User functions, ASL2 vs ASL3

lengriff · July 25, 2024, 11:26am

I cannot get my user codes to work in ASL3. Let me try to explain clearly: On my ASL2 repeater, user functions like ’ 620=localplay,soundfile ’ or ’ 061=cmd,etc/asterisk/scripts/script.sh ’ work just fine when executed from a CLI prompt: rpt fun 42690 *620 / rpt fun 42690 *061. In ASL3, these SAME functions do NOT work. To experiment, I took the function ’ =localplay,sound ', and tried it as ’ 081=, 903=, and 670= . None of these work. According to the template, these are all available as user functions. I have NO conflicts with these codes being used anywhere else. Again, this all worked in ASL2 for years, but not in ASL3. It is not a problem with the functions themselves. There must be some information I am missing here.

WA3WCO · July 25, 2024, 1:30pm

To check ASL3 I did the following :

First, I created a “/etc/asterisk/scripts/test.sh” script with the following :

#!/usr/bin/bash
date            >> /tmp/test-out    
echo "  $0 $*"  >> /tmp/test-out

I then added the following lines to the [functions] stanza of my “rpt.conf” file :

610=localplay,rpt/thetemperatureis
620=cmd,/etc/asterisk/scripts/test.sh

The first line plays a known sound file, the second exec’s my test script. Both *610 and *620 worked as expected.

NOTE :

Don’t forget to ensure that the script is marked as executable (e.g. chmod 755 /etc/asterisk/scripts/test.sh).
Don’t forget that “asterisk” process now runs as the “asterisk” login (NOT “root”). That means that the sound files and scripts need to be readable by the “asterisk” login and any files being modified by the script need to writable by “asterisk” login.

lengriff · July 25, 2024, 4:36pm

I think this is where I have the problem. I am logging into my system as ’ root ', both with PuTTY and WinSCP. I have read through the ASL3 documentation, and did not see an explanation for: " the sound files and scripts need to be readable by the “asterisk” login and any files being modified by the script need to writable by “asterisk” login. ". Not sure where or how I do that. Thanks for the reply. All my sound files show owner=root.

WA3WCO · July 25, 2024, 6:59pm

Logging in as “root” essentially gives you carte blanche to do whatever you want. That lets you do whatever you want … but can also get you into trouble.

I will look to find a place in the online doc to call out the change we made to not having the “asterisk” process run as the “root” user.

I would suggest that you search the Internet for “linux file permissions” for more details. But, briefly, each file (and directory) has permissions that effect the “owner”, permissions that effect those logins in the same “group”, and permissions that effect “other” logins. The permissions determine whether you (or some other process) can read, write, or execute the files (or search in directories). There are commands to change the ownership (“chown”) and permissions (“chmod”) for each file/directory.

lengriff · July 25, 2024, 8:21pm

I found this helpful:
Linux File Permissions and Ownership Explained with Examples (linuxhandbook.com)
I’m guessing I need to change ownership of my sound files to ‘asterisk’:
chown asterisk ‘filename’

WA3WCO · July 25, 2024, 10:43pm

Not necessarily. As I mentioned above, there are permissions for the owner, for those in the group, and for everyone else. It all depends on how much access has been granted.

For example, on my nodes (and using the file I was testing with) I have :

wa3wco@mynode:~ $ cd /usr/share/asterisk/sounds/en/rpt/
wa3wco@mynode:/usr/share/asterisk/sounds/en/rpt $ ls -l thetemperatureis.ulaw 
-rw-r--r-- 1 root root 12674 Jul 16 19:20 thetemperatureis.ulaw

Here, the file is owned by “root” (with read/write privs, “rw-”), readable by everyone in the “root” group (“r–”), and readable by everyone else (“r–”). You should have no access playing this sound.

