-------------------------------------------------------------------------------- HP ARPA FTP SERVER HELP FILE -------------------------------- This file is: FTPDOC.ARPA.SYS The purpose of this SAMPLE session is to provide help for a remote user accessing the FTP server. More detailed information about FTP behavior follows the sample. ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ Start FTP from your system and connect to the remote MPE/iX system using the IP address supplied by your system administrator (The IP address used below is just an example): ftp> open 192.50.43.21 220 HP ARPA FTP Server [A0006007] (C) Hewlett-Packard Co. 1990 Supply the logon ID and password when prompted or use the USER command. The MPE/iX logon syntax is session,username.acctname,groupname. The password syntax is [userpass][,acctpass[,grouppass]]. For example: ftp> user john,support.arpa,pub online,ftp 331 Password required for SUPPORT.ARPA,PUB. Syntax: userpass,acctpass 230 User logged on Display your logon information using the PWD command: ftp> pwd 257-"/ARPA/PUB" is the current directory. 257 "JOHN,SUPPORT.ARPA,PUB" is the current session. Display the files in your current working group and account using the DIR and LS commands: ftp> dir 200 PORT command ok. 150 File: LISTFILE ./@,2 opened; data connection will be opened PATH= /ARPA/PUB/./ ACCOUNT = ARPA GROUP= PUB FILENAME CODE ------------LOGICAL RECORD------- SIZE TYP EOF LIMIT NSCREEN1 256B FA 800 10000 NSCREEN2 80B FA 500 14000 NSPROGX PROG 1934W VB 4551 9480 PROGRAMX 256W FB 700 1350 226 Transfer complete. ftp> ls @ 200 PORT command ok. 150 File: LISTFILE @,6 opened; data connection will be opened NSCREEN1 NSCREEN2 NSPROGX PROGRAMX 226 Transfer complete. Now display files in another group (same account) on the remote HP 3000 machine. Notice how the wild card character results in a difference in file naming convention in this reply compared to the previous LS command. These file names have the group and account appended. ftp> ls @.group1 200 PORT command ok. 150 File: LISTFILE @.group1 opened; data connection will be opened AFILE.GROUP1.ARPA NPROGRAM.GROUP1.ARPA NSPROG1.GROUP1.ARPA NSPROG2.GROUP1.ARPA NSPROG3.GROUP1.ARPA TSCREEN.GROUP1.ARPA TSCREEN2.GROUP1.ARPA 226 Transfer complete. Transfer an MPE/iX file to your system. The target file name defaults to the source file name NSCREEN1, since no target file name was specified: ftp> get nscreen1 200 PORT command ok. 150 File: NSCREEN1 opened; data connection will be opened 226 Transfer complete. Transfer a binary file from MPE/iX to your system from another group. Since no target file was specified, the target file should be named NPROGRAM.GROUP1. ftp> binary 200 Type set to I. ftp> get NPROGRAM.GROUP1 200 PORT command ok. 150 File: NPROGRAM.GROUP1 opened; data connection will be opened 226 Transfer complete. Transfer multiple files from MPE/iX to your system. All the NS* files in GROUP1 will be transferred and have the same names as on MPE/iX including the group and account name. MPE/iX file names can be up to eight characters and are represented in capital letters. ftp> mget ns@.group1 mget NSPROG1.GROUP1.ARPA? y 150 File: NSPROG1.GROUP1.ARPA opened; data connection will be opened 226 Transfer complete. mget NSPROG2.GROUP1.ARPA? y 150 File: NSPROG2.GROUP1.ARPA opened; data connection will be opened 226 Transfer complete. mget NSPROG3.GROUP1.ARPA? y 150 File: NSPROG3.GROUP1.ARPA opened; data connection will be opened 226 Transfer complete. Transfer a local file to other than the MPE/iX working group, using MPE/iX file building parameters: ftp> put file2 newfile.group1;rec=-78,,f,ascii ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ The MPE/iX file system consists of two file spaces: First is the older MPE-space, made up of "FILENAME.GROUP.ACCOUNT", where names are not case sensitive and each of FILENAME, GROUP and ACCOUNT are limited to 8 characters, and the first character must be alphabetical. Second is the newer hierarchical file space made up of "/dir1/dir2/.../filename", where each label is case-sensitive, limited to 255 characters, and can start with any alpha-numeric of under-score ("_") character. MPE/iX user logon accounts are in the form: ftp> USER sessionname,username.acctname,groupname Sessionname is optional. Passwords may be required for all three parts of the user account: userpass,accountpass,grouppass You can enter the user logon account and passwords together as in the following example: ftp> USER sess,user/upass.acct/apass,group/gpass In this instance, press the return key when prompted for a password since the passwords were already specified. Changing groups: The FTP CD command is supported by the FTP server. To change groups you can "cd ../NEWGROUP". Using metacharacters: Be aware that if you use metacharacters (wild-cards) to specify a group and/or account with MGET, the resulting filenames will be fully qualified MPE/iX file names (filename.groupname.account), a maximum of 26 characters, including periods. If your system supports fewer characters than MPE/iX, the filenames may be truncated. Use the LS command to verify the set of files you are transferring as in the following: ftp> LS @.groupname Both * and @ can be used as wildcard characters. To transfer files to MPE/iX machines with certain attributes, you can use file building parameters following the PUT command string as follows: ftp> PUT localfile remotefile;buildparms The supported build parameters are: ;REC=[-recsizeinbytes][,blkfactor[,[{F}][,{BINARY}]]]] {V} {ASCII} {B} [;CODE=filecode] [;DISC=[numrec][,[numextents][,[initialloc]]] The recsizeinbytes sub-parameter in the REC= parameter can also be specified in words (two bytes per word) using a positive integer value. The F, V or B sub-parameter of the REC= parameter indicates whether the file should be built with fixed-length, variable-length or byte-stream records. This last type is new and is designed to more closely match files on character-oriented file-systems, such as UN*X. Note that the B will override any other sub-parameters and force a record size of one and the file to be type ASCII. FTP/iX supports 3 transfer modes: ASCII (the default), binary and local-byte, also known as byte-stream (UN*X machines often call this mode tenex). Binary and local-byte are the same from a data-transfer point-of-view; the only difference is that in-bound files will be created with binary build-parameters versus byte-stream build-parameters. The default MPE/iX file transfer specifications (for PUTs) in the form of file building parameters are, according to the current transfer type: ;REC=-80,,F,ASCII;DISC=204800 ;REC=128,,F,BINARY;DISC=204800 ;REC=,,B;DISC=16384000 Note that for ASCII and binary, the DISC= parameter indicates how many records to allow the target file to contain, whereas for local-byte mode, the DISC= parameter also indicates how many bytes, since each record is a single byte. Examples: ftp> PUT filex file2;REC=-150,,V,ASCII ftp> PUT