Marcos Ortiz wrote, On 07/04/2011 02:02 AM: > Can you show here the error in the log? > Do you have SELinux enabled in enforcing mode? > Try to do this: getsetbool -a | grep tftpd to see all boolean related to > this service. > > Regards $ getsebool -a | grep tftp tftp_anon_write --> off I have set this bool to "on" via the selinux gui and it made no difference. (Also, I am not not trying to write via tftp, just read.) This is the error I see running with in full enforcing mode and it occurs each time the remote host (a bdi2000 jtag emulator) attempts to read its configuration file using tftp from the fedora box. Jul 4 00:36:33 wally xinetd[6013]: START: tftp pid=6706 from=192.168.1.21 Jul 4 00:36:33 wally in.tftpd[6706]: /home/gene/my_dir: Permission denied Jul 4 00:36:33 wally xinetd[6013]: EXIT: tftp status=66 pid=6706 duration=0(sec) When I change just the tftpd process to "permissive" using the selinux gui it fixes the problem. Note: If I put the files read by the emulator in the "standard" location, /var/lib/tftpd, it works OK in full enforcing mode. -gene > > On 07/04/2011 12:50 AM, Gene Smith wrote: >> I can manually run a tftp server that allows access to files in a >> directory under ~ with no problem. But when I try to run the server >> under xinetd using the /etc/xinetd.d/tftp configuration file a >> "permission denied" error shows up in /var/log/message with no >> indication it is selinux related. But if I make selinux permissive for >> tftpd it then works. >> >> Is there a quick way to configure selinux to allow this type of tftp >> access (just read-only) w/o resorting to a "permissive" setting? >> >> Thanks, >> -gene >> > > -- > Marcos Luís Ortíz Valmaseda > Software Engineer (UCI) > http://marcosluis2186.posterous.com > http://twitter.com/marcosluis2186 > -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
