Hi!
We have recently had issues with one of our Production Kamailios. When those happened, the log was filled with the following message:
CRITICAL: <core> [core/tcp_main.c:4528]: handle_new_connect(): failed to add new socket to the fd list
Now I wonder what the best approach is to prevent this.
We are using TCP/TLS only and I think this might be related to the file ulimit, but I am not sure about that. Shared memory is set to 512MB
Can you give me a hint on what to look for?
Thank you very much!
FLORIAN FLOIMAIR Software Development - Symphony Cloud Services Commend International GmbH Saalachstrasse 51 5020 Salzburg, Austria [signature_4033764367] commend.com LG Salzburg / FN 178618z
Von: Tom Lynn via sr-users sr-users@lists.kamailio.org Datum: Montag, 29. Jänner 2024 um 20:23 An: Moshe Katz kohenkatz@gmail.com Cc: Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org, Who AmI myfriendjohn1@gmail.com, Tom Lynn tom@tomlynn.com Betreff: [External] [SR-Users] Re: apt-key deprecation
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. Yes! Item 2 looks like the missing secret sauce. Thank you!
On Mon, Jan 29, 2024 at 8:54 AM Moshe Katz <kohenkatz@gmail.commailto:kohenkatz@gmail.com> wrote: Hello,
There is actually a new more-preferred way of doing this. It is slightly more work, but it directly connects the GPG key to the repository with which it is being used.
1. Download the key and de-armor it (i.e. convert from ASCII to binary):
``` wget -O- https://deb.kamailio.org/kamailiodebkey.gpg | gpg --dearmor | sudo tee /etc/apt/keyrings/kamailio.gpg ```
2. When adding the repository, tell apt that this is the key that should be used for it:
``` deb [signed-by=/etc/apt/keyrings/kamailio.gpg] http://deb.kamailio.org/kamailio57 CODE_NAME main ```
This has actually been supported for many years, but it is becoming a lot more common now because it prevents a stolen key from one repository from being used to sign fake packages in another repository.
Moshe
On Mon, Jan 29, 2024 at 9:34 AM Tom Lynn via sr-users <sr-users@lists.kamailio.orgmailto:sr-users@lists.kamailio.org> wrote: Thanks, I'll check it out!
On Mon, Jan 29, 2024, 1:39 AM Who AmI <myfriendjohn1@gmail.commailto:myfriendjohn1@gmail.com> wrote: Hi TL,
I use the below which may help:
wget -O- https://deb.kamailio.org/kamailiodebkey.gpg | sudo tee /etc/apt/trusted.gpg.d/kamailio.asc
This adds the key but not via apt-key, then just add your repo to sources.list.d like previously.
Thanks,
John.
On Mon, 29 Jan 2024 at 05:05, tom--- via sr-users <sr-users@lists.kamailio.orgmailto:sr-users@lists.kamailio.org> wrote: When I look at the debian repositories maintained by the project, there are instructions to import the public key of the repository for apt using this command:
wget -O http://deb.kamailio.org/kamailiodebkey.gpg | sudo apt-key add -
which results in:
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)). gpg: no valid OpenPGP data found.
Is there an alternate method that can be posted in the repository that will get better results?
Thank you, TL __________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions To unsubscribe send an email to sr-users-leave@lists.kamailio.orgmailto:sr-users-leave@lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe: __________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions To unsubscribe send an email to sr-users-leave@lists.kamailio.orgmailto:sr-users-leave@lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:
