Enabling the TFTP server in Mac OS X Server 10.2 
2 October 2002
TFTP, or Trivial File Transfer Protocol, is very similar to FTP, as the name would imply—except more trivial, as the name would also imply. The two are essential the same except TFTP has no usernames or passwords. TFTP also runs over UDP instead of TCP so there is less overhead. This also makes it about worthless in WAN environments.
TFTP is primarily used for loading config and ROM files into routers and switches, but it is also used when NetBooting from an Mac OS X Server. On Mac OS X client feel free to play around with TFTP; however, if you ever intend on NetBooting from your Mac OS X Server again, it is best to at least keep track of what you are doing, and not be too surprised when things break.
To set up TFTP you need to know some knowledge of xinetd, or the super server. It is called this because it starts a number of smaller servers, such as TFTP or telnet. This alleviates the system from having to have those servers running all of the time, taking up resources when they are seldom used. Instead, xinetd listens to what communications might be coming your way and it will start the appropriate server when needed.
If you check /etc/xinetd.d/ you will find a number of different small text files each named after a service found in /etc/services. These lay out how xinetd is going to react to an incoming connection on the port that that service runs on. For more info run the man page on xinetd.conf:
man xinetd.conf
There are a number of different options to the files including the ability to reroute a connection from one port to another. The possibilities of that alone are endless.
Either way we want to change a few things in the tftp config. We need to change the root directory to something not listed in the /private folder. This way you can get to it easier. Pick any folder you want, or make a new one at the root of the drive called “tftpserver” like we did in the example. Just make sure that the folder is world readable. Otherwise your tftp users won’t be able to do anything since the they come in as the nobody user.
Finally change “disabled” to “no.” Here is our config file for /etc/xinetd.d/tftp with the two lines you need to change in red.
service tftp
{
disable = no
socket_type = dgram
wait = yes
user = nobody
server = /usr/libexec/tftpd
server_args = /tftpserver
groups = yes
flags = REUSE
}
Now make the tftp server directory and set the permissions. Obviously use whatever directory you want to create as long as it matches in /etc/xinetd.d/tftp.
sudo mkdir /tftpserver sudo chmod 777 /tftpserver
This allows everyone to write, make sure that this is what you want. Also note that in order to upload a file over tftp you need a file with the same name as the upload already on the server and world writeable. This is another safeguard against some malcontent filling up your drive with tftp’d garbage.
Last, restart xinetd.
sudo kill -HUP `cat /var/run/xinetd.pid`
Now to test the configuration we’ll put a test file into the tftp directory and then pull it down over tftp.
echo “this is just a test” > /tftpserver/testfile tftp localhost get testfile quit cat testfile
If all went well you should see the contents of the file.
Resources:
man xinetd man xinetd.conf man tftp man tftpd