Why cannot start .sh form call


exten => s,1,System(/usr/share/wol.sh arg1 arg2)
exten => s,n,Congestion
exten => h,1,Hangup


ether-wake -i eth0 -b 1C:1B:1A:12:13:14
echo ok > /var/log/asterisk/wol.log

Misc Application & Misc Destinations are OK

Custom Destinations

Target = wol,s,1

[2023-03-14 10:26:10] VERBOSE[2823][C-00000006] pbx.c: Executing [*17@from-internal:3] Goto(“PJSIP/1-00000000”, “wol,s,1”) in new stack
206 [2023-03-14 10:26:10] VERBOSE[2823][C-00000006] pbx_builtins.c: Goto (wol,s,1)
207 [2023-03-14 10:26:10] VERBOSE[2823][C-00000006] pbx.c: Executing [s@wol:1] System(“PJSIP/1-00000000”, “/usr/share/wol.sh arg1 arg2”) in new stack
208 [2023-03-14 10:26:10] VERBOSE[2823][C-00000006] pbx.c: Executing [s@wol:2] Congestion(“PJSIP/1-00000000”, “”) in new stack
209 [2023-03-14 10:26:10] VERBOSE[2823][C-00000006] pbx.c: Spawn extension (wol, s, 2) exited non-zero on ‘PJSIP/1-00000000’
210 [2023-03-14 10:26:10] VERBOSE[2823][C-00000006] pbx.c: Executing [h@wol:1] Hangup(“PJSIP/1-00000000”, “”) in new stack
211 [2023-03-14 10:26:10] VERBOSE[2823][C-00000006] pbx.c: Spawn extension (wol, h, 1) exited non-zero on ‘PJSIP/1-00000000’

Why I cannot use custom sh from call

Does the Asterisk user have execute rights on /usr/share/wol.sh and etherwake ?

(wakeonlan is probably easier to get working for a non privileged user)

Is the directory containing ether-wake in the PATH in the environment in which the shell is running?

Does the asterisk user have read rights on the shell script, as well as execute rights.

Note that the log provided gives no indication that anything went wrong.

Those file have permission
chown -R asterisk:asterisk /usr/share/wol.sh
chmod 777 /usr/share/wol.sh
chown -R asterisk:asterisk /usr/sbin/ether-wake
chomod 777 /usr/sbin/ether-wake

Now I can use *38 to execute curl url
but i cannot use *39 execute sh (Custom program)
It is normal to execute wol.sh manually

ether-wake can only be run as root, as it needs to do privileged, low level, ethernet operations.

This is a security vulnerability. Also if ether-wake had been made set user to allow anyone to use it, this would have broken that.

This is also a security vulnerability.

This command does not exist, and if correctly spelled would have created a security vulnerability any broken and setuser setting.

Is there any way to execute privileged programs with dial

You need to add “on FreePBX”, as the easiest way, on Asterisk, is to run Asterisk as root.

There are other ways, but they always introduce security vulnerabilities. which would need more careful analysis than is possible here. E.g. you could make the program set user root.

As previously mentioned

runs fine without root privilege.

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.