NUT package



  • @esquire1968:

    After updating to 2.7.4_1 I can't find the Service! Where can I download the previous version or how can I repair this Version.

    Thx!
    Thomas

    https://forum.pfsense.org/index.php?topic=114871.msg645613#msg645613



  • Well me too. Installed the new package and its gone. Maybe you should pull this update till this problem is fixed…



  • @AR15USR:

    Maybe you should pull this update till this problem is fixed…

    I don't have access to pull the package from the servers.

    It's correct in the development branch of the repo, which is why beta works. There appears to have been a merge problem in moving between the development branch and the 2_3_2 branch which resulted in a duplicate line in the xml file. I don't have access to modify the 2_3_2 branch, or update the package servers. If I did, I would fix the issue.

    I have an email in, but don't know if anyone will be available over the weekend to update the package servers.



  • @dennypage:

    @AR15USR:

    Maybe you should pull this update till this problem is fixed…

    I don't have access to pull the package from the servers.

    It's correct in the development branch of the repo, which is why beta works. There appears to have been a merge problem in moving between the development branch and the 2_3_2 branch which resulted in a duplicate line in the xml file. I don't have access to modify the 2_3_2 branch, or update the package servers. If I did, I would fix the issue.

    I have an email in, but don't know if anyone will be available over the weekend to update the package servers.

    Gotcha, hopefully it will get fixed shortly..



  • It sure is flooding my logs now though:

    Aug 6 14:39:40	kernel		uhid0: <cps 0="" 1="" or1500lcdrm1u,="" class="" 0,="" rev="" 1.10="" 2.00,="" addr=""> on usbus0
    Aug 6 14:39:39	kernel		ugen0.2: <cps> at usbus0
    Aug 6 14:39:37	kernel		uhid0: at uhub1, port 5, addr 1 (disconnected)
    Aug 6 14:39:37	kernel		ugen0.2: <cps> at usbus0 (disconnected)
    Aug 6 14:39:31	kernel		uhid0: <cps 0="" 1="" or1500lcdrm1u,="" class="" 0,="" rev="" 1.10="" 2.00,="" addr=""> on usbus0
    Aug 6 14:39:30	kernel		ugen0.2: <cps> at usbus0
    Aug 6 14:39:28	kernel		uhid0: at uhub1, port 5, addr 1 (disconnected)
    Aug 6 14:39:28	kernel		ugen0.2: <cps> at usbus0 (disconnected)
    Aug 6 14:39:21	kernel		uhid0: <cps 0="" 1="" or1500lcdrm1u,="" class="" 0,="" rev="" 1.10="" 2.00,="" addr=""> on usbus0
    Aug 6 14:39:21	kernel		ugen0.2: <cps> at usbus0
    Aug 6 14:39:18	kernel		uhid0: at uhub1, port 5, addr 1 (disconnected)
    Aug 6 14:39:18	kernel		ugen0.2: <cps> at usbus0 (disconnected)
    Aug 6 14:39:12	kernel		uhid0: <cps 0="" 1="" or1500lcdrm1u,="" class="" 0,="" rev="" 1.10="" 2.00,="" addr=""> on usbus0</cps></cps></cps></cps></cps></cps></cps></cps></cps></cps>
    

    on and on…



  • If you are comfortable with the command line, you can fully delete the package with the following command:

    pkg delete pfSense-pkg-nut

    If you need a functioning package right away, you can update the package using the beta switch switch as w0w describes in the beta thread, or you can PM me with an email address and I will send you a package which is functionally the same as the release version.



  • Well got this result, but it has disappeared off the Installed Packages list. However my logs are still being flooded…

    [2.3.2-RELEASE][xxxx@xxxxx.lan]/root: pkg delete pfSense-pkg-nut
    Checking integrity... done (0 conflicting)
    Deinstallation has been requested for the following 1 packages (of 0 packages in the universe):
    
    Installed packages to be REMOVED:
    	pfSense-pkg-nut-2.7.4_1
    
    Number of packages to be removed: 1
    
    Proceed with deinstalling packages? [y/N]: y
    [1/1] Deinstalling pfSense-pkg-nut-2.7.4_1...
    The nut package is not installed.
    
