Re: [asterisk-users] Unable to load users.conf
On Thu, 18 Oct 2012, Rizha Yuherdianto wrote: 3) im root Glad to meet you. :D If you meant the user running Asterisk is root, this is a less than optimal situation that can lead to really big problems. Why? Steve please explain. Well, if an attacker manages to inject some code and Asterisk is running as root, poof goes your system or you get an astronomical bill from your trunk provider. Likewise with file permissions. Suppose you're trying to get something working and you suspect it's a permissions issue so you chmod a bunch of stuff to 777. Then suppose a local user with a grudge does something like this: echo '#exec rm --farce --recursive /*'\ /etc/asterisk/extensions-local.conf (or whatever your package names one of it's 'include' files.) The next time Asterisk reloads the dialplan, poof. -- Thanks in advance, - Steve Edwards sedwa...@sedwards.com Voice: +1-760-468-3867 PST Newline Fax: +1-760-731-3000-- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Unable to load users.conf
If you meant the user running Asterisk is root, this is a less than optimal situation that can lead to really big problems. Why? Steve please explain. Well, if an attacker manages to inject some code and Asterisk is running as root, poof goes your system or you get an astronomical bill from your trunk provider. Likewise with file permissions. Suppose you're trying to get something working and you suspect it's a permissions issue so you chmod a bunch of stuff to 777. Then suppose a local user with a grudge does something like this: echo '#exec rm --farce --recursive /*'\ /etc/asterisk/extensions-**local.conf (or whatever your package names one of it's 'include' files.) The next time Asterisk reloads the dialplan, poof. any link for me so i can learn more about security practices with asterisk? i'm using a public ip. -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Unable to load users.conf
On Thu, 18 Oct 2012, Rizha Yuherdianto wrote: any link for me so i can learn more about security practices with asterisk? i'm using a public ip. I think John Todd did a doc that is included with Asterisk. http://nerdvittles.com/ has had a couple of recent articles on security. There was a post yesterday to asterisk-biz with the obtuse subject 'Strange request' that had a couple of links. I haven't read them but they look like good background material to some of the challenges unique to VOIP. Read, read, read. It's a constantly changing battle. -- Thanks in advance, - Steve Edwards sedwa...@sedwards.com Voice: +1-760-468-3867 PST Newline Fax: +1-760-731-3000-- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Unable to load users.conf
On Thu, 18 Oct 2012, Rizha Yuherdianto wrote: I've got this Warning message on my log: WARNING[3741]: res_phoneprov.c:923 set_config: Unable to load users.conf what is this mean? thank you. I'm just a 1.2 Luddite, but I'd guess: 0) It's just a warning so it may not be a big deal. 1) The file does not exist. 2) The file is not in the correct directory. 3) You have a 'permissions' issue. 4) The file is invalid. Maybe somebody clobbered the file by editing it with Notepad. -- Thanks in advance, - Steve Edwards sedwa...@sedwards.com Voice: +1-760-468-3867 PST Newline Fax: +1-760-731-3000 -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Unable to load users.conf
Thank you Steve, I'm using AsteriskNow latest version 2.0.2. my answer is: 0) if its just a warning, how to get it fixed? 1) checked, it is not exist. is it exist by default? 2) what directory it should be? 3) im root 4) the file doesn't exist Thanks On Thu, Oct 18, 2012 at 11:18 AM, Steve Edwards asterisk@sedwards.comwrote: On Thu, 18 Oct 2012, Rizha Yuherdianto wrote: I've got this Warning message on my log: WARNING[3741]: res_phoneprov.c:923 set_config: Unable to load users.conf what is this mean? thank you. I'm just a 1.2 Luddite, but I'd guess: 0) It's just a warning so it may not be a big deal. 1) The file does not exist. 2) The file is not in the correct directory. 3) You have a 'permissions' issue. 4) The file is invalid. Maybe somebody clobbered the file by editing it with Notepad. -- Thanks in advance, --**--** - Steve Edwards sedwa...@sedwards.com Voice: +1-760-468-3867 PST Newline Fax: +1-760-731-3000 -- __**__**_ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/**mailman/listinfo/asterisk-**usershttp://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Unable to load users.conf
On Thu, 18 Oct 2012, Rizha Yuherdianto wrote: 0) if its just a warning, how to get it fixed? It doesn't really need to. A 'warning' is like saying here's something you should be aware of. Personally, I prefer to resolve all warnings so there is less cruft to sift through when something actually does go wrong. 1) checked, it is not exist. is it exist by default? I don't know about your version of Asterisk. 2) what directory it should be? Unless you (or your package maintainer) has been fiddling about, it should be in the same directory as all of your other Asterisk configuration files: sip.conf, iax.conf, extensions.[conf|ael], etc. 3) im root Glad to meet you. If you meant the user running Asterisk is root, this is a less than optimal situation that can lead to really big problems. 4) the file doesn't exist At a minimum, 'touch /etc/asterisk/users.conf' may make the warning go away. You should read up a bit to see if the features of users.conf make sense for your environment. Personally, I set up my Asterisk installs so they only load the modules I'm actually using by specifying 'autoload=no' and explicitly loading the modules I want in modules.conf. -- Thanks in advance, - Steve Edwards sedwa...@sedwards.com Voice: +1-760-468-3867 PST Newline Fax: +1-760-731-3000 -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Unable to load users.conf
0) if its just a warning, how to get it fixed? It doesn't really need to. A 'warning' is like saying here's something you should be aware of. Personally, I prefer to resolve all warnings so there is less cruft to sift through when something actually does go wrong. I see 1) checked, it is not exist. is it exist by default? I don't know about your version of Asterisk. Im using AsteriskNow lastest version 2.0.2 2) what directory it should be? Unless you (or your package maintainer) has been fiddling about, it should be in the same directory as all of your other Asterisk configuration files: sip.conf, iax.conf, extensions.[conf|ael], etc. already checked. files for asterisk are on /etc/asterisk directory but theres no users.conf 3) im root Glad to meet you. :D If you meant the user running Asterisk is root, this is a less than optimal situation that can lead to really big problems. Why? Steve please explain. 4) the file doesn't exist At a minimum, 'touch /etc/asterisk/users.conf' may make the warning go away. You should read up a bit to see if the features of users.conf make sense for your environment. I'll read it again Personally, I set up my Asterisk installs so they only load the modules I'm actually using by specifying 'autoload=no' and explicitly loading the modules I want in modules.conf. I still need to learn more. I've just experimenting asterisk from yesterday, but I'll try to examine what modules i need to load :-) thank you -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to Asterisk? Join us for a live introductory webinar every Thurs: http://www.asterisk.org/hello asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users