On Tue, 11 Sep 2018, Ken Teh wrote: > I've done all that. But after I reboot the system, I cannot tftp a file from > the server. But if I start tftp.service manually, I can get the file.
There may be permissions problems and more in play -- BUT you are trying to 'jump ahead' --- FIRST, verifying that the connection NOT working on localhost after reboot is the assertion which we need to test. We can manually do a transfer on localhost ## the directory: /var/lib/tftpboot/ is the default from which ## to pull per the configuration file. I create a file there [root@centos-7 ~]# echo "Ken Teh" > /var/lib/tftpboot/test [root@centos-7 ~]# ls -al /var/lib/tftpboot/test -rw-r--r--. 1 root root 8 Sep 11 13:41 /var/lib/tftpboot/test [root@centos-7 ~]# cat /var/lib/tftpboot/test Ken Teh [root@centos-7 ~]# tftp 127.0.0.1 tftp> verbose Verbose mode on. tftp> ascii mode set to netascii tftp> get test getting from 127.0.0.1:test to test [netascii] Received 8 bytes in 0.1 seconds [510 bit/s] tftp> quit [root@centos-7 ~]# cat test Ken Teh [root@centos-7 ~]# pwd /root [root@centos-7 ~]# Then I rebooted and repeated the process [herrold@centos-7 ~]$ sudo su - [sudo] password for herrold: Last login: Tue Sep 11 13:48:33 EDT 2018 on tty1 [root@centos-7 ~]# rm -f test [root@centos-7 ~]# tftp 127.0.0.1 tftp> ascii tftp> verbose Verbose mode on. tftp> get test getting from 127.0.0.1:test to test [netascii] Received 8 bytes in 0.1 seconds [547 bit/s] tftp> quit [root@centos-7 ~]# cat test Ken Teh [root@centos-7 ~]# uptime 13:49:49 up 1 min, 3 users, load average: 1.29, 0.47, 0.17 [root@centos-7 ~]# netstat -paun | grep 69 udp6 0 0 :::69 :::* 1/systemd [root@centos-7 ~]# and the log shows: [root@centos-7 ~]# grep tftp /var/log/messages ... Sep 11 13:44:49 centos-7 in.tftpd[32580]: Client ::ffff:127.0.0.1 finished test Sep 11 13:49:35 centos-7 in.tftpd[3116]: Client ::ffff:127.0.0.1 finished test and again on the non-localhost socket: [root@centos-7 ~]# rm -f test [root@centos-7 ~]# tftp 10.16.1.106 tftp> ascii tftp> verbose Verbose mode on. tftp> get test getting from 10.16.1.106:test to test [netascii] Received 8 bytes in 0.1 seconds [614 bit/s] tftp> quit [root@centos-7 ~]# cat test Ken Teh [root@centos-7 ~]# Notice that those are ALL the commands run since the reboot ... the tftp service was being run with no effort on my part. Now, it is perfectly well possible that the firewalld, or permissions, or more are in play as to ** off host ** transfers, ... but the tftp service IS alread running and working, and a localhost, and on-host transfer is working > If a service is never available on reboot after you've enabled it, what does > 'systemctl enable' mean? I do not know the background of why you assert it is 'never available' as I cannot reproduce such an unavailability locally ... I suspect rather it may simply not be available for off-host transfers > Is there some magic sequence of steps I need to take to "really" enable the > tftp service? The connection and transfer example above shows exactly what I did. I suggest using the tftp CLIENT to see [herrold@centos-7 ~]$ grep tftp /etc/services tftp 69/tcp tftp 69/udp I suspect your tftp-service is actually enabled and listening ... this might be tested and demonstrated with the tftp client thus: from a remote machine: [root@router ~]# tftp (to) 10.16.1.106 tftp> status Connected to 10.16.1.106. Mode: netascii Verbose: off Tracing: off Literal: on Rexmt-interval: 5 seconds, Max-timeout: 25 seconds tftp> quit [root@router ~] and we see in the process table 'netstat details' on the server machine: [root@centos-7 ~]# netstat -panu | grep 69 ... udp6 0 0 :::69 :::* 1/systemd We do not see a process containing the name 'tftp' in the process table, separately, as the 'systemd' is acting as the former 'xinetd' and watching the socket but it is still there, looking at the localhost nad the external IP of the server machine as well [root@centos-7 ~]# tftp 10.16.1.106 tftp> status Connected to 10.16.1.106. Mode: netascii Verbose: off Tracing: off Literal: off Rexmt-interval: 5 seconds, Max-timeout: 25 seconds tftp> quit [root@centos-7 ~]# tftp 127.0.0.1 tftp> status Connected to 127.0.0.1. Mode: netascii Verbose: off Tracing: off Literal: off Rexmt-interval: 5 seconds, Max-timeout: 25 seconds tftp> quit [root@centos-7 ~]# Notice the difference in the 'Connected to ' field Long ago and far away, I wrote a longer piece for debugging once I demonstrated a working tftp server and client, using tcpdump ... Things have changed some -- SElinux, wrappers to the firewalld, probably more https://urldefense.proofpoint.com/v2/url?u=http-3A__www.owlriver.com_tips_tftp-2Dxinetd_&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=sTrAgsEOMkXY9jq8Spw6XZvngUhSxhpWLFCFP6CQq6E&s=J3ODfdUfvhMwEoNT9FTiGtdGNDlQli5WkFinOU26piA&e= -- Russ herrold