Can't run Asterisk service as the asterisk user

Asterisk Asterisk Support
1

Hello!

Unable to start Asterisk service as user asterisk.

CentOS 7.7
Asterisk 18.12.1

I did everything according to the instructions:

sudo groupadd asterisk
sudo useradd -r -d /var/lib/asterisk -g asterisk asterisk
sudo usermod -aG audio,dialout asterisk
sudo chown -R asterisk.asterisk /etc/asterisk
sudo chown -R asterisk.asterisk /var/{lib,log,spool}/asterisk
sudo chown -R asterisk.asterisk /usr/lib64/asterisk

In /etc/sysconfig/asterisk file changed to:
AST_USER=“asterisk”
AST_GROUP=“asterisk”

In /etc/asterisk/asterisk.conf file changed to:
runuser = asterisk ; The user to run as.
rungroup = asterisk ; The group to run as.
[files]
astctlpermissions = 0660
astctlowner = root
astctlgroup = apache
astctl = asterisk.ctl

And start Asterisk service like this:
systemctl start asterisk

systemctl status asterisk
● asterisk.service - LSB: Asterisk PBX
Loaded: loaded (/etc/rc.d/init.d/asterisk; bad; vendor preset: disabled)
Active: active (running) since Wed 2022-06-08 12:27:18 EDT; 2s ago
Docs: man:systemd-sysv-generator(8)
Process: 1643 ExecStart=/etc/rc.d/init.d/asterisk start (code=exited, status=0/SUCCESS)
Main PID: 1674 (asterisk)
CGroup: /system.slice/asterisk.service
├─1672 /bin/sh /usr/sbin/safe_asterisk
└─1674 /usr/sbin/asterisk -f -vvvg -c

Jun 08 12:27:18 xxx.xxx.xxx systemd[1]: Starting LSB: Asterisk PBX…
Jun 08 12:27:18 xxx.xxx.xxx asterisk[1643]: Starting asterisk:
Jun 08 12:27:18 xxx.xxx.xxx systemd[1]: Can’t open PID file /var/run/asterisk/asterisk.pid (yet?) after start: No such file or directory
Jun 08 12:27:18 xxx.xxx.xxx systemd[1]: asterisk.service: Supervising process 1674 which is not our child. We’ll most likely not notice when it exits.
Jun 08 12:27:18 xxx.xxx.xxx systemd[1]: Started LSB: Asterisk PBX.

In any case, the Asterisk service is started every time as the root user

2

you also need to check this if you use systemd

/usr/lib/systemd/system/asterisk.service

cp asterisk/contrib/systemd/asterisk* /usr/lib/systemd/system
3

Your tuto missed ‘run’ dir permissions.

Fix with this:
sudo mkdir -p /var/run/asterisk

sudo chown -R asterisk.asterisk /var/{lib,log,spool,run}/asterisk

4

I did copy asterisk.service to destination and now it won’t to start

systemctl status asterisk
● asterisk.service - Asterisk PBX and telephony daemon.
Loaded: loaded (/usr/lib/systemd/system/asterisk.service; enabled; vendor preset: disabled)
Active: activating (start) since Wed 2022-06-08 15:00:42 EDT; 37s ago
Main PID: 14415 (asterisk)
CGroup: /system.slice/asterisk.service
└─14415 /usr/sbin/asterisk -mqf -C /etc/asterisk/asterisk.conf

Jun 08 15:00:42 xxx.xxx.xxx systemd[1]: Starting Asterisk PBX and telephony daemon…

5

I tried your fix separately, as well as combined with the solution from TheMark.

In your pure solution, it also runs as root
In combination with the solution from TheMark, it also freezes on start

6

can you check if this dir is a tmpfs

/var/run

also you may have to edit /usr/lib/systemd/system/asterisk.service
there are 2-3 option that I have to change on Rocky Linux for it to work

7

I hope i did it right

~]# mount | grep -i tmp
devtmpfs on /dev type devtmpfs (rw,nosuid,size=1929732k,nr_inodes=482433,mode=755)
tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev)
tmpfs on /run type tmpfs (rw,nosuid,nodev,mode=755)
tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,mode=755)
tmpfs on /run/user/0 type tmpfs (rw,nosuid,nodev,relatime,size=388016k,mode=700)

There is my /usr/lib/systemd/system/asterisk.service

[Unit]
Description=Asterisk PBX and telephony daemon.
After=network.target
#include these if asterisk need to bind to a specific IP (other than 0.0.0.0)
#Wants=network-online.target
#After=network-online.target network.target