    [1/1] Deleting files for pfSense-pkg-nut-2.7.4_1: 100%nut-2.7.4_1:   0%
    The nut package is not installed.
    
    


  • OK I did the install from the development branch and it still didn't show up afterwards. So I uninstalled and switched back to Stable.

    I'll be waiting for the update/fix to show in the Stable…



  • Are you sure that you are looked for "UPS" in Services menu instead of "NUT"?

    Just because "development trick" still working for me on VM and production.



  • @w0w:

    Are you sure that you are looked for "UPS" in Services menu instead of "NUT"?

    Just because "development trick" still working for me on VM and production.

    Ah, there it is. See it now, thanks…



  • The repo issue has been fixed. The package version has been updated to 2.7.4_2.



  • I can confirm it's working with apcupsd as a remote host. Thanks Dennypage !



  • Confirmed here as well. Thanks!



  • Confirmed working, thanks.



  • @dennypage:

    The repo issue has been fixed. The package version has been updated to 2.7.4_2.

    Thank you for the fix!  Looks good!

    -th3r3isnospoon



  • I have a new APC UPS (BN1080G) which only has a serial data port on the back but it came with a serial-to-USB cable. I already tried to use the default USB driver via the UPS service settings but it couldn't connect to the UPS. From what I read (http://www.freebsddiary.org/apcupsd.php) in order for the serial-to-USB connection to typically work you'll need to also be running the apcupsd daemon. "apcupsd" is listed as a remote connection option in the UPS services settings, but I would like to run it local to the firewall if possible.

    There isn't a PFSense plugin for this yet but there is a BSD port for it (https://www.freshports.org/sysutils/apcupsd/).

    Unfortunately it doesn't appear to be listed as an available package in the latest stable PFSense release's core package repository.

    2.3.2-RELEASE (amd64)
    built on Tue Jul 19 12:44:43 CDT 2016
    FreeBSD 10.3-RELEASE-p5

    I have another FreeBSD machine internally that I can probably run apcupsd on and then have its port available for PFSense to use in the meantime.

    Any advice?

    Thanks



  • First, I want to thank the developers for their work in this open source project  :)
    I can confirm that the new package works with EATON Protection Station 800.  But the E-mails notification option does not work, I have this error in the system log:

    php-cgi: nut_email.php: Could not send the message to email@example.com -- Error: could not start TLS connection encryption protocol
    

    .
    The E-mail notifications works well if I Test SMTP Settings under System -> Advanced -> Notifications.
    Thanks (and sorry for my bad English).



  • @lemonkey:

    I have a new APC UPS (BN1080G) which only has a serial data port on the back but it came with a serial-to-USB cable.

    According to APC documentation it's a USB port. A new model UPS with a real serial port is pretty rare these days.

    According to the NUT HCL, the default values should support this UPS. Use "Local USB" for UPS Type and "usbhid" for the driver.



  • @afa:

    But the E-mails notification option does not work, I have this error in the system log:

    php-cgi: nut_email.php: Could not send the message to email@example.com -- Error: could not start TLS connection encryption protocol
    

    .
    The E-mail notifications works well if I Test SMTP Settings under System -> Advanced -> Notifications.

    NUT invokes a script to send the email. Unfortunately, SSL is not available when PHP is invoked from a script. This is a known issue with pfSense. It's considered a bug, but no one has tracked it down yet.

    It's on my list when time permits.



  • @dennypage:

    @afa:

    But the E-mails notification option does not work, I have this error in the system log:

    php-cgi: nut_email.php: Could not send the message to email@example.com -- Error: could not start TLS connection encryption protocol
    

    .
    The E-mail notifications works well if I Test SMTP Settings under System -> Advanced -> Notifications.

    NUT invokes a script to send the email. Unfortunately, SSL is not available when PHP is invoked from a script. This is a known issue with pfSense. It's considered a bug, but no one has tracked it down yet.

    I had a brief moment to take a look at this. I've narrowed it to an issue with PHP scripts invoked by users other than root. By default, upsmon runs as uucp, so it isn't able to initialize the secure connection. It's not clear what the long term solution will be, but you can work around the issue by adding the following line to upsmon.conf in the Advanced section:

    RUN_AS_USER root

    This will keep upsmon as root and allow secure connections from PHP.

