Re: [Nut-upsuser] Problems with upscmd ACCESS-DENIED
Citeren Garðar Arnarsson gar...@giraffi.net: I have defined the user in the /etc/ups/upsd.users 74 [gardar] 75 password = hidden 76 allowfrom = local 77 actions = SET 78 instcmds = ALL 79 [local_mon] 80 password = hidden 81 allowfrom = localhost 82 upsmon master Device and driver info: device.mfr: Inform device.model: SINUS1KURM device.type: ups driver.name: blazer_ser driver.version: 2.6.0 driver.version.internal: 1.51 What am I doing wrong? Did you check your syslog lately? The 'allowfrom' keyword is no longer used (since a couple of versions actually) and has been replaced by tcp-wrappers, which most likely is compiled in the version you're using. If there is a blanket 'deny all' in /etc/hosts.allow, this requires you to setup access permissions through /etc/hosts.allow. See the UPGRADING document, 'man 8 upsd' and 'man 5 hosts_access'. Adding something like upsd : garder@localhost : ALLOW should work. Best regards, Arjen -- Please keep list traffic on the list (off-list replies will be rejected) ___ Nut-upsuser mailing list Nut-upsuser@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/nut-upsuser
Re: [Nut-upsuser] Problems with upscmd ACCESS-DENIED
Thanks a bunch, that worked like a charm :) But now I've got another question... After I run commands (tests) with upscmd, where do I see the results? Ran a battery test check and it did not give any output. Thanks in advance. On Thu, Mar 10, 2011 at 8:25 AM, Arjen de Korte nut+us...@de-korte.orgwrote: Citeren Garðar Arnarsson gar...@giraffi.net: I have defined the user in the /etc/ups/upsd.users 74 [gardar] 75 password = hidden 76 allowfrom = local 77 actions = SET 78 instcmds = ALL 79 [local_mon] 80 password = hidden 81 allowfrom = localhost 82 upsmon master Device and driver info: device.mfr: Inform device.model: SINUS1KURM device.type: ups driver.name: blazer_ser driver.version: 2.6.0 driver.version.internal: 1.51 What am I doing wrong? Did you check your syslog lately? The 'allowfrom' keyword is no longer used (since a couple of versions actually) and has been replaced by tcp-wrappers, which most likely is compiled in the version you're using. If there is a blanket 'deny all' in /etc/hosts.allow, this requires you to setup access permissions through /etc/hosts.allow. See the UPGRADING document, 'man 8 upsd' and 'man 5 hosts_access'. Adding something like upsd : garder@localhost : ALLOW should work. Best regards, Arjen -- Please keep list traffic on the list (off-list replies will be rejected) ___ Nut-upsuser mailing list Nut-upsuser@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/nut-upsuser -- Garðar Arnarsson kerfisstjóri Giraffi sf. gar...@giraffi.net http://gardar.giraffi.net ___ Nut-upsuser mailing list Nut-upsuser@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/nut-upsuser
Re: [Nut-upsuser] Access restriction on Upgrade Debian lenny - Debian squeeze
On Mar 10, 2011, at 4:41 PM, Lukas Haase wrote: However, after upgrading from Debian lenny to Debian squeeze (version 2.4.3-1.1squeeze1) I get the messages in syslog: ACL in upsd.conf is no longer supported - switch to LISTEN ACCEPT in upsd.conf is no longer supported - switch to LISTEN REJECT in upsd.conf is no longer supported - switch to LISTEN allowfrom in upsd.users is no longer used Well, I commented out the lines and it works now. However, there is no access restriction anymore! :-( Why have these wonderful features been dropped? Are there at least any alternatives for ACL, ACCEPT, REJECT and allowFrom? The following web page indicates that the Debian squeeze packages of NUT were linked against libwrap, which has had a much longer track record of user-space connection filtering than NUT: http://packages.debian.org/squeeze/nut This information should be in /usr/share/doc/nut/UPGRADING.gz. The NUT mailing list archives have a number of threads where the reasoning for this change has been discussed. You also might want to consider kernel-level firewall rules. That means that you won't be exposed to bugs in either NUT's connection handling, or that of libwrap. ___ Nut-upsuser mailing list Nut-upsuser@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/nut-upsuser
Re: [Nut-upsuser] Problems with upscmd ACCESS-DENIED
Citeren Garðar Arnarsson gar...@giraffi.net: Thanks a bunch, that worked like a charm :) Glad to hear that. But now I've got another question... After I run commands (tests) with upscmd, where do I see the results? You don't. Ran a battery test check and it did not give any output. Only if the UPS finds that the battery needs to be replaced it will report the 'RB' status (replace battery). If it doesn't, all is well. The Q1 protocol that is used by your UPS doesn't support more verbose messages (and neither does it report runtime or charge capacity) so there is nothing more to report. Best regards, Arjen -- Please keep list traffic on the list (off-list replies will be rejected) ___ Nut-upsuser mailing list Nut-upsuser@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/nut-upsuser
