Re: [Nut-upsuser] UPS/NUT with openSUSE 13.1

[Charles Lepple]

On Sep 10, 2015, at 8:49 AM, Rob Groner  wrote:
> 
> Charles,
>  
> 3.16.6.-2-desktop

I think that corresponds to this file: 
http://lxr.free-electrons.com/source/drivers/usb/core/devio.c?v=3.16 (but I 
don't see anything obvious there)

What does "lsusb -vvv -d 2a37:" return? Usually I'd say run that as root when 
the driver isn't running, but I'm looking for the device descriptor, which 
should be available regardless.

The version number of your driver says "2.7.2.6_RTD". Which Git revision does 
that correspond to in the NUT repository (aside from your changes)? I'm curious 
because somewhere (af5f84c5) between 2.7.2 and 2.7.3, I removed a spurious 
usb_set_altinterface() call, and I'm wondering if that changes the claim/detach 
error messages.

-- 
Charles Lepple
clepple@gmail




___
Nut-upsuser mailing list
Nut-upsuser@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/nut-upsuser

Re: [Nut-upsuser] UPS/NUT with openSUSE 13.1

[Rob Groner]

Charles,

3.16.6.-2-desktop

Keep in mind, despite the subject line, that this has been openSUSE 13.2 
recently.   I had hoped it would work better than 13.1, but so far hasn't.  
When I was trying with openSUSE 13.1, it was kernel 3.11.6-2-desktop.

Rob Groner
Software Engineer Level II

RTD Embedded Technologies, Inc.
ISO 9001 and AS9100 Certified
Ph: +1 814-234-8087
www.rtd.com

From: Charles Lepple [mailto:clep...@gmail.com]
Sent: Wednesday, September 09, 2015 7:08 PM
To: Rob Groner 
Cc: Roger Price ; nut-upsuser Mailing List 

Subject: Re: [Nut-upsuser] UPS/NUT with openSUSE 13.1


On Sep 9, 2015, at 10:12 AM, Rob Groner 
> wrote:

linux-5048:/home/rtd # ldd /usr/local/ups/bin/usbhid-ups
linux-vdso.so.1 (0x7fff403fc000)
libusb-0.1.so.4 => /usr/lib64/libusb-0.1.so.4 (0x7f7c34b56000)

The last line seems to indicate that it is the real libusb-0.1, not -compat.

What kernel version on openSUSE?

--
Charles Lepple
clepple@gmail



___
Nut-upsuser mailing list
Nut-upsuser@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/nut-upsuser

[Nut-upsuser] why upsc need no authentication?

[d tbsky]

Hi:
 I  found I can setup password for uspmon. but upsc can connect to
any upsd without authentication. although the ups data is not very
confidential, but I would like not to expose it to anyone who can
connect to server.

is there any method to harden upsd? thanks for hint.

Regards,
tbskyd

___
Nut-upsuser mailing list
Nut-upsuser@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/nut-upsuser

Re: [Nut-upsuser] UPS/NUT with openSUSE 13.1

[Rob Groner]

rtd@linux-5048:~> lsusb -vvv -d 2a37:

