From owner-man-jp-reviewer@jp.FreeBSD.org Sat Jan 24 21:28:19 2004
Received: (from daemon@localhost)
	by castle.jp.FreeBSD.org (8.11.6p2+3.4W/8.11.3) id i0OCSJx09727;
	Sat, 24 Jan 2004 21:28:19 +0900 (JST)
	(envelope-from owner-man-jp-reviewer@jp.FreeBSD.org)
Received: from mail501.nifty.com (mail501.nifty.com [202.248.37.209])
	by castle.jp.FreeBSD.org (8.11.6p2+3.4W/8.11.3) with ESMTP/inet id i0OCSJC09689
	for <man-jp-reviewer@jp.FreeBSD.org>; Sat, 24 Jan 2004 21:28:19 +0900 (JST)
	(envelope-from CQG00620@nifty.ne.jp)
Received: from nifty.ne.jp (mcda026n013.ppp.infoweb.ne.jp [211.125.43.141])by mail501.nifty.com with ESMTP id i0OCSFFq029132
	for <man-jp-reviewer@jp.FreeBSD.org>; Sat, 24 Jan 2004 21:28:15 +0900
Message-Id: <200401241228.i0OCSFFq029132@mail501.nifty.com>
From: Watanabe Kazuhiro <CQG00620@nifty.ne.jp>
To: man-jp-reviewer@jp.FreeBSD.org
User-Agent: Wanderlust/2.10.0 (Venus) SEMI/1.14.4 (Hosorogi) FLIM/1.14.4
 (=?ISO-8859-4?Q?Kashiharajing=FE-mae?=) APEL/10.3 Emacs/21.2
 (i386--freebsd) MULE/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.4 - "Hosorogi")
Content-Type: text/plain; charset=ISO-2022-JP
Reply-To: man-jp-reviewer@jp.FreeBSD.org
Precedence: list
Date: Sat, 24 Jan 2004 21:31:27 +0900
X-Sequence: man-jp-reviewer 4534
Subject: [man-jp-reviewer 4534] ftpchroot.5
Sender: owner-man-jp-reviewer@jp.FreeBSD.org
X-Originator: CQG00620@nifty.ne.jp
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+040115

$BEOJU0l42$G$9!#(B

ftpchroot.5$B$NK]Lu$,=PMh$^$7$?!#<j=g$J$I$^$@NI$/$o$+$C$F$$$J$$$N$G$9$,!"(B
$B$h$m$7$/$*4j$$$7$^$9!#(B

