[updated] Asterisk PBX (quite complete)

Michel · 2004-10-28 21:04:58

Heya,

I updated this package to 1.2.0. It still needs some tweaking maybe, but it hopefully is usable. I made a package for the zaptel-drivers, so you can also do conferencing with the ztdummy-driver or another zaptel-driver. I enhanced the uninstall-code for the mdoprobe.conf/modules.conf/...-file a little bit. I'm not sure about "alias char-major-196". Maybe it is possible to delete too much in this case. This delete-code also gives problems if another operation is carried out at the same time on the file. It can produce inconsistencies. Maybe (posix?) locking or so can help here. Well, if parallell pacman-updates become possible, this certainly needs to be looked at. It can go wrong today if another operation edits the file at the same moment.

I also separated the default configuration files from the main package. I once had the idea to put configuration files (for servers) in different packages so there could be packages with configuration files (default/extra secure/..). Anyway. I hope that this can happen with the Asterisk-package. So, if you want to contribute a configuration(-package), feel free to do it. This way other people can start using ASterisk more quickly ... I hope. Anyway, they can are not obliged to use any configuration.

I uploaded the PKGBUILDS, ... to http://lumumba.luc.ac.be/~michel/ARCH/PKGBUILD/.

There are some makedepends-dependencies missing I think, but I'm not sure.

Anyway. I tried to make it as good as I can at the moment. I also made it run as a non-root-user for security-purposes. In the asterisk.install you can change it to another user if you want.
You can also look at my comments if you want ... For example: The script automatically creates a user and group for you ... a free uid below 1000 and a free gid below 100 will be choosen. And what is the username exists already ? At the moment I delete the user and the group when the software is deleted ...
When updating is performed, a check to see if the user and group still exist should probably be performed.
The user and group that are created are both called "asterisk".

quite complete because packages for libpri, asterisk-addons, asterisk-sounds(?) don't exist I think.

Michel

PKGBUILD:

# Contributor: Michel Brabants <michel.linux@tiscali.be>

pkgname=asterisk
pkgver=1.2.0
pkgrel=1
pkgdesc="Asterik is a complete PBX in software. Asterik does voice over IP in three protocols, and can interoperate with almost all standards-based telephony-equipment using relatively inexpensive hardware. Asterisk provides Voicemail services with Directory, Call Conferencing, Interactive Voice Response, Call Queuing. It has support for three-way calling, caller ID services, ADSI, SIP and H.323 (as both client and gateway)."
source=(http://ftp.digium.com/pub/asterisk/$pkgname-$pkgver.tar.gz 
        asterisk.install 
        asterisk
        safe_asterisk.patch
    )
#build for 2.6 kernels (how to test this?) and for udev(<- only has effect on install-file:creating devfs-nodes)
depends=('openssl' 'ncurses' 'bison' 'sed' 'coreutils' 'udev' 'glibc')
#Maybe a lot more may be in makedepends?
makedepends=('zaptel>=1.0.9' 'unixodbc' 'sqlite2' 'speex' 'alsa-lib' 'zlib' 'postgresql')
#backup of etc/asterisk/* not necessary here?
backup=('etc/asterisk/*')
url="http://www.asterisk.org/"
license="GPL"
install="asterisk.install"
md5sums=('61d7f29b586ba9b9b5fbb67f952fd3ca' '1eaa2a4632d9b95212fc58087896565a' 
         '57170a3b2f4994c8d378a34fe0efb7e5' '14b2b7844492833913b8a0380ceda162')

build() {
  cd $startdir/src/$pkgname-$pkgver

  #patch makes asterisk run on no tty and makes a correction, so the script keeps checking if asterisk is running, not only on startup
  patch ./contrib/scripts/safe_asterisk $startdir/src/safe_asterisk.patch
  
  #PROC can be used for cross-compiling
  #make PROC=athlon-tbird || return 1
  #CHANNELLIBS in Makefile in channels-directory aanpassen om h323 te compileren - leaving h323-support out for now
  #make OPENH323DIR=/usr PWLIBDIR=/usr  || return 1  

  make ASTVARRUNDIR=/var/run/asterisk DESTDIR=$startdir/pkg install
  #want to make different package for configuration files
  #make ASTVARRUNDIR=/var/run/asterisk DESTDIR=$startdir/pkg samples
  
  #make config -> 2.4 kernels?
  
