A poster to Apple Mac OS X Server mailing list confirmed the problem with the FTP server in Tiger Server post 10.4.9.
This is a big screwup by Apple.
— BEGIN POST —
I’ve been facing the very same issue at a customer’s place. FTP service was set with “FTP Root and Share Points” and was working fine until I apply the most recent security update. Now, when connecting the this ftp box, I’m sent to the file system root (/). Of course, I can connect but permissions don’t let me copy anything there. I had to twist this setup big way for it to -kind of- work. More investigations to come.
Well, after I tested this deeper this morning, I can tell you what happened.
The 2007-004 Security Update replaced the ftp.plist in /System/Library/LaunchDaemons from Mac OS X server with the version from Mac OS X *Client*. There is no check in the installer if the update installs on client or Server, and it is the same update for both.
But, of course, FTP services on client and server are *very* different. With the client ftp.plist from client on the server, it is ftpd which is launched, not xftpd.
The solution is to replace the ftp.plist with a previous version from Mac OS X Server. If you don’t have it, here is its content :
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Label</key> <string>com.apple.xftpd</string> <key>Program</key> <string>/usr/libexec/xftpd</string> <key>ProgramArguments</key> <array> <string>xftpd</string> <string>-a</string> </array> <key>Sockets</key> <dict> <key>Listeners</key> <dict> <key>SockPassive</key> <true/> <key>SockServiceName</key> <string>ftp</string> <key>SockType</key> <string>SOCK_STREAM</string> </dict> </dict> <key>inetdCompatibility</key> <dict> <key>Wait</key> <false/> </dict> </dict> </plist>
Restart the server (relaunching the FTP service is not enough), and you should be up and running.
— END POST —
Thanks to Guillaume Gete
related url:
UPDATE: Looks like Apple has posted a Security Update to address this.
[…] That is now in my little toolkit of tweaks to make to OS X Server when installing. You do have to make sure that change isn’t wiped out by some OS update. […]