Re: [asterisk-users] Running as non-root
On Sun, Oct 23, 2011 at 3:16 PM, Tzafrir Cohen wrote: > On Wed, Oct 19, 2011 at 10:11:08AM -0400, David Backeberg wrote: > >> If you use DAHDI, you need to change ownership of /dev/dahdi/* to the >> non-root owner. I ended up rolling that into the init script for >> dahdi. > > The init script of DAHDI or asterisk is the wrong place for that. > > If you're one of those who actually uses static files, you set their > permissions at creation time or whenever. > > The rest of you: set the permissions in udev rules, as in the ones > included with DAHDI. This avoids any potential races and unnecessary > work. Thanks for the tip. I just noticed that the permissions 'came undone' if I did a DAHDI reload, so it seemed like the right place. For the record, I'm also using SNMP with asterisk, also as non-root, and I'm also having a problem with /var/lib/masterx or whatever also reverting to being owned by root. And again, my presumptive fix is to put the chown directly into the SNMP script. Ideas? -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Running as non-root
-Original Message- From: asterisk-users-boun...@lists.digium.com [mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Tzafrir Cohen Sent: den 23 oktober 2011 21:19 To: asterisk-users@lists.digium.com Subject: Re: [asterisk-users] Running as non-root > On Thu, Oct 20, 2011 at 09:02:14AM +0200, Torbjörn Abrahamsson wrote: > > Thanks for all answers. > > > > One further question: If I run Asterisk as root, and set its group in > > asterisk.conf to apache, and make no changes to file/folder permissions, > > will I be able to run "asterisk -rx 'clicmd'" from a php-script (running as > > user apache with group apache)? > > 1. Why would you want to run Asterisk as root? I wouldn't. But if my efforts to run asterisk as non root would hit a snag permission wise, this might be something I would consider. > 2. Why set the group to apache (if you're root anyway why do you care)? It is not asterisk's permission to do things I am worried about. I want Apache to be able to issue asterisk cli-commands, like a reload after something crucial has changed in the web config. I am trying to ascertain if setting asterisk to run as group apache will be sufficient (actually regardless if asterisk runs as root or not), or if I still need to change permissions of files. In an other installation (this one made from RPMs, so non-root has been taken care of already) we have set apache to run as the same user as asterisk. > 3. If asterisk.ctl has the proper permissions, other users may issue > some CLI commands, see cli_permissions.conf . Will look at this, thanks! BR, Torbjörn Abrahamsson -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Running as non-root
On Thu, Oct 20, 2011 at 09:02:14AM +0200, Torbjörn Abrahamsson wrote: > Thanks for all answers. > > One further question: If I run Asterisk as root, and set its group in > asterisk.conf to apache, and make no changes to file/folder permissions, > will I be able to run "asterisk -rx 'clicmd'" from a php-script (running as > user apache with group apache)? 1. Why would you want to run Asterisk as root? 2. Why set the group to apache (if you're root anyway why do you care)? 3. If asterisk.ctl has the proper permissions, other users may issue some CLI commands, see cli_permissions.conf . -- Tzafrir Cohen icq#16849755 jabber:tzafrir.co...@xorcom.com +972-50-7952406 mailto:tzafrir.co...@xorcom.com http://www.xorcom.com iax:gu...@local.xorcom.com/tzafrir -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Running as non-root
On Wed, Oct 19, 2011 at 10:11:08AM -0400, David Backeberg wrote: > If you use DAHDI, you need to change ownership of /dev/dahdi/* to the > non-root owner. I ended up rolling that into the init script for > dahdi. The init script of DAHDI or asterisk is the wrong place for that. If you're one of those who actually uses static files, you set their permissions at creation time or whenever. The rest of you: set the permissions in udev rules, as in the ones included with DAHDI. This avoids any potential races and unnecessary work. -- Tzafrir Cohen icq#16849755 jabber:tzafrir.co...@xorcom.com +972-50-7952406 mailto:tzafrir.co...@xorcom.com http://www.xorcom.com iax:gu...@local.xorcom.com/tzafrir -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Running as non-root
2011/10/19 Paul Belanger > Later out I found to properly use snmp you actually need to run > asterisk as root. > > Hi, Can you elaborate a bit ? Which SNMP feature requires to run asterisk as root ? Regards -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Running as non-root
Thanks for all answers. One further question: If I run Asterisk as root, and set its group in asterisk.conf to apache, and make no changes to file/folder permissions, will I be able to run "asterisk -rx 'clicmd'" from a php-script (running as user apache with group apache)? BR, Torbjörn Abrahamsson > -Original Message- > From: asterisk-users-boun...@lists.digium.com [mailto:asterisk-users- > boun...@lists.digium.com] On Behalf Of Paul Belanger > Sent: Wednesday, October 19, 2011 4:19 PM > To: Asterisk Users Mailing List - Non-Commercial Discussion > Subject: Re: [asterisk-users] Running as non-root > > On 11-10-19 05:50 AM, Torbjörn Abrahamsson wrote: > > Hello. > > > > I would like to run asterisk as an user other than root. I have seen > some > > tutorials on the web, but I would like to know if there is some > official > > how-to for this. Is there? > > > > I looked at a thread on reviewboard regarding this > > (https://reviewboard.asterisk.org/r/654/). It was Paul Belangers work > trying > > to make the installation process take care of this. But the > conclusion seem > > to be that the parts concerning this was postponed. So, did it make > it in > > some other way? > > > My original goal for that patch was to have asterisk do most of the leg > work setting up the host for a non-root install. At the time I didn't > think any specific part of asterisk actually required root permissions. > Later out I found to properly use snmp you actually need to run > asterisk as root. > > There was also some logic added to the configure script but in the end > it would have been too much work trying to manage all the was to add > users in the different operating systems. > > I had planned to add a script into contrib folder for it, but sadly > never got around to it. Perhaps I'll spend some time on it at > Astricon. > > -- > Paul Belanger > Digium, Inc. | Software Developer > twitter: pabelanger | IRC: pabelanger (Freenode) > Check us out at: http://digium.com & http://asterisk.org > > -- > _ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: >http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: >http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Running as non-root
On 11-10-19 05:50 AM, Torbjörn Abrahamsson wrote: Hello. I would like to run asterisk as an user other than root. I have seen some tutorials on the web, but I would like to know if there is some “official” how-to for this. Is there? I looked at a thread on reviewboard regarding this (https://reviewboard.asterisk.org/r/654/). It was Paul Belangers work trying to make the installation process take care of this. But the conclusion seem to be that the parts concerning this was postponed. So, did it make it in some other way? My original goal for that patch was to have asterisk do most of the leg work setting up the host for a non-root install. At the time I didn't think any specific part of asterisk actually required root permissions. Later out I found to properly use snmp you actually need to run asterisk as root. There was also some logic added to the configure script but in the end it would have been too much work trying to manage all the was to add users in the different operating systems. I had planned to add a script into contrib folder for it, but sadly never got around to it. Perhaps I'll spend some time on it at Astricon. -- Paul Belanger Digium, Inc. | Software Developer twitter: pabelanger | IRC: pabelanger (Freenode) Check us out at: http://digium.com & http://asterisk.org -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Running as non-root
On Wed, Oct 19, 2011 at 7:19 AM, Torbjörn Abrahamsson wrote: > Thank you, I actually found the asterisk.conf settings after sending the > mail. So next question is which folders/files do I need to change ownership > of to make it work? > > > > /etc/asterisk > > /var/lib/asterisk > > /usr/lib/asterisk > > /var/spool/asterisk > > /var/log/asterisk > > > > And the files in them of course… Any more? Any that should not be in the > list above? If you use DAHDI, you need to change ownership of /dev/dahdi/* to the non-root owner. I ended up rolling that into the init script for dahdi. -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Running as non-root
