[Freeswitch-users] freetdm dahdi permissions Debian - with debian packages installed.
stkn at openisdn.net
Wed Jul 17 09:48:14 MSD 2013
-----BEGIN PGP SIGNED MESSAGE-----
On 07/17/13 03:16, Karl Schmidt wrote:
> On 07/16/2013 06:06 PM, Stefan Knoblich wrote:
>> so you might want to check what the init script is doing
>> (to get the list of groups ids of the running process: grep Groups: /proc/`pidof freeswitch`/status)
> I think you mean $ grep Gid /proc/pidof freeswitch/status
No, i don't. That one will only list the primary group. Your problem is with the missing supplemental groups
(= non-primary groups the user is a member of), like "dialout" in your case.
> and both uid and gid belong to freeswitch
> Uid: 999 999 999 999 Gid: 999 999 999 999
> I'm puzzled by this - unless while freetdm is being configured it is running with a different group??
> The command line:
> # ps ax |grep free 2534 pts/0 S+ 0:00 grep free 30110 ? S<l 0:48 /usr/bin/freeswitch -u freeswitch -g freeswitch -nc -rp -nonat
That is what i've been talking about: _Don't_ use -g, if you want to use any supplemental groups.
> My workaround has me going forward for now - but the issue has me scratching my head.
> I would also recommend putting a note about adding freeswitch to the hardware device's group in /usr/share/doc/freeswitch-mod-freetdm/ in the freeswitch-mod-freetdm package.
Drop the -g freeswitch, to make it run as uid:freeswitch, gid:freeswitch _and_ load all
the supplemental group the freeswitch user is in (like dialout).
This is how it's supposed to be:
# pgrep -a freeswitch
488 /opt/freeswitch/bin/freeswitch -u freeswitch -nocal -nonat
# grep -E '(Uid|Gid|Groups):' /proc/`pidof freeswitch`/status
Uid: 103 103 103 103
Gid: 1001 1001 1001 1001
Groups: 20 1001
# grep -E ':(20|1001):' /etc/group
Running as uid = 103 (freeswitch), gid = 1001 (freeswitch), with supplemental gid = 20 (dialout)
No mangling of device permissions required.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
-----END PGP SIGNATURE-----
Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users