  #mkdir -p $startdir/pkg/etc/rc.d
  install -D $startdir/asterisk $startdir/pkg/etc/rc.d/asterisk
 
  echo "=>You can install the following optional packages for extra functionality:
  =>    alsa-lib
  =>    unixodbc
  =>    sqlite2
  =>    postgresql
  =>    speex
  =>    zlib"
}

asterisk.install:

# Contributor: Michel Brabants <open.michel.brabants@euphonynet.be>

# arg 1:  the new package version
pre_install() {
  /bin/true
}

# arg 1:  the new package version
post_install() {
 
  #The asterisk-user needs to have access to the sounddevices and maybe any other devices: telephone devices, ...
  declare -r local asteriskUser="asterisk"
  declare -r local asteriskGroup="asterisk"
  local audioGroup="";
  #which group has access to the sounddevices, so we can add it to the new user. The expression below fetches the first file in the /dev/sound-directory and selects the group-property of the file

  if [ -d /dev/sound ];then
    audioGroup=`ls -l /dev/sound | sed -n '3q;s/^.*([:space:][^[:space:]]*)[[:space:]]{1,}.*,.*$/1/p'`
    #better to look which user is the owner of /root ?
    if [ $audioGroup == "root" ]; then
        echo "Aborting: The group of the audio-devices is   root   . This can cause extra insecurities if the group   root   is added to the asterisk-user" >2;
        return 1;
    fi
  fi

  addGroup $asteriskGroup;
  if [[ 0 -eq $? ]]; then
        addUser $asteriskUser "user for asterisk-PBX" $asteriskGroup "/bin/false" "$audioGroup";
        if [[ 0 -eq $? ]]; then
                update_permissions;
                update_owners $asteriskUser $asteriskGroup;
        else
                echo "New user  $asteriskUser  for Asterisk-PBX can't be created, will use current user  $USER($UID)  instead" >2;
                update_permissions;
                update_owners $UID $asteriskGroup;
        fi
  #couldn't create group. Also won't create user since we adding the root group or another could add unnecessary permissions, or the user wouldn't be tempted to add another group???
  else
        #UID is a read-only variable, GROUPS can be unset, but not changed?
        echo "New group  $asteriskGroup can't be created, will use current user  $USER($UID) and current group-id  ${GROUPS[0]}" >2;
        update_permissions;
        update_owners $UID ${GROUPS[0]}
  fi
}

# arg 1:  the new package version
# arg 2:  the old package version
pre_upgrade() {
  /bin/true
}

# arg 1:  the new package version
# arg 2:  the old package version
post_upgrade() {
  declare -r local asteriskUser="asterisk"
  declare -r local asteriskGroup="asterisk"
  #first check if the asterisk-user/group exists, else use the current group and/or user
  #Does the group exists?
  if [[ 1 -eq `grep -c ^$asteriskGroup:.*$ </etc/group` ]]; then
        #does the user exists?
        if [[ 1 -eq `grep -c ^$asteriskUser:.*$ </etc/passwd` ]]; then
                update_permissions;
                update_owners $asteriskUser $asteriskGroup;
        else
                echo "User  $asteriskUser  doesn't seem to exist, will use current user  $USER($UID)  instead" >2;
                update_permissions;
                update_owners $UID $asteriskGroup;
        fi
  else
        echo "Group  $asteriskGroup  doesn't seem to exist, will use current user  $USER($UID)  and current group-id  ${GROUPS[0]}  instead" >2
        update_permissions;
        update_owners $UID ${GROUPS[0]};
  fi
}

# arg 1:  the old package version
pre_remove() {
  /bin/true
}

# arg 1:  the old package version
post_remove() {
  declare -r local asteriskUser="asterisk";
  declare -r local asteriskGroup="asterisk";

  #delete the asterisk-user. Mayeb to tricky what if the user is used for something else? Maybe a mechanism to present an option to the user for this(immedialty, per mail, ...)?
  #deletes also the primary group of the user if nobody else uses that group anymore(?)
  deleteUser $asteriskUser;
  #may I return something different than 0 here ??!!

