must the UPS nut daemon be run as root?
-
I'm trying to have one of my netgate boxes manage my UPS with nut. The idea is to have other machines poll the firewall for automatic shutdown during power loss.
After installing the relevant package, and connecting the UPS via an USB cable, the system registers the addition. However nut is not able to connect to the UPS.
Dec 18 09:42:28 luke kernel: ugen0.2: <DELL Dell UPS Rack 3750W High Efficiency Online HV - 230V> at usbus0 Dec 18 09:42:32 luke kernel: uhid0 on uhub0 Dec 18 09:42:32 luke kernel: uhid0: <DELL Dell UPS Rack 3750W High Efficiency Online HV - 230V, class 0/0, rev 1.10/1.00, addr 5> on usbus0 Dec 18 09:43:37 luke check_reload_status: Syncing firewall Dec 18 09:43:37 luke php-fpm[78433]: /nut_settings.php: Beginning configuration backup to .https://acb.netgate.com/save Dec 18 09:43:41 luke php-fpm[78433]: /nut_settings.php: End of configuration backup to https://acb.netgate.com/save (success). Dec 18 09:43:41 luke php-fpm[78433]: /nut_settings.php: Starting service nut Dec 18 09:43:41 luke upsmon[26778]: Startup successful Dec 18 09:43:42 luke upsd[27972]: listening on ::1 port 3493 Dec 18 09:43:42 luke upsd[27972]: listening on 127.0.0.1 port 3493 Dec 18 09:43:42 luke upsd[27972]: Can't connect to UPS [rackdell] (usbhid-ups-rackdell): No such file or directory Dec 18 09:43:42 luke upsd[28232]: Startup successful Broadcast Message from root@luke.xxx.xx (no tty) at 9:43 CET... Communications with UPS rackdell lost Dec 18 09:43:44 luke upsd[28232]: User local-monitor@::1 logged into UPS [rackdell] Dec 18 09:43:44 luke upsmon[27240]: Poll UPS [rackdell] failed - Driver not connected Dec 18 09:43:44 luke upsmon[27240]: Communications with UPS rackdell lost Dec 18 09:43:49 luke upsmon[27240]: Poll UPS [rackdell] failed - Driver not connected Dec 18 09:43:49 luke upsmon[27240]: UPS rackdell is unavailable Broadcast Message from root@luke.xxx.xx (no tty) at 9:43 CET... UPS rackdell is unavailable Dec 18 09:43:54 luke upsmon[27240]: Poll UPS [rackdell] failed - Driver not connected Dec 18 09:43:59 luke upsmon[27240]: Poll UPS [rackdell] failed - Driver not connected Dec 18 09:44:04 luke upsmon[27240]: Poll UPS [rackdell] failed - Driver not connected Dec 18 09:44:09 luke upsmon[27240]: Poll UPS [rackdell] failed - Driver not connected [...] Dec 18 10:15:09 luke upsmon[27240]: Poll UPS [rackdell] failed - Driver not connected Dec 18 10:15:11 luke check_reload_status: Syncing firewall Dec 18 10:15:11 luke php-fpm[92953]: /nut_settings.php: Beginning configuration backup to .https://acb.netgate.com/save Dec 18 10:15:14 luke upsmon[27240]: Poll UPS [rackdell] failed - Driver not connected Dec 18 10:15:15 luke php-fpm[92953]: /nut_settings.php: End of configuration backup to https://acb.netgate.com/save (success). Dec 18 10:15:15 luke php-fpm[92953]: /nut_settings.php: Stopping service nut Dec 18 10:15:15 luke upsmon[27240]: Signal 15: exiting Dec 18 10:15:15 luke upsd[28232]: User local-monitor@::1 logged out from UPS [rackdell] Dec 18 10:15:15 luke upsd[28232]: mainloop: Interrupted system call Dec 18 10:15:15 luke upsd[28232]: Signal 15: exiting
After mucking around a bit, I decided to try and start the daemon in debug mode via console.
[2.4.4-RELEASE][admin@luke.xxx.xx]/usr/local/etc/nut: /usr/local/libexec/nut/usbhid-ups -DDD -a rackdell Network UPS Tools - Generic HID driver 0.41 (2.7.4) USB communication driver 0.33 0.000000 debug level is '3' 0.000480 upsdrv_initups... 0.000579 No appropriate HID device found 0.000594 No matching HID UPS found
After a bit more mucking around with scientific thoroughness (read: trying random options to see what happens) I can finally start the thing if I run it as root.
