Hi,
I have downloaded and installed only the new rpm :
kamailio-5.0.0-10.1.x86_64.rpm. Is it enough ?
Then I try to start Kamailio that fails :
[root@vm-vse02-siprouter2 kamailio]# service kamailio start
Starting kamailio (via systemctl): Job for kamailio.service failed. See
'systemctl status kamailio.service' and 'journalctl -xn' for details.
[FAILED]
[root@vm-vse02-siprouter2 kamailio]#
[root@vm-vse02-siprouter2 kamailio]#
[root@vm-vse02-siprouter2 kamailio]# systemctl status kamailio.service -l
kamailio.service - SYSV: Kamailio is a fast, reliable and flexible SIP Server.
Loaded: loaded (/etc/rc.d/init.d/kamailio)
Active: failed (Result: exit-code) since Wed 2017-04-05 13:58:33 CEST; 4s ago
Process: 4724 ExecStop=/etc/rc.d/init.d/kamailio stop (code=exited,
status=0/SUCCESS)
Process: 4867 ExecStart=/etc/rc.d/init.d/kamailio start (code=exited,
status=1/FAILURE)
Main PID: 2946 (code=exited, status=0/SUCCESS)
Apr 05 13:58:33 vm-vse02-siprouter2 kamailio[4878]: DEBUG: <core>
[core/route_struct.c:129]: mk_action(): ACTION_#63 #0/2: 21(15)/ 0x7fdd400f638
8
Apr 05 13:58:33 vm-vse02-siprouter2 kamailio[4878]: DEBUG: <core>
[core/route_struct.c:129]: mk_action(): ACTION_#63 #1/2: 22(16)/ 0x7fdd400f588
8
Apr 05 13:58:33 vm-vse02-siprouter2 kamailio[4878]: DEBUG: <core>
[core/pvapi.c:321]: pv_cache_lookup(): pvar [$var(i:NodePath)] found in cache
Apr 05 13:58:33 vm-vse02-siprouter2 kamailio[4878]: WARNING: <core>
[core/cfg.y:3378]: warn_at(): warning in config file //etc/kamailio/kamailio
.cfg, line 978, column 6-13: constant value in if(...)
Apr 05 13:58:33 vm-vse02-siprouter2 kamailio[4878]: INFO: <core>
[core/sctp_core.c:75]: sctp_core_check_support(): SCTP API not enabled - if you
want to use it, load sctp module
Apr 05 13:58:33 vm-vse02-siprouter2 kamailio[4880]: CRITICAL: <core>
[core/daemonize.c:345]: daemonize(): running process found in the pid file
/var/run/kamailio/kamailio.pid
Apr 05 13:58:33 vm-vse02-siprouter2 kamailio[4867]: Starting kamailio:
Apr 05 13:58:33 vm-vse02-siprouter2 systemd[1]: kamailio.service: control
process exited, code=exited status=1
Apr 05 13:58:33 vm-vse02-siprouter2 systemd[1]: Failed to start SYSV: Kamailio
is a fast, reliable and flexible SIP Server..
Apr 05 13:58:33 vm-vse02-siprouter2 systemd[1]: Unit kamailio.service entered
failed state.
I get also a strange result when I try to start Kamailio using the service
Kamailio command, that is nothing happen, the server doesn’t give a status :
[root@vm-vse02-siprouter2 ~]# service kamailio start
Starting kamailio (via systemctl): ^C
I have to send a CTRL C to break the action.
Cordialement
Patrick GINHOUX
De : Daniel-Constantin Mierla [mailto:mico...@gmail.com]
Envoyé : mercredi 5 avril 2017 13:45
À : Ginhoux, Patrick <patrick.ginh...@fr.unisys.com>; Kamailio (SER) - Users
Mailing List <sr-users@lists.sip-router.org>; Kamailio (SER) - Users Mailing
List <sr-us...@lists.kamailio.org>
Objet : Re: [SR-Users] RPCFIFOPATH / DEFINE_FIFO_NAME settings problem
Hello,
apparently the /var/run/kamailio folder was not created by the init.d script
for rpm, as it is done in the deb specs. I updated it and triggered a rebuild
of rpms, available at:
https://build.opensuse.org/package/show/home:kamailio:v5.0.x-rpms/kamailio50
Try to upgrade and then see if it works.
