this is obsolete doc -- see instead

Configuring an FTP server with Tnftpd (formaly Lukemftpd) 



Tnftpd is built within NetBSD. On other Unices make sure gcc, make and yacc are available. Here rhel, 

rpm -q gcc make byacc

fetch it (, compile and install it, 

cd ~/
tar xzf tnftpd-20100324.tar.gz
cd tnftpd-20100324/
./configure && make && make install

note. if you get this error (on recent Linux systems), 

glob.c:723: error: 'ARG_MAX' undeclared (first use in this function)

replace 'ARG_MAX' by 'sysconf(_SC_ARG_MAX)' in libnetbsd/glob.c. 




On RHEL5/6, make some useful links, 

cd /etc/
ln -s /usr/local/etc/ftpd.conf
ln -s /usr/local/etc/ftpusers

enable anonymous ftp (/sbin/nologin shell is fine), 

mkdir -p /var/ftp/


On NetBSD you should first, 

cd /etc/
mv ftpusers ftpusers.dist
mv ftpchroot ftpchroot.dist

enable anonymous ftp, 

grep ^csh /etc/shells
chpass -s /bin/csh ftp


On Slackware you should first, 

removepkg proftpd
cd /etc/
mv ftpusers ftpusers.dist


Configure the daemon, 

vi /etc/ftpd.conf


motd          all    none
portrange     all       50000 50999
umask         chroot    022
umask         real      022

Note. in a NAT configuration, advertise the public IP, 

advertize     all       IP_ADDRESS

Note. "denyquick all" isn't recommended as it would help attackers to guess login usernames. Still, you can activate it if you only got anonymous access ! 

Note. the default configuration is described in the DEFAULTS chapter in ftpd.conf(5). Search for manuals, 

cd /usr/local/share/man/
find . -type f
man ./man8/tnftpd.8
man ./man5/ftpusers.5
man ./man5/ftpd.conf.5


Enable some users, 

cd /etc/
vi ftpusers


USERNAME            allow   chroot
ftp             allow   guest
anonymous       allow   guest
*               deny


Ready to go 

Run the daemon (and add it to /etc/rc.local), 

cd ~/
/usr/local/libexec/tnftpd -D -4 -ll -V "go see your mom"
ps aux | grep tnftpd

Note. "-D" for daemon mode 

Note. "-4" for IPv4 

Note. "-ll" to log login attempts, put, get, etc... to syslog 

Note. "-L xferlog" for xferlogs 

Note. "-a" to force the anondir (default: ftp user's homedir) 

Note. "-h althostname" for alternate hostname 


Enable at boot time, 

cd /etc/
cat >> rc.local <<EOF9
echo -n starting lukemftpd...
/usr/local/libexec/tnftpd -D -4 -ll && echo done


Otherwise here's the inetd.conf configuration, 

#ftp stream tcp nowait root /usr/local/libexec/tnftpd tnftpd -ll


Anonymous upload 

Eventually create the incoming directory, 

mkdir -p /var/ftp/upload/
chmod 777 /var/ftp/upload/

note. ftpd.conf has 'umask guest 0707' which means users can upload but can't download, delete nor overwrite. 

note. if you plan to make your repository readable by HTTP too, make sure you deactivate PHP on this directory. You don't want anymore to upload php hacks and execute them through apache.