[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 513
  • Last Modified:

inetd.conf

I wish to setup the Linux box to allow both TFTP and FTP in and out.

TFTP --> /opt/local/tftp only both get and put
FTP (proFTPd) --> /opt/local/ftp only both get and put

This is the entry I have tried in inetd.conf

------------------------------------------------------------
tftp dgram udp wait nobody /usr/sbin/tcpd in.tftpd -cs /usr/local/tftp  

ftp stream  tcp  nowait  root  /usr/sbin/tcpd  proftpd
------------------------------------------------------------

For TFTP I thought the "-c" option would allow files to be created while the "-s" would change to the /usr/local/tftp automatically.
0
dobriain
Asked:
dobriain
  • 8
  • 6
1 Solution
 
jlevieCommented:
You didn't say which Linux of tftp package you're using. I've got two Unix OS's and three Linux OS's to look at and and none of them show a "-c" option for tftpd, so I dunno about that option. The rest of this

The "-s" option places the daemon in secure mode. The directory change to the specified directory must succeed and tftp users aren't then allowed to access files outside of the tftp directory. Naturally this implies that whatever user tftpd runs as (nobody in your case) must have read/write permission to the tftp directory.

Since tftp doesn't have a user authentication mechanism (big security implications), access may only occur to/from files/dirs that are publically accessible. Read access to the world must be set on files to be downloaded to the client. Files may only be uploaded if the file already exists and is world writable.
0
 
dobriainAuthor Commented:
tftp dgram  udp wait nobody /usr/sbin/tcpd in.tftpd -s  /usr/local/tftp

I changed the inetd.conf entry as above and -HUP'ed the inetd process. I can tftp files from the Linux box  /usr/local/tftp/ however I cannot tftp to /usr/local/tftp/

This is the permissions set on the /usr/local/tftp directory

drwxrwxrwx   2 root     root         4096 Feb  5 17:11 tftp

ls -la /usr/local/tftp/

drwxrwxrwx   2 root  root  4096 Feb  5 17:11 .
drwxr-xr-x  10 root  root  4096 Feb  1 09:52 ..
-rw-r--r--   1 root  root  63 Feb  5 17:11 .directory
-rw-rw-rw-   1 root  root  0 Feb  5 17:13 BRIDGE
-rw-rw-rw-   1 root  root  0 Feb  5 17:10 ob      


 
0
 
jlevieCommented:
Just trying to clarify... When you trying to upload you're doing a "put BRIDGE" and it fails. It might be helpful to know which Linux and tftpd you're using and what client.
0
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

 
dobriainAuthor Commented:
I am using SuSE Linux 6.3 and the client is actually a 3COM NETBuilder router. The process I am using on the router works fine with a simple TFTP server on a Windows 95 machine

command on the EOS running on the NETBuilder is

copy a:/primary/<file> <IP address>:/usr/local/tftp/<file>

i.e.

copy a:/primary/BRIDGE 192.168.200.2:/usr/local/tftp/BRIDGE
0
 
dobriainAuthor Commented:
I am using SuSE Linux 6.3 and the client is actually a 3COM NETBuilder router. The process I am using on the router works fine with a simple TFTP server on a Windows 95 machine

command on the EOS running on the NETBuilder is

copy a:/primary/<file> <IP address>:/usr/local/tftp/<file>

i.e.

copy a:/primary/BRIDGE 192.168.200.2:/usr/local/tftp/BRIDGE
0
 
dobriainAuthor Commented:
Note doing a TFTP PUT locally doesn't work either

bash-2.03# tftp 192.168.200.2
tftp> put services /usr/local/tftp/ob  
0
 
jlevieCommented:
The failure of the command to work locally seems particularly significant. Can you do a get locally?

Using RedHat 6.1 and "Linux netkit-tftp 0.15", I've just set up a tftp server using your inetd.conf line without the "-s" line as it's not needed in that version. I can get/put files subject to the standard tftp rules without any problems, both locally and remotely.

Is there anything interesting in /var/log/messages (or where ever SuSE stores syslog output)?

0
 
dobriainAuthor Commented:
Yes I can do a GET locally

tftp> get /usr/local/tftp/ob.ob test3

Associated /var/log/messages entry

Feb  5 20:01:51 riomhaire in.tftpd[883]: connect from 127.0.0.1

tftp> put test3 /usr/local/tftp/ob.ob

Associated /var/log/messages entry

Feb  5 20:04:29 riomhaire in.tftpd[891]: connect from 127.0.0.1

However TFTP simply hangs without doing the transfer.

GET from the NETBuilder

NETBuilder # copy 192.168.200.2:/usr/local/tftp/ob.ob  a:/PRIMARY/TEST2.ob2  

Copying 192.168.200.2:/usr/local/tftp/ob.ob to a:/PRIMARY/TEST2.ob2            
                                                                               
0 bytes received. File transfer complete.

PUT from NETBuilder

 NETBuilder # copy a:/PRIMARY/OB2.OB2 192.168.200.2:/usr/local/tftp/ob.ob    

Copying a:/PRIMARY/OB2.OB2 to 192.168.200.2:/usr/local/tftp/ob.ob              

TFTP: Server is not responding.  

And the file ob.ob does exist on the server

drwsrwsrwx   2 nobody   nogroup      4096 Feb  5 19:18 .
drwxr-xr-x  10 root     root         4096 Feb  1 09:52 ..
-rw-rw-rw-   1 root     root            0 Feb  5 20:07 ob.ob  

     
0
 
jlevieCommented:
Wow, what an interesting problem...

My feeling at this point, based of the behaviour when doing local gets/puts, is that your tftpd might be broken. Getting a "permission denied" would point to a lack of write privs to the file, but a hang shouldn't ever happen.

Although it really shouldn't matter, the only things I can think of to suggest at this point, short of installing a different tftpd, would be:

1) Move the tftp dir to the root of the filesystem, /tftp or /tftpboot comes to mind.

2) Change the userid in the inetd.conf from nobody to root.

If neither of those ideas work, and I don't really have any expectation that they will, I'd download a "known good" tftpd, either source & build it, or a binary, and try that.
0
 
dobriainAuthor Commented:
They didn't, where can I download one from ???
0
 
jlevieCommented:
The source rpm for Linux netkit-tftp 0.15 can be found at: ftp://download.sourceforge.net/pub/linux/distributions/redhat/redhat/redhat-6.1/SRPMS/SRPMS/

Or at just about any other RedHat Mirror. It's a pretty vanilla app, so it shouldn't matter which Linux it's used on. Just get the .tar.gz out of the rpm, untar that and cd to the dir, "source configure" and make. Save your existing tftpd which I think is in /usr/sbin and copy the tftpd executable (./tftpp/tftpd) to /usr/sbin/in.tftpd. Then remove the "-s" flag from inetd.conf, HUP inetd, and try it.

0
 
dobriainAuthor Commented:
I actually found a really good one which is pretty easy to configure at

http://www.ohse.de/uwe/software/utftpd.html

It works fine for what I want to do.

Thanks,

Diarmuid
0
 
dobriainAuthor Commented:
How do I give you the points ?
0
 
jlevieCommented:
The comment chain for this question provides the answer.

I.E., the problem turned out to be a non-working tftpd and the soultion was to replace it.
0
 
CleanupPingCommented:
dobriain:
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1 
EXPERTS:
Post your closing recommendations!  No comment means you don't care.
0

Featured Post

The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

  • 8
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now