Backports seems to be done.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/2391#issuecomment-729923695___
Kamailio (SER) - Development
Closed #2391.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/2391#event-4012528952___
Kamailio (SER) - Development Mailing List
It should be fixed with referenced commit from above. Lets wait a bit for
packaging tests and then i will backport as well.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
Ok, this sounds indeed easy, I will do it then. :-)
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/2391#issuecomment-691021646___
then we can add this string into
[`kamailio.service`](https://github.com/kamailio/kamailio/blob/master/pkg/kamailio/obs/kamailio.service)
```
AmbientCapabilities=CAP_CHOWN
```
That will be more simple.
--
You are receiving this because you are subscribed to this thread.
Reply to this email
> The file can be added, need to define which package.
> If a file will be added into `kamailio` package, then it will affect all
> installation.
>
> We can define cfg packages like
>
> ```
> kamailio-cfg-siremis
> ```
>
> When you install siremis, then need to install a specific cfg package.
File can be added, need to define which package.
If file will be added into `kamailio` package, then it will affect all
installation.
We can defined cfg packages like
```
kamailio-cfg-siremis
```
When you install siremis, then install specific cfg package.
--
You are receiving this because you
@sergey-safarov, @linuxmaniac could you add the necessary file from comment
https://github.com/kamailio/kamailio/issues/2391#issuecomment-654726464 to
debian and rpm packaging?
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on
I can add the required permissions to `systemd` unit file.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
If I understood right, it is about kamailio being able to do chown internally.
At least `ctl` module needs this capability as well. Probably connecting with
kamcmd or kamcli face same problem if they are configured to run under
different user/group, like it happens with apache2 (running
I think it should be documented in the jsonrpcs module, as packaging is
probably a bit too much for this special case.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
Is anything left to be addressed on this issue?
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/2391#issuecomment-668181785___
Kamailio
> make it sense to add it to debian packaging?
As it does not need in most cases, I think best options a package
`/etc/systemd/system/kamailio.service.d/20-siremis.conf` for other packages
then `kamailio`.
This may be `kamailio-cfg-siremis` or `siremis` itself.
--
You are receiving this
I just did a quick grep, it seems this is the only one.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/2391#issuecomment-654761452___
Do we have more modules with the same behavior?
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/2391#issuecomment-654754829___
Kamailio
>
>
> @henningw please create file
> `/etc/systemd/system/kamailio.service.d/20-siremis.conf` with content
>
> ```
> [Service]
> AmbientCapabilities=CAP_CHOWN
> ```
>
> and then execute commands
>
> ```shell
> systemctl daemon-reload
> systemctl restart kamailio
> systemctl status kamailio
>
@henningw please create file
`/etc/systemd/system/kamailio.service.d/20-siremis.conf` with content
```
[Service]
AmbientCapabilities=CAP_CHOWN
```
and then execute commands
```sh
systemctl daemon-reload
systemctl restart kamailio
systemctl status kamailio
```
--
You are receiving this because
>If we provide this capability in the module, it should work in our packages as
>well.
If you want to add these extra capabilities via `SIREMIS` package, then yes.
That will works. Required create drop-in like
`/etc/systemd/system/kamailio.service.d/20-siremis.conf`.
This change made to fix
Hi Sergey, the reason to use this parameter is to enable SIREMIS Web GUI to
communicate with Kamailio, as you guessed already. To start Kamailio as user
www-data is probably not optimal from a security point of view.
If we provide this capabiltiy in the module, it should work in our packages as
Also, you can create drop-in and start Kamailio with required user and group
```
[Service]
User=www-data
Group=root
```
Or you can create drop-in and start Kamailio as before under root user and then
drop process permission
> On systemd, to change username or group please create drop-in
```
root@kam01:/home/henning# ls -ld /var/run/kamailio
ls: cannot access '/var/run/kamailio': No such file or directory
root@kam01:/home/henning# ls -l /var/run/kamailio
ls: cannot access '/var/run/kamailio': No such file or directory
```
Looks as not exist tmpfiles configuration file. I will
> all files under `/var/run/` (a symbolic link to `/run`) must be created from
> scratch on server reboot.
> Could you make a test:
>
> 1. systemctl disable kamailio
> 2. reboot
> 3. ls -ld /var/run/kamailio
> 4. ls -l /var/run/kamailio
> 5. systemctl enable --now kamailio
>
> Is it reproducible on clean installation? Or only after upgrade?
>
> Is issue fixed after server reboot?
Thanks Sergey. I did a server reboot, did not changes anything. Will now try
the other steps.
--
You are receiving this because you are subscribed to this thread.
Reply to this email
all files under `/var/run/` (a symbolic link to `/run`) must be created from
scratch on server reboot.
Could you make a test:
1) systemctl disable kamailio
2) reboot
3) ls -ld /var/run/kamailio
4) ls -l /var/run/kamailio
5) systemctl enable --now kamailio
6) ls -ld /var/run/kamailio
7) ls -l
Is it reproducible on clean installation? Or only after upgrade?
Is issue fixed after server reboot?
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
25 matches
Mail list logo