Sunday, June 26, 2016

an open letter to my assignment group


I'm having a very frustrating time this week editing this work. I feel that the content is not quite there in terms of satisfying the assignment requirements, and I'm having a lot of difficulty making sense of a lot of the input you've given me. I've asked for clarifications in many of the comments but the responses, as a rule, haven't been clear. I'm trying to rewrite what I can, fill in the gaps where I can, and preserve y'all's intent of meaning where I can discern it, but it's very difficult to discern in a lot of cases. This makes it next to impossible to provide clarity to those who will be reading, and grading, our paper.

This is mainly meant as fair warning that I doubt our grade will be all that great on this assignment.

I am struggling to pull this paper together even to the level that I was able to do for the last paper (which, frankly, was well below normally-acceptable standards, in my opinion). In order to rewrite this to the level of acceptability that we were able to achieve even in that assignment, I would have to spend another full day on this reading the sources given to square them with the citations and to make sense of everything and pull it all together into a cohesive document that satisfies the assignment criteria.

I'm disinclined to say anything further that could be taken personally, but I do mean to convey that I have not yet seen the quality of writing so far from this group that is normally acceptable at an undergraduate level, let alone in grad school. The main reason I volunteered to edit the papers for the group is that I am a good writer and editor, and a better critic. Perhaps most to the point, however, it truly pains me to turn in mediocre-to-lousy writing.

I realize I have probably burned three bridges at once with this; however, I feel strongly that this is important enough to take that risk: in all sincerity, PLEASE, each of you needs to step up your writing game. I am asking not only for my sake and the sake of my grade, but also for the sake of your own academic and professional careers, and to honor the value of the degree we're all working to achieve.

Friday, May 13, 2016

Asterisk and SELinux – and allowing additional Asterisk CLI users

Most advice on Asterisk that you'll find out in the ether states that to get Asterisk working right, you'll need to disable SELinux. Sometimes you'll even see vendor engineers repeating this over official channels.

IMO this is stupid and wrong. Disabling security is a terrible approach to fixing problems generally, – but particularly so when the real issue is more than likely a config problem.

Enough ranting though – I came to post about the resolution to just such a config problem.

Systemd config

After building a basic install of Asterisk 13.8 Certified on CentOS 7.2, I wasn't satisfied to run the included sysvinit script for startup when the entire balance of the system was initializing through systemd. I found that /var/run/asterisk wouldn't cooperate with my initial attempts at writing a systemd script – after every reboot, it came back owned by root; ownership changes wouldn't stick. I learned from Jari Turkia[1] this is due to /var/run being a tmpfs – nothing there persists across reboot.

Jari used /usr/bin/mkdir, suppressing errors, and /usr/bin/chown, but it's possible to do the same thing elegantly in a single line using /bin/install – a handy trick I picked up from Paul.[2]

With that and other help [3],[4],[5], I was able to dial in a very nicely working systemd script to control my Asterisk installation. The config is after the jump.

Asterisk config

After sorting the directory ownership and permissions, I also learned that I could allow additional users (e.g., my own login account) to use the Asterisk CLI without having to use sudo – there are a couple of config items that have to be changed to let this happen:
  1. In /etc/asterisk/asterisk.conf, uncomment [files] stanza and its entry astctlpermissions[6]
    • This changes the permissions on the /var/run/asterisk/asterisk.ctl socket node – necessary because a CLI user needs write access to the socket
  2. In /etc/asterisk/cli_permissions.conf, add an entry for the user or group you want to give permissions, along with the appropriate permissions.[7]
    • Since I'm my only user, I set group wheel to have all rights, but you may need something more strict.