Today the article will be small. In general, in my opinion, everything is quite simple, but since CentOS8 was recently released, there are few guides on it, and specifically about tftp under CentOS, I saw a lot of frankly harmful tips on the Internet, so Iโll try to ask a trend to correct the situation right from the moment the new version is released. So, let's get down to the set of three pathetic five teams that we need. First, install all the required packages:
sudo dnf -y install xinetd tftp-server tftp vim
Now we will create (or fix) the xinetd configuration file so that it starts the tftp server when accessing the corresponding port, this can be done through the standard vi editor, through nano, which is most familiar to most people, or through vim, which differs from the default vi that has a wider functionality, including syntax highlighting. I prefer the last paragraph, so this editor was the last word in the command above. If someone is satisfied with the editors available in the system, you can not install vim (although in addition to using an additional 60 MB of disk space, he will not do worse either).
sudo vim /etc/xinetd.d/tftp
Here it is necessary to go into the text insertion mode (type: set paste and enter), then edit (Insert key on the keyboard), then select the configuration file below, copy and paste into the terminal window.
When you edit the
config text, please pay attention to the
server_args argument. At the end of the line, the path to the directory where the files given by tftp will lie is set. Change this directory to the one that should be used with you. I also want to say right away that it will be necessary to configure a tftp server in SeLinux to work with this directory, there is no โdefaultโ configuration for a tftp server in CentOS. Now I will not write about the configuration of SeLinux, because then I will somehow prepare a separate article on this topic.
# default: off # description: The tftp server serves files using the trivial file transfer \ # protocol. The tftp protocol is often used to boot diskless \ # workstations, download configuration files to network-aware printers, \ # and to start the installation process for some operating systems. service tftp { socket_type = dgram protocol = udp wait = yes user = root server = /usr/sbin/in.tftpd server_args = -v -s /var/lib/tftpboot disable = no per_source = 11 cps = 100 2 flags = IPv4 }
Next, press Esc, and then ": wq" and enter.
Now turn on the server:
sudo systemctl start xinetd sudo systemctl enable xinetd sudo firewall-cmd --permanent --zone=public --add-service=tftp && sudo firewall-cmd --reload
Yes, you
do not need to hang tftpd at startup, although this is not entirely obvious.
Next, you need to check that everything works. We create some file and try to download it (I did it for the popular file storage path, if you have another one, change it here):
echo passed > ~/test.txt sudo mv ~/test.txt /var/lib/tftpboot tftp 127.0.0.1 -c get test.txt cat test.txt
If the word "passed" appears in the console, then the server is working. If at the same time it will not be accessible from the local network - deal with the zones in firewalld, we made access to the public zone, not everyone needs access to tftp from it.
PS If there are questions in the comments, I will explain how to transfer centos 8 from firewalld to iptables, but IMHO there is no fundamental difference between them.