Results 1 to 2 of 2
  1. #1
    Apple's decision to switch ftp daemons from ftpd in 10.1 to lukemftpd in 10.2 is of questionable merit. Their lack of updated documentation to reflect that decision is truly lamentable. Most users upgrading from 10.1.x are left hobbled or with malfunctioning ftp servers (especially in regards to ftpchroot functionality), with no changes in the man pages to help them configure their new ftp daemon.

    Rather than remaining in that state, I elected to replace the built-in ftp server with pure-ftpd, a robust and feature-rich ftp server that also boasts no root exploits.

    The first step is to download and unpack the source. First, change directories to wherever you keep you downloads or source code:
    cd /downloads
    curl -O
    tar xzf pure-ftpd-1.0.14.tar.gz
    cd pure-ftpd-1.0.14/
    ./configure --with-everything --without-banner --without-humor --with-virtualchroot

    (This will configure a 'big server' with a plethora of options, including throttling, ratios, ftpwho, quotas, but will leave off the guady initial banner and the sprinkling of colorful banter in the error messages, etc.)
    sudo make install-strip

    At this point you will need to choose which server type you desire, as pure-ftpd can run in either standalone or xinetd mode:

    Standalone Mode
    You can run the server in standalone mode with this command:
    sudo /usr/local/sbin/pure-ftpd &
    or if you desire, use command line switches to configure the server at runtime:
    sudo /usr/local/sbin/pure-ftpd -A -E -p 40000:50000 -c 5 -C 1 -I 5 -T 25 -u 1 &

    The command line switches I have chosen tell the server the following:
    -A chroots everyone
    -E only allows authenticated users; anonymous users disallowed
    -p 40000:50000 specifies the port range for passive connections
    -c 5 specifies the number of clients
    -C 1 specifies the number of connections per IP address
    -I 5 changes the idle timeout; default 15 minutes seems excessive
    -T 25 throttles the bandwidth to 25KB/sec per user
    Many other switches are available. See the documentation for a complete list.

    To get the standalone server to launch automagically at startup, you would have to write a Startup Item:

    xinetd Mode
    (As always, before editing a system level file, it is wise to create a backup first.)
    cd /etc/xinetd.d/
    sudo -s
    cp ftp ftp.default
    pico ftp

    Modify the server and server_args lines as folows:
    service ftp
            disable = no
            socket_type     = stream
            wait            = no
            user            = root
            server          = /usr/local/sbin/pure-ftpd
            server_args     = -A -E -p 40000:50000 -c 5 -C 1 -I 5 -T 25 -u 1
            groups          = yes
            flags           = REUSE
    Restart xinetd to affect the changes (if you have the existing ftp server running):
    kill -1 `cat /var/run/`

    Test to confirm that it is working:
    ftp 0

    If you get something like this:
    [gatorparrots:] gator% ftp 0
    Connected to 0.
    220-FTP server ready.
    220 This is a private system - No anonymous login
    Name (0:gator):
    Congratulations! Your new FTP server is working as advertised. To enable the chroot to a single directory, simply assign your ftp users' home directories to your ftp root directory via NetInfo (and possibly put them in a dedicated ftp user group for added flexibility). Otherwise, the individual users will be chrooted to their /Users/username home directory.

  2. #2
    I have updated the above directions to reflect the newer 1.0.14 release of pure-ftpd. (This should be one of the last major releases before 2.0 is released.)

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Pure personal speculation about possible future iPhone models...
    By Ctrl-Opt-Del in forum Schweb's Lounge
    Replies: 3
    Last Post: 06-15-2014, 12:13 AM
  2. Inverters mod vs pure sine for apple products?
    By PLUMMER in forum iPad Hardware and Accessories
    Replies: 0
    Last Post: 06-14-2014, 10:27 AM
  3. macbook mac mini = PURE GENIUS!!
    By iggibar in forum Apple Notebooks
    Replies: 5
    Last Post: 10-06-2009, 09:53 PM
  4. Black Macbook, pure bliss !
    By shaolinmac in forum Switcher Hangout
    Replies: 15
    Last Post: 09-22-2008, 04:59 PM
  5. pure human error/stupidity
    By hylan32 in forum OS X - Operating System
    Replies: 8
    Last Post: 06-24-2008, 05:58 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts