Eu recebo o seguinte erro:
SW-AL710-1#copy running-config tftp:
Address or name of remote host []? 10.0.1.130
Destination filename [sw-al710-1-confg]?
%Error opening tftp://10.0.1.130/sw-al710-1-confg (Timed out)
Esta é minha configuração:
more /etc/xinetd.d/tftp
socket_type = dgram
protocol = udp
wait = yes
user = root
server = /usr/sbin/in.tftpd
server_args = -s /var/lib/tftpboot -vvv
disable = no
per_source = 11
cps = 100 2
flags = IPv4
Meu servidor tftp é executado:
ps ax | grep tftp
2532 ? Ss 0:00 in.tftpd -s /var/lib/tftpboot -vvv
E meu xinetd também funciona:
service xinetd status
xinetd (pid 2483) is running...
netstat -unlp | grep xinetd
udp 0 0 0.0.0.0:69 0.0.0.0:* 2483/xinetd
O arquivo de configuração necessário está em seu lugar:
ls -lZ /var/lib/tftpboot/
-rwxrwxrwx. root root unconfined_u:object_r:tftpdir_rw_t:s0 sw-al710-1-confg
Permissões e outras configurações parecem corretas:
chkconfig --list | grep tftp
tftp: on
ls -lad /var/lib/tftpboot/
drwxrwxrwx. 2 root root 4096 Feb 13 12:31 /var/lib/tftpboot/
getsebool -a | grep -i tftp
tftp_anon_write --> on
Testando a conexão com um tcpdump, recebo a seguinte saída:
tcpdump port 69 -vv
tcpdump: listening on eth3, link-type EN10MB (Ethernet), capture size 65535 bytes
12:34:42.400626 IP (tos 0x0, ttl 255, id 0, offset 0, flags [none], proto UDP (17), length 53)
10.0.1.223.60291 > NOC1.tftp: [udp sum ok] 25 WRQ "sw-al710-1-confg" octet
12:34:46.394984 IP (tos 0x0, ttl 255, id 1, offset 0, flags [none], proto UDP (17), length 53)
10.0.1.223.60291 > NOC1.tftp: [udp sum ok] 25 WRQ "sw-al710-1-confg" octet
more /etc/hosts.allow
# hosts.allow This file contains access rules which are used to
# allow or deny connections to network services that
# either use the tcp_wrappers library or that have been
# started through a tcp_wrappers-enabled xinetd.
#
# See 'man 5 hosts_options' and 'man 5 hosts_access'
# for information on rule syntax.
# See 'man tcpd' for information on tcp_wrappers
#
more /etc/hosts.deny
#
# hosts.deny This file contains access rules which are used to
# deny connections to network services that either use
# the tcp_wrappers library or that have been
# started through a tcp_wrappers-enabled xinetd.
#
# The rules in this file can also be set up in
# /etc/hosts.allow with a 'deny' option instead.
#
# See 'man 5 hosts_options' and 'man 5 hosts_access'
# for information on rule syntax.
# See 'man tcpd' for information on tcp_wrappers
audit.log
type=AVC msg=audit(1488191076.406:200525): avc: denied { write } for pid=22689 comm="in.tftpd" name="config.text" dev=dm-0 ino=5373954 scontext=unconfined_u:system_r:tftpd_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488191076.406:200525): avc: denied { open } for pid=22689 comm="in.tftpd" name="config.text" dev=dm-0 ino=5373954 scontext=unconfined_u:system_r:tftpd_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:default_t:s0 tclass=file
type=SYSCALL msg=audit(1488191076.406:200525): arch=c000003e syscall=2 success=yes exit=1 a0=608e22 a1=241 a2=1b6 a3=4000 items=0 ppid=22509 pid=22689 auid=503 uid=99 gid=99 euid=99 suid=99 fsuid=99 egid=99 sgid=99 fsgid=99 tty=(none) ses=32555 comm="in.tftpd" exe="/usr/sbin/in.tftpd" subj=unconfined_u:system_r:tftpd_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1488191076.406:200526): avc: denied { getattr } for pid=22689 comm="in.tftpd" path="/config.text" dev=dm-0 ino=5373954 scontext=unconfined_u:system_r:tftpd_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:default_t:s0 tclass=file
type=SYSCALL msg=audit(1488191076.406:200526): arch=c000003e syscall=5 success=yes exit=0 a0=1 a1=7fffbd7827b0 a2=7fffbd7827b0 a3=4000 items=0 ppid=22509 pid=22689 auid=503 uid=99 gid=99 euid=99 suid=99 fsuid=99 egid=99 sgid=99 fsgid=99 tty=(none) ses=32555 comm="in.tftpd" exe="/usr/sbin/in.tftpd" subj=unconfined_u:system_r:tftpd_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1488191355.130:200527): avc: denied { write } for pid=22726 comm="in.tftpd" name="config.text" dev=dm-0 ino=5373954 scontext=unconfined_u:system_r:tftpd_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:tftpdir_t:s0 tclass=file
type=SYSCALL msg=audit(1488191355.130:200527): arch=c000003e syscall=2 success=yes exit=1 a0=608e22 a1=241 a2=1b6 a3=4000 items=0 ppid=22509 pid=22726 auid=503 uid=99 gid=99 euid=99 suid=99 fsuid=99 egid=99 sgid=99 fsgid=99 tty=(none) ses=32555 comm="in.tftpd" exe="/usr/sbin/in.tftpd" subj=unconfined_u:system_r:tftpd_t:s0-s0:c0.c1023 key=(null)
Qual pode ser o motivo, como consertar isso?