New guy - tftp not "on"

[sumncguy]

I am having trouble with tftp on a Centos 7 box.

I tried to start the service using "chkconfig tftp on" knowing that systemctl is now the preferred method to start services.

I receive the following error. What does it mean ?

root@centos ~]# chkconfig tftp on
Note: Forwarding request to 'systemctl enable tftp.service'.
The unit files have no [Install] section. They are not meant to be enabled
using systemctl.
Possible reasons for having this kind of units are:
1) A unit may be statically enabled by being symlinked from another unit's
.wants/ or .requires/ directory.
2) A unit's purpose may be to act as a helper for some other unit which has
a requirement dependency on it.
3) A unit may be started when needed via activation (socket, path, timer,
D-Bus, udev, scripted systemctl call, ...).
[root@centos ~]#

[stevemowbray]

The tftp server is run from xinetd by default. Edit /etc/xinetd.d/tftp and change "disable = yes" to "disable = no" and restart/reload xinetd.

[sumncguy]

Thanks Steve. That did get tftp turned on.

/var/log/messages showed tftp server not started.

Now it is but manually.

[root@centos ~]# systemctl status tftp.socket
tftp.socket - Tftp Server Activation Socket
Loaded: loaded (/usr/lib/systemd/system/tftp.socket; disabled)
Active: inactive (dead)
Listen: [::]:69 (Datagram)

[root@centos ~]# systemctl status tftp.service
tftp.service - Tftp Server
Loaded: loaded (/usr/lib/systemd/system/tftp.service; static)
Active: inactive (dead)

[root@centos ~]# systemctl start tftp.socket
[root@centos ~]# systemctl start tftp.service

[root@centos ~]# systemctl status tftp.socket
tftp.socket - Tftp Server Activation Socket
Loaded: loaded (/usr/lib/systemd/system/tftp.socket; disabled)
Active: active (running) since Tue 2015-04-21 19:35:18 EDT; 16s ago
Listen: [::]:69 (Datagram)

Apr 21 19:35:18 centos systemd[1]: Starting Tftp Server Activation Socket.
Apr 21 19:35:18 centos systemd[1]: Listening on Tftp Server Activation Socket.

[root@centos ~]# systemctl status tftp.service
tftp.service - Tftp Server
Loaded: loaded (/usr/lib/systemd/system/tftp.service; static)
Active: active (running) since Tue 2015-04-21 19:35:29 EDT; 12s ago
Main PID: 4177 (in.tftpd)
CGroup: /system.slice/tftp.service
└─4177 /usr/sbin/in.tftpd -s /tftpboot

Apr 21 19:35:29 centos systemd[1]: Starting Tftp Server...
Apr 21 19:35:29 centos systemd[1]: Started Tftp Server.

[root@centos ~]# [root@centos ~]# cat /etc/xinetd.d/tftp
# default: off
# description: The tftp server serves files using the trivial file transfer \
# protocol. The tftp protocol is often used to boot diskless \
# workstations, download configuration files to network-aware printers, \
# and to start the installation process for some operating systems.
service tftp
{
socket_type = dgram
protocol = udp
wait = yes
user = root
server = /usr/sbin/in.tftpd
server_args = -s /tftpboot
disable = no
per_source = 11
cps = 100 2
flags = IPv4
}



[root@centos ~]# cat /usr/lib/systemd/system/tftp.service
[Unit]
Description=Tftp Server

[Service]
#ExecStart=/usr/sbin/in.tftpd -s /var/lib/tftpboot
ExecStart=/usr/sbin/in.tftpd -s /tftpboot
StandardInput=socket

[root@centos ~]# cat /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
#SELINUX=enforcing
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
#SELINUXTYPE=targeted
SELINUXTYPE=minimum


[root@centos ~]# cat /etc/xinetd.conf
#
# This is the master xinetd configuration file. Settings in the
# default section will be inherited by all service configurations
# unless explicitly overridden in the service configuration. See
# xinetd.conf in the man pages for a more detailed explanation of
# these attributes.

defaults
{
# The next two items are intended to be a quick access place to
# temporarily enable or disable services.
#
# enabled =
# disabled =
disabled = no

# Define general logging characteristics.
log_type = SYSLOG daemon info
log_on_failure = HOST
log_on_success = PID HOST DURATION EXIT

# Define access restriction defaults
#
# no_access =
# only_from =
# max_load = 0
cps = 50 10
instances = 50
per_source = 10

# Address and networking defaults
#
# bind =
# mdns = yes
v6only = no

# setup environmental attributes
#
# passenv =
groups = yes
umask = 002

# Generally, banners are not used. This sets up their global defaults
#
# banner =
# banner_fail =
# banner_success =
}

includedir /etc/xinetd.d

[root@centos ~]# chkconfig --list | grep tftp

Note: This output shows SysV services only and does not include native
systemd services. SysV configuration data might be overridden by native
systemd configuration.

If you want to list systemd services use 'systemctl list-unit-files'.
To see services enabled on particular target use
'systemctl list-dependencies [target]'.

tftp: on

[root@centos ~]# cat /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
#SELINUX=enforcing
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
#SELINUXTYPE=targeted
SELINUXTYPE=minimum


[root@centos etc]# chkconfig xinetd off
Note: Forwarding request to 'systemctl disable xinetd.service'.
rm '/etc/systemd/system/multi-user.target.wants/xinetd.service'

[root@centos etc]# chkconfig xinetd on
Note: Forwarding request to 'systemctl enable xinetd.service'.
ln -s '/usr/lib/systemd/system/xinetd.service' '/etc/systemd/system/multi-user.target.wants/xinetd.service'

[root@centos etc]# service xinetd start
Redirecting to /bin/systemctl start xinetd.service

[root@centos etc]# tftp 192.168.47.3
tftp> get testit
tftp> get testifle
tftp> quit

[root@centos etc]# cat testifle
now da time

[root@centos etc]# ls -ld /tftpboot
drwxrwxrwx. 2 nobody root 67 Apr 21 16:28 /tftpboot

[root@centos etc]# ls -l /tftpboot/*
-rwxrwxrwx. 1 root root 0 Apr 21 16:28 /tftpboot/lanrtr1-confg
-rwxrwxrwx 1 sumncguy wheel 12 Apr 21 14:42 /tftpboot/testifle
-rwxrwxrwx. 1 root root 0 Apr 21 08:29 /tftpboot/testit
-rwxrwxrwx. 1 root root 1216 Apr 21 09:13 /tftpboot/tftpts

Frankly I dont know where else to go and could never retrace the steps I took. When I try to do a transfer from my router to the Centos box I get a time out. When I try to do it from my router to my Ubuntu box, I have on problem.

Appreciate any help !!

[TrevorH]

If you have firewalld running then it probably blocks UDP port 69 so any connections attempts will not get through. You probably need to run something like firewall-cmd --add-service=tftp and if that works then enable it permanently by running it again with --permanent.

[sumncguy]

getenforce shows disabled. But Ill give this command a shot .. see if it makes a difference.

[AlanBartlett]

getenforce shows disabled.

That command relates to the operational state of SELinux and not the firewall.

[sumncguy]

firewall-cmd --add-service=tftp worked .. thank you .

Once I have this class project done, Im going to tear it back down and rebuild it to throughly review the config and install of these services from the command line.

Thanks for the .. ssh and tftp down, on to ftp and snmp.

Thanks again folks.

Sum