On Thu, 13 Sep 2007, Davide Grandis wrote:
Yes, forgot to mention, sorry.
SELinux is disabled, otherwise TFTP would be completely filtered out.
I have SELinux and tftp working together without any trouble. I first used audit2allow to write a module:
grep tftp /var/log/audit/audit.log | audit2allow -M tftpwrite
Here's the resulting tftpwrite.pp file:
----- %< ----- module tftpwrite 1.0; require { class file write; type tftpd_t; type tftpdir_t; role system_r; }; allow tftpd_t tftpdir_t:file write; ----- %< -----
I compiled and activated it with semodule:
semodule -i tftpwrite.pp
Then make sure that the filename to which you want to write exists, is world-writable, and has the correct file contexts. If I wanted to write to /tftpboot/foo, for example, it ought to look like
-rw-rw-rw- root root user_u:object_r:tftpdir_t /tftpboot/foo