TFTP in Slackware-9.1 not working?
This is a discussion on TFTP in Slackware-9.1 not working? within the Linux Networking forums, part of the Linux Forums category; Anyone have TFTP server (tftp-hpa-0.34) working in Slackware-9.1 or in any Linux machine? TFTP in ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
11-24-2003
|
|||
|
|||
TFTP in Slackware-9.1 not working?
Anyone have TFTP server (tftp-hpa-0.34) working in Slackware-9.1 or in
any Linux machine? TFTP in Slackware-8.0 works. But, TFTP in Slackware-9.1 is not responding. I've tried connecting locally, tftp localhost > verbose > get ... ... --> times out and I get connected but cannot get files. -- William Park, Open Geometry Consulting, <opengeometry@yahoo.ca> Linux solution for data management and processing. 
|
|
11-24-2003
|
|||
|
|||
|
Re: TFTP in Slackware-9.1 not working?
In <alt.os.linux.slackware> William Park <opengeometry@yahoo.ca> wrote:
> Anyone have TFTP server (tftp-hpa-0.34) working in Slackware-9.1 or in > any Linux machine? > > TFTP in Slackware-8.0 works. But, TFTP in Slackware-9.1 is not > responding. I've tried connecting locally, > tftp localhost > > verbose > > get ... ... --> times out > and I get connected but cannot get files. Arghh.. I solved it. Change /etc/inetd.conf from tftp dgram udp wait nobody /usr/sbin/tcpd in.tftpd to tftp dgram udp wait root /usr/sbin/in.tftpd in.tftpd -s /tftpboot -- William Park, Open Geometry Consulting, <opengeometry@yahoo.ca> Linux solution for data management and processing.
|
|
11-24-2003
|
|||
|
|||
|
Re: TFTP in Slackware-9.1 not working?
On Mon, 24 Nov 2003 11:57:59 +0000, William Park wrote:
> Arghh.. I solved it. Change /etc/inetd.conf from > tftp dgram udp wait nobody /usr/sbin/tcpd in.tftpd > to > tftp dgram udp wait root /usr/sbin/in.tftpd in.tftpd -s /tftpboot Then your running it under the superuser account (which is bad)... I like it a little more paranoit - as TFTP is not very secure by design. Here is what i have working: ~$ grep tftp /etc/group /etc/passwd /etc/group:tftp:x:402:tftp /etc/passwd:tftp:x:402:402:tftpd:/tftpboot:/bin/false ~$ grep tftp /etc/inetd.conf tftp dgram udp wait root /usr/sbin/in.tftpd in.tftpd -s /tftpboot -p -u tftp -vv ~$ ls -l / |grep tftp drwx--x--x 2 root root 4096 Nov 24 12:59 tftpboot/ ~$ grep tftp /etc/hosts.allow in.tftpd: LOCAL, .lan, 127. ~$ cat /etc/hosts.deny ALL: ALL -- -Menno.
|
|
11-24-2003
|
|||
|
|||
|
Re: TFTP in Slackware-9.1 not working?
In <alt.os.linux.slackware> Menno Duursma <menno@desktop.lan> wrote:
> On Mon, 24 Nov 2003 11:57:59 +0000, William Park wrote: > > > Arghh.. I solved it. Change /etc/inetd.conf from > > tftp dgram udp wait nobody /usr/sbin/tcpd in.tftpd > > to > > tftp dgram udp wait root /usr/sbin/in.tftpd in.tftpd -s /tftpboot > > Then your running it under the superuser account (which is bad)... > I like it a little more paranoit - as TFTP is not very secure by design. > Here is what i have working: You need 'root' to chroot into /tftpboot. But, after that, it drops to 'nobody' according to /usr/doc/tftp-hpa-0.34/README.security: You should make sure that you are using "wait" option in tftpd; you also need to have tftpd spawned as root in order for chroot (-s) to work. tftpd automatically drops privilege and changes user ID to "nobody" by default; the appropriate user ID for tftpd can be specified with the -u option (e.g. "-u tftpuser"). -- William Park, Open Geometry Consulting, <opengeometry@yahoo.ca> Linux solution for data management and processing.
|
|
11-24-2003
|
|||
|
|||
|
Re: TFTP in Slackware-9.1 not working?
On Mon, 24 Nov 2003 21:41:22 +0000, William Park wrote:
> In <alt.os.linux.slackware> Menno Duursma <menno@desktop.lan> wrote: >> On Mon, 24 Nov 2003 11:57:59 +0000, William Park wrote: >> >> > Arghh.. I solved it. Change /etc/inetd.conf from >> > tftp dgram udp wait nobody /usr/sbin/tcpd in.tftpd >> > to >> > tftp dgram udp wait root /usr/sbin/in.tftpd in.tftpd -s /tftpboot >> >> Then your running it under the superuser account (which is bad)... >> I like it a little more paranoit - as TFTP is not very secure by design. >> Here is what i have working: > > You need 'root' to chroot into /tftpboot. I know, you can only call chroot(2) under EUID 0. > But, after that, it drops to > 'nobody' according to /usr/doc/tftp-hpa-0.34/README.security: Ok, i had forgot about that. However the `nobody' account might be used for an other service already (ie: Apache, Samba, etc). Thus if someone has that, they'll be able to mess about other things on the box as well. The setup i posted, i had already working on Slackware 9.0, tftp-hpa-0.33: http://google.nl/groups?selm=pan.200...0desktop.local And i just tested it on SW 9.1 - tftp-hpa-0.34 upon seeing your post. Still, it should be more secure - at little extra cost. (And i like any service to run under thier own account, for clear separation in any case.) -- -Menno.
|
|
11-25-2003
|
|||
|
|||
|
Re: TFTP in Slackware-9.1 not working?
