Getting FTP Access

FTP is commonly used for transferring files. The process responsible for FTP service on Mac OS X is /usr/libexec/ftpd. Mac OS X Server uses a different FTP daemon (/usr/libexec/xftpd) with different configuration parameters. You use the Sharing pane of System Preferences to stop and start the FTP service.

The configuration file /System/Library/LaunchDaemons/ftp.plist controls the startup of the daemon when the computer is started. The files ftpchroot, ftpusers, and ftpd.conf in /etc control the behavior of the daemon. The files /etc/motd and /etc/ftpwelcome contain the welcome messages users see before and after logging in, respectively. A property in com.apple.sharing.firewall.plist controls whether the FTP Access port in the firewall is open.

The daemon writes messages to /var/log/ftp.log and the system log. In addition, launchd writes some FTP-related messages to the system log.

Note

FTP is not enabled by default because it is considered an insecure protocol. Before you enable FTP, consider the fact that it is not encrypted and passwords may be passed as clear text. As an alternative to FTP, there is another, more secure protocol called Secure FTP SFTP, which is included with Mac OS X as part of the Secure Shell Protocol (SSH).

Starting FTP

Starting FTP consists of the follwing steps:

1. You start FTP Access in the Sharing pane of System Preferences.

2. The value of the enable property for FTP Access in /Library/Preferences/com.apple.sharing.firewall.plist changes from 0 to 1. This change opens a port in your computer's firewall for FTP connections.

3. The Disabled key is removed from the configuration file /System/Library/LaunchDaemons/ftp.plist.

4. launchd is notified of the changes to /System/Library/LaunchDaemons/ftp.plist. Because this file has been changed to indicate that FTP is no longer disabled, the launchd process listens for FTP connections.

5. When a user connects to your computer using FTP, launchd starts ftpd to manage the connection.

When you stop FTP Access in Sharing preferences, the files change back to their original state and launchd rereads its configuration file. The ftpd process stops when the last connected user disconnects.

You can start and stop FTP sharing from the command line by using one the following methods:

• Change the value of the enable property for FTP Access in com.apple.sharing. firewall.plist to 1 when starting and to 0 when stopping.

• Issue the following command to manage FTP sharing:

  sudo launchctl load w /System/Library/LaunchDaemons/ftp.plist

• To stop FTP access, issue the same launchctl command, but use unload instead of load, and change the firewall setting back to 0.

Note

If you have an account with the name administrator, you will have to modify this file to grant that user access via FTP. For security reasons, do not grant FTP access to root.

Configuring FTP

There are several commands that enable you to customize some of FTP's features from the command-line interface.

ftpusers and ftpchroot

Sometimes you might need to prevent certain users from logging in to your computer using FTP. To do that, add the user's name to /etc/ftpusers. By default, the file contains the following list of users who are not allowed to log in using FTP:

Administrator administrator root uucp daemon unknown www

Sometimes you need to restrict an FTP user's access to the file system. You can do that by changing the user's root folder for FTP sessions. For example, if you change student17's root folder to be his home folder, when the user logs in using FTP, commands like pwd, cd, and get will act as if "/Users/student17" is "/". This prevents student17 from seeing the rest of the file system.

To change a user's FTP root folder to be the user's home folder, create the file /etc/ftpchroot, if necessary, and add the user's name. If you want a user's FTP root to be a different folder, you must set the chroot (change root) directive in /etc/ftp.conf.

More Info

For more information, see the man page for ftpusers and ftpchroot.

The following illustrates what happens when different users log in remotely via FTP. Depending on where the user's name is located, he or she will have different default directories and permissions to search other directories.

• The normal user would do the following to log in remotely via FTP:

  ftp pwd 257 "/Users/david" is the current directory. ftp cd /private 250 CWD command successful.

• The ftpchroot user would do the following to log in remotely via FTP:

  ftp pwd 257 "/" is the current directory. ftp cd /private 550 /private: No such file or directory. ls / -rw-r--r--     1      david     david     16     Jan 20 10:44     AUserFile drwx------     3      david     david     102    Jan 20 10:44     Desktop drwx------     3      david     david     102    Jan 20 10:44     Documents drwx------     17     david     david     578    Jan 20 10:44     Library drwx------     3      david     david     102    Jan 20 10:44     Movies drwx------     3      david     david     102    Jan 20 10:44     Music drwx------     3      david     david     102    Jan 20 10:44     Pictures drwxr-xr-x     4      david     david     136    Jan 20 10:44     Public drwxr-xr-x     5      david     david     170    Jan 20 10:44     Site

ftpd.conf

If you want a user's FTP root folder to be somewhere other than the user's home folder, you can use the chroot directive in ftpd.conf. For example, if you want all the users in ftpchroot to have /Users/special as their root, create /etc/ftpd.conf, if necessary, and add the following line:

chroot CHROOT /Users/special

Sometimes users might need to download large files from your computer. You could speed up the FTP downloads by converting all your files to a smaller format. Alternatively, you can keep your files in their original format and allow FTP to perform an automatic file conversion. To do that, you use the conversion directive in ftpd.conf. For example, if you want users to be able to gzip files before copying them, you could add the following line to ftpd.conf, as shown in the following figure:

conversion all .gz f xyz /usr/bin/gzip c %s

The f means only files, not folders, can be converted. If the file xyz exists in the folder, it prevents conversion. These fields are mandatory.

Then, if the user types

get tarfile.gz

in a folder that contains a file called tarfile but not tarfile.gz, a shell on your computer will execute the command

/usr/bin/gzip c tarfile

and copy the output of the command to the user's computer as tarfile.gz.