<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p><br>
</p>
<div class="moz-cite-prefix">On 1/29/22 16:34, Jerry Geis wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CABr8-B7oqnqUWe+xYpETb9n=ub+R9nwS2ivvVP_86tU9pxNAqQ@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">
<div dir="ltr"><br>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Sat, Jan 29, 2022 at 5:32
PM R C <<a href="mailto:cjvijf@gmail.com"
moz-do-not-send="true" class="moz-txt-link-freetext">cjvijf@gmail.com</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
<div>
<p><br>
</p>
<div>On 1/29/22 15:01, Jerry Geis wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">
<div dir="ltr"><br>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Sat, Jan 29,
2022 at 1:41 PM R C <<a
href="mailto:cjvijf@gmail.com" target="_blank"
moz-do-not-send="true"
class="moz-txt-link-freetext">cjvijf@gmail.com</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px
0px 0px 0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
<div>
<p><br>
</p>
<div>On 1/29/22 08:10, Jerry Geis wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">
<div dir="ltr"><br>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Fri,
Jan 28, 2022 at 5:24 PM R C <<a
href="mailto:cjvijf@gmail.com"
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">cjvijf@gmail.com</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote"
style="margin:0px 0px 0px
0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
<div>
<p><br>
</p>
<div>On 1/28/22 15:07, Tommy Trussell
wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">
<div dir="ltr">On Fri, Jan 28,
2022 at 12:26 PM Jerry Geis <<a
href="mailto:jerry.geis@gmail.com" target="_blank"
moz-do-not-send="true"
class="moz-txt-link-freetext">jerry.geis@gmail.com</a>>
wrote:<br>
</div>
<div class="gmail_quote">
<blockquote class="gmail_quote"
style="margin:0px 0px 0px
0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
<div dir="ltr">
<div dir="ltr"><br>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr"
class="gmail_attr">On
Thu, Jan 27, 2022 at
11:03 PM Tommy Trussell
<<a
href="mailto:tommy.trussell@gmail.com"
target="_blank"
moz-do-not-send="true"
class="moz-txt-link-freetext">tommy.trussell@gmail.com</a>> wrote:<br>
</div>
<blockquote
class="gmail_quote"
style="margin:0px 0px
0px
0.8ex;border-left:1px
solid
rgb(204,204,204);padding-left:1ex">
<div dir="ltr">
<div dir="ltr"><br>
</div>
<div
class="gmail_quote">
<div>I have not used
tftp in awhile,
but have you
checked the
permissions on the
file "jerry" in
/tftpboot ?
The file may be
invisible to the
daemon due to the
wrong group or
file permissions.</div>
<div><br>
</div>
<div>You might also
try to put a
different file
onto the server
using tftp and see
what permissions
the resulting file
has. </div>
<div><br>
</div>
<div>The man page
for your version
of tftpd will
likely contain
some useful
information.</div>
<div><br>
</div>
</div>
</div>
<br>
</blockquote>
<div>HI Tommy,</div>
<div><br>
</div>
<div>The file has
permission:</div>
-rw-r--r-- 1 root root
8 Nov 21 20:11
jerry<br>
<div><br>
</div>
<div>The directory has:</div>
<div>drwxrwxrwx 2 root
root 12288 Nov 21
20:11 tftpboot <br>
</div>
</div>
</div>
</blockquote>
</div>
</div>
</blockquote>
<p><br>
</p>
<p>How do you start the tftp
service/server? If not mistaken,
by default it expects the tftpboot
directory in /var/lib
(/var/lib/tftpboot) when you start
the server/service the -s option
tells it where to find it's root<br>
</p>
<p><br>
</p>
<p><br>
</p>
<p><br>
</p>
<blockquote type="cite">
<div dir="ltr">
<div class="gmail_quote">
<blockquote class="gmail_quote"
style="margin:0px 0px 0px
0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
<div dir="ltr">
<div class="gmail_quote">
<div><br>
</div>
<div>Seems like that
should be readble by
all?</div>
<div><br>
</div>
<div>Thanks</div>
<div>Jerry</div>
</div>
</div>
</blockquote>
<div><br>
</div>
<div>I was under the impression
that most implementations of
tftp are very picky about the
permissions and I would think
they would NOT share any files
owned by root. </div>
<div><br>
</div>
<div>For example see if there's
a tftp group already created
and maybe chown the file (and
maybe its directory) to
tftp:tftp ?</div>
<div><br>
</div>
<div>Does the man page for your
version of tftpd say anything
about the default
permissions? </div>
<div><br>
</div>
<div>Also I suggested you try
using a client to put a file
in the server's directory.
