I don't want to run bearerbox as root
We are using Kannel 0.10.3. For security reasons we are trying to run all kannel boxes as nobody (or any non root, for example kannel). There is no problem with sms and wap boxes. They are runnning as user kannel. When we tried to run bearerbox as user kannel other boxes could not connect to it. The connection refused 111 error is obtained. Of course, we have started bearerbox before other boxes. You can see the used startup script at the and of the message. Thanks! Miroslav #! /bin/sh # kannelStartup script for the Kannel WAP and SMS Gateway # # Written by Andres Seco [EMAIL PROTECTED] using # the skeleton provided by Miquel van Smoorenburg and # Ian Murdock in Debian GNU/Linux 2.1 (slink) # modified with paragraphs from diald startup script # in Debian GNU/Linux 2.2 (potato) # Modified from init script from alamin-server. # # Version: @(#)kannel 1.0 19-Aug-2001 [EMAIL PROTECTED] # PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin RUNBOX=/usr/local/bin/run_kannel_box-0.10.3 DAEMONA=/usr/local/bin/bearerbox-0.10.3 DAEMONB=/usr/local/bin/wapbox-0.10.3 DAEMONC=/usr/local/bin/smsbox-0.10.3 NAMEA=bearerbox NAMEB=wapbox NAMEC=smsbox PIDA=kannel/bearerbox PIDB=kannel/wapbox PIDC=kannel/smsbox DESC=Kannel WAP and SMS Gateway CONF=/usr/local/bin/m20.conf USER=kannel test -f $DAEMONA || exit 0 test -f $DAEMONB || exit 0 test -f $DAEMONC || exit 0 test -f $CONF || exit 0 set -e case $1 in start) echo -n Starting $DESC: start-stop-daemon --start --quiet \ --pidfile /var/run/$PIDA.pid \ --exec $RUNBOX \ -- \ --pidfile /var/run/$PIDA.pid \ $DAEMONA $CONF echo -n $NAMEA sleep 10 start-stop-daemon --start --quiet \ --chuid $USER \ --pidfile /var/run/$PIDB.pid \ --exec $RUNBOX \ -- \ --pidfile /var/run/$PIDB.pid \ $DAEMONB $CONF echo -n $NAMEB sleep 5 start-stop-daemon --start --quiet \ --chuid $USER \ --pidfile /var/run/$PIDC.pid \ --exec $RUNBOX \ -- \ --pidfile /var/run/$PIDC.pid \ $DAEMONC $CONF echo -n $NAMEC echo . ;; stop) echo -n Stopping $DESC: start-stop-daemon --stop --quiet --oknodo \ --pidfile /var/run/$PIDC.pid \ --exec $RUNBOX echo -n $NAMEC start-stop-daemon --stop --quiet --oknodo \ --pidfile /var/run/$PIDB.pid \ --exec $RUNBOX echo -n $NAMEB start-stop-daemon --stop --quiet --oknodo \ --pidfile /var/run/$PIDA.pid \ --exec $RUNBOX echo -n $NAMEA echo . ;; reload|force-reload|restart) $0 stop sleep 2 $0 start ;; *) N=/etc/init.d/$NAME echo Usage: $N {start|stop|restart|reload|force-reload} 2 exit 1 ;; esac exit 0
RE: I don't want to run bearerbox as root
It depends on your port configuration - non-root processes cannot open ports under 1024. we have been running Kannel as a single user successfuly on a number of linux machines. Oded Arbel m-Wise Inc. [EMAIL PROTECTED] -- The widest thing in the universe is not space, it is the potential capacity of the human heart. -- A. W. Tozer -Original Message- From: Miroslav Vrankic [mailto:[EMAIL PROTECTED]] Sent: Friday, February 15, 2002 2:25 PM To: [EMAIL PROTECTED] Subject: I don't want to run bearerbox as root We are using Kannel 0.10.3. For security reasons we are trying to run all kannel boxes as nobody (or any non root, for example kannel). There is no problem with sms and wap boxes. They are runnning as user kannel. When we tried to run bearerbox as user kannel other boxes could not connect