Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Fri 28 Nov 2014, 16:54
All times are UTC - 4
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Unsorted
new FTP Server: BetaFTPD
Moderators: deshlab, Flash, GuestToo, Ian, JohnMurga, Lobster
Post new topic   Reply to topic View previous topic :: View next topic
Page 2 of 4 [46 Posts]   Goto page: Previous 1, 2, 3, 4 Next
Author Message
papaschtroumpf


Joined: 17 Jun 2005
Posts: 250

PostPosted: Thu 30 Jun 2005, 14:10    Post subject:  

uploaded betaftpd-0.0.8pre17-pup-3

Now restricts the commands listed in a previous post when in "download-only" mode.
Also updated the help file

_________________
Mandriva LE 2005 user and puppy newbie
Back to top
View user's profile Send private message 
Guest
Guest


PostPosted: Thu 30 Jun 2005, 14:22    Post subject:  

This is the source package for betaftpd-0.0.8pre17-pup-3.
You shouldn't need this if you're just a user, use the compiled version at the top of this thread. I'm mostly putting it here to be in a place where I won't loose it and if someone wants to check my work or add new features.
The Control Center is not included in this archive since it's only a shell script and can be retrieved from the tarball in the top post of this thread.

Do not run ./configure unless you really intend to change the config options since the puppy build doesn't use the default configuration.

I think I marked all my changed with "papaschtroumpf". I also added a README.puppy in the doc directory and removed the Debian directory from the package I started from.
betaftpd-0.0.8pre17-pup-3.src.tar.gz
Description 
gz

 Download 
Filename  betaftpd-0.0.8pre17-pup-3.src.tar.gz 
Filesize  87.68 KB 
Downloaded  618 Time(s) 
Back to top
papaschtroumpf


Joined: 17 Jun 2005
Posts: 250

PostPosted: Thu 30 Jun 2005, 14:23    Post subject:  

Guest above was me. forgot to log in before posting Embarassed
_________________
Mandriva LE 2005 user and puppy newbie
Back to top
View user's profile Send private message 
Nathan F


Joined: 08 Jun 2005
Posts: 1760
Location: Wadsworth, OH (occasionally home)

PostPosted: Thu 30 Jun 2005, 17:10    Post subject:  

All of the features above seem to be working now! Thanks a million. I'm going to give this some heavy-duty testing sending files back and forth with a friend back in Ohio, will post my findings. Preliminarily I'd say this should at least be in the unleashed suite, but it's probably a good candidate to replace gtkftpd.

Barry, I hope you're watching this thread.

Nathan Laughing
Back to top
View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger 
papaschtroumpf


Joined: 17 Jun 2005
Posts: 250

PostPosted: Thu 30 Jun 2005, 17:29    Post subject:  

It works "as is" as an unleashed, that's why I released it as a pupGet rather than a DotPup. It doesn't show up in the menus and doesn't have a description in the package chooser though.
I works even better if you first register it in packages.txt and add a menu entry for it in each WM, before you start ./createpuppy.
The reason for this is that Unleashed packages are supposed to be "preregistered".

I use the following script to do it (the script gets ran from the puppy-unleashed directory but assumes there is a directory one step above it with the contents of the tarball. The reason I did this is that I can make changes to the files without having to repack them)

Code:

echo " ...adding betaftpd, registering in packages.txt  and fixing menu entries"

  cp -rf ../betaftpd-0.0.8pre17 packages

  FVWM95RC="packages/fvwm95-2.0.43f/root0/.fvwm95rc"
  if [ -f $FVWM95RC ] ; then
    # if somehow the script got ran multiple times we could keep adding
    # more instances: don't do that
    grep "/usr/sbin/betaftpd-cc" $FVWM95RC
    if [ $? -ne 0 ] ;then
      cp -f $FVWM95RC /tmp/DOTfvwm95.ftpd.backup
      EDITTEXT="s/^\(.\+Exec LinPopUp\)/#+ \"BetaFTPD FTP server%pc-2x.xpm%\" Exec exec \/usr\/sbin\/betaftpd-cc\n\1/"
      sed -e "$EDITTEXT" $FVWM95RC >/tmp/betaftpdinstall.tmp
      mv -f /tmp/betaftpdinstall.tmp $FVWM95RC
    fi
    sync
  fi

