Bug 929559 - Feature Request: Restore FTP support for non-system Users
Feature Request: Restore FTP support for non-system Users
Status: NEW
Classification: openSUSE
Product: openSUSE Tumbleweed
Classification: openSUSE
Component: YaST2
201503*
All All
: P5 - None : Major (vote)
: ---
Assigned To: Michal Filka
Jiri Srain
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2015-05-04 16:44 UTC by Tony Su
Modified: 2015-06-30 15:15 UTC (History)
1 user (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments
screenshot of authentication tab (31.84 KB, image/png)
2015-05-05 14:22 UTC, Martin Vidner
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Tony Su 2015-05-04 16:44:09 UTC
This was a YAST2 supported feature (properly) a long time ago (don't know when this was removed).

A standard and important feature running an Internet File Server using something like FTP is to support remote only FTP access (ie no local logon permissions). I don't know of a single FTP Server which does not support this.

For whatever reason, this feature disappeared from the YAST FTP server applet, and now only local system users are supported. Of course, this feature has not disappeared from the FTP Servers themselves.

Because this functionality once existed, I wonder if that earlier YAST applet code can be researched instead of re-building from scratch? If there has been fundamental changes in pure-ftpd and vsftpd the code may still need to be modified.
Comment 1 Martin Vidner 2015-05-05 14:22:54 UTC
Created attachment 633285 [details]
screenshot of authentication tab

Sorry, I don't understand what you mean by "non-system users". Do you mean Anonymous users? That is supported, see the screenshot.
Comment 2 Tony Su 2015-05-05 22:05:52 UTC
No,

The FTP app with its long history has always maintained its own application level database of Users that can login and access files using the FTP protocol, unrelated to any other database of Users.

YAST introduced the idea of permitting access to Users with Local System accounts. While an interesting idea for private access within a very small group or company, this is unworkable for traditional Internet use where you don't want every FTP User to also have local login access to the machine. The way the YAST FTP Server applet works now is very different than how FTP apps are supposed to be configured with minor upside (easy auto use of an available database of Users) but a major security downside (Usual FTP users should not have local logon access).

This is of course different than Anonymous access where the User is not individually identifiable..