from unix to linux. Now it seems our
anonymous FTP does not work anymore. Anyone have any ideas why this
might have happened and what can I do to get it going again?

Thanks,
Richard
Gregory Hicks
2006-09-18 20:37:31 UTC
Permalink
Date: Mon, 18 Sep 2006 15:19:36 -0500
Subject: anonymous ftp on linux
Recently we switched FTP service from unix to linux. Now it seems our
anonymous FTP does not work anymore. Anyone have any ideas why this
might have happened and what can I do to get it going again?
Do you have 'ftp' as a user in the passwd / shadow file? That is normally
what is required to turn on anonymous ftp.
Thanks,
Richard
-------------------------------------------------------------------
Gregory Hicks | Principal Systems Engineer
Cadence Design Systems | Direct: 408.576.3609
555 River Oaks Pkwy M/S 6B1
San Jose, CA 95134 | Internet: ***@cadence.com

I am perfectly capable of learning from my mistakes. I will surely
learn a great deal today.

"A democracy is a sheep and two wolves deciding on what to have for
lunch. Freedom is a well armed sheep contesting the results of the
decision." - Benjamin Franklin

"The best we can hope for concerning the people at large is that they
be properly armed." --Alexander Hamilton
Richard Beaver
2006-09-19 13:36:19 UTC
Permalink
Here is the revised fact/question that I should have began with. Sorry.
We recently switched our FTP service from Unix to Linux. When I use
anonymous FTP through a browser interface, I can see all the files that
are setup for use. However, when I go to drag any file into the Pub
folder, I receive the following message..


In comparing the folders on the Unix machine with the Linux machine, I
see the same permissions on each machine(shown below), but I see an
extra two files on the Linux machine. In the Linux password file, I do
see FTP as a user and it is setup the same on both machines.
Unix machine -
-rw-r--r-- 1 root sys 668 Mar 30 2001 .loginmsg
-rw-r--r-- 1 root sys 500 Mar 30 2001 .remloginmsg
-rw-r--r-- 1 root sys 707 Aug 21 10:02 .zz1
-rw-r--r-- 1 root sys 115 Aug 21 10:02 .zzdirs
dr-xr-xr-x 2 root sys 96 Dec 4 2002 bin
dr-xr-xr-x 2 root sys 96 Oct 29 2002 etc
drwxr-sr-x 10 ftp root 4096 Aug 24 02:55 pub
drwxr-xr-x 3 root sys 96 Dec 4 2002 usr

Linux machine -
dr-xr-xr-x 6 ftp guest 4096 Aug 21 10:02 .
drwxr-xr-x 570 root root 12288 Sep 19 07:54 ..
-rw-r--r-- 1 root sys 668 Mar 30 2001 .loginmsg
-rw-r--r-- 1 root sys 500 Mar 30 2001 .remloginmsg
-rw-r--r-- 1 root sys 707 Aug 21 10:02 .zz1
-rw-r--r-- 1 root sys 115 Aug 21 10:02 .zzdirs
dr-xr-xr-x 2 root sys 4096 Dec 4 2002 bin
dr-xr-xr-x 2 root sys 4096 Oct 29 2002 etc
drwxr-sr-x 10 ftp root 4096 Sep 7 13:12 pub
drwxr-xr-x 3 root sys 4096 Dec 4 2002 usr

Other than my lack of experience on FTP and Linux, what can the problem be?

Thanks,
Richard
Bob Luckin
2006-09-19 19:07:31 UTC
Permalink
Richard,

You seem to have forgotten to paste the error message into your email...

The extra two files, . and .., are really the current and parent directories.
It appears that the ls command being executed on the Linux box is being
executed with with the "-a" option, so it is showing files which begin with a
dot.

Offhand, I wouldn't expect this to cause the problem, though.

Both the Linux and Solaris man pages I've seen recommend ~ftp should be owned
by root and unwriteable by anyone, but on the Linux box at least it seems to
be owned by ftp. My understanding is that this is not secure, although it
may not be the cause of your problem...

The Solaris man page also recommends ~ftp/pub should be owned by root, with
permissions 755. Not sure if the same is true for Linux. Again, my
understanding is that it should not be owned by ftp for security reasons.

These changes may or may not solve your problem, but without the error
message it's difficult to know the problem is.

Have you tried connecting by a command-line interface and seeing if the
file transfer works that way ? If so, it could be related to the commands the
browser interface is issuing when you drag and drop.

