[asterisk-users] Monitor Asterisk

Tzafrir Cohen tzafrir.cohen at xorcom.com
Fri Feb 15 11:13:26 CST 2008 

On Fri, Feb 15, 2008 at 08:55:11AM +0100, Johansson Olle E wrote:

> I would also like to see manager wrappers that produce data that is
> easy to handle for scripts, like a wrapper that produces "show channels
> consise" in various formats. Do we have a perl programmer on
> the list?
> 
> Such a generic script could be added to the scripts library
> in the Asterisk distribution.

The problem is that such a script needs to authenticate to the Asterisk
manager.

I can imagine a failed cron job yelling:
"But I'm root? why the f__ do I need to show an ID card to some stupid
server?!?!"

Well, if you're capable of writing to the Asterisk socket you're also
capable of reading /etc/asterisk/manager.conf , right?

So here's an idea to work around that problem:

At install time generate a random secret, e.g:

  # generates string with 128 random bits. Looks like an md5sum
  head -c 16 /dev/urandom | hexdump -e '"" "" "%4x" ""'

This will server as a secret of an "administrative" account. It may be
#include-d from another file. And anybody capable of reading that file
is practically authorised to connect to the manager.

This means that the manager connecting script has to assume something
about the config files of Asterisk, which is probably a bad thing. Any
better ideas?

A similar example from a different program: mysql in Debian:

pungenday:~# ls -l /etc/mysql/debian.cnf 
-rw------- 1 root root 312 Oct 26 13:22 /etc/mysql/debian.cnf
pungenday:~# cat /etc/mysql/debian.cnf
# Automatically generated for Debian scripts. DO NOT TOUCH!
[client]
host     = localhost
user     = debian-sys-maint
password = XXXXXXXXXXXXXXXXXX
socket   = /var/run/mysqld/mysqld.sock


So now administrative scripts can use:

MYSQLADMIN="mysqladmin --defaults-file=/etc/mysql/debian.cnf"
MYSQL="mysql --defaults-file=/etc/mysql/debian.cnf"

# and then something like:
$MYSQL mysql -e 'select host,user from user'

As a normal user:
Could not open required defaults file: /etc/mysql/debian.cnf
Fatal error in defaults handling. Program aborted

As root:
+-----------+------------------+
| host      | user             |
+-----------+------------------+
| localhost | debian-sys-maint | 
| localhost | root             | 
| pungenday | root             | 
+-----------+------------------+



Note that in that example the password and the client configuration may
not be in sync. And in fact if you read that file and the postinst
script you'll see the exatra complexity that this has caused. 

-- 
               Tzafrir Cohen
icq#16849755              jabber:tzafrir.cohen at xorcom.com
+972-50-7952406           mailto:tzafrir.cohen at xorcom.com
http://www.xorcom.com  iax:guest at local.xorcom.com/tzafrir

More information about the asterisk-users mailing list