filex file2;REC=-256,,F,BINARY;CODE=PROG ftp> PUT filex file2;REC=,,B;DISC=120 If you want to send data to a file that already exists (for example, writing a new version of a program), and you want to create the new file with the same attributes as the old one, you can use the following command to find out what the old file's attributes were: ftp> site buildparms myfile 213 "myfile": REC=128,1,F,BINARY;DISC=950,8;CODE=1030 You can then use these build-parms to create the new file. When both ends of the transfer are MPE/iX machines, FTP will automatically supplement any build-parms specified by the user with those of the source file, so by default a target file will be created with the same attributes as the source file. NEW FEATURES: ****************************************************************************** Transfer of all MPE/iX file types: ****************************************************************************** The client (FTP) and server (FTPSRVR) must be compatible to take advantage of this feature. All MPE/iX file types can be transferred between like MPE/iX/FTP/iX systems without the need for buildparms on the command line. Buildparms included on the command line will be ignored if the file is a non standard file type such as RIO, MESSAGE, KSAMXL, KSAM, SPOOL, PRIV code, etc. The use of buildparms is only accepted for standard file types (file code of zero). Non standard file type transfers to incompatible MPE/iX/FTP/iX versions will result in a data transfer failure message. You cannot append to non-standard MPE/iX file types with the use of this new feature. Non-Standard file transfers to non MPE/iX systems will also result in a data transfer failure. Non compatibility of client and server file transfer requests will result in appropriate error messages. Example: FILENAME CODE ------------LOGICAL RECORD----------- ----SPACE---- SIZE TYP EOF LIMIT R/B SECTORS #X MX DB000 PRIV 128W FB 6 6 1 16 1 1 ftp> get db000 150 File: db000 opened; data connection will be opened 2816 bytes received in 0.02 seconds (130.95 Kbytes/sec) ftp> In the above example, a second data connection message is displayed as a result of transferring the files file label before the opening of the target file. In non-standard files, this additional message will appear. In standard file transfers, the old method of file transferred is employed and will not display a second data connection open message. Example: FILENAME CODE ------------LOGICAL RECORD----------- ----SPACE---- SIZE TYP EOF LIMIT R/B SECTORS #X MX BIGRIO1 128B FAR 8193 8192 3 4128 1 8 ftp> get bigrio1 150 File: bigrio1 opened; data connection will be opened 1054934 bytes received in 3.69 seconds (279.27 Kbytes/sec) ftp> Example: FILENAME CODE ------------LOGICAL RECORD----------- ----SPACE---- SIZE TYP EOF LIMIT R/B SECTORS #X MX O494 OUTSP 1008B VACS 95 4 1 16 1 5 ftp> get o494 150 File: o494 opened; data connection will be opened 4096 bytes received in 0.03 seconds (142.86 Kbytes/sec) ftp> Example: ftp> get o494;rec=120,3,f,ascii;disc=12345 {- buildparms will be ignored 150 File: o494 opened; data connection will be opened 4096 bytes received in 0.03 seconds (142.86 Kbytes/sec) ftp> ftp> :listf o494,2 ACCOUNT= FTPTESTS GROUP= STAGE1 FILENAME CODE ------------LOGICAL RECORD----------- ----SPACE---- SIZE TYP EOF LIMIT R/B SECTORS #X MX O494 OUTSP 1008B VACS 95 4 1 16 1 5 ftp> For more information about the BUILD command, see the MPE/iX Intrinsics Reference Manual, part number 32650-90028. ****************************************************************************** HASH command: ****************************************************************************** The hash is a command that toggles the display function which will display a hash ('#') symbol every 1024 characters of data transfer. Example: ftp> hash Hash mark printing on (1024 bytes/hash mark). ftp> get db000 150 File: db000 opened; data connection will be opened 150 File: db000 opened; data connection will be opened ## 2816 bytes received in 0.02 seconds (130.95 Kbytes/sec) ftp> hash Hash mark printing off (1024 bytes/hash mark). ftp> The hash command is a local client command and will work while connected to non MPE/iX systems. ****************************************************************************** SITE TIMEOUT command: ****************************************************************************** The SITE TIME command works similar to the TIMEOUT command at the FTP client command prompt. This command will send a timeout value to the peer FTP server (MPE/iX compatible version only) and establish a timeout for the data connection based on that value. Values from 0 to 31000 seconds are valid, where 0 disables the timer (essentially, setting the timer to infinite). Without setting or initiating this command, the default is set at 3000 seconds. Example: ftp> site timeout 0 200 TIMEOUT command ok. In the above example, the timer is set to an infinite timeout value. In In the above example, the timer is set to an infinite timeout value. In the example below, the timeout is set to 1 second (yielding a timeout which very quickly expires the remote FTP server - validated by the logoff which would normally be displayed on the system console). ftp> site timeout 1 200 TIMEOUT command ok. ftp> 11:19/#S81/67/LOGOFF ON LDEV #8. For additional information please refer to the HP ARPA File Transfer Protocol User's Guide, part number 36957-61002. ****************************************************************************** SITE POSIX command: ****************************************************************************** The SITE POSIX command is a ON/OFF toggle which provides the ability to change from the default MPE File Domain of file.GROUP.ACCOUNT to the POSIX File Domain more commonly known as HFS (Hierarchical File System) of /ACCOUNT/GROUP/file or /directory/file. This is an significant FTP server enhancement that improves the file access for non-3000 clients connecting to the HP e3000 in three areas. The new functionality includes 1) An improved FTP 'anonymous' logon interface where commands generate expected POSIX results and support for HFS file directory access; 2) An improved FTP client HFS file directory access which eliminates the difficulty of specifying "./" to PUT, GET and DELete files which promotes the drag/drop files feature existing in some GUI based FTP clients and 3) Support for ftp:// commands from web browsers providing the ability to display directories, view ASCII and ByteStream file contents and save selected files to the client. The SITE POSIX ON/OFF command can be executed at a FTP client prompt or can be set as a system wide default in the file SETPARMS.ARPA.SYS by adding the text "POSIX=ON" or "POSIX=OFF" with a supported editor. The following features/changes are implemented in "SITE POSIX ON": 1. A new "SITE" command Syntax: SITE POSIX [ON | OFF] When the command "SITE POSIX ON" is executed, the FTP server will change to the "POSIX" mode for "DIR/LS", "GET/PUT" and "DEL" requests. When the "SITE POSIX OFF" command is executed, the FTP server will behave in the "MPE" mode for "DIR/LS", "GET/PUT" and "DEL" requests. By default the "POSIX" flag is set "OFF". If a SETPARMS.ARPA.SYS file is built with "POSIX=ON" and the connection to the FTP server is from a "non-MPE" machine, the "POSIX" flag is set "ON". For connections to the FTP server from a "MPE" machine, the "POSIX" flag is set "OFF". The "SITE POSIX ON" command entered on a FTP client will override the default. The response in both cases to the "SITE POSIX ON/OFF" command is as follows: ftp> site POSIX on 200 POSIX command ok. ftp> site POSIX off 200 POSIX command ok. 2. POSIX behavior of "DIR/LS" (LIST/NLIST) The output of the "DIR" command is in "ls -1a" format and the "LS" command is in "ls -al" format. 