Later today we will release v5.0.1 and the rpms for it will have the new init.d
script.
Cheers,
Daniel
On 03.04.17 15:01, Ginhoux, Patrick wrote:
Hi,
I use « service kamailio start », so the init.d script that is the one created
at the installation.
Cordialement
Patrick GINHOUX
De : sr-users [mailto:sr-users-boun...@lists.sip-router.org] De la part de
Daniel-Constantin Mierla
Envoyé : lundi 3 avril 2017 14:56
À : Kamailio (SER) - Users Mailing List <mailto:sr-us...@lists.kamailio.org>
<sr-us...@lists.kamailio.org>
Objet : Re: [SR-Users] RPCFIFOPATH / DEFINE_FIFO_NAME settings problem
Hello,
how do you start Kamailio? Via init.d/systemd script?
Cheers,
Daniel
On 03.04.17 14:34, Ginhoux, Patrick wrote:
Hi,
Selinux is disabled.
Cordialement
Patrick GINHOUX
De : Daniel-Constantin Mierla [mailto:mico...@gmail.com]
Envoyé : lundi 3 avril 2017 14:33
À : Ginhoux, Patrick <mailto:patrick.ginh...@fr.unisys.com>
<patrick.ginh...@fr.unisys.com>; Kamailio (SER) - Users Mailing List
<mailto:sr-users@lists.sip-router.org> <sr-users@lists.sip-router.org>
Objet : Re: [SR-Users] RPCFIFOPATH / DEFINE_FIFO_NAME settings problem
Hello,
have you disabled selinux to see if starts ok without it?
Cheers,
Daniel
On 03.04.17 13:54, Ginhoux, Patrick wrote:
Hi,
Well, with one of my colleagues, we did some research and test, but we don’t
find where the privilege issue is with the /var/ FS.
If the fifo filename is "/var/run/kamailio/kamailio_rpc_fifo" or
"/var/run/kamailio_rpc_fifo", we have this privilege issue.
I thought that the following declaration would prevent this security issue :
modparam("jsonrpcs", "fifo_name", DEFINE_FIFO_NAME)
modparam("jsonrpcs", "fifo_mode", 0755)
modparam("jsonrpcs", "fifo_group", "kamailio")
modparam("jsonrpcs", "fifo_user", "kamailio")
but it is not the case.
For the moment only the fifo filename “/tmp/kamailio_rpc_fifo" is valid for
kamailio to start.
Cordialement
Patrick GINHOUX
De : Ginhoux, Patrick
Envoyé : lundi 27 mars 2017 17:46
À : 'mico...@gmail.com <mailto:mico...@gmail.com> ' <mailto:mico...@gmail.com>
<mico...@gmail.com>; Kamailio (SER) - Users Mailing List
<mailto:sr-users@lists.sip-router.org> <sr-users@lists.sip-router.org>
Objet : RE: [SR-Users] RPCFIFOPATH / DEFINE_FIFO_NAME settings problem
Hi,
I continue to investigate on this area.
I’m thinking that there are some security settings on the FS /var/, and I’m
looking for if we have the rights to change it (I work for a project and don’t
have all the ability to change some settings without agreement).
I’ll update you later tomorrow.
Cordialement
Patrick GINHOUX
De : Daniel-Constantin Mierla [mailto:mico...@gmail.com]
Envoyé : lundi 27 mars 2017 15:28
À : Ginhoux, Patrick <patrick.ginh...@fr.unisys.com
<mailto:patrick.ginh...@fr.unisys.com> >; Kamailio (SER) - Users Mailing List
<sr-users@lists.sip-router.org <mailto:sr-users@lists.sip-router.org> >
Objet : Re: [SR-Users] RPCFIFOPATH / DEFINE_FIFO_NAME settings problem
Hello,
as recently as last week, someone encountered an file access problem while
installing Siremis, which is using also some temporary files in /var/, even it
was granting provileges via chown and chmod. All went fine after disabling
selinux. It was on a centos.
I am not saying it is the same, but it could, so try without centos to see if
the issue persists.
Cheers,
Daniel
On 27/03/2017 15:10, Ginhoux, Patrick wrote:
Hi,
This is the RHEL 7.1 distro, and there is use of selinux, apparmor or other
tools.
