forked from mirrors/tftp-hpa-google
243 lines
6.3 KiB
Groff
243 lines
6.3 KiB
Groff
.\" tftp-hpa: $Id$
|
|
.\" $OpenBSD: tftpd.8,v 1.7 1999/07/09 13:35:51 aaron Exp $
|
|
.\"
|
|
.\" Copyright (c) 1983, 1991 The Regents of the University of California.
|
|
.\" All rights reserved.
|
|
.\"
|
|
.\" Redistribution and use in source and binary forms, with or without
|
|
.\" modification, are permitted provided that the following conditions
|
|
.\" are met:
|
|
.\" 1. Redistributions of source code must retain the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer.
|
|
.\" 2. Redistributions in binary form must reproduce the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer in the
|
|
.\" documentation and/or other materials provided with the distribution.
|
|
.\" 3. All advertising materials mentioning features or use of this software
|
|
.\" must display the following acknowledgement:
|
|
.\" This product includes software developed by the University of
|
|
.\" California, Berkeley and its contributors.
|
|
.\" 4. Neither the name of the University nor the names of its contributors
|
|
.\" may be used to endorse or promote products derived from this software
|
|
.\" without specific prior written permission.
|
|
.\"
|
|
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
|
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
|
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
.\" SUCH DAMAGE.
|
|
.\"
|
|
.\" from: @(#)tftpd.8 6.7 (Berkeley) 5/13/91
|
|
.\" $OpenBSD: tftpd.8,v 1.7 1999/07/09 13:35:51 aaron Exp $
|
|
.\"
|
|
.Dd July 10, 2001
|
|
.Dt TFTPD 8
|
|
.Os
|
|
.Sh NAME
|
|
.Nm tftpd
|
|
.Nd
|
|
IPv4 Trivial File Transfer Protocol server
|
|
.Sh SYNOPSIS
|
|
.Nm in.tftpd
|
|
.Op Fl v
|
|
.Op Fl c
|
|
.Op Fl m Ar mapfile
|
|
.Op Fl u Ar userid
|
|
.Op Fl r Ar option...
|
|
.Op Fl s
|
|
.Op Ar directory
|
|
.Sh DESCRIPTION
|
|
.Nm
|
|
is a server which supports the
|
|
.Tn DARPA
|
|
Trivial File Transfer
|
|
Protocol.
|
|
The
|
|
.Tn TFTP
|
|
server operates
|
|
at the port indicated in the
|
|
.Ql tftp
|
|
service description;
|
|
see
|
|
.Xr services 5 .
|
|
The server is normally started by
|
|
.Xr inetd 8 .
|
|
.Pp
|
|
The use of
|
|
.Xr tftp 1
|
|
does not require an account or password on the remote system.
|
|
Due to the lack of authentication information,
|
|
.Nm
|
|
will allow only publicly readable files to be
|
|
accessed.
|
|
Files may be written only if they already exist and are publicly writable.
|
|
Note that this extends the concept of
|
|
.Dq public
|
|
to include
|
|
all users on all hosts that can be reached through the network;
|
|
this may not be appropriate on all systems, and its implications
|
|
should be considered before enabling tftp service.
|
|
The server should have the user ID with the lowest possible privilege
|
|
(see the
|
|
.Fl u
|
|
flag below.)
|
|
.Pp
|
|
Access to files may be restricted by invoking
|
|
.Nm
|
|
with a list of directories by including pathnames
|
|
as server program arguments in
|
|
.Pa /etc/inetd.conf .
|
|
In this case access is restricted to files whose
|
|
names are prefixed by the one of the given directories.
|
|
.Pp
|
|
If the
|
|
.Fl c
|
|
flag is used,
|
|
.Nm
|
|
will allow new files to be created; otherwise uploaded files must already
|
|
exist. Files are created with default permissions allowing anyone to read
|
|
or write to them.
|
|
.Pp
|
|
When using the
|
|
.Fl s
|
|
flag with a directory name,
|
|
.Nm
|
|
will
|
|
.Xr chroot 2
|
|
on startup; therefore the remote host is not expected to pass the
|
|
directory as part of the file name to transfer. This option is
|
|
recommended for security, as well as compatibility with boot ROMs
|
|
which do not include a directory name.
|
|
.Pp
|
|
The
|
|
.Fl u
|
|
flag can be used to specify a user ID which
|
|
.Nm
|
|
will run as; the default is ``nobody''.
|
|
.Pp
|
|
The
|
|
.Fl m
|
|
flag specifies a file which contains filename remapping rules.
|
|
.Pp
|
|
The
|
|
.Fl v
|
|
flag increases the logging verbosity of
|
|
.Nm tftpd ,
|
|
it can be specified multiple times.
|
|
.Pp
|
|
This version of
|
|
.Nm
|
|
supports RFC 2347 option negotiation; the current version supports the
|
|
.Pa blksize
|
|
(RFC 2348),
|
|
.Pa tsize ,
|
|
(RFC 2349), and
|
|
.Pa timeout
|
|
(RFC 2349) options. The
|
|
.Fl r
|
|
flag can be used to disable options individually; this may allow
|
|
working around client bugs.
|
|
.Sh FILENAME REMAPPING
|
|
The
|
|
.Fl m
|
|
option specifies a file which contains filename remapping rules. Each
|
|
non-comment line (comments begin with hash marks, #) contains an
|
|
.Ar operation ,
|
|
a
|
|
.Ar regex ,
|
|
a regular expression in the style of
|
|
.Xr egrep 1 ,
|
|
and optionally a
|
|
.Ar "replacement pattern" .
|
|
The operation indicated by
|
|
.Ar operation
|
|
is performed if the
|
|
.Ar regex
|
|
matches all or part of the filename. Rules are processed from the top
|
|
down, and by default, all rules are processed even if there is a
|
|
match.
|
|
.Pp
|
|
The
|
|
.Ar operation
|
|
can be any combination of the following letters:
|
|
.Pp
|
|
.Bl -tag -width verbose -compact
|
|
.It Ic r
|
|
Replace the substring matched by
|
|
.Ar regex
|
|
by the
|
|
.Ar "replacement pattern" .
|
|
The escape sequence
|
|
\\0
|
|
can be used to copy the entire matched string, and the sequences
|
|
\\1 to \\9
|
|
copies parenthesized subexpressions. To specify a backslash, white
|
|
space or hash mark, you need to \\-escape it.
|
|
.Pp
|
|
.It Ic g
|
|
Repeat this rule until it no longer matches. This is always used with
|
|
.Ic r .
|
|
.Pp
|
|
.It Ic i
|
|
Match the
|
|
.Ar regex
|
|
case-insensitively. By default it is case sensitive.
|
|
.Pp
|
|
.It Ic e
|
|
If this rule matches, end rule processing after executing the rule.
|
|
.Pp
|
|
.It Ic s
|
|
If this rule matches, start rule processing over from the very first
|
|
rule after executing this rule.
|
|
.Pp
|
|
.It Ic a
|
|
If this rule matches, refuse the request and send an access denied
|
|
error to the client.
|
|
.Pp
|
|
.It Ic G
|
|
This rule applies to GET (RRQ) requests only.
|
|
.Pp
|
|
.It Ic P
|
|
This rule applies to PUT (WRQ) requests only.
|
|
.El
|
|
.Pp
|
|
If the mapping file is changed, you need to send SIGHUP
|
|
(kill -HUP) to any outstanding
|
|
.Nm
|
|
process.
|
|
.Sh SEE ALSO
|
|
.Xr tftp 1 ,
|
|
.Xr egrep 1 ,
|
|
.Xr regex 7 ,
|
|
.Xr inetd 8
|
|
.Sh HISTORY
|
|
The
|
|
.Nm
|
|
command appeared in
|
|
.Bx 4.2 .
|
|
.Pp
|
|
The
|
|
.Fl s
|
|
flag appeared in NetBSD 0.9a.
|
|
.Pp
|
|
The
|
|
.Fl c
|
|
flag was added in OpenBSD 2.1 .
|
|
.Pp
|
|
The
|
|
.Fl r
|
|
flag and RFC 2347 options were added by H. Peter Anvin based on
|
|
patches by Markus Gutschke and Gero Kulhman.
|
|
.Pp
|
|
The
|
|
.Fl u ,
|
|
.Fl v
|
|
and
|
|
.Fl m
|
|
flags were added by H. Peter Anvin.
|
|
|