Provides the server function for the Trivial File Transfer Protocol.
/usr/sbin/tftpd [ -c ] [ -n ] [ -p ] [ -r ] [ -v ] [ -t ] [ -s ] [ -x ] [ -z ] [ -d Directory]
Note: The tftpd daemon is normally started by the inetd daemon. It can also be controlled from the command line, using SRC commands.
The /usr/sbin/tftpd daemon runs the Trivial File Transfer Protocol (TFTP) server. Files sent using TFTP can be found in the directory specified by the full path name given on the tftp or utftp command line.
Note: The tftp command, utftp command, and tftpd server are not available when the auditing system is in use. For more information, see Understanding Security for TCP/IP, the Auditing Overview, and the audit command.
Changes to the tftpd daemon can be made using the System Management Interface Tool (SMIT) or System Resource Controller (SRC), by editing the /etc/inetd.conf or /etc/services file. The tftpd daemon is started by default when it is uncommented in the /etc/inetd.conf file.
The inetd daemon get its information from the /etc/inetd.conf file and the /etc/services file.
After changing the /etc/inetd.conf or /etc/services file, run the refresh -s inetd or kill -1 InetdPID command to inform the inetd daemon of the changes to its configuration file.
The tftpd server should have a user ID with the least privileges possible. The nobody ID allows the least permissions, and is the default user ID.
The tftpd daemon should be controlled using the System Management Interface Tool (SMIT) or by changing the /etc/inetd.conf file. Entering tftpd at the command line is not recommended.
With Release 4.3.x, the tftpd server has become a multithreaded application. Another major change is the server's ability to handle the new TFTP Blocksize Option (RFC1783). This new capability allows a client to negotiate a larger blocksize which improves tftp file transfer performance significantly. As a result, the boot time performance of diskless nodes using TFTP also improves significantly. The tftp client must be able to do blocksize negotiation to take advantage of this performance improvement. The blocksize option has not been implemented in the current tftp command.
The /etc/tftpaccess.ctl file is searched for lines that start with allow: or deny:. Other lines are ignored. If the file doesn't exist, access is allowed. The allowed directories and files minus the denied directories and files can be accessed. For example, the /usr directory might be allowed and the /usr/ucb directory might be denied. This means that any directory or file in the /usr directory, except the /usr/ucb directory, can be accessed. The entries in the /etc/tftpaccess.ctl file must be absolute path names.
The /etc/tftpaccess.ctl file should be write-only by the root user and readable by all groups and others (that is, owned by root with permissions of 644). The user nobody must be able to read the /etc/tftpaccess.ctl file. Otherwise, the tftpd daemon is not able to recognize the existence of the file and allows access to the entire system. For more information, refer to the sample tftpaccess.ctl file, which resides in the /usr/samples/tcpip directory.
The search algorithm assumes that the local path name used in the tftp command is an absolute path name. It searches the /etc/tftpaccess.ctl file looking for allow:/. It repeatedly searches for allowed path names with each partial path name constructed by adding the next component from the file path name. The longest path name matched is the one allowed. It then does the same with denied names, starting with the longest allowed path name matched.
For example, if the file path name were /a/b/c and the /etc/tftpaccess.ctl file contained allow:/a/b and deny:/a, one allowed match would be made (/a/b) and no denied match starting with /a/b would be made, and access would be allowed.
If the /etc/tftpaccess.ctl file contained allow:/a and deny:/a/b, one allowed match would be made (/a) and one denied match starting with /a (/a/b) would be made, and access would be denied. If the /etc/tftpaccess.ctl file contained allow:/a/b and also contained deny:/a/b, access would be denied because allowed names are searched first.
The tftpd daemon is a
subserver of the inetd daemon, which is a subsystem of the System
Resource Controller (SRC). The tftpd
daemon is a member of the tcpip SRC subsystem group. This
daemon is enabled when it is uncommented in the
/etc/inetd.conf file and can be manipulated by the following
SRC commands:
startsrc | Starts a subsystem, group of subsystems, or a subserver. |
stopsrc | Stops a subsystem, group of subsystems, or a subserver. |
lssrc | |
Gets the status of a subsystem, group of subsystems, or a subserver. |
Note: The arguments for the tftpd daemon can be specified by using SMIT or by editing the /etc/inetd.conf file.
The kill command, lssrc command, refresh command, startsrc command, stopsrc command, tftp command.
The inetd daemon.
The /etc/inetd.conf file format.
Trivial File Transfer Protocol (TFTP) in AIX 5L Version 5.1 System Management Guide: Communications and Networks.
TCP/IP Daemons in AIX 5L Version 5.1 System Management Guide: Communications and Networks.