Are you meaning that the /var/run/ folder would be secured more than other
folders?
Cordialement
Patrick GINHOUX
De : sr-users [mailto:sr-users-boun...@lists.sip-router.org] De la part de
Daniel-Constantin Mierla
Envoyé : lundi 27 mars 2017 13:52
À : Kamailio (SER) - Users Mailing List <mailto:sr-users@lists.sip-router.org>
<sr-users@lists.sip-router.org>
Objet : Re: [SR-Users] RPCFIFOPATH / DEFINE_FIFO_NAME settings problem
Hello,
kamailio should attempt to create the /var/run/kamailio folder if the
application is run with enough privileges. However, some operating systems add
more constraints on top of the execution user.
What is your OS distro? Do you have selinux, apparmor or other similar tools
enabled?
Cheers,
Daniel
On 24/03/2017 17:52, Ginhoux, Patrick wrote:
In my ‘kamctlrc’ file :
## path to FIFO file for engine RPCFIFO
RPCFIFOPATH="/var/run/kamailio/kamailio_rpc_fifo"
#RPCFIFOPATH="/tmp/kamailio_rpc_fifo"
In my ‘kamailio.cfg’ :
!!ifndef DEFINE_FIFO_NAME
!!define DEFINE_FIFO_NAME "/var/run/kamailio/kamailio_rpc_fifo"
!!endif
modparam("jsonrpcs", "pretty_format", 1)
modparam("jsonrpcs", "transport", 2)
modparam("jsonrpcs", "fifo_name", DEFINE_FIFO_NAME)
modparam("jsonrpcs", "fifo_mode", 0755)
modparam("jsonrpcs", "fifo_group", "kamailio")
modparam("jsonrpcs", "fifo_user", "kamailio")
kamailio doesn’t start. It reports ‘Permission denied’ :
Mar 24 17:31:21 localhost /usr/sbin/kamailio[1138]: ERROR: jsonrpcs
[jsonrpcs_fifo.c:144]: jsonrpc_init_fifo_server(): Can't create FIFO:
Permission denied (mode=493)
Mar 24 17:31:21 localhost /usr/sbin/kamailio[1138]: CRITICAL: jsonrpcs
[jsonrpcs_fifo.c:489]: jsonrpc_fifo_process(): failed to init jsonrpc fifo
server
Mar 24 17:31:21 localhost /usr/sbin/kamailio[1120]: ALERT: <core> [main.c:741]:
handle_sigs(): child process 1138 exited normally, status=255
Mar 24 17:31:21 localhost /usr/sbin/kamailio[1130]: DEBUG: <core>
[core/sr_module.c:920]: init_mod_child(): rank 4: tm
Mar 24 17:31:21 localhost /usr/sbin/kamailio[1137]: DEBUG: <core>
[core/sr_module.c:920]: init_mod_child(): rank -1: tm
Mar 24 17:31:21 localhost /usr/sbin/kamailio[1127]: DEBUG: htable
[htable.c:226]: child_init(): rank is (1)
Mar 24 17:31:21 localhost /usr/sbin/kamailio[1120]: INFO: <core> [main.c:759]:
handle_sigs(): terminating due to SIGCHLD
Mar 24 17:31:21 localhost /usr/sbin/kamailio[1139]: DEBUG: <core>
[core/sr_module.c:920]: init_mod_child(): rank -2: kex
Mar 24 17:31:21 localhost /usr/sbin/kamailio[1130]: DEBUG: tm [callid.c:137]:
child_init_callid(): callid: '15b1f0d63a718465-1130@129.227.83.108
<mailto:15b1f0d63a718465-1130@129.227.83.108> '
Mar 24 17:31:21 localhost /usr/sbin/kamailio[1137]: DEBUG: tm [callid.c:137]:
child_init_callid(): callid: '15b1f0d63a718465-1137@129.227.83.108
<mailto:15b1f0d63a718465-1137@129.227.83.108> '
Mar 24 17:31:21 localhost /usr/sbin/kamailio[1127]: DEBUG: <core>
[core/action.c:1656]: run_child_one_init_route(): attempting to run
event_route[core:worker-one-init]
Mar 24 17:31:21 localhost /usr/sbin/kamailio[1136]: INFO: <core> [main.c:814]:
