Problem with tftp server
Jerry Geis
jerry.geis at gmail.com
Sat Jan 29 23:34:33 UTC 2022
On Sat, Jan 29, 2022 at 5:32 PM R C <cjvijf at gmail.com> wrote:
>
> On 1/29/22 15:01, Jerry Geis wrote:
>
>
>
> On Sat, Jan 29, 2022 at 1:41 PM R C <cjvijf at gmail.com> wrote:
>
>>
>> On 1/29/22 08:10, Jerry Geis wrote:
>>
>>
>>
>> On Fri, Jan 28, 2022 at 5:24 PM R C <cjvijf at gmail.com> wrote:
>>
>>>
>>> On 1/28/22 15:07, Tommy Trussell wrote:
>>>
>>> On Fri, Jan 28, 2022 at 12:26 PM Jerry Geis <jerry.geis at gmail.com>
>>> wrote:
>>>
>>>>
>>>>
>>>> On Thu, Jan 27, 2022 at 11:03 PM Tommy Trussell <
>>>> tommy.trussell at gmail.com> wrote:
>>>>
>>>>>
>>>>> I have not used tftp in awhile, but have you checked the permissions
>>>>> on the file "jerry" in /tftpboot ? The file may be invisible to the daemon
>>>>> due to the wrong group or file permissions.
>>>>>
>>>>> You might also try to put a different file onto the server using tftp
>>>>> and see what permissions the resulting file has.
>>>>>
>>>>> The man page for your version of tftpd will likely contain some useful
>>>>> information.
>>>>>
>>>>>
>>>>> HI Tommy,
>>>>
>>>> The file has permission:
>>>> -rw-r--r-- 1 root root 8 Nov 21 20:11 jerry
>>>>
>>>> The directory has:
>>>> drwxrwxrwx 2 root root 12288 Nov 21 20:11 tftpboot
>>>>
>>>
>>> How do you start the tftp service/server? If not mistaken, by default
>>> it expects the tftpboot directory in /var/lib (/var/lib/tftpboot) when you
>>> start the server/service the -s option tells it where to find it's root
>>>
>>>
>>>
>>>
>>>
>>>> Seems like that should be readble by all?
>>>>
>>>> Thanks
>>>> Jerry
>>>>
>>>
>>> I was under the impression that most implementations of tftp are very
>>> picky about the permissions and I would think they would NOT share any
>>> files owned by root.
>>>
>>> For example see if there's a tftp group already created and maybe chown
>>> the file (and maybe its directory) to tftp:tftp ?
>>>
>>> Does the man page for your version of tftpd say anything about the
>>> default permissions?
>>>
>>> Also I suggested you try using a client to put a file in the server's
>>> directory. What permissions does it give that file? I would think it might
>>> be the same permissions needed for reading a file.
>>>
>>> If you can't tell I'm stabbing in the dark but suggesting how I would go
>>> about it. I ALWAYS start with the man page. The information might be
>>> inscrutable, but there's usually some nugget of information that gets me
>>> closer to understanding.
>>>
>>> --
>>> ubuntu-users mailing list
>>> ubuntu-users at lists.ubuntu.com
>>> Modify settings or unsubscribe at:
>>> https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>>
>>
>>
>> hi All,
>>
>> I am starting the tftpd by xinetd.
>>
>> more /etc/xinetd.d/tftp
>> # default: off
>> # description: The tftp server serves files using the trivial file
>> transfer \
>> # protocol. The tftp protocol is often used to boot diskless \
>> # workstations, download configuration files to network-aware printers, \
>> # and to start the installation process for some operating systems.
>> service tftp
>> {
>> socket_type = dgram
>> protocol = udp
>> wait = yes
>> user = root
>> server = /usr/sbin/in.tftpd
>> server_args = -s /tftpboot
>> disable = no
>>
>>
>> I have disabled = yes I never paid attentio to that
>>
>> I use tftp for configuring cisco switches and routers. I recall having
>> a permissions issue. But I first set everything up, in separate
>> subdirectories, then restarted the service and it 'just' started working.
>>
>> this is what I have (it's a RHEL/Centos box though, it still (Centos 7
>> and RHEL 8)
>>
>>
>> service tftp
>> {
>> socket_type = dgram
>> protocol = udp
>> wait = yes
>> user = root
>> server = /usr/sbin/in.tftpd
>> server_args = -s /var/lib/tftpboot
>> disable = yes
>> per_source = 11
>> cps = 100 2
>> flags = IPv4
>> }
>> # ls -al /var/lib/tftpboot/
>> total 4
>> drwxr-xr-x 4 root root 33 Oct 1 2020 .
>> drwxr-xr-x. 38 root root 4096 Feb 13 2021 ..
>> drwxr-xr-x 4 root root 30 Oct 1 2020 backups
>> drwxr-xr-x 2 root root 291 Jul 4 2021 dhcp
>>
>> # ls -al /var/lib/tftpboot/dhcp/static-bindings-hw-1
>> -rw-r--r-- 1 root root 3017 Jul 4 2021
>> /var/lib/tftpboot/dhcp/static-bindings-hw-1
>>
>>
>> that works on both machines.
>>
>>
>> Does it work with the firewall stopped?
>>
>>
>>
>> per_source = 11
>> cps = 100 2
>> flags = IPv4
>> }
>>
>>
>>
>> I tried to "put" a file - and same thing happens that I get a timeout...
>> (good thought).
>>
>> I also tried to change the permsissions to be non-root - no difference.
>> Still Timeout.
>>
>> I looked at the man page for tftpd. nothing there about permissions and
>> not thing there other than option -n and -s .
>>
>> Thoughts?
>>
>> Jerry
>>
>>
>
> So on CentOS I have not problem with tftpd... I use xinetd the same way
> and it works.
>
>
> I tried to disable the firewalld "systemctl stop firewalld" and made no
> difference.
>
> Jerry
>
>
> on the centos box you have selinux running? and on the ubuntu one
> apparmor or selinux?
>
>
> I am wondering if it is actually listening on the interface you're trying
> to connect to, what does netstat say? (netstat -una | 69 or so, I believe
> it shows what address it is listening on)
>
> can you connect with a tftpclient, on the same box, to the address of
> that interface? you should be able to connect to that address (as well as
> to localhost/127.0.0.0)
>
> Ron
> --
> ubuntu-users mailing list
> ubuntu-users at lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
Hello -
netstat -una | grep 69
udp 0 0 0.0.0.0:69 0.0.0.0:*
selinux is not installed
apparmor module is loaded.
37 profiles are loaded.
37 profiles are in enforce mode.
yes locally the tftp works - its external it does not.
Jerry
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20220129/9debe195/attachment.html>
More information about the ubuntu-users
mailing list