-.\" $OpenBSD: sftp-server.8,v 1.12 2007/05/31 19:20:16 jmc Exp $
+.\" $OpenBSD: sftp-server.8,v 1.19 2010/01/09 03:36:00 jmc Exp $
.\"
.\" Copyright (c) 2000 Markus Friedl. All rights reserved.
.\"
.Nd SFTP server subsystem
.Sh SYNOPSIS
.Nm sftp-server
+.Op Fl ehR
.Op Fl f Ar log_facility
.Op Fl l Ar log_level
+.Op Fl u Ar umask
.Sh DESCRIPTION
.Nm
is a program that speaks the server side of SFTP protocol
.Pp
Valid options are:
.Bl -tag -width Ds
+.It Fl e
+Causes
+.Nm
+to print logging information to stderr instead of syslog for debugging.
.It Fl f Ar log_facility
Specifies the facility code that is used when logging messages from
.Nm .
The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2,
LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7.
The default is AUTH.
+.It Fl h
+Displays
+.Nm
+usage information.
.It Fl l Ar log_level
Specifies which messages will be logged by
.Nm .
DEBUG and DEBUG1 are equivalent.
DEBUG2 and DEBUG3 each specify higher levels of debugging output.
The default is ERROR.
+.It Fl R
+Places this instance of
+.Nm
+into a read-only mode.
+Attempts to open files for writing, as well as other operations that change
+the state of the filesystem, will be denied.
+.It Fl u Ar umask
+Sets an explicit
+.Xr umask 2
+to be applied to newly-created files and directories, instead of the
+user's default mask.
.El
+.Pp
+For logging to work,
+.Nm
+must be able to access
+.Pa /dev/log .
+Use of
+.Nm
+in a chroot configuration therefore requires that
+.Xr syslogd 8
+establish a logging socket inside the chroot directory.
.Sh SEE ALSO
.Xr sftp 1 ,
.Xr ssh 1 ,