    As a security best practice it is generally recommended to run upsmon as a user other than root. However, given the closed environment nature of the firewall, I don't see an obvious security issue running upsmon as root.



  • @dennypage:

    I had a brief moment to take a look at this. I've narrowed it to an issue with PHP scripts invoked by users other than root. By default, upsmon runs as uucp, so it isn't able to initialize the secure connection. It's not clear what the long term solution will be, but you can work around the issue by adding the following line to upsmon.conf in the Advanced section:

    RUN_AS_USER root

    The solution works correctly, thanks dennypage!



  • You're welcome. Glad it works for you.



  • @dennypage:

    I had a brief moment to take a look at this. I've narrowed it to an issue with PHP scripts invoked by users other than root. By default, upsmon runs as uucp, so it isn't able to initialize the secure connection. It's not clear what the long term solution will be, but you can work around the issue by adding the following line to upsmon.conf in the Advanced section:

    RUN_AS_USER root

    This will keep upsmon as root and allow secure connections from PHP.

    As a security best practice it is generally recommended to run upsmon as a user other than root. However, given the closed environment nature of the firewall, I don't see an obvious security issue running upsmon as root.

    The core issue turns out to be an file permission issue with one of the php ini files, /usr/local/etc/php/extenstions.ini. The file is owned by root and created with permissions 600, which prevents it from being read by the user upsmon runs as (uucp).

    This file is being removed in pfSense 2.4, so the issue should be resolved then. If you want to correct the issue in the interim, you can apply the following patch:

    *** /etc/rc.php_ini_setup.org	Thu Jul 14 18:14:42 2016
    --- /etc/rc.php_ini_setup	Tue Aug  9 11:58:33 2016
    ***************
    *** 102,107 ****
    --- 102,108 ----
      fi
    
      /usr/bin/sort -u -o /usr/local/etc/php/extensions.ini /usr/local/etc/php/extensions.ini
    + chmod 644 /usr/local/etc/php/extensions.ini
    
      # Set upload directory
      if [ "$PLATFORM" = "nanobsd" ]; then
    
    

    Note that you cannot just change the permissions on /usr/local/etc/php/extensions.ini because it is recreated at every boot.



  • I just did the upgrade and it isn't working.. Was working with the previous version of NUT.

    The service looks to be running.

    It is on version 2.7.4_2

    This is a APC Back UP NS 1250 LCD using USB

    I noticed in the log
    Aug 12 19:14:09 upsmon 23829 Poll UPS [APC] failed - Driver not connected
    Aug 12 19:14:14 upsmon 23829 Poll UPS [APC] failed - Driver not connected
    Aug 12 19:14:19 upsmon 23829 Poll UPS [APC] failed - Driver not connected
    Aug 12 19:14:24 upsmon 23829 Poll UPS [APC] failed - Driver not connected
    Aug 12 19:14:29 upsmon 23829 Poll UPS [APC] failed - Driver not connected
    Aug 12 19:14:31 upsd 24571 Can't connect to UPS [APC] (usbhid-ups-APC): No such file or directory



  • The driver itself has failed. You should see things in the log for the driver. Please post all the log entries for ups* from the point of service start. Also, can you provide detail on your configuration please?



  • Im running pfsense 2.3.2  I was running 2.2.x before. Started at 2.0

    This is a vm on a vmware server.

    This ups was working with the version of NUT before the upgrade to this version.

    Here are the logs from the start of the service

    Aug 12 20:42:12 upsmon 31925 Startup successful
    Aug 12 20:42:13 upsd 38757 listening on ::1 port 3493
    Aug 12 20:42:13 upsd 38757 listening on 127.0.0.1 port 3493
    Aug 12 20:42:13 upsd 38757 Can't connect to UPS [APC] (usbhid-ups-APC): No such file or directory
    Aug 12 20:42:13 upsd 39055 Startup successful
    Aug 12 20:42:15 upsd 39055 User monuser@::1 logged into UPS [APC]
    Aug 12 20:42:15 upsmon 32928 Poll UPS [APC] failed - Driver not connected
    Aug 12 20:42:15 upsmon 32928 Communications with UPS APC lost
    Aug 12 20:42:20 upsmon 32928 Poll UPS [APC] failed - Driver not connected
    Aug 12 20:42:20 upsmon 32928 UPS APC is unavailable