3. POSIX PWD response In the normal case "MPE" mode the response for a PWD request is 257- "/SYS/PUB" is the current directory 257 "MANAGER.SYS,PUB" is the current session In the POSIX case, it is only 257 "/SYS/PUB" is the current directory. 4. POSIX PUT/MPUT There is no need to have a "./" prefix to put POSIX files However, to put a file to the non-default account, you should specify the target file in HFS, i.e. /ACCOUNT/GROUP/file; file.GROUP.ACCOUNT WILL NOT work. 5. POSIX GET/MGET There is no need to have a "./" prefix to get POSIX files However, to get a file from the non-default account, you need to specify the file in HFS, i.e. /ACCOUNT/GROUP/file; file.GROUP.ACCOUNT WILL NOT work. 6. POSIX DEL There is no need to have a "./" prefix to delete POSIX files However, to delete a file from the non-default account, you need to specify the file in HFS, i.e. /ACCOUNT/GROUP/file; file.GROUP.ACCOUNT WILL NOT work. 7. Logging on to system with FTP:// URL With a web browser, FTP now supports a FTP:// URL logon of anonymous if configured on the HP e3000 host and a logon of USER.ACCOUNT with password prompting. The web browser URL for a FTP anonymous logon is: ftp://host.hp.com The web browser URL for a USER.ACCOUNT logon is: ftp://user.account@host.hp.com You will be prompted for the passwords: userpass,acctpass,grppass. 8. Displaying the ByteStream file in the browser With a web browser, the ByteStream files are displayed properly. The browser sets the transfer mode to "binary" internally. No FTP code changes were necessary in this case. Note: At the FTP command prompt, if you specify ASCII option and do a "GET" of a ByteStream file, you will get a "CR-LF" after each character, but if you change the transfer mode to "binary", the file is transferred properly. 9. Displaying the FIXED ASCII file in the browser With a web browser, the fixed ASCII files are now displayed properly. It was necessary to make a FTP code change in this case since the entire ASCII file was displayed on one line without a "CR-LF" terminating logical records. 10. Updated the STATUS command The STATUS command will display whether "POSIX" is turned ON or OFF. If the client sends the "STAT" command to the MPE FTP server, then the server will respond with the "POSIX ON" or "POSIX OFF". Notes: Significant differences, some unexpected are seen when transferring files to the HP e3000 with "POSIX ON" mode specified. The FTP server will in all cases treat the file name specified in the PUT, GET or DEL as a HFS file name when transferring files with "POSIX ON". SITE POSIX OFF (MPE mode seen historically with FTP/iX) ============= Note: This is the functionality currently documented in the FTP/iX user reference. FTP command Result of FTP command -------------------------------------- --------------------------------- put testdata /SYS/WORK/TESTDATA (MPE space) put testdata testdata /SYS/WORK/TESTDATA {MPE space} put testdata ./testdata /SYS/WORK/testdata (POSIX space) put testdata /SYS/WORK/testdata /SYS/WORK/testdata (POSIX space) put testdata longfilename {failed - invalid MPE space name} put testdata ./longfilename /SYS/WORK/longfilename (POSIX) put testdata name_name {failed - invalid MPE space name} put testdata ./name_name /SYS/WORK/name_name (POSIX space) put testdata TESTDATA.WORK.SYS /SYS/WORK/TESTDATA (MPE space) put testdata testdata.work.sys /SYS/WORK/TESTDATA (MPE space) put testdata.jpg {failed - invalid MPE group name} put testdata.jpg ./testdata.jpg /SYS/WORK/testdata.jpg {POSIX} -------------------------------------- --------------------------------- SITE POSIX ON ============= FTP command Result of FTP command -------------------------------------- --------------------------------- pwd 257 "/SYS/WORK" is the current directory. put testdata /SYS/WORK/testdata put testdata testdata /SYS/WORK/testdata put TESTDATA /SYS/WORK/TESTDATA {MPE space} put testdata ./testdata /SYS/WORK/testdata put testdata /SYS/WORK/testdata /SYS/WORK/testdata put testdata LONGFILENAME /SYS/WORK/LONGFILENAME put testdata longfilename /SYS/WORK/longfilename put testdata ./longfilename /SYS/WORK/longfilename put testdata NAME_NAME /SYS/WORK/NAME_NAME put testdata name_name /SYS/WORK/name_name put testdata ./name_name /SYS/WORK/name_name put testdata TESTDATA.WORK.SYS /SYS/WORK/TESTDATA.WORK.SYS put testdata testdata.work.sys /SYS/WORK/testdata.work.sys put testdata.jpg /SYS/WORK/testdata.jpg put testdata.jpg ./testdata.jpg /SYS/WORK/testdata.jpg -------------------------------------- --------------------------------- Note: In this example only one of the above files identified as {MPE space} is visible with a MPE :listf command and is within the MPE File Domain. All of the above files are in POSIX space (since POSIX is a superset of MPE space) and all are visible with the POSIX :listfile command as well as "ls" and "dir" in the POSIX SHell. Warning: It is advised to take caution before enabling "POSIX ON". In the case where a file name is qualified to the GROUP or GROUP.ACCOUNT level, this will now become part of the POSIX file name and not the MPE GROUP.ACCOUNT. In the case where a file name is in lower case, this will now become a lower case POSIX file name and not an upshifted MPE file name. A case exist where a limitation in POSIX (not FTP) constrains the HFS functionality made accessible with the "POSIX ON" mode. HP POSIX has a limitation of a maximum of 16 character file names allowed in a MPE directory object (a MPE GROUP or a MPE ACCOUNT). put testdata /SYS/PUB/this_is_a_very_long_file_name Fails with error: 550 Inserting a name } 16 characters into a MPE dir object is not allowed. (FILE SYSTEM ERROR -176). When "POSIX ON" is enabled, files which are PUT or GET with FTP in MPE file space should be specified in POSIX syntax "/SYS/PUB/CATALOG" as an example, instead of "CATALOG.PUB.SYS" or "catalog.pub.sys". Differences in operation are seen with the Netscape(r) Communicator and the Microsoft(r) Internet Explorer web browsers. Note: Our testing was performed on the latest browser versions available at the time of this documentation - Netscape(r) 4.72 and Microsoft(r) IE 5.0. One of the significant differences