Linux/tftp-hpa: Difference between revisions
< Linux
(→xinetd) |
(→Issue) |
||
Line 128: | Line 128: | ||
ref: https://stackoverflow.com/questions/68982596/multiple-definition-error-while-compiling-tftp-hpa | ref: https://stackoverflow.com/questions/68982596/multiple-definition-error-while-compiling-tftp-hpa | ||
=== cannot set groups for user nobody === | |||
Problem: | |||
* If you have the xinet user set to tftp (or nobody) you get the following error in the logs: | |||
<pre> | |||
in.tftpd[2120]: cannot set groups for user nobody | |||
</pre> | |||
Solution: | |||
* xinet user must be set to root :-( BUT, you pass in the server_args "-u USER" to run as another user. | |||
ref: https://blog.thewatertower.org/2019/05/01/tftp-part-1-running-it-as-non-root/ | |||
== keywords == | == keywords == | ||
tftp tftpd tftp-hpa | tftp tftpd tftp-hpa |
Revision as of 07:13, 4 February 2024
tftp-hpa
Note: Code hasn't been updated since 2015!
Website:
https://git.kernel.org/pub/scm/network/tftp/tftp-hpa.git/
Install
Dependencies
All dependencies:
apt install tftp xinetd gcc make autoconf build-essential
Get the client for testing:
apt install tftp
Get xinetd wrapper
apt install xinetd
Source
mkdir ~/.src ; cd ~/.src # git clone https://git.kernel.org/pub/scm/network/tftp/tftp-hpa.git git clone https://github.com/kiloforce/tftp-hpa.git # - added patch to fix compile issue cd tftp-hpa bash autogen.sh # ./configure ./configure --prefix=/opt/tftp-hpa make clean make sudo make install
Home folder
mkdir /tftp
xinetd
/etc/xinetd.d/tftp:
service tftp { socket_type = dgram protocol = udp wait = yes # user = root user = tftp # group = tftp port = 69 server = /opt/tftp-hpa/sbin/in.tftpd server_args = -vvv --create --user tftp --secure /tftp --map-file /etc/tftpd.map --refuse blksize # server_args = -vvv -s /tftp -m /etc/tftpd.map -r blksize # server_args = --verbose -u tftp -s /tftp -r blksize flags = IPv4 disable = no }
adduser tftp
tftp:x:1001:1001:TFTP User:/tftp:
chown tftp:tftp /tftp
/etc/tftpd.map:
# Convert backslashes to slashes rg \\ /
Service
service xinetd stop service xinetd start
More Complete Map File
# # Rule file for the -m (remapping option) # # This file has three fields: operation, regex, remapping # # The operation is a combination of the following letters: # # r - rewrite the matched string with the remapping pattern # i - case-insensitive matching # g - repeat until no match (used with "r") # e - exit (with success) if we match this pattern, do not process # subsequent rules # s - start over from the first rule if we match this pattern # a - abort (refuse the request) if we match this rule # G - this rule applies to TFTP GET requests only # P - this rule applies to TFTP PUT requests only # # The regex is a regular expression in the style of egrep(1). # # The remapping is a pattern, all characters are verbatim except \ # \0 copies the full string that matched the regex # \1..\9 copies the 9 first (..) expressions in the regex # \\ is an escaped \ # See http://linux.die.net/man/8/tftpd for more info. # # "#" begins a comment, unless \-escaped # ri ^[a-z]: # Remove "drive letters" rg \\ / # Convert backslashes to slashes rg ([A-Z]) \L\1 # Convert uppercase to lowercase rg \# @ # Convert hash marks to @ signs rg /../ /..no../ # Convert /../ to /..no../ e ^ok/ # These are always ok r ^[^/] /\0 # Convert non-absolute files a \.pvt$ # Reject requests for private files
ref: https://github.com/jumanjihouse/docker-tftp-hpa/blob/master/src/mapfile
Issue
compile issue - multiple definition of toplevel
Issue:
/usr/bin/ld: main.o:/root/.src/tftp-hpa/tftp/main.c:98: multiple definition of `toplevel'; tftp.o:/root/.src/tftp-hpa/tftp/tftp.c:51: first defined here
Fix:
ref: https://stackoverflow.com/questions/68982596/multiple-definition-error-while-compiling-tftp-hpa
cannot set groups for user nobody
Problem:
- If you have the xinet user set to tftp (or nobody) you get the following error in the logs:
in.tftpd[2120]: cannot set groups for user nobody
Solution:
- xinet user must be set to root :-( BUT, you pass in the server_args "-u USER" to run as another user.
ref: https://blog.thewatertower.org/2019/05/01/tftp-part-1-running-it-as-non-root/
keywords
tftp tftpd tftp-hpa