From Reuel Q. Salamatin on Tue, 01 Dec 1998
Mr. James T. Dennis,
I am so happy to have known that you are available to anwer Linux questions. I have tried emailing persons I found from how-to files and documentations about ftp, but as of yet, got no answers.
Here's my problem. Our ftp site doesn't seem to support the ls command.
Usually, upon log-in, or with a browser it should display directory listings. Now it worked just like that before. But now, it doesn't. I don't actually remember how it came about to be like that.
I have followed instructions listed on the ftpd man page, about making a copy of the ls command on the bin directory of ftp home. I did just that but still no directory listing output. I was wondering what else could have gone wrong.
Thank you even now in anticipation of your response.
Mr. Roland Reuel Q. Salamatin
Assuming that you're using one of the traditional FTP servers (daemons) such as the BSD derived one, or WU-FTPD (which has been the default on most Linux distributions for several years), this probably relates to one of three problems. All have to do with the 'chroot' jail in which anonymous FTP (and the "guestgroups" from WU-FTP) operate.
The idea here is that we've tried to minimize the risks to your system that are associated with having untrusted parties (anonymous and guest FTP users) accessing your directories. So we set up a psuedo "root" directory and issue the 'chroot()' system call to "lock the process into a directory."
On problem with this approach is that most Unix/Linux programs need access to files like '/etc/passwd' and '/etc/group' (to map the numeric ownership codes that are stored in the inodes of file and directories to the associated names and groups. Also most modern programs (dynamically linked ELF binaries) require access to '/dev/zero' (a psuedo-device) for fairly obtuse reasons that amount to "because that's the way they work."
So we need to build a skeletal copy/shadow of the system's directory structure to support this. That must contain at least the following files:
- 'ls' binary in the [chroot]/usr/bin
- Fake 'passwd' and 'group' files for [chroot]/etc
- A copy of (or hard link to) /dev/zero and /dev/null under [chroot]/dev/
- (Possibly) copies of any shared libraries to which your copy of 'ls' is linked.
(You can compile a statically linked 'ls' or you can use the 'ldd' command to get a list of the required shared libraries).
Another option is to replace the BSD or WU ftp daemon with Mike Gleason's 'ncftpd', or with ProFTPD which both have built-in static 'ls' support.
'ncftpd' is not free. It is shareware and can be registered for about $200 for a high volume server (more than 50 concurrent users) or ~$40 for a smaller server. Mike Gleason continues to support and release the best FTP client for free. There is also a free "personal use" option (upto 3 concurrent users). You can find out more:
Of the FTP daemons that I've tried, 'ncftpd' was the easiest to set up and definitely the easiest to configure. It also supports "virtual FTP hosting" (where one host appears to be several different FTP servers, each with different directory structures and separate user lists). My only complaint was that this server doesn't seem to like being dynamically loaded from 'inetd' (unlike the normal ftp daemons --- but more like 'sendmail' and most web servers).
ProFTPD is under the GPL. I know know the author's name and it may be a whole team that's worked on it.
I have yet to try this one. However it looks very ambitious --- and might appeal to Apache webmasters in particular. The configuration files and directives are intentionally set to match or resemble Apache configuration options wherever possible.
From what I've read the original author started working on a security audit and patch set to WU-FTPD and gave up. He then wrote the whole thing from scratch.
So, I hope that helps. Naturally you could just fuss with the existing ftp daemon and "get it to work." Alternatively either of these replacements might be much better for your needs --- and considerably easier, as well.
If not then there are a few other choices:
This is a WU-FTPD derivative.
- Troll Tech FTP Daemon:
Troll Tech is the publisher of the Qt libraries on which KDE is built.
by D.J Bernstein (author of qmail) --- very lightweight FTP daemon, purely for read-only anonymous access. (Doesn't support normal user or "guest" accounts). Main focus is on security and low memory footprint.
... and I'm sure we could find many others.