Hi! We have recently had issues with one of our Production Kamailios. When those happened, the log was filled with the following message:
CRITICAL: <core> [core/tcp_main.c:4528]: handle_new_connect(): failed to add new socket to the fd list Now I wonder what the best approach is to prevent this. We are using TCP/TLS only and I think this might be related to the file ulimit, but I am not sure about that. Shared memory is set to 512MB Can you give me a hint on what to look for? Thank you very much! FLORIAN FLOIMAIR Software Development - Symphony Cloud Services Commend International GmbH Saalachstrasse 51 5020 Salzburg, Austria [signature_4033764367] commend.com LG Salzburg / FN 178618z Von: Tom Lynn via sr-users <[email protected]> Datum: Montag, 29. Jänner 2024 um 20:23 An: Moshe Katz <[email protected]> Cc: Kamailio (SER) - Users Mailing List <[email protected]>, Who AmI <[email protected]>, Tom Lynn <[email protected]> Betreff: [External] [SR-Users] Re: apt-key deprecation CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. Yes! Item 2 looks like the missing secret sauce. Thank you! On Mon, Jan 29, 2024 at 8:54 AM Moshe Katz <[email protected]<mailto:[email protected]>> wrote: Hello, There is actually a new more-preferred way of doing this. It is slightly more work, but it directly connects the GPG key to the repository with which it is being used. 1. Download the key and de-armor it (i.e. convert from ASCII to binary): ``` wget -O- https://deb.kamailio.org/kamailiodebkey.gpg | gpg --dearmor | sudo tee /etc/apt/keyrings/kamailio.gpg ``` 2. When adding the repository, tell apt that this is the key that should be used for it: ``` deb [signed-by=/etc/apt/keyrings/kamailio.gpg] http://deb.kamailio.org/kamailio57 CODE_NAME main ``` This has actually been supported for many years, but it is becoming a lot more common now because it prevents a stolen key from one repository from being used to sign fake packages in another repository. Moshe On Mon, Jan 29, 2024 at 9:34 AM Tom Lynn via sr-users <[email protected]<mailto:[email protected]>> wrote: Thanks, I'll check it out! On Mon, Jan 29, 2024, 1:39 AM Who AmI <[email protected]<mailto:[email protected]>> wrote: Hi TL, I use the below which may help: wget -O- https://deb.kamailio.org/kamailiodebkey.gpg | sudo tee /etc/apt/trusted.gpg.d/kamailio.asc This adds the key but not via apt-key, then just add your repo to sources.list.d like previously. Thanks, John. On Mon, 29 Jan 2024 at 05:05, tom--- via sr-users <[email protected]<mailto:[email protected]>> wrote: When I look at the debian repositories maintained by the project, there are instructions to import the public key of the repository for apt using this command: wget -O http://deb.kamailio.org/kamailiodebkey.gpg | sudo apt-key add - which results in: Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)). gpg: no valid OpenPGP data found. Is there an alternate method that can be posted in the repository that will get better results? Thank you, TL __________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions To unsubscribe send an email to [email protected]<mailto:[email protected]> Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe: __________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions To unsubscribe send an email to [email protected]<mailto:[email protected]> Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:
__________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions To unsubscribe send an email to [email protected] Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:
