I don't want to run bearerbox as root
We are using Kannel 0.10.3.
For security reasons we are trying to run all kannel boxes as nobody (or any
non root, for example kannel).
There is no problem with sms and wap boxes. They are runnning as user
kannel.
When we tried to run bearerbox as user kannel other boxes could not
connect to it.
The connection refused 111 error is obtained.
Of course, we have started bearerbox before other boxes.
You can see the used startup script at the and of the message.
Thanks!
Miroslav
#! /bin/sh
# kannelStartup script for the Kannel WAP and SMS Gateway
#
# Written by Andres Seco [EMAIL PROTECTED] using
# the skeleton provided by Miquel van Smoorenburg and
# Ian Murdock in Debian GNU/Linux 2.1 (slink)
# modified with paragraphs from diald startup script
# in Debian GNU/Linux 2.2 (potato)
# Modified from init script from alamin-server.
#
# Version: @(#)kannel 1.0 19-Aug-2001 [EMAIL PROTECTED]
#
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
RUNBOX=/usr/local/bin/run_kannel_box-0.10.3
DAEMONA=/usr/local/bin/bearerbox-0.10.3
DAEMONB=/usr/local/bin/wapbox-0.10.3
DAEMONC=/usr/local/bin/smsbox-0.10.3
NAMEA=bearerbox
NAMEB=wapbox
NAMEC=smsbox
PIDA=kannel/bearerbox
PIDB=kannel/wapbox
PIDC=kannel/smsbox
DESC=Kannel WAP and SMS Gateway
CONF=/usr/local/bin/m20.conf
USER=kannel
test -f $DAEMONA || exit 0
test -f $DAEMONB || exit 0
test -f $DAEMONC || exit 0
test -f $CONF || exit 0
set -e
case $1 in
start)
echo -n Starting $DESC:
start-stop-daemon --start --quiet \
--pidfile /var/run/$PIDA.pid \
--exec $RUNBOX \
-- \
--pidfile /var/run/$PIDA.pid \
$DAEMONA $CONF
echo -n $NAMEA
sleep 10
start-stop-daemon --start --quiet \
--chuid $USER \
--pidfile /var/run/$PIDB.pid \
--exec $RUNBOX \
-- \
--pidfile /var/run/$PIDB.pid \
$DAEMONB $CONF
echo -n $NAMEB
sleep 5
start-stop-daemon --start --quiet \
--chuid $USER \
--pidfile /var/run/$PIDC.pid \
--exec $RUNBOX \
-- \
--pidfile /var/run/$PIDC.pid \
$DAEMONC $CONF
echo -n $NAMEC
echo .
;;
stop)
echo -n Stopping $DESC:
start-stop-daemon --stop --quiet --oknodo \
--pidfile /var/run/$PIDC.pid \
--exec $RUNBOX
echo -n $NAMEC
start-stop-daemon --stop --quiet --oknodo \
--pidfile /var/run/$PIDB.pid \
--exec $RUNBOX
echo -n $NAMEB
start-stop-daemon --stop --quiet --oknodo \
--pidfile /var/run/$PIDA.pid \
--exec $RUNBOX
echo -n $NAMEA
echo .
;;
reload|force-reload|restart)
$0 stop
sleep 2
$0 start
;;
*)
N=/etc/init.d/$NAME
echo Usage: $N {start|stop|restart|reload|force-reload} 2
exit 1
;;
esac
exit 0
RE: I don't want to run bearerbox as root
It depends on your port configuration - non-root processes cannot open
ports under 1024. we have been running Kannel as a single user
successfuly on a number of linux machines.
Oded Arbel
m-Wise Inc.
[EMAIL PROTECTED]
--
The widest thing in the universe is not space, it is the potential
capacity of the human heart.
-- A. W. Tozer
-Original Message-
From: Miroslav Vrankic [mailto:[EMAIL PROTECTED]]
Sent: Friday, February 15, 2002 2:25 PM
To: [EMAIL PROTECTED]
Subject: I don't want to run bearerbox as root
We are using Kannel 0.10.3.
For security reasons we are trying to run all kannel boxes as
nobody (or any
non root, for example kannel).
