SUMMARY: anonymous FTP account in 2.4 set up

From: Jeffrey Marans (jeff@erie.irc.nrc.ca)
Date: Tue Jun 13 1995 - 08:10:13 CDT


Rajiv.Thomas@Canada.Sun.COM sent me a shell script I'm including below.
Thanks to all who replied, and especially to RT whose script did the
trick.

--------------------------------------------------------------------------------
#!/bin/sh

# This is a simple script to setup an anonymous ftp server on
# Solaris 2.x
#
# Brian A. Onn; Fri Aug 7 11:08:55 EDT 1992 (Brian.Onn@Sun.COM)
# Thanks to Gene Saunders (Gene.Saunders@West.Sun.COM) for the initial work
#
# Operation Commitment
# Solaris 2.0 Migration Support Center

PATH=/sbin:/usr/sbin:/usr/bin:/etc export PATH
g="\007" # a bell character

#
# some support functions first
#

# find a uid/gid that's not in use, searching down from the
# argument uid or gid
# ie: findnewid uid 50000 - returns the first uid available to use <= 50000
findnewid() {
    start=$2
    case $1 in
        uid) field=3 ;;
        gid) field=4 ;;
        *) return 0 ;;
    esac
    # build the list of uids/gids to search
    cat /etc/passwd | cut -f$field -d: | sort -n | uniq > /tmp/id.$$
    while fgrep -s $start /tmp/id.$$; do
        start=`expr $start - 1`
        if test $start = 0; then break; fi
    done
    rm /tmp/id.$$
    return $start
}

# ask for a Y or N response, with a default. return 0 if Yes.
# ie: if yes "Y"; then ...
yes() {
    ans=
    while test "1$ans" = "1"; do
        echo "(Yes or No) [$1]? \c "
        read ans
        if test "1$ans" = "1"; then
            ans="$1"
        fi
        case "$ans" in
            y*|Y*) return 0 ;;
            n*|N*) return 1 ;;
            *) ans= ;;
        esac
    done
}
    
# prompt the user, with a default answer. Don't allow ':' if $3 == p
ask() {
    ans=
    while test "1$ans" = "1"; do
        echo "$1" " [$2]? \c"
        read ans
        if test "1$ans" = "1"; then
            ans="$2"
        fi
        if test "1$3" = "1p"; then
            if test `expr "$ans" : ".*:.*"` != 0; then
                echo ">> The character ':' is not permitted <<$g"
                ans=
            fi
        fi
    done
}

##
# The main script starts below here
##

# Are we running Solaris?
case "`uname -r`" in
        5*) : ;;
        *) echo "Sorry, this script only runs on Solaris 2.x"
                exit 1
                ;;
esac

clear
cat <<!

This script will assist you in setting up an anonymous FTP server
on Solaris 2.x systems.

You will be asked several questions, with a default answer given in
square brackets after each question. To accept the default answer,
simply press the RETURN key. If you don't want to accept the default,
simply type in the value you do want and press RETURN.

If an FTP server is already setup on your system, this script will
not harm any data already installed in the FTP directory. You
may need to manually copy files to the new directory if it is
different from the existing one, however.

!
echo "\nDo you wish to continue \c"
if yes "Y"; then
    : # ok, let's go
else
    echo "Setup of FTP server aborted by the user"
    exit 1
fi

# are we root?
if test "`who am i | cut -d' ' -f1`" != root; then
    echo "\nSorry, you must be root to run this script$g"
    exit 1
fi

#check if an ftp account already exists
oldhome=
if egrep -s "^ftp:" /etc/passwd; then
        echo "\nThe ftp account already exists."
        echo "Do you want to continue setting up the FTP server \c"
        if yes "N"; then
                oldhome=`getent passwd ftp | cut -f6 -d:`
                # delete the existing ftp account from the passwd file
                echo "Deleting the existing password entry for 'ftp'"
                chown ftp $oldhome
                userdel ftp

        else
                echo "Setup of FTP server aborted by the user"
                exit 1
        fi
fi

