On Thu, Sep 07, 2000 at 01:54:03PM +0100, Conor Daly wrote:
> On Thu, Sep 07, 2000 at 11:38:48AM +0100 or so it is rumoured hereabouts,
> Declan Grady thought:
> > I also have a redhat box on the same ups, but no communication with the
> > ups.. How could I get it to do an orderly poweroff as well ? .. Is there
> > some way I can get the SCO box to tell it to poweroff ?
> >
>> One obvious way is to have the SCO box email root at redhat.box with a
> suitable subject. Have redhat root's .procmail fire off a shutdown script
> on receipt of one of these messages.
>> You'd need to do some accounting for the time it takes for an email to get
> delivered and acted upon though. Maybe have some kind of "Hold on, I
> didn't mean that!" escape available also.
A bit more securable:
Add an entry to inetd.conf that does something like:
rem-pwrfail stream tcp wait root /usr/local/sbin/remote-power remote-power FAIL
rem-pwrok stream tcp wait root /usr/local/sbin/remote-power remote-power OK
Add entries to to /etc/services to defined port numbers for these
'services':
rem-pwrfail 6453/tcp # SCO box telling us we're on UPS power
rem-pwrOK 6454/tcp # SCO box telling us power is OK again
(The port numbers are just random numbers that my fingers generated.)
Then /usr/local/sbin/remote-power looks like:
#!/bin/sh
rm -f /etc/powerstatus
echo $1 > etc/powerstatus
kill -PWR 1 # send SIGPWR to init
Then, on the SCO box, the scripts that handle power fail and power OK use,
say,
telnet redhat-box 6453
to tell it that the power is down and
telnet redhat-box 6454
to tell it that the power is OK again.
The big advantage of this over something like a mail message is that
you know for a fact that the remote machine has got the message and
you can use IP firewalling or tcpwrappers to only allow connections
to these ports from the SCO box. If you have untrusted users on the
SCO box, then either
1. Set the IP firewalling rules to only allow connections from ports
less than 1024
2. Use netcat on the SCO box to make the connection, rather than telnet
(I _think_ netcat allows you to specify the source port number)
or
1. Make /usr/local/sbin/remote-power mode 700 and hard-code a random
'password' into it that the SCO box must send for the signal to
be sent to init.
2. Do echo "my-password" | telnet redhat-box 6453 on the SCO box
Note that the man page for init discourages the use of /etc/powerstatus
and the SIGPWR signal. It refers to the source for details. This is
left as an exercise for the reader :-)
Later,
Kenn
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
