Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
pure-authd(8)			   Pure-FTPd			 pure-authd(8)

NAME
       pure-authd - External authentication agent for Pure-FTPd.

SYNTAX
       pure-authd   [-p	  </path/to/pidfile>]  [-u  uid]  [-g  gid]  [-B]  <-s
       /path/to/socket>	-r /program/to/run

DESCRIPTION
       pure-authd is a daemon that forks an authentication program, waits  for
       an authentication reply,	and feed them to an application	server.

       pure-authd  listens  to	a  local Unix socket. A	new connection to that
       socket should feed pure-authd the following structure:

	      account:xxx

	      password:xxx

	      localhost:xxx

	      localport:xxx

	      peer:xxx

	      end

       (replace	xxx with appropriate values) . localhost, localport  and  peer
       are  numeric  IP	addresses and ports. peer is the IP address of the re-
       mote client.

       These arguments are passed to the authentication	program,  as  environ-
       ment variables:

	      AUTHD_ACCOUNT

	      AUTHD_PASSWORD

	      AUTHD_LOCAL_IP

	      AUTHD_LOCAL_PORT

	      AUTHD_REMOTE_IP

	      AUTHD_ENCRYPTED

       The authentication program should take appropriate actions to fetch ac-
       count info according to these arguments,	and reply to the standard out-
       put a structure like the	following one:

	      auth_ok:1

	      uid:42

	      gid:21

	      dir:/home/j

	      end

       auth_ok:xxx
	      If  xxx  is  0,  the user	was not	found (the next	authentication
	      method passed to pure-ftpd will be tried)	. If xxx  is  -1,  the
	      user was found, but there	was a fatal authentication error: user
	      is root, password	is wrong, account has expired, etc  (next  au-
	      thentication  methods will not be	tried) . If xxx	is 1, the user
	      was found	and successfully authenticated.

       uid:xxx
	      The system uid to	be assigned to that user. Must be > 0.

       gid:xxx
	      The primary system gid. Must be >	0.

       dir:xxx
	      The absolute path	to the home directory. Can contain /./	for  a
	      chroot jail.

       slow_tilde_expansion:xxx	(optional, default is 1)
	      When  the	command	'cd ~user' is issued, it's handy to go to that
	      user's home directory, as	expected in a shell  environment.  But
	      fetching account info can	be an expensive	operation for non-sys-
	      tem accounts. If xxx is 0, 'cd ~user' will expand	to the	system
	      user  home  directory. If	xxx is 1, 'cd ~user' won't expand. You
	      should use 1 in most cases with  external	 authentication,  when
	      your FTP users don't match system	users. You can also set	xxx to
	      1	if you're using	slow nss_* system authentication modules.

       throttling_bandwidth_ul:xxx (optional)
	      The allocated bandwidth for uploads, in bytes per	second.

       throttling_bandwidth_dl:xxx (optional)
	      The allocated bandwidth for downloads, in	bytes per second.

       user_quota_size:xxx (optional)
	      The maximal total	size for this account, in bytes.

       user_quota_files:xxx (optional)
	      The maximal number of files for this account.

       ratio_upload:xxx	(optional)

       radio_download:xxx (optional)
	      The user must match a ratio_upload:ratio_download	ratio.

       Only one	authentication program is forked at a  time.  It  must	return
       quickly.

OPTIONS
       -u <uid>
	      Have the daemon run with that uid.

       -g <gid>
	      Have the daemon run with that gid.

       -B     Fork in background (daemonization).

       -s </path/to/socket>
	      Set the full path	to the local Unix socket.

       -r </path/to/program>
	      Set the full path	to the authentication program.

       -h     Output help information and exit.

EXAMPLES
       To run this program the standard	way type:

       pure-authd -s /var/run/ftpd.sock	-r /usr/bin/my-auth-program &

       pure-ftpd -lextauth:/var/run/ftpd.sock &

       /usr/bin/my-auth-program	can be as simple as:
	      #! /bin/sh

	      echo 'auth_ok:1'

	      echo 'uid:42'

	      echo 'gid:21'

	      echo 'dir:/home/j'

	      echo 'end'

AUTHORS
       Frank DENIS <j at pureftpd dot org>

SEE ALSO
       ftp(1),	 pure-ftpd(8)	pure-ftpwho(8)	pure-mrtginfo(8)  pure-upload-
       script(8) pure-statsdecode(8)  pure-pw(8)  pure-quotacheck(8)  pure-au-
       thd(8)

       RFC 959,	RFC 2389, RFC 2228 and RFC 2428.

Pure-FTPd team			    1.0.46			 pure-authd(8)

NAME | SYNTAX | DESCRIPTION | OPTIONS | EXAMPLES | AUTHORS | SEE ALSO

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=pure-authd&sektion=8&manpath=FreeBSD+12.1-RELEASE+and+Ports>

home | help