sig_usr(): signal 15 received
Mar 24 17:31:21 localhost /usr/sbin/kamailio[1135]: INFO: <core> [main.c:814]:
sig_usr(): signal 15 received
Mar 24 17:31:21 localhost /usr/sbin/kamailio[1134]: INFO: <core> [main.c:814]:
sig_usr(): signal 15 received
Mar 24 17:31:21 localhost /usr/sbin/kamailio[1133]: INFO: <core> [main.c:814]:
sig_usr(): signal 15 received
Mar 24 17:31:21 localhost /usr/sbin/kamailio[1132]: INFO: <core> [main.c:814]:
sig_usr(): signal 15 received
Mar 24 17:31:21 localhost /usr/sbin/kamailio[1131]: INFO: <core> [main.c:814]:
sig_usr(): signal 15 received
Mar 24 17:31:21 localhost /usr/sbin/kamailio[1129]: INFO: <core> [main.c:814]:
sig_usr(): signal 15 received
Mar 24 17:31:21 localhost /usr/sbin/kamailio[1128]: INFO: <core> [main.c:814]:
sig_usr(): signal 15 received
Mar 24 17:31:21 localhost /usr/sbin/kamailio[1120]: ERROR: ctl [ctl.c:387]:
mod_destroy(): ERROR: ctl: could not delete unix socket
/var/run/kamailio//kamailio_ctl: Permission denied (13)
Mar 24 17:31:21 localhost /usr/sbin/kamailio[1120]: ERROR: jsonrpcs
[jsonrpcs_fifo.c:595]: jsonrpc_fifo_destroy(): FIFO stat failed: Permission
denied
If I replace the values in the 2 files as appropriate :
In the ‘kamctlrc” to RPCFIFOPATH="/tmp/kamailio_rpc_fifo"
In the ‘kamailio.cfg” to !!define DEFINE_FIFO_NAME "/tmp/kamailio_rpc_fifo"
Then kamailo starts :
[root@vm-vse02-siprouter1 ~]# ps -ef |grep kam
kamailio 1235 1 0 17:37 ? 00:00:00 /usr/sbin/kamailio -P
/var/run/kamailio.pid -m 1024 -M 8 -u kamailio -g kamailio
kamailio 1236 1235 0 17:37 ? 00:00:00 /usr/sbin/kamailio -P
/var/run/kamailio.pid -m 1024 -M 8 -u kamailio -g kamailio
kamailio 1237 1235 0 17:37 ? 00:00:00 /usr/sbin/kamailio -P
/var/run/kamailio.pid -m 1024 -M 8 -u kamailio -g kamailio
kamailio 1238 1235 0 17:37 ? 00:00:00 /usr/sbin/kamailio -P
/var/run/kamailio.pid -m 1024 -M 8 -u kamailio -g kamailio
kamailio 1239 1235 0 17:37 ? 00:00:00 /usr/sbin/kamailio -P
/var/run/kamailio.pid -m 1024 -M 8 -u kamailio -g kamailio
kamailio 1240 1235 0 17:37 ? 00:00:00 /usr/sbin/kamailio -P
/var/run/kamailio.pid -m 1024 -M 8 -u kamailio -g kamailio
kamailio 1241 1235 0 17:37 ? 00:00:00 /usr/sbin/kamailio -P
/var/run/kamailio.pid -m 1024 -M 8 -u kamailio -g kamailio
kamailio 1242 1235 0 17:37 ? 00:00:00 /usr/sbin/kamailio -P
/var/run/kamailio.pid -m 1024 -M 8 -u kamailio -g kamailio
kamailio 1243 1235 0 17:37 ? 00:00:00 /usr/sbin/kamailio -P
/var/run/kamailio.pid -m 1024 -M 8 -u kamailio -g kamailio
kamailio 1244 1235 0 17:37 ? 00:00:00 /usr/sbin/kamailio -P
/var/run/kamailio.pid -m 1024 -M 8 -u kamailio -g kamailio
kamailio 1245 1235 0 17:37 ? 00:00:00 /usr/sbin/kamailio -P
/var/run/kamailio.pid -m 1024 -M 8 -u kamailio -g kamailio
kamailio 1246 1235 0 17:37 ? 00:00:00 /usr/sbin/kamailio -P
/var/run/kamailio.pid -m 1024 -M 8 -u kamailio -g kamailio
kamailio 1247 1235 0 17:37 ? 00:00:00 /usr/sbin/kamailio -P
/var/run/kamailio.pid -m 1024 -M 8 -u kamailio -g kamailio
kamailio 1248 1235 0 17:37 ? 00:00:00 /usr/sbin/kamailio -P
/var/run/kamailio.pid -m 1024 -M 8 -u kamailio -g kamailio
root 1251 1165 0 17:37 pts/0 00:00:00 grep --color=auto kam
and I can get result from kamctl/kamcmd commands :
[root@vm-vse02-siprouter1 ~]# kamctl dispatcher dump
which: no gdb in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/)
{
"jsonrpc": "2.0",
"result": {
"NRSETS": 1,
"RECORDS": [{
"SET": {
"ID": 1,
"TARGETS": [{
"DEST": {
"URI": <sip:cs1-tool-misc.orange-voicemail.net:5060>
"sip:cs1-tool-misc.orange-voicemail.net:5060",
"FLAGS": "AP",
"PRIORITY": 0
}
}]
}
}]
},
"id": 1301
}
[root@vm-vse02-siprouter1 ~]# kamcmd dispatcher.list
{
NRSETS: 1
RECORDS: {
SET: {
ID: 1
TARGETS: {
DEST: {
URI:
sip:cs1-tool-misc.orange-voicemail.net:5060
FLAGS: AP
PRIORITY: 0
}
}
}
}
}
Now, if I change the fifo patch and name to
“/var/run/kamailio/kamailio_rpc_fifo’ and apply the following rights on
/var/run/ to:
chmod 755 kamalio/
chown + kamailio:kamailio kamailio/
then kamailio starts.
Is there a reason for these results ?
Thanks in advance for your answer.
Cordialement
Patrick GINHOUX
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@lists.sip-router.org <mailto:sr-users@lists.sip-router.org>
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
--
Daniel-Constantin Mierla
www.twitter.com/miconda <http://www.twitter.com/miconda> --
www.linkedin.com/in/miconda <http://www.linkedin.com/in/miconda>
Kamailio Advanced Training - Mar 6-8 (Europe) and Mar 20-22 (USA) -
www.asipto.com <http://www.asipto.com>
Kamailio World Conference - May 8-10, 2017 - www.kamailioworld.com
<http://www.kamailioworld.com>
--
Daniel-Constantin Mierla
www.twitter.com/miconda <http://www.twitter.com/miconda> --
www.linkedin.com/in/miconda <http://www.linkedin.com/in/miconda>
Kamailio Advanced Training - Mar 6-8 (Europe) and Mar 20-22 (USA) -
www.asipto.com <http://www.asipto.com>
Kamailio World Conference - May 8-10, 2017 - www.kamailioworld.com
<http://www.kamailioworld.com>
--
Daniel-Constantin Mierla
www.twitter.com/miconda <http://www.twitter.com/miconda> --
www.linkedin.com/in/miconda <http://www.linkedin.com/in/miconda>
Kamailio Advanced Training - May 22-24 (USA) - www.asipto.com
<http://www.asipto.com>
Kamailio World Conference - May 8-10, 2017 - www.kamailioworld.com
<http://www.kamailioworld.com>
--
Daniel-Constantin Mierla
www.twitter.com/miconda <http://www.twitter.com/miconda> --
www.linkedin.com/in/miconda <http://www.linkedin.com/in/miconda>
Kamailio Advanced Training - May 22-24 (USA) - www.asipto.com
<http://www.asipto.com>
Kamailio World Conference - May 8-10, 2017 - www.kamailioworld.com
<http://www.kamailioworld.com>
--
Daniel-Constantin Mierla
www.twitter.com/miconda <http://www.twitter.com/miconda> --
www.linkedin.com/in/miconda <http://www.linkedin.com/in/miconda>
Kamailio Advanced Training - May 22-24 (USA) - www.asipto.com
<http://www.asipto.com>
Kamailio World Conference - May 8-10, 2017 - www.kamailioworld.com
<http://www.kamailioworld.com>
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