 
  ### register ourselves in the jwm menu
  # we place ourselves immediately beofre the LinPopUp menu item
  # The menu item will bring up the BetaFTPD Control Center
  JWMRC="packages/jwm-0.23/root/.jwmrc"
  if [ -f $JWMRC ] ; then
    # if somehow the script got ran multiple times we could keep adding
    # more instances: don't do that
    grep "/usr/sbin/betaftpd-cc" $JWMRC
    if [ $? -ne 0 ] ;then
      cp -f $JWMRC /tmp/DOTjwm.ftpd.backup
      EDITTEXT="s/^\(.\+Program label=\"LinPopUp Samba messaging.\+$\)/<Program label=\"BetaFTPD FTP server\" icon=\"pc-2x.xpm\">exec \/usr\/sbin\/betaftpd-cc<\/Program>\n\1/"
      sed -e "$EDITTEXT" $JWMRC >/tmp/betaftpdinstall.tmp
      mv -f /tmp/betaftpdinstall.tmp $JWMRC
    fi
    sync
  fi



  ### register ourselves in the icewm menu if it's there
  # (there currently isn't an unleashed but I made my own)
  # we place ourselves immediately before the LinPopUp menu item
  # The menu item will bring up the BetaFTPD Control Center
  ICEWMMENU="packages/icewm_full-1.2.20/root/local/share/icewm/menu"
  if [ -f $ICEWMMENU ] ; then
    # if somehow the script got ran multiple times we could keep adding
    # more instances: don't do that
    grep "/usr/sbin/betaftpd-cc" $ICEWMMENU
    if [ $? -ne 0 ] ;then
      cp -f $ICEWMMENU /tmp/icewmmenu.ftpd.backup
      EDITTEXT="s/^\(.\+prog \"LinPopUp Samba messaging.\+$\)/\tprog \"BetaFTPD FTP Server\" pc-2x \/usr\/sbin\/betaftpd-cc\n\1/"
      sed -e "$EDITTEXT" $ICEWMMENU >/tmp/betaftpdinstall.tmp
      mv -f /tmp/betaftpdinstall.tmp $ICEWMMENU
    fi
  sync
  fi


_________________
Mandriva LE 2005 user and puppy newbie
Back to top
View user's profile Send private message 
Nathan F


Joined: 08 Jun 2005
Posts: 1760
Location: Wadsworth, OH (occasionally home)

PostPosted: Thu 30 Jun 2005, 18:27    Post subject:  

Papaschtroumpf-meant no offense. I know it works "as-is" as an unleashed. I only meant it would be great to include in the "official" unleashed package and to have it appear in the menu when you open the pupget installer.

One final (hopefully) word of caution to anyone who does use this on a computer connected to the internet. If you do make a new user and give them acces to their own home directory, you are essentially creating another user for your computer. In other words unless you take other security precautions they will be able to view and download any file on your computer, although they will not have permission to alter anything outside of their own home directory. Still, think long and hard before you give anyone this kind of access to your data.

That said, this program opens up many possibilities for file transfer on a network, making it easier to communicate with Windows boxes and many other possibilities. I will be using it quite happily.
Back to top
View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger 
Nathan F


Joined: 08 Jun 2005
Posts: 1760
Location: Wadsworth, OH (occasionally home)

PostPosted: Thu 30 Jun 2005, 22:52    Post subject:  

Ok. Sorry about the sheer number of posts. In reference to my last post, if you open the root directory and change permissions of each directory to PRIVATE< OWNER ACCESS ONLY you can successfully keep any new users that you add out of the rest of your filesystem. You also have to do the same after going up one more level past root. Just dont do it to /root/ itself, or they won't be able to access their own directory. Don't forget all of the hidden files and directories. At least it works so far for me, anyhow. Since you are already running Puppy as root, this should not effect how your system runs. I'm still relatively green, however, so please someone correct me if I've given any bad advice here.

Nathan
Back to top
View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger 
papaschtroumpf


Joined: 17 Jun 2005
Posts: 250

PostPosted: Fri 01 Jul 2005, 00:28    Post subject:  

This is actually not normal, I'm not sure why the designers of betaftpd made it that way. It seems that root_dir is set to "/" for any pasworded user. It should be possible to limit each user to his/her own directory (I think that's already done for the anonymous user), I'll take a look at the code again.

You do bring a good point about the fact that we created a real user, not just an FTP user though: if you were to allow SSH access for example, that user could log in using SSH.
Admittedly you should somewhat trust a user to create an account for them on your computer, but you shouldn;t have to trust them that much.

I think a possible solution for that would be to change their shell to either a "sorry no shell" or at least a restricted shell (see http://www.opensource.apple.com/darwinsource/WWDC2004/bash-30/bash/RBASH for a description of a restricted shell). I don't know if ash has a restricted shell but bash does, so you could make a script called /bin/rbash:

#!/bin/shell
bash --restricted

and specify the shell when you create your user or manuall edit the last field for that user in /etc/passwd from "/bin/sh" to "/bin/rbash"

and the user would be able to log in but not to get outside og his home directory. Unfortunately that doesn't seem to extend the protection to betaftpd, probably because it has got its own mechanism to change directories and the server runs as root, not as the user so it has access to everything.

