ITEM: J2572L
tftp permissions: Error 0: permission denied
QUESTION:
Attempting tftp between two systems. From one, I can put and get
with no problem. From the other, can only get. When attempting put,
receive error code 0, permission denied. I own both directories
and write permission set to 'world write'. I have no TFTP access
control file.... What am I missing?
A: After some testing, it appears that there are two conditions
which could result in an 'Error code 0: Permission denied' message.
Either:
1) The tftpd daemon on the remote machine has been started
without the "-n" flag which would prevent remote users from
creating files on the remote host (i.e. rs01-01 in your case),
or
2) The file you are attempting to transfer from the source
system (i.e. test1 on rs02-02) does not have read permission for
the user attempting to transfer the file.
Foregoing the later, check the /etc/inetd.conf file on the target
system (i.e. rs01-01.tgsc-trng.trs.com) for an uncommented
tftp entry as follows:
tftp dgram udp wait nobody /etc/tftpd tftpd -n
The following entry in must be in the /etc/services file:
tftp 69/udp
If you have to modify either of the above, you will need to
refresh the "inetd" daemon to read the changes. Perform the
following:
\# inetimp
\# refresh -s inetd
Then restart the tftp subserver with the following command:
stopsrc -t tftp
startsrc -t tftp
Note: The tftpd will not show up as an active process (i.e. in
the "ps -ef" output) until it is invoked by a remote user performing
a tftp to the RISC System/6000. Thus, to verify that the tftpd
daemon has been activated, issue the folowing:
lssrc -t tftp
The above was extracted from the InfoExplorer article on the "tftpd
daemon". This article can be referenced through the Commands
section or via the command line with "man tftpd".
Permissions required for the PUT subcommand
The tftp command uses the nobody account as defined in the /etc/inetd.conf
file. The nobody account uses 'other' permissions by default when referencing
files. Therefore the permissions on the directory that you want
to transfer a file to must have permissions of 777.
d rwx rwx rwx
| | |--------other
| |
| |------------group
|
|----------------owner
Actually all you need is the write bit activated for 'group' or
'owner'. 'Other' must have all its bits activated, plus owner and
group must all be activated as well. That is why the permissions
for a nobody user using 'other' must be 777.
If you want to restrict permissions, you can change the nobody's
user group to a certain 'primary group', where only those who belong
to that group can transfer files to the directory on the remote machine.
The nobody's user group must be changed on the remote machine, where
we are doing the putting a file.
smit user
Change / Show Characteristics of a User
Enter in 'nobody' for user name.
Change the 'PRIMARY Group' to a specified group: system, staff, etc.
If you want to have a file transferred to the same directory on the
remote machine and have the same filename, just do the following:
tftp> put /etc/motd
Notice that there is not a destination path and filename.
This statment will transfer 'motd' to the 'etc' directory on the
remote machine.
Support Line: tftp permissions: Error 0: permission denied ITEM: J2572L
Dated: September 1994 Category: N/A
This HTML file was generated 99/06/24~13:30:43
Comments or suggestions?
Contact us