tftp and launchctl on MacOSX

I needed to upgrade the firmware in a Fortinet Firewall. That's done by pointing the Fortinet at a tftp server that has the new firmware image. Simple enough.. except where do I have a tftp server?

Well, not on my main Linux server, because it apparently isn't important enough to install on spec. I could of course go get it, but instead I took a look on my Mac. I honestly didn't expect to find it: I thought they might reserve that for the Server version of Mac OS X, but no, there it was, man page and all. The man page warns:

Well, I don't normally want tftpd running, so launchctl is the obvious choice. Fire that up with "sudo launchctl" and then type:

load -F /System/Library/LaunchDaemons/tftp.plist
 

Why "-F"? Because by default, the tftp.plist contains:

        <key>Disabled</key>
        <true/>
 

If you leave out -F, launchctl will say "nothing found to load", which isn't very helpful - what it really should say is "I can't load this because it's presently disabled". The -F forces it to ignore that little impediment..if you don't use sudo, it will say:

bind(): Permission denied
 

Assuming you had neither problem, some fraction of a second later, tftpd is ready to run (well, LaunchD is ready to listen for tftpd requests and start it up, but you get the idea). Where's your tftpd directory? Not in /tftpboot where you might expect to find it on a Unix system.. the tfpt.plist actually specifies the program arguments, and by default it looks like this:

        <key>ProgramArguments</key>
        <array>
                <string>/usr/libexec/tftpd</string>
                <string>-i</string>
                <string>/private/tftpboot</string>
        </array>
 

So "/private/tftpboot" is where you want to put the files to be accessed. When you are ready to shut tftp off, just tell launchctl:

unload /System/Library/LaunchDaemons/tftp.plist
 

If you did want tftpd to run all the time, you would use

load -w  /System/Library/LaunchDaemons/tftp.plist
 

That changes the "Disabled" key so that the file now has this:

        <key>InitGroups</key>
        <true/>
 

"tftpd" would now be enabled at each boot. Should you later change your mind, "unload -w /System/Library/LaunchDaemons/tftp.plist" will put things back as they were.

Got something to add? Send me email.

2 comments

Sat Feb 6 12:57:17 2010: 8037   anonymous




useful info, however it is pretty trivial to install a tftp server on GNU/Linux.
For example, on Debian: sudo apt-get install tftp-hpa
all configuration is a single line in plain text inside /etc/inetd.conf
After you are finished with the tftp server, just type:
sudo apt-get remove tftp-hpa






Thu Mar 24 15:11:12 2011: 9401   DonalWhooley




Nice one Tony, Txs for the post.
I recently got this working as described here on OSx 10.6.6 Server. For some reason I had to start and stop the service a few times before it worked. I found it useful to test it first from another MAC (which by default has tftp client built in) before attempting to connect via a router ;Cisco in my case.
/Donal

------------------------

Have you tried Searching this site?

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us