1
Author: Daniel Baumann <daniel@debian.org>
2
Description: Adjust default sever root to debian defaults.
4
diff -Naurp tftp-hpa.orig/README.security tftp-hpa/README.security
5
--- tftp-hpa.orig/README.security 2009-08-14 08:55:13.000000000 +0000
6
+++ tftp-hpa/README.security 2009-08-14 21:29:34.000000000 +0000
7
@@ -13,10 +13,10 @@ probably the following:
9
1. Create a separate "tftpd" user and group only used for tftpd;
10
2. Have all your boot files in a single directory tree (usually called
12
-3. Specify "-p -u tftpd -s /tftpboot" on the tftpd command line; if
14
+3. Specify "-p -u tftpd -s /srv/tftp" on the tftpd command line; if
15
you want clients to be able to create files use
16
- "-p -c -U 002 -u tftpd -s /tftpboot" (replace 002 with whatever
17
+ "-p -c -U 002 -u tftpd -s /srv/tftp" (replace 002 with whatever
18
umask is appropriate for your setup.)
20
=======================================
21
@@ -36,12 +36,12 @@ directly. Thus, if your /etc/inetd.conf
24
tftp dgram udp wait root /usr/sbin/tcpd
25
-/usr/sbin/in.tftpd -s /tftpboot -r blksize
26
+/usr/sbin/in.tftpd -s /srv/tftp -r blksize
28
... it's better to change to ...
30
tftp dgram udp wait root /usr/sbin/in.tftpd
31
-in.tftpd -s /tftpboot -r blksize
32
+in.tftpd -s /srv/tftp -r blksize
34
You should make sure that you are using "wait" option in tftpd; you
35
also need to have tftpd spawned as root in order for chroot (-s) to
36
diff -Naurp tftp-hpa.orig/tftpd/sample.rules tftp-hpa/tftpd/sample.rules
37
--- tftp-hpa.orig/tftpd/sample.rules 2009-08-14 08:55:13.000000000 +0000
38
+++ tftp-hpa/tftpd/sample.rules 2009-08-14 21:30:36.000000000 +0000
39
@@ -29,5 +29,5 @@ rg \\ / # Convert backslashes to slash
40
rg \# @ # Convert hash marks to @ signs
41
rg /../ /..no../ # Convert /../ to /..no../
42
e ^ok/ # These are always ok
43
-r ^[^/] /tftpboot/\0 # Convert non-absolute files
44
+r ^[^/] /srv/tftp/\0 # Convert non-absolute files
45
a \.pvt$ # Reject requests for private files