A How-To Guide for 
wu-ftpd on Solaris 2.x

Darci L. Chapman

(Last revised: 28 May 1998)


The purpose of this document is to place all the needed information for compiling, installing and configuring wu-ftpd on SunOS 5.x (Solaris 2.x) in a single place. This document is heavily based on information provided elsewhere as well as comments and suggestions submitted by wu-ftpd (mailing list) subscribers. Please see the following sections: Additional Reading and Acknowledgements.

Last but not least, please feel free to duplicate this information in any way, shape or form you choose as long as credit is given where credit is due.

Table of Contents

Additional Reading

Compiling wu-ftpd



Once the source has been downloaded, uncompress and untar the file.

The following may no longer be needed: once upon a time, I found it necessary to edit src/ftpd.c and add:
Just before the lines:
#ifndef SPT_TYPE
# define SPT_TYPE       SPT_REUSEARGV   /* default type */
Note: This was so the date/timestamps would show up correctly; however, it was not needed for beta-17 on Solaris 2.6. You might try it without first on 2.4 and 2.5 and only make the above modifications if you absolutely cannot get the date/timestamps to work correctly. 

If you do not have the Sun "cc" compiler installed (that is, you have gcc or something else installed), you will need to either munge the two Makefile.sol files that come with the distribution OR set up /usr/bin/ccs/cc to point to your gcc binary.

Makefile.sol Files Workaround

1. Edit src/makefiles/Makefile.sol and support/makefiles/Makefile.sol and
comment out the line in each file: 2. export CC=gcc (or setenv CC gcc)

(or combine steps 1 and 2 and make CC = gcc in the Makefile.sol files)

3. Make sure gcc is in your $PATH

Symbolical Link Workaround

1. Make a symbolic link: for example: 2. Have the directory with the link (i.e.,  /usr/ccs/bin) in your $PATH

3. Avoid having /usr/ucb in your $PATH (if that's where the cc script is which tries to run the non-present BSD compatible C compiler).

[Thanks to: "Stig Isaksson" <Stig.Isaksson@dal.lu.se> (5/27/98)]

At this point, you're ready to build the distribution. From the top level of the source directory created (ie, /usr/local/src/wu-ftpd-2.4.2-beta-17) run:

./build sol

The build output should look something like this:

make args are : 
make opts are : 

Linking Makefiles. 

Making support library. 
gcc -g -DDEBUG -c fnmatch.c 
gcc -g -DDEBUG -c strcasestr.c 
gcc -g -DDEBUG -c strsep.c 
gcc -g -DDEBUG -c authuser.c 
gcc -g -DDEBUG -c vsnprintf.c 
rm -f libsupport.a 
ar cq libsupport.a fnmatch.o strcasestr.o strsep.o authuser.o vsnprintf.o 
touch libsupport.a 

Making ftpd. 
gcc -g -DDEBUG -I.. -I../support -L../support -c ftpd.c 
yacc ftpcmd.y 
mv y.tab.c ftpcmd.c 
gcc -g -DDEBUG -I.. -I../support -L../support -c ftpcmd.c 
gcc -g -DDEBUG -I.. -I../support -L../support -c glob.c 
gcc -g -DDEBUG -I.. -I../support -L../support -c logwtmp.c 
gcc -g -DDEBUG -I.. -I../support -L../support -c popen.c 
sh newvers.sh 
gcc -g -DDEBUG -I.. -I../support -L../support -c vers.c 
gcc -g -DDEBUG -I.. -I../support -L../support -c access.c 
gcc -g -DDEBUG -I.. -I../support -L../support -c extensions.c 
gcc -g -DDEBUG -I.. -I../support -L../support -c realpath.c 
gcc -g -DDEBUG -I.. -I../support -L../support -c acl.c 
gcc -g -DDEBUG -I.. -I../support -L../support -c private.c 
gcc -g -DDEBUG -I.. -I../support -L../support -c authenticate.c 
gcc -g -DDEBUG -I.. -I../support -L../support -c conversions.c 
gcc -g -DDEBUG -I.. -I../support -L../support -c hostacc.c 
gcc -g -DDEBUG -I.. -I../support -L../support -c sigfix.c 
gcc -g -DDEBUG -I.. -I../support -L../support -o ftpd ftpd.o ftpcmd.o glob.o log 
wtmp.o popen.o vers.o access.o extensions.o realpath.o acl.o private.o authenti 
cate.o conversions.o hostacc.o sigfix.o -lsupport -lsocket -lnsl -lgen 

Making ftpcount. 
gcc -g -DDEBUG -I.. -I../support -L../support -o ftpcount ftpcount.c vers.o -lsu 
pport -lsocket -lnsl -lgen 

Making ftpshut. 
gcc -g -DDEBUG -I.. -I../support -L../support -o ftpshut ftpshut.c vers.o -lsupp 
ort -lsocket -lnsl -lgen 

Making ckconfig. 
gcc -g -DDEBUG -I.. -I../support -L../support -o ckconfig ckconfig.c 

