FreePBX | Register | Issues | Wiki | Portal | Support

Permission issue when SSH as non-root


(Jared Busch) #1

This has long been a problem, but I never bothered to post about it.

Install FreePBX distro like normal.
Log in as root from console/ssh and create a new user.
Add new user to wheel and asterisk
Exit
Log in as new user

You will randomly see this error.

Run fwconsole chown
Exit
SSH in again.
You will see the normal banner.

It will typically be days between seeing this happen, but obviously something is screwing up permissions on something somewhere.


(Jared Busch) #2

Just had this happen today on my company PBX and I did not run any module updates or anything since that last time I was in the system on Friday.

So some normal process must cause this to happen.


(Itzik) #3

Perhaps updates are set to auto update ?


(Jared Busch) #4

No. I always have those disabled. At one time, having auto updates on, caused all of the unistalled commercial modules to reinstall.

Ever see nice then I leave those settings off.


(Matteo Bignotti) #5

Hey there @sorvani is it always /var/log/asterisk/freepbx.log ? or does it happen to show other log file names?

it would be nice if you could run this command when you don’t get the warning and when you do.

ls -lahd /var/log/asterisk
ls -lah /var/log/asterisk/freepbx.log

everything should be asterisk:asterisk

but maybe there could be situations where the file is created by root with a non-permissive umask and then the group doesn’t have permissions to edit the file.


(Jared Busch) #6

The 4 systems I have easy access to right now all show the normal banner at the moment.
These permissions match on all 4.

image
image


image


#7

Have

https://www.linuxjournal.com/content/linux-filesystem-events-inotify

Email you when ownership changes (attrib)


(Jared Busch) #8

Here we are. Logged in to a system I did not have access to yesterday.

Looks like 640 instead of 664

Log rotate? I’ve not been in this system much recently. last logged in early June.

now fixed.


(Jared Busch) #9

@mbignotti, Yup it is logrotate specifically setting things to 640.

Edit: Issue created: https://issues.freepbx.org/browse/FREEPBX-20269