--- ftpchroot.5.orig	Thu Jan 22 18:42:19 2004
+++ ftpchroot.5	Sat Jan 24 21:12:10 2004
@@ -23,97 +23,94 @@
 .\" SUCH DAMAGE.
 .\"
 .\" $FreeBSD: src/libexec/ftpd/ftpchroot.5,v 1.3 2003/06/01 19:52:36 ru Exp $
+.\" jpman %Id%
 .\"
 .Dd January 26, 2003
 .Dt FTPCHROOT 5
 .Os
-.Sh NAME
+.Sh $BL>>N(B
 .Nm ftpchroot
-.Nd "list users and groups subject to FTP access restrictions"
-.Sh DESCRIPTION
-The file
+.Nd "FTP $B%"%/%;%9@)8B$r<u$1$k%f!<%6$H%0%k!<%W$N0lMw(B"
+.Sh $B2r@b(B
+$B%U%!%$%k(B
 .Nm
-is read by
+$B$O!"$=$N%f!<%6$NG'>Z8e$N!"(B FTP $B%;%C%7%g%s3+;O;~$K(B
 .Xr ftpd 8
-at the beginning of an FTP session, after having authenticated the user.
-Each line in
+$B$K$h$C$FFI$_9~$^$l$^$9!#(B
 .Nm
-corresponds to a user or group.
-If a line in
+$B$N3F9T$O%f!<%6$^$?$O%0%k!<%W$KBP1~$7$^$9!#(B
+$B$b$7(B
 .Nm
-matches the current user or a group he is a member of,
-access restrictions will be applied to this
-session by changing its root directory with
+$B$N$"$k9T$,8=:_$N%f!<%6!"$"$k$$$O%0%k!<%W$KB0$9$k%a%s%P$K%^%C%A$7$?>l9g!"(B
+$B$3$N%;%C%7%g%s$G$O$3$N9T$K5-$5$l$?!"$^$?$O$3$N%f!<%6$N%m%0%$%s%G%#%l%/%H%j$K!"(B
 .Xr chroot 2
-to that specified on the line or to the user's login directory.
+$B$K$h$C$F%k!<%H%G%#%l%/%H%j$,JQ99$5$l$k%"%/%;%9@)8B$,E,MQ$5$l$^$9!#(B
 .Pp
-The order of records in
 .Nm
-is important because the first match will be used.
-Fields on each line are separated by tabs or spaces.
+$B$K$*$1$k%l%3!<%I$N=gHV$O=EMW$G$9!#2?8N$J$i:G=i$K%^%C%A$7$?$b$N$,(B
+$B;HMQ$5$l$k$+$i$G$9!#3F9T$N%U%#!<%k%I$O%?%V$+6uGr$G6h@Z$i$l$^$9!#(B
 .Pp
-The first field specifies a user or group name.
-If it is prefixed by an
+$B:G=i$N%U%#!<%k%I$O%f!<%6$^$?$O%0%k!<%WL>$G$9!#$b$7(B
 .Dq at
-sign,
-.Ql @ ,
-it specifies a group name;
-the line will match each user who is a member of this group.
-As a special case, a single
+$B5-9f!"$D$^$j(B
 .Ql @
-in this field will match any user.
-A username is specified otherwise.
+$B$G;O$^$C$F$$$k>l9g$O%0%k!<%WL>$H$5$l!"$3$N%0%k!<%W$KB0$9$k(B
+$B%a%s%P$N%f!<%6$K%^%C%A$7$^$9!#(B
+$BFCJL$J%1!<%9$H$7$F!"$3$N%U%#!<%k%I$K$*$1$kC10l$N(B
+.Ql @
+$B$O!"A4$F$N%f!<%6$K%^%C%A$7$^$9!#(B
+$B$3$l$i0J30$G$O%f!<%6L>$H$5$l$^$9!#(B
 .Pp
-The optional second field describes the directory for the user
-or each member of the group to be locked up in using
-.Xr chroot 2 .
-Be it omitted, the user's login directory will be used.
-If it is not an absolute pathname, then it will be relative
-to the user's login directory.
-If it contains the
+2 $BHVL\$N%U%#!<%k%I$O%*%W%7%g%s$G!"%f!<%6$^$?$O%0%k!<%W$KB0$9$k%a%s%P$r!"(B
+.Xr chroot 2
+$B$r;H$C$FJD$89~$a$k%G%#%l%/%H%j$r5-=R$7$^$9!#(B
+$B>JN,$5$l$?>l9g!"$=$N%f!<%6$N%m%0%$%s%G%#%l%/%H%j$,;H$o$l$^$9!#(B
+$B@dBP%Q%9L>$G$O$J$$>l9g!"$=$N%f!<%6$N%m%0%$%s%G%#%l%/%H%j$+$i$N(B
+$BAjBP%Q%9$H$5$l$^$9!#(B
+$B%Q%9L>$K(B
 .Pa /./
-separator,
+$B%;%Q%l!<%?$,4^$^$l$k>l9g!"(B
 .Xr ftpd 8
-will treat its left-hand side as the name of the directory to do
+$B$O:8B&$r(B
 .Xr chroot 2
-to, and its right-hand side to change the current directory to afterwards.
-.Sh FILES
+$B@h$N%G%#%l%/%H%jL>!"1&B&$r0J9_$N%+%l%s%H%G%#%l%/%H%j$H$7$F07$$$^$9!#(B
+.Sh $B4XO"%U%!%$%k(B
 .Bl -tag -width ".Pa /etc/ftpchroot" -compact
 .It Pa /etc/ftpchroot
 .El
-.Sh EXAMPLES
-These lines in
+.Sh $B@_DjNc(B
 .Nm
-will lock up the user
+$B$K$*$1$k<!$N9T$O!"%f!<%6(B
 .Dq Li webuser
-and each member of the group
+$B$H!"%0%k!<%W(B
 .Dq Li hostee
-in their respective login directories:
+$B$KB0$9$k%a%s%P$r!"3F<+$N%m%0%$%s%G%#%l%/%H%j$KJD$89~$a$^$9!#(B
 .Bd -literal -offset indent
 webuser
 @hostee
 .Ed
 .Pp
-And this line will tell
-.Xr ftpd 8
-to lock up the user
+$B<!$N9T$G$O!"%f!<%6(B
 .Dq Li joe
-in
+$B$r(B
 .Pa /var/spool/ftp
-and then to change the current directory to
-.Pa /joe ,
-which is relative to the session's new root:
+$B$KJD$89~$a!"$=$7$F%+%l%s%H%G%#%l%/%H%j$r!"$3$N%;%C%7%g%s$K$*$1$k(B
+$B?7$7$$%k!<%H$+$i$NAjBP%Q%9$K$J$k(B
+.Pa /joe
+$B$KJQ99$9$k$h$&$K!"(B
+.Xr ftpd 8
+$B$K65$($^$9!#(B
 .Pp
 .Dl "joe	/var/spool/ftp/./joe"
 .Pp
-And finally the following line will lock up every user connecting
-through FTP in his respective
-.Pa ~/public_html ,
-thus lowering possible impact on the system
-from intrinsic insecurity of FTP:
+$B:G8e$K0J2<$N9T$G$O!"(B FTP $B$rDL$8$F@\B3$7$F$/$k$"$i$f$k%f!<%6$r!"(B
+$B3F<+$N(B
+.Pa ~/public_html
+$B$KJD$89~$a$^$9!#$3$l$K$h$C$F!"(B FTP $B$,K\<AE*$K$b$C$F$$$k4m81@-$,!"(B
+$B%7%9%F%`$K1F6A$rM?$($k2DG=@-$,2<$,$j$^$9!#(B
 .Pp
 .Dl "@	public_html"
-.Sh SEE ALSO
+.Sh $B4XO"9`L\(B
 .Xr chroot 2 ,
 .Xr group 5 ,
 .Xr passwd 5 ,

---
Watanabe Kazuhiro (CQG00620@nifty.ne.jp)
