Add nascent section about running an FTP server on FreeBSD.

Sponsored by:	FreeBSD Mall, Inc.

en_US.ISO8859-1/books/handbook/network-servers/chapter.sgml

@@ -45,6 +45,10 @@
 	<para>How to set up the Apache HTTP Server.</para>
       </listitem>
 
+      <listitem>
+	<para>How to set up a File Transfer Protocol (FTP) Server.</para>
+      </listitem>
+
       <listitem>
 	<para>How to synchronize the time and date, and set up a
 	  time server, with the NTP protocol.</para>
@@ -3991,6 +3995,14 @@ zone "10.168.192.in-addr.arpa" in {
 <!-- sect3 for performance tuning directives?  maxservers minservers -->
 <!-- etc..?? -->
 
+<!-- Advanced configuration section.
+
+Performance tuning directives.
+
+Virtual Hosts
+
+Log file format -->
+
     </sect2>
 
     <sect2>
@@ -4117,6 +4129,117 @@ zone "10.168.192.in-addr.arpa" in {
     </sect2>
   </sect1>
 
+  <sect1 id="network-ftp">
+    <sect1info>
+      <authorgroup>
+	<author>
+	  <firstname>Murray</firstname>
+	  <surname>Stokely</surname>
+	  <contrib>Contributed by </contrib>
+	</author>
+      </authorgroup>
+    </sect1info>
+    <title>File Transfer Protocol (FTP)</title>
+
+    <indexterm><primary>FTP server</primary></indexterm>
+
+    <sect2>
+      <title>Overview</title>
+
+      <para>The File Transfer Protocol (FTP) provides users with a
+	simple way to transfer files to and from an <acronym
+	role="File Transfer Protocol">FTP</acronym> server.  &os;
+	includes <acronym role="File Transfer Protocol">FTP</acronym>
+	server software, <application>ftpd</application>, in the base
+	system.  This makes setting up and administering an <acronym
+	role="File Transfer Protocol">FTP</acronym> server on FreeBSD
+	very straightforward.</para>
+    </sect2>
+
+    <sect2>
+      <title>Configuration</title>
+
+      <para>The most important configuration step is deciding which
+	accounts will be allowed access to the FTP server.  A normal
+	FreeBSD system has a number of system accounts used for
+	various daemons, but unknown users should not be allowed to
+	log in with these accounts.  The
+	<filename>/etc/ftpusers</filename> file is a list of users
+	disallowed any FTP access.  By default, it includes the
+	aforementioned system accounts, but it is possible to add
+	specific users here that should not be allowed access to
+	FTP.</para>
+
+      <para>You may want to restrict the access of some users without
+	preventing them completely from using FTP.  This can be
+	accomplished with the <filename>/etc/ftpchroot</filename>
+	file.  This file lists users and groups subject to FTP access
+	restrictions.  The &man.ftpchroot.5; manual page has all of
+	the details so it will not be described in detail here.</para>
+
+      <para>If you would like to enable anonymous FTP access to your
+	server, then you must create a user named
+	<username>ftp</username> on your &os; system.  Users will then
+	be able to log on to your FTP server with a username of
+	<username>ftp</username> or <username>anonymous</username> and
+	with any password (by convention an email address for the user
+	should be used as the password).  The FTP server will call
+	&man.chroot.2; when an anonymous user logs in, to restrict
+	access to only the home directory of the
+	<username>ftp</username> user.</para>
+
+      <para>There are two textfiles that specify welcome messages to
+	be displayed to FTP clients.  The contents of the file
+	<filename>/etc/ftpwelcome</filename> will be displayed to
+	users before they reach the login prompt.  After a successful
+	login, the contents of the file
+	<filename>/etc/ftpmotd</filename> will be displayed.  Note
+	that this file is relative to the login environment, so the
+	file <filename>~ftp/etc/ftpmotd</filename> would be displayed
+	for anonymous users.</para>
+
+      <para>Once the FTP server has been configured properly, it must
+        be enabled in <filename>/etc/inetd.conf</filename>.  All that
+        is required here is to remove the comment symbol
+        <quote>#</quote> from in front of the existing
+        <application>ftpd</application> line :</para>
+
+      <programlisting>ftp	stream	tcp	nowait	root	/usr/libexec/ftpd	ftpd -l</programlisting>
+
+      <para>You can now log on to your FTP server by typing:</para>
+
+      <screen>&prompt.user; <userinput>ftp localhost</userinput></screen>
+
+    </sect2>
+
+    <sect2>
+      <title>Maintaining</title>
+
+      <indexterm><primary>syslog</primary></indexterm>
+      <indexterm><primary>logs</primary>
+	<secondary>FTP</secondary></indexterm>
+
+      <para>The <application>ftpd</application> daemon uses
+        &man.syslog.3; to log messages.  By default, the system log
+        daemon will put messages related to FTP in the
+        <filename>/var/log/xferlog</filename> file.  The location of
+        the FTP log can be modified by changing the following line in
+        <filename>/etc/syslog.conf</filename>:</para>
+
+      <programlisting>ftp.info      /var/log/xferlog</programlisting>
+
+      <para>Be aware of the potential problems involved with running
+        an anonymous FTP server.  In particular, you should think
+        twice about allowing anonymous users to upload files.  You may
+        find that your FTP site becomes a forum for the trade of
+        unlicensed commercial software or worse.  If you do need to
+        allow anonymous FTP uploads, then you should set up the
+        permissions so that these files can not be read by other
+        anonymous users until they have been reviewed.</para>
+
+    </sect2>
+  </sect1>
+
   <sect1 id="network-ntp">
     <sect1info>
       <authorgroup>