asterisk dapper.2114_to_dapper.2234 diff

Diego Iastrubni diego.iastrubni at xorcom.com
Tue Aug 8 05:40:31 UTC 2006


On Tuesday 08 August 2006 00:51, Kilian Krause wrote:
> Diego,
>
> > > > -#chmod -R 0664 /etc/asterisk/
> > > > +#chmod -R 0660 /etc/asterisk/
> > >
> > > This one should certainly be enabled, I suspect!
> >
> > Does anyone needs to read this dir outside of the "asterisk" familiy? ->
> > 660 IMHO 664 is enough, but who knows...
>
> well, if you code your VoIP-account data into extensions.conf you'd want
> some whatsoever unprivileged www-data account to be able to read it?
> That way any whatsoever mislead php script could read that to the public
> worst case. So, the 660 is probably a good idea. 640 might be even
> better, but that's a matter of definition of the setup (i.e. who is
> admin). Most probably the public will find 660 more convenient.

Just to be precise:

destar (http://destar.berlios.de/) modifies and 
parses /etc/asterisk/extensions.conf directly. It does not need it's own 
asterisk-config package.

On the other hand, freePBX/AMP  (http://freepbx.org), have 3 set of 
configuration files:

* static files with hooks
* additional hooks
* custom hooks

The www interface, writes directly into the additional hooks and does not try 
to parse the static files. It assumes that the extesions.conf will include 
extensions_additional.conf, sip_additional.conf, iax_additional.conf.. etc, 
and will write the modifications into those files, and then ask asterisk to 
"reload" via the manager.

The custom hooks are never modified by the GUI and are left for use 
customizations. They are not part of the update (and are not even on the 
package, to prevent problems on upgrades).

Both fontends (GUIs whatever...) mandate that the web server (apache) will be 
run as the asterisk user to modify those files. We (Xorcom) hacked around and 
managed to keep the apache running as www-data, by adding the user to the 
"asterisk" group, and making all files writable by the group. I am aware that 
this just makes the problem bigger (now more people, applications) can mess 
up more files more easily.

Note that also ARI (Asterisk Recording Interface, 
http://www.littlejohnconsulting.com/ari) also needs write access at least 
to /etc/asterisk/voicemail.conf, but this issue is going to be addressed 
soon. We are hoping to get into a situation in which ARI (again, PHP code 
running from the www-data context) connect to the asterisk manager, then ask 
it to modify the voicemail of extension ###. This way at least one package 
will not need direct access to the file system, see Tzafrir's message with 
topic "voicemail.conf in asterisk" from yesterday. (security issues later...)

I have been talking with the developers of freePBX to address the needs of 
having the www server running as "asterisk". The available solutions are:

1) Having another daemon which will listen on TCP/Unix sockets and PHP will 
ask it to call the retrieve scripts (which read the configuration from mysql 
and write them back to the file system). That daemon will run with write 
access to /etc/asterisk/*. 

2) Run the retrieve script with sudo. This way only one single command will 
have write access to those directories.

3) having only the additional files www-data writable, but still the asterisk 
directory needs to be writable by that user (or use another sub 
dir /etc/asterisk/additional with www-data write permissions...?)

(1) is not a good idea. PHP coders will not code a good solid daemon, period. 
(2) will have other problems, I am sure.
(3) has not been tested yet, might work

Which leads me to (4): I listen to your suggestions ;-)

Sorry for the long mail, I will try to keep them shorted in future.

- diego



More information about the Pkg-voip-maintainers mailing list