[Nut-upsuser] Getting "Error: No such host" and [ERR ACCESS-DENIED]

Roger Price roger at rogerprice.org
Thu Sep 30 20:28:20 UTC 2010 

Charles Lepple wrote:

> ... It looks like the same "ERR ACCESS-DENIED" code is returned 
> for a problem with upsd.users/upsmon.conf versus a TCP wrappers 
> match failure.

> What if you run 'tcpdchk' against your hosts.allow file? I am not 
> terribly familiar with TCP wrappers, and your configuration looked 
> reasonable, but it's possible that there is a problem with the 
> syntax.

Opensuse no longer runs inetd nor has the /etc/inetd.conf file 
needed by tcpdchk.  I havn't yet found an alternative way of 
checking the TCP wrappers configuration.

On Thu, 30 Sep 2010, Arjen de Korte wrote:

> It could have to to with the fact that you're probably connecting 
> to the server through the '::1' interface. This doesn't seem to 
> work if '::1' is not explicitly listed in '/etc/hosts.allow'.

I added [::1] to the upsd line in /etc/hosts.allow

upsd :  10.0.0/24, localhost, LOCAL, 127.0.0.1, [::1] : ALLOW

and then ran command "rcupsd restart" to restart NUT.  Problem 
solved!  /var/log/messages now includes the line

   upsd[26097]: User upsmaster@::1 logged into UPS [Eaton-66781]

The man page for upsmon.conf currently says for the MONITOR 
directive:

> MONITOR system powervalue username password type

> Each UPS that you need to be monitor should have a MONITOR line. 
> Not all of these need supply power to the system that is running 
> upsmon.  You may monitor other systems if you want to be able to 
> send notifications about status changes on them.
> You must have at least one MONITOR directive in this file.
>     system is a UPS identifier.  It is in this form: 
> <upsname>[@<hostname>[:<port>]] The default hostname is 
> "localhost".

Perhaps it would be worthwhile adding the following note to this 
description

> Note. The hostname "localhost" you specify here cannot be relied 
> on as the only possible hostname in access control file 
> hosts.allow.  You may also need to specify other possible 
> identities for local system, for example "upsd : localhost, LOCAL, 
> 127.0.0.1, [::1] : ALLOW". See also hosts_access(5) and 
> hosts_options(5).

The SEE ALSO for upsmon.conf refers to upsmon(8), upsd(8), 
nutupsdrv(8). I suggest adding hosts_access(5), hosts_options(5) and 
maybe tcpd(8).

By the way, of the last 572 accesses to my "NUT" web page, 81 
visitors have used the three search terms ERR, ACCESS and DENIED, 
roughly 14%.

Roger

More information about the Nut-upsuser mailing list