is seen when connecting to the HP e3000 FTP server from the browsers with the ftp:// command. With the Microsoft(r) Internet Explorer, after logging in with a URL and responding with the passwords "ftp://manager.sys@host.hp.com" you are restricted to your MPE home GROUP and any directories under this GROUP (CHROOT is set to logon GROUP). In the case of the Netscape(r) Communicator, after logging in with the same URL, you are not restricted to your home GROUP and in fact you are able to reach the "/" root and traverse ACCOUNTs, GROUPs, directories and view files that you have permissions to read as per the MPE and POSIX security settings. Note: With the Microsoft(r) Internet Explorer you can get to the "/" root with an alternate logon URL of "ftp://manager.sys@host.hp.com/../..". A sample of how to enable POSIX ON as a default for your system: ------------------------------------------------------------ :editor HP32201A.09.00 EDIT/3000 MON, JUL 31, 2000, 7:19 PM (C) HEWLETT-PACKARD CO. 1993 /a 1 POSIX=ON 2 // ... /K SETPARMS.ARPA.SYS,UNN;E END OF SUBSYSTEM : ------------------------------------------------------------ ************************************************************************ PASSIVE command: ************************************************************************ The "PASSIVE" command is an enhancement added to the FTP Client to support third-party transfers. This is an important implementation for sites using "firewall" technology, securing access from users or systems external to their local "Intranet". The support for passive has also been implemented in the FTP server (FTPSRVR). The default mode for FTP is "ACTIVE" mode and with the "DEBUG" command used you can see the FTP Client sends the following port command: ftp> get /SYS/ARPA/OLDPARMS OLDPARMS ---> PORT 15,44,48,51,240,196 The FTP Client now sends the file: ---> RETR /SYS/ARPA/OLDPARMS When specifying the "PASSIVE" command, The FTP Client is now in "PASSIVE" mode and with the "DEBUG" command used you can see the FTP Client now sends the "PASV" command instead of the "PORT" command and waits for the server to reply with the Data IP address and Ports. ftp> passive Passive mode is on. ftp> get /SYS/ARPA/OLDPARMS OLDPARMS ---> PASV The FTP server responds with the reply: 227 Entering Passive Mode (15,70,188,86,251,223). The FTP Client now sends the file: ---> RETR /SYS/ARPA/OLDPARMS ************************************************************************ PASSWORD option: ************************************************************************ The "PASSWORD = ON" SETPARMS.ARPA.SYS configuration option is a security enhancement added to the FTP server (FTPSRVR) to support the ability to restrict the establishment of FTP connections to MPE USER.ACCOUNT's where at least "one" password (a "USER" password or an "ACCOUNT" password) must exist. The system default for this enhancement is "PASSWORD = OFF". This option can be enabled by adding the line "PASSWORD = ON" to the file SETPARMS.ARPA.SYS with a supported text EDITOR. When the SETPARMS.ARPA.SYS file is configured with the "PASSWORD = ON" option, the FTP server (FTPSRVR) will reject any attempt to establish an inbound FTP client connection to the HP e3000 for MPE USER.ACCOUNT's which do not have at least one MPE logon password. The FTP Client will see the following error message: 530 User log on unsuccessful If FTP Console Logging is enabled, the FTP server will generate the following error message to the console: 0:40/#J93/62/FTP INVALID PASSWORD For: "USER.ACCOUNT,PUB" IP=127.0.0.1 ************************************************************************ CONSOLE_LOGGING option: ************************************************************************ The "CONSOLE_LOGGING = ON" SETPARMS.ARPA.SYS configuration option is a security enhancement added to the FTP server (FTPSRVR) to support the "logging" of MPE session logon attempts (success and failure) on inbound FTP connections to the HP e3000 system. These messages are logged on the system console as well as to the MPE system logfiles. The system default for this enhancement is "CONSOLE_LOGGING = ON". This option can be disabled by adding the line "CONSOLE_LOGGING = OFF" to the file SETPARMS.ARPA.SYS with a supported text EDITOR. The following types of messages will be logged to the HP e3000 system console as well as to the MPE system logfiles: 1:27/#J93/75/FTP OPEN For: "MANAGER.SYS,PUB" IP=127.0.0.1 0:40/#J93/62/FTP INVALID LOGON For: "INVLUSER.SYS" IP=127.0.0.1 0:40/#J93/62/FTP INVALID PASSWORD For: "MANAGER.SYS,PUB" IP=127.0.0.1 1:35/#J93/75/FTP CLOSE IP=127.0.0.1 ************************************************************************ SITE STREAM command: ************************************************************************ The "SITE STREAM" command is an enhancement added to the FTP server (FTPSRVR) to support the execution "STREAM" of a MPE batch job file from a FTP client which has already established a connection to the HP e3000. Syntax: SITE STREAM {file-name} The "SITE STREAM" file-name value is a MPE file name. The file name is assumed to be a valid MPE job stream file and the MPE command ":STREAM {file-name}" is executed against this file. The return value from this command is "200 STREAM command ok." or in the case of an error executing this command a "550" error with an appropriate MPE error message text is returned. Note: The MPE job number or the MPE job execution output is not returned to FTP. The "SITE STREAM" command now can be turned off by the "SITE_STREAM = OFF" option in the SETPARMS.ARPA.SYS file. ************************************************************************ Configuration rules for FTPHELLO.ARPA.SYS file: ************************************************************************ The "FTPHELLO" Logon Banner configuration file is a security enhancement added to the FTP server (FTPSRVR) to support the display of a welcome message upon connection to the server. The typical contents of this message is a company's "access disclaimer & legal security policy". The following configuration rules apply to the FTPHELLO.ARPA.SYS file: The existence of the file FTPHELLO.ARPA.SYS is the switch which enables this feature. Note: The format of the FTPHELLO.ARPA.SYS file has the following rules: a. This file can be created and edited with a supported editor. This file should be unnumbered, fixed width ASCII with a record-width of no more than 72 bytes and with no more than 24 records. b. Four banner tokens have been implemented: - If line contains '%C' replace it with server CWD. - If line contains '%L' replace it with client host domain name. - If line contains '%R' replace it with server host domain name. - If line contains '%T' replace it with server time. c. The text line returned will be truncated to 72 characters after token substitutions. d. The text lines returned will be truncated to 24 records. The banner will be returned to a FTP Client as an informative "230-" continuation messages terminated by a "230 " message. example: :ftp aleta Name(manager): user.account 230- 230-This system "aleta" is reserved for Network Expert Center use only! 230-Unauthorized use is prohibited by law and people with sticks. 