public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed
* [gentoo-commits] gentoo-x86 commit in net-misc/asterisk/files/1.8.0: asterisk.initd3
@ 2012-09-03  8:37 Tony Vroon (chainsaw)
  0 siblings, 0 replies; only message in thread
From: Tony Vroon (chainsaw) @ 2012-09-03  8:37 UTC (permalink / raw
  To: gentoo-commits

chainsaw    12/09/03 08:37:12

  Added:                asterisk.initd3
  Log:
  Security upgrade on the 1.8 branch, addressing a privilege escalation in the manager interface and a failure to apply IAX2 ACLs when using Asterisk Realtime Architecture (ARA). Fixes by Jaco Kroon address bug #429492 and bug #432464.
  
  (Portage version: 2.1.11.13/cvs/Linux x86_64)

Revision  Changes    Path
1.1                  net-misc/asterisk/files/1.8.0/asterisk.initd3

file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-misc/asterisk/files/1.8.0/asterisk.initd3?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-misc/asterisk/files/1.8.0/asterisk.initd3?rev=1.1&content-type=text/plain

Index: asterisk.initd3
===================================================================
#!/sbin/runscript
# Copyright 1999-2012 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/net-misc/asterisk/files/1.8.0/asterisk.initd3,v 1.1 2012/09/03 08:37:12 chainsaw Exp $

extra_started_commands="forcestop reload"

depend() {
	need net
	use nscd dns dahdi mysql postgresql slapd capi
}

is_running() {
	if [ -z "`pidof asterisk`" ]; then
		return 1
	else
		PID="`cat /var/run/asterisk/asterisk.pid`"
		for x in `pidof asterisk`; do
			if [ "${x}" = "${PID}" ]; then
				return 0
			fi	
		done
	fi

	return 1
}

asterisk_run_loop() {
	local result=0 signal=0

	echo "Initializing asterisk wrapper"
	OPTS="$*"

	trap "rm /var/run/asterisk/wrapper_loop.pid" EXIT
	cut -f4 -d' ' < /proc/self/stat > /var/run/asterisk/wrapper_loop.pid

	while :; do
		if [ -n "${TTY}" ]; then
			/usr/bin/stty -F ${TTY} sane
			${NICE} /usr/sbin/asterisk ${OPTS} >${TTY} 2>&1 <${TTY}
			result=$?
		else
			${NICE} /usr/sbin/asterisk ${OPTS} 2>&1 >/dev/null
			result=$?
		fi		

		if [ $result -eq 0 ]; then
			echo "Asterisk terminated normally"
			break
		else
			if [ $result -gt 128 ]; then
				signal=`expr $result - 128`
				MSG="Asterisk terminated with Signal: $signal"

				CORE_TARGET="core-`date +%Y%m%d-%H%M%S`"

				local CORE_DUMPED=0
				if [ -f "${ASTERISK_CORE_DIR}/core" ]; then
					mv "${ASTERISK_CORE_DIR}/core" \
					   "${ASTERISK_CORE_DIR}/${CORE_TARGET}"
					CORE_DUMPED=1

				elif [ -f "${ASTERISK_CORE_DIR}/core.${PID}" ]; then
					mv "${ASTERISK_CORE_DIR}/core.${PID}" \
					   "${ASTERISK_CORE_DIR}/${CORE_TARGET}"
					CORE_DUMPED=1

				fi

				[ $CORE_DUMPED -eq 1 ] && \
					MSG="${MSG}\n\rCore dumped: ${ASTERISK_CORE_DIR}/${CORE_TARGET}"
			else
				MSG="Asterisk terminated with return code: $result"
			fi

			# kill left-over tasks
			for X in ${ASTERISK_CLEANUP_ON_CRASH}; do
				kill -9 `pidof ${X}`;
			done
		fi

		[ -n "${TTY}" ] \
			&& echo "${MSG}" >${TTY} \
			|| echo "${MSG}"


		if [ -n "${ASTERISK_NOTIFY_EMAIL}" ] && \
		   [ -x /usr/sbin/sendmail ]; then
			echo -e -n "Subject: Asterisk crashed\n\r${MSG}\n\r" |\
				 /usr/sbin/sendmail "${ASTERISK_NOTIFY_EMAIL}"
		fi
		sleep "${ASTERISK_RESTART_DELAY}"
		echo "Restarting Asterisk..."
	done
	return 0
}

start() {
	local OPTS USER GROUP PID NICE=""
	local tmp x

	local OPTS ARGS 
		
	ebegin "Starting asterisk PBX"

	eindent

	# filter (redundant) arguments
	OPTS=`echo "${ASTERISK_OPTS}" | sed -re "s:-[cfF]::g"`

	# default options
	OPTS="${OPTS} -f"  # don't fork / detach breaks wrapper script...

	# mangle yes/no options
	ASTERISK_CONSOLE="`echo ${ASTERISK_CONSOLE} | tr '[:lower:]' '[:upper:]'`"

	ASTERISK_RESTART_DELAY="`echo "${ASTERISK_RESTART_DELAY}" | sed -re 's/^([0-9]*).*/\1/'`"
	[ -z "${ASTERISK_RESTART_DELAY}" ] && ASTERISK_RESTART_DELAY=5

	if [ -n "${ASTERISK_CORE_SIZE}" ] &&
	   [ "${ASTERISK_CORE_SIZE}" != "0" ]; then
		ulimit -c ${ASTERISK_CORE_SIZE}

		if [ -n "${ASTERISK_CORE_DIR}" ] && \
		   [ ! -d "${ASTERISK_CORE_DIR}" ]
		then
			mkdir -m750 -p "${ASTERISK_CORE_DIR}"

			if [ -n "${ASTERISK_USER}" ]; then
				chown -R "${ASTERISK_USER}" "${ASTERISK_CORE_DIR}"
			fi
		fi
		ASTERISK_CORE_DIR="${ASTERISK_CORE_DIR:-/tmp}"

		cd "${ASTERISK_CORE_DIR}"
		einfo "Core dump size            : ${ASTERISK_CORE_SIZE}"
		einfo "Core dump location        : ${ASTERISK_CORE_DIR}"

