Hi thanks for helping. I don't think nut is built with TCP wrappers support, although the package is listed as depending on libwrap... I ran this command: ldd /sbin/upsd | grep libwrap.so and it has returned no output. Does this mean I have to compile from source or is there a way to add the tcp wrapper support? Thanks again. On 24 November 2016 at 22:40, Roger Price <roger at rogerprice.org> wrote:> On Thu, 24 Nov 2016, Jonah Naylor wrote: > > I installed Nut via apt-get, not from source (which I'd rather stick with >> if possible just for ease of security updates etc) - so I'm not too sure if >> TCP wrappers are there or available... >> >> This could be the problem, am I still able to add the wrappers in with >> prebuilt packages? >> > > Could you apt-get the source and look for the .spec file if your > distribution has one. The openSUSE distribution nut.spec file contains > > %configure \ > --disable-static \ > --with-pic \ > --sysconfdir=%{CONFPATH} \ > --datadir=%{_datadir}/nut \ > --with-all \ > --without-doc \ > --with-ssl \ > --with-openssl \ > --without-nss \ > --with-wrap \ ... > > which shows that TCP Wrappers are included. > > I have the following declaration in the master's hosts.allow. (I have no > hosts.deny file) > > upsd : localhost, LOCAL, 127.0.0.1, [::1] : ALLOW > upsd : ALL : spawn (/bin/mail -r hosts.allow at localhost\ > -s '%s@%h (mybox) refused access to %d from %c'\ > roger at localhost) & : DENY > > # And now the denials which previously appeared in /etc/hosts.deny > ALL : ALL : DENY > > You may need to add the IP address of your slave. > > > Roger > > _______________________________________________ > Nut-upsuser mailing list > Nut-upsuser at lists.alioth.debian.org > http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/nut-upsuser >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.alioth.debian.org/pipermail/nut-upsuser/attachments/20161125/e90948a7/attachment.html>
On Fri, 25 Nov 2016, Jonah Naylor wrote:> I don't think nut is built with TCP wrappers support, although the > package is listed as depending on libwrap...Why would you have such a dependency if nut didn't use TCP Wrappers?> I ran this command: ldd /sbin/upsd | grep libwrap.so and it has returned > no output.If I run that command I get maria:~ # ldd /usr/sbin/upsd linux-vdso.so.1 (0x00007ffff8fa8000) libssl.so.1.0.0 => /lib64/libssl.so.1.0.0 (0x00007f05a4ea6000) libcrypto.so.1.0.0 => /lib64/libcrypto.so.1.0.0 (0x00007f05a4ab9000) libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f05a489b000) libc.so.6 => /lib64/libc.so.6 (0x00007f05a44ed000) libdl.so.2 => /lib64/libdl.so.2 (0x00007f05a42e9000) libz.so.1 => /lib64/libz.so.1 (0x00007f05a40d3000) /lib64/ld-linux-x86-64.so.2 (0x00007f05a510e000) maria:~ # No mention of libwrap, yet I have TCP wrappers compiled in.> Does this mean I have to compile from source or is there a way to add > the tcp wrapper support?If your binary does not include TCP Wrappers, then you don't need to add it, and you don't need /etc/hosts.allow. If your binary does include it, you need /etc/hosts.allow. You don't have to have TCP Wrappers, and you don't have to recompile. Does your distribution have a mailing list which could answer the configuration question? Roger
Hi thanks Roger. Well I'm just using Ubuntu Server 16.04 LTS I only ran that command as a few guides say that's how to establish if a daemon is compiled with tcp wrappers: https://www.cyberciti.biz/faq/tcp-wrappers-hosts-allow-deny-tutorial/ I haven't really used TCP wrappers before so I'm not even sure if my hosts.allow entries are correct: upsd : ipaddressofclientgoeshere ups : monuser at 127.0.0.1/32 monuser at masterstaticIP monuser at slavestaticIP If yourself or anyone could please advise if this should work or if I need something different in my hosts.allow file Thank you very much once again. On 25 November 2016 at 12:00, Roger Price <roger at rogerprice.org> wrote:> On Fri, 25 Nov 2016, Jonah Naylor wrote: > > I don't think nut is built with TCP wrappers support, although the package >> is listed as depending on libwrap... >> > > Why would you have such a dependency if nut didn't use TCP Wrappers? > > I ran this command: ldd /sbin/upsd | grep libwrap.so and it has returned >> no output. >> > > If I run that command I get > > maria:~ # ldd /usr/sbin/upsd > linux-vdso.so.1 (0x00007ffff8fa8000) > libssl.so.1.0.0 => /lib64/libssl.so.1.0.0 (0x00007f05a4ea6000) > libcrypto.so.1.0.0 => /lib64/libcrypto.so.1.0.0 > (0x00007f05a4ab9000) > libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f05a489b000) > libc.so.6 => /lib64/libc.so.6 (0x00007f05a44ed000) > libdl.so.2 => /lib64/libdl.so.2 (0x00007f05a42e9000) > libz.so.1 => /lib64/libz.so.1 (0x00007f05a40d3000) > /lib64/ld-linux-x86-64.so.2 (0x00007f05a510e000) > maria:~ # > > No mention of libwrap, yet I have TCP wrappers compiled in. > > Does this mean I have to compile from source or is there a way to add the >> tcp wrapper support? >> > > If your binary does not include TCP Wrappers, then you don't need to add > it, and you don't need /etc/hosts.allow. If your binary does include it, > you need /etc/hosts.allow. You don't have to have TCP Wrappers, and you > don't have to recompile. > > Does your distribution have a mailing list which could answer the > configuration question? > > > Roger > > _______________________________________________ > Nut-upsuser mailing list > Nut-upsuser at lists.alioth.debian.org > http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/nut-upsuser >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.alioth.debian.org/pipermail/nut-upsuser/attachments/20161125/2a815a51/attachment.html>