trusted.solaris.note

wu-ftpd类unix下的ftp服务器,可用于嵌入式系统

/****************************************************************************  
 
  Copyright (c) 1999,2000 WU-FTPD Development Group.  
  All rights reserved.
  
  Portions Copyright (c) 1980, 1985, 1988, 1989, 1990, 1991, 1993, 1994
    The Regents of the University of California.
  Portions Copyright (c) 1993, 1994 Washington University in Saint Louis.
  Portions Copyright (c) 1996, 1998 Berkeley Software Design, Inc.
  Portions Copyright (c) 1989 Massachusetts Institute of Technology.
  Portions Copyright (c) 1998 Sendmail, Inc.
  Portions Copyright (c) 1983, 1995, 1996, 1997 Eric P.  Allman.
  Portions Copyright (c) 1997 by Stan Barber.
  Portions Copyright (c) 1997 by Kent Landfield.
  Portions Copyright (c) 1991, 1992, 1993, 1994, 1995, 1996, 1997
    Free Software Foundation, Inc.  
 
  Use and distribution of this software and its source code are governed 
  by the terms and conditions of the WU-FTPD Software License ("LICENSE").
 
  If you did not receive a copy of the license, it may be obtained online
  at http://www.wu-ftpd.org/license.html.
 
  $Id: Trusted.Solaris.note,v 1.3 2000/07/01 18:52:08 wuftpd Exp $
 
****************************************************************************/

From Scott.Parmenter@trw.com Mon Mar  8 20:30:35 1999
Date: Wed, 03 Mar 1999 12:22:33 -0800
From: Scott Parmenter <Scott.Parmenter@trw.com>
To: wuftplist <wu-ftpd@wugate.wustl.edu>
Subject: Using local passwd files under Solaris

Hi,

Under Trusted Solaris 2.X (which is derived from Solaris 2.X) I had been
unable to get wu-ftpd to get the correct passwd entries after a user had
been chrooted, even though my file structure layout was correct.  It
turns out that nscd (name service cache daemon) was causing me
problems.  There is a delay factor called positive-time-to-live which
determines how long successful hits stay in the cache.  The default is
10 minutes.  So, when a guest user logged in, for the next 10 minutes,
all passwd inquiries were being directed to the cached entry.  This
caused problems when the ftp server tried to chdir() to the user's home
directory after the chroot() had been performed.

To solve this, I added the line
    enable-cache    passwd    no
to /etc/nscd.conf and commented out all other references to passwd
caching.  Next I issued "nscd -f /etc/nscd.conf" (as root) to tell nscd
to update its configuration followed by "nscd -g" to verify the change
in policy.  After this, my guest logins were successful with VR15 using
the guest-root/restricted-uid combination. (Which is really cool, by the
way! :-)

Hope this helps,
Scott