TFTP server installation and configuration

Hello;

Below is my openSuSe version details:

NAME=“openSUSE Leap”
VERSION=“15.3”
ID=“opensuse-leap”
ID_LIKE=“suse opensuse”
VERSION_ID=“15.3”

I did installation for tftp and yast2-tftp-server packages using software management, also I enabled the tftp service from network services and the firewall already disabled.
Now, I did not find the tftp file under /etc/x.inetd/ which should contains the needed configuration for the tftp server. So why this file is not existed?
Below is the output of the ls -ltr:

machine:/etc/xinetd.d # ls -ltr
total 48
-rw-r–r-- 1 root root 313 Mar 13 2021 time-udp
-rw-r–r-- 1 root root 319 Mar 13 2021 time
-rw-r–r-- 1 root root 314 Mar 13 2021 services
-rw-r–r-- 1 root root 312 Mar 13 2021 servers
-rw-r–r-- 1 root root 304 Mar 13 2021 echo-udp
-rw-r–r-- 1 root root 285 Mar 13 2021 echo
-rw-r–r-- 1 root root 312 Mar 13 2021 discard-udp
-rw-r–r-- 1 root root 293 Mar 13 2021 discard
-rw-r–r-- 1 root root 313 Mar 13 2021 daytime-udp
-rw-r–r-- 1 root root 293 Mar 13 2021 daytime
-rw-r–r-- 1 root root 313 Mar 13 2021 chargen-udp
-rw-r–r-- 1 root root 293 Mar 13 2021 chargen

Also, how I can monitor the tftp server to know that a request came for it and what the server returned?

Regards
Bilal

I do not run tftp, but I am wondering a bit.

You seem to have used the YaST TFTP Server module to start the daemon (and my experience with other network services managed through YaST is that then YaST opens the firewall for you, thus no need to do it manually). But I assume that YaST module is also to configure it. Is that not the case?

Then, you seem to think that tftp is managed by xinetd. While I assume that it is possible to do so, that is apparently not the way it is done by the YaST module. I guess it is just running by itself, You can of course check with

systemctl status tftpd

(I am guessing that that tftp is the service name, I do not have the tftp package installed).

Hello;

First of all, I am referring to below link for installing the tftp service on my opensuse machine:

https://en.opensuse.org/SDB:YaST_TFTP_Server

It is written in that link the following:

The TFTP server is invoked from xinetd. All configuration for the TFTP server is therefore stored in cat /etc/xinetd.d/tftp. The server can be configured using arguments that are passed to the tftp program.

You are assuming that yast is doing the configuration of the tftp? Well, where I can determine the tftp path that we place the needed files in it? This one of the important configuration that should be given.

The tftp file that should be existed under /etc/xinet.d/ need to be created manually or it is created automatically when the packages installed from yast?

Below is the output of the systemctl status tftpd and systemctl status xinetd:


Machine:~ # systemctl status tftpd
Unit tftpd.service could not be found.





Machine:~ # systemctl status xinetd
● xinetd.service - Xinetd A Powerful Replacement For Inetd
     Loaded: loaded (/usr/lib/systemd/system/xinetd.service; disabled; vendor preset: disabled)
     Active: active (running) since Fri 2022-10-28 23:28:31 EEST; 14h ago
       Docs: man:xinetd
             man:xinetd.conf
             man:xinetd.log
   Main PID: 25771 (xinetd)
      Tasks: 1
     CGroup: /system.slice/xinetd.service
             └─25771 /usr/sbin/xinetd -stayalive -dontfork


Oct 28 23:28:31 Machine xinetd[25771]: Reading included configuration file: /etc/xinetd.d/discard [file=/etc/xinetd.d/discard] [line=14]
Oct 28 23:28:31 Machine xinetd[25771]: Reading included configuration file: /etc/xinetd.d/discard-udp [file=/etc/xinetd.d/discard-udp] [line=13]
Oct 28 23:28:31 Machine xinetd[25771]: Reading included configuration file: /etc/xinetd.d/echo [file=/etc/xinetd.d/echo] [line=14]
Oct 28 23:28:31 Machine xinetd[25771]: Reading included configuration file: /etc/xinetd.d/echo-udp [file=/etc/xinetd.d/echo-udp] [line=13]
Oct 28 23:28:31 Machine xinetd[25771]: Reading included configuration file: /etc/xinetd.d/servers [file=/etc/xinetd.d/servers] [line=14]
Oct 28 23:28:31 Machine xinetd[25771]: Reading included configuration file: /etc/xinetd.d/services [file=/etc/xinetd.d/services] [line=13]
Oct 28 23:28:31 Machine xinetd[25771]: Reading included configuration file: /etc/xinetd.d/time [file=/etc/xinetd.d/time] [line=13]
Oct 28 23:28:31 Machine xinetd[25771]: Reading included configuration file: /etc/xinetd.d/time-udp [file=/etc/xinetd.d/time-udp] [line=14]
Oct 28 23:28:31 Machine xinetd[25771]: 2.3.15.4 started with libwrap loadavg labeled-networking options compiled in.
Oct 28 23:28:31 Machine xinetd[25771]: Started working: 0 available services
Machine:~ #




I appreciate the kindly help.

