Permissions

From FusionPBX
Jump to: navigation, search

Permissions are a critical part of a working system.


Incorrect permissions can cause many problem including the following:

  • fusionpbx writing the config files for freeswitch
  • prevent voicemail to email from actually sending the email
  • prevent recordings from working
  • prevent fax to email working


Where do the file permissions come from.

  • FusionPBX gets its file permissions from the user account that the web server is running under.
  • FreeSWITCH gets its file permissions under the user account that it runs under


What needs to be achieved with permissions.

  • FusionPBX needs permission to read and write to most of FreeSWITCH's files.
  • FreeSWITCH needs permission to read all its files and write to the storage directory and its sub directories.
  • FreeSWITCH needs read permissions on the fusionpbx/secure directory and execute on the cli conf file and the fax and email php files.

FIX-PERMISSIONS

Adjust the variables accordingly [eg httpd for centos]

#!/bin/bash
FSDIR="/usr/local/freeswitch"
FPBXDIR="/var/www/fusionpbx"
WWWUSER="www-data"

echo "setting FreeSWITCH owned by $WWWUSER.$WWWUSER"
chown -R $WWWUSER.$WWWUSER $FSDIR
#remove 'other' permissions on freeswitch
chmod -R o-rwx $FSDIR/
#set FreeSWITCH directories full permissions for user/group with group sticky
echo "Setting group ID sticky for FreeSWITCH"
find $FSDIR -type d -exec chmod u=rwx,g=srx,o= {} \;
#make sure FreeSWITCH directories have group write
echo "Setting Group Write for FreeSWITCH files"
find $FSDIR -type f -exec chmod g+w {} \;
#make sure FreeSWITCH files have group write
echo "Setting Group Write for FreeSWITCH directories"
find $FSDIR -type d -exec chmod g+w {} \;
echo "setting FusionPBX owned by $WWWUSER.$WWWUSER just in case"
if [[ -e "$FPBXDIR" ]]; then
    /bin/chown -R $WWWUSER.$WWWUSER $FPBXDIR
fi
echo "Changing /etc/init.d/freeswitch to start with user $WWWUSER" 
sed -i -e s,'USER=freeswitch',"USER=$WWWUSER", /etc/init.d/freeswitch