In <alt.os.linux.slackware> Menno Duursma <menno@desktop.lan> wrote:
> > But, after that, it drops to 'nobody' according to > > /usr/doc/tftp-hpa-0.34/README.security: > > Ok, i had forgot about that. However the `nobody' account might be > used for an other service already (ie: Apache, Samba, etc). Thus if > someone has that, they'll be able to mess about other things on the > box as well. > > The setup i posted, i had already working on Slackware 9.0, > tftp-hpa-0.33: > http://google.nl/groups?selm=pan.200...0desktop.local > > And i just tested it on SW 9.1 - tftp-hpa-0.34 upon seeing your post. > Still, it should be more secure - at little extra cost. (And i like > any service to run under thier own account, for clear separation in > any case.) Since you have TFTP running, I can only assume you're doing network boot.. something I'm trying to do. I can - boot using LILO boot floppy or from harddisk (for development only), and - mount NFS root using BOOTP or static parameter on kernel commandline. Now, how do I boot over the network? I have 3c905C whose boot rom (MBA-4.30) is configured for TCP/IP with BOOTP. When computer boots, it connects to BOOTP and TFTP, but hangs after TFTP download. -- William Park, Open Geometry Consulting, <opengeometry@yahoo.ca> Linux solution for data management and processing.
|
|
11-25-2003
|
|||
|
|||
|
Re: TFTP in Slackware-9.1 not working?
On Tue, 25 Nov 2003 18:25:45 +0000, William Park wrote:
> In <alt.os.linux.slackware> Menno Duursma <menno@desktop.lan> wrote: >> And i just tested it on SW 9.1 - tftp-hpa-0.34 upon seeing your post. >> Still, it should be more secure - at little extra cost. (And i like >> any service to run under thier own account, for clear separation in >> any case.) > > Since you have TFTP running, I can only assume you're doing network > boot.. No. I use(ed) it for remotely updateing firmware. > something I'm trying to do. I have read up on that - some time, however never actually set it up. (Others did, i'm useing SanDisk Flash drive now.) > I can > - boot using LILO boot floppy or from harddisk (for development > only), and > - mount NFS root using BOOTP or static parameter on kernel > commandline. > > Now, how do I boot over the network? Setup dhcpd to point clients to your kernel-image under /tftpboot http://etherboot.sourceforge.net/doc...rman/x126.html Create the root-filesystems for the clients under /tftpboot and export them via NFS (or a ramdisk-image instead.): http://www.applied-synergetics.com/a...klessboot.html > I have 3c905C whose boot rom (MBA-4.30) is configured for TCP/IP with > BOOTP. When computer boots, it connects to BOOTP and TFTP, but hangs > after TFTP download. So it does download a kernel? (But then tells you it's unable to mount `/'?) I'm probably now going to test it out myself as well... However it'll be a Compaq Deskpro, onboard `tulip' NIC - in my case. Hoop this helped you any though. -- -Menno.
|
|
11-26-2003
|
|||
|
|||
|
Re: TFTP in Slackware-9.1 not working?
In <alt.os.linux.slackware> Menno Duursma <menno@desktop.lan> wrote:
> On Tue, 25 Nov 2003 18:25:45 +0000, William Park wrote: > > I can > > - boot using LILO boot floppy or from harddisk (for development > > only), and > > - mount NFS root using BOOTP or static parameter on kernel > > commandline. > > > > Now, how do I boot over the network? > > Setup dhcpd to point clients to your kernel-image under /tftpboot > http://etherboot.sourceforge.net/doc...rman/x126.html > > Create the root-filesystems for the clients under /tftpboot and export > them via NFS (or a ramdisk-image instead.): > http://www.applied-synergetics.com/a...klessboot.html > > > I have 3c905C whose boot rom (MBA-4.30) is configured for TCP/IP with > > BOOTP. When computer boots, it connects to BOOTP and TFTP, but hangs > > after TFTP download. > > So it does download a kernel? > (But then tells you it's unable to mount `/'?) > > I'm probably now going to test it out myself as well... However it'll be a > Compaq Deskpro, onboard `tulip' NIC - in my case. > > Hoop this helped you any though. I bought 3c905 because it has bootrom (Managed PC Boot Agent v4.30), so I wouldn't have to bother with Etherboot and the likes (so was my thinking). The card has PXE, Netware, TCP/IP, RPL support; and, within TCP/IP, it has BOOTP and DHCP. Here is what I got so far: - NFS root works, because I can boot from LILO floppy or harddisk, and mount NFS root using ip=192.168.1.2:...:...:255.255.255.0:...:eth0:off nfsroot=/tftpboot/... as kernel parameter which assign everything statically. - BOOTP works, because I can mount NFS root (as above) using ip=bootp as kernel parameter. - TFTP works, because I can move files manually. I think it has to do with kernel tagging. I've tried sending - regular kernel that I use for LILO boot. - "tagged" kernel obtained with mknbi-linux -i rom bzImage bootImage (netboot-0.9.8) mknbi-linux --ip=bootp bzImage --output=bootImage (mknbi-1.4.2) Nothing. On the screen, computer prints BOOTP. TFTP..... (dots fly by on this line before hangs with this) -- William Park, Open Geometry Consulting, <opengeometry@yahoo.ca> Linux solution for data management and processing.