[Service]
Type=notify
Environment=HOME=/var/lib/asterisk
#if systemd do not provide hostname and you need to use ${ENV(HOSTNAME)}
#Environment=HOSTNAME=%H
WorkingDirectory=/var/lib/asterisk
User=asterisk
Group=asterisk
ExecStart=/usr/sbin/asterisk -mqf -C /etc/asterisk/asterisk.conf
ExecReload=/usr/sbin/asterisk -rx ‘core reload’
#if /var/run is a tmpfs, this will create /var/run/asterisk on start
#RuntimeDirectory=asterisk

#Nice=0
#UMask=0002
LimitCORE=infinity
#LimitNOFILE=
Restart=always
RestartSec=4

Prevent duplication of logs with color codes to /var/log/messages

StandardOutput=null

PrivateTmp=true

[Install]
WantedBy=multi-user.target

8

try enable this one

RuntimeDirectory=asterisk

also what happens if you try this

asterisk -cvvv
9

asterisk -cvvv

Found at the top:

Unable to change ownership of /var/run/asterisk/asterisk.ctl: Operation not permitted

Also this errors:

ERROR[3114]: res_config_pgsql.c:1604 pgsql_reconnect: PostgreSQL RealTime: Failed to connect database asterisk on 127.0.0.1:
[2022-06-08 16:41:24] ERROR[3114]: loader.c:2508 load_modules: Error loading module ‘chan_local.so’: /usr/lib64/asterisk/modules/chan_local.so: cannot open shared object file: No such file or directory
[2022-06-08 16:41:24] ERROR[3114]: loader.c:2508 load_modules: Error loading module ‘res_pjsip_phoneprov_provider.so’, missing dependency: res_phoneprov
[2022-06-08 16:41:24] ERROR[3114]: loader.c:2508 load_modules: cdr_pgsql declined to load.
[2022-06-08 16:41:24] ERROR[3114]: loader.c:2508 load_modules: cdr_sqlite3_custom declined to load.
[2022-06-08 16:41:24] ERROR[3114]: loader.c:2508 load_modules: cdr_tds declined to load.
[2022-06-08 16:41:24] ERROR[3114]: loader.c:2508 load_modules: cel_tds declined to load.
[2022-06-08 16:41:24] ERROR[3114]: loader.c:2508 load_modules: cel_sqlite3_custom declined to load.
[2022-06-08 16:41:24] ERROR[3114]: loader.c:2508 load_modules: res_hep_rtcp declined to load.
[2022-06-08 16:41:24] ERROR[3114]: loader.c:2508 load_modules: res_hep_pjsip declined to load.
Asterisk Ready.

10

Does this mean that the Asterisk service is started by the asterisk user?

~]# ps -ef

asterisk 11436 11434 17 16:47 ? 00:00:01 /usr/sbin/asterisk -f -vvvg -c
asterisk 11490 1468 1 16:47 ? 00:00:00 php /var/www/html/admin/modules/core/call-transfer-events.php

How important is it to have Asterisk run by the asterisk user?

11

did you try change this

as that tells systemd that asterisk need ownership of /var/run/asterisk

1 Like
12

Yes, I tried that before doing ps -ef

And what should I do about these database errors?

I have implemented this:

*CLI> odbc show

ODBC DSN Settings

Name: asteriskcdrdb
DSN: MySQL-asteriskcdrdb
Last fail connection attempt: 2022-06-08 16:47:48
Number of active connections: 0 (out of 5)
Logging: Disabled

So there is a connection to the database or something needs to be corrected?

13

It says nothing regarding that. ps -el might tell you something.

It is desirable that it is not started as the asterisk user, as some things it may need to do when starting can only be run as root. It is better to use the asterisk configuration options to have it change.

Running it as asterisk is a security thing, but if you are running it on a dedicated machine, if asterisk gets compromised, you have lost the whole machine, anyway.

1 Like
14

This is it?

~]# ps -ef
asterisk 11436 11434 17 16:47 ? 00:00:01 /usr/sbin/asterisk -f -vvvg -c

~]# ps -el
4 S 995 11436 11434 1 80 0 - 528439 poll_s ? 00:00:16 asterisk

15

995 is the user.

Column headings are:

F S UID PID PPID C PRI NI ADDR SZ WCHAN TTY TIME CMD

16

Ok, it working sometime but now, after server reboot it show this error in FreePBX

chrome_IYattnfdmg
chrome_IYattnfdmg766×354 13.7 KB

And result of this command

putty_ixWX65lcNV
putty_ixWX65lcNV942×659 15.9 KB

And Zoiper can make call at this moment

17

huu how is this system originally installed ?
via FreePBX image or by hand
for issues with installing and running FreePBX you should ask https://community.freepbx.org/

1 Like
18

Thanks for help!

It solved by comand:

fwconsole start

19

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.