YAMF2.2: Allow @group entries in /etc/ftpusers & /etc/ftpchroot to deny

and allow chroot access to entire groups.

libexec/ftpd/ftpd.8

@@ -30,7 +30,7 @@
 .\" SUCH DAMAGE.
 .\"
 .\"     @(#)ftpd.8	8.2 (Berkeley) 4/19/94
-.\"	$Id: ftpd.8,v 1.15 1997/04/23 04:56:39 davidn Exp $
+.\"	$Id: ftpd.8,v 1.16 1997/04/26 12:23:51 davidn Exp $
 .\"
 .Dd April 19, 1994
 .Dt FTPD 8
@@ -261,11 +261,20 @@ Bellcore.
 The login name must not appear in the file
 .Pa /etc/ftpusers .
 .It
+The login name must not be a member of a group specified in the file
+.Pa /etc/ftpusers .
+Entries in this file interpreted as group names are prefixed by an "at"
+.Ql \&@
+sign.
+.It
 The user must have a standard shell returned by 
 .Xr getusershell 3 .
 .It
 If the user name appears in the file
-.Pa /etc/ftpchroot
+.Pa /etc/ftpchroot ,
+or the user is a member of a group with a group entry in this file,
+i.e. one prefixed with
+.Ql \&@ ,
 the session's root will be changed to the user's login directory by
 .Xr chroot 2
 as for an
@@ -273,13 +282,13 @@ as for an
 or
 .Dq ftp
 account (see next item).
-This facility may also be used by using the boolean "ftp-chroot"
+This facility may also be triggered by enabling the boolean "ftp-chroot"
 capability in
 .Xr login.conf 5 .
 However, the user must still supply a password.
 This feature is intended as a compromise between a fully anonymous account
-and a fully privileged account.  The account should also be set up as for an
+and a fully privileged account.
-anonymous account.
+The account should also be set up as for an anonymous account.
 .It
 If the user name is
 .Dq anonymous

libexec/ftpd/ftpd.c

@@ -30,7 +30,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- *	$Id: ftpd.c,v 1.35 1997/04/23 04:56:39 davidn Exp $
+ *	$Id: ftpd.c,v 1.36 1997/04/26 12:12:10 davidn Exp $
  */
 
 #if 0
@@ -76,6 +76,7 @@ static char sccsid[] = "@(#)ftpd.c	8.4 (Berkeley) 4/16/94";
 #include <limits.h>
 #include <netdb.h>
 #include <pwd.h>
+#include <grp.h>
 #include <setjmp.h>
 #include <signal.h>
 #include <stdio.h>
@@ -670,15 +671,30 @@ checkuser(fname, name)
 	char *p, line[BUFSIZ];
 
 	if ((fd = fopen(fname, "r")) != NULL) {
-		while (fgets(line, sizeof(line), fd) != NULL)
+		while (!found && fgets(line, sizeof(line), fd) != NULL)
 			if ((p = strchr(line, '\n')) != NULL) {
 				*p = '\0';
 				if (line[0] == '#')
 					continue;
-				if (strcmp(line, name) == 0) {
+				/*
-					found = 1;
+				 * if first chr is '@', check group membership
-					break;
+				 */
+				if (line[0] == '@') {
+					int i = 0;
+					struct group *grp;
+
+					if ((grp = getgrnam(line+1)) == NULL)
+						continue;
+					while (!found && grp->gr_mem[i])
+						found = strcmp(name,
+							grp->gr_mem[i++])
+							== 0;
 				}
+				/*
+				 * Otherwise, just check for username match
+				 */
+				else
+					found = strcmp(line, name) == 0;
 			}
 		(void) fclose(fd);
 	}