summaryrefslogtreecommitdiffstats
path: root/libexec
diff options
context:
space:
mode:
authorwollman <wollman@FreeBSD.org>2000-09-14 19:08:29 +0000
committerwollman <wollman@FreeBSD.org>2000-09-14 19:08:29 +0000
commitfd6ae2da94ab1c8fd1b66fb552185f0cf0c1f218 (patch)
tree3c1bae6ff3bb80ae6f3800406e614394851403c6 /libexec
parenteeb064d69ce03414f67fa4bfbc006e2187f8ca07 (diff)
downloadFreeBSD-src-fd6ae2da94ab1c8fd1b66fb552185f0cf0c1f218.zip
FreeBSD-src-fd6ae2da94ab1c8fd1b66fb552185f0cf0c1f218.tar.gz
Allow tftpd to run as a specified user, not just `nobody'.
Update documentation to reflect new option. Also fix documentation style and add missing references. PR: 21268 Submitted by: "Aleksandr A. Babaylov" <babolo@links.ru> Reviewed by: imp
Diffstat (limited to 'libexec')
-rw-r--r--libexec/tftpd/tftpd.873
-rw-r--r--libexec/tftpd/tftpd.c10
2 files changed, 55 insertions, 28 deletions
diff --git a/libexec/tftpd/tftpd.8 b/libexec/tftpd/tftpd.8
index 1309ac6..2af0ee4 100644
--- a/libexec/tftpd/tftpd.8
+++ b/libexec/tftpd/tftpd.8
@@ -41,16 +41,16 @@
Internet Trivial File Transfer Protocol server
.Sh SYNOPSIS
.Nm /usr/libexec/tftpd
-.Op Fl l
-.Op Fl n
+.Op Fl ln
.Op Fl s Ar directory
+.Op Fl u Ar user
.Op Ar directory ...
.Sh DESCRIPTION
.Nm Tftpd
is a server which supports the
Internet Trivial File Transfer
-Protocol (\c
-.Tn RFC 783).
+Protocol
+.Pq Tn RFC 1350 .
The
.Tn TFTP
server operates
@@ -90,25 +90,39 @@ names are prefixed by the one of the given directories.
The given directories are also treated as a search path for
relative filename requests.
.Pp
-The chroot option provides additional security by restricting access
-of
-.Nm
-to only a chroot'd file system. This is useful when moving
-from an OS that supported
+The
.Fl s
-as a boot server. Because chroot is restricted to root, you must run
+option provides additional security by changing
+.Nm tftpd Ns No 's
+root directory, thereby prohibiting accesses outside of the specified
+.Ar directory .
+Because
+.Xr chroot 2
+requires super-user privileges,
.Nm
-as root. However, if you chroot, then
+must be run as root.
+However, after performing the
+.Fn chroot ,
.Nm
-will set its user id to nobody.
+will set its user id to that of the specified
+.Ar user ,
+or
+.Dq nobody
+if no
+.Fl u
+option is specified.
.Pp
The options are:
.Bl -tag -width Ds
.It Fl l
Log all requests using
.Xr syslog 3
-with the facility of LOG_FTP. Note: Logging of LOG_FTP messages
-will also need to be enabled in the syslog configuration file
+with the facility of
+.Dv LOG_FTP .
+Note: Logging of
+.Dv LOG_FTP
+messages
+must also be enabled in the syslog configuration file,
.Xr syslog.conf 5 .
.It Fl n
Suppress negative acknowledgement of requests for nonexistent
@@ -116,23 +130,32 @@ relative filenames.
.It Fl s Ar directory
Cause
.Nm
-to chroot to
-.Pa directory
-before accepting commands. In addition, the user id is set to
-nobody.
-.Pp
-If you are not running
-.Fl s ,
-no user id change will be
-attempted. You should not run
+to change its root directory to
+.Pa directory .
+After changing roots but before accepting commands,
.Nm
-as root unless you are using
-.Fl s .
+will switch credentials to an unprivileged user.
+.It Fl u Ar user
+Switch credentials to
+.Ar user
+(default
+.Dq nobody )
+when the
+.Fl s
+option is used.
+The user must be specified by name, not a numeric UID.
.El
.Sh SEE ALSO
.Xr tftp 1 ,
+.Xr chroot 2 ,
.Xr inetd 8 ,
.Xr syslogd 8
+.Rs
+.%A K. R. Sollins
+.%T The TFTP Protocol (Revision 2)
+.%D July 1992
+.%O RFC 1350, STD 33
+.Re
.Sh HISTORY
The
.Nm
diff --git a/libexec/tftpd/tftpd.c b/libexec/tftpd/tftpd.c
index 07475a4..56c6c02 100644
--- a/libexec/tftpd/tftpd.c
+++ b/libexec/tftpd/tftpd.c
@@ -121,9 +121,10 @@ main(argc, argv)
struct sockaddr_in sin;
char *chroot_dir = NULL;
struct passwd *nobody;
+ char *chuser = "nobody";
openlog("tftpd", LOG_PID | LOG_NDELAY, LOG_FTP);
- while ((ch = getopt(argc, argv, "lns:")) != -1) {
+ while ((ch = getopt(argc, argv, "lns:u:")) != -1) {
switch (ch) {
case 'l':
logging = 1;
@@ -134,6 +135,9 @@ main(argc, argv)
case 's':
chroot_dir = optarg;
break;
+ case 'u':
+ chuser = optarg;
+ break;
default:
syslog(LOG_WARNING, "ignoring unknown option -%c", ch);
}
@@ -226,8 +230,8 @@ main(argc, argv)
*/
if (chroot_dir) {
/* Must get this before chroot because /etc might go away */
- if ((nobody = getpwnam("nobody")) == NULL) {
- syslog(LOG_ERR, "nobody: no such user");
+ if ((nobody = getpwnam(chuser)) == NULL) {
+ syslog(LOG_ERR, "%s: no such user", chuser);
exit(1);
}
if (chroot(chroot_dir)) {
OpenPOWER on IntegriCloud