• Recent
    • Unsolved
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login
    1. Home
    2. Richard Nihells
    3. Topics
    R
    • Profile
    • Following 0
    • Followers 0
    • Topics 2
    • Posts 7
    • Best 0
    • Controversial 0
    • Groups 0

    Topics created by Richard Nihells

    • R

      HP Prodesk 600 PXE Boot Issue

      Hardware Compatibility
      • • • Richard Nihells
      6
      0
      Votes
      6
      Posts
      4.1k
      Views

      george1421G

      @richard-nihells You change the dhcp option 67 {boot-file} to that name.

      So you are using 1.4.4. That’s good so you have a current version.

      When its pxe booting, do you seen anything that says NBF? What your describing really sounds like a computer in uefi mode, being sent a bios kernel.

      Just so you know bios (legacy) mode requires undionly.(k)kpxe kernels, where uefi mode requires a uefi kernel ending in .efi, like ipxe.efi again that would be set in your dhcp boot options.

    • R

      Solved Unable to connection TFTP.

      FOG Problems
      • • • Richard Nihells
      10
      0
      Votes
      10
      Posts
      3.0k
      Views

      C

      If you don’t want to disable selinux (or set to permissive) I’ve had luck under CentOS 7 using the following command:

      $ sudo setsebool -P tftp_home_dir 1

      I thought I might expound a little. To test my Fog TFTP server, I used the TFTP client in Windows. If you would like to do the same, you need to permit TFTP through your Windows firewall.

      When I first tried to pull the undionly.kpxe file using the Windows client, I was given the following error:

      PS C:\Users\jarcher> tftp -i 172.19.1.30 GET undionly.kpxe Connect request failed

      Looking into my /var/log/audit/audit.log file I saw the following:

      $ sudo grep tftp /var/log/audit/audit.log ...lots of other stuff here... type=AVC msg=audit(1519225691.090:214): avc: denied { read } for pid=3164 comm="in.tftpd" name="undionly.kpxe" dev="dm-0" ino=34386610 scontext=system_u:system_r:tftpd_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:default_t:s0 tclass=file ...also lots more here...

      if you use audit2allow you can get some hints on how to fix this error:

      $ sudo grep tftp /var/log/audit/audit.log | audit2allow -m tftpd module tftpd 1.0; require { type default_t; type tftpd_t; class file { getattr lock open read }; } #============= tftpd_t ============== #!!!! WARNING: 'default_t' is a base type. #!!!! This avc can be allowed using the boolean 'tftp_home_dir' allow tftpd_t default_t:file { getattr lock open read };

      Note, you might have to install the policycoreutils-python package to get audit2allow

      Now just run the original command I mentioned above to allow access to the files:

      $ sudo setsebool -P tftp_home_dir 1

      SELinux is still set to enforcing:

      $ sestatus SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 28

      And now the TFTP transfer works in Windows:

      PS C:\Users\jarcher> tftp -i 172.19.1.30 GET undionly.kpxe Transfer successful: 95338 bytes in 1 second(s), 95338 bytes/s
    • 1 / 1