[Nut-upsuser] Access restriction on Upgrade Debian lenny -> Debian squeeze
Charles Lepple
clepple at gmail.com
Fri Mar 11 03:17:37 UTC 2011
On Mar 10, 2011, at 4:41 PM, Lukas Haase wrote:
> However, after upgrading from Debian lenny to Debian squeeze
> (version 2.4.3-1.1squeeze1) I get the messages in syslog:
>
> ACL in upsd.conf is no longer supported - switch to LISTEN
> ACCEPT in upsd.conf is no longer supported - switch to LISTEN
> REJECT in upsd.conf is no longer supported - switch to LISTEN
> allowfrom in upsd.users is no longer used
>
> Well, I commented out the lines and it works now. However, there is
> no access restriction anymore! :-( Why have these wonderful features
> been dropped? Are there at least any alternatives for ACL, ACCEPT,
> REJECT and allowFrom?
The following web page indicates that the Debian squeeze packages of
NUT were linked against libwrap, which has had a much longer track
record of user-space connection filtering than NUT:
http://packages.debian.org/squeeze/nut
This information should be in /usr/share/doc/nut/UPGRADING.gz.
The NUT mailing list archives have a number of threads where the
reasoning for this change has been discussed.
You also might want to consider kernel-level firewall rules. That
means that you won't be exposed to bugs in either NUT's connection
handling, or that of libwrap.
More information about the Nut-upsuser
mailing list