[2.4.4-RELEASE][admin@luke.xxx.xx]/usr/local/etc/nut: /usr/local/libexec/nut/usbhid-ups -u root -DDD -a rackdell Network UPS Tools - Generic HID driver 0.41 (2.7.4) USB communication driver 0.33 0.000000 debug level is '3' 0.000589 upsdrv_initups... 0.000836 Checking device (047C/FFFF) (/dev/usb//dev/ugen0.2) 0.641053 - VendorID: 047c 0.641074 - ProductID: ffff 0.641078 - Manufacturer: DELL 0.641082 - Product: Dell UPS Rack 3750W High Efficiency Online HV - 230V 0.641085 - Serial Number: CN-0H952N-75162-22P-0014-A03 0.641089 - Bus: /dev/usb 0.641093 - Device release number: 0100 0.641097 Trying to match device 0.641106 Device matches 0.641118 nut_usb_set_altinterface: skipped usb_set_altinterface(udev, 0) 0.677340 HID descriptor, method 1: (9 bytes) => 09 21 10 01 21 01 22 97 0 8 0.677360 HID descriptor length (method 1) 2199 0.677369 HID descriptor, method 2: (9 bytes) => 09 21 10 01 21 01 22 97 0 8 0.677373 HID descriptor length (method 2) 2199 0.677377 HID descriptor length 2199 4.482150 Report Descriptor size = 2199 4.482181 Report Descriptor: (2199 bytes) => 05 84 09 04 a1 01 09 10 a1 00 09 12 a1 4.482195 00 09 13 85 20 75 08 95 01 15 00 26 ff 00 65 00 55 00 b1 03 06 ff ff 09 90 [...] 4.483669 Using subdriver: MGE HID 1.39 4.483681 228 HID objects found 4.516830 Report[get]: (4 bytes) => 20 01 01 01 4.516846 Path: UPS.BatterySystem.Battery.BatteryID, Type: Feature, Report ID: 0x20, Offset: 0, Size: 8, Value: 1 4.544525 Report[get]: (2 bytes) => 21 01 4.544539 Path: UPS.BatterySystem.Battery.Count, Type: Feature, ReportID: 0x21, Offset: 0, Size: 8, Value: 1 4.578010 Report[get]: (5 bytes) => 23 e0 c4 00 00 4.578026 Path: UPS.BatterySystem.Battery.DesignCapacity, Type: Feature, R eportID: 0x23, Offset: 0, Size: 32, Value: 50400 [...]
The relevant files seem to be owned by uucp (which is the user nut drops to when running I would guess)
[2.4.4-RELEASE][admin@luke.xxx.xx]/usr/local/etc/nut: ls -lah /dev/ugen* lrwxr-xr-x 1 root wheel 9B Nov 24 16:23 /dev/ugen0.1 -> usb/0.1.0 lrwxr-xr-x 1 root wheel 9B Dec 18 10:20 /dev/ugen0.2 -> usb/0.2.0 [2.4.4-RELEASE][admin@luke.xxx.xx]/usr/local/etc/nut: ls -lah /dev/usb total 1 dr-xr-xr-x 2 root wheel 512B Nov 24 16:23 . dr-xr-xr-x 13 root wheel 512B Nov 24 16:23 .. crw------- 1 root operator 0x2c Nov 24 16:23 0.1.0 crw------- 1 root operator 0x45 Nov 24 16:23 0.1.1 crw------- 1 root operator 0x73 Dec 18 10:20 0.2.0 crw------- 1 root operator 0x75 Dec 18 10:20 0.2.1 [2.4.4-RELEASE][admin@luke.xxx.xx]/usr/local/etc/nut: ls -lah /var/db/ | grep nut drwxr-x--- 2 uucp uucp 512B Dec 18 10:40 nut [2.4.4-RELEASE][admin@luke.xxx.xx]/usr/local/etc/nut: ls -lah /var/db/nut total 12 drwxr-x--- 2 uucp uucp 512B Dec 18 10:40 . drwxr-xr-x 13 root wheel 1.0K Dec 18 09:24 .. -rw-r--r-- 1 uucp uucp 6B Dec 18 10:27 upsmon.pid srw-rw---- 1 uucp uucp 0B Dec 18 10:40 usbhid-ups-rackdell
So far I'm just putting user=root into the "additional configuration lines" into the web interface and it works.
Question is: am I supposed to run this thing as root?
As far as I know there's no way to modify /etc/devfs.conf from the web interface, and I do not want to rely on system modifications that cannot be replicated simply loading the xml configuration file. -
Hmm, curious. Are you still seeing this?
I certainly don't expect that though I've never tried that type of UPS.I do expect that additional config line to be stored in the config file though if you add it via the web interface.
Steve
-
I am still seeing this. No idea if the specific UPS model has anything to do with it, since the driver is usbhid (which I gather is used for a lot of UPS models).
The only log line which seems to me might be relevant is this
0.000836 Checking device (047C/FFFF) (/dev/usb//dev/ugen0.2)
That's not an existing path. And as you can see in the first post, while /dev/ugen0.2 is world readable, the device it points to is not.
And according to its man page usbhid-ups(8) ignores the "port" setting. So I cannot even correct it.
If this was a standard system I would edit devfs.conf(5) and/or devfs.rules(5) to modify the device's permissions and/or ownership... but since afaik it's not possible to do so via web interface I cannot.
Thus I must run the thing as root. It's the only way to make the nut daemon acknowledge the UPS which would survive inside the xml configuration file.If anyone could give me some general idea where to look, I can still run tests, since the UPS setup is not exactly in production yet.