Hello, as recently as last week, someone encountered an file access problem while installing Siremis, which is using also some temporary files in /var/, even it was granting provileges via chown and chmod. All went fine after disabling selinux. It was on a centos.
I am not saying it is the same, but it could, so try without centos to see if the issue persists. Cheers, Daniel On 27/03/2017 15:10, Ginhoux, Patrick wrote: > > Hi, > > > > This is the RHEL 7.1 distro, and there is use of selinux, apparmor or > other tools. > > > > Are you meaning that the /var/run/ folder would be secured more than > other folders? > > > > Cordialement > > Patrick GINHOUX > > > > *De :*sr-users [mailto:sr-users-boun...@lists.sip-router.org] *De la > part de* Daniel-Constantin Mierla > *Envoyé :* lundi 27 mars 2017 13:52 > *À :* Kamailio (SER) - Users Mailing List <sr-users@lists.sip-router.org> > *Objet :* Re: [SR-Users] RPCFIFOPATH / DEFINE_FIFO_NAME settings problem > > > > Hello, > > kamailio should attempt to create the /var/run/kamailio folder if the > application is run with enough privileges. However, some operating > systems add more constraints on top of the execution user. > > What is your OS distro? Do you have selinux, apparmor or other similar > tools enabled? > > Cheers, > Daniel > > > > On 24/03/2017 17:52, Ginhoux, Patrick wrote: > > In my ‘kamctlrc’ file : > > > > ## path to FIFO file for engine RPCFIFO > > RPCFIFOPATH="/var/run/kamailio/kamailio_rpc_fifo" > > #RPCFIFOPATH="/tmp/kamailio_rpc_fifo" > > > > In my ‘kamailio.cfg’ : > > > > !!ifndef DEFINE_FIFO_NAME > > !!define DEFINE_FIFO_NAME "/var/run/kamailio/kamailio_rpc_fifo" > > !!endif > > > > > > modparam("jsonrpcs", "pretty_format", 1) > > modparam("jsonrpcs", "transport", 2) > > modparam("jsonrpcs", "fifo_name", DEFINE_FIFO_NAME) > > modparam("jsonrpcs", "fifo_mode", 0755) > > modparam("jsonrpcs", "fifo_group", "kamailio") > > modparam("jsonrpcs", "fifo_user", "kamailio") > > > > > > kamailio doesn’t start. It reports ‘Permission denied’ : > > > > Mar 24 17:31:21 localhost /usr/sbin/kamailio[1138]: ERROR: > jsonrpcs [jsonrpcs_fifo.c:144]: jsonrpc_init_fifo_server(): Can't > create FIFO: Permission denied (mode=493) > > Mar 24 17:31:21 localhost /usr/sbin/kamailio[1138]: CRITICAL: > jsonrpcs [jsonrpcs_fifo.c:489]: jsonrpc_fifo_process(): failed to > init jsonrpc fifo server > > Mar 24 17:31:21 localhost /usr/sbin/kamailio[1120]: ALERT: <core> > [main.c:741]: handle_sigs(): child process 1138 exited normally, > status=255 > > Mar 24 17:31:21 localhost /usr/sbin/kamailio[1130]: DEBUG: <core> > [core/sr_module.c:920]: init_mod_child(): rank 4: tm > > Mar 24 17:31:21 localhost /usr/sbin/kamailio[1137]: DEBUG: <core> > [core/sr_module.c:920]: init_mod_child(): rank -1: tm > > Mar 24 17:31:21 localhost /usr/sbin/kamailio[1127]: DEBUG: htable > [htable.c:226]: child_init(): rank is (1) > > Mar 24 17:31:21 localhost /usr/sbin/kamailio[1120]: INFO: <core> > [main.c:759]: handle_sigs(): terminating due to SIGCHLD > > Mar 24 17:31:21 localhost /usr/sbin/kamailio[1139]: