Hi, In some ways not unlike the discussion around users being installed and later updated ... so I'm guessing I'm going to have varied opinions and feedback on this potentially. Ironically, asterisk was one of those users that had it's home folder (correctly) adjusted from /var/lib/asterisk to /dev/null.
In this case: 1. I would like to update where asterisk stores astdb (partially for security reasons); 2. And on existing installs, /var/{lib,spool}/asterisk may well have what I consider to be insecure ownership and permissions. I have some ideas about the former (below), the latter I have no ideas about. There used to be a "fix permissions" script in the asterisk init script (that was considered to be a security vulnerability, and was removed, not to mention that it didn't exactly set same to be as secure as it can be, and there are legitimate reasons to not use the strictest possible permissions on *some* of the folders beneath both these locations, but most of them should be root:root, and root:asterisk in specific cases, and only in a very few cases asterisk:root possibly). Suggestions on fixing these permissions if (and only if) they were unmodified by the user. And making sure the user is aware of these. Re the former: https://bugs.gentoo.org/761442 relates. History: asterisk project simply used to install everything as asterisk:asterisk. Config files, resource files, everything, irrespective of whether or not runtime required write access or not (I think the exception was the binary and module libraries). This was from upstream project. Myself and a few others started upsetting the apple cart with things like "why are audio files installed writeable by asterisk?". Upstream caught onto this and started fixing some things up (I don't have references, but things have definitely changed). Bottom line: /var/lib/asterisk used to be installed as asterisk:root, 750. It's now being installed as root:root 755 (I'd prefer root:asterisk 750 personally) There are only two pieces of information inside /var/lib/asterisk that needs to (potentially) be writeable by asterisk. 1. astdb.sqlite3 (and it's -journal file which doesn't always exist) 2. coredump/ folder (only required if configured to core dump). The latter is a non-issue since this folder is specifically installed asterisk:root. astdb is a problem, since in order to create the -journal file I need to give write access to asterisk to the folder (which I'd prefer to not do). Disclaimer: Depending on what you're doing there might be motivation to have a few extra specific locations writeable by asterisk beneath /var/lib/asterisk (we do have that, but this should be an explicit action by the administrator in my opinion, if I could I'd install everything there as root:root - which is just about the case currently). What I'd rather prefer to do is to create an additional asterisk:root astdb folder beneath /var/lib/asterisk and have asterisk use that for astdb. This is easy enough to configure, and even to update the default config files. But what to do with existing installations? A person would need to "opt in" to this change by way of etc-update I guess (I'll keep a ::gentoo patch to basically enable the [directories] section, and to set astdbdir = /var/lib/asterisk/astdb by default). But unless the person modified asterisk.conf (entirely possible, generally you don't need to customize this config file) that will auto update this file. And on next asterisk restart the person will lose his existing astdb.sqlite3 file. So ... I could check for /var/lib/asterisk/astdb.sqlite3 in init script ... but if the user opted out of te config update ... moving the file here (which is a bad idea in my opinion anyway) is a terrible idea. Not moving the file will simply result in asterisk creating a new astdb.sqlite3 file in the new folder - which carries risk if (and only if) the user cares about persistence in astdb (which my systems specifically don't, but some others do). By *default* nothing that asterisk itself stores into astdb requires persistence (but it is preferred, for example, if I REGISTER to asterisk, it is nice that it doesn't "forget" my registration over restarts or even reboots). At this point I'm inclined to put a big ewarn in the updated ebuilds in pkg_pretend, warning of this default config change (if you're updating from an older asterisk where the default was /var/lib/asterisk), installing the new folder and moving on with my life. Since all my installs already has /var/lib/asterisk/astdb on a ramdisk, I'm not affected, but I really would prefer to not catch users off guard. Currently new installs of asterisk is semi broken by default, easy to fix either by chown asterisk:root /var/lib/asterisk, or by install -d -oasterisk -groot -m0750 /var/lib/asterisk/astdb and simple (2 lines) config change to /etc/asterisk/asterisk.conf. Just looking for other possible approaches here. Migration is also easy enough: update config for new location, stop asterisk, mv the sqlite3 file, start asterisk. Kind Regards, Jaco