public inbox for cygwin@cygwin.com
 help / color / mirror / Atom feed
From: David Oppenheim <davido@optimation.com.au>
To: cygwin@cygwin.com
Subject: Difficult getting pure-ftpd to work under Cygwin on Windows 10, esp anonymous ftp
Date: Tue, 29 Jun 2021 08:47:46 +1000	[thread overview]
Message-ID: <20210629084746.Horde.EOaX4JftYZgseWRQhFJQPhx@optimation.com.au> (raw)

I have debugged various obstacles getting logins to pure-ftpd to work under
Cygwin on Windows 10 (Home edition 20H2 on this particular PC), especially
getting anonymous ftp to login successfully. My pure-ftpd is version 1.0.46-1
as downloaded by the Cygwin installer.

There are problems with how it looks up username/password, with it calling
seteuid(), and sometimes with pathnames for the user's home directory, and
the user's shell. This is particularly fraught if you try to use  
anonymous ftp.

My solution is a simple recipe, albeit limited but fine for personal
or small group use ... technical problem details after this recipe.
I hope this helps anyone else trying to get it to work !

--- recipe for setting up pure-ftpd on Cygwin

Set up pure-ftp passwd file first with pure-pw -f filename.passwd
then convert to puredb format with     pure-pw mkdb filename.pdb -f  
filename.passwd

Note that sometimes pure-pw and/or pure-ftpd imply a /etc prefix for  
the filename,
seems that's overridden if you use an absolute pathname.

Run pure-ftpd as you. From the ftp client login as you with the
puredb file password not the Windows password.

Your starting directory once logged in will be the homne directory as set up
in the puredb entry for your username ... probably /home/yourloginname
(as viewed from inside Cygwin).

--- end recipe

Re anonymous login ...

Internally pure-ftpd translates "anonymous" to "ftp"

Anonymous login is not checked in the -l puredb file, it does
a getpwnam() call, so "ftp" ** must ** be a user in Windows

Needs /home/ftp (pathname from inside Cygwin) and perhaps
~/home/ftp for user running pure-ftpd

For any ftp login, if the ftp username is not the same as the Windows
user running pure-ftpd, pure-ftpd fails on seteuid() ... see Windows
event logger (or Cygwin syslog if that's installed), the ftp client
sees "Unable to set up secure anonymous FTP"

This happens even if running pure-ftpd from Explorer by
"Run as Administrator"

So for anonymous login you have to run pure-ftpd as Windows user ftp

More generally, because of that seteuid issue, if you want to
ftp login as uuu then you need to run pure-ftpd as Windows user uuu ...
although having uuu in a pure-pw database permits the password to
be different from the Windows login password.

Nb: if you run pure-ftpd directly from Explorer (incl "Run as Administrator")
the place it looks for the home directory may be ./ or the Windows user's
home (C:\Users\uuu) and I have also seen failures setting user shell
because it's looking for e.g. /bin/bash somewhere else.



             reply	other threads:[~2021-06-28 22:47 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-06-28 22:47 David Oppenheim [this message]
2021-06-28 23:57 ` matthew patton
     [not found]   ` <1598452124.530169.1624924810774@mail.yahoo.com>
     [not found]     ` <518840083.2736043.1624925052846@mail.yahoo.com>
2021-06-29  6:35       ` David Oppenheim

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210629084746.Horde.EOaX4JftYZgseWRQhFJQPhx@optimation.com.au \
    --to=davido@optimation.com.au \
    --cc=cygwin@cygwin.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).