2

I can't get tftp to work on my machine running Scientific Linux 6.1:

[root@bugs ~]# ls /tftpboot/
default  example.txt  MX075000.002_107  MX075100.002_025  MX076000.002  MX076200.002      MX0779900.002
[root@bugs ~]# tftp localhost
tftp> status
Connected to localhost.
Mode: netascii Verbose: off Tracing: off Literal: off
Rexmt-interval: 5 seconds, Max-timeout: 25 seconds
tftp> get example.txt
Transfer timed out.

This is the tftp configuration:

[claudiu@bugs claudiu]$ cat /etc/xinetd.d/tftp
service tftp
{
    disable = no
    socket_type     = dgram
    protocol        = udp
    wait            = yes
    user            = root
    server          = /usr/sbin/in.tftpd
    server_args     = -c -s /tftpboot -v -v -v
    per_source      = 11
    cps         = 100 2
    flags           = IPv4
}

xinetd is up and running:

[claudiu@bugs claudiu]$ sudo service xinetd status
xinetd (pid  23864) is running...

Tftp seems to be turned on and port 69 is open:

[claudiu@bugs claudiu]$ chkconfig | grep tftp
    tftp:           on
[claudiu@bugs claudiu]$ sudo nmap -sU localhost | grep 69
69/udp   open|filtered tftp

Also, the permissions seem to be set right:

[claudiu@bugs claudiu]$ ls -l / | grep ftp
drwxrwxrwx.   2 root    root     4096 Jan  5 15:48 tftpboot
[claudiu@bugs claudiu]$ cd /tftpboot/
[claudiu@bugs tftpboot]$ ls -l example.txt
-rwxrwxrwx. 1 root root 0 Jan  4 15:38 /tftpboot/example.txt

If anybody has any idea what could go wrong, I could use some help...

Claudiu
  • 625
  • 1
  • 7
  • 14
  • Note that *chkconfig* does not manage [x]inetd; rather, it controls the **stand-alone** *tftp* daemon. If you have both active, there is a very high chance of conflicts. – u1686_grawity Jan 05 '12 at 14:07
  • Thanks, but I don't think there's any conflicts in this case...I tried turning chkconfig off and xinetd on and vice-versa but it's still not working... – Claudiu Jan 05 '12 at 14:15
  • How about your selinux configuration? – kamae Feb 14 '12 at 14:52
  • @kamae Yes, it seems that was it. I solved this problem some time ago, but forgot to close the question. I tried to configure selinux to allow tftp, but I needed the service urgently, so I finally disabled selinux. – Claudiu Feb 14 '12 at 19:03

3 Answers3

3

It seems that SELinux was causing the trouble. I didn't manage to make tftp work with it, so I fully disabled SELinux. I know it's not recommended, but if anybody else needs to know how to do this, here it is: you need to edit the /etc/selinux/config file and change the line containing "SELINUX=" to:

SELINUX=disabled

A system reboot is mandatory. Without it, the changes won't take effect.

Claudiu
  • 625
  • 1
  • 7
  • 14
2

Check that ICMP is not prohibited in iptables. It solved my problems.

By the way, SELinux does not have to be disabled to make it work.

slhck
  • 223,558
  • 70
  • 607
  • 592
mike
  • 21
  • 2
1
echo 0 >/selinux/enforce

This will put SELinux in permissive mode, however a reboot will clear this. 

cat /selinux/enforce

This would verify that it is in permissive mode.

This way you do not have to reboot the machine. Just make sure SELINUX=disabled in /etc/selinux/config so it survives a reboot.

slhck
  • 223,558
  • 70
  • 607
  • 592
Arwin Reprakash
  • 11
  • 1