Steve Elliott wrote: > Can anyone suggest why I get 'Permission denied' for this access? > > May 14 16:01:23 regret dnsmasq-dhcp[13285]: 1811947682 Available DHCP > subnet: 10.0.0.0/255.255.255.0 > May 14 16:01:23 regret dnsmasq-dhcp[13285]: 1811947682 Vendor class: > PXEClient:Arch:00000:UNDI:002001 > May 14 16:01:23 regret dnsmasq-dhcp[13285]: 1811947682 PXE(eth0) > 00:23:6b:00:20:a2 proxy > May 14 16:01:23 regret dnsmasq-dhcp[13285]: 1811947682 tags: eth0 > May 14 16:01:23 regret dnsmasq-dhcp[13285]: 1811947682 sent size: 1 > option: 53:message-type 02 > May 14 16:01:23 regret dnsmasq-dhcp[13285]: 1811947682 sent size: 4 > option: 54:server-identifier 10.0.0.150 > May 14 16:01:23 regret dnsmasq-dhcp[13285]: 1811947682 sent size: 9 > option: 60:vendor-class 50:58:45:43:6c:69:65:6e:74 > > May 14 16:01:23 regret dnsmasq-dhcp[13285]: 1811947682 sent size: 17 > option: 97:client-machine-id 00:00:00:00:00:00:00:00:00:00:00:00:00... > > May 14 16:01:23 regret dnsmasq-dhcp[13285]: 1811947682 sent size: 79 > option: 43:vendor-encap 06:01:03:08:0e:80:00:01:0a:00:00:96:80... > > May 14 16:01:24 regret dnsmasq-dhcp[13285]: 1811947682 Available DHCP > subnet: 10.0.0.0/255.255.255.0 > May 14 16:01:24 regret dnsmasq-dhcp[13285]: 1811947682 Vendor class: > PXEClient:Arch:00000:UNDI:002001 > May 14 16:01:26 regret dnsmasq-dhcp[13285]: 1811947682 Available DHCP > subnet: 10.0.0.0/255.255.255.0 > May 14 16:01:26 regret dnsmasq-dhcp[13285]: 1811947682 Vendor class: > PXEClient:Arch:00000:UNDI:002001 > May 14 16:01:26 regret dnsmasq-dhcp[13285]: 1811947682 PXE(eth0) > 10.0.0.140 00:23:6b:00:20:a2 /xxx/xxx/bootrom.pxe.0 > May 14 16:01:26 regret dnsmasq-dhcp[13285]: 1811947682 tags: eth0 > May 14 16:01:26 regret dnsmasq-dhcp[13285]: 1811947682 bootfile name: > /xxx/xxx/bootrom.pxe.0 > May 14 16:01:26 regret dnsmasq-dhcp[13285]: 1811947682 next server: > 10.0.0.150 > May 14 16:01:26 regret dnsmasq-dhcp[13285]: 1811947682 sent size: 1 > option: 53:message-type 05 > May 14 16:01:26 regret dnsmasq-dhcp[13285]: 1811947682 sent size: 4 > option: 54:server-identifier 10.0.0.150 > May 14 16:01:26 regret dnsmasq-dhcp[13285]: 1811947682 sent size: 9 > option: 60:vendor-class 50:58:45:43:6c:69:65:6e:74 > > May 14 16:01:26 regret dnsmasq-dhcp[13285]: 1811947682 sent size: 17 > option: 97:client-machine-id 00:00:00:00:00:00:00:00:00:00:00:00:00... > > May 14 16:01:26 regret dnsmasq-dhcp[13285]: 1811947682 sent size: 37 > option: 43:vendor-encap 47:04:80:00:00:00:0a:1c:ff:57:68:69:63... > > May 14 16:01:27 regret dnsmasq-tftp[13285]: cannot access > /home/Steve/Shared/workspace/xxx/xxx/bootrom.pxe.0: Permission denied > > May 14 16:01:27 regret dnsmasq-tftp[13285]: cannot access > /home/Steve/Shared/workspace/xxx/xxx/bootrom.pxe.0: Permission denied > > ftp_root=/home/Steve/Shared/workspace > > /home/Steve/Shared/workspace/xxx/xxx/ > -rwxrwxr-x. 1 Steve Steve 482040 2010-05-13 17:32 bootrom.pxe.0 > >
Have you got --tftp-secure set? --tftp-secure Enable TFTP secure mode: without this, any file which is readable by the dnsmasq process under normal unix access-control rules is available via TFTP. When the --tftp-secure flag is given, only files owned by the user running the dnsmasq process are accessible. If dnsmasq is being run as root, different rules apply: --tftp-secure has no effect, but only files which have the world-readable bit set are accessible. It is not recommended to run dnsmasq as root with TFTP enabled, and certainly not without specifying --tftp-root. Doing so can expose any world-readable file on the server to any host on the net. Cheers, Simon. > > Steve Elliott - Embedded Overflow > 4, Glassop St., Balmain, NSW 2041. > > > ------------------------------------------------------------------------ > > _______________________________________________ > Dnsmasq-discuss mailing list > Dnsmasq-discuss@lists.thekelleys.org.uk > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss