Summary:ASTERISK-07307: [patch] VOICEMAIL_FILE_MODE not applied
Reporter:Marcus Moeller (marcus)Labels:
Date Opened:2006-07-08 02:59:43Date Closed:2006-08-25 12:58:55
Versions:Frequency of
Environment:Attachments:( 0) 20060711__bug7504.diff.txt
Description:As I am in need of setting group access to the voicemails I have set the app_voicemail.c VOICEMAIL_FILE_MODE variable to 0660 and the #define VOICEMAIL_DIR_MODE variable to 0770.

The directory permission are then set correctly but the file permissions seems to be ignored.

As I am not able to update to the upstream source (perhaps? its fixed now) I am searching for a patch that applies to
Comments:By: Tilghman Lesher (tilghman) 2006-07-08 10:40:05

This is not major, since you can set the umask prior to starting Asterisk, and that will properly affect permissions.

By: Marcus Moeller (marcus) 2006-07-08 10:53:51

Setting umask before starting asterisk affects every file written. Thats not really secure.

By: Tilghman Lesher (tilghman) 2006-07-08 11:19:29

Please test this patch, and post your results.

By: Marcus Moeller (marcus) 2006-07-08 13:06:26

The msgXXXX.txt file is now written correctly:

-rw-rw----  1 root root  229 2006-07-08 20:03 msg0000.txt

But the WAV File still has the wrong permissions

-rwx------  1 root root 6886 2006-07-08 20:03 msg0000.WAV*

I have also noticed that the directory permission have been set to:

drwxr-x---  2 root root 112 2006-07-08 20:03 INBOX/

unless #define VOICEMAIL_DIR_MODE 0770 is set.

Best Regards

By: Tilghman Lesher (tilghman) 2006-07-08 13:36:29

Oops.  The wav49 exception needed to be taken care of.  Try this new patch.

By: Marcus Moeller (marcus) 2006-07-08 14:33:40

:) - it seems to work correctly right now. The only thing that is still confusing me is VOICEMAIL_DIR_MODE. I have set it to 770 (useful or not) but the permissions are still set to 750:

drwxr-x--- 2 root root 112 2006-07-08 20:03 INBOX/

It seems that the permissions have been set correctly but then umask defaults have been applied to it.

btw. thanks for your support


By: Tilghman Lesher (tilghman) 2006-07-11 16:55:18

Hmmm, yeah, if we're going to specify a mode more restrictive than 777, then it ought to be kept.  Otherwise, the right thing would probably be to specify mode 777 and rely on the umask to shorten it.

By: Russell Bryant (russell) 2006-07-12 13:36:56

For the trunk, (and hence Asterisk 1.4), we have discussed removing all places in the code that mess with file permissions at all and allowing the system administrator handle it with umask settings exclusively.  This would solve this problem for the future ...

By: Tilghman Lesher (tilghman) 2006-07-12 14:07:56

The problem with that approach is that we typically want more restrictive permissions for voicemail than for other recordings.  We probably want permission 644 for meetme recordings, but we'd probably want 640, 660, or 600 for voicemail (depending upon the system).

By: Marcus Moeller (marcus) 2006-07-12 15:03:39

I wont suggest to rely on umask for the voicemail permissions, as with umask you define general behavior. I think the VOICEMAIL_DIR_MODE and FILE_MODE Variables should be part of the asterisk config file voicemail.conf so that the end user is able to define the voicemail permissions by its own. And these settings should be treated correctly :) (DIR mode is overwritten by umask restrictions, as mentioned before)

It would also be great to define a VOICEMAIL_GROUP in a config file, as modern http frontends require access to the voicemail folder, too.

Best Regards

By: Tilghman Lesher (tilghman) 2006-08-25 12:58:55

Since this equates to a behavior change, this will not go into 1.2.  Trunk is already patched.