Difference between revisions of "Permissions"

From FusionPBX
Jump to: navigation, search
(FIX-PERMISSIONS)
 
(One intermediate revision by one other user not shown)
Line 27: Line 27:
 
WWWUSER="www-data"
 
WWWUSER="www-data"
  
echo "setting FreeSWITCH owned by www-dat.$WWWUSER"
+
echo "setting FreeSWITCH owned by $WWWUSER.$WWWUSER"
 
chown -R $WWWUSER.$WWWUSER $FSDIR
 
chown -R $WWWUSER.$WWWUSER $FSDIR
 
#remove 'other' permissions on freeswitch
 
#remove 'other' permissions on freeswitch
Line 45: Line 45:
 
fi
 
fi
 
echo "Changing /etc/init.d/freeswitch to start with user $WWWUSER"  
 
echo "Changing /etc/init.d/freeswitch to start with user $WWWUSER"  
sed -i -e s,'USER=freeswitch','USER=$WWWUSER', /etc/init.d/freeswitch
+
sed -i -e s,'USER=freeswitch',"USER=$WWWUSER", /etc/init.d/freeswitch
 
</pre>
 
</pre>

Latest revision as of 03:13, 15 January 2015

Permissions are a critical part of a working system.


Incorrect permissions can cause many problem including the following:

  • fusionpbx writing the config files for freeswitch
  • prevent voicemail to email from actually sending the email
  • prevent recordings from working
  • prevent fax to email working


Where do the file permissions come from.

  • FusionPBX gets its file permissions from the user account that the web server is running under.
  • FreeSWITCH gets its file permissions under the user account that it runs under


What needs to be achieved with permissions.

  • FusionPBX needs permission to read and write to most of FreeSWITCH's files.
  • FreeSWITCH needs permission to read all its files and write to the storage directory and its sub directories.
  • FreeSWITCH needs read permissions on the fusionpbx/secure directory and execute on the cli conf file and the fax and email php files.

FIX-PERMISSIONS

Adjust the variables accordingly [eg httpd for centos]

#!/bin/bash
FSDIR="/usr/local/freeswitch"
FPBXDIR="/var/www/fusionpbx"
WWWUSER="www-data"

echo "setting FreeSWITCH owned by $WWWUSER.$WWWUSER"
chown -R $WWWUSER.$WWWUSER $FSDIR
#remove 'other' permissions on freeswitch
chmod -R o-rwx $FSDIR/
#set FreeSWITCH directories full permissions for user/group with group sticky
echo "Setting group ID sticky for FreeSWITCH"
find $FSDIR -type d -exec chmod u=rwx,g=srx,o= {} \;
#make sure FreeSWITCH directories have group write
echo "Setting Group Write for FreeSWITCH files"
find $FSDIR -type f -exec chmod g+w {} \;
#make sure FreeSWITCH files have group write
echo "Setting Group Write for FreeSWITCH directories"
find $FSDIR -type d -exec chmod g+w {} \;
echo "setting FusionPBX owned by $WWWUSER.$WWWUSER just in case"
if [[ -e "$FPBXDIR" ]]; then
    /bin/chown -R $WWWUSER.$WWWUSER $FPBXDIR
fi
echo "Changing /etc/init.d/freeswitch to start with user $WWWUSER" 
sed -i -e s,'USER=freeswitch',"USER=$WWWUSER", /etc/init.d/freeswitch