I am hoping to get some help here with building custom PHP to manage a 'wake up call' system. I have the script where the user can set the schedule for an extension wake up call. It appears to write to the /var/spool/asterisk/outgoing/ directory. My two issues: 1 - when the files do get moved over to outgoing/ directory via a cron job, the permissions show "-rw-r--r-- 1 apache apache 100 Jan 1 2016 5680a312a28b2.call" and the calls get sent when the date comes to pass. But my question is, if I mv 3 files from my php script, 'll /var/spool/asterisk/outgoing/' shows 'total 12' when there are only three files in the directory. What does total mean? Is my perl script doing something that I am not aware of and really there are 12 files overlapped or something funky? --- cron job perl script my @list = glob("/tmp/*.call"); for( 0 .. $#list ) { system "mv $list[$_] /var/spool/asterisk/outgoing/"; } ------------------------------- 2 - I would like to view and delete call files but as it currently stands, php gets a permission denied. obviously php is running as apache and the outgoing/ directory is asterisk:asterisk but the call files are apache:apache. My question is, what is the best way, without risking security, to allow php to list and delete the files? I know my scripts themselves work because when I chown apache:apache /var/spool/asterisk/outgoing the script works. I have seen front ends work with all the same permissions on outgoing/ and the files but I dont know how they are able to read/delete the files for monitor/ which is the same as the outgoing/ directory. Thanks for your help in advance all! --Eric -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20151227/e943597b/attachment.html>
1. The 'Total' line that is displayed with the 'ls -l' command output is NOT the total number of files, it is the total number of system blocks used by the files in the directory. 2. In order to truly understand the situation you need to understand the Linux file system permissions.,,, Every file in Linux has 3 basic permissions for 3 types of users. The basic permissions are Read, Write, eXecute. The types of users are User, Group and Other. The permission 'mode' is displayed in the 'ls -l' output in the first column. In your example of the callfile... '-rw-r--r--'. This gives the User Read and Write to the file while Group and Other have Read to the file. Directories are simply special kinds of files. A directory (very short explanation) is a file that contains the names of other files and a pointer the the place on disk where each file's data is stored(blocks in Question 1). With that understanding... in order to create and delete files in a directory, you need write permission to the directory. This you may have figured out since you changed the permissions on the outgoing directory to get PHP to be able to delete the files. Now, you may not be able to get Asterisk to properly handle the files if Asterisk is not running as root. There are several ways to handle this, each with pros and cons, but how I probably would do it is change the permissions on the /var/spool/asterisk/outgoing directory so that the User and Group both have write access to the directory. There are two commands to do that. To change the permission mode, use the chmod command as root chmod u=rwx,g=rwx,o=rx /var/spool/asterisk/outgoing To change the ownership of the directory, use the chown command as root chown asterisk:apache /var/spool/asterisk/outgoing This will allow both the 'asterisk' User and the 'apache' group to create and delete files in the directory. You may also find it beneficial to change the ownership of the call file when you move them into the outgoing directory. Asterisk will modify the files as it make call attempts. Therefore the asterisk user should be able to write to the call file itself. In your script that moves the files, you may want to add a 'chown asterisk:apache {callfile pathname}'. I don't know if your perl cron job does other things, but I would simply do it all using a set of bash commands. chown asterisk:apache /tmp/*.call && mv /tmp/*.call /var/spool/asterisk/outgoing That can be put into a shell script or run directly in a crontab entry. On Sun, Dec 27, 2015 at 9:14 PM, er ic <email.eherr9633 at gmail.com> wrote:> I am hoping to get some help here with building custom PHP to manage a > 'wake up call' system. > > I have the script where the user can set the schedule for an extension > wake up call. > > It appears to write to the /var/spool/asterisk/outgoing/ directory. > > My two issues: > > 1 - when the files do get moved over to outgoing/ directory via a cron > job, the permissions show "-rw-r--r-- 1 apache apache 100 Jan 1 2016 > 5680a312a28b2.call" and the calls get sent when the date comes to pass. But > my question is, if I mv 3 files from my php script, 'll > /var/spool/asterisk/outgoing/' shows 'total 12' when there are only three > files in the directory. What does total mean? Is my perl script doing > something that I am not aware of and really there are 12 files overlapped > or something