uftpd is a UNIX daemon with sane built-in defaults. It just works.
- FTP and/or TFTP
- No complex configuration file
- Runs from standard UNIX inetd, or standalone
/etc/passwd, or custom path
/etc/services, or custom ports
- Privilege separation, drops root privileges having bound to ports
- Possible to use symlinks outside of the FTP home directory
- Possible to have group writable FTP home directory
uftpd is primarily not targetted at secure installations, it is targeted at home users and developers in need of a simple FTP/TFTP server. uftpd allows symlinks to outside the FTP home, as well as a group writable FTP home directory — user-friendly features that potentially can cause security breaches, but also very useful for people who just want their FTP server to work.
Seriously, we do not advise you to ignore any security aspect of your installation. If security is a concern for you, consider using another FTP/TFTP server!
That being said, a lot of care has been taken to lock down and secure uftpd by default. So, if you refrain from symlinking stuff from your home directory and take care to set up strict permissions, then uftpd is likely as secure as any other FTP/TFTP server.
uftpd [-hnsv] [-l LEVEL] [-o ftp=PORT,tftp=PORT] [PATH] -h Show this help text -l LEVEL Set log level: none, err, info, notice (default), debug -n Run in foreground, do not detach from controlling terminal -o OPT Options: ftp=PORT tftp=PORT writable -s Use syslog, even if running in foreground, default w/o -n -v Show program version The optional 'PATH' defaults to the $HOME of the /etc/passwd user 'ftp' Bug report address: https://github.com/troglobit/uftpd/issues
To start uftpd in the background as an FTP/TFTP server:
ftp user does not exist on your system,
uftpd defaults to serve files from the
/srv/ftp directory. To serve another directory, simply append that directory to the argument list.
sudo, or set
CAP_NET_BIND_SERVICE capabilities, on
uftpd to allow regular users to start
uftpd on privileged (standard) ports, i.e.
$ sudo setcap cap_net_bind_service+ep uftpd
To change port on either FTP or TFTP, use
$ uftpd -o ftp=PORT,tftp=PORT
PORT to zero (0) to disable either service.
Running from inetd
Rarely used services like FTP/TFTP are good candidates to run from the Internet super server, inetd. On Debian and Ubuntu based distributions we recommend
Use the following two lines in
/etc/inetd.conf, notice how
in.tftpd are symlinks to the
ftp stream tcp nowait root /usr/sbin/in.ftpd tftp dgram udp wait root /usr/sbin/in.tftpd
Remember to activate your changes to inetd by reloading the service or sending
SIGHUP to it. Another inetd server may use different syntax. Like the inetd that comes built-in to Finit, in
inetd ftp/tcp nowait /usr/sbin/in.ftpd -- The uftpd FTP server inetd tftp/udp wait /usr/sbin/in.tfptd -- The uftpd TFTP server
Build & Install
uftpd depends on two other projects to build from source, libuEv and lite. See their respective README for details, there should be no real surprises, both use the familiar configure, make, make install.
uftpd, as well as its dependencies, can be built as
.deb packages on Debian or Ubuntu based distributions. Simply download each source component and run
./autogen.sh <--- Only needed if using GIT sources ./configure make package
If you are using a different Linux or UNIX distribution, check the output from
./configure --help, followed by
make all install. For instance, building on Alpine Linux:
PKG_CONFIG_LIBDIR=/usr/local/lib/pkgconfig ./configure \ --prefix=/usr --localstatedir=/var --sysconfdir=/etc
Provided the library dependencies were installed in
PKG_CONFIG_LIBDIR trick may be needed on other GNU/Linux, or UNIX, distributions as well.