With Mac OS X, you can switch the built-in FTP server on and off, but nothing more advanced via the GUI. Read the rest of this hint for some ideas on a better configuration of log files, welcome messages, access rights, and more.
Configuring the built-in FTP server:
Configuring the built-in FTP server:
- Change the FTP server's logging behavior:
With the standard configuration, every FTP connection creates an error message in the system.log which reads:Sep 17 12:03:35 localhost xinetd[339]: service ftp, IPV6_ADDRFORM setsockopt() failed: Protocol not available (errno = 42)
In the Terminal, type sudo pico /etc/xinetd.d/ftp to edit the FTP configuration file. Make it look like this:
This will create a logfile named ftplog.log, which you can see in the Console under the ftp.log entry, and there are no longer FTP entries in the system.log. The server_args and log_on_success lines will create more entries in the logfiles. The flags line (with Ipv4) will delete the error message in the system.log.service ftp { disable = no socket_type = stream wait = no user = root server = /usr/libexec/ftpd server_args = -l -l log_on_success = HOST DURATION log_type = FILE /var/log/ftplog.log groups = yes flags = REUSE IPv4 }
After this is done, get the xinetd process ID with ps ax, and then restart xinetd by typing sudo kill -SIGHUP PID, where PID is the process ID of xinetd. This will restart xinetd, so that your changes take effect. - Create your welcome messages:
Edit or create the file /etc/motd for your server message. Then edit or create the file /etc/ftpwelcomefor your welcome-text - Stop users from exploring outside their home directory:
Edit or create the file /etc/ftpchroot, type only a *, which will allow all users to see their home directory, but nothing more. - Allow or prevent users from using the FTP connection:
Edit or create the file /etc/ftpusers. List all FTP users who will be allowed access:
The * is important, because the script stops here. The users below the * are ignored and cannot connect.ftpuser1 allow ftpuser3 allow * - More useful commands:
If you create your own FTP users, the following commands are useful:
nidump group / -- shows all netinfo groups and users
nidump passwd / -- shows all users
sudo niutil –appendprop / /groups/ftpusers users ftptest -- put the user ftptest in the group ftpusers
•
[31,615 views]

