xinetd.d listening twice on port 69
Mark Sargent
powderkeg at snow.email.ne.jp
Fri Apr 8 08:06:50 UTC 2005
Mark Sargent wrote:
> Andy Green wrote:
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Mark Sargent wrote:
>>
>> | yes, Andy, I have restarted, even rebooted with no change. With your
>> | permissions Q, are you referring to the dir tftpboot.? What do you
>> mean
>> | by, xinetd process user..? Below is the permissions/ownership details
>> | for tftpboot,
>>
>> | -rwxrwxrwx 1 nobody nobody 0 Apr 7 13:21 tftpboot
>>
>> [root at server nzb]# ps -Af | grep xinetd
>> root 3674 1 0 Mar29 ? 00:00:00 xinetd -stayalive
>> - -pidfile /var/run/xinetd.pid
>>
>> xinetd is apparently executing with the privs of the root user, but if I
>> do a strings on in.tftpd there is a string in there
>>
>> cannot drop privileges: %m
>>
>> suggesting that tftpd doesn't run as root. In fact the man page says it
>> runs as nobody by default I see now.
>>
>> Anyway it's moot because you show tftpboot wide open for anyone to write
>> into.
>>
>> Nothing in /var/log/messages about the failed write? Add -v -v -v to
>> the options in /etc/xinetd.d/tftp and restart xinetd, then try again...
>> it should be chattier in the log and maybe you get a clue.
>>
>> - -Andy
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.4.1 (GNU/Linux)
>> Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
>>
>> iD8DBQFCVPNbjKeDCxMJCTIRAnwSAJ0Tbjwv9PFeHXZv4fMY8PPLevxrcwCgjJu0
>> e/UG97O8xjW1GoXHWKosmQ8=
>> =vJaz
>> -----END PGP SIGNATURE-----
>>
> Hi All,
>
> guys, what is this..?
>
> Apr 8 04:24:53 localhost in.tftpd[6352]: WRQ from 192.168.168.12
> filename /tftp boot
>
> Found in /var/log/messages today after I added -v -v -v to
> /etc/xinetd.d/tftp as suggested by Andy Green. What I don't un, is,
> why does it show the time as 04:24:53 when others are per the pc clock
> time..? Cheers.
>
> Mark Sargent.
>
Hi All,
ok, this is working now. Both from a switch and from the pc itself via
tftp client. I wanna thank everybody for their help/patience..most of
all their patience with me. As Andy pointed out, the server changes from
root to user id, so, to get the tftp client to put a file I had to make
that file the ownership of the user running tftp-server. Oh well, it's
all a learning experience, and heck, I've learnt a lot. Cheers.
Mark Sargent.
More information about the fedora-list
mailing list