But, if you added your own sound with more limited permissions, like :

-rw------- 1 root root 12674 Jul 16 19:20 CustomSound.ulaw

then the file would only be accessible to the “root” login. To correct this you could change the owner (chown asterisk CustomSound.ulaw), change/open the permissions (chmod 644 CustomSound.ulaw), or both.

lengriff · July 26, 2024, 1:34pm

Thanks for the info and patience! I only dabble in Linux. I did lots of reading on file ownership, and was already familiar with permissions. There appears to be a BIG difference with Asterisk20 / Debian 12 that is NOT mentioned at all in the ASL3 documentation. I am learning. So here is where I am ( trying to be very specific here ):
1] In rpt.conf, I have a function ’ 620=localplay,nbc '. This was not working. I changed the ownership of nbc.ulaw: -rw-r–r-- root asterisk 32957 Jan30 2016. Now ’ rpt fun 42690 *620 ’ does play the file.
[ all the other sound files do not have asterisk as the owner? ]
2] /etc/asterisk/scripts/Skyblank.sh:
#!/bin/bash
#Skywarnplus Clear Tail message
cp /usr/share/asterisk/sounds/en/tailblank.wav /usr/share/asterisk/sounds/en/tailmess.wav
exit
The Skyblank script :
-rwxr-xr-x l root asterisk 306 Jul23 16:26
tailblank.wav:
-rw-r–r-- i root asterisk 4060 Apr 3 08:08
tailmess.wav:
-rw-r–r-- i root asterisk 64830 Jul 26 08:48
3] function ’ 060=cmd,/etc/asterisk/scripts/Skyblank.sh ’
4] From CLI prompt, rpt fun 42690 *060, does nothing
5] From root prompt, /etc/asterisk/scripts/Skyblank.sh, works fine.

WA3WCO · July 26, 2024, 3:18pm

Glad that you can now play the file. Did you change the owner of the file (chown), the permissions (chmod), or both?

The ownership/permissions of the script look fine. BUT, you also need to think about the commands inside the script. You are copying one file to another. This means that the script needs to be able to read the former (YES) and WRITE the latter (NO). With the asterisk process exec’ing the script (and running as the “asterisk” login) it needs to have write permission to the file “tailmess.wav”. That file is currently owned by “root” so it’s not writable. Here, you have 2 options :

change the ownership of the file :

chown asterisk /usr/share/asterisk/sounds/en/tailmess.wav

open the permissions so that any login can write the file :

chmod 666 /usr/share/asterisk/sounds/en/tailmess.wav

For #4, I suspect that the script actually ran. It’s just that it didn’t do what you wanted because it could not write the file.

For #5, Of course this worked. When you exec’d the script as the “root”’ login you don’t have to worry about filesystem permissions.

Oh, one other thing to check. While the permissions on the Skyblank.sh script are fine you also need to look at the permissions on the “/etc/asterisk/scripts directory”. If the directory is owned by “root” and the permissions do not allow read/search then the asterisk process would not be able to open/exec the script. Exec ls -ld /etc/asterisk/scripts and make sure that the permissions are “-rwxr-xr-x”. If you see “-rwx------” then exec chown 755 /etc/asterisk/scripts.

lengriff · July 26, 2024, 9:35pm

Thanks to you, Allan, I now have my missing piece of Linux knowledge needed to make this work. I hope that this conversation helps others who are also transitioning to ASL3. '73. Len, WB2HKK.

Mason10198 · July 26, 2024, 10:30pm

I’m just curious - what scenario are you encountering that requires you to manually clear the tail message created by SkywarnPlus?

SkywarnPlus automatically clears the tail message when alerts are cleared, and also automatically clears the tail message when you disable it via SkyControl.py.

lengriff · July 26, 2024, 10:58pm

I use the tailmessage system for repeater announcements as well as SkywarnPlus [ tailmessagelist= tmp/SkywarnPlus/wx-tail,tail ] . SkywarnPlus does clear it’s own alert, and works very well. It is my ’ tail ’ message I have to clear.