Hello I run AGI scripts from extensions.conf to save data into an SQLite database file, but this file must also be accessible in read-write mode by PHP scripts served by Lighttpd. As far as I can tell, Asterisk runs by default as root:wheel. I don't know if AGI scripts also run as root:wheel. Lighttpd runs as www:www, and if I create a new SQLite database through PHP scripts, they're created as www:wheel. What do you recommend I do so both AGI scripts and PHP scripts can work with a common SQLite file? Should I run Asterisk as www:www, www:wheel? Something else? Thank you.
Why are you using "AGI Scripts" to get to MySLQ instead of the MYSQL add-on package. It seems that would be a hell of a lot more efficient as well as easier to code. Please share as I am very very curious about this as I will soon be facing it on a Large project. Thx Vincent wrote:> Hello > > I run AGI scripts from extensions.conf to save data into an SQLite > database file, but this file must also be accessible in read-write > mode by PHP scripts served by Lighttpd. > > As far as I can tell, Asterisk runs by default as root:wheel. I don't > know if AGI scripts also run as root:wheel. > > Lighttpd runs as www:www, and if I create a new SQLite database > through PHP scripts, they're created as www:wheel. > > What do you recommend I do so both AGI scripts and PHP scripts can > work with a common SQLite file? Should I run Asterisk as www:www, > www:wheel? Something else? > > Thank you. > > > _______________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users > > >
Chris Carey
2008-Mar-24 01:54 UTC
[asterisk-users] Access rights between AGI and Web server?
> > What do you recommend I do so both AGI scripts and PHP scripts can > work with a common SQLite file? Should I run Asterisk as www:www, > www:wheel? Something else? >I run the web server and apache both as the user asterisk
Chris Carey
2008-Mar-24 01:55 UTC
[asterisk-users] Access rights between AGI and Web server?
> > What do you recommend I do so both AGI scripts and PHP scripts can > work with a common SQLite file? Should I run Asterisk as www:www, > www:wheel? Something else? >Correction: I run the web server and asterisk both as the user asterisk
Steve Edwards
2008-Mar-24 02:08 UTC
[asterisk-users] Access rights between AGI and Web server?
On Sun, 23 Mar 2008, Vincent wrote:> I run AGI scripts from extensions.conf to save data into an SQLite > database file, but this file must also be accessible in read-write > mode by PHP scripts served by Lighttpd. > > As far as I can tell, Asterisk runs by default as root:wheel. I don't > know if AGI scripts also run as root:wheel.On BSD? On my CentOS box, Asterisk runs as root:root. Since AGI's are separate processes created by Asterisk, they also run as root:root.> Lighttpd runs as www:www, and if I create a new SQLite database > through PHP scripts, they're created as www:wheel. > > What do you recommend I do so both AGI scripts and PHP scripts can > work with a common SQLite file? Should I run Asterisk as www:www, > www:wheel? Something else?Since the AGI is already running as root, why can't it access the SQLite data file? Try creating /var/lib/asterisk/agi-bin/test containing: #!/bin/bash set >/tmp/test Execute "chmod +x /var/lib/asterisk/agi-bin/test" so it can be executed. Cobble up a dialplan to execute "agi(test)." What does ls -l /tmp/test look like? Mine looks like: -rw-r--r-- 1 root root 623 Mar 23 18:51 /tmp/test What does cat /tmp/test look like? Mine looks like: BASH=/bin/bash BASH_ARGC=() BASH_ARGV=() BASH_LINENO=([0]="0") BASH_SOURCE=([0]="/var/lib/asterisk/agi-bin/test") BASH_VERSINFO=([0]="3" [1]="00" [2]="15" [3]="1" [4]="release" [5]="i686-redhat-linux-gnu") BASH_VERSION='3.00.15(1)-release' DATABASE-DATABASE DATABASE-PASSWORD DATABASE-SERVER DATABASE-USER DIRSTACK=() EUID=0 GROUPS=() HOST=foo HOSTNAME=foo.sedwards.com HOSTTYPE=i686 IFS=$' \t\n' MACHTYPE=i686-redhat-linux-gnu OPTERR=1 OPTIND=1 OSTYPE=linux-gnu PATH=/usr/local/bin/:/bin/ PPID=8435 PS4='+ ' PWD=/tmp SHELL=/bin/bash SHELLOPTS=braceexpand:hashall:interactive-comments SHLVL=1 TERM=dumb UID=0 _=/bin/bash Thanks in advance, ------------------------------------------------------------------------ Steve Edwards sedwards at sedwards.com Voice: +1-760-468-3867 PST Newline Fax: +1-760-731-3000
Mojo with Horan & Company, LLC
2008-Mar-24 19:05 UTC
[asterisk-users] Access rights between AGI and Web server?
Vincent wrote:> Hello > > I run AGI scripts from extensions.conf to save data into an SQLite > database file, but this file must also be accessible in read-write > mode by PHP scripts served by Lighttpd. > > As far as I can tell, Asterisk runs by default as root:wheel. I don't > know if AGI scripts also run as root:wheel. > > Lighttpd runs as www:www, and if I create a new SQLite database > through PHP scripts, they're created as www:wheel. > > What do you recommend I do so both AGI scripts and PHP scripts can > work with a common SQLite file? Should I run Asterisk as www:www, > www:wheel? Something else? > > Thank you. > > > _______________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users >Don't forget that in PHP you have access to chown(), chgrp(), and chmod() -- You can change the files' permissions or uid/guid just after you create them. If the AGIs do run as root:wheel, then there should be no problem, because they should be able to access the db files? <?php $u = posix_getpwuid(posix_getuid()); $g = posix_getgrgid(posix_getgid()); echo "This script is running as ".$u['name'].":".$g['name']; ?>
Tzafrir Cohen
2008-Mar-25 02:27 UTC
[asterisk-users] Access rights between AGI and Web server?
On Sun, Mar 23, 2008 at 11:05:23AM +0100, Vincent wrote:> Hello > > I run AGI scripts from extensions.conf to save data into an SQLite > database file, but this file must also be accessible in read-write > mode by PHP scripts served by Lighttpd. > > As far as I can tell, Asterisk runs by default as root:wheel. I don't > know if AGI scripts also run as root:wheel.This is a ptential problem on its own. Asterisk should run as asterisk:asterisk. There should be a third group (say, wwwast) that both asterisk and www should be its members. And you should chown/chmod the directory holding the sqlite db (and the db itself) to be writable to members of that group. -- Tzafrir Cohen icq#16849755 jabber:tzafrir.cohen at xorcom.com +972-50-7952406 mailto:tzafrir.cohen at xorcom.com http://www.xorcom.com iax:guest at local.xorcom.com/tzafrir