There is no problem with sms and wap boxes. They are runnning as user
kannel.
When we tried to run bearerbox as user kannel other boxes could not
connect to it.
The connection refused 111 error is obtained.
Of course, we have started bearerbox before other boxes.
You can see the used startup script at the and of the message.
Thanks!
Miroslav
#! /bin/sh
# kannelStartup script for the Kannel WAP and SMS Gateway
#
# Written by Andres Seco [EMAIL PROTECTED] using
# the skeleton provided by Miquel van Smoorenburg and
# Ian Murdock in Debian GNU/Linux 2.1 (slink)
# modified with paragraphs from diald startup script
# in Debian GNU/Linux 2.2 (potato)
# Modified from init script from alamin-server.
#
# Version: @(#)kannel 1.0 19-Aug-2001 [EMAIL PROTECTED]
#
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
RUNBOX=/usr/local/bin/run_kannel_box-0.10.3
DAEMONA=/usr/local/bin/bearerbox-0.10.3
DAEMONB=/usr/local/bin/wapbox-0.10.3
DAEMONC=/usr/local/bin/smsbox-0.10.3
NAMEA=bearerbox
NAMEB=wapbox
NAMEC=smsbox
PIDA=kannel/bearerbox
PIDB=kannel/wapbox
PIDC=kannel/smsbox
DESC=Kannel WAP and SMS Gateway
CONF=/usr/local/bin/m20.conf
USER=kannel
test -f $DAEMONA || exit 0
test -f $DAEMONB || exit 0
test -f $DAEMONC || exit 0
test -f $CONF || exit 0
set -e
case $1 in
start)
echo -n Starting $DESC:
start-stop-daemon --start --quiet \
--pidfile /var/run/$PIDA.pid \
--exec $RUNBOX \
-- \
--pidfile /var/run/$PIDA.pid \
$DAEMONA $CONF
echo -n $NAMEA
sleep 10
start-stop-daemon --start --quiet \
--chuid $USER \
--pidfile /var/run/$PIDB.pid \
--exec $RUNBOX \
-- \
--pidfile /var/run/$PIDB.pid \
$DAEMONB $CONF
echo -n $NAMEB
sleep 5
start-stop-daemon --start --quiet \
--chuid $USER \
--pidfile /var/run/$PIDC.pid \
--exec $RUNBOX \
-- \
--pidfile /var/run/$PIDC.pid \
$DAEMONC $CONF
echo -n $NAMEC
echo .
;;
stop)
echo -n Stopping $DESC:
start-stop-daemon --stop --quiet --oknodo \
--pidfile /var/run/$PIDC.pid \
--exec $RUNBOX
echo -n $NAMEC
start-stop-daemon --stop --quiet --oknodo \
--pidfile /var/run/$PIDB.pid \
--exec $RUNBOX
echo -n $NAMEB
start-stop-daemon --stop --quiet --oknodo \
--pidfile /var/run/$PIDA.pid \
--exec $RUNBOX
echo -n $NAMEA
echo .
;;
reload|force-reload|restart)
$0 stop
sleep 2
$0 start
;;
*)
N=/etc/init.d/$NAME
echo Usage: $N {start|stop|restart|reload|force-reload} 2
exit 1
;;
esac
exit 0
Re: I don't want to run bearerbox as root
On Fri, Feb 15, 2002 at 01:24:43PM +0100, Miroslav Vrankic wrote: When we tried to run bearerbox as user kannel other boxes could not connect to it. You didn't attach your config file (or log file), but from this line: CONF=/usr/local/bin/m20.conf it looks like you're using a Siemens M20. Check the permissions on the serial port device (e.g. /dev/ttyS0) to make sure the kannel user can access it. Dave -- David Holland =*= Systems Manager =*= tel: +44 01223 478900 http://www.3glab.com/ =*= 3G Lab, UK =*= fax: +44 01223 478901 If you lie to the compiler, it will get its revenge. -- Henry Spencer
Re: I don't want to run bearerbox as root
Miroslav Vrankic wrote: We are using Kannel 0.10.3. ajme meni, zar koristite taku statu verziu :)) -- najbolje uzmite trenutno CVS stablo, koje je najbolje sta se tice stabiliteta. (some croatian for those who are interested :) Stipe [EMAIL PROTECTED] --- Wapme Systems AG Münsterstr. 248 40470 Düsseldorf Tel: +49-211-74845-0 Fax: +49-211-74845-299 E-Mail: [EMAIL PROTECTED] Internet: http://www.wapme-systems.de --- wapme.net - wherever you are
Re: smsbox_req_sendota broken?
