So I am following a guide to set up a PXE server, for reference here are the links:
Now throughout these guides he keeps running the chmod -R 777 . I have already gone through this guide and it works, however the chmod -R 777 part is scaring me a bit. I did go through the guide step by step, including the chmod commands just out of curiosity I wanted to see what would happen. Needless to say it started producing several gigabytes of log files / broke root etc.
My question is not how to revert damage caused, but rather why does this setup require 777 permissions. To quote the creator of the guide:
Finally, we need to change the permissions of all files concerned because TFTP will not read any files unless they are set to full access.
Surely there are ways around this? My first though was that the TFTP daemon would only require this mod on core kernel/boot-up files only (vmlinuz/initrd.img) - am I wrong?
I ask because I plan to re-do the whole set up and I want to do this without applying the 777 mod to all files as specified in this guide.
Reason behind not wanting to do 777 mod again:
Plus countless more instances that can be found here on ServerFault.
Answer
Settings those permissions is absolutely not needed. Furthermore, you could set the permissions to allow only the user running the TFTP server to read the files.
No execution permissions are needed in any of the files under the PXE root directory. As a matter of fact, I'm using TFTP/PXE on Debian under /srv/tftp, being /srv a separate LV mounted noexec
No comments:
Post a Comment