June 2005
Intermediate to advanced
502 pages
21h 48m
English
Content preview from Switching to VoIP
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
This is the Title of the Book, eMatter Edition
Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.
48
|
Chapter 3: Linux as a PBX
If you use the Red Hat init script, make sure /etc/rc.d/rc.local calls it
instead of calling Asterisk directly as in the first method. Regardless of
which method you choose, make sure you’re loading the right mod-
ules (wcfxo or wcfxs) prior to the line in which Asterisk is launched.
Securing the Asterisk Instance
By default, Asterisk runs as root—the user account with total, unrestricted power.
This is generally considered a bad idea, and it’s the reason Apache, the web server,
doesn’t usually run as root. If Asterisk is compromised by an ill-willed network
prowler, it’s possible that the intruder could gain the power of root. That is, unless
you make Asterisk run as a less godly user.
To do this, create a user called “asterisk” by issuing the Red Hat
adduser command
(other Unixes could use
useradd instead):
# adduser -c "Asterisk PBX" -d /var/lib/asterisk asterisk
Next, you’ll need to alter Asterisk’s make file, located at /usr/src/asterisk/Makefile.
Using Pico or your favorite text editor, find the
ASTVARRUNDIR constant in the file, and
alter its definition to match what follows:
ASTVARRUNDIR=$(INSTALL_PREFIX)/var/run/asterisk
The directory referenced here needs to be writable by the user running Asterisk, and
the directory normally used should be writable