Solution to anonymous ftp site
2007-12-25 7:17:00
//Hello Sun Managers-
// I am trying to set up an anonymous ftp site, but I am having a
//problem. Everything seems to work okay (get, cd, login, ...), but when
//I try to do an 'ls' it responds with the following message:
//
// ctr0: no /usr/lib/ld.so
//
//This file exists on the machine I am ftping from and the anonymous ftp
//machine. Do I need to change something? I looked in Eli Nemeth's Sys
//Adm Handbook, but did not see any thing about this. Please help !!
//
//Send all responses directly to me, and I will make a summary if anyone
//is interested. Thanx.
I got many responses, and they are all greatly appreciated.
The problem is that with SunOS 4.x 'ls' is dynanically linked. This
means that it uses some libriaries in /usr/lib to run. The libs that
are used by 'ls' are /usr/lib/ld.so and /usr/lib/libc.so.*. These are
not accesible for the anonymous ftper because a chroot is done when the
ftper logs in. The chroot moves the root directory to the home directory
of ftp (that is established in /etc/passwd), so this means that unless
there is a ~ftp/usr directory with the libs ~ftp/usr/lib/ld.so and
run because it cannot find its needed libraries.
There seem to be two options to fixing this problem. The first one is to
set up the anonymous ftp site as dictated in the man page for ftpd. Towards
the end of the man page it states the following rules for setting up an
anonymous ftp site:
~ftp Make the home directory owned by "ftp" and unwrit-
able by anyone.
~ftp/bin
Make this directory owned by the super-user and
unwritable by anyone. The program ls(1V) must be
present to support the list commands. This program
should have mode 111. Since the default /bin/ls
command is linked with a shared library, so you need
to set up the files for dynamic linking as well.
~ftp/usr/lib/ld.so
the runtime loader must be present and executable.
~ftp/dev/zero
used by the runtime loader, create this with the
command "mknod zero c 3 12".
~ftp/usr/lib/libc.so.*
should be a copy of the latest version of the shared
C library.
~ftp/etc
Make this directory owned by the super-user and
unwritable by anyone. The files passwd(5) and
group(5) must be present for the ls command to work
properly. These files should be mode 444.
~ftp/pub
Make this directory mode 777 and owned by "ftp".
Users should then place files which are to be acces-
sible via the anonymous account in this directory.
And brendan@cs.widener.edu added the following to setting up his
anonymous ftp site (to make it more secure):
ftp:
total 24
d--x--x--x 2 root 512 Aug 3 19:44 bin
d--x--x--x 2 root 512 Nov 6 13:57 dev
d--x--x--x 2 root 512 Nov 6 14:12 etc
dr-xr-xr-x 2 root 512 Oct 25 12:00 pub
d--x--x--x 3 root 512 Oct 25 17:41 usr
ftp/bin:
total 14
---x--x--x 1 root 13336 Sep 11 11:04 ls
ftp/dev:
total 0
cr--r--r-- 1 root 3, 12 Nov 6 13:57 zero
ftp/etc:
total 2
-r--r--r-- 1 root 11 Oct 25 12:24 group
-r--r--r-- 1 root 15 Oct 25 12:24 passwd
ftp/usr:
total 1
dr-xr-xr-x 2 root 512 Oct 25 17:35 lib
^ ^ ^
+--+--+---- usr/lib MUST be readable for ld.so to work properly
(so you don't have to have an ld.so.cache in /etc)
ftp/usr/lib:
total 552
-r-xr-xr-x 1 root 40960 Sep 11 11:04 ld.so
-r--r--r-- 1 root 516096 Sep 11 11:04 libc.so.1.5
Now there is the second option. This is to get a copy of a static
'ls'. I ftped a copy a static 'ls' (for sun4) from eru.mt.luth.se
(130.24.0.9). I just put this static ls in ~ftp/bin and it works
without the libs ~ftp/usr/lib/ld.so and ~ftp/usr/lib/libc.so.*. I
understand from several people that for sun3s you can get the static
ls from the SunOS distribution tape. The only advantage I saw to using
the static ls is to save about 93K in disk space, so the choice is yours.
I hope this helps the other few people that were having problems with
setting up their anonymous ftp sites. I greatly appreciate all that
responded to my question. It was a BIG help.
////////////////////////////////////////////////////////////////////////
// Curt Kersey System Support University of Georgia
// Computer Science Dept. (404) 542-3445
// email: curt@pollux.cs.uga.edu
///////////////////////////////////////////////////////////////////////
Comments
Got something to say?
You must be logged in to post a comment.