What permissions does it give
that file? I would think it
might be the same permissions
needed for reading a file.</div>
<div><br>
</div>
<div>If you can't tell I'm
stabbing in the dark but
suggesting how I would go
about it. I ALWAYS start with
the man page. The information
might be inscrutable, but
there's usually some nugget of
information that gets me
closer to understanding.</div>
</div>
</div>
<br>
<fieldset></fieldset>
</blockquote>
</div>
-- <br>
ubuntu-users mailing list<br>
<a
href="mailto:ubuntu-users@lists.ubuntu.com"
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">ubuntu-users@lists.ubuntu.com</a><br>
Modify settings or unsubscribe at: <a
href="https://lists.ubuntu.com/mailman/listinfo/ubuntu-users"
rel="noreferrer" target="_blank"
moz-do-not-send="true"
class="moz-txt-link-freetext">https://lists.ubuntu.com/mailman/listinfo/ubuntu-users</a></blockquote>
<div><br>
</div>
<div><br>
</div>
<div>hi All,</div>
<div><br>
</div>
<div>I am starting the tftpd by xinetd.</div>
<div><br>
</div>
more /etc/xinetd.d/tftp <br>
# default: off<br>
# description: The tftp server serves
files using the trivial file transfer \<br>
# protocol. The tftp protocol is often
used to boot diskless \<br>
# workstations, download configuration
files to network-aware printers, \<br>
# and to start the installation process
for some operating systems.<br>
service tftp<br>
{<br>
socket_type = dgram<br>
protocol = udp<br>
wait = yes<br>
user = root<br>
server = /usr/sbin/in.tftpd<br>
server_args = -s /tftpboot<br>
disable = no<br>
</div>
</div>
</blockquote>
<p><br>
</p>
<p>I have disabled = yes I never paid
attentio to that</p>
<p>I use tftp for configuring cisco switches
and routers. I recall having a permissions
issue. But I first set everything up, in
separate subdirectories, then restarted the
service and it 'just' started working. <br>
</p>
<p>this is what I have (it's a RHEL/Centos box
though, it still (Centos 7 and RHEL 8)</p>
<p><br>
</p>
<p>service tftp<br>
{<br>
socket_type = dgram<br>
protocol = udp<br>
wait = yes<br>
user = root<br>
server = /usr/sbin/in.tftpd<br>
server_args = -s /var/lib/tftpboot<br>
disable = yes<br>
per_source = 11<br>
cps = 100 2<br>
flags = IPv4<br>
}<br>
</p>
# ls -al /var/lib/tftpboot/<br>
total 4<br>
drwxr-xr-x 4 root root 33 Oct 1 2020 .<br>
drwxr-xr-x. 38 root root 4096 Feb 13 2021 ..<br>
drwxr-xr-x 4 root root 30 Oct 1 2020
backups<br>
drwxr-xr-x 2 root root 291 Jul 4 2021 dhcp<br>
<br>
<p># ls -al
/var/lib/tftpboot/dhcp/static-bindings-hw-1<br>
-rw-r--r-- 1 root root 3017 Jul 4 2021
/var/lib/tftpboot/dhcp/static-bindings-hw-1<br>
</p>
<p><br>
</p>
<p>that works on both machines.</p>
<p><br>
</p>
<p>Does it work with the firewall stopped?<br>
</p>
<p><br>
</p>
<p><br>
</p>
<blockquote type="cite">
<div dir="ltr">
<div class="gmail_quote"> per_source = 11<br>
cps = 100 2<br>
flags = IPv4<br>
}<br>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div>I tried to "put" a file - and same
thing happens that I get a timeout...
(good thought).</div>
<div><br>
</div>
<div>I also tried to change the
permsissions to be non-root - no
difference. Still Timeout.</div>
<div><br>
</div>
<div>I looked at the man page for tftpd.
