asterisk users - Mar 2017 - Having problem getting Asterisk to work on CentOS 7

On Tue, Mar 14, 2017 at 06:03:33PM +0100, Jean Aunis
wrote:
> Hello,
> 
> Did you disable selinux ? It usually causes troubles when starting asterisk
> as a service. You can do this with : setenforce 0 (this will not totally
> disable selinux, but switch it to a permissive mode).
Generally before advising that, check if this is the error:

  tail -f /var/log/audit/audit.log

and try the command.

Is there any open bug for a security policy for Asterisk?

-- 
               Tzafrir Cohen
icq#16849755              jabber:tzafrir.cohen at xorcom.com
+972-50-7952406           mailto:tzafrir.cohen at xorcom.com
http://www.xorcom.com

I have  FreePBX 14.0.1beta20 running on Centos 7.3.

What problems are you having?
The latest emails don't have any details about the problem or what you 
have tried.

Ron

On 14/03/2017 2:21 PM, Tzafrir Cohen wrote:
> On Tue, Mar 14, 2017 at 06:03:33PM +0100, Jean Aunis wrote:
>> Hello,
>>
>> Did you disable selinux ? It usually causes troubles when starting
asterisk
>> as a service. You can do this with : setenforce 0 (this will not
totally
>> disable selinux, but switch it to a permissive mode).
> Generally before advising that, check if this is the error:
>
>    tail -f /var/log/audit/audit.log
>
> and try the command.
>
> Is there any open bug for a security policy for Asterisk?
>

-- 
Ron Wheeler
President
Artifact Software Inc
email: rwheeler at artifact-software.com
skype: ronaldmwheeler
phone: 866-970-2435, ext 102

https://docs.fedoraproject.org/en-US/Fedora/11/html/Security-Enhanced_Linux/sect-Security-Enhanced_Linux-Working_with_SELinux-Enabling_and_Disabling_SELinux.html

If disabling Selinux solves your problem, then your problem may be 
related to Selinux.
If it does not change yout problem, you may want to look elsewhere.

<editorial>It seems that a lot of  things do not work with Selinux or 
have no instructions about how to make them work with Selinux that it 
almost seems like a useless feature.</editorial>

Ron

On 14/03/2017 2:21 PM, Tzafrir Cohen wrote:
> On Tue, Mar 14, 2017 at 06:03:33PM +0100, Jean Aunis wrote:
>> Hello,
>>
>> Did you disable selinux ? It usually causes troubles when starting
asterisk
>> as a service. You can do this with : setenforce 0 (this will not
totally
>> disable selinux, but switch it to a permissive mode).
> Generally before advising that, check if this is the error:
>
>    tail -f /var/log/audit/audit.log
>
> and try the command.
>
> Is there any open bug for a security policy for Asterisk?
>

-- 
Ron Wheeler
President
Artifact Software Inc
email: rwheeler at artifact-software.com
skype: ronaldmwheeler
phone: 866-970-2435, ext 102

On Tue, Mar 14, 2017 at 02:46:19PM -0400, Ron Wheeler
wrote:
>
https://docs.fedoraproject.org/en-US/Fedora/11/html/Security-Enhanced_Linux/sect-Security-Enhanced_Linux-Working_with_SELinux-Enabling_and_Disabling_SELinux.html
> 
> If disabling Selinux solves your problem, then your problem may be related
> to Selinux.
> If it does not change yout problem, you may want to look elsewhere.
> 
> <editorial>It seems that a lot of  things do not work with Selinux or
have
> no instructions about how to make them work with Selinux that it almost
> seems like a useless feature.</editorial>
Many things work well, once properly configured. Looking at the exact
error (again, audit.log) is the first step.

Once upon a time Asterisk used to be able to run with SELinux:
https://issues.asterisk.org/jira/browse/ASTERISK-3088

The problem may be missing a profile for Asterisk.

Or the fact that it interacts too much with other services? I'll have to
give it a shot. At least for a stand-alone Asterisk.

-- 
               Tzafrir Cohen
icq#16849755              jabber:tzafrir.cohen at xorcom.com
+972-50-7952406           mailto:tzafrir.cohen at xorcom.com
http://www.xorcom.com