Netbootxyz global read permissions error

T81 · 13 July 2021 10:49

Hi everyone.
I have netboot.xyz in a docker container running on Qnap.
My DHCP is on a pihole, in an LXC container on Qnap, too.
dnsmasq has been set up according linuxserver/netbootxyz:

dhcp-match=set:bios,60,PXEClient:Arch:00000
dhcp-boot=tag:bios,netboot.xyz.kpxe,,YOURSERVERIP
dhcp-match=set:efi32,60,PXEClient:Arch:00002
dhcp-boot=tag:efi32,netboot.xyz.efi,,YOURSERVERIP
dhcp-match=set:efi32-1,60,PXEClient:Arch:00006
dhcp-boot=tag:efi32-1,netboot.xyz.efi,,YOURSERVERIP
dhcp-match=set:efi64,60,PXEClient:Arch:00007
dhcp-boot=tag:efi64,netboot.xyz.efi,,YOURSERVERIP
dhcp-match=set:efi64-1,60,PXEClient:Arch:00008
dhcp-boot=tag:efi64-1,netboot.xyz.efi,,YOURSERVERIP
dhcp-match=set:efi64-2,60,PXEClient:Arch:00009
dhcp-boot=tag:efi64-2,netboot.xyz.efi,,YOURSERVERIP

YOURSERVERIP is the IP of Qnap, where the netboot.xyz container resides.
When I try to network boot a machine, the DHCP assigns an IP as supposed to, but then I get the following:

TFTP
PXE-T02: File must have global read permissions
PXE-E3C: TFTP Error - Access Violation PXE-M0F: Exiting PXE ROM.

Any suggestions on resolving this issue?

driz · 13 July 2021 18:47

can you verify if your .efi and .kpxe have global read permissions?

you might try down, rm, pull, up -d again as I’ve never seen this issue… are you trying to serve files across remote mounts or ntfs or something?

T81 · 14 July 2021 05:44

By global read permissions do you mean that the .efi and .kpxe files need to have at least read only permissions for everyone?
I have mount /config and /assets in a root folder in Qnap. This netbootxyz folder has read only permissions for everyone, even guest users.
The folder is not a remote mount, it is a normal shared folder on the server. Filesystem is EXT.
I also recreated the container but no luck either.

edit: folders now have full permissions for everyone (R/W) but same error.

driz · 14 July 2021 15:19

very weird, it may be a good idea to visit their discord

T81 · 14 July 2021 18:03

Thank you for the suggestion. Will do and report back in case of resolution.

T81 · 15 July 2021 23:20

Solved it with the help of the discord community.

The messages I was getting were coming from this part of the code:

https://git.kernel.org/pub/scm/network/tftp/tftp-hpa.git/tree/tftpd/tftpd.c#n1507

I was suggested that I should change the permission of the /config directory and the files, from in inside the container, to 777 and 666 respectively. This suggestion came from the comment at the top of that validate_access functions.

Indeed the global read permission vanished but then I started getting:

PXE-T00: Permission denied
PXE-E36: Error received from TFTP server
PXE-M0F: Exiting PXE ROM.

It seemes that chmod 775 -R /config did the job and finally it worked.

Ref: TFTP Permission denied - TFTP - openmediavault

I also noticed that any changes in files like e.g boot.cfg rendered permission errors during network booting.
I had to chmod 775 -R path-to/config on the host too in order to solve this.
I do not know if this is a Qnap specific issue or something in my configuration in general.

Special thanks to banadushi and antonym. Thanks guys.

system · 20 July 2021 23:21

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.