  • The configuration I am looking for is the NUT configuration: What type, what driver, any extra args etc. The best place for this is in your configuration file. Look for something that looks like this:

    
                    <nut><config><type>local_usb</type>
                                    <name>ups</name>
                                    <email>yes</email>
                                    <usb_driver>usbhid-ups</usb_driver>
                                    <upsmon_conf><extra_args></extra_args></upsmon_conf></config></nut> 
    
    

    It would also be very helpful to see the NUT configuration from before you upgraded.

    For logs, go to Status / System Logs / System / General. Select the funnel icon, and put "ups" in the Message field and then Apply Filter. You should see all the ups logs, including the kernel identification of the UPS at boot assuming that it's connected via USB.



  • I rebooted the server since I wanted to get you fresh logs since I cleared out my logs and now its working. So not sure what the reboot did.

    Here is what my nut config if your curious.

    I guess like with everything.. if it doesn't work..reboot it once first. =)

    before

    <nut><config><monitor>local</monitor>
    <powerdown>on</powerdown>
    <custom_upsconf><custom_upsdconf><custom_upsdusers><custom_upsmonconf><allowaddr><allowuser>monuser</allowuser>
    <allowpass>pass</allowpass>
    <name>APC</name>
    <driver>usbhid-ups00</driver>
    <port>auto</port>
    <upstype><cable><snmpname><snmpaddr><snmpcommunity><snmpversion>v2c</snmpversion>
    <snmpmib>ietf</snmpmib>
    <snmpfreq><snmpdisabletransfer><remotename><remoteaddr><remoteuser><remotepass></remotepass></remoteuser></remoteaddr></remotename></snmpdisabletransfer></snmpfreq></snmpcommunity></snmpaddr></snmpname></cable></upstype></allowaddr></custom_upsmonconf></custom_upsdusers></custom_upsdconf></custom_upsconf></config>

    after

    <nut><config><type>local_usb</type>
    <name>APC</name>
    <email></email>
    <usb_driver>usbhid-ups</usb_driver>
    <upsmon_conf><extra_args></extra_args></upsmon_conf></config></nut></nut>



  • Thank you for following up. Glad that it's working now.

    The reboot really shouldn't have been required unless there was an issue with connecting to the USB device. I would keep an eye on it for a while, and if it happens again try

    usbconfig dump_device_desc

    to see if the kernel sees the UPS device as connected.



  • Notes on Power Off vs Halt

    When shutdown time arrives, the NUT package uses the following shutdown command:

    SHUTDOWNCMD "/sbin/shutdown -p +0"

    This command will power off the pfSense system. This is generally appropriate for systems such as firewalls that are configured to always turn on when power is applied. If there is a power setting in the BIOS this is generally referred to as “always on”.

    If you have a system that does not support the always on mode, and instead always returns to the prior (last) state when power is applied, then you probably want to override the shutdown command so that the system is halted but not powered off.

    You can do this by placing the following in upsmon.conf section of the advanced settings:

    SHUTDOWNCMD "/sbin/shutdown -h +0"

    If you have an option, the default "always on" approach is preferable.



  • Notes on SNMP configuration

    The NUT package uses defaults for SNMP values. In most situations, the defaults are appropriate. However, depending upon your particular use case, there are variables that you may want to set in the Extra Arguments section. Arguments that you may need include directives for SNMP version and associated security, polling frequency, timeouts, mibs, etc.

    Full details on the many SNMP options can be found here:

    http://networkupstools.org/docs/man/snmp-ups.html

    One that is of particular interest is the mibs directive. The default value is "auto" which means that the driver will attempt to discover the correct mib at runtime. Most of the time, this works. Sometimes it doesn’t. Occasionally it appears to work, but reports incorrect values for various values like voltages, frequency, etc. If your UPS is reporting things that don’t make sense, this is the thing to check.