}

#############################
#############################

# arg 1: groupName
addGroup() {
  declare -r groupName=$1;

  #searching for free gid in range of 1-100. How to make it readonly and still capture the error-code? Can declare groupId constant?
  groupId=$(getFreeGid);
  if [[ 0 -ne $? ]]; then
        echo "Error while searching for free Group-Id" > 2;
        #what to do now?
        return 1;
  fi

  echo -n "Creating  group  $groupName ...";

  if [[ 0 -eq `/usr/sbin/groupadd -g $groupId $groupName` ]]; then
        echo "  OK";
  else
        echo "  FAILED";
        return 1;
  fi

  return 0;
}

#############################

# arg 1: userName
# arg 2: description for the user
# arg 3: primary group
# arg 4: path to default shell
# arg 5: string of extra groups, each separated by a commma
addUser() {
  declare -r userName=$1;
  declare -r descriptionUser=$2;
  declare -r primaryGroup=$3;
  declare -r userShell=$4;
  declare -r extraGroups=$5;

  #searching for free uid in range of 1-1000 : error should be captured : todo
  userId=$(getFreeUid);
  if [[ 0 -ne $? ]]; then
        echo "Error while searching for free User-Id" > 2;
        #what to do now?
        return 1;
  fi

  echo -n "Creating user  $userName  with primary group  $primaryGroup  and extra groups  $extraGroups ...";
  if [[ 0 -eq `/usr/sbin/useradd -c "$descriptionUser" -g "$primaryGroup" -G "$extraGroups" -s "$userShell" -u $userId $userName` ]]; then
        echo "  OK";
  else
        echo "  FAILED;"
        return 1;
  fi

  return 0;
}

#############################
# arg 1: userName
deleteUser() {
  #should the log be deleted?
  #rm -rf /var/log/asterisk;
  rm -rf /var/run/asterisk;

  declare -r userName=$1;
  #userdel seems to delete the user and the group
  echo -n "Deleting user  $userName  (it's primary group will also be deleted, if it's not used anymore) ...";
  if [[ 0 -eq `/usr/sbin/userdel $userName` ]]
  then
        echo "  OK";
  else
        echo "  FAILED";
        return 1;
  fi

  return 0;
}

#############################

# arg 1: username
# arg 2: groupname
update_owners() {
 declare -r local userName=$1;
 declare -r local groupName=$2;
 echo -n "Setting owner:group of asterisk-files to $userName:$groupName ...";
 #change file- and directory-ownerships: how-to easily detect if something went wrong? (trap?) more efficient if ownership and permissions are done at once 

 `chown -R $userName:$groupName /etc/asterisk`
 `chown -R $userName:$groupName /usr/lib/asterisk`
 `chown -R $userName:$groupName /usr/man/man8/asterisk.8.gz`
 `chown -R $userName:$groupName /usr/sbin/asterisk`
 `chown -R $userName:$groupName /usr/sbin/astgenkey`
 `chown -R $userName:$groupName /usr/sbin/safe_asterisk`
 `chown -R $userName:$groupName /var/lib/asterisk`
 `chown -R $userName:$groupName /var/log/asterisk`
 `chown -R $userName:$groupName /var/spool/asterisk`
 `chown -R $userName:$groupName /var/run/asterisk`
 `chown $userName:$groupName /etc/rc.d/asterisk`

 echo " OK"

 return 0; 
}

#############################

update_permissions() {
  echo -n "Setting permissions ..."
  
  `chmod 750 /etc/asterisk`
  #`chmod 640 /etc/asterisk/*`
  `chmod -R o= /usr/lib/asterisk`
  `chmod -R o= /usr/man/man8/asterisk.8.gz`
  `chmod -R o= /usr/sbin/asterisk`
  `chmod -R o= /usr/sbin/astgenkey`
  `chmod o=  /usr/sbin/safe_asterisk`
  `chmod -R o=  /var/lib/asterisk`
  `chmod -R o= /var/log/asterisk`
  `chmod -R o= /var/spool/asterisk`
  `chmod -R o= /var/run/asterisk`
  `chmod 750 /var/run/asterisk`
  `chmod 750 /etc/rc.d/asterisk`

  echo " OK"

  return 0;

}

#############################

#the almighty bash :). You can use functions together with pipes :).
getFreeUid() {
        #what if we need to do something with the output: can add extra functioon to pipe ...
        #outputs to stdout
        uidRangeFilter 1 1000 | sort -g | getFreeId 1 1000;