230- 230 User logged on ftp> ************************************************************************ Configuration rules for FTPUSERS.ARPA.SYS file: ************************************************************************ The "FTPUSERS" logon access configuration file is a security enhancement added to the FTP server (FTPSRVR) to support an exclusion list of user logons allowed to connect to the server. The following configuration rules apply to the FTPUSERS.ARPA.SYS file: The existence of the file FTPUSERS.ARPA.SYS is the switch which enables this feature. If FTPUSERS.ARPA.SYS file does not exist FTP will not deny login of any user. An empty FTPUSERS.ARPA.SYS file will not deny login of any user. Note: The format of the FTPUSERS.ARPA.SYS file has the following rules: a. This file can be created and edited with a supported editor. This file should be unnumbered, fixed width ASCII with a record-width of no more than 72 bytes. The physical limit to this file is 4GB, but performance will be the actual limiting factor. b. The usernames must appear in the file FTPUSERS.ARPA.SYS one per line. c. The MPE usernames can be specified in two formats: - {username}.{accountname}: The specific user from the specific account would not be allowed to login. - {accountname}: All the users from the specified account would not be allowed to login. d. Comments start with "#" and must not begin after any username. Any line containing a "#" will be considered a comment line. e. Users with SM capability (like MANAGER.SYS) are not restricted by the FTPUSERS configuration. f. Specification of the accountname or username.accountname should not include leading or trailing whitespace character(s). g. Specification of the accountname or username.accountname is not case sensitive. h. In the case of redundant entries, the first entry match to exclude an accountname or username.accountname is used. i. Invalid entries will silently be ignored. The FTP Client will see the following error message: 530 Logon failed, restricted in FTPUSERS. Error in login. (FTPERR 65) If FTP Console Logging is enabled, the FTP server will generate the following error message to the console: 11:27/#J118/74/FTP LOGON RESTRICTED FOR: "{username}" IP=127.0.0.1 Example: EXTERNAL.PROD TEST OPERATOR.SYS ************************************************************************ LOG_COMMANDS option: ************************************************************************ The "LOG_COMMANDS = ON" SETPARMS.ARPA.SYS configuration option is a security enhancement added to the FTP server (FTPSRVR) and FTP client to support the "logging" of FTP internal commands sent and received for both the FTP Client and FTP server. These messages are logged in FTPLOG##.ARPA.SYS. Note: The format of the FTPLOG##.ARPA.SYS file has the following rules: a. The FTPLOG##.ARPA.SYS file is automatically built by the FTP Client or the FTP server. b. The file name for logging would be FTPLOG##.ARPA.SYS where ##=00-99. c. The limit of the number of records before a logfile is switched is 65500. d. The data format of the logging data fields are ":" delimited to support importing this data to spreadsheet applications. e. The date/time stamps are of the system performing the logging, not of the remote system. The data format of the logging data fields is: yyyy/mm/dd:hh.mm.ss:#J/#S:jobname,user.account:ip.ip.ip.ip:C/S :FTP Commands: Where: :yyyy/mm/dd:hh.mm.ss: = Date/Time Stamp of the command executed :#J/#S: = The MPE Job/Session number :jobname,user.account: = MPE logon :ip.ip.ip.ip: = IP address of the non-local system :C/S: = FTP Client or FTP server is performing the logging :FTP Commands: = FTP internal client/server command. Example: 2005/04/07:14.50.28:#S183:A4450693,MANAGER.SYS:16.113.9.92:C:USER MANAGER.SYS: 2005/04/07:14.50.28:#J118:JINETD,MANAGER.SYS:127.0.0.1:S:USER MANAGER.SYS: 2005/04/07:14.50.40:#S183:A4450693,MANAGER.SYS:16.113.9.92:C:PASS **: 2005/04/07:14.50.40:#J118:MANAGER.SYS:127.0.0.1:S:SYST: 2005/04/07:14.50.40:#S183:A4450693,MANAGER.SYS:16.113.9.92:C:SYST: 2005/04/07:14.50.40:#J118:MANAGER.SYS:127.0.0.1:S:SITE MPE/iX FTP Client [A0012S 2005/04/07:14.50.40:#S183:A4450693,MANAGER.SYS:16.113.9.92:C:SITE MPE/iX FTP Cli 2005/04/07:14.50.41:#S183:A4450693,MANAGER.SYS:16.113.9.92:C:TYPE I: 2005/04/07:14.50.41:#J118:MANAGER.SYS:127.0.0.1:S:TYPE I: 2005/04/07:14.50.41:#S183:A4450693,MANAGER.SYS:16.113.9.92:C:SITE TIMEOUT 900: 2005/04/07:14.50.41:#J118:MANAGER.SYS:127.0.0.1:S:SITE TIMEOUT 900: 2005/04/07:14.50.45:#S183:A4450693,MANAGER.SYS:16.113.9.92:C:RNFR X: 2005/04/07:14.50.45:#J118:MANAGER.SYS:127.0.0.1:S:RNFR X: 2005/04/07:14.50.45:#S183:A4450693,MANAGER.SYS:16.113.9.92:C:RNTO X: 2005/04/07:14.50.45:#J118:MANAGER.SYS:127.0.0.1:S:RNTO X: 2005/04/07:14.50.45:#S183:A4450693,MANAGER.SYS:16.113.9.92:C:SITE BUILDPARMS X: 2005/04/07:14.50.45:#J118:MANAGER.SYS:127.0.0.1:S:SITE BUILDPARMS X: 2005/04/07:14.50.45:#S183:A4450693,MANAGER.SYS:16.113.9.92:C:PORT 127,0,0,1,169, 2005/04/07:14.50.45:#J118:MANAGER.SYS:127.0.0.1:S:PORT 127,0,0,1,169,167: 2005/04/07:14.50.45:#S183:A4450693,MANAGER.SYS:16.113.9.92:C:SITE FILELABEL RETR 2005/04/07:14.50.45:#J118:MANAGER.SYS:127.0.0.1:S:SITE FILELABEL RETR X: 2005/04/07:14.50.46:#S183:A4450693,MANAGER.SYS:16.113.9.92:C:SITE USER_LABELS X: 2005/04/07:14.50.46:#J118:MANAGER.SYS:127.0.0.1:S:SITE USER_LABELS X: 2005/04/07:14.50.46:#S183:A4450693,MANAGER.SYS:16.113.9.92:C:PORT 127,0,0,1,169, 2005/04/07:14.50.46:#J118:MANAGER.SYS:127.0.0.1:S:PORT 127,0,0,1,169,168: 2005/04/07:14.50.46:#J118:MANAGER.SYS:127.0.0.1:S:RETR X: 2005/04/07:14.50.46:#S183:A4450693,MANAGER.SYS:16.113.9.92:C:RETR X: 2005/04/07:14.50.49:#J118:MANAGER.SYS:127.0.0.1:S:QUIT: 2005/04/07:14.50.49:#S183:A4450693,MANAGER.SYS:16.113.9.92:C:QUIT: Note: Once this feature is enabled, it will be important for users to archive and purge the FTPLOG## files. ************************************************************************ LOG_TRANSFERS option: ************************************************************************ The "LOG_TRANSFERS = ON" SETPARMS.ARPA.SYS configuration option is a security enhancement added to the FTP server (FTPSRVR) and FTP client to support the "logging" of FTP file transfer statistics for files sent and received for both the FTP client and FTP server. These messages are logged in FTPLOG##.ARPA.SYS. Note: The format of the FTPLOG##.ARPA.SYS file has the following rules: a. The FTPLOG##.ARPA.SYS file is automatically built by the FTP Client or the FTP server. b. The file name for logging would be FTPLOG##.ARPA.SYS where ##=00-99. c. The limit of the number of records before a logfile is switched is 65500. d. The data format of the logging data fields are ":" delimited to support importing this data to spreadsheet