[Nut-upsdev] Error in FAQ

Arjen de Korte nut+devel at de-korte.org
Sat Feb 11 16:32:23 UTC 2006


Arjen de Korte schreef:

> I would like to propose the attached patch, which will bring back the
> old (pre nut-1.3.0) behaviour (which is documented in the FAQ).
> Personally I like the idea of having the configuration files owned by
> 'root' and not being readable by the user running the daemons. If you
> happen to don't like that (and want to be able to send a SIGHUP to them
> and therefor give them at least read permission), this patch won't hurt
> you anyway. Any comments/suggestions before committing this?

Forget about it, it breaks too many things. In retrospect, the
possibility to reload (not only upsd, but also upsmon and the drivers)
is probably more valuable that the added benefit of hiding the contents
of these files once the daemons are running. After all, once they are
running, upsmon will probably know the master password of upsd anyway
(otherwise it would not be able to shutdown the UPS), so there is not
much value in trying to hide even the contents of upsd.users. I removed
the respective FAQ entry.

I'm also starting to question the risk of exposing access to the serial
port to upsd or upsmon if they are on the same system as the drivers
(another entry in the FAQ). About the worst that can happen, is that
someone breaking into the daemons sends the shutdown command to the UPS.
But if they own the daemons already, they don't have to mess with the
serial port. Sending the FSD command will do the same with almost zero
effort.

Regards, Arjen



More information about the Nut-upsdev mailing list