SoftwareDesign
/
csu3_am335x


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183
							<?xml version="1.0" encoding='UTF-8'?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
	"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">

<refentry id="pam_ftp">

  <refmeta>
    <refentrytitle>pam_ftp</refentrytitle>
    <manvolnum>8</manvolnum>
    <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
  </refmeta>

  <refnamediv id="pam_ftp-name">
    <refname>pam_ftp</refname>
    <refpurpose>PAM module for anonymous access module</refpurpose>
  </refnamediv>

  <refsynopsisdiv>
    <cmdsynopsis id="pam_ftp-cmdsynopsis">
      <command>pam_ftp.so</command>
      <arg choice="opt">
	debug
      </arg>
      <arg choice="opt">
        ignore
      </arg>
      <arg choice="opt" rep='repeat'>
        users=<replaceable>XXX,YYY,</replaceable>
      </arg>
    </cmdsynopsis>
  </refsynopsisdiv>

  <refsect1 id="pam_ftp-description">

    <title>DESCRIPTION</title>

    <para>
      pam_ftp is a PAM module which provides a pluggable
      anonymous ftp mode of access.
    </para>
    <para>
      This module intercepts the user's name and password. If the name is
      <emphasis>ftp</emphasis> or <emphasis>anonymous</emphasis>, the
      user's password is broken up at the <emphasis>@</emphasis> delimiter
      into a <emphasis>PAM_RUSER</emphasis> and a
      <emphasis>PAM_RHOST</emphasis> part; these pam-items being set
      accordingly. The username (<emphasis>PAM_USER</emphasis>) is set
      to <emphasis>ftp</emphasis>.  In this case the module succeeds.
      Alternatively, the module sets the <emphasis>PAM_AUTHTOK</emphasis>
      item with the entered password and fails.
    </para>
    <para>
      This module is not safe and easily spoofable.
    </para>
  </refsect1>

  <refsect1 id="pam_ftp-options">

    <title>OPTIONS</title>
    <para>
      <variablelist>

        <varlistentry>
          <term>
            <option>debug</option>
          </term>
          <listitem>
            <para>
	      Print debug information.
            </para>
          </listitem>
        </varlistentry>

        <varlistentry>
          <term>
            <option>ignore</option>
          </term>
          <listitem>
            <para>
              Pay no attention to the email address of the user
              (if supplied).
            </para>
          </listitem>
        </varlistentry>

        <varlistentry>
          <term>
            <option>ftp=<replaceable>XXX,YYY,...</replaceable></option>
          </term>
          <listitem>
            <para>
              Instead of <emphasis>ftp</emphasis> or
              <emphasis>anonymous</emphasis>, provide anonymous login
              to the comma separated list of users:
              <option><replaceable>XXX,YYY,...</replaceable></option>.
              Should the applicant enter
              one of these usernames the returned username is set to
              the first in the list: <emphasis>XXX</emphasis>.
            </para>
          </listitem>
	</varlistentry>

      </variablelist>

    </para>
  </refsect1>

  <refsect1 id="pam_ftp-types">
    <title>MODULE TYPES PROVIDED</title>
    <para>
      Only the <option>auth</option> module type is provided.
    </para>
  </refsect1>

  <refsect1 id='pam_ftp-return_values'>
    <title>RETURN VALUES</title>
    <para>
      <variablelist>

        <varlistentry>
          <term>PAM_SUCCESS</term>
          <listitem>
            <para>
              The authentication was successful.
            </para>
          </listitem>
        </varlistentry>

        <varlistentry>
          <term>PAM_USER_UNKNOWN</term>
          <listitem>
            <para>
	      User not known.
            </para>
          </listitem>
        </varlistentry>

      </variablelist>
    </para>
  </refsect1>

  <refsect1 id='pam_ftp-examples'>
    <title>EXAMPLES</title>
    <para>
      Add the following line to <filename>/etc/pam.d/ftpd</filename> to
      handle ftp style anonymous login:
      <programlisting>
#
# ftpd; add ftp-specifics. These lines enable anonymous ftp over
#       standard UN*X access (the listfile entry blocks access to
#       users listed in /etc/ftpusers)
#
auth    sufficient  pam_ftp.so
auth    required    pam_unix.so use_first_pass
auth    required    pam_listfile.so \
           onerr=succeed item=user sense=deny file=/etc/ftpusers
      </programlisting>
    </para>
  </refsect1>

  <refsect1 id='pam_ftp-see_also'>
    <title>SEE ALSO</title>
    <para>
      <citerefentry>
	<refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
      </citerefentry>,
      <citerefentry>
	<refentrytitle>pam.d</refentrytitle><manvolnum>5</manvolnum>
      </citerefentry>,
      <citerefentry>
	<refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
      </citerefentry>
    </para>
  </refsect1>

  <refsect1 id='pam_ftp-author'>
    <title>AUTHOR</title>
      <para>
        pam_ftp was written by Andrew G. Morgan &lt;morgan@kernel.org&gt;.
      </para>
  </refsect1>

</refentry>