Bus 001 Device 005: ID 2a37:5110  
Couldn't open device, some information will be missing
Device Descriptor:
  bLength18
  bDescriptorType 1
  bcdUSB   2.00
  bDeviceClass0 (Defined at Interface level)
  bDeviceSubClass 0 
  bDeviceProtocol 0 
  bMaxPacketSize0 8
  idVendor   0x2a37 
  idProduct  0x5110 
  bcdDevice0.03
  iManufacturer   1 
  iProduct2 
  iSerial 4 
  bNumConfigurations  1
  Configuration Descriptor:
bLength 9
bDescriptorType 2
wTotalLength   41
bNumInterfaces  1
bConfigurationValue 1
iConfiguration  0 
bmAttributes 0xc0
  Self Powered
MaxPower  100mA
Interface Descriptor:
  bLength 9
  bDescriptorType 4
  bInterfaceNumber0
  bAlternateSetting   0
  bNumEndpoints   2
  bInterfaceClass 3 Human Interface Device
  bInterfaceSubClass  0 No Subclass
  bInterfaceProtocol  0 None
  iInterface  0 
HID Device Descriptor:
  bLength 9
  bDescriptorType33
  bcdHID   1.11
  bCountryCode0 Not supported
  bNumDescriptors 1
  bDescriptorType34 Report
  wDescriptorLength 503
 Report Descriptors: 
   ** UNAVAILABLE **
  Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x81  EP 1 IN
bmAttributes3
  Transfer TypeInterrupt
  Synch Type   None
  Usage Type   Data
wMaxPacketSize 0x0008  1x 8 bytes
bInterval  10
  Endpoint Descriptor:
bLength 7
bDescriptorType 5
bEndpointAddress 0x01  EP 1 OUT
bmAttributes3
  Transfer TypeInterrupt
  Synch Type   None
  Usage Type   Data
wMaxPacketSize 0x0008  1x 8 bytes
bInterval  10


I noticed the "can't open device" at the top of the listing before, but I also 
saw that every other entry in the results from "lsusb -vvv" (including the 
mouse) had the same string, so I didn't think it was unusual.  I did notice 
that my USB stick didn't have that message.

Unfortunately, I don't recall much about the git pull, except when you told me 
how to do it however many months back it was.  I pulled it and then went on my 
merry way modifying it.  Is there some way to look in the code/data to see it?

Either way, I haven't changed/updated the code since that pull, so if you made 
the change after that, it hasn't affect me at all.  And if you made it before 
the pull, then I've still been able to successfully use the shutdown command 
with this code just a few months ago, and today using Porteus.

Rob Groner
Software Engineer Level II

RTD Embedded Technologies, Inc.
ISO 9001 and AS9100 Certified
Ph: +1 814-234-8087
www.rtd.com

-Original Message-
From: Charles Lepple [mailto:clep...@gmail.com] 
Sent: Thursday, September 10, 2015 9:44 AM
To: Rob Groner 
Cc: Roger Price ; nut-upsuser Mailing List 

Subject: Re: [Nut-upsuser] UPS/NUT with openSUSE 13.1

On Sep 10, 2015, at 8:49 AM, Rob Groner  wrote:
> 
> Charles,
>  
> 3.16.6.-2-desktop

I think that corresponds to this file: 
http://lxr.free-electrons.com/source/drivers/usb/core/devio.c?v=3.16 (but I 
don't see anything obvious there)

What does "lsusb -vvv -d 2a37:" return? Usually I'd say run that as root when 
the driver isn't running, but I'm looking for the device descriptor, which 
should be available regardless.

The version number of your driver says "2.7.2.6_RTD". Which Git revision does 
that correspond to in the NUT repository (aside from your changes)? I'm curious 
because somewhere (af5f84c5) between 2.7.2 and 2.7.3, I removed a spurious 
usb_set_altinterface() call, and I'm wondering if that changes the claim/detach 
error messages.

-- 
Charles Lepple
clepple@gmail




___
Nut-upsuser mailing list
Nut-upsuser@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/nut-upsuser

Re: [Nut-upsuser] why upsc need no authentication?

[Charles Lepple]

On Sep 10, 2015, at 10:23 AM, d tbsky  wrote:
> 
> Hi:
> I  found I can setup password for uspmon. but upsc can connect to
> any upsd without authentication. although the ups data is not very
> confidential, but I would like not to expose it to anyone who can
> connect to server.
> 
>is there any method to harden upsd? thanks for hint.

There are a few different approaches. If your version of NUT was build with 
TCP-wrappers, you can configure NUT to only allow certain clients to connect.

However, in most cases where you would consider TCP-wrappers, you would 
probably be better served with a kernel-level firewall.

