xinetd.d listening twice on port 69

Mark Sargent powderkeg at snow.email.ne.jp
Fri Apr 8 04:31:26 UTC 2005


Andy Green wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Mark Sargent wrote:
>
> | yes, Andy, I have restarted, even rebooted with no change. With your
> | permissions Q, are you referring to the dir tftpboot.? What do you mean
> | by, xinetd process user..? Below is the permissions/ownership details
> | for tftpboot,
>
> | -rwxrwxrwx   1 nobody nobody    0 Apr  7 13:21 tftpboot
>
> [root at server nzb]# ps -Af | grep xinetd
> root      3674     1  0 Mar29 ?        00:00:00 xinetd -stayalive
> - -pidfile /var/run/xinetd.pid
>
> xinetd is apparently executing with the privs of the root user, but if I
> do a strings on in.tftpd there is a string in there
>
> cannot drop privileges: %m
>
> suggesting that tftpd doesn't run as root.  In fact the man page says it
> runs as nobody by default I see now.
>
> Anyway it's moot because you show tftpboot wide open for anyone to write
> into.
>
> Nothing in /var/log/messages about the failed write?  Add -v -v -v to
> the options in /etc/xinetd.d/tftp and restart xinetd, then try again...
> it should be chattier in the log and maybe you get a clue.
>
> - -Andy
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.1 (GNU/Linux)
> Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
>
> iD8DBQFCVPNbjKeDCxMJCTIRAnwSAJ0Tbjwv9PFeHXZv4fMY8PPLevxrcwCgjJu0
> e/UG97O8xjW1GoXHWKosmQ8=
> =vJaz
> -----END PGP SIGNATURE-----
>
Hi All,

guys, what is this..?

Apr  8 04:24:53 localhost in.tftpd[6352]: WRQ from 192.168.168.12 
filename /tftp boot

 Found in /var/log/messages today after I added -v -v -v to 
/etc/xinetd.d/tftp as suggested by Andy Green. What I don't un, is, why 
does it show the time as 04:24:53 when others are per the pc clock 
time..? Cheers.

Mark Sargent.




More information about the fedora-list mailing list