the following allows tftp from 1.2.3.4 tftp dgram udp wait nobody /usr/libexec/tftpd tftpd -l /foo -u luser /foo/1.2.3.4 but the following did not tftp dgram udp wait nobody /usr/libexec/tftpd tftpd -lC /foo -u luser -s /foo /foo/1.2.3.4 giving errors of the form Apr 3 00:25:04 xx tftpd[81979]: chroot: /foo/1.2.3.4: Operation not permitted any clues? randy
> the following allows tftp from 1.2.3.4 > > tftp dgram udp wait nobody /usr/libexec/tftpd tftpd -l /foo - > u luser /foo/1.2.3.4 > > but the following did not > > tftp dgram udp wait nobody /usr/libexec/tftpd tftpd -lC /foo > -u luser -s /foo /foo/1.2.3.4 > > giving errors of the form > > Apr 3 00:25:04 xx tftpd[81979]: chroot: /foo/1.2.3.4: Operation not permitte > d > > any clues?I suspect the other arguements need to be relative to the -s directory. e.g. tftpd -lC / -u luser -s /foo /1.2.3.4> randy > > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"-- Mark Andrews, Internet Software Consortium 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews@isc.org
> I suspect the other arguements need to be relative to the -s directory. > e.g. > tftpd -lC / -u luser -s /foo /1.2.3.4nope
On Wed, Apr 02, 2003 at 04:39:53PM -0800, Randy Bush wrote:> the following allows tftp from 1.2.3.4 > > tftp dgram udp wait nobody /usr/libexec/tftpd tftpd -l /foo -u luser /foo/1.2.3.4 > > but the following did not > > tftp dgram udp wait nobody /usr/libexec/tftpd tftpd -lC /foo -u luser -s /foo /foo/1.2.3.4 > > giving errors of the form > > Apr 3 00:25:04 xx tftpd[81979]: chroot: /foo/1.2.3.4: Operation not permitted > > any clues?You are running tftpd as "nobody" and asking it to chroot into /foo, which is a privileged operation. You should probably run tftpd as root, and use the -u option to make it run as an unprivileged user. Tim
> You are running tftpd as "nobody" and asking it to chroot into /foo, > which is a privileged operation. You should probably run tftpd as root, > and use the -u option to make it run as an unprivileged user.Brian McDonald <brianmcd@columbus.rr.com> gets first credit for catching my stoopidity (in private email). but this was exactly it. thank you both. randy