subject:"\[asterisk\-users\] Asterisk installation script on CentOS7 with systemd"

Re: [asterisk-users] Asterisk installation script on CentOS7 with systemd [SOLVED]

2016-12-20 Thread Tzafrir Cohen

On Mon, Dec 19, 2016 at 05:10:42PM +0100, Olivier wrote:

> Thanks for the tip:
> changing to permissive mode made it !
> 
> Using methods suggested in [1], do you think its possible and worth the
> effort to configure SELinux to work with Asterisk/Systemd in Enforcing mode
> ?
> 
> [1] https://wiki.centos.org/HowTos/SELinux

I think it should be possible. IIRC I once gave it a shot and was mildly
successful, but eventually gave up due to issues related to interaction
with Apache. If you do run into a problem, I wonder what it is.

-- 
   Tzafrir Cohen
icq#16849755  jabber:tzafrir.co...@xorcom.com
+972-50-7952406   mailto:tzafrir.co...@xorcom.com
http://www.xorcom.com

-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

Check out the new Asterisk community forum at: https://community.asterisk.org/

New to Asterisk? Start here:
  https://wiki.asterisk.org/wiki/display/AST/Getting+Started

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Asterisk installation script on CentOS7 with systemd

2016-12-20 Thread Tzafrir Cohen

On Mon, Dec 19, 2016 at 03:54:47PM +0100, Olivier wrote:
> Hello,
> 
> For a new project, I'm adapting existing installation script to CentOS 7.
> I must admit I don't understand how to adapt things to systemd.
> 
> Here are my questions:
> 
> 1. I don't see any systemd sub-directory in asterisk-13.13.1/contrib.
> Do you think such directory and matching Makefile target could be useful ?
> 
> 2. Should /run/asterisk directory creation be left to systemd or done by
> installation script before running "systemctl start asterisk"  ?
> 
> 3. I edited the following /etc/systemd/system:asterisk.service file:
> [Unit]
> Description=Asterisk PBX and telephony daemon.
> After=network.target
> 
> [Service]
> Type=forking
> PIDFile=/var/run/asterisk/asterisk.pid

Remove those two (or get latest version with sd_notify support, make
sure it works, and use 'Type=notify')

> Environment=HOME=/var/lib/asterisk
> WorkingDirectory=/var/lib/asterisk
> ExecStart=/usr/sbin/asterisk -vvvgF -U asterisk -G asterisk -C

Drop -F as well

> /etc/asterisk/asterisk.conf
> #ExecStart=/usr/sbin/asterisk -vvvgF -C /etc/asterisk/asterisk.conf
> ExecStop=/usr/sbin/asterisk -rx 'core stop now'

I'm trying to think if this is needed. Anything wrong with just letting
systemd kill asterisk and all of its child precesses?

> ExecReload=/usr/sbin/asterisk -rx 'core reload'

Also, IIRC:

User=asterisk

-- 
   Tzafrir Cohen
icq#16849755  jabber:tzafrir.co...@xorcom.com
+972-50-7952406   mailto:tzafrir.co...@xorcom.com
http://www.xorcom.com

-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

Check out the new Asterisk community forum at: https://community.asterisk.org/

New to Asterisk? Start here:
  https://wiki.asterisk.org/wiki/display/AST/Getting+Started

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Asterisk installation script on CentOS7 with systemd [SOLVED]

2016-12-19 Thread Jean Aunis


Le 19/12/2016 à 17:10, Olivier a écrit :



2016-12-19 16:11 GMT+01:00 Jean Aunis >:


Le 19/12/2016 à 15:54, Olivier a écrit :



Running systemctl start asterisk fails with :
Dec 19 15:43:08 foobar systemd: PID file
/var/run/asterisk/asterisk.pid not readable (yet?) after start.
Dec 19 15:43:09 foobar systemd: asterisk.service: main process
exited, code=exited, status=1/FAILURE
Dec 19 15:43:09 foobar asterisk: Unable to connect to remote
asterisk (does /var/run/asterisk/asterisk.ctl exist?)
Dec 19 15:43:09 foobar systemd: asterisk.service: control process
exited, code=exited status=1
Dec 19 15:43:09 foobar systemd: Unit asterisk.service entered
failed state.
Dec 19 15:43:09 foobar systemd: asterisk.service failed.


