[asterisk-users] asterisk at non-root / zaptel
Tzafrir Cohen
tzafrir.cohen at xorcom.com
Mon Oct 15 12:53:10 CDT 2007
On Mon, Oct 15, 2007 at 10:38:09AM -0700, Robert McNaught wrote:
> Hi,
>
> In the 2nd edition of the Asterisk book, there is a section recommending
> running asterisk as non-root - tried this and it works. However,
> asterisk does not have permissions to view certain files relating to
> zaptel as in the following 'zap show status' command in the * CLI
>
> What would be the best way to get round this, in terms of reliability
> and security? Is there a way to allow the user 'asterisk' access to the
> necessary files? Or would it be better to run the zaptel service as the
> same user as 'asterisk' is running as? Does anyone have any thoughts on
> this
Asterisk needs to be able to read/write to the files under /dev/zap .
Thus either make them owned by Asterisk or put them in a group in which
Asterisk is a member.
For example in Debian's default udev rules, Zaptel devices are owned by
root:dialout with the default 660 permissions. Hence you just need to
add Asterisk to the group dialout.
>
> BTW, the /dev/zap/ctl file exists and zap is starting with errors or
> alarms.
>
> No Zaptel interface found.
> [Oct 15 10:31:21] WARNING[7036]: chan_zap.c:10026 zap_show_status:
> Unable to open /dev/zap/ctl: No such file or directory
> localhost*CLI>
ls -ld /dev/zap /dev/zap/ctl
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.cohen at xorcom.com
+972-50-7952406 mailto:tzafrir.cohen at xorcom.com
http://www.xorcom.com iax:guest at local.xorcom.com/tzafrir
More information about the asterisk-users
mailing list