DEBUG: <core> > [core/sr_module.c:920]: init_mod_child(): rank -2: kex > > Mar 24 17:31:21 localhost /usr/sbin/kamailio[1130]: DEBUG: tm > [callid.c:137]: child_init_callid(): callid: > '15b1f0d63a718465-1130@129.227.83.108 > <mailto:15b1f0d63a718465-1130@129.227.83.108>' > > Mar 24 17:31:21 localhost /usr/sbin/kamailio[1137]: DEBUG: tm > [callid.c:137]: child_init_callid(): callid: > '15b1f0d63a718465-1137@129.227.83.108 > <mailto:15b1f0d63a718465-1137@129.227.83.108>' > > Mar 24 17:31:21 localhost /usr/sbin/kamailio[1127]: DEBUG: <core> > [core/action.c:1656]: run_child_one_init_route(): attempting to > run event_route[core:worker-one-init] > > Mar 24 17:31:21 localhost /usr/sbin/kamailio[1136]: INFO: <core> > [main.c:814]: sig_usr(): signal 15 received > > Mar 24 17:31:21 localhost /usr/sbin/kamailio[1135]: INFO: <core> > [main.c:814]: sig_usr(): signal 15 received > > Mar 24 17:31:21 localhost /usr/sbin/kamailio[1134]: INFO: <core> > [main.c:814]: sig_usr(): signal 15 received > > Mar 24 17:31:21 localhost /usr/sbin/kamailio[1133]: INFO: <core> > [main.c:814]: sig_usr(): signal 15 received > > Mar 24 17:31:21 localhost /usr/sbin/kamailio[1132]: INFO: <core> > [main.c:814]: sig_usr(): signal 15 received > > Mar 24 17:31:21 localhost /usr/sbin/kamailio[1131]: INFO: <core> > [main.c:814]: sig_usr(): signal 15 received > > Mar 24 17:31:21 localhost /usr/sbin/kamailio[1129]: INFO: <core> > [main.c:814]: sig_usr(): signal 15 received > > Mar 24 17:31:21 localhost /usr/sbin/kamailio[1128]: INFO: <core> > [main.c:814]: sig_usr(): signal 15 received > > Mar 24 17:31:21 localhost /usr/sbin/kamailio[1120]: ERROR: ctl > [ctl.c:387]: mod_destroy(): ERROR: ctl: could not delete unix > socket /var/run/kamailio//kamailio_ctl: Permission denied (13) > > Mar 24 17:31:21 localhost /usr/sbin/kamailio[1120]: ERROR: > jsonrpcs [jsonrpcs_fifo.c:595]: jsonrpc_fifo_destroy(): FIFO stat > failed: Permission denied > > > > If I replace the values in the 2 files as appropriate : > > > > In the ‘kamctlrc” toRPCFIFOPATH="/tmp/kamailio_rpc_fifo" > > > > In the ‘kamailio.cfg” to!!define DEFINE_FIFO_NAME > "/tmp/kamailio_rpc_fifo" > > > > Then kamailo starts : > > > > [root@vm-vse02-siprouter1 ~]# ps -ef |grep kam > > kamailio 1235 1 0 17:37 ? 00:00:00 /usr/sbin/kamailio > -P /var/run/kamailio.pid -m 1024 -M 8 -u kamailio -g kamailio > > kamailio 1236 1235 0 17:37 ? 00:00:00 /usr/sbin/kamailio > -P /var/run/kamailio.pid -m 1024 -M 8 -u kamailio -g kamailio > > kamailio 1237 1235 0 17:37 ? 00:00:00 /usr/sbin/kamailio > -P /var/run/kamailio.pid -m 1024 -M 8 -u kamailio -g kamailio > > kamailio 1238 1235 0 17:37 ? 00:00:00 /usr/sbin/kamailio > -P /var/run/kamailio.pid -m 1024 -M 8 -u kamailio -g kamailio > > kamailio 1239 1235 0 17:37 ? 00:00:00 /usr/sbin/kamailio > -P /var/run/kamailio.pid -m 1024 -M 8 -u kamailio -g kamailio > > kamailio 1240 1235 0 17:37 ? 00:00:00 /usr/sbin/kamailio > -P /var/run/kamailio.pid -m 1024 -M 8 -u kamailio -g kamailio > > kamailio 1241 1235 0 17:37 ? 