FtpusersFile - Jnos Documentation Wiki

ftpusers

User password, access limitations, and processing permissions, are found here. It is presumed each user is a licensed amateur radio operator in his country of origin, established practice is to identify himself (herself) by his/her registered call sign. This file is maintained by the system administrator using his favorite text editor. Each unique user ID is posted on one line. For security purposes because the file is not encrypted, this file should be readable and writeable only by jnos and should not be accessible by other users.

The generalized format of each line is:

<name> <passwd> <dir>;<dir> <perm> [<dir>;<dir> <perm>] ...

<name> is a users userid, normally a callsign for amateur radio use. In addition, some reserved names carry special connotation. The following reserved names (some protocol-specific) need to be considered to carry permissions allowed when using jnos services;
- univperm - should always be included to allow anyone not otherwise found in the list to logon with "guest" status
- tcpperm - telnet login to mailbox
- ax25perm - ax.25 login to mailbox
- nrperm - netrom login to mailbox
- confperm - convers signin
- pppperm - ppp's call to userlogin
- ftpperm - ftp login
- tipperm - tip login to mailbox
<passwd> is the pass word key the user must supply at login for access to the system. If <password> is set to '<string>', then <string> must be presented. If <password> is set to '*', then any entry will satisfy password.
<dir> is the highest directory in the system tree the user may access. It becomes the users root directory seen during the session. Subdirectories under <dir> may be accessed by the user. More than one <dir> may be given separated by “;”. When more than one <dir> is specified, the user is presented with [tbd] and may [tbd] to switch between them. Full paths are specified for <dir>.
- On Linux platforms, paths beginning with "/" reference the root filesystem, paths without the leading "/" begin at the jnos install root as defined in HostFileSystemGlobal.
- <drive:/> is the drive letter prefix needed for DOS platform full path. The full syntax is "<drive:/<dir>>". Note the "/" rather than the "\" is used in this context.

<perm> is a hex or decimal number that is the sum of the values which defines what the user is allowed to do while logged onto the system. The following is a list of the user permission values assignable for the “ftpusers” file. To set a list of options, simply add values and use the sum in either number base.

Name:	(hex)	(dec)	Permit or Deny Feature or Action
`FTP_READ`	`0x1`	`1`	`Read files`
`FTP_CREATE`	`0x2`	`2`	`Create new files`
`FTP_WRITE`	`0x4`	`4`	`Overwrite or delete existing files`
`AX25_CMD`	`0x8`	`8`	`AX.25 gateway operation allowed`
`TELNET_CMD`	`0x10`	`16`	`Telnet gateway operation allowed`
`NETROM_CMD`	`0x20`	`32`	`NET/ROM gateway operation allowed`
`SYSOP_CMD`	`0x40`	`64`	`Remote sysop access allowed`
`EXCLUDED_CMD`	`0x80`	`128`	`This user is banned from the BBS`
`PPP_ACCESS_PRIV`	`0x100`	`256`	`bit for PPP connection`
`PPP_PWD_LOOKUP`	`0x200`	`512`	`Priv bit for peerID/pass lookup`
`NO_SENDCMD`	`0x400`	`1024`	`Disallow send command`
`NO_READCMD`	`0x800`	`2048`	`Disallow read command`
`NO_3PARTY`	`0x1000`	`4096`	`Disallow third-party mail`
`IS_BBS`	`0x2000`	`8192`	`This user is a bbs`
`IS_EXPERT`	`0x4000`	`16384`	`This user is an expert`
`NO_CONVERS`	`0x8000`	`32768`	`Disallow convers command`
`NO_ESCAPE`	`0x10000`	`65536`	`Default is no escape char`
`NO_LISTS`	`0x20000`	`131072`	`No lists displayed from mailbox`
`NO_LINKEDTO`	`0x40000`	`262144`	`Disable '*** linked to'`
`NO_LASTREAD`	`0X80000`	`524288`	`Ignore last read in <area> (shared area)`
`NO-FBBCMP`	`0x100000`	`1048576`	`Avoid FBB compression`
`XG_ALLOWED`	`0X200000`	`2097152`	`Allow XG (dynip route) cmd`

Syntax details

In decimal number format

```
univperm * /public 138283
```

or in hex format

```
univperm * /public 0x21c2b)
```

gives anyone not otherwise known login permission as a guest who can read or create (upload) new files on FTP connections, access ax25 or netrom stations, but has no mbox send, read, 3rd_party, or list functions. You may provide access to more than one set of directories with different permissions for each. This allows a user to access a personal directory with complete read/write/delete access and a public directory with read permissions only, or any other combination you may desire. In:

wg0b doug c:/wg0b 0x407f /public;/nts 0x407b

defines two different sets of permissions for three different paths. The initial directory (that is, your starting directory after an ftp session is established) is the first directory listed, UNLESS one of the directories in the list is preceded by an "=" to flag it as the initial directory. Example:

anonymous * /pub/wr_only 0x0002  /pub/rw_del 0x0007 =/pub 0x0001