Wednesday, November 23, 2011

Battling tftpd

*Update!* If you are using this to actually host configs for IP phones that will be used on a live network, I strongly suggest using atftpd instead.
Atftp does not have these odd file permission issues that plain tftpd does (i.e. once a file is created (such as a log file from a phone) by tftpd, it cannot be overwritten for some crazy reason.) Most IP phones store their configurations on the server, and if they cannot write them down after the first time, users (and you!) will not be happy!


Alright so this new job has got me documenting everything the minute I do it, so that I know what the hell to do the next time something happens.

So, this time? It's something I'm doing for myself.

Installing at tftp server in Ubuntu.

I know it sounds stupid, but every tutorial is from 2005 and none of them work on the current version of Ubuntu nowadays. If you want a working tftp server, here's how you do it:

Install the tftpd program. This will also install xinetd, which is how it's started. inetd starts xinetd, who then starts tftpd. I know, dumb, but that's how it works.

$ sudo apt-get install tftpd

Next, we need to set up the file that xinetd will read when it starts tftpd.

$ sudo nano /etc/xinetd.d/tftp

Put this stuff inside it:

service tftp
{
socket_type = dgram
protocol = udp
wait = yes
user = (change this to your username)
server = /usr/sbin/in.tftpd
server_args = -s /tftpboot
per_source = 11
cps = 100 2
disable = no
}

Now, we need to make a directory that this thing will use to put/get files out of. It's commonly right in the root.

$ sudo mkdir /tftpboot

Make that directory readable/writable by your user

$ sudo chown youruser:youruser /tftpboot

$ sudo chmod -R 777 /tftpboot
(this step is required, so that new files created are able to be overwritten.)
Now things should be cooking. Let's try starting tftp.

$ sudo service xinetd restart
* Stopping internet superserver xinetd                                  [ OK ]
* Starting internet superserver xinetd                                   [ OK ] 

If things are NOT ok, then you need to check the logs. Xinetd dumps it's goodies in the syslog (/var/log/syslog). Tail that logfile (tail -f /var/log/syslog) in another console/terminal while you restart and you'll see what's going on.
In my case, I didn't have the user specified correctly, in which case xinetd just doesn't start tftpd.

Now, you should have tftpd running. Look for the open port on the machine, owned by xinetd. This process will be run by the system, so use lsof to check:

$ sudo lsof -i | grep tftp

You should get a line back like the following:
xinetd      942     root    5u  IPv4 5132137      0t0  UDP *:tftp

This means you're up and running! Try pointing something at your tftp server and see if you can get/put files. (Cisco switches, IP phones, etc)

If it fails, check the permissions of your chosen directory, and check syslog for errors. I've seen it noted that adding -v to the options in the tftp file (server_args = -v -s /tftpboot) will make it more verbose, but all I get with that is lines in syslog saying "invalid argument - ?"

No comments:

Post a Comment