|
|
Configuring and Managing MPE/iX Internet Services: HP 3000 MPE/iX Computer Systems > Chapter 5 TFTP ServiceConfiguring tftpd |
|
To configure tftpd, you will edit two files: the services file, which lists the individual services that comprise the suite of Internet Services, and the inetd configuration file, which informs the Internet daemon about running tftpd on this system. These tasks are explained in the next sections. The services file associates official service names and aliases with the port number and protocol the services use. To enable tftpd, you must update the services file. Perform the following:
The configuration file for inetd determines which installed Internet Services are available to users. To add tftpd to your system, you will need to edit this configuration file, then have inetd re-read the configuration. To do so:
There are two options in the tftpd entry, [user] and [path], which are explained in the next two sections. For more detailed information about editing the configuration file, read Chapter 2 “Internet Daemon” The Internet daemon runs tftpd as the user specified in the [user] parameter of its entry in the inetd configuration file. For example, this entry instructs inetd to run the TFTP server as USER.TFTP: tftp dgram udp wait USER.TFTP /SYS/NET/TFTPD tftpd Hewlett-Packard recommends that you run tftpd this way, and that you use the following steps to create the TFTP account and two user identifications, USER.TFTP and MGR.TFTP, with the appropriate capabilities:
For security reasons, USER.TFTP is not assigned ND, SF, PM or SM capabilities. This way USER.TFTP can be used to run tftpd while MGR.TFTP, who is assigned some of these capabilities, can control which files are placed in the TFTPDIR group. As an option, you can use the [path] parameter in the inetd configuration file entry to specify the list of files or directories that are available to TFTP clients. For example, if you would like to have the /tmp and /bin directories available to TFTP clients in addition to the home group of the TFTP user, edit the line to look like this: tftp dgram udp wait USER.TFTP /SYS/NET/TFTPD tftpd /tmp /bin When a file is requested by a TFTP client, tftpd first looks for a file relative to the home directory of the user specified in the inetd configuration file. If it does not find the file there, it then checks to see if the following two conditions are met:
When invoked with no path arguments, tftpd cannot follow symbolic links that refer to paths outside of the home directory of the user specified in the inetd configuration file. If permission is given to remote systems to retrieve a file through TFTP, then the file must be readable by the user specified in the inetd configuration file. If permission is given to remote systems to transmit a file through TFTP, then the file must already exist and be writable by the user specified in the inetd configuration file. |
|