to it. The connection refused 111 error is obtained. Of course, we have started bearerbox before other boxes. You can see the used startup script at the and of the message. Thanks! Miroslav #! /bin/sh # kannelStartup script for the Kannel WAP and SMS Gateway # # Written by Andres Seco [EMAIL PROTECTED] using # the skeleton provided by Miquel van Smoorenburg and # Ian Murdock in Debian GNU/Linux 2.1 (slink) # modified with paragraphs from diald startup script # in Debian GNU/Linux 2.2 (potato) # Modified from init script from alamin-server. # # Version: @(#)kannel 1.0 19-Aug-2001 [EMAIL PROTECTED] # PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin RUNBOX=/usr/local/bin/run_kannel_box-0.10.3 DAEMONA=/usr/local/bin/bearerbox-0.10.3 DAEMONB=/usr/local/bin/wapbox-0.10.3 DAEMONC=/usr/local/bin/smsbox-0.10.3 NAMEA=bearerbox NAMEB=wapbox NAMEC=smsbox PIDA=kannel/bearerbox PIDB=kannel/wapbox PIDC=kannel/smsbox DESC=Kannel WAP and SMS Gateway CONF=/usr/local/bin/m20.conf USER=kannel test -f $DAEMONA || exit 0 test -f $DAEMONB || exit 0 test -f $DAEMONC || exit 0 test -f $CONF || exit 0 set -e case $1 in start) echo -n Starting $DESC: start-stop-daemon --start --quiet \ --pidfile /var/run/$PIDA.pid \ --exec $RUNBOX \ -- \ --pidfile /var/run/$PIDA.pid \ $DAEMONA $CONF echo -n $NAMEA sleep 10 start-stop-daemon --start --quiet \ --chuid $USER \ --pidfile /var/run/$PIDB.pid \ --exec $RUNBOX \ -- \ --pidfile /var/run/$PIDB.pid \ $DAEMONB $CONF echo -n $NAMEB sleep 5 start-stop-daemon --start --quiet \ --chuid $USER \ --pidfile /var/run/$PIDC.pid \ --exec $RUNBOX \ -- \ --pidfile /var/run/$PIDC.pid \ $DAEMONC $CONF echo -n $NAMEC echo . ;; stop) echo -n Stopping $DESC: start-stop-daemon --stop --quiet --oknodo \ --pidfile /var/run/$PIDC.pid \ --exec $RUNBOX echo -n $NAMEC start-stop-daemon --stop --quiet --oknodo \ --pidfile /var/run/$PIDB.pid \ --exec $RUNBOX echo -n $NAMEB start-stop-daemon --stop --quiet --oknodo \ --pidfile /var/run/$PIDA.pid \ --exec $RUNBOX echo -n $NAMEA echo . ;; reload|force-reload|restart) $0 stop sleep 2 $0 start ;; *) N=/etc/init.d/$NAME echo Usage: $N {start|stop|restart|reload|force-reload} 2 exit 1 ;; esac exit 0
Re: I don't want to run bearerbox as root
On Fri, Feb 15, 2002 at 01:24:43PM +0100, Miroslav Vrankic wrote: When we tried to run bearerbox as user kannel other boxes could not connect to it. You didn't attach your config file (or log file), but from this line: CONF=/usr/local/bin/m20.conf it looks like you're using a Siemens M20. Check the permissions on the serial port device (e.g. /dev/ttyS0) to make sure the kannel user can access it. Dave -- David Holland =*= Systems Manager =*= tel: +44 01223 478900 http://www.3glab.com/ =*= 3G Lab, UK =*= fax: +44 01223 478901 If you lie to the compiler, it will get its revenge. -- Henry Spencer
Re: I don't want to run bearerbox as root
Miroslav Vrankic wrote: We are using Kannel 0.10.3. ajme meni, zar koristite taku statu verziu :)) -- najbolje uzmite trenutno CVS stablo, koje je najbolje sta se tice stabiliteta. (some croatian for those who are interested :) Stipe [EMAIL PROTECTED] --- Wapme Systems AG Münsterstr. 248 40470 Düsseldorf Tel: +49-211-74845-0 Fax: +49-211-74845-299 E-Mail: [EMAIL PROTECTED] Internet: http://www.wapme-systems.de --- wapme.net - wherever you are
Re: smsbox_req_sendota broken?
