Re: [RDD] Rivendell v2.19.3

[Stan Fotinos]

   Add Next/Insert Cart RML. Renamed the 'Add Next' ['PX'] RML to
   'Insert Cart' ['PX'] and added two optional arguments to allow
   specification of the insertion position and transition type.



Hi all

Could someone please point me to the documentation or share these two 
new optional arguments for the 'Insert Cart' [PX] RML.


Thank you

Stan

___
Rivendell-dev mailing list
Rivendell-dev@lists.rivendellaudio.org
http://caspian.paravelsystems.com/mailman/listinfo/rivendell-dev

[RDD] MySQL Encryption?

[Rich Gattie]

Is the MySQL that is configured on the Appliance DVD setup with SSL
encryption installed?

I'm looking at ways to connect from outside my network for someone to
remote access the system securely.



-- 
-=:{ Rich Gattie, KB2MOB }:=-
Email: mob...@gmail.com
Web: http://x1radio.net
___
Rivendell-dev mailing list
Rivendell-dev@lists.rivendellaudio.org
http://caspian.paravelsystems.com/mailman/listinfo/rivendell-dev

Re: [RDD] Thinking about 'RN'

[Rob Landry]

On Tue, 5 Feb 2019, Fred Gleason wrote:


The 'Run Shell Command' ['RN'] RML has been part of Rivendell from the
early days of the project (it first appeared in v0.9.17, released on
1/10/2005). Its use at first glance appears straightforward: run the
specified command-line invocation. However, in actual practice, it has
proven to be one of the more fussy and difficult RMLs to make work,
mostly because of the rather byzantine way in which Rivendell processes
it: send a message to the background Rivendell service (ripcd(8) to be
precise), which then handles the actual execution. In order to avoid
privilege escalation attacks, ripcd(8) actually executes the command as
the user/group specified in the 'AudioOwner=' and 'AudioGroup='
directives in the '[Identity]' section of '/etc/rd.conf'. This has
proven in many [most?] cases to be confusing, counter-intuitive and
generally not what the user wants.


I've built a number of Rivendell machines that rely on RN commands for a 
variety of different things, and very quickly decided that "AudioOwner" 
and "AudioGroup" should be set to the logged-in user ("scott", in my case) 
rather than a system user "rivendell".


In most cases, this resolves the permissions problems I otherwise 
encounter, and makes it easier to verify that everything will work as it 
should.



What are some ways we could improve this RML? One that has occurred to
me is to have it run the command as the local user who actually invoked
the RML. For example, if a user is logged in to a host as 'rd' (Linux
user, *not* Rivendell user!), run the requested Linux command as user
'rd'.


I have found that Perl scripts will not run directly from an RN command; I 
have to run a bash script that invokes the Perl script.



This would have a big advantage over the current implementation in that
it does seem to be what most users intuitively expect to happen.
However, it comes with an awkward corner case: remote execution. What,
for example, would we do with an RML invocation like this:



CC some-remote-host RN /some/dangerous/operation!


This is the first time I've heard of a CC command. I've always done remote 
invocations by using rmlsend from a bash script.


One Boston-area client has a Rivendell system that sends commands to 
another Rivendell system at a co-owned station on Cape Cod. For him, I had 
to write "rmlserver" and "rmlclient" scripts to encapsulate the UDP 
packets as TCP so I could send them through an ssh tunnel.



Rob
___
Rivendell-dev mailing list
Rivendell-dev@lists.rivendellaudio.org
http://caspian.paravelsystems.com/mailman/listinfo/rivendell-dev