But /usr/sbin/asterisk -vvvgF -U asterisk -G asterisk -C
/etc/asterisk/asterisk.conf succeeds:
# rasterisk
Asterisk 13.13.1, Copyright (C) 1999 - 2014, Digium, Inc. and others.
...
=
Running as user 'asterisk'
Running under group 'asterisk'
Connected to Asterisk 13.13.1 currently running on ...

Any hint or help on how to debug this ?
(I tried with and without any /run/asterisk directory owned by
asterisk.asterisk)


Best regards




Hello,

Make sure that selinux is disabled, or in "permissive" mode.
Otherwise it will prevent asterisk from starting.


Thanks for the tip:
changing to permissive mode made it !

Using methods suggested in [1], do you think its possible and worth 
the effort to configure SELinux to work with Asterisk/Systemd in 
Enforcing mode ?

A quick look in various tuto all disable SELinux.



[1] https://wiki.centos.org/HowTos/SELinux



I never spent time to figure out how selinux should be configured for 
Asterisk, but it is certainly possible to do something clean about that. 
I noticed that, when I install Asterisk with a custom-made RPM package, 
SELinux will stop blocking it. I guess RPM has some magic embedded into 
it to configure SELinux with the proper rules.


Still, is it worth the effort ? Probably not if you consider Asterisk 
alone : as it is running with the unprivileged user asterisk, the 
standard Linux permissions will protect your system if Asterisk is attacked.
But considering your system as a whole, disabling selinux may not be a 
good idea : other processes may required to be secured with the selinux 
stuff.


I'm not an IT security expert, so please consider what I wrote above 
with caution.
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

Check out the new Asterisk community forum at: https://community.asterisk.org/

New to Asterisk? Start here:
  https://wiki.asterisk.org/wiki/display/AST/Getting+Started

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Asterisk installation script on CentOS7 with systemd [SOLVED]

2016-12-19 Thread Olivier

2016-12-19 16:11 GMT+01:00 Jean Aunis :

> Le 19/12/2016 à 15:54, Olivier a écrit :
>
> Hello,
>
> For a new project, I'm adapting existing installation script to CentOS 7.
> I must admit I don't understand how to adapt things to systemd.
>
> Here are my questions:
>
> 1. I don't see any systemd sub-directory in asterisk-13.13.1/contrib.
> Do you think such directory and matching Makefile target could be useful ?
>
> 2. Should /run/asterisk directory creation be left to systemd or done by
> installation script before running "systemctl start asterisk"  ?
>
> 3. I edited the following /etc/systemd/system:asterisk.service file:
> [Unit]
> Description=Asterisk PBX and telephony daemon.
> After=network.target
>
> [Service]
> Type=forking
> PIDFile=/var/run/asterisk/asterisk.pid
> Environment=HOME=/var/lib/asterisk
> WorkingDirectory=/var/lib/asterisk
> ExecStart=/usr/sbin/asterisk -vvvgF -U asterisk -G asterisk -C
> /etc/asterisk/asterisk.conf
> #ExecStart=/usr/sbin/asterisk -vvvgF -C /etc/asterisk/asterisk.conf
> ExecStop=/usr/sbin/asterisk -rx 'core stop now'
> ExecReload=/usr/sbin/asterisk -rx 'core reload'
>
>
> [Install]
> WantedBy=multi-user.target
>
> Running systemctl start asterisk fails with :
> Dec 19 15:43:08 foobar systemd: PID file /var/run/asterisk/asterisk.pid
> not readable (yet?) after start.
> Dec 19 15:43:09 foobar systemd: asterisk.service: main process exited,
> code=exited, status=1/FAILURE
> Dec 19 15:43:09 foobar asterisk: Unable to connect to remote asterisk
> (does /var/run/asterisk/asterisk.ctl exist?)
> Dec 19 15:43:09 foobar systemd: asterisk.service: control process exited,
> code=exited status=1
> Dec 19 15:43:09 foobar systemd: Unit asterisk.service entered failed state.
> Dec 19 15:43:09 foobar systemd: asterisk.service failed.
>
>
> But /usr/sbin/asterisk -vvvgF -U asterisk -G asterisk -C
> /etc/asterisk/asterisk.conf succeeds:
> # rasterisk
> Asterisk 13.13.1, Copyright (C) 1999 - 2014, Digium, Inc. and others.
> ...
> =
> Running as user 'asterisk'
> Running under group 'asterisk'
> Connected to Asterisk 13.13.1 currently running on ...
>
> Any hint or help on how to debug this ?
> (I tried with and without any /run/asterisk directory owned by
> asterisk.asterisk)
>
>
> Best regards
>
>
>
> Hello,
>
> Make sure that selinux is disabled, or in "permissive" mode. Otherwise it
> will prevent asterisk from starting.
>

Thanks for the tip:
changing to permissive mode made it !

Using methods suggested in [1], do you think its possible and worth the
effort to configure SELinux to work with Asterisk/Systemd in Enforcing mode
?
A quick look in various tuto all disable SELinux.



[1] https://wiki.centos.org/HowTos/SELinux



> Best regards
>
> Jean Aunis
>
> --
> _
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> Check out the new Asterisk community forum at: https://community.asterisk.
> org/
>
> New to Asterisk? Start here:
>   https://wiki.asterisk.org/wiki/display/AST/Getting+Started
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>http://lists.digium.com/mailman/listinfo/asterisk-users
>
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

Check out the new Asterisk community forum at: https://community.asterisk.org/

New to Asterisk? Start here:
  https://wiki.asterisk.org/wiki/display/AST/Getting+Started

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Asterisk installation script on CentOS7 with systemd

2016-12-19 Thread Jean Aunis


Le 19/12/2016 à 15:54, Olivier a écrit :

Hello,

For a new project, I'm adapting existing installation script to CentOS 7.
I must admit I don't understand how to adapt things to systemd.

Here are my questions:

1. I don't see any systemd sub-directory in asterisk-13.13.1/contrib.
Do you think such directory and matching Makefile target could be useful ?

2. Should /run/asterisk directory creation be left to systemd or done 
by installation script before running "systemctl start asterisk"  ?


3. I edited the following /etc/systemd/system:asterisk.service file:
[Unit]
Description=Asterisk PBX and telephony daemon.
After=network.target

[Service]
Type=forking
PIDFile=/var/run/asterisk/asterisk.pid
Environment=HOME=/var/lib/asterisk
WorkingDirectory=/var/lib/asterisk
ExecStart=/usr/sbin/asterisk -vvvgF -U asterisk -G asterisk -C 
/etc/asterisk/asterisk.conf

#ExecStart=/usr/sbin/asterisk -vvvgF -C /etc/asterisk/asterisk.conf
ExecStop=/usr/sbin/asterisk -rx 'core stop now'
ExecReload=/usr/sbin/asterisk -rx 'core reload'


[Install]
WantedBy=multi-user.target

Running systemctl start asterisk fails with :
Dec 19 15:43:08 foobar systemd: PID file 
/var/run/asterisk/asterisk.pid not readable (yet?) after start.
Dec 19 15:43:09 foobar systemd: asterisk.service: main process exited, 
code=exited, status=1/FAILURE
Dec 19 15:43:09 foobar asterisk: Unable to connect to remote asterisk 
(does /var/run/asterisk/asterisk.ctl exist?)
Dec 19 15:43:09 foobar systemd: asterisk.service: control process 
exited, code=exited status=1
Dec 19 15:43:09 foobar systemd: Unit asterisk.service entered failed 
state.

Dec 19 15:43:09 foobar systemd: asterisk.service failed.


