Problem with tftp server

R C cjvijf at gmail.com
Sat Jan 29 22:30:25 UTC 2022


On 1/29/22 15:01, Jerry Geis wrote:
>
>
> On Sat, Jan 29, 2022 at 1:41 PM R C <cjvijf at gmail.com> wrote:
>
>
>     On 1/29/22 08:10, Jerry Geis wrote:
>>
>>
>>     On Fri, Jan 28, 2022 at 5:24 PM R C <cjvijf at gmail.com> wrote:
>>
>>
>>         On 1/28/22 15:07, Tommy Trussell wrote:
>>>         On Fri, Jan 28, 2022 at 12:26 PM Jerry Geis
>>>         <jerry.geis at gmail.com> wrote:
>>>
>>>
>>>
>>>             On Thu, Jan 27, 2022 at 11:03 PM Tommy Trussell
>>>             <tommy.trussell at gmail.com> wrote:
>>>
>>>
>>>                 I have not used tftp in awhile, but have you checked
>>>                 the permissions on the file "jerry" in /tftpboot ?
>>>                 The file may be invisible to the daemon due to the
>>>                 wrong group or file permissions.
>>>
>>>                 You might also try to put a different file onto the
>>>                 server using tftp and see what permissions
>>>                 the resulting file has.
>>>
>>>                 The man page for your version of tftpd will likely
>>>                 contain some useful information.
>>>
>>>
>>>             HI Tommy,
>>>
>>>             The file has permission:
>>>             -rw-r--r-- 1 root    root         8 Nov 21 20:11 jerry
>>>
>>>             The directory has:
>>>             drwxrwxrwx   2 root root  12288 Nov 21 20:11 tftpboot
>>>
>>
>>         How do you start the tftp service/server? If not mistaken, by
>>         default it expects the tftpboot directory in /var/lib
>>         (/var/lib/tftpboot)  when you start the server/service  the
>>         -s option tells it where to find it's root
>>
>>
>>
>>
>>>
>>>             Seems like that should be readble by all?
>>>
>>>             Thanks
>>>             Jerry
>>>
>>>
>>>         I was under the impression that most implementations of tftp
>>>         are very picky about the permissions and I would think they
>>>         would NOT share any files owned by root.
>>>
>>>         For example see if there's a tftp group already created and
>>>         maybe chown the file (and maybe its directory) to tftp:tftp ?
>>>
>>>         Does the man page for your version of tftpd say anything
>>>         about the default permissions?
>>>
>>>         Also I suggested you try using a client to put a file in the
>>>         server's directory. What permissions does it give that file?
>>>         I would think it might be the same permissions needed for
>>>         reading a file.
>>>
>>>         If you can't tell I'm stabbing in the dark but suggesting
>>>         how I would go about it. I ALWAYS start with the man page.
>>>         The information might be inscrutable, but there's usually
>>>         some nugget of information that gets me closer to understanding.
>>>
>>         -- 
>>         ubuntu-users mailing list
>>         ubuntu-users at lists.ubuntu.com
>>         Modify settings or unsubscribe at:
>>         https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>>
>>
>>
>>     hi All,
>>
>>     I am starting the tftpd by xinetd.
>>
>>      more /etc/xinetd.d/tftp
>>     # default: off
>>     # description: The tftp server serves files using the trivial
>>     file transfer \
>>     # protocol.  The tftp protocol is often used to boot diskless \
>>     # workstations, download configuration files to network-aware
>>     printers, \
>>     # and to start the installation process for some operating systems.
>>     service tftp
>>     {
>>     socket_type = dgram
>>     protocol = udp
>>     wait = yes
>>     user = root
>>     server = /usr/sbin/in.tftpd
>>     server_args = -s /tftpboot
>>     disable = no
>
>
>     I have disabled = yes    I never paid attentio to that
>
>     I use tftp for  configuring cisco switches and routers.  I recall
>     having a permissions issue.  But I first set everything up, in
>     separate subdirectories, then restarted  the service and it 'just'
>     started working.
>
>     this is what I have (it's a RHEL/Centos box though, it still
>     (Centos 7 and RHEL 8)
>
>
>     service tftp
>     {
>         socket_type        = dgram
>         protocol        = udp
>         wait            = yes
>         user            = root
>         server            = /usr/sbin/in.tftpd
>         server_args        = -s /var/lib/tftpboot
>         disable            = yes
>         per_source        = 11
>         cps            = 100 2
>         flags            = IPv4
>     }
>
>     # ls -al /var/lib/tftpboot/
>     total 4
>     drwxr-xr-x   4 root root   33 Oct  1  2020 .
>     drwxr-xr-x. 38 root root 4096 Feb 13  2021 ..
>     drwxr-xr-x   4 root root   30 Oct  1  2020 backups
>     drwxr-xr-x   2 root root  291 Jul  4  2021 dhcp
>
>     # ls -al /var/lib/tftpboot/dhcp/static-bindings-hw-1
>     -rw-r--r-- 1 root root 3017 Jul  4  2021
>     /var/lib/tftpboot/dhcp/static-bindings-hw-1
>
>
>     that works on both machines.
>
>
>     Does it work with the firewall stopped?
>
>
>
>>     per_source = 11
>>     cps = 100 2
>>     flags = IPv4
>>     }
>>
>>
>>
>>     I tried to "put" a file - and same thing happens that I get a
>>     timeout... (good thought).
>>
>>     I also tried to change the permsissions to be non-root - no
>>     difference. Still Timeout.
>>
>>     I looked at the man page for tftpd. nothing there about
>>     permissions and not thing there other than option -n and -s .
>>
>>     Thoughts?
>>
>>     Jerry
>
>
>
> So on CentOS I have not problem with tftpd... I use xinetd the same 
> way and it works.
>
>
> I tried to disable the firewalld "systemctl stop firewalld" and made 
> no difference.
>
> Jerry


on the centos box you have selinux running?  and on the ubuntu one 
apparmor or selinux?


I am wondering if it is actually listening on the interface you're 
trying to connect to, what does netstat say?  (netstat -una | 69 or so, 
I believe it shows what address it is listening on)

can you connect with a tftpclient, on the same box, to  the address of 
that interface?  you should be able to connect to that address (as well 
as to localhost/127.0.0.0)

Ron
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20220129/8f21ccd6/attachment.html>


More information about the ubuntu-users mailing list