Thank you, I actually found the asterisk.conf settings after sending the mail. So next question is which folders/files do I need to change ownership of to make it work? /etc/asterisk /var/lib/asterisk /usr/lib/asterisk /var/spool/asterisk /var/log/asterisk And the files in them of course Any more? Any that should not be in the list above? In asterisk.conf I am using the following: runuser = asterisk rungroup = asterisk Is this sufficient? Br, Torbjörn Abrahamsson From: asterisk-users-boun...@lists.digium.com [mailto:asterisk-users-boun...@lists.digium.com] On Behalf Of Anton Kvashenkin Sent: Wednesday, October 19, 2011 12:11 PM To: Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [asterisk-users] Running as non-root What do you use _now_ to run asterisk: safe_asterisk, init-script, from command-line? What distribution do you use? To run asterisk from command line as user "asterisk", just run asterisk -U asterisk (asterisk user should be created), or edit /etc/asterisk.conf to run as user "asterisk". In production you preffer running init script. 2011/10/19 Torbjörn Abrahamsson Hello. I would like to run asterisk as an user other than root. I have seen some tutorials on the web, but I would like to know if there is some official how-to for this. Is there? I looked at a thread on reviewboard regarding this (https://reviewboard.asterisk.org/r/654/). It was Paul Belangers work trying to make the installation process take care of this. But the conclusion seem to be that the parts concerning this was postponed. So, did it make it in some other way? BR, Torbjörn Abrahamsson -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Running as non-root
What do you use _now_ to run asterisk: safe_asterisk, init-script, from command-line? What distribution do you use? To run asterisk from command line as user "asterisk", just run asterisk -U asterisk (asterisk user should be created), or edit /etc/asterisk.conf to run as user "asterisk". In production you preffer running init script. 2011/10/19 Torbjörn Abrahamsson > Hello. > > ** ** > > I would like to run asterisk as an user other than root. I have seen some > tutorials on the web, but I would like to know if there is some “official” > how-to for this. Is there? > > ** ** > > I looked at a thread on reviewboard regarding this ( > https://reviewboard.asterisk.org/r/654/). It was Paul Belangers work > trying to make the installation process take care of this. But the > conclusion seem to be that the parts concerning this was postponed. So, did > it make it in some other way? > > ** ** > > BR, > > Torbjörn Abrahamsson > > ** ** > > ** ** > > -- > _ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users > -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] Running as non-root
Hello. I would like to run asterisk as an user other than root. I have seen some tutorials on the web, but I would like to know if there is some official how-to for this. Is there? I looked at a thread on reviewboard regarding this (https://reviewboard.asterisk.org/r/654/). It was Paul Belangers work trying to make the installation process take care of this. But the conclusion seem to be that the parts concerning this was postponed. So, did it make it in some other way? BR, Torbjörn Abrahamsson -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [Asterisk-Users] Running as non-root user ( was: Vmail.cgi Bahhh!!)
Justin wrote: Olle, That's a great start but as the documentation states: NOTE: this requires substantial work to be sure that Asterisk's environment has permission to write the files required for its operation, including logs, its comm socket, the asterisk database, etc. Can that be made easier or is that just the way it is? Of course it can be made easier. Create a script, add it to the bug tracker and it may be included in the CVS, where we have a lot of scripts for various platforms. It may also be something for Linux distros and FreeBSD ports to handle for each operating system. /O ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [Asterisk-Users] Running as non-root user ( was: Vmail.cgi Bahhh!!)
Olle, That's a great start but as the documentation states: NOTE: this requires substantial work to be sure that Asterisk's environment has permission to write the files required for its operation, including logs, its comm socket, the asterisk database, etc. Can that be made easier or is that just the way it is? - Justin On Wed, 20 Oct 2004, Olle E. Johansson wrote: > Justin wrote: > > > It is great that this documentation is out there, and that * > > supports this. However I think in an ideal world this would be inherently > > supported by * and ideally setup via config file like with apache: > > > > User www > > Group www > From the Asterisk man page: > > asterisk [ -hfdvVqpRgcin ] [ -C file ] [ -U user ] [ -G group ] [ -x > command ] > > Reading documentation actually helps :-) > > /O > ___ > Asterisk-Users mailing list > [EMAIL PROTECTED] > http://lists.digium.com/mailman/listinfo/asterisk-users > To UNSUBSCRIBE or update options visit: >http://lists.digium.com/mailman/listinfo/asterisk-users > ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [Asterisk-Users] Running as non-root user ( was: Vmail.cgi Bahhh!!)