		OPTS="${OPTS} -g"
	fi

	if [ -n "${ASTERISK_MAX_FD}" ]; then
		ulimit -n ${ASTERISK_MAX_FD}
		einfo "Max open filedescriptors  : ${ASTERISK_MAX_FD}"
	fi

	if [ -n "${ASTERISK_NICE}" ]; then
		if [ ${ASTERISK_NICE} -ge -20 ] && \
		   [ ${ASTERISK_NICE} -le  19 ]; then 
			einfo "Nice level                : ${ASTERISK_NICE}"
			NICE="nice -n ${ASTERISK_NICE} --"
		else
			eerror "Nice value must be between -20 and 19"
			return 1
		fi
	fi

	if [ -n "${ASTERISK_NOTIFY_EMAIL}" ]; then
		if [ -x /usr/sbin/sendmail ]; then
			einfo "Email notifications go to : ${ASTERISK_NOTIFY_EMAIL}"
		else
			ewarn "Notifications disabled, /usr/sbin/sendmail doesn't exist or is not executable!"
			unset ASTERISK_NOTIFY_EMAIL
		fi
	fi

	if [ -n "${ASTERISK_TTY}" ]; then
		for x in ${ASTERISK_TTY} \
			 /dev/tty${ASTERISK_TTY} \
			 /dev/vc/${ASTERISK_TTY}
		do
			if [ -c "${x}" ]; then
				TTY="${x}"
			fi
		done
		[ -n "${TTY}" ] && \
			einfo "Messages are sent to      : ${TTY}"
	fi

	if [ "${ASTERISK_CONSOLE}" = "YES" ] && [ -n "${TTY}" ]; then
		einfo "Starting Asterisk console : ${ASTERISK_CONSOLE}"
		OPTS="${OPTS} -c"
	fi

	if [ -n "${ASTERISK_USER}" ]; then
		USER=`echo $ASTERISK_USER | sed 's/:.*//'`
		GROUP=`echo $ASTERISK_USER | awk -F: '/.*:.*/ { print $2 }'`
		if [ -n "${USER}" ]; then
			OPTS="${OPTS} -U ${USER}"
		fi
		if [ -n "${GROUP}" ]; then
			OPTS="${OPTS} -G ${GROUP}"
			GROUP=":${GROUP}"	# make it look nice...
		fi
		for element in `find /var/{log,run}/asterisk`; do
			if [ `stat -c %U $element` != "${USER}" ]; then
 				ewarn "${USER} is not the owner of $element, fixing."
				chown -R ${USER} /var/{log,run}/asterisk
				chmod -R u+r /var/{log,run}/asterisk
				chmod u+x /var/{log,run}/asterisk
			fi;
		done;
		einfo "Starting asterisk as      : ${USER}${GROUP}"
	else
		ewarn "Starting asterisk as root is not recommended."
	fi

	asterisk_run_loop ${OPTS} 2>&1 | logger -t asterisk_wrapper &
	result=$?

	if [ $result -eq 0 ]; then
		# 2 seconds should be enough for asterisk to start
		sleep 2 
		is_running
		result=$?
	fi

	eoutdent
	eend $result
}

forcestop() {
	ebegin "Stopping asterisk PBX"
	start-stop-daemon --stop --pidfile /var/run/asterisk/asterisk.pid
	eend $?
}

stop() {
	if ! is_running; then
		eerror "Asterisk is not running!"
		return 0
	fi

	if [ -r /var/run/asterisk/wrapper_loop.pid ]; then
		ebegin "Killing wrapper script"
		kill `cat /var/run/asterisk/wrapper_loop.pid`
		eend $?
	fi

	ebegin "Stopping asterisk PBX gracefully"
	/usr/sbin/asterisk -r -x "core stop gracefully" &>/dev/null
	# Now we have to wait until asterisk has _really_ stopped.
	sleep 1
	if is_running; then
		einfon "Waiting for asterisk to shutdown ."
		local cnt=0
		while is_running; do
			cnt=`expr $cnt + 1`
			if [ $cnt -gt 60 ] ; then
				# Waited 120 seconds now. Fail.
				echo
				eend 1 "Failed."
				return
			fi
			sleep 2
			echo -n "."
		done
		echo
	fi
	eend 0
}

reload() {
	if is_running; then
		ebegin "Forcing asterisk to reload configuration"
		/usr/sbin/asterisk -r -x "module reload" &>/dev/null
		eend $?
	else
		eerror "Asterisk is not running!"
	fi
}





^ permalink raw reply	[flat|nested] only message in thread
only message in thread, other threads:[~2012-09-03  8:37 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-09-03  8:37 [gentoo-commits] gentoo-x86 commit in net-misc/asterisk/files/1.8.0: asterisk.initd3 Tony Vroon (chainsaw)

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox