Difference between revisions of "Permissions"

From FusionPBX
Jump to: navigation, search
Line 18: Line 18:
 
* FreeSWITCH needs permission to read all its files and write to the storage directory and its sub directories.
 
* FreeSWITCH needs permission to read all its files and write to the storage directory and its sub directories.
 
* FreeSWITCH needs read permissions on the fusionpbx/secure directory and execute on the cli conf file and the fax and email php files.
 
* FreeSWITCH needs read permissions on the fusionpbx/secure directory and execute on the cli conf file and the fax and email php files.
 +
 +
==FIX-PERMISSIONS==
 +
Adjust the variables accordingly [eg httpd for centos]
 +
<pre>
 +
#!/bin/bash
 +
FSDIR="/usr/local/freeswitch"
 +
FPBXDIR="/var/www/fusionpbx"
 +
WWWUSER="www-data"
 +
 +
echo "setting FreeSWITCH owned by www-dat.$WWWUSER"
 +
chown -R $WWWUSER.$WWWUSER $FSDIR
 +
#remove 'other' permissions on freeswitch
 +
chmod -R o-rwx $FSDIR/
 +
#set FreeSWITCH directories full permissions for user/group with group sticky
 +
echo "Setting group ID sticky for FreeSWITCH"
 +
find $FSDIR -type d -exec chmod u=rwx,g=srx,o= {} \;
 +
#make sure FreeSWITCH directories have group write
 +
echo "Setting Group Write for FreeSWITCH files"
 +
find $FSDIR -type f -exec chmod g+w {} \;
 +
#make sure FreeSWITCH files have group write
 +
echo "Setting Group Write for FreeSWITCH directories"
 +
find $FSDIR -type d -exec chmod g+w {} \;
 +
echo "setting FusionPBX owned by $WWWUSER.$WWWUSER just in case"
 +
if [[ -e "$FPBXDIR" ]]; then
 +
    /bin/chown -R $WWWUSER.$WWWUSER $FPBXDIR
 +
fi
 +
echo "Changing /etc/init.d/freeswitch to start with user $WWWUSER"
 +
sed -i -e s,'USER=freeswitch','USER=$WWWUSER', /etc/init.d/freeswitch
 +
</pre>

Revision as of 17:13, 30 April 2012

Permissions are a critical part of a working system.


Incorrect permissions can cause many problem including the following:

  • fusionpbx writing the config files for freeswitch
  • prevent voicemail to email from actually sending the email
  • prevent recordings from working
  • prevent fax to email working


Where do the file permissions come from.

  • FusionPBX gets its file permissions from the user account that the web server is running under.
  • FreeSWITCH gets its file permissions under the user account that it runs under


What needs to be achieved with permissions.

  • FusionPBX needs permission to read and write to most of FreeSWITCH's files.
  • FreeSWITCH needs permission to read all its files and write to the storage directory and its sub directories.
  • FreeSWITCH needs read permissions on the fusionpbx/secure directory and execute on the cli conf file and the fax and email php files.

FIX-PERMISSIONS

Adjust the variables accordingly [eg httpd for centos]

#!/bin/bash
FSDIR="/usr/local/freeswitch"
FPBXDIR="/var/www/fusionpbx"
WWWUSER="www-data"

echo "setting FreeSWITCH owned by www-dat.$WWWUSER"
chown -R $WWWUSER.$WWWUSER $FSDIR
#remove 'other' permissions on freeswitch
chmod -R o-rwx $FSDIR/
#set FreeSWITCH directories full permissions for user/group with group sticky
echo "Setting group ID sticky for FreeSWITCH"
find $FSDIR -type d -exec chmod u=rwx,g=srx,o= {} \;
#make sure FreeSWITCH directories have group write
echo "Setting Group Write for FreeSWITCH files"
find $FSDIR -type f -exec chmod g+w {} \;
#make sure FreeSWITCH files have group write
echo "Setting Group Write for FreeSWITCH directories"
find $FSDIR -type d -exec chmod g+w {} \;
echo "setting FusionPBX owned by $WWWUSER.$WWWUSER just in case"
if [[ -e "$FPBXDIR" ]]; then
    /bin/chown -R $WWWUSER.$WWWUSER $FPBXDIR
fi
echo "Changing /etc/init.d/freeswitch to start with user $WWWUSER" 
sed -i -e s,'USER=freeswitch','USER=$WWWUSER', /etc/init.d/freeswitch