xref: /freebsd/libexec/tftpd/tftpd.8 (revision 6990ffd8a95caaba6858ad44ff1b3157d1efba8f)
1.\" Copyright (c) 1983, 1991, 1993
2.\"	The Regents of the University of California.  All rights reserved.
3.\"
4.\" Redistribution and use in source and binary forms, with or without
5.\" modification, are permitted provided that the following conditions
6.\" are met:
7.\" 1. Redistributions of source code must retain the above copyright
8.\"    notice, this list of conditions and the following disclaimer.
9.\" 2. Redistributions in binary form must reproduce the above copyright
10.\"    notice, this list of conditions and the following disclaimer in the
11.\"    documentation and/or other materials provided with the distribution.
12.\" 3. All advertising materials mentioning features or use of this software
13.\"    must display the following acknowledgement:
14.\"	This product includes software developed by the University of
15.\"	California, Berkeley and its contributors.
16.\" 4. Neither the name of the University nor the names of its contributors
17.\"    may be used to endorse or promote products derived from this software
18.\"    without specific prior written permission.
19.\"
20.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30.\" SUCH DAMAGE.
31.\"
32.\"	@(#)tftpd.8	8.1 (Berkeley) 6/4/93
33.\" $FreeBSD$
34.\"
35.Dd September 14, 2000
36.Dt TFTPD 8
37.Os
38.Sh NAME
39.Nm tftpd
40.Nd Internet Trivial File Transfer Protocol server
41.Sh SYNOPSIS
42.Nm /usr/libexec/tftpd
43.Op Fl cCln
44.Op Fl s Ar directory
45.Op Fl u Ar user
46.Op Ar directory ...
47.Sh DESCRIPTION
48.Nm Tftpd
49is a server which supports the
50Internet Trivial File Transfer
51Protocol
52.Pq Tn RFC 1350 .
53The
54.Tn TFTP
55server operates
56at the port indicated in the
57.Ql tftp
58service description;
59see
60.Xr services 5 .
61The server is normally started by
62.Xr inetd 8 .
63.Pp
64The use of
65.Xr tftp 1
66does not require an account or password on the remote system.
67Due to the lack of authentication information,
68.Nm
69will allow only publicly readable files to be
70accessed.
71Files containing the string ``/\|\fB.\|.\fP\|/'' or starting with
72``\|\fB.\|.\fP\|/'' are not allowed.
73Files may be written only if they already exist and are publicly writable.
74Note that this extends the concept of
75.Dq public
76to include
77all users on all hosts that can be reached through the network;
78this may not be appropriate on all systems, and its implications
79should be considered before enabling tftp service.
80The server should have the user ID with the lowest possible privilege.
81.Pp
82Access to files may be restricted by invoking
83.Nm
84with a list of directories by including up to 20 pathnames
85as server program arguments in
86.Pa /etc/inetd.conf .
87In this case access is restricted to files whose
88names are prefixed by the one of the given directories.
89The given directories are also treated as a search path for
90relative filename requests.
91.Pp
92The
93.Fl s
94option provides additional security by changing
95.Nm Ns No 's
96root directory, thereby prohibiting accesses outside of the specified
97.Ar directory .
98Because
99.Xr chroot 2
100requires super-user privileges,
101.Nm
102must be run as root.
103However, after performing the
104.Fn chroot ,
105.Nm
106will set its user id to that of the specified
107.Ar user ,
108or
109.Dq nobody
110if no
111.Fl u
112option is specified.
113.Pp
114The options are:
115.Bl -tag -width Ds
116.It Fl c
117Changes the default root directory of a connecting host via chroot based on the
118connecting IP address.
119This prevents multiple clients from writing to the same file at the same time.
120If the directory does not exist, the client connection is refused.
121The
122.Fl s
123option is required for
124.Fl c
125and the specified
126.Ar directory
127is used as a base.
128.It Fl C
129Operates the same as
130.Fl c
131except it falls back to
132.Fl s Ns No 's
133.Ar directory
134if a directory does not exist for the client's IP.
135.It Fl l
136Log all requests using
137.Xr syslog 3
138with the facility of
139.Dv LOG_FTP .
140Note: Logging of
141.Dv LOG_FTP
142messages
143must also be enabled in the syslog configuration file,
144.Xr syslog.conf 5 .
145.It Fl n
146Suppress negative acknowledgement of requests for nonexistent
147relative filenames.
148.It Fl s Ar directory
149Cause
150.Nm
151to change its root directory to
152.Pa directory .
153After changing roots but before accepting commands,
154.Nm
155will switch credentials to an unprivileged user.
156.It Fl u Ar user
157Switch credentials to
158.Ar user
159(default
160.Dq nobody )
161when the
162.Fl s
163option is used.
164The user must be specified by name, not a numeric UID.
165.El
166.Sh SEE ALSO
167.Xr tftp 1 ,
168.Xr chroot 2 ,
169.Xr inetd 8 ,
170.Xr syslogd 8
171.Rs
172.%A K. R. Sollins
173.%T The TFTP Protocol (Revision 2)
174.%D July 1992
175.%O RFC 1350, STD 33
176.Re
177.Sh HISTORY
178The
179.Nm
180command appeared in
181.Bx 4.2 ;
182the
183.Fl s
184option was introduced in
185.Fx 2.2 ,
186the
187.Fl u
188option was introduced in
189.Fx 4.2 ,
190and the
191.Fl c
192option was introduced in
193.Fx 4.3 .
194.Sh BUGS
195Files larger than 33488896 octets (65535 blocks) cannot be transferred
196without client and server supporting blocksize negotiation (RFC1783).
197.Pp
198Many tftp clients will not transfer files over 16744448 octets (32767 blocks).
199