Bug 330741 - upsd ignoring ACL in upsd.conf
Summary: upsd ignoring ACL in upsd.conf
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: nut
Version: 7
Hardware: i686
OS: Linux
low
medium
Target Milestone: ---
Assignee: Tomas Smetana
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-10-13 16:41 UTC by Andrew Meredith
Modified: 2007-11-30 22:12 UTC (History)
0 users

Fixed In Version: 2.0.5-6
Clone Of:
Environment:
Last Closed: 2007-11-26 18:56:54 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)
upsd.conf (1.36 KB, text/plain)
2007-10-13 16:41 UTC, Andrew Meredith
no flags Details

Description Andrew Meredith 2007-10-13 16:41:24 UTC
Description of problem:

The machine has just been updated from FC5 to F7. The config for the ups service
was not changed. Now that the machine is running 2.0.5 it rejects all
connections on the external interface, but accepts localhost connections.
Previously it would accept connections from the list of acceptable addresses in
upsd.conf, now that list seems to be ignored.

Version-Release number of selected component (if applicable):

  nut-2.0.5-5
  nut-client-2.0.5-5

How reproducible:

  Every time.

Comment 1 Andrew Meredith 2007-10-13 16:41:24 UTC
Created attachment 226451 [details]
upsd.conf

Comment 2 Tomas Smetana 2007-10-15 08:45:39 UTC
I've tried to upgrade nut-2.0.3-2.1 (FC-6; FC-5 is EOLed already) to nut-2.0.5-5
and do nothing but service ups restart.  Everything works the same as before. 

Please try to examine your system a bit closer.  Are you sure that the IP tables
configuration has not been altered during upgrade?  What does the upsc output on
the client side look like?  What does upsd log in /var/log/messages during the
unsuccessful connection attempt?

Comment 3 Andrew Meredith 2007-10-15 11:38:48 UTC
There is no firewall or hosts.[allow|deny] in force. The connection test was
done locally with telnet. It was also done against another port which should
also have been accepting on both localhost and the ethernet IP address, this was
fine.

The thing I am worried about is if the ipv6 system is getting in the way. I have
no use for it, but it is still there, despite having switched it off in the
ifcfg-ethX files. The reason I am wondering about this is the error message:

   upsd[1992]: Rejecting TCP connection from ::ffff:10.103.15.50



Comment 4 Andrew Meredith 2007-10-15 11:49:02 UTC
In addition, the telnet session is at first accepted and then emmediately
dropped. This suggests that it is the application itself that is doing the dropping.

 # telnet zebedee nut
 Trying 10.103.15.50...
 Connected to zebedee.
 Escape character is '^]'.
 Connection closed by foreign host.



Comment 5 Tomas Smetana 2007-10-17 07:34:48 UTC
Seems that it's indeed the IPv6 support that breaks things.  If you don't need
IPv6 you may pass the '-4' parameter to upsd on startup: Edit /etc/sysconfig/ups
and change the line with upsd options to:

UPSD_OPTIONS=-4

Then restart ups service and please let me know whether that solves your problem.

Comment 6 Andrew Meredith 2007-10-17 11:00:48 UTC
It does indeed.

Nagios might even stop bugging me now :) Thanks.



Comment 7 Fedora Update System 2007-11-09 23:46:47 UTC
nut-2.0.5-6 has been pushed to the Fedora 7 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update nut'

Comment 8 Fedora Update System 2007-11-26 18:56:52 UTC
nut-2.0.5-6 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.