Cheers, Bob
Post by Richard Beaver
Here is the revised fact/question that I should have began with. Sorry.
We recently switched our FTP service from Unix to Linux. When I use
anonymous FTP through a browser interface, I can see all the files that
are setup for use. However, when I go to drag any file into the Pub
folder, I receive the following message..
In comparing the folders on the Unix machine with the Linux machine, I
see the same permissions on each machine(shown below), but I see an
extra two files on the Linux machine. In the Linux password file, I do
see FTP as a user and it is setup the same on both machines.
Unix machine -
-rw-r--r-- 1 root sys 668 Mar 30 2001 .loginmsg
-rw-r--r-- 1 root sys 500 Mar 30 2001 .remloginmsg
-rw-r--r-- 1 root sys 707 Aug 21 10:02 .zz1
-rw-r--r-- 1 root sys 115 Aug 21 10:02 .zzdirs
dr-xr-xr-x 2 root sys 96 Dec 4 2002 bin
dr-xr-xr-x 2 root sys 96 Oct 29 2002 etc
drwxr-sr-x 10 ftp root 4096 Aug 24 02:55 pub
drwxr-xr-x 3 root sys 96 Dec 4 2002 usr
Linux machine -
dr-xr-xr-x 6 ftp guest 4096 Aug 21 10:02 .
drwxr-xr-x 570 root root 12288 Sep 19 07:54 ..
-rw-r--r-- 1 root sys 668 Mar 30 2001 .loginmsg
-rw-r--r-- 1 root sys 500 Mar 30 2001 .remloginmsg
-rw-r--r-- 1 root sys 707 Aug 21 10:02 .zz1
-rw-r--r-- 1 root sys 115 Aug 21 10:02 .zzdirs
dr-xr-xr-x 2 root sys 4096 Dec 4 2002 bin
dr-xr-xr-x 2 root sys 4096 Oct 29 2002 etc
drwxr-sr-x 10 ftp root 4096 Sep 7 13:12 pub
drwxr-xr-x 3 root sys 4096 Dec 4 2002 usr
Other than my lack of experience on FTP and Linux, what can the problem be?
Thanks,
Richard
--
Bob Luckin ***@ti.com "Coder, adapt; FTP Ada, redo C"
Bob Luckin
2006-09-18 21:52:55 UTC
Permalink
Post by Richard Beaver
Recently we switched FTP service from unix to linux. Now it seems our
anonymous FTP does not work anymore. Anyone have any ideas why this
might have happened and what can I do to get it going again?
Well, you don't give much information to go on...

Presumably regular FTP is working, since you only say the anonymous FTP is
broken. On that assumption, here are a few things to check :

a) Was the server compiled to disallow anonymous access ? If so, you'll
need to recompile it. The WU-FTPD server can be compiled to disallow
anonymous access by setting the NO_ANONYMOUS_ACCESS macro at compile time.
If it was built using the "configure" command, then the --disable-anonymous
command line option would do this, and you should see the message
"Anonymous FTP access denied." returned to the client, plus
"FTP LOGIN REFUSED (anonymous ftp not supported)" logged via syslog. The
syslog messages posted when anonymous access is refused for another reason
vary slightly from the above, so check carefully.

b) Have you set up the ftp account correctly for the Linux server ? (Hopefully
the ftp man page has the relevant instructions for setting up the anon ftp
serbice for your OS). If the ftp user has not been set up, anonymous access
will fail.

c) Have you checked that the "ftp" user is not listed in the file
/etc/ftpusers ? The filename is a bit of a misnomer, since it contains a
list of users _not_ allowed to use FTP.

d) Assuming you are running the WU-FTPD server, since you posted to this list,
do you have a guestserver directive in the ftpaccess file ? If present, and
your linux host is not listed in the directive, this would cause anonymous
access to be denied.

e) Are you running a virtual server; if so check that you don't have the
command
virtual <address> private
in your ftpaccess file, as this would prevent anonymous access to the
virtual server given by <address>.

Also if you are running a virtual server, check for the presence of the
defaultserver private
command in the ftpaccess file; this has a similar effect on the default -
ie. non-virtual - server.

Checking the message returned to the syslog daemon by the ftp server when it
denies the anonymous access should also help provide a clue to the reason.

Good luck !

Cheers, Bob
--
Bob Luckin ***@ti.com "Coder, adapt; FTP Ada, redo C"
Continue reading on narkive:
Loading...