Angel Fradejas wrote: I see the point Stipe, thanks for your response. But before calling ota_tokenize_ we have all this smsc = http_cgi_variable(list, smsc); if (urltrans_forced_smsc(t)) { msg-sms.smsc_id = octstr_duplicate(urltrans_forced_smsc(t)); if (smsc) info(0, send-sms request smsc id ignored, as smsc id forced to %s, octstr_get_cstr(urltrans_forced_smsc(t))); } else if (smsc) { msg-sms.smsc_id = octstr_duplicate(smsc); } else if (urltrans_default_smsc(t)) { msg-sms.smsc_id = octstr_duplicate(urltrans_default_smsc(t)); } else msg-sms.smsc_id = NULL; That's why I said the function was broken. Take a look again please and correct me if I'm wrong. yep, you are right. It seems I copied the urltrans_forced_smsc() issue over into this without noticing that we end up in a messed and non create msg structure :((( This is definitly a bug! Stipe [EMAIL PROTECTED] --- Wapme Systems AG Münsterstr. 248 40470 Düsseldorf Tel: +49-211-74845-0 Fax: +49-211-74845-299 E-Mail: [EMAIL PROTECTED] Internet: http://www.wapme-systems.de --- wapme.net - wherever you are
Re: I don't want to run bearerbox as root
Stipe, what other languages do you speak ? Did St.Valentine's day impressed you that much ? Lol :) - Original Message - From: Stipe Tolj [EMAIL PROTECTED] To: Miroslav Vrankic [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Friday, February 15, 2002 9:02 AM Subject: Re: I don't want to run bearerbox as root Miroslav Vrankic wrote: We are using Kannel 0.10.3. ajme meni, zar koristite taku statu verziu :)) -- najbolje uzmite trenutno CVS stablo, koje je najbolje sta se tice stabiliteta. (some croatian for those who are interested :) Stipe [EMAIL PROTECTED] --- Wapme Systems AG Münsterstr. 248 40470 Düsseldorf Tel: +49-211-74845-0 Fax: +49-211-74845-299 E-Mail: [EMAIL PROTECTED] Internet: http://www.wapme-systems.de --- wapme.net - wherever you are
PDU to 7-bit
I know this sounds rather newbie, please someone have the patience to refer me to a document at least. I've got 8-bit PDU's already constructed and ready to send to telephones. Logos, tunes, EMS, you name it. Kannel sends as UDH + 7-bit text, split into SMS. Or does it? Is there a set of config switches I can use to either send the 8-bit PDU as-is, or have Kannel internally convert all to UDH + 7-bit user data? Is this done as an OTA send? I can't tell. This is probably an FAQ, but after spending all morning reading specs I can't answer it. Thanks in advance, Steve
Re: segmentation fault
Hi Angel, yes I figured that out already ;-) Is it fixed in current cvs? Have a nice weekend everybody! /Peter Lofman - Original Message - From: Angel Fradejas [EMAIL PROTECTED] To: Peter Löfman [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Thursday, February 14, 2002 5:26 PM Subject: RE: segmentation fault Peter, take a look at my recent posts about smsbox_req_sendota broken?. I guess that is the problem. Angel Fradejas. -Mensaje original- De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]En nombre de Peter Löfman Enviado el: lunes 11 de febrero de 2002 19:41 Para: [EMAIL PROTECTED] Asunto: segmentation fault Hi, with latest cvs smsbox crashes with error message segmentation fault when i try to send xml ota configuration message. With the EXACT same configuration with about one week old cvs it is working perfectly! What can be the problem? /Peter Lofman