Trying to be as exhaustive in the title, but now I think I should have shortened it.
I have a script that I am using to transcribe voicemails via the Google Cloud Speech API that is on my account. The script, and voicemail transcriptions work flawlessly when I run the script the following ways:
[root@pbx ~] # /var/lib/asterisk/bin/makevmal.sh “SIP/TRUNK” 2535551234 “Tue Nov 26 03:01:24 PM EST 2019” 1574798484 127 1574798478.463 7
[asterisk@pbx ~] # /var/lib/asterisk/bin/makevmal.sh “SIP/TRUNK” 2535555555 “Tue Nov 26 03:01:24 PM EST 2019” 1574798484 127 1574798478.463 7
and from the asterisk CLI (as asterisk):
pbx*CLI> !/var/lib/asterisk/bin/makevmal.sh “SIP/TRUNK” 2535555555 “Tue Nov 26 03:01:24 PM EST 2019” 1574798484 127 1574798478.463 7
The script always works.
But when the dialplan executes the script, I get an error that gcloud can’t find the necessary profile data, which is sitting both at /root/.config/gcloud and at /home/asterisk/.config/gcloud. I then configured to script to spit out the current user that is running the script, and it reports that ‘root’ is running it, from within the /tmp directory. I then added a piece of code to detect if it is chrooted, and it reports that it is indeed chrooted.
I don’t want to lower the security of the PBX by disabling or circumventing chroot, but how can my script work so that it can actually read from the .config directory? I already ran chmod ‘755’ on the config directories, and tried with asterisk:asterisk as owner, and even with chmod ‘777’, but still no dice. If all I need to do is figure out how to create a chrooted profile for the root user with gcloud, then I’m good to go. But I don’t know how to do that, and at least would like to see if I can change the dialplan so that it runs more elevated.
Any ideas? What am I missing?
I’m literally about to start slamming my head against the keyboard. I’ve come close to tears as it is. -_-