• Register
    • Login
    • Search
    • Recent
    • Unsolved
    • Tags
    • Popular
    • Users
    • Groups
    • Search

    Solved Unable to connection TFTP.

    FOG Problems
    5
    10
    2153
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      Richard Nihells last edited by

      I am having an issue getting Fog setup. I can’t connect to the TFTP server. I have gone through the troubleshooting steps on the Fog project website the best I could. Can’t find the config.php file.

      I am running fog on a CentOS VM and I set it up a couple of weeks ago. This was a clean install of Fog and CentOS.

      When trying to test on Windows, I get this.
      Error on server : Permission denied
      Connect request failed.

      When trying to have a blank VM do a PXE boot over the network I get this.
      PXE-T00: Permission denied
      PXE-E36: Error received from TFTP server
      PXE-M0F: Exiting Intel PXE ROM.

      Not sure if I missed any details that are needed to help with this. If you need more information I will be happy to provide.

      1 Reply Last reply Reply Quote 0
      • C
        cevanwells last edited by cevanwells

        If you don’t want to disable selinux (or set to permissive) I’ve had luck under CentOS 7 using the following command:

        $ sudo setsebool -P tftp_home_dir 1
        

        I thought I might expound a little. To test my Fog TFTP server, I used the TFTP client in Windows. If you would like to do the same, you need to permit TFTP through your Windows firewall.

        When I first tried to pull the undionly.kpxe file using the Windows client, I was given the following error:

        PS C:\Users\jarcher> tftp -i 172.19.1.30 GET undionly.kpxe
         Connect request failed
        

        Looking into my /var/log/audit/audit.log file I saw the following:

        $ sudo grep tftp /var/log/audit/audit.log
        ...lots of other stuff here...
        type=AVC msg=audit(1519225691.090:214): avc:  denied  { read } for  pid=3164 comm="in.tftpd" name="undionly.kpxe" dev="dm-0" ino=34386610 scontext=system_u:system_r:tftpd_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:default_t:s0 tclass=file
        ...also lots more here...
        

        if you use audit2allow you can get some hints on how to fix this error:

        $ sudo grep tftp /var/log/audit/audit.log | audit2allow -m tftpd
        
        module tftpd 1.0;
        
        require {
                type default_t;
                type tftpd_t;
                class file { getattr lock open read };
        }
        
        #============= tftpd_t ==============
        
        #!!!! WARNING: 'default_t' is a base type.
        #!!!! This avc can be allowed using the boolean 'tftp_home_dir'
        allow tftpd_t default_t:file { getattr lock open read };
        

        Note, you might have to install the policycoreutils-python package to get audit2allow

        Now just run the original command I mentioned above to allow access to the files:

        $ sudo setsebool -P tftp_home_dir 1
        

        SELinux is still set to enforcing:

        $ sestatus
        SELinux status:                 enabled
        SELinuxfs mount:                /sys/fs/selinux
        SELinux root directory:         /etc/selinux
        Loaded policy name:             targeted
        Current mode:                   enforcing
        Mode from config file:          enforcing
        Policy MLS status:              enabled
        Policy deny_unknown status:     allowed
        Max kernel policy version:      28
        

        And now the TFTP transfer works in Windows:

        PS C:\Users\jarcher> tftp -i 172.19.1.30 GET undionly.kpxe
        Transfer successful: 95338 bytes in 1 second(s), 95338 bytes/s
        
        1 Reply Last reply Reply Quote 1
        • S
          Sebastian Roth Moderator last edited by

          @Richard-Nihells Any news on this?

          Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

          Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

          1 Reply Last reply Reply Quote 0
          • R
            Richard Nihells last edited by

            Thank you for the links! I will look over this material and get back with you once I have an update. Going to do the re-install as well as suggested.

            1 Reply Last reply Reply Quote 0
            • george1421
              george1421 Moderator last edited by

              Also Wayne put together a pretty detailed install guide here: https://wiki.fogproject.org/wiki/index.php?title=CentOS_7

              Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

              1 Reply Last reply Reply Quote 1
              • Wayne Workman
                Wayne Workman @Richard Nihells last edited by

                @richard-nihells said in Unable to connection TFTP.:

                Is that in the Fog documentation somewhere or just somewhere on Google?

                Our documentation is community driven, and is mostly here: https://wiki.fogproject.org/wiki/index.php?title=Main_Page

                Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!
                Daily Clean Installation Results:
                https://fogtesting.fogproject.us/
                FOG Reporting:
                https://fog-external-reporting-results.fogproject.us/

                1 Reply Last reply Reply Quote 0
                • Wayne Workman
                  Wayne Workman @Richard Nihells last edited by Wayne Workman

                  @richard-nihells now that selinux is disabled, re-run the installer and try again. Also ensure you’ve setup firewalld correctly? That’s in the troubleshooting guide too (as well as our CentOS 7 tutorial).

                  Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!
                  Daily Clean Installation Results:
                  https://fogtesting.fogproject.us/
                  FOG Reporting:
                  https://fog-external-reporting-results.fogproject.us/

                  1 Reply Last reply Reply Quote 0
                  • R
                    Richard Nihells last edited by

                    I set selinux to permissive. I no longer get permission denied. Now I get connection timeout. I have my anti-virus suite and Windows Firewall disabled during this test.

                    Wayne Workman 1 Reply Last reply Reply Quote 0
                    • R
                      Richard Nihells last edited by

                      I found that line in the troubleshooting guide and that is what is giving me the error for Windows that I listed above.

                      I haven’t touched selinux or changed its settings to permissive. Is that in the Fog documentation somewhere or just somewhere on Google?

                      Wayne Workman 1 Reply Last reply Reply Quote 0
                      • george1421
                        george1421 Moderator last edited by

                        Did you disable selinux or at least change the settings to permissive?

                        From a windows computer install the tftp client feature, then from a windows command prompt use the tftp client program to download undionly.kpxe from the fog server with tftp -i <fog_server_ip> GET undionly.kpxe . If you can get the file then tftp is setup correctly and we need to focus on the pxe booting process at the cause.

                        Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

                        1 Reply Last reply Reply Quote 2
                        • 1 / 1
                        • First post
                          Last post

                        101
                        Online

                        10.4k
                        Users

                        16.4k
                        Topics

                        150.5k
                        Posts

                        Copyright © 2012-2023 FOG Project