Register for EarthWeb's Million Dollar Sweepstakes!
home account info subscribe login search My ITKnowledge FAQ/help site map contact us


 
Brief Full
 Advanced
      Search
 Search Tips
To access the contents, click the chapter and section titles.

Complete Idiot's Guide to Linux
(Publisher: Macmillan Computer Publishing)
Author(s): Manuel Ricart
ISBN: 078971826x
Publication Date: 12/22/98

Bookmark It

Search this book:
 
Previous Table of Contents Next


Hosting an FTP Service

Although most of the time you’ll be a client to FTP sites, you might want to make some files available through FTP. To enable FTP access from other machines, you must enable the FTP service in /etc/inetd.conf. For information on how to enable these services, see the “Network Services” note.) After you enable the service in /etc/inetd.conf, you can use FTP to get to your machine and use your login and password.

To enable an FTP service, you need to ensure that the wu-ftpd package is installed. If you did a standard installation, it was installed.

The FTP service installed by default in Linux is called wu-ftpd. Wu-ftpd was originally developed at the Washington University in St. Louis. This robust FTP server software is used by sites that support thousands of users.

Providing anonymous FTP is enabled by default as your /etc/passwd contains an entry for the FTP user. Users who log in to the system as FTP login are put into the /home/ftp directory. This directory is treated differently by the FTP daemon (the software running the FTP service). As far as anonymous users are concerned, /home/ftp looks like a root file system. Users cannot change directories outside it and only have access to directories within it. The FTP daemon accomplishes this by changing the server’s root for the FTP process to the /home/ftp directory. This directory contains minimum/etc and /bin directories with just enough information and software to allow anonymous users access to the system. You should not modify the contents of the /home/ftp/etc and /home/ftp/bin directories unless you know what you are doing.

To publish files, as root, create a directory inside /home/ftp/pub and make sure that permissions for the directory are 755. Anonymous users will be able to download files from there but not write to the (put) file.


Techno Talk:  Network Services: /etc/inetd and tcpd
Network services are handled by a program called inetd. Inetd listens for network connections, and when it gets one, it makes sure that the right server is connected with the client.

Because of security concerns, you might want to offer certain services to only certain clients. For example, you might not want everyone to be able to try to connect to your system via FTP. To accommodate such needs, there’s a program called tcpd that handles requests for programs like FTP and Telnet. When a connection request is received, the system tries to determine if it should allow the connection based on where the user is coming from. Tcpd consults the files /etc/hosts.allow and /etc/hosts.deny to see if the client (the system trying to connect) falls into any of these categories. By default, any client not explicitly allowed is explicitly denied access.

To enable access for other hosts, you’ll need to edit the /etc/hosts.allow file. Information on the configuration for these files is found in the online manual. (Do a man 5 hosts_access to read about the configuration format.)

For example, to enable access to hosts from all domains for all services, you would enter the following in the /etc/hosts.allow file:

ALL: ALL

Read the man page for tcpd, inetd, and hosts_access for more information.


Creating an incoming directory (one in which anonymous users can drop files) is a little trickier. If your computer is on the Internet and you put such a directory without taking adequate precautions, it will be no time before your computer becomes a distribution node for pirated software and questionable documents and images. To create an incoming directory less susceptible to this type of problem, enter the following:

     [root@digital /root]# cd /home/ftp/pub
     [root@digital pub]# mkdir incoming
     [root@digital pub]# chmod 1733 incoming

This will create a directory that allows anonymous users to place files, but they won’t be able to list the files that they uploaded. Users who know the name of a file in the incoming directory will still be able to download it, but they won’t be able to list the contents of the directory.

There are many options and restrictions that you can put on anonymous users to control access to the site, including controlling the number of concurrent users and where they are coming from. Ftpd also has a number of options to log everything that comes in and goes out. To take advantage of these features, read the man documentation on ftpd. (Do an rpm –qd wu-ftpd to see a list of all the documentation and where it is installed.)


Previous Table of Contents Next


Products |  Contact Us |  About Us |  Privacy  |  Ad Info  |  Home

Use of this site is subject to certain Terms & Conditions, Copyright © 1996-2000 EarthWeb Inc.
All rights reserved. Reproduction whole or in part in any form or medium without express written permission of EarthWeb is prohibited. Read EarthWeb's privacy statement.