There is also an option to compile NUT to verify client SSL certificates: 
http://www.networkupstools.org/docs/user-manual.chunked/ar01s09.html#_upsd_optional_client_authentication

-- 
Charles Lepple
clepple@gmail




___
Nut-upsuser mailing list
Nut-upsuser@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/nut-upsuser

Re: [Nut-upsuser] APC BACK UPS 2200 model BZ2200BI-BR (New output

[Charles Lepple]

On Sep 9, 2015, at 2:06 PM, Mario Lobo  wrote:
> 
> By the constance of header and footer bytes, I think something
> different is going on now.

Right, this is the resync code that @rpvelloso suggested.

https://github.com/networkupstools/nut/issues/231#issuecomment-138971923

> It still identifying as a Solis 1.0 (which is not) but at least it is
> doing it on its own, without gdb.

If I remember correctly, Bruno was mainly looking for OB/LB status, so he 
mapped the APC model to the nearest Solis model. I've CC'd him in case he has 
any other insights.

Bruno, the mailing list thread starts here: 
http://article.gmane.org/gmane.comp.monitoring.nut.user/9306 and here: 
http://article.gmane.org/gmane.comp.monitoring.nut.user/9317

-- 
Charles Lepple
clepple@gmail




___
Nut-upsuser mailing list
Nut-upsuser@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/nut-upsuser

Re: [Nut-upsuser] UPS/NUT with openSUSE 13.1

[Charles Lepple]

On Sep 10, 2015, at 10:28 AM, Rob Groner  wrote:
> [...]
> I noticed the "can't open device" at the top of the listing before, but I 
> also saw that every other entry in the results from "lsusb -vvv" (including 
> the mouse) had the same string, so I didn't think it was unusual.  I did 
> notice that my USB stick didn't have that message.

Not a big deal, in this case. I was just looking for the device/configuration 
descriptors, and things look reasonable.

> Unfortunately, I don't recall much about the git pull, except when you told 
> me how to do it however many months back it was.  I pulled it and then went 
> on my merry way modifying it.  Is there some way to look in the code/data to 
> see it?

If it is still the same directory (with the .git metadata directory at the top 
level), you can say "git show".

-- 
Charles Lepple
clepple@gmail




___
Nut-upsuser mailing list
Nut-upsuser@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/nut-upsuser

Re: [Nut-upsuser] why upsc need no authentication?

[d tbsky]

2015-09-11 10:11 GMT+08:00 Charles Lepple :
> On Sep 10, 2015, at 10:23 AM, d tbsky  wrote:
>>
>> Hi:
>> I  found I can setup password for uspmon. but upsc can connect to
>> any upsd without authentication. although the ups data is not very
>> confidential, but I would like not to expose it to anyone who can
>> connect to server.
>>
>>is there any method to harden upsd? thanks for hint.
>
> There are a few different approaches. If your version of NUT was build with 
> TCP-wrappers, you can configure NUT to only allow certain clients to connect.
>
> However, in most cases where you would consider TCP-wrappers, you would 
> probably be better served with a kernel-level firewall.
>
> There is also an option to compile NUT to verify client SSL certificates: 
> http://www.networkupstools.org/docs/user-manual.chunked/ar01s09.html#_upsd_optional_client_authentication
>
> --
> Charles Lepple
> clepple@gmail

thanks for the hint. I guest ssl certificates is the way to go.
although it is over skill for my need (just a password to protect it
is enough for me).

___
Nut-upsuser mailing list
Nut-upsuser@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/nut-upsuser

Re: [Nut-upsuser] why upsc need no authentication?

[d tbsky]

2015-09-11 10:11 GMT+08:00 Charles Lepple :
>
> There is also an option to compile NUT to verify client SSL certificates: 
> http://www.networkupstools.org/docs/user-manual.chunked/ar01s09.html#_upsd_optional_client_authentication
>

  after reading the nut document about ssl, I am really confused. I
only see ssl configuration about "upsd" and "upsmon". how about
"upscmd", "upsrw" and "upsc" ? I didn't see configuration for them to
use specific ssl certificate. am I miss something?

Regards,
tbskyd

___
Nut-upsuser mailing list
Nut-upsuser@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/nut-upsuser