Justin wrote: It is great that this documentation is out there, and that * supports this. However I think in an ideal world this would be inherently supported by * and ideally setup via config file like with apache: User www Group www From the Asterisk man page: asterisk [ -hfdvVqpRgcin ] [ -C file ] [ -U user ] [ -G group ] [ -x command ] Reading documentation actually helps :-) /O ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [Asterisk-Users] Running as non-root user ( was: Vmail.cgiBahhh!!)
Kristian Kielhofner said: > This is well documented in the wiki and elsewhere. Yes, I know. I even quoted it in my note ;) What I'm suggesting is that it should do so by default, not with some additional changes to the standard installation. Please don't flame me for this but there are far too many sysadmins out there that do exactly what the installation notes of a package tell them to do without even the first look into the potential issues. How many of us look at the spec files of the RPMs (or the equivalent for your distro) we install? All I'm suggesting is that some responsibility lies upon software developers and packagers to follow common and well established guidelines for limiting potential impacts of the products they create. In this case, I would prefer if it the stock installation instructions (and RPM spec files) would create the asterisk user/group and install the files/devices using them. Just my $0.02. Paul PS: I realize there are "functional" issues that still need to be addressed in the software and that these "packaging" issue are lower on the priority list. -- Paul A. Dugas Dugas Enterprises, LLC email: [EMAIL PROTECTED]1711 Indian Ridge Drive phone: 404.932.1355 fax: 770.516-4841 Woodstock, GA 30189 USA [ onsite at the Georgia DOT's West Annex, 404.463.2860 x158 ] ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [Asterisk-Users] Running as non-root user ( was: Vmail.cgi Bahhh!!)
Hi Kristian, It is great that this documentation is out there, and that * supports this. However I think in an ideal world this would be inherently supported by * and ideally setup via config file like with apache: User www Group www Or some other equivalent method. My problem with the existing approach is that when things change I have to remember to modify my Makefile, and figure out what newly added files/directories need permission changes. That being said I'm no professional sysadmin so maybe I'm missing the boat here. - Justin On Wed, 20 Oct 2004, Kristian Kielhofner wrote: > Paul Dugas wrote: > > Being fairly retentive about security and a long time admin of Solaris and > > Linux machines, I find the default behaviour of * running as root > > troubling. Forgive the potential offense but I don't trust *anyone* > > (including myself unless I have to) with root access. If * is to become a > > product for the world of system admins to manage and monitor, it needs to > > have this problem addressed. > > > > It seems to me that given proper permissions in the installer for the > > files and devices (as Ryan suggested below), we may be able to achieve > > much of this rather painlessly. The TCP ports * listens on are all above > > 1024 I think so that's not an issue. What are the chances of seeing this > > in a 1.1 release? > > > > Paul > > "Retentive Boy" > > > > Paul, > > This is well documented in the wiki and elsewhere. You can run > asterisk as any user (preferably asterisk, obviously). All you really > need to do is change ASTVARRUNDIR=/var/run/asterisk in the Makefile, > recompile, change safe_asterisk (maybe /etc/init.d/asterisk) to use user > asterisk and group asterisk. Then find something to change all the > necessary permissions: > > chown --recursive asterisk:asterisk /var/lib/asterisk > chown --recursive asterisk:asterisk /var/log/asterisk > chown --recursive asterisk:asterisk /var/run/asterisk > chown --recursive asterisk:asterisk /var/spool/asterisk > chown --recursive asterisk:asterisk /dev/zap > chmod --recursive u=rwX,g=rX,o= /var/lib/asterisk > chmod --recursive u=rwX,g=rX,o= /var/log/asterisk > chmod --recursive u=rwX,g=rX,o= /var/run/asterisk > chmod --recursive u=rwX,g=rX,o= /var/spool/asterisk > chmod --recursive u=rwX,g=rX,o= /dev/zap > > chown --recursive root:asterisk /etc/asterisk > chmod --recursive u=rwX,g=rX,o= /etc/asterisk > > -- > Kristian Kielhofner > ___ > Asterisk-Users mailing list > [EMAIL PROTECTED] > http://lists.digium.com/mailman/listinfo/asterisk-users > To UNSUBSCRIBE or update options visit: >http://lists.digium.com/mailman/listinfo/asterisk-users > ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [Asterisk-Users] Running as non-root user ( was: Vmail.cgi Bahhh!!)