applications. e. The date/time stamps are of the system performing the logging, not of the remote system. The data format of the logging data fields is: yyyy/mm/dd:hh.mm.ss:#J/#S:jobname,user.account:ip.ip.ip.ip:C/S :FTP Commands:I/O:I/A/B:bytes_received:seconds:Kbytes/sec: Where: :yyyy/mm/dd:hh.mm.ss: = Date/Time Stamp of the command executed :#J/#S: = The MPE Job/Session number :jobname,user.account: = MPE logon :ip.ip.ip.ip: = IP address of the non-local system :C/S: = FTP client or FTP server is performing the logging :FTP Commands: = Shortened FTP internal client/server file transfer command. :I/O: = Transfer request is Inbound or Outbound of this system :I/A/B: = Transfer Mode = Image (binary), ASCII, Byte Stream :bytes_received = Bytes received for entire file transfer :seconds: = Time in seconds for entire file transfer. :Kbytes/sec: = Kilobytes transferred per second. Note: The transfer statistics are the approximately the same as displayed at the FTP command line following a get/mget. 1127456 bytes received in 0.84 seconds (1317.02 Kbytes/sec) Example: 2005/04/07:14.53.23:#J118:MANAGER.SYS:127.0.0.1:S:RETR x:O:I:1127456:0.57:1924.8 2005/04/07:14.53.24:#S183:A4450693,MANAGER.SYS:16.113.9.92:C:RETR x:I:I:1127456: Note: Once this feature is enabled, it will be important for users to archive and purge the FTPLOG## files. ************************************************************************ SITE_CHMOD option: ************************************************************************ The "SITE_CHMOD = ON" SETPARMS.ARPA.SYS configuration option is a security enhancement added to the FTP server to support the ability for an inbound FTP Client to send a "SITE CHMOD {fileaccess} {filename}" command following a inbound file transfer. where: {fileaccess} are standard POSIX file access definition bytes. {filename} is a file name specified in POSIX HFS name space in the format "filename" or "/DIRECTORY/filename" and is case sensitive. note: The functionality of "SITE CHMOD" is limited to the documented syntax only. Additional features of "SITE CHMOD" present on other systems have not been implemented in FTP/iX. Specifically the "[A/O/G/U][+/-][R/W/X]" syntax is not supported. The valid numeric range for {fileaccess} is from 000 thru 777. Example: ftp> site chmod 555 filename The FTP Client will see the following message: 200 CHMOD command ok. ************************************************************************ SITE_CHOWN option: ************************************************************************ The "SITE_CHOWN = ON" SETPARMS.ARPA.SYS configuration option is a security enhancement added to the FTP server to support the ability for an inbound FTP Client to send a... "SITE CHOWN {new-username[:groupname]} {filename}" ...command following a inbound file transfer. where: {new-username} is a valid MPE USER.ACCOUNT logon. [:groupname] is a valid MPE ACCOUNT {filename} is a file name specified in POSIX HFS name space in the format "filename" or "/DIRECTORY/filename" and is case sensitive. note: The functionality of "SITE CHOWN" is limited to the documented syntax only. Additional features of "SITE CHOWN" present on other systems have not been implemented in FTP/iX. Example: ftp> site chown MANAGER.SYS filename The FTP Client will see the following message: 200 CHOWN command ok. ************************************************************************ NETRC file: ************************************************************************ The "NETRC" file is an enhancement added to the FTP Client to support an automated logon to a remote host. A security enhancement has since been added to the "NETRC" file to permit read access by the FTP client to a "NETRC" file which is secured by setting the file access to "eXecute" and limiting all other access. Syntax: machine ["]machine_name["] login ["]user["] password ["]passwd["] or default login ["]user["] password ["]passwd["] Example: machine "HPSYS" login "MANAGER.SYS" password "USERPASS,ACCTPASS" or default login "MGR.TELESUP" password "USERPASS,ACCTPASS" The file is called "NETRC.{home-group}. File equations can be used. Syntax: :file NETRC.{home-group}=NETRC.{other-group}.{other-account} Note: The format of the NETRC.{home-group} file has the following rules: a. This file can be created and edited with a supported editor. This file should be unnumbered, fixed width ASCII with a record-width of no more than 72 bytes. b. The syntax for each line of the file is: machine ["]machine_name["] login ["]user["] password ["]passwd["] or default login ["]user["] password ["]passwd["] c. There should be at most one "default" entry per file. d. Each of the tokens "machine", "login", "password" and "default" must match exactly, and must be in lower-case. e. Each token must be separated by any number of SPACE or TAB characters. f. Each {string} identifier may be encapsulated by double-quotes, i.e. e.g., machine "HPSYS" login "MGR.TELESUP" password "USERPASS,ACCTPASS" And machine HPSYS login MGR.TELESUP password USERPASS,ACCTPASS are equivalent. This feature would be useful when a space is embedded as part of a password, for example. g. The node name specified in the netrc file is "CaSe SeNsItIvE" and must match the case of the node name specified in the open command. Note: unencrypted passwords stored in a file like this constitute a security risk. If this is a problem, try the following command: :altsec NETRC.{home-group}.{account};access=(R,A,W,L:CR;X:AC) Additional security can be applied by implementing ACD's for the NETRC file specifying which users have "eXecute" access. ************************************************************************ DEBUG_PASSWORD option: ************************************************************************ The "DEBUG_PASS = OFF" SETPARMS.ARPA.SYS configuration option is a security enhancement added to the FTP server to default the "debug" command display to report "---> PASS ********" rather than "---> PASS userpass,acctpass". This security enhancement has been added in concert with enhanced NETRC "eXecute" security. The "debug" command at the FTP client prompt puts FTP into diagnostic mode. The FTP client and server internal commands are displayed to the $stdlist of the client in this mode. If "debug" is specified before an open, then after the user is prompted for logon passwords with echo disabled or a NETRC file is processed, the "debug" mode would then display "---> PASS userpass,acctpass". :ftp ftp> debug ftp> o system Name(manager): MGR.TEST ---> USER MGR.TEST 331 Password required for MGR.TEST. Syntax: userpass Password: ---> PASS PASS {password is displayed} The new default is for the FTP client with "DEBUG" mode to display "---> PASS ********". :ftp ftp> debug ftp> o system Name(manager): MGR.TEST ---> USER MGR.TEST 331 Password required for MGR.TEST. Syntax: userpass Password: ---> PASS ******** {password is not displayed} The SETPARMS file can be modified to return the original functionality for