unixdev.net


Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (HP-UX-11.11)
Page:
Section:
Apropos / Subsearch:
optional field



 tftpd(1M)							   tftpd(1M)




 NAME
      tftpd - trivial file transfer protocol server

 SYNOPSIS
      /usr/lbin/tftpd [-R retran-seconds] [-T total-seconds] [path ...]

 DESCRIPTION
      tftpd is a server that supports the Internet Trivial File Transfer
      Protocol (RFC783).  The TFTP server operates at the port indicated in
      the tftp service description (see services(4)).  The server is
      normally started by inetd using the /etc/inetd.conf file (see
      inetd(1M) and inetd.conf(4)).

      The -R option specifies the per-packet retransmission timeout, in
      seconds.	The default value is 5 seconds.

      The -T option specifies the total retransmission timeout, in seconds.
      The default value is 25 seconds.

      The path parameter has the following effects:

	 +  tftpd operates in either of two modes or their combination.	 The
	    first mode requires a defined home directory for the pseudo-user
	    tftp, and looks for files relative to that path.  The second
	    mode requires one or more paths be specified on the command
	    line, and allows access only to files whose paths match or begin
	    with one of the command line specifications.  The first mode is
	    backward-compatible with previous releases of HP-UX and supports
	    somewhat tighter security.	The second mode is compatible with
	    other vendors' implementations of tftpd and allows greater
	    flexibility in accessing files.

	 +  If no path is specified on the command line, tftpd requires an
	    entry in the /etc/passwd database (see passwd(4)) for an account
	    (pseudo-user) named tftp.  The password field should be *, the
	    group membership should be guest, and the login shell should be
	    /usr/bin/false.  For example (assuming the guest group ID is
	    101):

		   tftp:*:510:101:tftp server:/home/tftpdir:/usr/bin/false

	    tftpd uses a call to chroot() to change its root directory to be
	    the same as the home directory of the pseudo-user tftp.  This
	    restricts access by tftp clients to only those files found below
	    the tftp home directory (see chroot(2)).  Furthermore, tftp
	    clients can only read files in that directory if they are
	    readable by the pseudo-user tftp, and tftp clients can only
	    write files in that directory if they exist and are writable by
	    the pseudo-user tftp.





 Hewlett-Packard Company	    - 1 -   HP-UX Release 11i: November 2000






 tftpd(1M)							   tftpd(1M)




	 +  If any path is specified on the command line, tftpd does not
	    require that a pseudo-user named tftp exist in /etc/passwd.	 The
	    specified paths control access to files by tftp clients.  Each
	    path is treated as being relative to / (not the tftp home
	    directory), and can be either a directory or a file.  tftpd
	    disallows a client access to any file that does not match
	    entirely or in its initial components one of the restriction
	    paths.  It also disallows access to any file path containing
	    ``..''.  However, an accessed file can be a symbolic link that
	    points outside the set of restricted paths.

	 +  If any path is specified on the command line and the tftp home
	    directory is defined and is not /, tftpd first looks for a file
	    relative to (under) the home directory.  If the file is not
	    found there, then tftpd looks for the file relative to / with
	    path restrictions applied.	Thus if two files with the same name
	    can be found in both locations, tftpd accesses the one under
	    tftp's home directory.

      Note that inetd allows continuation of command lines in inetd.conf by
      ending continued lines with a backlash.

      Defining the tftp pseudo-user is strongly recommended even when paths
      are specified, because client access is further restricted to files
      that can be read and/or written by this pseudo-user.  It is safe to
      set the tftp pseudo-user's home directory to / in this case.

 DIAGNOSTICS
      The following diagnostics are logged to the syslogd facility at the
      err log level (see syslogd(1M)).

	   No security mechanism exists
		The pseudo-user tftp was not found in the password database
		(/etc/passwd), and tftpd was invoked without any path
		arguments.

		Add or correct the entry for the pseudo-user tftp in the
		password database /etc/passwd.	Or, add an access list (path
		arguments) to the tftpd arguments in the inetd configuration
		file /etc/inetd.conf.  Reconfigure inetd with the command
		inetd -c.

	   Unknown option option ignored
		An invalid option was specified in the tftpd arguments in
		the inetd configuration file /etc/inetd.conf.

		Remove or correct the option.  Restart inetd with the
		command inetd -c.

	   Invalid total timeout value
		The value given for the -T option was not a number or was a



 Hewlett-Packard Company	    - 2 -   HP-UX Release 11i: November 2000






 tftpd(1M)							   tftpd(1M)




		negative number.

		Correct the value given for the -T option.  Reconfigure
		inetd with the command inetd -c.

	   Invalid retransmission timeout value
		The value given for the -R option was not a number or was a
		negative number.

		Correct the value given for the -R option.  Reconfigure
		inetd with the command inetd -c.

	   system call:
		The named system call failed.  See the corresponding manual
		entry for a description of the system call.  The reason for
		the failure is explained in the error message appended to
		the system call.

 WARNINGS
      When invoked with no path arguments, tftpd cannot follow symbolic
      links that refer to paths outside of the home directory of the
      pseudo-user tftp, because it performs a chroot().

 AUTHOR
      tftpd was developed by the University of California, Berkeley, and
      Hewlett-Packard.

 SEE ALSO
      tftp(1), inetd(1M), syslogd(1M), chroot(2), inetd.conf(4), passwd(4).

























 Hewlett-Packard Company	    - 3 -   HP-UX Release 11i: November 2000