Angel Fradejas wrote:
I see the point Stipe, thanks for your response. But before calling
ota_tokenize_ we have all this
smsc = http_cgi_variable(list, smsc);
if (urltrans_forced_smsc(t)) {
msg-sms.smsc_id = octstr_duplicate(urltrans_forced_smsc(t));
if (smsc)
info(0, send-sms request smsc id ignored, as smsc id forced to
%s,
octstr_get_cstr(urltrans_forced_smsc(t)));
} else if (smsc) {
msg-sms.smsc_id = octstr_duplicate(smsc);
} else if (urltrans_default_smsc(t)) {
msg-sms.smsc_id = octstr_duplicate(urltrans_default_smsc(t));
} else
msg-sms.smsc_id = NULL;
That's why I said the function was broken. Take a look again please and
correct me if I'm wrong.
yep, you are right. It seems I copied the urltrans_forced_smsc() issue
over into this without noticing that we end up in a messed and non
create msg structure :(((
This is definitly a bug!
Stipe
[EMAIL PROTECTED]
---
Wapme Systems AG
Münsterstr. 248
40470 Düsseldorf
Tel: +49-211-74845-0
Fax: +49-211-74845-299
E-Mail: [EMAIL PROTECTED]
Internet: http://www.wapme-systems.de
---
wapme.net - wherever you are
Re: I don't want to run bearerbox as root
Stipe, what other languages do you speak ? Did St.Valentine's day impressed you that much ? Lol :) - Original Message - From: Stipe Tolj [EMAIL PROTECTED] To: Miroslav Vrankic [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Friday, February 15, 2002 9:02 AM Subject: Re: I don't want to run bearerbox as root Miroslav Vrankic wrote: We are using Kannel 0.10.3. ajme meni, zar koristite taku statu verziu :)) -- najbolje uzmite trenutno CVS stablo, koje je najbolje sta se tice stabiliteta. (some croatian for those who are interested :) Stipe [EMAIL PROTECTED] --- Wapme Systems AG Münsterstr. 248 40470 Düsseldorf Tel: +49-211-74845-0 Fax: +49-211-74845-299 E-Mail: [EMAIL PROTECTED] Internet: http://www.wapme-systems.de --- wapme.net - wherever you are
PDU to 7-bit
I know this sounds rather newbie, please someone have the patience to refer me to a document at least. I've got 8-bit PDU's already constructed and ready to send to telephones. Logos, tunes, EMS, you name it. Kannel sends as UDH + 7-bit text, split into SMS. Or does it? Is there a set of config switches I can use to either send the 8-bit PDU as-is, or have Kannel internally convert all to UDH + 7-bit user data? Is this done as an OTA send? I can't tell. This is probably an FAQ, but after spending all morning reading specs I can't answer it. Thanks in advance, Steve
Re: segmentation fault
Hi Angel, yes I figured that out already ;-) Is it fixed in current cvs? Have a nice weekend everybody! /Peter Lofman - Original Message - From: Angel Fradejas [EMAIL PROTECTED] To: Peter Löfman [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Thursday, February 14, 2002 5:26 PM Subject: RE: segmentation fault Peter, take a look at my recent posts about smsbox_req_sendota broken?. I guess that is the problem. Angel Fradejas. -Mensaje original- De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]En nombre de Peter Löfman Enviado el: lunes 11 de febrero de 2002 19:41 Para: [EMAIL PROTECTED] Asunto: segmentation fault Hi, with latest cvs smsbox crashes with error message segmentation fault when i try to send xml ota configuration message. With the EXACT same configuration with about one week old cvs it is working perfectly! What can be the problem? /Peter Lofman