        #PIPESTATUS is not bourne-shell compatible. Only works for bash and zsh I think
        if [[ 0 -ne ${PIPESTATUS[0]} || 0 -ne ${PIPESTATUS[1]} || 0 -ne ${PIPESTATUS[2]}  ]]; then
                return 1;
        fi
}

getFreeGid() {
        #outputs to stdout
        gidRangeFilter 1 100 | sort -g | getFreeId 1 100;

        #PIPESTATUS is not bourne-shell compatible. Only works for bash and zsh I think
        if [[ 0 -ne ${PIPESTATUS[0]} || 0 -ne ${PIPESTATUS[1]} || 0 -ne ${PIPESTATUS[2]}  ]]; then
                return 1;
        fi
}

#give all existing uid's back within the range of $1-$2
uidRangeFilter() {
#going into restricted mode
set -r;

declare -ri local minId=$1;
declare -ri local maxId=$2;

if [[ $maxId -lt $minId ]]; then
        echo "uidRangeFilter(): maximum rangebound is smaller than minimum rangebound.";
        return 1;
fi

#should mayeb check on overflow. Surely since this is a critical file
#IFS = internal field separator/delimiter
IFS=:;
while read name passwd uid theRest; do
        if [[ $uid -ge $minId ]] && [[  $uid -le $maxId ]]; then
                echo "$uid";
        fi;
done < /etc/passwd;

return 0;
}

#give all existing gid's back within the range of $1-$2
gidRangeFilter() {
#going into restricted mode
set -r;

declare -ri local minId=$1;
declare -ri local maxId=$2;

if [[ $maxId -lt $minId ]]; then
        echo "gidRangeFilter(): maximum rangebound is smaller than minimum rangebound.";
        return 1;
fi

#should mayeb check on overflow. Surely since this is a critical file
#IFS = internal field separator/delimiter
IFS=:;
while read name passwd gid theRest; do
        if [[ $gid -ge $minId ]] && [[  $gid -le $maxId ]]; then
                echo "$gid";
        fi;
done < /etc/group;

return 0;
}

#find a freeId that is in the range of $1-$2 given that the input-stream contains already occupied id's, sorted from small to big.
getFreeId() {
#enter restricted mode
set -r;

declare -ri local minId=$1;
declare -ri local maxId=$2;

if [[ $maxId -lt $minId ]]; then
        echo "getFreeId(): maximum id is smaller than minimum id.";
        return 1;
fi;

declare -i local freeId=$minId;

#uid's are within the requested range and sorted from small to big
while read uid; do
        #userId is occupied
        if [[ $freeId -eq $uid ]]; then
                let freeId+=1;
        else
                echo "$freeId";
                return 0;
        fi;
done

if [[ $maxId -ge $freeId ]]; then
        echo "$freeId";
        return 0;
fi;

#no free userId found
echo "";
return 0;
}

op=$1
shift
$op $*

asterisk:

#!/bin/bash

. /etc/rc.conf
. /etc/rc.d/functions

#start asterisk as user $userName
declare -r userName="asterisk"
case "$1" in
  start)
    stat_busy "Starting Asterisk PBX"
    su -c "/usr/sbin/safe_asterisk" -s /bin/bash $userName >/dev/null
    if [ $? -gt 0 ]; then
      stat_fail
    else
      add_daemon asterisk
      stat_done
    fi
    ;;
  stop)
    stat_busy "Stopping Asterisk PBX"
    /usr/sbin/asterisk -rx "stop gracefully" >/dev/null
    if [ $? -gt 0 ]; then
      stat_fail
    else
      rm_daemon asterisk
      stat_done
    fi
    ;;
  restart)
    $0 stop
    $0 start
    ;;
  *)
    echo "usage: $0 {start|stop|restart}"  
esac
exit 0

