Lines 53-66
Link Here
|
53 |
|
53 |
|
54 |
if [ -n "${ASTERISK_USER}" ]; then |
54 |
if [ -n "${ASTERISK_USER}" ]; then |
55 |
ast_user="${ASTERISK_USER%%:*}" |
55 |
ast_user="${ASTERISK_USER%%:*}" |
56 |
ast_group="${ASTERISK_USER#*:}" |
56 |
if [[ "${ASTERISK_USER}" = *:* ]]; then |
57 |
ast_group="${ast_group%%:*}" |
57 |
ast_group="${ASTERISK_USER#*:}" |
|
|
58 |
ast_group="${ast_group%%:*}" |
59 |
else |
60 |
ast_group="" |
61 |
fi |
62 |
|
58 |
[ -z "${ast_user}" ] && ast_user=root |
63 |
[ -z "${ast_user}" ] && ast_user=root |
59 |
[ -z "${ast_group}" ] && ast_group="$(getent group $(getent passwd "${ast_user}" | awk -F: '{ print $4 }') | sed -re 's/:.*//')" |
64 |
[ -n "${ast_group}" ] && ast_prim_group="${ast_group}" || ast_prim_group="$(getent group $(getent passwd "${ast_user}" | awk -F: '{ print $4 }') | sed -re 's/:.*//')" |
60 |
fi |
65 |
fi |
61 |
|
66 |
|
62 |
[ -z "${ast_user}" ] && ast_user=root |
67 |
[ -z "${ast_user}" ] && ast_user=root |
63 |
[ -z "${ast_group}" ] && ast_group=root |
68 |
[ -z "${ast_prim_group}" ] && ast_prim_group=root |
64 |
|
69 |
|
65 |
return 0 |
70 |
return 0 |
66 |
} |
71 |
} |
Lines 69-75
Link Here
|
69 |
setup_svc_variables |
74 |
setup_svc_variables |
70 |
|
75 |
|
71 |
local path |
76 |
local path |
72 |
checkpath -d -m 0755 -o ${ast_user}:${ast_group} "${ast_logdir}" "${ast_rundir}" "${ast_spooldir}" |
77 |
checkpath -d -m 0755 -o ${ast_user}:${ast_prim_group} "${ast_logdir}" "${ast_rundir}" "${ast_spooldir}" |
73 |
for path in "${ast_rundir}" "${ast_spooldir}" "${ast_logdir}"; do |
78 |
for path in "${ast_rundir}" "${ast_spooldir}" "${ast_logdir}"; do |
74 |
ebegin "Checking ${path}" |
79 |
ebegin "Checking ${path}" |
75 |
find "${path}" ! -user "${ast_user}" | while read element; do |
80 |
find "${path}" ! -user "${ast_user}" | while read element; do |
Lines 186-192
Link Here
|
186 |
if [ -n "${ASTERISK_CORE_DIR}" ] && \ |
191 |
if [ -n "${ASTERISK_CORE_DIR}" ] && \ |
187 |
[ ! -d "${ASTERISK_CORE_DIR}" ] |
192 |
[ ! -d "${ASTERISK_CORE_DIR}" ] |
188 |
then |
193 |
then |
189 |
checkpath -d -m 0755 -o ${ast_user}:${ast_group} "${ASTERISK_CORE_DIR}" |
194 |
checkpath -d -m 0755 -o ${ast_user}:${ast_prim_group} "${ASTERISK_CORE_DIR}" |
190 |
fi |
195 |
fi |
191 |
ASTERISK_CORE_DIR="${ASTERISK_CORE_DIR:-/tmp}" |
196 |
ASTERISK_CORE_DIR="${ASTERISK_CORE_DIR:-/tmp}" |
192 |
|
197 |
|
Lines 248-267
Link Here
|
248 |
fi |
253 |
fi |
249 |
OPTS="${OPTS} -U ${ast_user}" |
254 |
OPTS="${OPTS} -U ${ast_user}" |
250 |
|
255 |
|
251 |
if ! getent group "${ast_group}" &>/dev/null; then |
256 |
if ! getent group "${ast_prim_group}" &>/dev/null; then |
252 |
eerror "Requested to run asterisk with group ${ast_group}, which doesn't exist." |
257 |
eerror "Requested to run asterisk with group ${ast_prim_group}, which doesn't exist." |
253 |
return 1 |
258 |
return 1 |
254 |
fi |
259 |
fi |
255 |
OPTS="${OPTS} -G ${ast_group}" |
260 |
[ -n "${ast_group}" ] && OPTS="${OPTS} -G ${ast_group}" |
256 |
|
261 |
|
257 |
if [ "${ast_user}" = root ]; then |
262 |
if [ "${ast_user}" = root ]; then |
258 |
ewarn "Starting asterisk as root is not recommended (SERIOUS SECURITY CONSIDERATIONS)." |
263 |
ewarn "Starting asterisk as root is not recommended (SERIOUS SECURITY CONSIDERATIONS)." |
259 |
elif [ "${ast_group}" = root ]; then |
264 |
elif [ "${ast_prim_group}" = root ]; then |
260 |
ewarn "Starting asterisk with group root is not recommended (SERIOUS SECURITY CONSIDERATIONS)." |
265 |
ewarn "Starting asterisk with group root is not recommended (SERIOUS SECURITY CONSIDERATIONS)." |
261 |
fi |
266 |
fi |
262 |
|
267 |
|
263 |
checkpath -d -m 0755 -o "${ast_user}:${ast_group}" "${ast_logdir}" "${ast_rundir}" |
268 |
checkpath -d -m 0755 -o "${ast_user}:${ast_prim_group}" "${ast_logdir}" "${ast_rundir}" |
264 |
einfo "Starting asterisk as : ${ast_user}:${ast_group}" |
269 |
einfo "Starting asterisk as : ${ast_user}:${ast_group:-${ast_prim_group} (+supplementaries)}" |
265 |
asterisk_run_loop ${OPTS} 2>&1 | logger -t "wrapper:${ast_instancename}" & |
270 |
asterisk_run_loop ${OPTS} 2>&1 | logger -t "wrapper:${ast_instancename}" & |
266 |
result=$? |
271 |
result=$? |
267 |
|
272 |
|