  • Notes on executing commands

    NUT has command line tools that allow execution of local commands to perform tasks such as a battery test or set variables in the hardware of the ups. Information on these tools can be found here:

    http://networkupstools.org/docs/man/upscmd.html
      http://networkupstools.org/docs/man/upsrw.html

    In order to use these tools, a privileged NUT user is required. The NUT package automatically creates an administrative user for this purpose. The username is “admin”, and the password can be found in /usr/local/etc/nut/upsd.users. Note that the password is automatically generated, and changes each time the NUT configuration is changed or the system is rebooted.

    Be careful with these commands. :)



  • I didn't notice that this update went through, so I never removed the old version.

    I thought it was broken at first, because I kept going to "Services -> NUT" and I kept getting an nginx error, didn't realize that it had moved to "Services -> UPS"

    Is there any way to remove the old "Services -> NUT" menu entry?  It seems stuck there.



  • @mattlach:

    I thought it was broken at first, because I kept going to "Services -> NUT" and I kept getting an nginx error, didn't realize that it had moved to "Services -> UPS"

    Is there any way to remove the old "Services -> NUT" menu entry?  It seems stuck there.

    If you are comfortable editing the config file, you can remove the old menu section. It looks like this:

    <menu>
                            <name>NUT</name>
                            <tooltiptext>Set Network UPS Tools settings.</tooltiptext>
                           Services
                            <url>/ups_status.php</url>
                   </menu>

    Be very careful editing the config file, and back up the config first.



  • @dennypage:

    @mattlach:

    I thought it was broken at first, because I kept going to "Services -> NUT" and I kept getting an nginx error, didn't realize that it had moved to "Services -> UPS"

    Is there any way to remove the old "Services -> NUT" menu entry?  It seems stuck there.

    If you are comfortable editing the config file, you can remove the old menu section. It looks like this:

    <menu>
                            <name>NUT</name>
                            <tooltiptext>Set Network UPS Tools settings.</tooltiptext>
                           Services
                            <url>/ups_status.php</url>
                   </menu>

    Be very careful editing the config file, and back up the config first.

    Thank you,

    I have no problem editing xml config files (though the pfsense version of vi is awful), but where is the file?

    Or is it more appropriate to save a backup config to my workstation, edit the config, and then upload the edited version?



  • @mattlach:

    I have no problem editing xml config files (though the pfsense version of vi is awful), but where is the file?

    Or is it more appropriate to save a backup config to my workstation, edit the config, and then upload the edited version?

    You can download/edit/upload if you are okay with a firewall reboot. Alternatively, you can ssh in and use viconfig.



  • mattlach, did you get your issue resolved?



  • Just a note I was getting "Driver not connected" errors that wouldn't go away until I rebooted.
    Works fine now.

    Backstory:
    After install, Nut picked up an old (and correct) config - Local USB & usbhid.

    It kept failing w/ the following errors:
    Poll UPS [APC] failed - Driver not connected
    Can't connect to UPS [APC] (usbhid-ups-APC): No such file or directory.

    I followed every suggestion here and other BSD (ie: NAS) threads.

    None of that helped but a reboot put everything right.
    I still appreciate everyone's input though.

    Below is just for ref:

    Original config:

                    <nut><config><type>local_usb</type>
                                    <name>APC</name>
                                    <email></email>
                                    <usb_driver>usbhid-ups</usb_driver>
                                    <upsmon_conf><extra_args></extra_args></upsmon_conf></config></nut> 
    
    

    Current (working) config:

    		 <nut><config><type>local_usb</type>
    				<name>APC</name>
    				<email></email>
    				<usb_driver>usbhid-ups</usb_driver>
    				<upsmon_conf>UlVOX0FTX1VTRVIgcm9vdA==</upsmon_conf>
    				 <extra_args></extra_args></config></nut> 
    
    

    2.3.2-RELEASE (amd64)
    Intel Xeon CPU X3430 @ 2.40GHz
    4GB RAM
    APC Back-UPS NS1250 (BN1250G)

