tftpd - trivial file transfer protocol server
/usr/lbin/tftpd [-R retran-seconds] [-T total-seconds] [path ...]
tftpd is a server that supports the Internet Trivial File Transfer
Protocol (RFC783). The TFTP server operates at the port indicated in
the tftp service description (see services(4)). The server is
normally started by inetd using the /etc/inetd.conf file (see
inetd(1M) and inetd.conf(4)).
The -R option specifies the per-packet retransmission timeout, in
seconds. The default value is 5 seconds.
The -T option specifies the total retransmission timeout, in seconds.
The default value is 25 seconds.
The path parameter has the following effects:
+ tftpd operates in either of two modes or their combination. The
first mode requires a defined home directory for the pseudo-user
tftp, and looks for files relative to that path. The second
mode requires one or more paths be specified on the command
line, and allows access only to files whose paths match or begin
with one of the command line specifications. The first mode is
backward-compatible with previous releases of HP-UX and supports
somewhat tighter security. The second mode is compatible with
other vendors' implementations of tftpd and allows greater
flexibility in accessing files.
+ If no path is specified on the command line, tftpd requires an
entry in the /etc/passwd database (see passwd(4)) for an account
(pseudo-user) named tftp. The password field should be *, the
group membership should be guest, and the login shell should be
/usr/bin/false. For example (assuming the guest group ID is
tftpd uses a call to chroot() to change its root directory to be
the same as the home directory of the pseudo-user tftp. This
restricts access by tftp clients to only those files found below
the tftp home directory (see chroot(2)). Furthermore, tftp
clients can only read files in that directory if they are
readable by the pseudo-user tftp, and tftp clients can only
write files in that directory if they exist and are writable by
the pseudo-user tftp.
Hewlett-Packard Company - 1 - HP-UX Release 11i: November 2000
+ If any path is specified on the command line, tftpd does not
require that a pseudo-user named tftp exist in /etc/passwd. The
specified paths control access to files by tftp clients. Each
path is treated as being relative to / (not the tftp home
directory), and can be either a directory or a file. tftpd
disallows a client access to any file that does not match
entirely or in its initial components one of the restriction
paths. It also disallows access to any file path containing
``..''. However, an accessed file can be a symbolic link that
points outside the set of restricted paths.
+ If any path is specified on the command line and the tftp home
directory is defined and is not /, tftpd first looks for a file
relative to (under) the home directory. If the file is not
found there, then tftpd looks for the file relative to / with
path restrictions applied. Thus if two files with the same name
can be found in both locations, tftpd accesses the one under
tftp's home directory.
Note that inetd allows continuation of command lines in inetd.conf by
ending continued lines with a backlash.
Defining the tftp pseudo-user is strongly recommended even when paths
are specified, because client access is further restricted to files
that can be read and/or written by this pseudo-user. It is safe to
set the tftp pseudo-user's home directory to / in this case.
The following diagnostics are logged to the syslogd facility at the
err log level (see syslogd(1M)).
No security mechanism exists
The pseudo-user tftp was not found in the password database
(/etc/passwd), and tftpd was invoked without any path
Add or correct the entry for the pseudo-user tftp in the
password database /etc/passwd. Or, add an access list (path
arguments) to the tftpd arguments in the inetd configuration
file /etc/inetd.conf. Reconfigure inetd with the command
Unknown option option ignored
An invalid option was specified in the tftpd arguments in
the inetd configuration file /etc/inetd.conf.
Remove or correct the option. Restart inetd with the
command inetd -c.
Invalid total timeout value
The value given for the -T option was not a number or was a
Hewlett-Packard Company - 2 - HP-UX Release 11i: November 2000
Correct the value given for the -T option. Reconfigure
inetd with the command inetd -c.
Invalid retransmission timeout value
The value given for the -R option was not a number or was a
Correct the value given for the -R option. Reconfigure
inetd with the command inetd -c.
The named system call failed. See the corresponding manual
entry for a description of the system call. The reason for
the failure is explained in the error message appended to
the system call.
When invoked with no path arguments, tftpd cannot follow symbolic
links that refer to paths outside of the home directory of the
pseudo-user tftp, because it performs a chroot().
tftpd was developed by the University of California, Berkeley, and
tftp(1), inetd(1M), syslogd(1M), chroot(2), inetd.conf(4), passwd(4).
Hewlett-Packard Company - 3 - HP-UX Release 11i: November 2000