On Tue, 11 Sep 2018, Ken Teh wrote:
> I've done all that. But after I reboot the system, I cannot tftp a file from
> the server. But if I start tftp.service manually, I can get the file.
There may be permissions problems and more in play -- BUT you
are trying to 'jump ahead' ---
FIRST, verifying that the connection NOT working on localhost
after reboot is the assertion which we need to test. We can
manually do a transfer on localhost
## the directory: /var/lib/tftpboot/ is the default from which
## to pull per the configuration file. I create a file there
[root@centos-7 ~]# echo "Ken Teh" > /var/lib/tftpboot/test
[root@centos-7 ~]# ls -al /var/lib/tftpboot/test
-rw-r--r--. 1 root root 8 Sep 11 13:41 /var/lib/tftpboot/test
[root@centos-7 ~]# cat /var/lib/tftpboot/test
Ken Teh
[root@centos-7 ~]# tftp 127.0.0.1
tftp> verbose
Verbose mode on.
tftp> ascii
mode set to netascii
tftp> get test
getting from 127.0.0.1:test to test [netascii]
Received 8 bytes in 0.1 seconds [510 bit/s]
tftp> quit
[root@centos-7 ~]# cat test
Ken Teh
[root@centos-7 ~]# pwd
/root
[root@centos-7 ~]#
Then I rebooted and repeated the process
[herrold@centos-7 ~]$ sudo su -
[sudo] password for herrold:
Last login: Tue Sep 11 13:48:33 EDT 2018 on tty1
[root@centos-7 ~]# rm -f test
[root@centos-7 ~]# tftp 127.0.0.1
tftp> ascii
tftp> verbose
Verbose mode on.
tftp> get test
getting from 127.0.0.1:test to test [netascii]
Received 8 bytes in 0.1 seconds [547 bit/s]
tftp> quit
[root@centos-7 ~]# cat test
Ken Teh
[root@centos-7 ~]# uptime
13:49:49 up 1 min, 3 users, load average: 1.29, 0.47, 0.17
[root@centos-7 ~]# netstat -paun | grep 69
udp6 0 0 :::69 :::*
1/systemd
[root@centos-7 ~]#
and the log shows:
[root@centos-7 ~]# grep tftp /var/log/messages
...
Sep 11 13:44:49 centos-7 in.tftpd[32580]: Client
::ffff:127.0.0.1 finished test
Sep 11 13:49:35 centos-7 in.tftpd[3116]: Client
::ffff:127.0.0.1 finished test
and again on the non-localhost socket:
[root@centos-7 ~]# rm -f test
[root@centos-7 ~]# tftp 10.16.1.106
tftp> ascii
tftp> verbose
Verbose mode on.
tftp> get test
getting from 10.16.1.106:test to test [netascii]
Received 8 bytes in 0.1 seconds [614 bit/s]
tftp> quit
[root@centos-7 ~]# cat test
Ken Teh
[root@centos-7 ~]#
Notice that those are ALL the commands run since the reboot
... the tftp service was being run with no effort on my part.
Now, it is perfectly well possible that the firewalld, or
permissions, or more are in play as to ** off host **
transfers, ... but the tftp service IS alread running and
working, and a localhost, and on-host transfer is working
> If a service is never available on reboot after you've enabled it, what does
> 'systemctl enable' mean?
I do not know the background of why you assert it is 'never
available' as I cannot reproduce such an unavailability
locally ... I suspect rather it may simply not be available
for off-host transfers
> Is there some magic sequence of steps I need to take to "really" enable the
> tftp service?
The connection and transfer example above shows exactly what I
did. I suggest using the tftp CLIENT to see
[herrold@centos-7 ~]$ grep tftp /etc/services
tftp 69/tcp
tftp 69/udp
I suspect your tftp-service is actually enabled and listening
... this might be tested and demonstrated with the tftp client
thus:
from a remote machine:
[root@router ~]# tftp
(to) 10.16.1.106
tftp> status
Connected to 10.16.1.106.
Mode: netascii Verbose: off Tracing: off Literal: on
Rexmt-interval: 5 seconds, Max-timeout: 25 seconds
tftp> quit
[root@router ~]
and we see in the process table 'netstat details' on the
server machine:
[root@centos-7 ~]# netstat -panu | grep 69
...
udp6 0 0 :::69 :::*
1/systemd
We do not see a process containing the name 'tftp' in the
process table, separately, as the 'systemd' is acting as the
former 'xinetd' and watching the socket
but it is still there, looking at the localhost nad the
external IP of the server machine as well
[root@centos-7 ~]# tftp 10.16.1.106
tftp> status
Connected to 10.16.1.106.
Mode: netascii Verbose: off Tracing: off Literal: off
Rexmt-interval: 5 seconds, Max-timeout: 25 seconds
tftp> quit
[root@centos-7 ~]# tftp 127.0.0.1
tftp> status
Connected to 127.0.0.1.
Mode: netascii Verbose: off Tracing: off Literal: off
Rexmt-interval: 5 seconds, Max-timeout: 25 seconds
tftp> quit
[root@centos-7 ~]#
Notice the difference in the 'Connected to ' field
Long ago and far away, I wrote a longer piece for debugging
once I demonstrated a working tftp server and client, using
tcpdump ... Things have changed some -- SElinux, wrappers to
the firewalld, probably more
https://urldefense.proofpoint.com/v2/url?u=http-3A__www.owlriver.com_tips_tftp-2Dxinetd_&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=sTrAgsEOMkXY9jq8Spw6XZvngUhSxhpWLFCFP6CQq6E&s=J3ODfdUfvhMwEoNT9FTiGtdGNDlQli5WkFinOU26piA&e=
-- Russ herrold
