Bug 330741 - upsd ignoring ACL in upsd.conf
upsd ignoring ACL in upsd.conf
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: nut (Show other bugs)
7
i686 Linux
low Severity medium
: ---
: ---
Assigned To: Tomas Smetana
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-10-13 12:41 EDT by Andrew Meredith
Modified: 2007-11-30 17:12 EST (History)
0 users

See Also:
Fixed In Version: 2.0.5-6
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-11-26 13:56:54 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
upsd.conf (1.36 KB, text/plain)
2007-10-13 12:41 EDT, Andrew Meredith
no flags Details

  None (edit)
Description Andrew Meredith 2007-10-13 12:41:24 EDT
Description of problem:

The machine has just been updated from FC5 to F7. The config for the ups service
was not changed. Now that the machine is running 2.0.5 it rejects all
connections on the external interface, but accepts localhost connections.
Previously it would accept connections from the list of acceptable addresses in
upsd.conf, now that list seems to be ignored.

Version-Release number of selected component (if applicable):

  nut-2.0.5-5
  nut-client-2.0.5-5

How reproducible:

  Every time.
Comment 1 Andrew Meredith 2007-10-13 12:41:24 EDT
Created attachment 226451 [details]
upsd.conf
Comment 2 Tomas Smetana 2007-10-15 04:45:39 EDT
I've tried to upgrade nut-2.0.3-2.1 (FC-6; FC-5 is EOLed already) to nut-2.0.5-5
and do nothing but service ups restart.  Everything works the same as before. 

Please try to examine your system a bit closer.  Are you sure that the IP tables
configuration has not been altered during upgrade?  What does the upsc output on
the client side look like?  What does upsd log in /var/log/messages during the
unsuccessful connection attempt?
Comment 3 Andrew Meredith 2007-10-15 07:38:48 EDT
There is no firewall or hosts.[allow|deny] in force. The connection test was
done locally with telnet. It was also done against another port which should
also have been accepting on both localhost and the ethernet IP address, this was
fine.

The thing I am worried about is if the ipv6 system is getting in the way. I have
no use for it, but it is still there, despite having switched it off in the
ifcfg-ethX files. The reason I am wondering about this is the error message:

   upsd[1992]: Rejecting TCP connection from ::ffff:10.103.15.50

Comment 4 Andrew Meredith 2007-10-15 07:49:02 EDT
In addition, the telnet session is at first accepted and then emmediately
dropped. This suggests that it is the application itself that is doing the dropping.

 # telnet zebedee nut
 Trying 10.103.15.50...
 Connected to zebedee.
 Escape character is '^]'.
 Connection closed by foreign host.

Comment 5 Tomas Smetana 2007-10-17 03:34:48 EDT
Seems that it's indeed the IPv6 support that breaks things.  If you don't need
IPv6 you may pass the '-4' parameter to upsd on startup: Edit /etc/sysconfig/ups
and change the line with upsd options to:

UPSD_OPTIONS=-4

Then restart ups service and please let me know whether that solves your problem.
Comment 6 Andrew Meredith 2007-10-17 07:00:48 EDT
It does indeed.

Nagios might even stop bugging me now :) Thanks.

Comment 7 Fedora Update System 2007-11-09 18:46:47 EST
nut-2.0.5-6 has been pushed to the Fedora 7 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update nut'
Comment 8 Fedora Update System 2007-11-26 13:56:52 EST
nut-2.0.5-6 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.