funky? > > --- cron job perl script > my @list = glob("/tmp/*.call"); > for( 0 .. $#list ) > { > system "mv $list[$_] /var/spool/asterisk/outgoing/"; > } > ------------------------------- > > 2 - I would like to view and delete call files but as it currently stands, > php gets a permission denied. > obviously php is running as apache and the outgoing/ directory is > asterisk:asterisk but the call files are apache:apache. My question is, > what is the best way, without risking security, to allow php to list and > delete the files? I know my scripts themselves work because when I chown > apache:apache /var/spool/asterisk/outgoing the script works. I have seen > front ends work with all the same permissions on outgoing/ and the files > but I dont know how they are able to read/delete the files for monitor/ > which is the same as the outgoing/ directory. > > Thanks for your help in advance all! > --Eric > > > -- > _____________________________________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20151228/8c2a90d6/attachment.html>
I happen to have some old crufty code in PHP that generates a call file to trigger an AGI. Look at function callagi() in https://github.com/stgnet/stgagi/blob/master/stgagi.php This works in a FreePBX environment where the Asterisk process is running as user "asterisk". There are several other hard coded assumptions such as paths, but the code should give you an idea how to make it work for you. Note that Asterisk will normally delete the call file as soon as it sees it and begins the call. There is an exception to this where the Archive flag in the call file instructs Asterisk to move the file to another directory and update it with the completion status. For full details on the call file contents, see: https://wiki.asterisk.org/wiki/display/AST/Asterisk+Call+Files On Sun, Dec 27, 2015 at 9:14 PM, er ic <email.eherr9633 at gmail.com> wrote:> I am hoping to get some help here with building custom PHP to manage a > 'wake up call' system. > > I have the script where the user can set the schedule for an extension > wake up call. > > It appears to write to the /var/spool/asterisk/outgoing/ directory. > > My two issues: > > 1 - when the files do get moved over to outgoing/ directory via a cron > job, the permissions show "-rw-r--r-- 1 apache apache 100 Jan 1 2016 > 5680a312a28b2.call" and the calls get sent when the date comes to pass. But > my question is, if I mv 3 files from my php script, 'll > /var/spool/asterisk/outgoing/' shows 'total 12' when there are only three > files in the directory. What does total mean? Is my perl script doing > something that I am not aware of and really there are 12 files overlapped > or something funky? > > --- cron job perl script > my @list = glob("/tmp/*.call"); > for( 0 .. $#list ) > { > system "mv $list[$_] /var/spool/asterisk/outgoing/"; > } > ------------------------------- > > 2 - I would like to view and delete call files but as it currently stands, > php gets a permission denied. > obviously php is running as apache and the outgoing/ directory is > asterisk:asterisk but the call files are apache:apache. My question is, > what is the best way, without risking security, to allow php to list and > delete the files? I know my scripts themselves work because when I chown > apache:apache /var/spool/asterisk/outgoing the script works. I have seen > front ends work with all the same permissions on outgoing/ and the files > but I dont know how they are able to read/delete the files for monitor/ > which is the same as the outgoing/ directory. > > Thanks for your help in advance all! > --Eric > > > -- > _____________________________________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users >-- [image: Digium logo] Scott Griepentrog Digium, Inc ? Software Developer 445 Jan Davis Drive NW ? Huntsville, AL 35806 ? US direct/fax: +1 256 428 6239 ? mobile: +1 256 580 6090 Check us out at: http://digium.com ? http://asterisk.org -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20151228/d673124f/attachment.html>
Thanks Dale! I will try your method in the one web directory. Also while I was waiting for a response, I decided to start from scratch in a different web directory and rewrite my code for a database based system. I am writing so that the system inserts into table the extension and time of call with those two grouped with a unique key to avoid duplicates. Then have a cron check every minute to move any files with time of call datertime as current to the outgoing directory. I have been considering two methods 1 - create the call file and leave in directory where Apache can write to. Then put the uniqueID of the call file into the database so when cron runs, it'll grab the file name and move that file to outgoing/ 2- run cron and when it gets time for the call file, have the perl grab the extension and write the call file then and there and then move it to outgoing/ and deleting the database entry. I currently going for option 2. Is there any benefit in a database driven application or does best practices favor the original directory permissions? I am not expecting a high level of wake up calls. Maybe the most of 5-10 in the system nightly. Thanks, --Eric Sent from my phone.