troubleshooting logon passwords to a FTP server by specifying "DEBUG_PASS = ON". ************************************************************************ Configuration rules for SETPARMS.ARPA.SYS file: ************************************************************************ The "SETPARMS" file is the global configuration file for optional & new functionality in both the FTP client (FTP) and the FTP server (FTPSRVR). The following configuration rules apply to the SETPARMS.ARPA.SYS file: CONSOLE_LOGGING = {ON/OFF} DEBUG_PASS = {ON/OFF} LOG_COMMANDS = {ON/OFF} LOG_TRANSFERS = {ON/OFF} PASSWORD = {ON/OFF} PERMISSION_DELETE = {ON/OFF} PERMISSION_OVERWRITE = {ON/OFF} PERMISSION_RENAME = {ON/OFF} POSIX = {ON/OFF} SITE_CHMOD = {ON/OFF} SITE_CHOWN = {ON/OFF} SITE_STREAM = {ON/OFF} Note: The format of the SETPARMS.ARPA.SYS file has the following rules: a. This file can be created and edited with a supported editor. This file must be unnumbered, fixed width ASCII with a record-width of no more than 72 bytes. b. Upper/Lower case letters can be used. c. Blank spaces are not a problem. d. The parameters can be entered in the file in any order. e. Only the following keywords are allowed: CONSOLE_LOGGING, DEBUG_PASS, LOG_COMMANDS, LOG_TRANSFERS, PASSWORD, PERMISSION_DELETE, PERMISSION_OVERWRITE, PERMISSION_RENAME, POSIX, SITE_CHMOD, SITE_CHOWN and SITE_STREAM f. Invalid keywords or parameters are silently ignored. g. By default if these keywords are not in SETPARMS.ARPA.SYS or if the SETPARMS.ARPA.SYS file does not exist the following are the defaults: console_logging = on debug_pass = off log_commands = off log_transfers = off password = off permission_delete = on permission_overwrite = on permission_rename = on posix = off site_chmod = off site_chown = off site_stream = on A sample of how to enable options as a default for your system: ------------------------------------------------------------ :editor HP32201A.09.00 EDIT/3000 MON, JUL 31, 2000, 7:19 PM (C) HEWLETT-PACKARD CO. 1993 /a 1 site_chmod=ON 2 // ... /k SETPARMS.ARPA.SYS,UNN;E END OF SUBSYSTEM : ------------------------------------------------------------ ************************************************************************ Configuration rules for FTPACCES.ARPA.SYS file "noretrieve" option: ************************************************************************ The "FTPACCES" file access configuration file is a security enhancement added to the FTP server (FTPSRVR) to support an exclusion list of files accessible with the FTP GET and MGET commands. The following configuration rules apply to the FTPACCES.ARPA.SYS file: The existence of the file FTPACCES.ARPA.SYS is the switch which enables this feature. If FTPACCES.ARPA.SYS file does not exist FTP will not deny access of any file. An empty FTPACCES.ARPA.SYS file will not deny access of any file. The syntax of the "noretrieve" option is: noretrieve {file}|{/directory/file}|{/directory/}|{repeat} The following three formats of the "noretrieve" option are supported in the FTPACCES.ARPA.SYS: a. noretrieve /file1 /dir/file2 /dir/dir/file3 /ACCT/GROUP/FILE4 b. noretrieve file5 File6 FILE7 c. noretrieve /dir/ /dir/dir/ /ACCT/ /ACCT/GROUP/ Note: The format of the FTPACCES.ARPA.SYS file has the following rules: a. This file can be created and edited with a supported editor. This file must be unnumbered, fixed width ASCII with a record-width of no more than 255 bytes. The physical limit to this file is 4GB, but performance will be the actual limiting factor. b. The entry "noretrieve {filelist}" is a space-separated list of file names specified in three formats that can be intermixed; this is a list of files that can not be retrieved, either by get or mget. If one line can not contain the whole list of files that the owners want to make non-retrievable, multiple lines starting with "noretrieve" can be used. Leading or trailing white space character(s) are considered file name delimiters. c. All files or file sets specified in the filelist must follow the POSIX HFS notation (not the traditional MPE FILE.GROUP.ACCOUNT syntax). i. In the first format "absolute path" names (meaning the name begins with a slash, "/") will deny access to a single file. For example "noretrieve /tmp/syslog.log". A traditionally named MPE file FILE.GROUP.ACCT must be specified as /ACCT/GROUP/FILE, all in uppercase. For example "noretrieve /SYS/PUB/CATALOG". ii. In the second format "simple" file names (meaning file names that do not include a slash) will deny access to all files with that exact name "regardless of location" in / or any /directory/, or any /ACCT/directory/, or any /ACCT/GROUP/. Example: "noretrieve NETRC" would deny access to the file "NETRC" at /NETRC, /tmp/NETRC, /SYS/NETRC and /SYS/NET/NETRC. Note: This filelist specification is case-sensitive because this is the specification for POSIX file naming conventions, it means that "NETRC" is a different file than "Netrc" and "netrc". iii. In the third format "absolute path" names terminated with a slash "/" (meaning the directory name or account name or group name ends with a slash, "/") will deny access to all files in a /directory/, /ACCT/, /ACCT/GROUP/, /ACCT/directory/ or /ACCT/GROUP/directory/. For example "noretrieve /SYS/PUB/" denies access to all traditionally named MPE files in @.PUB.SYS as well as any HFS-name files or directories found within or under /SYS/PUB. Likewise "noretrieve /etc/" denies access to all files contained in the directory /etc/. d. The FTPACCES file supports only three commands (chroot, noretrieve and # "comment"); invalid commands are silently ignored. Invalid parameters to the "chroot" and "noretrieve" commands will be reported to the file FTPLOG.ARPA.SYS, including invalid POSIX characters (e.g. "+" or "-"), wild card characters (e.q. "@" or "*"), and incorrectly specified or relative pathnames (e.q. "./dir", "./../" or "./../dir"). Note: These errors are reported when FTPSRVR is forked "created" by INETD. e. In any line all characters after hash (#) are considered as comment and are ignored. f. Users with SM capability (like MANAGER.SYS) are not restricted by the FTPACCES configuration. ---------------------------------------------------------------------- A sample of how to set file access restrictions for your system: ------------------------------------------------------------ /SYS/WORK: editor HP32201A.09.00 EDIT/3000 SUN, FEB 26, 2006, 5:20 PM (C) HEWLETT-PACKARD CO. 1993 /set length=255 /set right=255 /a 1 # FTPACCES.ARPA.SYS noretrieve files. 