On Wed, May 27, 2009 at 11:51:44PM +0200, Arjen de Korte wrote: > Citeren Brother Railgun of Reason <[email protected]>: > >>>> babylon4:root:/opt/nut:25 # sbin/upsd >>>> Network UPS Tools upsd 2.4.1 >>>> listening on 127.0.0.1 port 3493 >>>> listening on ::1 port 3493 >>>> /opt/nut/var is world readable >>>> Connected to UPS [tokamak]: bcmxcp-tokamak >>>> Maximum number of connections limited to 256 [requested 1024] >>> Weird, apparently your system has a limited number of file descriptors >>> available. I have a feeling that this is not a standard operating system. >> I was a little puzzled by that myself. It's Solaris 10 x86 running on a >> pretty substantial box, it shouldn't be an OS limitation. > > Oops, looking at the code I saw this isn't a warning, but a (fatal) error > instead (this was not one of the most descriptive error messages I ever > wrote). I now recall that this value is OS dependent, so you probably > want/need to limit this in upsd.conf through the MAXCONN parameter (which > in your case seems to be mandatory).
Ah, ... yeah, that would have been better than patching the code, wouldn't it? *sheepish* I missed that parameter. I'll undo my patch and try using the maxconn param instead. As just mentioned, my studies appear to indicate that this is a tunable kernel parameter which, on Solaris, defaults out-of-the-box to 256. > I'm not quite sure what would be the better thing to do in case the > (default) MAXCONN value is too high: > > 1) Bail out with a more descriptive error message > 2) Adjust the number of connections to the maximum allowed (with message to > syslog) > > I think it would be much more user friendly to do the latter, but opinions > on this are welcomed. Given that this varies by OS *but* may be tunable, my inclination would be to adjust the connections to the max available if less than MAXCONN, emit a warning in syslog and on the console, and document in the sample upsd.conf that depending on OS this MAY be a tunable parameter. >> BTW, upsd.conf is default with everything commented out, which should >> result in listening on everything: >> >> # This defaults to the global IPv4 listening address and port 3493. You >> # may specify each interface you want upsd to listen on for connections, >> # optionally with a port number. > > We need to change this. This used to be the case in older versions, but we > now default to a (safer) localhost only. Ah, so the behavior is as *intended*, but the documentation has gotten out of step with the intent. I see. If this change was made for security reasons, perhaps this goal might be aided by adding a netblock ALLOW or ACCEPT directive? For example, with two subnets, I might specify: LISTEN 127.0.0.1 3493 ACCEPT 127.0.0.0/8 LISTEN 10.24.32.14 3493 ACCEPT 10.24.32.0/24 ACCEPT 10.24.33.0/24 upsd could simply refuse connections from outside the netblocks it had been told to ACCEPT, without doing any further authentication. -- Phil Stracchino, CDK#2 DoD#299792458 ICBM: 43.5607, -71.355 [email protected] [email protected] [email protected] Renaissance Man, Unix ronin, Perl hacker, Free Stater It's not the years, it's the mileage. _______________________________________________ Nut-upsuser mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/nut-upsuser