Paul Dugas wrote: Being fairly retentive about security and a long time admin of Solaris and Linux machines, I find the default behaviour of * running as root troubling. Forgive the potential offense but I don't trust *anyone* (including myself unless I have to) with root access. If * is to become a product for the world of system admins to manage and monitor, it needs to have this problem addressed. It seems to me that given proper permissions in the installer for the files and devices (as Ryan suggested below), we may be able to achieve much of this rather painlessly. The TCP ports * listens on are all above 1024 I think so that's not an issue. What are the chances of seeing this in a 1.1 release? Paul "Retentive Boy" Paul, This is well documented in the wiki and elsewhere. You can run asterisk as any user (preferably asterisk, obviously). All you really need to do is change ASTVARRUNDIR=/var/run/asterisk in the Makefile, recompile, change safe_asterisk (maybe /etc/init.d/asterisk) to use user asterisk and group asterisk. Then find something to change all the necessary permissions: chown --recursive asterisk:asterisk /var/lib/asterisk chown --recursive asterisk:asterisk /var/log/asterisk chown --recursive asterisk:asterisk /var/run/asterisk chown --recursive asterisk:asterisk /var/spool/asterisk chown --recursive asterisk:asterisk /dev/zap chmod --recursive u=rwX,g=rX,o= /var/lib/asterisk chmod --recursive u=rwX,g=rX,o= /var/log/asterisk chmod --recursive u=rwX,g=rX,o= /var/run/asterisk chmod --recursive u=rwX,g=rX,o= /var/spool/asterisk chmod --recursive u=rwX,g=rX,o= /dev/zap chown --recursive root:asterisk /etc/asterisk chmod --recursive u=rwX,g=rX,o= /etc/asterisk -- Kristian Kielhofner ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[Asterisk-Users] Running as non-root user ( was: Vmail.cgi Bahhh!!)
Being fairly retentive about security and a long time admin of Solaris and Linux machines, I find the default behaviour of * running as root troubling. Forgive the potential offense but I don't trust *anyone* (including myself unless I have to) with root access. If * is to become a product for the world of system admins to manage and monitor, it needs to have this problem addressed. It seems to me that given proper permissions in the installer for the files and devices (as Ryan suggested below), we may be able to achieve much of this rather painlessly. The TCP ports * listens on are all above 1024 I think so that's not an issue. What are the chances of seeing this in a 1.1 release? Paul "Retentive Boy" Ryan Courtnage said: > Modify *'s top-level Makefile to make ASTVARRUNDIR = /var/run/asterisk > > Build and install * (as root) > > Assuming your Asterisk user/group is 'asterisk', do the following: > > chown -R asterisk:asterisk /var/run/asterisk > chown -R asterisk:asterisk /etc/asterisk > chown -R asterisk:asterisk /var/lib/asterisk > chown -R asterisk:asterisk /var/log/asterisk > chown -R asterisk:asterisk /var/spool/asterisk > chown -R asterisk:asterisk /dev/zap > chown asterisk /dev/tty9 > > Then modify apache to also run as 'asterisk'. > > If you want a real-world example or a step-by-step for doing this, check > out our AMP project (amp.voxbox.ca). -- Paul A. Dugas Dugas Enterprises, LLC email: [EMAIL PROTECTED]1711 Indian Ridge Drive phone: 404.932.1355 fax: 770.516-4841 Woodstock, GA 30189 USA [ onsite at the Georgia DOT's West Annex, 404.463.2860 x158 ] ___ Asterisk-Users mailing list [EMAIL PROTECTED] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users