84bath
March 14, 2023, 2:34am
1
[wol]
#!/bin/bash
Target = wol,s,1
##log [email protected] :3] Goto(“PJSIP/1-00000000”, “wol,s,1”) in new stack [email protected] :1] System(“PJSIP/1-00000000”, “/usr/share/wol.sh arg1 arg2”) in new stack [email protected] :2] Congestion(“PJSIP/1-00000000”, “”) in new stack [email protected] :1] Hangup(“PJSIP/1-00000000”, “”) in new stack
Why I cannot use custom sh from call
dicko
March 14, 2023, 4:41am
2
Does the Asterisk user have execute rights on /usr/share/wol.sh and etherwake ?
(wakeonlan is probably easier to get working for a non privileged user)
david55
March 14, 2023, 10:51am
3
Is the directory containing ether-wake in the PATH in the environment in which the shell is running?
Does the asterisk user have read rights on the shell script, as well as execute rights.
Note that the log provided gives no indication that anything went wrong.
84bath
March 14, 2023, 11:13am
4
Those file have permission
Now I can use *38 to execute curl url
david55
March 14, 2023, 11:35am
5
ether-wake can only be run as root, as it needs to do privileged, low level, ethernet operations.
This is a security vulnerability. Also if ether-wake had been made set user to allow anyone to use it, this would have broken that.
This is also a security vulnerability.
This command does not exist, and if correctly spelled would have created a security vulnerability any broken and setuser setting.
84bath
March 15, 2023, 8:07am
6
Thanks
david55
March 15, 2023, 10:58am
7
You need to add “on FreePBX”, as the easiest way, on Asterisk, is to run Asterisk as root.
There are other ways, but they always introduce security vulnerabilities. which would need more careful analysis than is possible here. E.g. you could make the program set user root.
dicko
March 15, 2023, 1:47pm
8
As previously mentioned
runs fine without root privilege.