    Output of usbconfig dump_device_desc

    ugen1.4: <back-ups bn1250g="" fw867.l5="" .d="" usb="" fwl5="" american="" power="" conversion="">at usbus1, cfg=0 md=HOST spd=FULL (12Mbps) pwr=ON (2mA)
    
      bLength = 0x0012
      bDescriptorType = 0x0001
      bcdUSB = 0x0200
      bDeviceClass = 0x0000  <probed by="" interface="" class="">bDeviceSubClass = 0x0000
      bDeviceProtocol = 0x0000
      bMaxPacketSize0 = 0x0040
      idVendor = 0x051d
      idProduct = 0x0002
      bcdDevice = 0x0090
      iManufacturer = 0x0001  <american power="" conversion="">iProduct = 0x0002  <back-ups bn1250g="" fw:867.l5="" .d="" usb="" fw:l5="">iSerialNumber = 0x0003  <xxxxxxxxxxx >bNumConfigurations = 0x0001</xxxxxxxxxxx ></back-ups></american></probed></back-ups> 
    


  • @LinuxTracker:

    After install, Nut picked up an old (and correct) config - Local USB & usbhid.

    It kept failing w/ the following errors:
    Poll UPS [APC] failed - Driver not connected
    Can't connect to UPS [APC] (usbhid-ups-APC): No such file or directory.

    Original config:

                    <nut><config><type>local_usb</type>
                                    <name>APC</name>
                                    <email></email>
                                    <usb_driver>usbhid-ups</usb_driver>
                                    <upsmon_conf><extra_args></extra_args></upsmon_conf></config></nut> 
    
    

    Current (working) config:

    		 <nut><config><type>local_usb</type>
    				<name>APC</name>
    				<email></email>
    				<usb_driver>usbhid-ups</usb_driver>
    				<upsmon_conf>UlVOX0FTX1VTRVIgcm9vdA==</upsmon_conf>
    				 <extra_args></extra_args></config></nut> 
    
    

    Do you mean to say that you install a new version of the NUT package? Both configs you posted are are from the new version of the package. Neither is from the old package.

    From a UPS driver point of view, the two configs are identical. The addition of RUN_AS_USER in upsmon_conf has no effect on the driver (usbhid-ups). It's only use is have the monitor (upsmon) run as root in order to work around an issue sending email with a TLS connection, which you are not using. Unless you are planning to use email with a TLS connection, you should remove this directive.



  • @dennypage:

    Do you mean to say that you install a new version of the NUT package? Both configs you posted are are from the new version of the package. Neither is from the old package.

    It went like this.
    I installed Nut from the package manager. After install, Nut said it found an old config and would use that.
    That's when I started getting the driver errors.  I did some poking around, checked out the Nut section of config.xml.  That's what I posted as my original config.

    Today, I went into a config.xml backup from June and the Nut config section there is in the older format.

    		 <nut><config><monitor><powerdown><allowaddr><allowuser>fakeuser</allowuser>
    				<allowpass>fakepass</allowpass>
    				<name>APC</name>
    				<driver>usbhid-ups00</driver>
    				<port>auto</port>
    				 <upstype><cable><snmpname><snmpaddr><snmpcommunity><snmpversion>v2c</snmpversion>
    				<snmpmib>ietf</snmpmib>
    				 <snmpfreq><snmpdisabletransfer><remotename><remoteaddr><remoteuser>fakeuser</remoteuser>
    				<remotepass>fakepass</remotepass></remoteaddr></remotename></snmpdisabletransfer></snmpfreq></snmpcommunity></snmpaddr></snmpname></cable></upstype></allowaddr></powerdown></monitor></config></nut> 
    
    

    I'm assuming the new ver of Nut rewrote my config, sometime after install.

    @dennypage:

    From a UPS driver point of view, the two configs are identical. The addition of RUN_AS_USER in upsmon_conf has no effect on the driver (usbhid-ups). It's only use is have the monitor (upsmon) run as root in order to work around an issue sending email with a TLS connection, which you are not using. Unless you are planning to use email with a TLS connection, you should remove this directive.

    Okay. I tried that after reading a github post about perm issues w/ Nut & was ready to throw spaghetti at the wall.
    (ref: https://github.com/rockstor/rockstor-core/issues/1073)

    I'll get rid of RUN_AS_USER.
    Thanks for the input.


Log in to reply