Links to executables are in bin directory: 
bin/ftpd: 137354 + 9600 + 19684 = 166638 
bin/ftpcount: 7674 + 720 + 864 = 9258 
bin/ftpshut: 6532 + 568 + 344 = 7444 
bin/ftpwho: 7674 + 720 + 864 = 9258 
bin/ckconfig: 3984 + 316 + 332 = 4632 


To install, use:
./build install
Note: the default action of the above is to install wu-ftpd on top of /usr/sbin/in.ftpd. This may not be what you want! If you do not wish to replace the ftpd that was shipped with the Solaris, edit the Makefile in the top level directory, changing the lines:
-mv -f ${BINDIR}/in.ftpd ${BINDIR}/in.ftpd-old
${INSTALL} -c -o bin -g bin -m 755 bin/ftpd ${BINDIR}/in.ftpd
${INSTALL} -c -o bin -g bin -m 755 doc/ftpd.8 ${MANDIR}/man1m/in.ftpd.1m
to something more appropriate for your system. Alternatively, you can change the values of BINDIR and MANDIR in the Makefile.

Configuring wu-ftpd


First, read the man page for wu-ftpd and carefully review the possible startup options (ie, -a, -L, etc). The example in this document uses the following options for invoking wu-ftpd: -l,-a,-i,and -o (provide additional logging information, use the ftpaccess file, log uploads, and log downloads).

If you wish to replace the existing ftpd service on port 21, edit the existing ftp entry in the /etc/inetd.conf file to reference the wuftpd executable installed. For example:

ftp  stream  tcp  nowait  root  /usr/sbin/ftpd  ftpd -laio
If you wish to install wu-ftpd on a different port (useful for debugging wu-ftpd without interrupting existing ftp service), you will need to edit both the /etc/services and /etc/inetd.conf files. To /etc/services, add a line indicating the service name, port number and protocol. For example:
wuftp      4001/tcp      # command port to test wu-ftpd
You may also wish to add a second line to /etc/services:
wuftp-data 4000/tcp      # data port to test wu-ftpd
Note that wu-ftpd does not actually use the last reference but will always use the next lower port from the specified command port. However, the data port entry can help prevent that port from being used by another service.

Next, add the appropriate entry to the /etc/inetd.conf file, the key part being to reference the same service name as is in the /etc/services file:

wuftp  stream  tcp  nowait  root  /usr/sbin/ftpd  ftpd -laio
Make sure name of the service (wuftp in this example) matches in both the /etc/inetd.conf and the /etc/services files.

Since in this example the -a option is being used, an ftpaccess file must be placed in /etc. A good working sample is provided with the wu-ftpd distribution in doc/examples. This file can be copied right into /etc or wherever specified in src/pathnames.h. See the man page for ftpacces for complete details.

At this point in the set up, you should be able to ftp to the host as a real user. Run bin/ckconfig from the distribution to verify your set up at this point.


In addition to using the correct -l or -L flag with the wu-ftpd entry in the /etc/inetd.conf file, if you wish to log everything, you will have to update the entries in the /etc/syslog.conf file. The following places the maximum number of messages into the /var/adm/messages file:
daemon.info      /var/adm/messages 
daemon.notice    /var/adm/messages 
daemon.debug     /var/adm/messages
Once you have made the changes to the /etc/syslog.conf file, be sure to restart the syslogd process (kill -1 pid, where pid is the process id of syslogd).

[Thanks to: "Roger A. Hanke" <rah@lynxhub.ho.att.com> (2/3/97)]

Anonymous User Setup

Several documents exist for explaining how to set up secure anonymous ftp:
  1. ftp://ftp.cert.org/pub/tech_tips/anonymous_ftp_config
  2. ftp://ftp.cert.org/pub/tech_tips/anonymous_ftp_abuses
  3. ftp://sunsite.unc.edu/pub/sun-info/sun-faq/FAQs/SettingUpSecureFTP.faq
In general, here are the steps:
    dr-xr-xr-x  7 root system 512 Mar  1 15:17 ./ 
    drwxr-xr-x 25 root system 512 Jan  4 11:30 ../ 
    d--x--x--x  2 root system 512 Dec 20 15:43 bin/ 
    d--x--x--x  2 root system 512 Dec 20 15:43 dev/ 
    d--x--x--x  2 root system 512 Mar 12 16:23 etc/
    drwx-wx-wt 10 root system 512 Jun  5 10:54 incoming/
    drwxr-xr-x 10 root system 512 Jun  5 10:54 pub/
    d--x--x--x 10 root system 512 Jun  5 10:54 usr/

Guestgroup User Setup

Guestgroup set up is very similar to anonymous setup. This example is for a user called "author" who is chroot'ed to /home/web/author and belongs to the group "webauth".

For each guest group user, perform the following steps:

Default Permissions of Uploaded Files

Default Permissions of Created Directories

Tips and Tricks

Tracing libraries used by "ls" under anonymous ftp

Use: truss -f chroot ~ftp /bin/ls -l

to see which libraries are being used by "ls" and by "dir"; you may also have to use "ldd" on the libraries accessed by "ls" to ferret out additional dependencies.

Compiling a static version of "ls"

Information regarding linking statically on Solaris 2.5 and greater is available here.

Ownership/permissions of directories created by a guestgroup user

Allowing guestgroup users to change their password

Reporting Tools