safe_asterisk.patch

--- safe_asterisk    2005-08-14 04:19:16.000000000 +0200
+++ safe_asterisk-new    2005-11-25 20:46:48.000000000 +0100
@@ -1,6 +1,6 @@
 #!/bin/sh
 CLIARGS="$*"        # Grab any args passed to safe_asterisk
-TTY=9            # TTY (if you want one) for Asterisk to run on
+TTY=            # TTY (if you want one) for Asterisk to run on
 CONSOLE=yes        # Whether or not you want a console
 #NOTIFY=ben@alkaloid.net    # Who to notify about crashes
 MACHINE=`hostname`      # To specify which machine has crashed when getting the mail
@@ -45,10 +45,10 @@
         if [ "$TTY" != "" ]; then
             cd /tmp
             stty sane < /dev/${TTY}
-            ${ASTSBINDIR}/asterisk ${CLIARGS} ${ASTARGS} >& /dev/${TTY} < /dev/${TTY}
+            ${ASTSBINDIR}/asterisk -f ${CLIARGS} ${ASTARGS} >& /dev/${TTY} < /dev/${TTY}
         else
             cd /tmp
-            ${ASTSBINDIR}/asterisk ${CLIARGS} ${ASTARGS}
+            ${ASTSBINDIR}/asterisk -f ${CLIARGS} ${ASTARGS}
         fi
         EXITSTATUS=$?
         echo "Asterisk ended with exit status $EXITSTATUS"

Michel · 2004-11-12 16:11:58

Heya,

I added the scripts "uidRangeFilter", "gidRangeFilter" and "freeId". Together with the sort-program, a free uid and gid can be searched in the specified range.

I don't capture the error yet when no uid or gid is available within the specified range.

These scripts take care that the uid and gid will be within the available uids and gids for servers, ... so that the user won't turn up in the login-screen. Maybe it isn't necessary for gids, but it is available.

Michel · 2004-11-12 16:17:58

Hehe,

I just thought of it that the the new scripts should be added as functions to the asterisk.install-script or included in the package ... else you can't install asterisk unless the scripts are in the directory you build from ... the $startdir-variable should be defined. So, ... for now it is broken.

The simplest thing would be to include them in the package as files and just change the references to the files in asterisk.install.

Michel · 2004-11-19 21:35:59

Heya,

I integrated the 3 scripts: uidRangeFilter, gidRangeFilter and freeId in the install-script as functions. Some error-checking is missing ... You can try and if all conditions are fullfilled it will install. All conditions means (I think) a free uid below 1001 and a free gid below 101. Maybe some other things ...

You can change the range in which the values are choosen in getFreeUid and getFreeGid (although I could pass the values as parameters to these functions ...). Normally if all goes well, the asterisk-user won't show up in your login-console normally.

Michel

Michel · 2004-11-19 21:39:19

Some info about how to access the commandline-"asterisk-controlcenter"

switch to the asterisk-user. You can't just su to the asterisk-user since I specified "/bin/false" as bash for the asterisk-user. You have to specify the bash you want to use:

su -s /bin/bash asterisk

To connect to a running asterisk-server, type:

asterisk -r

Michel

Michel · 2005-03-29 22:16:37

update to 1.0.6 and 2 extra packages: zaptel-drivers and asterisk-conf-sample (earlier the configuration files were included in the asterisk-package).

Michel

chane · 2005-06-07 18:30:45

Michel,

The asterisk.install on your web site is not accessible (403 Forbidden). I am downloading the one included in the first post - just wanted to get the latest changes.

Thanks,
Chris....

Michel · 2005-06-07 18:35:09

Heya,

thanks for letting me now about this error. The file should be accessible now.

Michel

chane · 2005-06-08 02:28:42

Thanks - I was able to download the file.

After some fiddling with my system (I'll write up more detailed comments later), I was able to get the apps to compile. Now I get to play and install it

Chris....

Michel · 2005-08-12 21:17:17

updated to 1.0.9 + fix in install-file(?) <- no permission/owner-settings were needed for files in /etc/asterisk

Michel · 2005-09-17 12:06:31

Heya,

it seems the download-url changed, so I updated it. For the rest, nothing important changed. So, you don't need this update if you have the previous 1.0.9 installed.

greetings,

Michel

WillySilly · 2005-10-10 04:39:53

Possible to get these made for 1.2.0-beta1?