I'll think about it and see what I can do. I don't want to modify betaftpd too much from its original state, but I do want something that is not too insecure.

_________________
Mandriva LE 2005 user and puppy newbie
Back to top
View user's profile Send private message 
Nathan F


Joined: 08 Jun 2005
Posts: 1760
Location: Wadsworth, OH (occasionally home)

PostPosted: Fri 01 Jul 2005, 01:21    Post subject:  

Papaschtroumpf-No issues with anonymous so far. Seems that yes, it does limit anonymous users to their own directory. I don't think you should do too much more to it, either. I just wanted people to be aware of the possible limitations of what can or can't be done with the program. I'm pretty sure this has gone further than you expected already, and I geuss you could say I've been a bit of a nag. I feel pretty secure with what you have now, though.
Back to top
View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger 
papaschtroumpf


Joined: 17 Jun 2005
Posts: 250

PostPosted: Fri 01 Jul 2005, 01:31    Post subject:  

I hate the idea of letting users have acces to the entire machine. some FTP servers run "chrooted" for that very reason.

Try the attached betaftpd (put it in /usr/sbin and overwrite the old one there) and let me know what you think. All users should now behave jsut like the "ftp" user, so user "bob" only has access to /root/bob/ and below.

I would still recommened to have users createed for ftp only to be assigned a restricted shell like I describe above, even though it doesn't impact FTP behavior.

Hopefully this is the last build, I'll be leaving for vacation in a few days and won't be back before August. If it works, I'll make yet another PupGet (we're up to rev 4!)

Edit: had to create a tarball for the forum to let me upload it.
betaftpd.tar.gz
Description  users contained within their home directory with this build. this is just the ftpd file, place it in /usr/sbin. release candidate for version 4
gz

 Download 
Filename  betaftpd.tar.gz 
Filesize  17.3 KB 
Downloaded  741 Time(s) 
Back to top
View user's profile Send private message 
Nathan F


Joined: 08 Jun 2005
Posts: 1760
Location: Wadsworth, OH (occasionally home)

PostPosted: Fri 01 Jul 2005, 10:37    Post subject:  

Just tried it, and it seems to be a go. My test user can still go up to the next directory levels, but can't peer inside anything. I don't think there are any adverse effects. Will let you know more if I find anything else, but I don't ecpect to.
Back to top
View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger 
papaschtroumpf


Joined: 17 Jun 2005
Posts: 250

PostPosted: Fri 01 Jul 2005, 10:43    Post subject:  

Nathan F wrote:
Just tried it, and it seems to be a go. My test user can still go up to the next directory levels, but can't peer inside anything.


I'm not sure what that means? how do you go to the next directory levels adn what happens if you can't peer inside it?
How did you test it? I get a "no such directory" or something like that when I try to CD out of the home directory with the cygwin FTP client and I get back to the previous browser page when I try to go up using Internet Explorer.

_________________
Mandriva LE 2005 user and puppy newbie
Back to top
View user's profile Send private message 
Nathan F


Joined: 08 Jun 2005
Posts: 1760
Location: Wadsworth, OH (occasionally home)

PostPosted: Fri 01 Jul 2005, 12:44    Post subject:  

To tell you the truth, I think it was user error on my part. I think I did something wrong when I went to overwrite the file the first time. I just deleted the old one and replaced it with the new one and now I'm getting the same results you mentioned. Simple, dumb mistake on my part. It was still keeping me out of those directories because of the permissions changes that I had made earlier. Now it won't let me out of the home directory at all, which is exactly what we want. Sorry about the confusion.
Back to top
View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger 
papaschtroumpf


Joined: 17 Jun 2005
Posts: 250

PostPosted: Fri 01 Jul 2005, 21:51    Post subject:  

I'll make the new behavior a command line option so that betaftpd behaves exactly like a "stock" one when called without options, and package it up.
That's probably all I'll do to it for a while. I don't want to spend much more time on it and it does what I want it to do. (or close enough given its small size)

_________________
Mandriva LE 2005 user and puppy newbie
Back to top
View user's profile Send private message 
Flash
Official Dog Handler


Joined: 04 May 2005
Posts: 11165
Location: Arizona USA

PostPosted: Fri 01 Jul 2005, 23:04    Post subject:  

Let me know if and when you think it's ready for the index. (It would be nice if someone who understands the program would write an overview describing what the program might be used for, and, briefly, how to go about installing and configuring it.)

Thanks, guys, for all your hard work. Smile
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 2 of 4 [46 Posts]   Goto page: Previous 1, 2, 3, 4 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Unsorted
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0947s ][ Queries: 13 (0.0043s) ][ GZIP on ]