But /usr/sbin/asterisk -vvvgF -U asterisk -G asterisk -C 
/etc/asterisk/asterisk.conf succeeds:

# rasterisk
Asterisk 13.13.1, Copyright (C) 1999 - 2014, Digium, Inc. and others.
...
=
Running as user 'asterisk'
Running under group 'asterisk'
Connected to Asterisk 13.13.1 currently running on ...

Any hint or help on how to debug this ?
(I tried with and without any /run/asterisk directory owned by 
asterisk.asterisk)



Best regards




Hello,

Make sure that selinux is disabled, or in "permissive" mode. Otherwise 
it will prevent asterisk from starting.


Best regards

Jean Aunis

-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

Check out the new Asterisk community forum at: https://community.asterisk.org/

New to Asterisk? Start here:
  https://wiki.asterisk.org/wiki/display/AST/Getting+Started

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

[asterisk-users] Asterisk installation script on CentOS7 with systemd

2016-12-19 Thread Olivier

Hello,

For a new project, I'm adapting existing installation script to CentOS 7.
I must admit I don't understand how to adapt things to systemd.

Here are my questions:

1. I don't see any systemd sub-directory in asterisk-13.13.1/contrib.
Do you think such directory and matching Makefile target could be useful ?

2. Should /run/asterisk directory creation be left to systemd or done by
installation script before running "systemctl start asterisk"  ?

3. I edited the following /etc/systemd/system:asterisk.service file:
[Unit]
Description=Asterisk PBX and telephony daemon.
After=network.target

[Service]
Type=forking
PIDFile=/var/run/asterisk/asterisk.pid
Environment=HOME=/var/lib/asterisk
WorkingDirectory=/var/lib/asterisk
ExecStart=/usr/sbin/asterisk -vvvgF -U asterisk -G asterisk -C
/etc/asterisk/asterisk.conf
#ExecStart=/usr/sbin/asterisk -vvvgF -C /etc/asterisk/asterisk.conf
ExecStop=/usr/sbin/asterisk -rx 'core stop now'
ExecReload=/usr/sbin/asterisk -rx 'core reload'


[Install]
WantedBy=multi-user.target

Running systemctl start asterisk fails with :
Dec 19 15:43:08 foobar systemd: PID file /var/run/asterisk/asterisk.pid not
readable (yet?) after start.
Dec 19 15:43:09 foobar systemd: asterisk.service: main process exited,
code=exited, status=1/FAILURE
Dec 19 15:43:09 foobar asterisk: Unable to connect to remote asterisk (does
/var/run/asterisk/asterisk.ctl exist?)
Dec 19 15:43:09 foobar systemd: asterisk.service: control process exited,
code=exited status=1
Dec 19 15:43:09 foobar systemd: Unit asterisk.service entered failed state.
Dec 19 15:43:09 foobar systemd: asterisk.service failed.


But /usr/sbin/asterisk -vvvgF -U asterisk -G asterisk -C
/etc/asterisk/asterisk.conf succeeds:
# rasterisk
Asterisk 13.13.1, Copyright (C) 1999 - 2014, Digium, Inc. and others.
...
=
Running as user 'asterisk'
Running under group 'asterisk'
Connected to Asterisk 13.13.1 currently running on ...

Any hint or help on how to debug this ?
(I tried with and without any /run/asterisk directory owned by
asterisk.asterisk)


Best regards
-- 
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

Check out the new Asterisk community forum at: https://community.asterisk.org/

New to Asterisk? Start here:
  https://wiki.asterisk.org/wiki/display/AST/Getting+Started

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

Re: [asterisk-users] Asterisk installation script on CentOS7 with systemd [SOLVED]

Re: [asterisk-users] Asterisk installation script on CentOS7 with systemd

Re: [asterisk-users] Asterisk installation script on CentOS7 with systemd [SOLVED]

Re: [asterisk-users] Asterisk installation script on CentOS7 with systemd [SOLVED]

Re: [asterisk-users] Asterisk installation script on CentOS7 with systemd

[asterisk-users] Asterisk installation script on CentOS7 with systemd

6 matches

Site Navigation

Mail list logo

Footer information