FTP services run courtesy of the ftpd daemon. It allows the machine's users to remotely access the filesystem, so that they can browse directory listings and transfer files to and from the machine. Normally, it obeys the filesystem permissions just as a login shell does. However, if you would like to restrict FTP users' access to their respective home directories, simply add the users' names, one per line, to a file named ftpchroot and, as root, save it in /etc.
First, as described in Chapter 10, use NetInfo Manager to create a group named ftp, making sure to give it an unused GID. Next, use NetInfo Manager again to create a nonhuman user also named ftp, under which all-anonymous FTP activity will occur. For consistency, use the same number you specified for the ftp group's GID as this new account's UID, again making sure that it's not already being used by another account.
Create a home directory for ftp. (Be sure that ftp's NetInfo directory correctly refers to this directory as its home.) Whether or not an /etc/ftpchroot file exists, the FTP server always forbids an anonymous user from accessing anywhere in the filesystem outside the ftp user's Home directory.
You can now populate this directory with whatever you wish to permit anonymous users to browse and download. To make a typical FTP site, add a pub/ folder containing all the downloadables, as well as an introductory blurb in an ftpwelcome file in /etc; upon connection, the ...