|
|
11-26-2003
|
|||
|
|||
|
Re: TFTP in Slackware-9.1 not working?
On Wed, 26 Nov 2003 21:12:03 +0000, William Park wrote:
> In <alt.os.linux.slackware> Menno Duursma <menno@desktop.lan> wrote: >> On Tue, 25 Nov 2003 18:25:45 +0000, William Park wrote: >> I'm probably now going to test it out myself as well... However it'll be a >> Compaq Deskpro, onboard `tulip' NIC - in my case. I haven't gotten it to work at all. Although my dhcpd works fine as a bootp server for a HP JetDirect print-spooler. And i can download via TFTP no problem as well. However, it might be do my buggy BIOS (which acts as the bootPROM as well) it's a LSA-M99 LanDesk :-(. > I bought 3c905 because it has bootrom (Managed PC Boot Agent v4.30), so That one looks to be supported by `pxelinux': "3Com MBA v4.30 or later is believed to work on all supported network cards" from: http://syslinux.zytor.com/hardware.php menno@desktop:~$ grep -r -m1 pxelinux /var/log/packages /var/log/packages/syslinux-2.06-i386-1:usr/doc/syslinux-2.06/pxelinux.doc > I wouldn't have to bother with Etherboot and the likes (so was my > thinking). The card has PXE, Netware, TCP/IP, RPL support; and, within > TCP/IP, it has BOOTP and DHCP. I'd try following this howto: http://syslinux.zytor.com/pxe.php > Here is what I got so far: > - NFS root works, because I can boot from LILO floppy or harddisk, > and mount NFS root using > ip=192.168.1.2:...:...:255.255.255.0:...:eth0:off > nfsroot=/tftpboot/... > as kernel parameter which assign everything statically. > - BOOTP works, because I can mount NFS root (as above) using > ip=bootp > as kernel parameter. > - TFTP works, because I can move files manually. So you should be almost there. > I think it has to do with kernel tagging. I've tried sending > - regular kernel that I use for LILO boot. > - "tagged" kernel obtained with > mknbi-linux -i rom bzImage bootImage (netboot-0.9.8) > mknbi-linux --ip=bootp bzImage --output=bootImage (mknbi-1.4.2) > > Nothing. On the screen, computer prints > BOOTP. > TFTP..... (dots fly by on this line before hangs with this) Well, it might be you have to set the path in bootp/dhcp to look for: /bootImage (instead of /tftpboot/bootImage) as you chrooted to /tftpboot And instead of tagging the kernel you might want to try a boot loader: /usr/share/syslinux/pxelinux.0 Or, have a look at: http://www.bpbatch.org/ HTH. -- -Menno.
|
|
11-27-2003
|
|||
|
|||
|
Re: TFTP in Slackware-9.1 not working?
In <alt.os.linux.slackware> Menno Duursma <menno@desktop.lan> wrote:
> > I think it has to do with kernel tagging. I've tried sending > > - regular kernel that I use for LILO boot. > > - "tagged" kernel obtained with > > mknbi-linux -i rom bzImage bootImage (netboot-0.9.8) > > mknbi-linux --ip=bootp bzImage --output=bootImage (mknbi-1.4.2) > > > > Nothing. On the screen, computer prints > > BOOTP. > > TFTP..... (dots fly by on this line before hangs with this) Finally, solved! It was tagging problem. Apparently, 'mknbi' breaks some "tagging" standard. I had to use 'imggen-2.0' (found at www.lstp.org) to correct what 'mknbi-linux' produced. So, mknbi-linux -a "apm=power-off ip=bootp" bzImage boot.nbi imggen -a boot.nbi boot.mba > And instead of tagging the kernel you might want to try a boot loader: > /usr/share/syslinux/pxelinux.0 > > Or, have a look at: > http://www.bpbatch.org/ Thanks for the URL pointers. I can now get some sleep... -- William Park, Open Geometry Consulting, <opengeometry@yahoo.ca> Linux solution for data management and processing.
|
Linear Mode
