Hi.
Here is the output of the command
root at pbx: ~ $ find / -name asterisk -exec ls -ld '{}' \;
drwxr-xr-x 3 root root 4096 Apr 19 17:32 /usr/include/asterisk
drwxr-x--- 3 asterisk asterisk 4096 Apr 19 17:32 /usr/lib/asterisk
-rwxr-xr-x 1 root root 9719880 Apr 19 17:27
/usr/src/asterisk-11.25.1/main/asterisk
drwxrwxr-x 3 1013 users 4096 Apr 19 16:56
/usr/src/asterisk-11.25.1/include/asterisk
-rwxr-xr-x 1 root root 9719880 Apr 19 17:32 /usr/sbin/asterisk
root at pbx: ~ $
On Wed, Apr 19, 2017 at 5:03 PM, Tzafrir Cohen <tzafrir.cohen at
xorcom.com>
wrote:
> On Wed, Apr 19, 2017 at 04:44:39PM +0300, Atux Atux wrote:
> > hello there. i am running debian 8 in my swerver and i would like to
run
> > asterisk as non root.
>
> The Asterisk package included with Debian already does that. Why not
> have a look at it?
>
> > i did follow the
> > https://www.voip-info.org/wiki-Asterisk+non-root without any success.
> when
> > i issue
> > root at PBX: ~ $ asterisk -U asterisk -G asterisk
>
> The options -U and -G are for the case of running Asterisk as root and
> having Asterisk change user and group afterwards. There are a number of
> options that only work that way (real-time priority, special socket
> permissions, IIRC).
>
> Alternatively you can use other mans to change to that user (--chuid or
> start-stop-daemon or User: and Group: in a systemd service file, or
> whatever). And then you don't need those options.
>
> > Privilege escalation protection disabled!
> > See https://wiki.asterisk.org/wiki/x/1gKfAQ for more details.
>
> Read that text. But it is irrelevant for your situation.
>
> > Unable to access the running directory (Permission denied). Changing
to
> '/'
> > for compatibility.
>
> /root is not accessible by the user asterisk. This is mostly harmless,
> but not if you want to have core files (see also -g) and maybe a few
> other minor things.
>
> > Asterisk already running on /var/run/asterisk/asterisk.ctl. Use
> 'asterisk
> > -r' to connect.
>
> Because you already ran that command before. Or already have the system
> copy of asterisk running. Or whatever.
>
> Reading error messages helps.
>
> --
> Tzafrir Cohen
> +972-50-7952406 mailto:tzafrir.cohen at xorcom.com
> http://www.xorcom.com
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> Check out the new Asterisk community forum at: https://community.asterisk.
> org/
>
> New to Asterisk? Start here:
> https://wiki.asterisk.org/wiki/display/AST/Getting+Started
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.digium.com/pipermail/asterisk-users/attachments/20170419/4b162de1/attachment.html>
On Wednesday 19 April 2017 at 18:48:29, Atux Atux wrote:> Hi. > Here is the output of the command > > root at pbx: ~ $ find / -name asterisk -exec ls -ld '{}' \; > > drwxr-xr-x 3 root root 4096 Apr 19 17:32 /usr/include/asterisk > > drwxr-x--- 3 asterisk asterisk 4096 Apr 19 17:32 /usr/lib/asterisk > > -rwxr-xr-x 1 root root 9719880 Apr 19 17:27 /usr/src/asterisk-11.25.1/main/asterisk > > drwxrwxr-x 3 1013 users 4096 Apr 19 16:56 /usr/src/asterisk-11.25.1/include/asterisk > > -rwxr-xr-x 1 root root 9719880 Apr 19 17:32 /usr/sbin/asteriskOkay, those look reasonable to me - however I'm surprised at some which are missing: /var/log/asterisk /var/spool/asterisk /var/run/asterisk Did you *stop* Asterisk before trying to change it to run as non-root? I think Tzafrir Cohen's comments are very well worth following. Antony. -- "There has always been an underlying argument that we should open up our source code more broadly. The fact is that we are learning from open source and we are opening our code more broadly through Shared Source. Is there value to providing source code? The answer is unequivocally yes." - Jason Matusow, head of Microsoft's Shared Source Program, in response to leaks of Windows source code on the Internet. Please reply to the list; please *don't* CC me.
Hi. thanks a lot for your replies. I did stop the services and i did issued the the "chown" and "chmod" commands listed in the guide. It is necessary to compile it, instead if using the apt-get version What am i missing? On Wed, Apr 19, 2017 at 10:47 PM, Antony Stone < Antony.Stone at asterisk.open.source.it> wrote:> On Wednesday 19 April 2017 at 18:48:29, Atux Atux wrote: > > > Hi. > > Here is the output of the command > > > > root at pbx: ~ $ find / -name asterisk -exec ls -ld '{}' \; > > > > drwxr-xr-x 3 root root 4096 Apr 19 17:32 /usr/include/asterisk > > > > drwxr-x--- 3 asterisk asterisk 4096 Apr 19 17:32 /usr/lib/asterisk > > > > -rwxr-xr-x 1 root root 9719880 Apr 19 17:27 /usr/src/asterisk-11.25.1/ > main/asterisk > > > > drwxrwxr-x 3 1013 users 4096 Apr 19 16:56 /usr/src/asterisk-11.25.1/ > include/asterisk > > > > -rwxr-xr-x 1 root root 9719880 Apr 19 17:32 /usr/sbin/asterisk > > Okay, those look reasonable to me - however I'm surprised at some which > are missing: > > /var/log/asterisk > /var/spool/asterisk > /var/run/asterisk > > Did you *stop* Asterisk before trying to change it to run as non-root? > > I think Tzafrir Cohen's comments are very well worth following. > > > Antony. > > -- > "There has always been an underlying argument that we should open up our > source code more broadly. The fact is that we are learning from open source > and we are opening our code more broadly through Shared Source. > > Is there value to providing source code? The answer is unequivocally yes." > > - Jason Matusow, head of Microsoft's Shared Source Program, in response > to leaks of Windows source code on the Internet. > > Please reply to the > list; > please *don't* CC > me. > > -- > _____________________________________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > > Check out the new Asterisk community forum at: https://community.asterisk. > org/ > > New to Asterisk? Start here: > https://wiki.asterisk.org/wiki/display/AST/Getting+Started > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20170420/66279a8b/attachment.html>