Ross S. W. Walker wrote:
Just to make sure, is the /tftpboot directory set to perms 777?
Not that that parent directory (/tftpboot) requires (or should
ever have) anything like that to work
-- why the voodoo suggestion?
Because if you are allowing any old anonymous user to write to
that directory then why would one care if you only allowed group
'nobody' to write there?
You could set it to 755 and create a 'cisco' dir underneath with
777, but I would leave that for when it's working.
Chances are though everything under /tftpboot is subject to
modification and /tftpboot will need to be a separate volume to
protect against DoS through filling up the disk drive.
The usual approach is to create the filename yourself (ssh in and "touch
devicename-confg") and chmod it to 666 before doing the tftp. That way
you don't have to let tftp create any files and its lack of
authentication is less of an issue). If you are committing the configs
to cvs (a good idea, since you can easily track changes), note that cvs
for some reason will change the modes as a side effect of the commit and
you'll have to put them back to 666 before the next tftp in.
--
Les Mikesell
lesmikesell@xxxxxxxxx
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