# create the ftp account, starting from the noaccess account
findnewid uid 60002; uid=$?
findnewid gid 60002; gid=$?
if test $uid = 0 -o $gid = 0; then
    echo "I can't find a uid/gid to use!"
    exit 1
fi
echo ""
ask "Default FTP uid to use" $uid p
uid="$ans"
ask "Default FTP gid to use" $gid p
gid="$ans"
home=/export/ftp
ask "Default FTP home directory" $home p
home="$ans"
shell="*NOSHELL*"
ask "Default FTP shell" $shell p
shell="$ans"
comment="The FTP account"
ask "Comment field" "$comment" p
comment="$ans"

echo "Creating the new password and group entries"
if getent group ftp > /dev/null 2>&1 ; then
        groupdel ftp > /dev/null 2>&1
fi
groupadd -g $gid ftp > /dev/null 2>&1

# we need a /etc/nsswitch.conf file that only looks at the files databases
# before we do the useradd command, otherwise, it may fail if it finds
# a match in NIS or NIS+ We also need a blank skeleton file.
# Note: useradd will not allow me to create a user with a shell entry of
# *NOSHELL*, since it's not a valid shell (that's the point, though).
# For now, the shell selected by the user is ignored, and /sbin/sh is
# the default. This isn't a real problem, since the account is locked
# when it is created anyways.
#
mkdir /tmp/skel.$$
awk '
        $1 == "passwd:" { print "passwd: files"; next }
        $1 == "group:" { print "group: files"; next }
        { print $0 }
    '< /etc/nsswitch.conf > /etc/nsswitch.tmp

mv /etc/nsswitch.conf /etc/nsswitch.conf.org
mv /etc/nsswitch.tmp /etc/nsswitch.conf
useradd -u "$uid" -g "$gid" -d "$home" -c "$comment" -m -k /tmp/skel.$$ ftp > /dev/null 2>&1
mv /etc/nsswitch.conf.org /etc/nsswitch.conf
rmdir /tmp/skel.$$

# fill the directory tree
cd $home
if test $? != 0; then
        echo "I can't change directory to $home!"
        exit 1
fi
echo "Creating the FTP account directory structure"
mkdir bin dev etc pub tmp usr usr/lib > /dev/null 2>&1
chmod 555 . bin dev etc pub usr usr/lib
chmod 777 tmp
chown bin . bin dev etc pub usr usr/lib
chown ftp tmp
cd $home/dev
(cd /dev; tar chf - tcp zero) | tar xf -
chmod 644 tcp zero
cd $home/usr/lib
for i in ld libc libdl libintl libw; do
    cp /usr/lib/$i.so.1 .
done
chmod 444 *
chmod 111 ld.so.1
cp /etc/netconfig $home/etc
chmod 444 $home/etc/netconfig
cp /bin/ls $home/bin
chmod 111 $home/bin/ls

echo "\nDo you want the ftp user to see user and group"
echo "names on directory listings \c"
if yes "Y"; then
    cp /etc/group $home/etc/group
    cat > $home/etc/passwd <<!
root:*NOPASSWD*:0:1:0000-Admin(0000):/:*NOSHELL*
bin:*NOPASSWD*:2:2:0000-Admin(0000):/bin:*NOSHELL*
ftp:*NOPASSWD*:$uid:$gid:$comment:/:*NOSHELL*
!
    cp /usr/lib/nswfiles.so $home/usr/lib
    chmod 444 $home/etc/group $home/etc/passwd
    chmod 444 $home/usr/lib/nswfiles.so
else
    rm -rf $home/etc/passwd $home/etc/group $home/usr/lib/nswfiles.so
fi

if test "1$oldhome" != 1 -a "$home" != "$oldhome" ; then
    echo ""
    echo "The original FTP directory '$oldhome' may contain files that"
    echo "you'll want to transfer to the new FTP directory '$home'."
    echo "You'll need to move these files over yourself"
fi

echo ""
echo The anonymous ftp account is now setup. Test it by using the ftp
echo command to connect to your localhost.
echo ""

exit 0



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:10:26 CDT