I have a little issue with setting up an external call automatically from asterisk an box.
What I am Trying to Achieve:
I have 2 linux box's and I want to sshfs mount one directory on say 10.100.100.1 to 10.100.100.208/var/spool/asterisk/outgoing (as the mount point)
the reason is the 10.100.100.1 address is a device called Webbrick Gateway a home automation device which can send AGI commands if necessary. but what I want to be able to do is get this to move the .call file to the outgoing directory on the Asterisk Server (var/spool/asterisk/outgoing) or on 10.100.100.1 (Webbrick Gateway) /mnt/call/.
What I've tried:
I have tried to sshfs mount to /var/spool/asterisk/outgoing. This seems fine but it actually takes the privileges off user asterisk and then asterisk will not look at this folder for outgoing call files. The Owner and Group are changed to root, as I assume are the same with all mount points.
Solutions I can think of:
1.: Tell asterisk to look somewhere else for call files.
2.: Tell asterisk to not get worried about permissions,
3.: mount keeping permissions intact
I do understand that the Webbrick Gateway is not a commonly known item but maybe someone with a better understanding of Asterisk might be able to help.
Asterisk can't "not worry about permission", becuase linux core just not allow asterisk do file operation.
You need
mount folder with correct permission(as user asterisk) for example using this articles
Start asterisk AFTER mount of partition. If asterisk started before mount, it will not see mounted folder.
Related
I'm in the process of building a small linux distro based on Debian for automated network testing. I am running into a pretty annoying problem though. A number of applications like paris-traceroute, ping, dublin-traceroute and so forth are not working correctly. They return an error of being unable to open a raw ICMP socket. I have tried using 'setcap cap_net_raw+ep ./application' and it's not working even though getcap indicates that the bits have been set.
I'm also running into the same problem if I try to use them as setuid root. They only work under sudo. So I'm wondering if I screwed up permissions on some intervening library or if there is some other issue.
Anyone run into something like this or have a solution?
Thanks!
In case anyone comes across this I'll explain why this is failing.
What I didn't mention is that the applications (like ping, etc) are actually installed in /opt. In this distro /opt actually and encfs file system that is only mounted after the livecd has been authorized against a licensing type of server (there are valid reasons for this - it automatically tests network connections and send the results to network engineer. We only want it to run within a specific time frame that would be associated with the user trouble ticket). So /opt isn't a real filesystem - it's an encrypted file mounted via fuse to looks like a file system. As such setcap and setuid don't actually work and likely cannot work.
In my linux box, i can able to access one mount path, which is not present in /etc/fstab or /etc/mtab.
I want to disable that mount point. Please help me with the command to show the hidden mount.
Below is the hidden mount in some xxx machine.
/net/bnrdev/bld-views/build
Above path present in bnrdev machine:
/bld-views/build
These are not "hidden" per se, but NFS mounts found by your system.
You can get rid of this functionality by disabling NFS client services, or just the automount daemon.
WARNING - this will likely break automounted home directories, which could cause issues for other system users.
Please! for the LUV of all things cute & cuddly, make a copy of the files you modify. Justin Case could have an issue with your changes, right as you're falling asleep.
I need to remove some linux file - may this file is virus or some rootkit.
I understand linux in general.
I already tried rm -Rf and some other linux general command. - but I get 'operation not permited
I can not delete the file when I actulay login to the OS and when I use live ubuntu and mount the /etc/ folder.
Ubuntu has auto mount and I CAN edit any other files - except this one.
The linux permission is unknown for google.
Please your help.
That most likely has nothing to do with the file, but with the permissions you mounted the file system with. Typically live systems mount external file systems with read-only permissions, you have to manually re-mount it. The path suggests that this file is part of a partition used as a systems root partition (/) in another system which most likely you want to clean.
Consult the man pages for details about mounting.
BTW: such file permissions may well exist in a "normal" system setup, that depends on the security level chosen. I do not know this file mentioned here. I assume you now what it is for? At least you should be able to ask your software management system what package it belongs to? If it does not belong to any registered package, then indeed you should be concerned about it.
If really that file shall re deleted and you do have mounted the file system with correct (write) permissions, then there is always a "last resort" for such cases:
sudo chattr -i /<path>/sfewfesfs*
sudo rm -rf /<path>/sfewfesfs*
That should do the trick... However a general warning:
If you really have a file in that file system that does not belong there according to your software management, then deleting a single file might well not be sufficient to remove a potential thread. If you come to the conclusion that this system has indeed been hacked or targted by a root kit, then you cannot trust it any more, since obviously the attacker had full administrative rights over the system. You just have to wipe and completely setup the system again from scratch. There is no alternative to that if you came to that conclusion.
I recently installed a SSH server on my Windows 7 PC and created a separate user account for this. When i logged in using SSH, i could access all the windows directories.
/cygdrive/c
/cygdrive/d
/cygdrive/e
How do i prevent this user from accessing all the win directories other than its home directory under cygwin /home/chuck/ ?
Preferably i do not want the user to even view /cygdrive when the user types "mount".
Is there a easy way to do this?
I want to later allow remote users to log on to this machine and avoid messing up other things.I know i can setup a separate machine but this is a plan for later.
I don't know specifically about Cygwin but in Unix in general you could use the chroot.
try changing the group of the ssh_user_name to Guest, then specifically allow rwx perms for the Guest group through the security tab in Windows. I have not tried this before, which I am going to try soon. This should be easier than denying access to each drive by adding the ssh_user_name, which is highly inefficient if you have many drives like I do.
The reason why i chose guest is because by default it is denied all access, which makes it easier to specifically choose which drive you want the ssh_user_name to have access to.
My project involves simulating a block device by remote host.
For testing I am using FUSE, my file system is a simple change of the "hello" example app, where instead of returning a constant string I just read data directly from a file.
When I try to mount the file normally (mount -o loop=/dev/loop1 ) it works well.
When I load fuse and expose this file via it, all the normal file operations work. But mounting fails with "Permission denied".
Anyone has an idea where the "permission denied" is coming from ?
Any other methods to that will allow me to create a virtual device (only support block access) in users space, that will be mountable ?
Thanks in advance
Presumably the problem is that the FUSE filesystem doesn't support the features required to have loop-mounts on it.
Have you considered using a network block device instead, such as NBD or iSCSI target?
Are you executing with Root permission. You can trace the program with "strace" and then check where exactly this fails.
The mount command is a real hell to use when it starts to print errors. Try "-v" but more often than not, the additional output won't help :(