> On Dec 28, 2015, at 8:12 AM, Dale Noll <dnoll at wi.rr.com> wrote: > > 1. The 'Total' line that is displayed with the 'ls -l' command output is NOT the total number of files, it is the total number of system blocks used by the files in the directory. > > 2. In order to truly understand the situation you need to understand the Linux file system permissions.,,, Every file in Linux has 3 basic permissions for 3 types of users. The basic permissions are Read, Write, eXecute. The types of users are User, Group and Other. The permission 'mode' is displayed in the 'ls -l' output in the first column. In your example of the callfile... '-rw-r--r--'. This gives the User Read and Write to the file while Group and Other have Read to the file. > > Directories are simply special kinds of files. A directory (very short explanation) is a file that contains the names of other files and a pointer the the place on disk where each file's data is stored(blocks in Question 1). With that understanding... in order to create and delete files in a directory, you need write permission to the directory. This you may have figured out since you changed the permissions on the outgoing directory to get PHP to be able to delete the files. Now, you may not be able to get Asterisk to properly handle the files if Asterisk is not running as root. > > There are several ways to handle this, each with pros and cons, but how I probably would do it is change the permissions on the /var/spool/asterisk/outgoing directory so that the User and Group both have write access to the directory. > > There are two commands to do that. > > To change the permission mode, use the chmod command as root > > chmod u=rwx,g=rwx,o=rx /var/spool/asterisk/outgoing > > > To change the ownership of the directory, use the chown command as root > > chown asterisk:apache /var/spool/asterisk/outgoing > > > This will allow both the 'asterisk' User and the 'apache' group to create and delete files in the directory. > > > You may also find it beneficial to change the ownership of the call file when you move them into the outgoing directory. Asterisk will modify the files as it make call attempts. Therefore the asterisk user should be able to write to the call file itself. In your script that moves the files, you may want to add a 'chown asterisk:apache {callfile pathname}'. > > I don't know if your perl cron job does other things, but I would simply do it all using a set of bash commands. > > chown asterisk:apache /tmp/*.call && mv /tmp/*.call /var/spool/asterisk/outgoing > > That can be put into a shell script or run directly in a crontab entry. > > > >> On Sun, Dec 27, 2015 at 9:14 PM, er ic <email.eherr9633 at gmail.com> wrote: >> I am hoping to get some help here with building custom PHP to manage a 'wake up call' system. >> >> I have the script where the user can set the schedule for an extension wake up call. >> >> It appears to write to the /var/spool/asterisk/outgoing/ directory. >> >> My two issues: >> >> 1 - when the files do get moved over to outgoing/ directory via a cron job, the permissions show "-rw-r--r-- 1 apache apache 100 Jan 1 2016 5680a312a28b2.call" and the calls get sent when the date comes to pass. But my question is, if I mv 3 files from my php script, 'll /var/spool/asterisk/outgoing/' shows 'total 12' when there are only three files in the directory. What does total mean? Is my perl script doing something that I am not aware of and really there are 12 files overlapped or something funky? >> >> --- cron job perl script >> my @list = glob("/tmp/*.call"); >> for( 0 .. $#list ) >> { >> system "mv $list[$_] /var/spool/asterisk/outgoing/"; >> } >> ------------------------------- >> >> 2 - I would like to view and delete call files but as it currently stands, php gets a permission denied. >> obviously php is running as apache and the outgoing/ directory is asterisk:asterisk but the call files are apache:apache. My question is, what is the best way, without risking security, to allow php to list and delete the files? I know my scripts themselves work because when I chown apache:apache /var/spool/asterisk/outgoing the script works. I have seen front ends work with all the same permissions on outgoing/ and the files but I dont know how they are able to read/delete the files for monitor/ which is the same as the outgoing/ directory. >> >> Thanks for your help in advance all! >> --Eric >> >> >> -- >> _____________________________________________________________________ >> -- Bandwidth and Colocation Provided by http://www.api-digital.com -- >> New to Asterisk? Join us for a live introductory webinar every Thurs: >> http://www.asterisk.org/hello >> >> asterisk-users mailing list >> To UNSUBSCRIBE or update options visit: >> http://lists.digium.com/mailman/listinfo/asterisk-users > > -- > _____________________________________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20151228/2a92e73e/attachment.html>