Location of Keys in asterisk package

Tzafrir Cohen tzafrir.cohen at xorcom.com
Wed Feb 17 07:48:57 UTC 2010


On Wed, Feb 17, 2010 at 03:02:53AM +0100, Maurice Massar wrote:
> hi,
> 
> asterisk (1:1.4.10~dfsg-1) unstable; urgency=low
>   * Add ast_key_dir patch to move keys from /var/lib/asterisk/keys to
>     /usr/share/asterisk/keys where they should be.
>  -- Mark Purcell <msp at debian.org>  Thu, 09 Aug 2007 22:47:00 +0100
> 
> Why should the keys be in /usr/share/asterisk/keys?
> If I want to configure an RSA authenticated IAX-Trunk between
> two asterisk hosts, I need to generate keys on both and have
> asterisk read them. That is configuration in my book. 

Somewhere in the middle between "configuration" and "data". There's no
clear distinction between the two.

> That should
> be in /etc and never in /usr. I would say that is an policy violation,
> but with this change made 2.5 years ago, and in a stable release since 1
> year already and no bug report in sight, I wonder if I got something
> totaly wrong here?!

For starters, the 'keys' directory is placed by upstream under the
astdatadir, which in Debian defaults to /usr/share/asterisk . Thus if
there's no good technical reason, it should remain there.

For the record, the issue applies to the Squeeze package as well.
However, in the version included in Squeeze you can set 'astkeysdir'
explicitly. The keys will reside in a subdirectory called 'keys' of it.

> 
> As a workaround I grepped the sources and found setting astdatadir
> changes the keydir too... but adding it to asterisk.conf had no effect
> since the section got renamed to [directories] instead of '[global]'.

Wasn't this included in the latest stable update?

> This part is already fixed in the version in unstable, but not in stable
> (1:1.4.21.2~dfsg-3+lenny1). So with a couple of symlinks and the correct
> section I got my workaround. I really hate it, when programs just
> silently ignore invalid config...

-- 
               Tzafrir Cohen
icq#16849755              jabber:tzafrir.cohen at xorcom.com
+972-50-7952406           mailto:tzafrir.cohen at xorcom.com
http://www.xorcom.com  iax:guest at local.xorcom.com/tzafrir



More information about the Pkg-voip-maintainers mailing list