Regrads
Bilal

This https://en.opensuse.org/SDB:YaST_TFTP_Server is outdated. The tftp service is started via systemd socket activation now. The xinetd stuff is deprecated.
Example is from a Leap 15.4 machine but 15.3 should be similar:


> sudo systemctl enable  tftp.socket  
Created symlink /etc/systemd/system/sockets.target.wants/tftp.socket → /usr/lib/systemd/system/tftp.socket.

> sudo systemctl start  tftp.socket

> >  systemctl status tftp.socket 
  tftp.socket - Tftp Server Activation Socket 
     Loaded: loaded (/usr/lib/systemd/system/tftp.socket; enabled; vendor preset: disabled) 
     Active: **active (listening)** since Sat 2022-10-29 13:47:35 CEST; 7min ago 
   Triggers: ● tftp.service 
     Listen: ::]:69 (Datagram) 
      Tasks: 0 (limit: 4915) 
     CGroup: /system.slice/tftp.socket 

Okt 29 13:47:35 blitz systemd[1]: Listening on Tftp Server Activation Socket.



The default TFTP directory is /srv/tftpboot/. You can change it in the configfile /etc/sysconfig/tftp if required. Although i do not have installed yast2-tftp-server i would guess you can do the same via the Yast TFTP module.

@rawar is quicker, but starting YaST > Network Service > TFTP Server asks me allowance to install the tftp package, which I do. It then shows a configuration screen (which is in Dutch in my case, thus you may see a bit different texts) that
asks if it should be started direct after this action, if it should be started in the future after every boot. It then offers me to change the map /srv/tftpboot to something different and if it should open the firewall. All rather trivial.

Thanks a lot for the kindly reply and kindly help for all of you dears.
@rawar
How I can see the logs?
I did what you mentioned, but there is no tftp log file under /var/log.
Also, I need to see the live tftp logs to be able to monitor.
From the other side, the tftp configuration file that is existed under etc/sysconfig contains TFTP_OPTIONS, so I can pass the server args here (like -s, -c and -v)?

@hcvv
how I can pass the server args like -s or -c or -v like (server_args = -s /srv/tftpboot ) that we were passing it in the tftp config file that was existed under /etc/xinetd.d?
Also, how to see the logs of the tftp to be able to monitor it?

Regards
Bilal

That is also new to me. But reading man pages (like the one for systemd.socket), it says that there should also be a systemd.service file. If I understand correctly, systemd, seeing an incomming request for the port, starts the servive (analoge xinetd).

As I do not have tftp installed, I can not check, but thus there must be both

/usr/lib/systemd/system/tftpd.socket
/usr/lib/systemd/system/tftpd.service

The Exec statement is in the latter. And when you think you need it altered, then use the appropriate ways of creating

/etc/systemd/system/tftp.service

Best “appropriate way” I assume is using

systemctl edit .......

because it is special made for this kind of actions.

Again, this is partly guessing, because I do not use tftp (e.g. the tftpd in the file names is a guess).

Dears;

Please I need a help: How to show the logs of TFTP to be able to know if the clients communicated with the server and what the server responded?

Appreciate the kindly help.

Regards
Bilal

I assume logging (maybe you have to add at least one -v option to get something), goes to the system logs.

Thank you Henk;
But where I have to add -v?
In case of using xinetd, previously I was adding the -v (or -vvv) in the tftp file under /etc/xinetd.d, but this file is not more existed.

In case of using the way of @rawar, which is depending on activating the tftp.socket, then should I add it to the TFTP_OPTIONS that is existed under /etc/sysconfig?

Regards
Bilal

Add -vvv to TFTP_OPTIONS in /etc/sysconfig/tftp with an editor or Yast2. In the system journal you will see lines from in.tftpd. But even with -vvv the output is not very verbose.

Sorry i forgot to mention if you edit /etc/sysconfig/tftp you might need to restart with


> sudo systemctl restart tftp.socket

first. I do not know if a restart is required with the yast2 module too,

Post #7above??

You did not report back on that post. Did you find things I assumes would be there?

It is up to you.

You can either still do it using xinet, but then you can not use YaST. In fact you then first have to undo all you did with YaST. You then create the file in /etc/xinetd.d and then use YaST > System > System Services to start xinetd.

Or you go the systemd route, of which I guess there is enough information above. When you still think things are unclear there, then ask here. But do so informing of the steps you have done, what went wrong, etc. We are not mind readers.