00:00:00 /usr/sbin/kamailio > -P /var/run/kamailio.pid -m 1024 -M 8 -u kamailio -g kamailio > > kamailio 1242 1235 0 17:37 ? 00:00:00 /usr/sbin/kamailio > -P /var/run/kamailio.pid -m 1024 -M 8 -u kamailio -g kamailio > > kamailio 1243 1235 0 17:37 ? 00:00:00 /usr/sbin/kamailio > -P /var/run/kamailio.pid -m 1024 -M 8 -u kamailio -g kamailio > > kamailio 1244 1235 0 17:37 ? 00:00:00 /usr/sbin/kamailio > -P /var/run/kamailio.pid -m 1024 -M 8 -u kamailio -g kamailio > > kamailio 1245 1235 0 17:37 ? 00:00:00 /usr/sbin/kamailio > -P /var/run/kamailio.pid -m 1024 -M 8 -u kamailio -g kamailio > > kamailio 1246 1235 0 17:37 ? 00:00:00 /usr/sbin/kamailio > -P /var/run/kamailio.pid -m 1024 -M 8 -u kamailio -g kamailio > > kamailio 1247 1235 0 17:37 ? 00:00:00 /usr/sbin/kamailio > -P /var/run/kamailio.pid -m 1024 -M 8 -u kamailio -g kamailio > > kamailio 1248 1235 0 17:37 ? 00:00:00 /usr/sbin/kamailio > -P /var/run/kamailio.pid -m 1024 -M 8 -u kamailio -g kamailio > > root 1251 1165 0 17:37 pts/0 00:00:00 grep --color=auto kam > > > > and I can get result from kamctl/kamcmd commands : > > [root@vm-vse02-siprouter1 ~]# kamctl dispatcher dump > > which: no gdb in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/) > > { > > "jsonrpc": "2.0", > > "result": { > > "NRSETS": 1, > > "RECORDS": [{ > > "SET": { > > "ID": 1, > > "TARGETS": [{ > > "DEST": { > > "URI": > "sip:cs1-tool-misc.orange-voicemail.net:5060" > <sip:cs1-tool-misc.orange-voicemail.net:5060>, > > "FLAGS": "AP", > > "PRIORITY": 0 > > } > > }] > > } > > }] > > }, > > "id": 1301 > > } > > [root@vm-vse02-siprouter1 ~]# kamcmd dispatcher.list > > { > > NRSETS: 1 > > RECORDS: { > > SET: { > > ID: 1 > > TARGETS: { > > DEST: { > > URI: > sip:cs1-tool-misc.orange-voicemail.net:5060 > > FLAGS: AP > > PRIORITY: 0 > > } > > } > > } > > } > > } > > > > > > Now, if I change the fifo patch and name to > “/var/run/kamailio/kamailio_rpc_fifo’ and apply the following > rights on /var/run/ to: > > > > chmod 755 kamalio/ > > chown + kamailio:kamailio kamailio/ > > > > then kamailio starts. > > > > Is there a reason for these results ? > > > > Thanks in advance for your answer. > > > > Cordialement > > Patrick GINHOUX > > > > > > > _______________________________________________ > > SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list > > sr-users@lists.sip-router.org <mailto:sr-users@lists.sip-router.org> > > http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users > > > > -- > Daniel-Constantin Mierla > www.twitter.com/miconda <http://www.twitter.com/miconda> -- > www.linkedin.com/in/miconda <http://www.linkedin.com/in/miconda> > Kamailio Advanced Training - Mar 6-8 (Europe) and Mar 20-22 (USA) - > www.asipto.com <http://www.asipto.com> > Kamailio World Conference - May 8-10, 2017 - www.kamailioworld.com > <http://www.kamailioworld.com> -- Daniel-Constantin Mierla www.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio Advanced Training - Mar 6-8 (Europe) and Mar 20-22 (USA) - www.asipto.com Kamailio World Conference - May 8-10, 2017 - www.kamailioworld.com
_______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users