2 noretrieve /SYS/PUB/ 3 noretrieve NETRC 4 noretrieve .netrc 5 noretrieve /SYS/ARPA/FTPACCES 6 // ... /k FTPACCES.ARPA.SYS,UNN;E END OF SUBSYSTEM : ------------------------------------------------------------ ********************************************************************** Configuration rules for FTPACCES.ARPA.SYS file "chroot" option: ********************************************************************** The "chroot" FTPACCES.ARPA.SYS configuration option is a security enhancement added to the FTP Server to limit inbound FTP client commands cd, put, get, mput, mget and dir to the configured "current working directory" (CWD) and below. With chroot enabled, users would be unable to (cd) move up (towards slash "/" root), (dir) view file list and (put, get, mput & mget) access files up the directory structure. The following configuration rules apply to the FTPACCES.ARPA.SYS file: The existence of the file FTPACCES.ARPA.SYS is the switch that enables this feature. If FTPACCES.ARPA.SYS file does not exist FTP will not deny access of any directory. An empty FTPACCES.ARPA.SYS file will not deny access of any directory. The syntax of the chroot option is: chroot {user}|{@}.{account}|{@} {empty}|{/ACCT/GROUP}|{/{directory} The following eight formats of the "chroot" option are supported in the FTPACCES.ARPA.SYS: a. chroot user.acct root_dir - The specified user is chroot'd to root_dir. b. chroot user.acct - The specified user is chroot'd to their home group. c. chroot @.acct root_dir - All the users from the specified account are chroot'd to root_dir. d. chroot @.acct - All the users from the specified account are chroot'd to the user's home group. e. chroot user.@ root_dir - The user at all accounts are chroot'd to root_dir. f. chroot user.@ - The user at all accounts are chroot'd to their home group. g. chroot @.@ root_dir - All users are chroot'd to root_dir. h. chroot @.@ - All users are chroot'd to their home group. Note: The format of the FTPACCES.ARPA.SYS file has the following rules: a. This file can be created and edited with a supported editor. This file must be unnumbered, fixed width ASCII with a record-width of no more than 255 bytes. The physical limit to this file is 4GB, but performance will be the actual limiting factor. b. The entry "chroot {command}" is one line per command request of logon user.acct name specifying the home logon directory where the root "/" is set. c. The logon "user.acct" parameter of the chroot command must be specified in MPE user.acct notation and accepts no wildcards except '@' which is supported in user.acct; '@' can be used only in the three formats '@.@' or '@.acct' or 'user.@' but not in the format's of 'use@.acct' or 'user.@acct'. d. The "root_dir" parameter of the chroot command must be specified in the POSIX HFS notation (not traditional MPE FILE.GROUP.ACCOUNT syntax) using an absolute pathname from root (meaning the name begins with a slash, "/"). A traditional named MPE GROUP.ACCOUNT must be specified as /ACCOUNT/GROUP all in uppercase. Specification of directories outside of MPE file space are case sensitive and can be any combination of upper case & lower case and must exactly match the actual directory. e. The precedence of the eight chroot formats is: a>b>c>d>e>f>g>h irrespective of their occurrence in the FTPACCES file. f. The FTPACCES file supports only three commands (chroot, noretrieve and # "comment"); invalid commands are silently ignored. Invalid parameters to the "chroot" and "noretrieve" commands will be reported to the file FTPLOG.ARPA.SYS, including invalid POSIX characters (e.g. "+" or "-"), wild card characters (e.q. "@" or "*"), and relative pathnames (e.q. "./dir", "./../" or "./../dir"). Note: These errors are reported when FTPSRVR is forked "created" by INETD. g. In any line all characters after hash (#) are considered as comment and hence are ignored. h. The "root_dir" parameter of the chroot command takes precedence over the user.account,group logon string and the user's MPE configured home group. i. Users with SM capability (like MANAGER.SYS) are not restricted by any FTPACCES chroot configuration. j. Anonymous FTP will continue to logon the FTP special users "anonymous" and "ftp" to /FTPGUEST/PUB regardless of any matching user.account CHROOT entries in the FTPACCES file (i.e. anonymous FTP completely ignores CHROOT). k. Chroot does not follow links. This is consistent with the behavior thru out FTP/iX. Examples: 1 chroot OPERATOR.SYS /SYS/OPERATOR 2 chroot MGR.SENDMAIL /SENDMAIL 3 chroot @.TELESUP /TELESUP/WORK 4 chroot @.PROD 5 chroot TESTUSER.@ /tmp 6 chroot @.@ /FTPGUEST/PUB In the above examples 1. The user OPERATOR.SYS is limited to the group /SYS/OPERATOR/ and any directories under /SYS/OPERATOR/. 2. The user MGR.SENDMAIL is limited to all of the groups and directories in the SENDMAIL account: /SENDMAIL/, /SENDMAIL/A0200/ and /SENDMAIL/PUB/. 3. The users of the TELESUP account are limited to the group /TELESUP/WORK and any directories under /TELESUP/WORK/. 4. The users of the PROD account are limited to their home group and any directories under their home group. 5. All TESTUSER in all accounts are limited to the /tmp directory of the system and any directories under the /tmp directory. 6. All remaining users of the system are limited to the PUB group of the FTPGUEST account and any directories under the /FTPGUEST/PUB/ directory. note: Precedence is specified user.acct > @.acct > user.@ > @.@. A sample of how to set file access restrictions for your system: ------------------------------------------------------------ /SYS/WORK: editor HP32201A.09.00 EDIT/3000 SUN, FEB 26, 2006, 5:20 PM (C) HEWLETT-PACKARD CO. 1993 /set length=255 /set right=255 /a 1 # FTPACCES.ARPA.SYS chroot logon. 2 chroot OPERATOR.SYS /SYS/OPERATOR 3 chroot MGR.SENDMAIL /SENDMAIL 4 chroot @.TELESUP /TELESUP/WORK 5 chroot @.PROD 6 chroot TESTUSER.@ /tmp 7 chroot @.@ /FTPGUEST/PUB 8 // ... /k FTPACCES.ARPA.SYS,UNN;E END OF SUBSYSTEM : ------------------------------------------------------------ ********************************************************************** PERMISSION_DELETE, PERMISSION_OVERWRITE, PERMISSION_RENAME options: ********************************************************************** The "PERMISSION_DELETE", "PERMISSION_OVERWRITE" and "PERMISSION_RENAME" SETPARMS.ARPA.SYS configuration options are security enhancements added to the FTP Server to support the ability to limit the inbound FTP Client commands del, put, mput and rename. Users would be able to put files to file names that did not already exist, but depending on the configured "PERMISSION_" set to "OFF" they could not delete, rename or modify a file that already exist. note: a. The default setting for each of these options is "ON", which does not deny access and is the default implementation prior to this enhancement. b. Users with SM capability (like MANAGER.SYS) are not restricted by the these configuration options. A sample of how to enable permissions as a default for your system: ------------------------------------------------------------ :editor HP32201A.09.00 EDIT/3000 MON, JUL 31, 2000, 7:19 PM (C) HEWLETT-PACKARD CO. 1993 /a 1 permission_delete = off 2 permission_overwrite = off 3 permission_rename = off 4 // ... /k SETPARMS.ARPA.SYS,UNN;E END OF SUBSYSTEM : ********************************************************************** --------------------------------------------------------------------------------