Hi. i would like to reboot the system from an extension by using a PIN number. iam running asterisk 11 in an ubuntu system. I would appreciate if someone has a guide on how to do it, please.
Use System() and Authenticate() commands
1 Like
Hi. Thanks a lot for the answer, but i am afraid i am not that familiar with that. is there any guide or tutorial?
my extensions are ranging from 500-560. I would like for example to call the extension 570 and after an authentication PIN code of 1234 then reboot the system.
There are several ways to make this work, but understand that all are BIG security risks. Asterisk tends to sandbox its commands so the issues to overcome are getting the user that is running asterisk permission to execute external root level commands (shutdown) and also passing authentication. It may be best to start one step at a time and make sure your user running asterisk can execute a shutdown.
Make sure your asterisk user can sudo. Assuming your asterisk user is “asterisk”, as asterisk execute “sudo shutdown –h 0”, enter the asterisk user password, and then the machine shuts down. If that fails you can add asterisk to the sudo group by executing “sudo adduser asterisk sudo”
The next step is to eliminate the need to pass the asterisk users password to execute a shutdown
As root execute visudo and add the following line:
asterisk ALL = (ALL) NOPASSWD: ALL
Next in /var/lib/asterisk/agi-bin create the following script. I will call it shut.sh in this example.
#!/bin/bash
sudo –s <<EOF
touch /etc/asterisk/test-file
/sbin/shutdown –h 0
The touch line is in case the shutdown fails we want to be able to verify the script did execute. If it did execute you will see the file test-file in the /etc/asterisk directory.
You did not provide a dialplan so providing the exact modification needed is problematic. I would suggest testing the shutdown in a separate context to avoid confusion with the rest of your diaplan. Add the following:
[testcontext]
exten => 570,1,Verbose(START OF TESTCONTEXT)
same => n,AGI(shut.sh)
Set your logging to debug and dial the 570 extension and see if the machine shuts down. I just did this on my development machine and it shut down. If yours does not, the log running in debug mode will hopefully give some information. The verbose function will print START OF TESTCONTEXT in the log making it easier to find the area you need. If it works, you can add whatever authentication you want to the script. Good luck and I hope you don’t get hacked.
Is there a valid use case for this? It seems you wouldn’t be able to call in to any system that truly requires a reboot. If the system needs a regular reboot you likely have other issues and may wish to ssh in and see what is eating your system.
1 Like
Reboot the system from the phone it is good as an emergency option where you dont have Internet access and reboot could be the only troubleshooting method against your server, at least to restart all running services