System Administration Guide: Network Services
Previous Next

Document Information

Preface

Part I Network Services Topics

1.  Network Service (Overview)

2.  Managing Web Cache Servers

3.  Time-Related Services

Part II Accessing Network File Systems Topics

4.  Managing Network File Systems (Overview)

5.  Network File System Administration (Tasks)

6.  Accessing Network File Systems (Reference)

Part III SLP Topics

7.  SLP (Overview)

8.  Planning and Enabling SLP (Tasks)

9.  Administering SLP (Tasks)

10.  Incorporating Legacy Services

11.  SLP (Reference)

Part IV Mail Services Topics

12.  Mail Services (Overview)

13.  Mail Services (Tasks)

14.  Mail Services (Reference)

Part V Serial Networking Topics

15.  Solaris PPP 4.0 (Overview)

16.  Planning for the PPP Link (Tasks)

17.  Setting Up a Dial-up PPP Link (Tasks)

18.  Setting Up a Leased-Line PPP Link (Tasks)

19.  Setting Up PPP Authentication (Tasks)

20.  Setting Up a PPPoE Tunnel (Tasks)

21.  Fixing Common PPP Problems (Tasks)

22.  Solaris PPP 4.0 (Reference)

23.  Migrating From Asynchronous Solaris PPP to Solaris PPP 4.0 (Tasks)

24.  UUCP (Overview)

25.  Administering UUCP (Tasks)

26.  UUCP (Reference)

Part VI Working With Remote Systems Topics

27.  Working With Remote Systems (Overview)

28.  Administering the FTP Server (Tasks)

Administering the FTP Server (Task Map)

Controlling FTP Server Access

How to Define FTP Server Classes

How to Set User Login Limits

How to Control the Number of Invalid Login Attempts

How to Disallow FTP Server Access to Particular Users

How to Restrict Access to the Default FTP Server

Setting Up FTP Server Logins

How to Set Up Real FTP Users

How to Set Up Guest FTP Users

How to Set Up Anonymous FTP Users

How to Create the /etc/shells file

Customizing Message Files

How to Customize Message Files

How to Create Messages to Be Sent to Users

How to Configure the README Option

Controlling Access to Files on the FTP Server

How to Control File Access Commands

Controlling Uploads and Downloads on the FTP Server

How to Control Uploads to the FTP Server

How to Control Downloads to the FTP Server

Virtual Hosting

How to Enable Limited Virtual Hosting

How to Enable Complete Virtual Hosting

Starting the FTP Server Automatically

How to Start an FTP Server Using SMF

How to Start a Standalone FTP Server in the Background

How to Start a Standalone FTP Server in the Foreground

Shutting Down the FTP Server

How to Shut Down the FTP Server

Debugging the FTP Server

How to Check syslogd for FTP Server Messages

How to Use greeting text to Verify ftpaccess

How to Check the Commands Executed by FTP Users

Configuration Help for Busy Sites

29.  Accessing Remote Systems (Tasks)

Part VII Monitoring Network Services Topics

30.  Monitoring Network Performance (Tasks)

Glossary

Index

Controlling Access to Files on the FTP Server

The FTP server access controls in this section supplement the standard file and directory access controls available with the Solaris release. Use the standard Solaris commands to restrict who can access, change, or upload files. See chmod(1), chown(1), and chgrp(1).

How to Control File Access Commands

To use the permission capabilities in ftpaccess to specify what type of user is allowed to perform which commands, do the following:

  1. Become superuser or assume an equivalent role.

    Roles contain authorizations and privileged commands. For more information about roles, see Configuring RBAC (Task Map) in System Administration Guide: Security Services. To configure a role with the Primary Administrator profile, see Chapter 2, Working With the Solaris Management Console (Tasks), in System Administration Guide: Basic Administration.

  2. Add the following entries to the ftpaccess:
    command yes|no typelist
    command

    The commands chmod, delete, overwrite, rename, or umask

    yes|no

    Allows or disallows a user to issue a command

    typelist

    A comma-separated list of any of the keywords anonymous, guest, and real

Example 28-12 How to Control File Access Commands

The following are examples of permissions that are set for file access functions on FTP server.

chmod no anonymous, guest
delete    no anonymous
overwrite no anonymous
rename    no anonymous
umask     no guest, anonymous

The preceding example states the following:

  • Anonymous users are not allowed to delete, overwrite, or rename files.

  • Guests and anonymous users are both prevented from changing access modes and resetting the umask.
Previous Next