nothing there about permissions and not
thing there other than option -n and -s
.</div>
<div><br>
</div>
<div>Thoughts?</div>
<div><br>
</div>
<div>Jerry</div>
</div>
</div>
</blockquote>
</div>
</blockquote>
<div><br>
</div>
<div><br>
</div>
<div>So on CentOS I have not problem with tftpd... I
use xinetd the same way and it works.</div>
<div><br>
</div>
<div><br>
</div>
<div>I tried to disable the firewalld "systemctl
stop firewalld" and made no difference.</div>
<div><br>
</div>
<div>Jerry <br>
</div>
</div>
</div>
</blockquote>
<p><br>
</p>
<p>on the centos box you have selinux running? and on the
ubuntu one apparmor or selinux?</p>
<p><br>
</p>
<p>I am wondering if it is actually listening on the
interface you're trying to connect to, what does netstat
say? (netstat -una | 69 or so, I believe it shows what
address it is listening on)</p>
<p>can you connect with a tftpclient, on the same box, to
the address of that interface? you should be able to
connect to that address (as well as to localhost/<a
href="http://127.0.0.0" target="_blank"
moz-do-not-send="true">127.0.0.0</a>)<br>
</p>
<p>Ron</p>
</div>
-- <br>
ubuntu-users mailing list<br>
<a href="mailto:ubuntu-users@lists.ubuntu.com"
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">ubuntu-users@lists.ubuntu.com</a><br>
Modify settings or unsubscribe at: <a
href="https://lists.ubuntu.com/mailman/listinfo/ubuntu-users"
rel="noreferrer" target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">https://lists.ubuntu.com/mailman/listinfo/ubuntu-users</a></blockquote>
<div><br>
</div>
<div><br>
</div>
<div>Hello - </div>
<div><br>
</div>
<p class="gmail-p1"
style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:14px;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span
class="gmail-s1"
style="font-variant-ligatures:no-common-ligatures">netstat
-una | grep 69</span></p>
<div><span
style="font-variant-ligatures:no-common-ligatures;color:rgb(0,0,0);font-family:Menlo;font-size:14px">udp</span><span
class="gmail-Apple-converted-space"
style="font-variant-ligatures:no-common-ligatures;color:rgb(0,0,0);font-family:Menlo;font-size:14px">
</span><span
style="font-variant-ligatures:no-common-ligatures;color:rgb(0,0,0);font-family:Menlo;font-size:14px">0</span><span
class="gmail-Apple-converted-space"
style="font-variant-ligatures:no-common-ligatures;color:rgb(0,0,0);font-family:Menlo;font-size:14px">
</span><span
style="font-variant-ligatures:no-common-ligatures;color:rgb(0,0,0);font-family:Menlo;font-size:14px">0
<a href="http://0.0.0.0:69" moz-do-not-send="true">0.0.0.0:69</a></span><span
class="gmail-Apple-converted-space"
style="font-variant-ligatures:no-common-ligatures;color:rgb(0,0,0);font-family:Menlo;font-size:14px">
</span><span
style="font-variant-ligatures:no-common-ligatures;color:rgb(0,0,0);font-family:Menlo;font-size:14px">0.0.0.0:*
</span><span class="gmail-Apple-converted-space"
style="font-variant-ligatures:no-common-ligatures;color:rgb(0,0,0);font-family:Menlo;font-size:14px"> </span></div>
<div><br>
</div>
<div>selinux is not installed</div>
<div><br>
</div>
<p class="gmail-p1"
style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:14px;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span
class="gmail-s1"
style="font-variant-ligatures:no-common-ligatures">apparmor
module is loaded.</span></p>
<p class="gmail-p1"
style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;font-size:14px;line-height:normal;font-family:Menlo;color:rgb(0,0,0)"><span
class="gmail-s1"
style="font-variant-ligatures:no-common-ligatures">37
profiles are loaded.</span></p>
<div><span
style="font-variant-ligatures:no-common-ligatures;color:rgb(0,0,0);font-family:Menlo;font-size:14px">37
profiles are in enforce mode.</span></div>
<div><br>
</div>
<div>yes locally the tftp works - its external it does not.</div>
</div>
</div>
</blockquote>
<p>it looks like it is listening on all interfaces, and I assume
with 'locally tftp works' you mean all network interfaces on the
box.</p>
<p>can you temporary stop apparmor, and see what happens? (or
temporary both the firewall and apparmor)?<br>
</p>
<p><br>
</p>
<blockquote type="cite"
cite="mid:CABr8-B7oqnqUWe+xYpETb9n=ub+R9nwS2ivvVP_86tU9pxNAqQ@mail.gmail.com">
<div dir="ltr">
<div class="gmail_quote">
<div><br>
</div>
<div>Jerry</div>
<div> </div>
</div>
</div>
<br>
<fieldset class="moz-mime-attachment-header"></fieldset>
</blockquote>
</body>
</html>