1 '\" te
   2 .\" Copyright (C) 2003, Sun Microsystems, Inc. All Rights Reserved
   3 .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License").  You may not use this file except in compliance with the License.
   4 .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing.  See the License for the specific language governing permissions and limitations under the License.
   5 .\" When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE.  If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
   6 .TH FTPUSERS 4 "May 1, 2003"
   7 .SH NAME
   8 ftpusers \- file listing users to be disallowed ftp login privileges
   9 .SH SYNOPSIS
  10 .LP
  11 .nf
  12 \fB/etc/ftpd/ftpusers\fR
  13 .fi
  14 
  15 .SH DESCRIPTION
  16 .LP
  17 The \fBftpusers\fR file lists users for whom \fBftp\fR login privileges are
  18 disallowed. Each \fBftpuser\fR entry is a single line of the form:
  19 .sp
  20 .in +2
  21 .nf
  22 name
  23 .fi
  24 .in -2
  25 
  26 .sp
  27 .LP
  28 where \fBname\fR is the user's login name.
  29 .sp
  30 .LP
  31 The FTP Server, \fBin.ftpd\fR(1M), reads the \fBftpusers\fR file. If the login
  32 name of the user matches one of the entries listed, it rejects the login
  33 attempt.
  34 .sp
  35 .LP
  36 The \fBftpusers\fR file has the following default configuration entries:
  37 .sp
  38 .in +2
  39 .nf
  40 root
  41 daemon
  42 bin
  43 sys
  44 adm
  45 lp
  46 uccp
  47 nuucp
  48 smmsp
  49 listen
  50 nobody
  51 noaccess
  52 nobody4
  53 .fi
  54 .in -2
  55 
  56 .sp
  57 .LP
  58 These entries match the default instantiated entries from \fBpasswd\fR(4). The
  59 list of default entries typically contains the superuser \fBroot\fR and other
  60 administrative and system application identities.
  61 .sp
  62 .LP
  63 The root entry is included in the \fBftpusers\fR file as a security measure
  64 since the default policy is to disallow remote logins for this identity. This
  65 policy is also set in the default value of the \fBCONSOLE\fR entry in the
  66 \fB/etc/default/login\fR file. See \fBlogin\fR(1). If you allow \fBroot\fR
  67 login privileges by deleting the root entry in \fBftpusers\fR, you should also
  68 modify the security policy in \fB/etc/default/login\fR to reflect the site
  69 security policy for remote login access by \fBroot\fR.
  70 .sp
  71 .LP
  72 Other default entries are administrative identities that are typically assumed
  73 by system applications but never used for local or remote login, for example
  74 \fBsys\fR and \fBnobody\fR. Since these entries do not have a valid password
  75 field instantiated in \fBshadow\fR(4), no login can be performed.
  76 .sp
  77 .LP
  78 If a site adds similar administrative or system application identities in
  79 \fBpasswd\fR(4) and \fBshadow\fR(4), for example, \fBmajordomo\fR, the site
  80 should consider including them in the \fBftpusers\fR file for a consistent
  81 security policy.
  82 .sp
  83 .LP
  84 Lines that begin with \fB#\fR are treated as comment lines and are ignored.
  85 .SH FILES
  86 .ne 2
  87 .na
  88 \fB\fB/etc/ftpd/ftpusers\fR\fR
  89 .ad
  90 .RS 22n
  91 A file that lists users for whom \fBftp\fR login privileges are disallowed.
  92 .RE
  93 
  94 .sp
  95 .ne 2
  96 .na
  97 \fB\fB/etc/ftpusers\fR\fR
  98 .ad
  99 .RS 22n
 100 See \fB/etc/ftpd/ftpusers\fR. This file is deprecated, although its use is
 101 still supported.
 102 .RE
 103 
 104 .sp
 105 .ne 2
 106 .na
 107 \fB\fB/etc/default/login\fR\fR
 108 .ad
 109 .RS 22n
 110 
 111 .RE
 112 
 113 .sp
 114 .ne 2
 115 .na
 116 \fB\fB/etc/passwd\fR\fR
 117 .ad
 118 .RS 22n
 119 password file
 120 .RE
 121 
 122 .sp
 123 .ne 2
 124 .na
 125 \fB\fB/etc/shadow\fR\fR
 126 .ad
 127 .RS 22n
 128 shadow password file
 129 .RE
 130 
 131 .SH ATTRIBUTES
 132 .LP
 133 See \fBattributes\fR(5) for descriptions of the following attributes:
 134 .sp
 135 
 136 .sp
 137 .TS
 138 box;
 139 c | c
 140 l | l .
 141 ATTRIBUTE TYPE  ATTRIBUTE VALUE
 142 _
 143 Interface Stability     See below.
 144 .TE
 145 
 146 .sp
 147 .LP
 148 The interface stability for \fB/etc/ftpd/ftpusers\fR is Volatile. The interface
 149 stability for \fB/etc/ftpusers\fR is (Obsolete).
 150 .SH SEE ALSO
 151 .LP
 152 \fBlogin\fR(1), \fBftphosts\fR(4),
 153 \fBpasswd\fR(4), \fBshadow\fR(4), \fBattributes\fR(5), \fBenviron\fR(5)