Hello Henk,
Thank you for your kindly advise and help. And sorry for late in replying for your post.
I uninstalled the tftp and yas2-tftp-server to try from clean, then I re-installed them again and did the checking for the files that you mentioned and found the following:

/usr/lib/systemd/system # vi tftp.service

[Unit]
Description=Tftp Server
Requires=tftp.socket
Wants=network.target
After=network.target


[Service]
EnvironmentFile=/etc/sysconfig/tftp
ExecStart=/usr/sbin/in.tftpd -u $TFTP_USER -s $TFTP_DIRECTORY $TFTP_OPTIONS
StandardInput=socket
PrivateDevices=yes



/usr/lib/systemd/system # vi tftp.socket

[Unit]
Description=Tftp Server Activation Socket


[Socket]
ListenDatagram=69


[Install]
WantedBy=sockets.target



But I did not understand from you why you need me to create the tftp.service in the path /etc/systemd/system/?
And why you need me to use systemctl edit to edit this tftp.service file that need to be created? Why not to use vi editor?
By the way, I tried systemctl edit for /usr/lib/systemd/system/tftp.service but did not show me what it contains, I was able to see the contents using vi.

Coming to the tftp.service file that is existed under /usr/lib/systemd/system/ and to the arguments, can you please advise me for the following:

ExecStart=/usr/sbin/in.tftpd -u $TFTP_USER -s $TFTP_DIRECTORY $TFTP_OPTIONS
  1. From where it find the values of $TFTP_USER, $TFTP_DIRECTORY and $TFTP_OPTIONS?
  2. Where I have to pass the -vvv? Is it in the /usr/lib/systemd/system/tftp.service or in the /etc/systemd/system/tftp.service that need to be created?

Regards
Bilal

Hello @rawar;

When you say Yast2, how I can add the -vvv (as TFTP_OPTIONS) in Yast2? Where?
Also, in.tftpd is for incoming traffic for tftp? So we will see only the incoming request and will not see what the tftp server is going to return for the client?

Regards
Bilal

A bit much. Will start somewhere.

Reading the systemd documentation.

You are strongly adviced NOT to change files in /usr/lib/systemd/system. Wre it alone because they might be overwritten by a re-install of the package they belong to.
Instead you either create a drop in file in /etc/systemd/system (which contains statements that deviate from what is in /usr/lib/systemd/system or a replacement file in /etc/systemd/system that makes that the file in /usr/lib/systemd/system is ignored. Both have their pros and cons.

You can make such a replacement file by copying

cp /usr/lib/systemd/system/sftp.service /etc/systemd/system/sftp.service

and then editing it (e.g. using vi). But the systemd guys have created a help for this with the systemctl edit command.

man systemctl

and scroll down in the commands list until you find edit (it is not alphabetic :frowning: ).

So you can cp and vi if you prefer that.
Old saying: “In Unix/Linux there are always 100 ways to do something, of at least 80 are correct.”

Your listing (please make it easy for yourself and us to include the command you used within the CODE section. It is there, just one line more at the top, like


prompt: cat /usr/lib/systemd/system/sftp.service
[Unit]
Description=Tftp Server
Requires=tftp.socket
Wants=network.target
After=network.target


[Service]
EnvironmentFile=/etc/sysconfig/tftp
ExecStart=/usr/sbin/in.tftpd -u $TFTP_USER -s $TFTP_DIRECTORY $TFTP_OPTIONS
StandardInput=socket
PrivateDevices=yes
prompt:

Did you not see EnvironmentFile=/etc/sysconfig/tftp? I assume the definitions of $TFTP_…are there.
A bit of investigation on your owm initiative would not be bad.
And then again I guess $TFTP_OPTION could be enriched with your -v option.

The default tftp settings are defined in file /etc/sysconfig/tftp. The servie unit reads this file into the environment before the start of in.tftpd


[Unit]
Description=Tftp Server
Requires=tftp.socket
Wants=network.target
After=network.target 
[Service]
**EnvironmentFile=/etc/sysconfig/tftp**
ExecStart=/usr/sbin/in.tftpd -u $TFTP_USER -s $TFTP_DIRECTORY $TFTP_OPTIONS
StandardInput=socket
PrivateDevices=yes


> cat /etc/sysconfig/tftp

## Description: TFTP Configuration 
## Type:    string 
## Default: "tftp" 
# 
#  daemon user (tftp) 
# 
TFTP_USER="tftp" 

## Type:    string 
## Default: "" 
## 
## INFO: 
# 
# tftp options 
# 
**TFTP_OPTIONS="-vvv" **

## Type:    string 
## Default: "/srv/tftpboot" 
## was "/tftpboot" but 
## "/tftpboot" is not allowed anymore in FHS 2.2. 
# 
#  TFTP directory must be a world readable/writable directory. 
#  By default /srv/tftpboot is assumed. 
# 
TFTP_DIRECTORY="/srv/tftpboot"

The network part is done by systemd more or less in the same way as xinetd did it in the past. If a tftp request is received on port 69 by systemd the tftp.service unit is started, it reads the $TFT_* settings form /etc/sysconfig/tftp and starts in.tftp. Then systemd pass the received request to the in.tftp process and frowards the response from in.tftp via the network to the tftp client. Sorry i am wrong in the tftp yast module you cannot set the TFTP_OPTIONS (at least in the Leap 15.4 version of my machine).

@Henk oops this time i was too slow :wink:

Does not matter. Yours is even more elaborate and takes him by the hand. Mine was only based on logic, because I do not have the package installed.