Hi!

 

We have recently had issues with one of our Production Kamailios.
When those happened, the log was filled with the following message:

CRITICAL: <core> [core/tcp_main.c:4528]: handle_new_connect(): failed to add new socket to the fd list

 

Now I wonder what the best approach is to prevent this.

We are using TCP/TLS only and I think this might be related to the file ulimit, but I am not sure about that.

Shared memory is set to 512MB

Can you give me a hint on what to look for?

Thank you very much!

 

 

FLORIAN FLOIMAIR
Software Development - Symphony Cloud Services

Commend International GmbH
Saalachstrasse 51
5020 Salzburg, Austria

signature_4033764367

commend.com

LG Salzburg / FN 178618z

 

 

Von: Tom Lynn via sr-users <sr-users@lists.kamailio.org>
Datum: Montag, 29. Jänner 2024 um 20:23
An: Moshe Katz <kohenkatz@gmail.com>
Cc: Kamailio (SER) - Users Mailing List <sr-users@lists.kamailio.org>, Who AmI <myfriendjohn1@gmail.com>, Tom Lynn <tom@tomlynn.com>
Betreff: [External] [SR-Users] Re: apt-key deprecation

CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.

Yes!  Item 2 looks like the missing secret sauce.  Thank you!

 

On Mon, Jan 29, 2024 at 8:54AM Moshe Katz <kohenkatz@gmail.com> wrote:

Hello,

 

There is actually a new more-preferred way of doing this. It is slightly more work, but it directly connects the GPG key to the repository with which it is being used.

 

1. Download the key and de-armor it (i.e. convert from ASCII to binary):

 

```

wget -O- https://deb.kamailio.org/kamailiodebkey.gpg | gpg --dearmor | sudo tee /etc/apt/keyrings/kamailio.gpg

```

 

2. When adding the repository, tell apt that this is the key that should be used for it:

 

```

deb [signed-by=/etc/apt/keyrings/kamailio.gpg] http://deb.kamailio.org/kamailio57 CODE_NAME main

```

 

This has actually been supported for many years, but it is becoming a lot more common now because it prevents a stolen key from one repository from being used to sign fake packages in another repository.

 

Moshe

 

 

On Mon, Jan 29, 2024 at 9:34AM Tom Lynn via sr-users <sr-users@lists.kamailio.org> wrote:

Thanks, I'll check it out! 

 

On Mon, Jan 29, 2024, 1:39 AM Who AmI <myfriendjohn1@gmail.com> wrote:

Hi TL,

 

I use the below which may help:

 

wget -O- https://deb.kamailio.org/kamailiodebkey.gpg | sudo tee /etc/apt/trusted.gpg.d/kamailio.asc 

 

This adds the key but not via apt-key, then just add your repo to sources.list.d like previously.

 

Thanks,

 

John.

 

On Mon, 29 Jan 2024 at 05:05, tom--- via sr-users <sr-users@lists.kamailio.org> wrote:

When I look at the debian repositories maintained by the project, there are instructions to import the public key of the repository for apt using this command:

wget -O http://deb.kamailio.org/kamailiodebkey.gpg | sudo apt-key add -

which results in:

Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
gpg: no valid OpenPGP data found.

Is there an alternate method that can be posted in the repository that will get better results?

Thank you,
TL
__________________________________________________________
Kamailio - Users Mailing List - Non Commercial Discussions
To unsubscribe send an email to sr-users-leave@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the sender!
Edit mailing list options or unsubscribe:

__________________________________________________________
Kamailio - Users Mailing List - Non Commercial Discussions
To unsubscribe send an email to sr-users-leave@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the sender!
Edit mailing list options or unsubscribe: