The Dreaded TFTP error 2 (Access Violation)

Craig White plug-discuss@lists.plug.phoenix.az.us
20 Dec 2002 06:37:24 -0700 

On Fri, 2002-12-20 at 01:22, Dallas Helquist wrote:
> DISCLAIMER: I know nothing about thinclients.  :)
> 
> First idea - as root do a /sbin/iptables -F to flush the firewall rules,
> then try the thinclient again.  Most likely that will work. I believe the
> default "medium" security setting in RH8 blocks most ports.  If that does
> not, leave the iptables flushed while you check the following:
> 
> The /etc/hosts.allow you show - is that from the server or the client?  If
> it is the server, it needs to allow 192.168.100.151 as well.
> 
> You should also have a /etc/xinet.d/tftp file.  Edit that and make sure that
> disable = no.  If it doesn't, change it and restart xinetd.
> 
> Your files should be in the /tftpboot directory.  Looking at your example
> below, they should be in /tftpboot/lts.
> 
> 
> That is it for my ideas.  If the above doesn't work, look through
> /var/log/messages and /var/log/secure for entries relating to tftpd and post
> those.
> 
> -dallas
> 
> 
> ----- Original Message -----
> From: "George Gambill" <ggambill@computer-guidance.com>
> To: <plug-discuss@lists.plug.phoenix.az.us>
> Sent: Thursday, December 19, 2002 1:06 PM
> Subject: The Dreaded TFTP error 2 (Access Violation)
> 
> 
> > The Dreaded TFTP error 2 (Access Violation)
> >
> > Booting the ThinClient (ws001) form a RH 8 server displays the following
> Me:
> > Me:  192.168.100.151, Server: 192.168.100.66
> > Both are correct indicating DHCP is alive and well
> >
> > Then comes the dreaded TFTP error 2 (Access Violation) message(s):
> >
> > Loading 192.168.100.66:/lts/vmlinuz-2.4.19-ltsp-1  .TFTP error 2 (Access
> > Violation)
> > Unable to load file"
> >
> > The "Loading 192.168.100.66:/lts/vmlinuz-2.4.19-ltsp-1" portion of the
> TFTP
> > message looks good.
> >
> > The ".TFTP error 2 (Access Violation): portion of the TFTP message does
> not
> > look so good.
> > Nor does the "Unable to load file".
> >
> > /lts/vmlinuz-2.4.19-ltsp-1  is actually in /ltspboot/lts/
> > (/ltspboot/lts/vmlinuz-2.4.19-ltsp-1) but the documentation claims this is
> > OK.
> > Permissions on   /tftpboot/lts/vmlinuz-2.4.19-ltsp-1 are now 655 (I
> changed
> > them while Easter Egging)
> > Permissions on /tftpboot/ are 755
> > Permissions on /tftpboot/lts/ are 755
> >
> > Just in case, I created /lts/ and copied vmlinuz-2.4.19-ltsp-1 to it.  No
> > luck.
> >
> > FYI, this is a simple network, no DNS required, no Router required, only
> two
> > machines (on of which it ThinClient) one hub, two connections, no outside
> > connection.  The server was setup with "medium security" which may be an
> > issue (haven't got to that part of the book yet)
> >
> > /opt/ltsp/i386/etc/lts.conf contains (in part):
> >   [default]
> >     SERVER  = 192.168.100.66
> >   [ws001]
> >     XSERVER  = auto
> >     USE_NFS_SWAP  = N
> >     SWAPFILE_SIZE  = 48m
> >     RUNLEVEL  = 5
> >
> > chkconfig -list | grep tftp shows it on (running).
> >
> > /etc/hosts contains (in total):
> > 127.0.0.1 nowhere localhost.colaldomain localhost
> > 192.168.100.66    server
> > 192.168.100.151 ws001
> >
> > /etc/hosts.conf contains (in total):
> > order hosts,bind
> >
> > /etc/hosts.allow contains the following (in total):
> >   ALL: 192.168.100.       : ALLOW
> >   swat: 126.0.0.1              : ALLOW
> >   swat: 192.168.100.        :ALLOW
> >   swat:  192.168.100.66   : ALLOW
> >   swat:  192.168.100.151  :ALLOW
> >   in.tftpd:  192.168.100.66
> >   swat:   ALL : DENY
> >
> > /etc/hosts.deny contains (in total):
> >   swat:  ALL EXCEPT 127.0.0.1
> >   ALL:  ALL
> >
> > /etc/xinetd.d/services (contains in part):
> >    disable    = yes
> >     only_from = 127.0.0.1
> > as does /etc/xinetd.d/dervers
> >
> > /opt/ltsp/i386/etc/;ts/cpnf contains (in part)
> > [DEFAULT}
> >   SERVER    = 192.168.100.66
> > #  DNS_SERVER   = 192.168.100.66
> >     SEARCH_DOMAIN  = "cgcltsp.org
> >    XSERVER     = auto
> >   [ws001]
> >     USE_NFS_SWAP   = N
> >     SWAPFILE_SIZE   = 48 m
> >
> > /etc/exports contains (in total):
> >     /opt/ltsp/i286 192.168.100.66/255.255.255.0 (no,no_root_squash, sync)
> >     /var/opt/ltsp/swapfiles  192.168.100.66/255.255.255.0
> > (no,no_root_squash, sync)
> >
> > Any thoughts would be greatly appreciated.
> >
-----
for setup purposes...firewall rules & tcp-wrappers should probably be
removed from contention...

service iptables stop

/etc/hosts.allow
all: all
(you weren't allowing the workstation to connect)

//etc/hosts.deny should all be commented out

if you aren't going to use dns...is /etc/nsswitch.conf gonna allow that?

hosts:	files nisplus dns

Craig