Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!tut.cis.ohio-state.edu!zaphod.mps.ohio-state.edu!sol.ctr.columbia.edu!emory!stiatl!chris From: chris@stiatl.UUCP (Chris Cheyney) Newsgroups: comp.unix.aix Subject: Help with Anonymous FTP Keywords: broke chroot Message-ID: <9012@stiatl.UUCP> Date: 14 Feb 90 20:32:08 GMT Reply-To: chris@stiatl.UUCP (Chris Cheyney) Distribution: usa Organization: Sales Technologies, Inc., Atlanta GA Lines: 108 I've been trying to install AIX anonymous FTP on the PS/2 Model 80 and am having limited success. I receive from the FTP daemon the FTP response code: 550 Can't set guest privileges. I've looked at the BSD FTP daemon source code and determined that the problem is a chroot() call failing. The actual place where it fails is in the pass() function, and the instance is in the code fragment following the body of this posting. I have no idea how much of this IBM has modified, so I'm just guessing that they're using something based on Berkeley's FTPD. I've added the following line to the two copies of the password file (note: the one in /etc and the one in /u/ftp/etc): ftp:NOLOGIN:34:25:Mister FTP:/u/ftp:/bin/sh where group 25 is group 'ftp'. I've tried setting /etc/ftpd as setuid root, group system, which also didn't work. When it is having problems doing chroot() calls as root, something's amiss. Does anyone have a clue why the chroot() call would be failing so that I have this problem with anonymous FTP? Any help would be appreciated. chris --- Chris Cheyney | If you want to get something Sales Technologies, Inc., Atlanta GA 30326 | done, go hire a mercenary. Internet: stiatl!chris@gatech.edu | If you want to find the nearest UUCP: {decvax,mcnc}!gatech!stiatl!chris | donut shop, go ask a cop. --- cut here --- /* * Copyright (c) 1985 Regents of the University of California. * All rights reserved. * * Redistribution and use in source and binary forms are permitted * provided that the above copyright notice and this paragraph are * duplicated in all such forms and that any documentation, * advertising materials, and other materials related to such * distribution and use acknowledge that the software was developed * by the University of California, Berkeley. The name of the * University may not be used to endorse or promote products derived * from this software without specific prior written permission. * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ /* Much BSD ftpd source deleted ..... */ pass(passwd) char *passwd; { char *xpasswd; if (logged_in || pw == NULL) { reply(503, "Login with USER first."); return; } if (!guest) { /* "ftp" is only account allowed no password */ xpasswd = crypt(passwd, pw->pw_passwd); /* The strcmp does not catch null passwords! */ if (*pw->pw_passwd == '\0' || strcmp(xpasswd, pw->pw_passwd)) { reply(530, "Login incorrect."); pw = NULL; return; } } setegid(pw->pw_gid); initgroups(pw->pw_name, pw->pw_gid); if (chdir(pw->pw_dir)) { reply(530, "User %s: can't change directory to %s.", pw->pw_name, pw->pw_dir); goto bad; } /* open wtmp before chroot */ (void)sprintf(ttyline, "ftp%d", getpid()); logwtmp(ttyline, pw->pw_name, remotehost); logged_in = 1; if (guest) { if (chroot(pw->pw_dir) < 0) { reply(550, "Can't set guest privileges."); goto bad; } reply(230, "Guest login ok, access restrictions apply."); } else reply(230, "User %s logged in.", pw->pw_name); seteuid(pw->pw_uid); home = pw->pw_dir; /* home dir for globbing */ return; bad: seteuid(0); pw = NULL; } -- Chris Cheyney | If you want to get something Sales Technologies, Inc., Atlanta GA 30326 | done, go hire a mercenary. Internet: stiatl!chris@gatech.edu | If you want to find the nearest UUCP: {decvax,mcnc}!gatech!stiatl!chris | donut shop, go ask a cop.