Michel · 2005-10-16 09:38:43

Heya,

I just started working and don't have much free time at the moment. However, I'll see what I can do. Maybe I'll post a PKGBUILD next weekend.

greetings,

Michel

WillySilly · 2005-11-10 04:23:25

when i start /etc/rc.d/asterisk it runs but no ports open. Also when I start is just with safe_asterisk i get this error:

Asterisk ended with exit status 1
Asterisk died with code 1

Michel · 2005-11-10 08:25:29

Heya SillyWilly,

like you maybe saw, /etc/rc.d/asterisk uses safe_asterisk normally. Maybe you just tried it manually(?) because it was easier to debug this way? At the moment I'm not at home, so I cannot test the starting. I am not sure if I tested the starting of the latest version myself, but I think I did.

Is it possible to produce more debug-info using (a) commandline flag(s), ... ?

thanks,

Michel

WillySilly · 2005-11-11 00:15:29

Yeah, i saw that /etc/rc.d/asterisk started safe_asterisk.

You can't pass anything when running safe_asterisk. While if I do asterisk -v I get this error:

[res_odbc.so] WARNING[17512]: loader.c:258 ast_load_resource: libodbc.so.1: cannot open shared object file: No such file or directory
WARNING[17512]: loader.c:440 load_modules: Loading module res_odbc.so failed

Edit: Also asterisk requires sqlite2

Michel · 2005-11-11 12:06:16

Hello sillywilly,

I added unixodbc and sqlite2 to the "makedepends-list". I also added some other (make)dependencies.
Any suggestions are welcome.

Looking at your problem again, I'm however not sure if this solves your problem. Is unixodbc-support always compiled, also if you don't have it installed? Another possibility is that you had unixodbc installed when you compiled it, but removed it afterwards?

greetings,

Michel

WillySilly · 2005-11-11 12:22:25

Thanks. Seem like that worked. But now I get an error, Asterisk still runs though:

chan_oss.c:257 sound_thread: read error on sound device: Resource temporarily anavailable

WillySilly · 2005-11-13 03:42:49

Okay, that error was easy, I just had to look. But I just realized that Asterisk doesn't open any ports. Know whats causing that to happen?

Michel · 2005-11-13 10:24:18

Heya sillywilly,

did you looked if the ports Asterisk tries to open are already occupied, maybe by another Asterisk-instance? You could check with:

netstat -lp

The p-option will list the program-names.

Else, maybe (more) debug-output?

greetings,

Michel

Michel · 2005-11-25 22:47:16

I updated the package to 1.2.0

Arch Linux

#1 2004-10-28 21:04:58

[updated] Asterisk PBX (quite complete)

#2 2004-11-12 16:11:58

Re: [updated] Asterisk PBX (quite complete)

#3 2004-11-12 16:17:58

Re: [updated] Asterisk PBX (quite complete)

#4 2004-11-19 21:35:59

Re: [updated] Asterisk PBX (quite complete)

#5 2004-11-19 21:39:19

Re: [updated] Asterisk PBX (quite complete)

#6 2005-03-29 22:16:37

Re: [updated] Asterisk PBX (quite complete)

#7 2005-06-07 18:30:45

Re: [updated] Asterisk PBX (quite complete)

#8 2005-06-07 18:35:09

Re: [updated] Asterisk PBX (quite complete)

#9 2005-06-08 02:28:42

Re: [updated] Asterisk PBX (quite complete)

#10 2005-08-12 21:17:17

Re: [updated] Asterisk PBX (quite complete)

#11 2005-09-17 12:06:31

Re: [updated] Asterisk PBX (quite complete)

#12 2005-10-10 04:39:53

Re: [updated] Asterisk PBX (quite complete)

#13 2005-10-16 09:38:43

Re: [updated] Asterisk PBX (quite complete)

#14 2005-11-10 04:23:25

Re: [updated] Asterisk PBX (quite complete)

#15 2005-11-10 08:25:29

Re: [updated] Asterisk PBX (quite complete)

#16 2005-11-11 00:15:29

Re: [updated] Asterisk PBX (quite complete)

#17 2005-11-11 12:06:16

Re: [updated] Asterisk PBX (quite complete)

#18 2005-11-11 12:22:25

Re: [updated] Asterisk PBX (quite complete)

#19 2005-11-13 03:42:49

Re: [updated] Asterisk PBX (quite complete)

#20 2005-11-13 10:24:18

Re: [updated] Asterisk PBX (quite complete)

#21 2005-11-25 22:47:16

Re: [updated] Asterisk PBX (quite complete)

Board footer