If you're using version 2.7.0 or later, and you ran the install_ncftpd.pl script, then the script should have shown you the location of the restart_ncftpd script. Usually this is at /usr/local/sbin/restart_ncftpd. Run that script with no parameters from a root shell prompt, i.e.:
# /usr/local/sbin/restart_ncftpd
See this page for information with working with the older versions. Starting with version 2.7.0, we included a install script (install_ncftpd.pl) which by default automatically creates System V style "rc.d" scripts. Version 2.6.3 and earlier used the /etc/inittab directly rather than rc.d scripts.
If you're using version 2.7.0 or later, and you ran the install_ncftpd.pl script, then the script should have shown you the location of the "rc" script used to start NcFTPd. For example, it might be at /etc/init.d/ncftpd, /etc/rc.d/init.d/ncftpd, or /sbin/init.d/ncftpd. Run that script with an argument of "stop" from a root shell prompt, such as:
# /etc/rc.d/init.d/ncftpd stop
If NcFTPd is being run from an rc.local script file, or you can't find the startup script, you can simply terminate the “main” NcFTPd process by sending it a termination signal (kill -TERM or kill -15).
To find which process is the “main” NcFTPd process, you have a few options. First, you specify a PID file in the NcFTPd general.cf file, under the pid-file option. When NcFTPd is running, it maintains a list of process IDs in this file. But instead of being just a list of process ID numbers, you’ll notice that it is actually formatted so you can run it as a shell script. Here is a snippet from a sample ncftpd.pid.sh file looks like:
$
head -5 /var/run/ncftpd.pid.sh
#!/bin/sh
kill -15 856
# main process
sleep 5
kill -9 865
2>/dev/null # logd
kill -9 32096 2>/dev/null
# child 1
The script is written so that it sends a termination signal to the main process, and gives it a few seconds to gracefully shutdown the rest of the processes. After 5 seconds, the script forcefully terminates any remaning processes.
Another way to determine the main process is to use the ps program to list all of the ncftpd processes. The main process is the parent of all the other ncftpd processes, so use the “PPID” (parent process ID) field of ps to see which PID is the parent process. Example, using the Linux version of ps:
$
ps alx | sed -n '1,1p;/ncftpd/p'
F
UID PID
PPID PRI NI
VSZ RSS WCHAN
STAT TTY
TIME COMMAND
100 0 856
1 0
0 1852 1180 nanosl S
?
1:15 ncftpd -v g…
140 0 865 856
1 1
1664 396 pipe_r SN ?
0:00 ncftpd -v g…
140 0 32096
856 0
0 1880 1292 wait_f S
?
0:00 ncftpd -v g…
Here you can see that there are two child processes, whose parent process ID is 856, so you can do a “kill –TERM 856” to shutdown.
Note that you’ll need to use the proper syntax for your platform’s version of ps to get the PPID field to display. On many systems, “ps alx” will work, and on others, you could try “ps –ef”. Consult the manual page for ps for details.
If you're using version 2.7.0 or later, and you ran the install_ncftpd.pl script, then the script should have created an uninstall script at /usr/local/etc/ncftpd/uninstall_ncftpd.pl (Replace /usr/local in the path with your install prefix if you didn't install to /usr/local). Run this script from a root shell prompt and the script will attempt to restore your system to its previous state. This will remove your NcFTPd configuration files, so you should back them up if you want to reinstall at a later date.
Currently NcFTPd cannot reload the general.cf, so if you modify it, you need to do a full restart. But you can have it reload the domain.cf, and to do that, you send the main NcFTPd process a hangup signal (SIGHUP) using “kill –HUP” (or kill –1). See the section on how to shutdown NcFTPd for how you can find out which process is the “main” process.
No, neither regular system users or NcFTPd password database users are locked out.
No, there is no standard way of doing that built-in to the FTP protocol. There is no SITE command to let them do this, since there wouldn’t be any FTP clients that could use that functionality, other than manually sending the SITE command using a command-line FTP client. In other words, there’s just not enough justification for adding this feature.
No; the databases were designed to be read-only by the ncftpd processes.
You don’t have to use the default logging specification (i.e. log-xfer=/var/log/ncftpd/%Y%m%d/@SETNAME@/xfer.%Y%m%d.%H). If you want just a single log directory, with daily logs rather than hourly logs, you just use something simpler, like “log-xfer=/var/log/ncftpd/xfer.%Y%m%d”. Repeat as desired with the “misc” and “session” logs. Also note that those “cookies” are just the same as you would use for “date” and “strftime”. See the man page for strftime to see what time and date cookies you have available.
Sending a "HUP" signal to NcFTPd isn't necessary. Name your logs so that new logs are automatically generated according to how much information you want in the log. For example, if you want daily logs, you'd use something like "log-xfer=/var/log/ncftpd/xfer.%Y%m%d" to produce new log files each day named xfer.YYYYMMDD. Likewise, if you want hourly or monthly logs, you might use "%Y%m%d.%H" or "%Y%m" instead. Remember, you can use those date cookies anywhere in the path and NcFTPd will populate them accordingly, so you can also use these cookies to create directories as well as the file itself.
If you want daily logs but only want to keep a few days worth of logs, you can write a short shell script to remove old log files and have it run from cron. Since NcFTPd doesn't keep old log files open, you can dispose of any logs other than the current log files. For example, to remove logs older than three days, you could have the script do something like "find /var/log/ncftpd -type f -mtime +3 -exec rm {} \;".
First off, make sure you haven’t
set “ls-time-format=GMT” in the general.cf.
If not, it’s possible that NcFTPd may not have inherited the
timezone from its parent process. For
example, if you’re running NcFTPd from the
/etc/inittab, then NcFTPd
is launched by “init” which may not have its timezone set (or was set
purposely to GMT).
To fix this, write a small script
which sets the timezone to what you want, and then runs NcFTPd.
Example:
#!/bin/sh
TZ=EST5
export TZ
exec /etc/ncftpd/ncftpd /etc/ncftpd/general.cf /etc/ncftpd/domain.cf
There will always be min-users + 2 processes, upto a maximum of max-users + 2 processes. In other words, there is one process that serves as the master process, one responsible for logging, and one process for each user being serviced. Don’t be alarmed by a large number of processes if you have min-users set relatively high. Processes not actually running will be swapped out and will not consume system resources.
Besides the home directory issue, it’s usually a bad idea of have your FTP-accessible data be in an NFS-mounted directory. That would mean that users downloading files would cause the data to travel over the network twice – once from the NFS server to the FTP server, and then again from the FTP server out to the client. If you want NFS and FTP to access the same data, try to have the data NFS exported from the same machine the FTP server is running on.
Also – if you’re using NcFTPd password databases, make sure the database files are stored locally. This is because the password databases use file locking, which can really drag down performance if NFS locking has to be used. It’s also a good idea to not to do that since only light testing of that scenario has been done, so why risk the integrity of your password database?
Lastly, don’t forget about things such as PID files and log files. These should not be going to an NFS server either, unless you really have to do this. Depending on the level of user activity to your server, a considerable amount of data could be logged, and even more so if you have verbose logging turned on. A hiccup on the NFS server could also cause NcFTPd to lockup until NFS became responsive again.
If you really need your FTP logs on an NFS server, it’s much better to let NcFTPd log locally, but have a cron task periodically copy the old logs out to the NFS server. Don’t forget how easy it is to have NcFTPd create hourly (or any time-based) log files – just add a “%H” somewhere in the filename.
Run “ncftpd_spy who” (this utility is included in the NcFTPd
package) to find the process ID of the “ncftpd” process managing that user,
then “kill –TERM” it.