Michael Englehorn
2022-Jan-11 16:20 UTC
[asterisk-users] extensions.conf asterisk 18.8.0 question
If you're on RHEL or CentOS or one of its descendants, I would check if SELinux is enforcing (`sestatus` or `cat /etc/selinux/config` and look for "SELINUX=enforcing"), if it is, you'll probably need to create a policy to allow the Asterisk context to execute rm and/or delete files. I use `audit2why` and `audit2allow` in policycoreutils-devel (on CentOS) to generate SELinux policy modules. -Michael Englehorn ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Monday, January 10th, 2022 at 1:03 PM, Jerry Geis <jerry.geis at gmail.com> wrote:> I am trying to run this command: > exten => _4XX,n,System(/usr/bin/rm /tmp/test.incoming.txt) >> From the log: > Executing [402 at smvoice-sip:7] System("SIP/103-00000018", "/usr/bin/rm /tmp/test.incoming.txt") in new stack >> Is "rm" not an allowed command - the above file is not removed. > -rw-rw-rw- 1 silentm silentm 3 Jan 10 14:02 /tmp/test.incoming.txt >> Thanks! >> Jerry-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20220111/fc4a72df/attachment.html> -------------- next part -------------- A non-text attachment was scrubbed... Name: publickey - michael at englehorn.com - 0x8B2C043D.asc Type: application/pgp-keys Size: 1795 bytes Desc: not available URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20220111/fc4a72df/attachment.key> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 509 bytes Desc: OpenPGP digital signature URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20220111/fc4a72df/attachment.sig>
Antony Stone
2022-Jan-11 16:29 UTC
[asterisk-users] extensions.conf asterisk 18.8.0 question
On Tuesday 11 January 2022 at 17:20:44, Michael Englehorn wrote:> If you're on RHEL or CentOS or one of its descendants,Oh, now that reminds me that those systems also tend to alias "rm" to "rm -i", so they won't delete files without confirmation. Irritating in general IMHO, but it might be the cause of your puzzlement...> ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ > > On Monday, January 10th, 2022 at 1:03 PM, Jerry Geis wrote: > > I am trying to run this command: > > exten => _4XX,n,System(/usr/bin/rm /tmp/test.incoming.txt) > > > > > > From the log: > > Executing [402 at smvoice-sip:7] System("SIP/103-00000018", "/usr/bin/rm > > /tmp/test.incoming.txt") in new stack > > > > > > Is "rm" not an allowed command - the above file is not removed. > > -rw-rw-rw- 1 silentm silentm 3 Jan 10 14:02 /tmp/test.incoming.txtAntony. -- Just when you think you're done, a cat floats by with buttered toast strapped to its back. - Steve Krug, "Don't make me think" Please reply to the list; please *don't* CC me.