asterisk users - Mar 2005 - File permissions and ownership

I'm generating an RPM of 1.0.7 and noting that most of the files are
created world-readable. Is this reasonable? Or should the config/spool/log
files only be readable by root?

Must asterisk run as root? If so, what capabilities are required? In
principle one could change the capabilities list and then drop to a mortal
EUID.

Kenneth Porter wrote:
> I'm generating an RPM of 1.0.7 and noting that most of the files are
> created world-readable. Is this reasonable? Or should the
> config/spool/log files only be readable by root?
>
> Must asterisk run as root? If so, what capabilities are required? In
> principle one could change the capabilities list and then drop to a
> mortal EUID.
I run 1.0.7 as non-root. Specifically, I run asterisk as user
"asterisk" and
group "asterisk".

You need to make any /dev/zap stuff owned:grouped by asterisk.

And the paths to logs, sounds, voicemail etc, should all be owned:grouped as
well.

Works fine here!

-Matthew