TFTP xinetd creating files

DevilWAHDevilWAH Member Posts: 2,997 ■■■■■■■■□□
Hi,

i have been trying to get TFTP to allow file creation in unbuntu.

my xinetd file is as follows
service tftp
{
protocol = udp
port = 69
socket_type = dgram
wait = yes
user = nobody
server = /usr/sbin/in.tftpd
server_args = -c -s /tftp
disable = no
}

now this dies not work at all, if i remove the -c and -s I can copy from the TFTP and upload files back to it as long as they exist. But as soon as i add them back in i get the following message when i try to write to or from the server?

%Error opening tftp://10.x.x.x/filename (Timed out)

Ccan any one help setting this up to the remote system can create the file in the server?

Cheers

Aaron
  • If you can't explain it simply, you don't understand it well enough. Albert Einstein
  • An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.

Comments

  • Forsaken_GAForsaken_GA Member Posts: 4,024
    From the tftpd man page:

    The use of tftp(1) does not require an account or password on the remote
    system. Due to the lack of authentication information, tftpd will allow
    only publicly readable files to be accessed. Files may be written only
    if they already exist and are publicly writable.

    So if you want to be able to write to files, create them with the touch command to create a 0 byte file, and then chmod 777 them.

    Otherwise, you'll need to use a different tftp daemon that allows file creation
  • DevilWAHDevilWAH Member Posts: 2,997 ■■■■■■■■□□
    but using tftpd with the inetd config file and you can do it. xinet is just the configuration as i underdtand it. and like i say tftpd deamon does support file creation.
    • If you can't explain it simply, you don't understand it well enough. Albert Einstein
    • An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
  • Forsaken_GAForsaken_GA Member Posts: 4,024
    I suggest you read the manual page for tftpd, it disagrees with you. If you still disagree with the man page, then go parse the source code ;)

    If you need remote creation capability (which is a bit of a security risk), you need to look into tftpd-hpa or atftpd under Ubuntu
  • mikej412mikej412 Member Posts: 10,086 ■■■■■■■■■■
    -c Allow new files to be created. By default, tftpd will only allow upload of files that already exist. Files are created with default permissions allowing anyone to read or write them, unless the -p or -U options are specified.
    What are the permissions on the /tftp directory? Publicaly writable? Did you put a test file in the /tftp directory and verify that the -s option (and hopefully the -c option) was accepted and used by tftpd (and indirectly verify you're not running a different conflicting tftp server)?
    :mike: Cisco Certifications -- Collect the Entire Set!
  • Forsaken_GAForsaken_GA Member Posts: 4,024
    He specified that he's running ubuntu. tftpd under Ubuntu only has two commandline options:


    -n Suppresses negative acknowledgement of requests for nonexistent relative file‐
    names.

    -s All absolute filenames are treated as if they were preceded by the first direc‐
    tory argument, or /tftpboot if there is none.

    if you try and run tftpd under ubuntu (and debian as well, which is why I'm very familiar with this issue) with the -c option, and then check /var/log/daemon.log, you'll see it's an unknown option

    forsaken@forsaken-ubuntu:/var/log$ date
    Thu Nov 11 18:44:45 EST 2010
    forsaken@forsaken-ubuntu:/var/log$ in.tftpd -c
    forsaken@forsaken-ubuntu:/var/log$ grep tftpd /var/log/daemon.log
    Nov 11 18:44:56 forsaken-ubuntu tftpd[25921]: unknown option -?

    What I'm saying may not be true for all Linux distros, but it's true for Ubuntu

    If you use tftpd-hpa instead, it has an option to create new files
  • mikej412mikej412 Member Posts: 10,086 ■■■■■■■■■■
    He specified that he's running ubuntu.
    I've got 6 different TFTP options available on my Ubuntu server.

    Edit: Yep -- looks like I've got tftp-hpa installed
    :mike: Cisco Certifications -- Collect the Entire Set!
  • Forsaken_GAForsaken_GA Member Posts: 4,024
    mikej412 wrote: »
    I've got 6 different TFTP options available on my Ubuntu server.

    Yeah, Ubuntu's got options, but whenever I see this it's because the user has typed apt-get install tftpd (which is a reasonable assumption on the users part)

    And that particular tftpd daemon doesn't do remote file creation.

    The tftpd-hpa package is a drop in replacement for the regular tftpd package and is a little more robust (it starts as a regular daemon though, not out of inetd)

    It's one of those little debian idiosyncrasies, like with arping. Most of the time, the util that folks are actually looking for is the iputils-arping one, but there's a regular arping package too.
  • DevilWAHDevilWAH Member Posts: 2,997 ■■■■■■■■□□
    See I would sware I had -c running on a copy of unbunta with only tftpd installed. I remember removing tftd-hda and installing pure TFTPD? Because i tried three or 4 different TFTP servers.

    may be i am mestaken and i cant check it now as the box is at my old company..

    in the end I went back to tftpd-hpa as this only a box for a cisco lab so no need for securit.
    • If you can't explain it simply, you don't understand it well enough. Albert Einstein
    • An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
Sign In or Register to comment.