[Fwd: RTPproxy 1.1 has been released]

Marcus Better marcus at better.se
Sun Jun 22 18:30:37 UTC 2008


Hi,

> Thanks for the update and your work in rtpproxy, I have now uploaded 1.1 to 
> Debian unstable.

I've done some more packaging work on 1.1:

  * Run as user rtpproxy instead of root.
  * Do not return failure in stop command of init script if the daemon
is not running.

But I have trouble running rtpproxy as non-root with ser (2.0 snapshot):

Jun 20 09:12:01 quartic /usr/sbin/ser[19598]: ERROR: send_rtpp_command:
can't connect to RTP proxy
Jun 20 09:12:01 quartic /usr/sbin/ser[19598]: send_rtpp_command(): proxy
<unix:/var/run/rtpproxy/rtpproxy.sock> does not responding, disable it
Jun 20 09:12:01 quartic /usr/sbin/ser[19598]: WARNING: rtpp_test: can't
get version of the RTP proxy
Jun 20 09:12:01 quartic /usr/sbin/ser[19598]: WARNING: rtpp_test:
support for RTP proxy <unix:/var/run/rtpproxy/rtpproxy.sock>has been
disabled temporarily

I've added the ser user to the rtpproxy group and gave group write
permission manually to the socket file. Can someone test this to confirm?

Maxim: I applied the following patch to drop privileges earlier so that
the control socket is created with the correct permissions. Does it look OK?

Cheers,

Marcus

--- a/main.c
+++ b/main.c
@@ -683,6 +683,14 @@ main(int argc, char **argv)

     init_config(&cf, argc, argv);

+    if (cf.run_uname != NULL || cf.run_gname != NULL) {
+       if (drop_privileges(&cf, cf.run_uname, cf.run_gname) != 0) {
+           rtpp_log_ewrite(RTPP_LOG_ERR, cf.glog,
+             "can't switch to requested user/group");
+           exit(1);
+       }
+    }
+
     controlfd = init_controlfd(&cf);

 #if !defined(__solaris__)
@@ -718,14 +726,6 @@ main(int argc, char **argv)
     signal(SIGUSR1, fatsignal);
     signal(SIGUSR2, fatsignal);

-    if (cf.run_uname != NULL || cf.run_gname != NULL) {
-       if (drop_privileges(&cf, cf.run_uname, cf.run_gname) != 0) {
-           rtpp_log_ewrite(RTPP_LOG_ERR, cf.glog,
-             "can't switch to requested user/group");
-           exit(1);
-       }
-    }
-
     cf.pfds[0].fd = controlfd;
     cf.pfds[0].events = POLLIN;
     cf.pfds[0].revents = 0;

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-voip-maintainers/attachments/20080622/6dccf609/attachment.pgp 


More information about the Pkg-voip-maintainers mailing list