[asterisk-users] asterisk as non root

Antony Stone Antony.Stone at asterisk.open.source.it
Thu Apr 20 11:46:14 CDT 2017


On Thursday 20 April 2017 at 18:31:03, Atux Atux wrote:

> root at PBX: /var/www/html $ /etc/init.d/asterisk start
> [ ok ] Starting asterisk (via systemctl): asterisk.service.

I'm somewhat puzzled that your root-user prompt is "$"
instead of the more normal "#", but never mind...

> root at PBX: /var/www/html $ ps aux | grep asterisk
> asterisk  1007  0.7  2.3  67128 23748 ?        Ssl  Apr19   8:49 /usr/sbin/asterisk -U asterisk -G asterisk

So, the first column of that output shows you that asterisk is
running as the user "asterisk".

On my Debian system I only have "-U asterisk" without the "-G asterisk".

> root      4186  0.0  0.1   4192  1992 pts/0    S+   17:30   0:00 grep asterisk

...and the grep command was run by "root"

> root at PBX: /var/www/html $ /usr/sbin/asterisk –rx "sip show peers"
> Privilege escalation protection disabled!
> See https://wiki.asterisk.org/wiki/x/1gKfAQ for more details.
> Asterisk already running on /var/run/asterisk/asterisk.ctl.  Use 'asterisk
> -r' to connect.

Who does "ls -l" show you that file /var/run/asterisk/asterisk.ctl
is owned by?

On my machine it's:

srwxrwx--- 1 asterisk asterisk 0 Apr 11 10:32 /var/run/asterisk/asterisk.ctl


Antony.

-- 
There's a good theatrical performance about puns on in the West End.  It's a play on words.

                                                   Please reply to the list;
                                                         please *don't* CC me.



More information about the asterisk-users mailing list