search

OpenSIPS / opensips-cli

OpenSIPS CLI tool - an interactive command line tool that can be used to control and monitor OpenSIPS servers.
GNU General Public License v3.0
84 stars 46 forks source link

Documentation issue: FIFO access on modern linux & opensips-cli / mi_fifo defaults #114

Open Igneous opened 9 months ago

Igneous commented 9 months ago

Just wanted to detail my first experience here -- there's a chance this can be improved.

Seems like most docs and defaults throughout the codebase refer to using /tmp/opensips_fifo. It's very easy to accidentally set everything up using /tmp/opensips_fifo.

Running opensips-cli with a module like user will give unrelated errors about not being loaded, however if you're fortunate enough to use the -d flag, you can see it's not being loaded because the cli can't access the mi fifo... but it's unclear why opensips-cli can't access it.

Executing a command with the mi module seems to be the only codepath that will print this warning:

ERROR: cannot access fifo file /tmp/opensips_fifo: [Errno 13] Permission denied: '/tmp/opensips_fifo'
ERROR: starting with Linux kernel 4.19, processes can no longer read from FIFO files 
ERROR: that are saved in directories with sticky bits (such as /tmp)
ERROR: and are not owned by the same user the process runs with. 
ERROR: To fix this, either store the file in a non-sticky bit directory (such as /var/run/opensips), 
ERROR: or disable fifo file protection using 'sysctl fs.protected_fifos=0' (NOT RECOMMENDED)

This is hugely valuable -- put this everywhere anytime you fail to open the fifo. Also update the docs / config examples!

I'm happy to try to contribute changes to this if you're too busy and want a PR.

Igneous commented 9 months ago 
DEBUG: using config file /etc/opensips-cli.cfg
DEBUG: Loaded module 'database'
DEBUG: running in non-interactive mode database create []
DEBUG: running command 'create' '[]'
DEBUG: db_name: 'opensips'
DEBUG: admin DB URL: 'postgres://opensips:opensipsrw@localhost/postgres'
DEBUG: DB URL: 'postgres://opensips:opensipsrw@localhost'
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/opensipscli/db.py", line 205, in __init__
    self.__engine = sqlalchemy.create_engine(db_url)
                    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "<string>", line 2, in create_engine
  File "/usr/lib/python3/dist-packages/sqlalchemy/util/deprecations.py", line 375, in warned
    return fn(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/sqlalchemy/engine/create.py", line 518, in create_engine
    entrypoint = u._get_entrypoint()
                 ^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/sqlalchemy/engine/url.py", line 662, in _get_entrypoint
    cls = registry.load(name)
          ^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/sqlalchemy/util/langhelpers.py", line 343, in load
    raise exc.NoSuchModuleError(
sqlalchemy.exc.NoSuchModuleError: Can't load plugin: sqlalchemy.dialects:postgres

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/bin/opensips-cli", line 9, in <module>
    run_console()
  File "/usr/bin/opensips-cli", line 6, in run_console
    main.main()
  File "/usr/lib/python3/dist-packages/opensipscli/main.py", line 78, in main
    sys.exit(shell.cmdloop())
             ^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/opensipscli/cli.py", line 247, in cmdloop
    ret = self.run_command(module, command, modifiers, params)
          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/opensipscli/cli.py", line 409, in run_command
    return mod[0].__invoke__(cmd, params, modifiers)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/opensipscli/module.py", line 36, in __invoke__
    return f(params, modifiers)
           ^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/opensipscli/modules/database.py", line 598, in do_create
    db = self.get_db(admin_url if engine != 'sqlite' else db_url, db_name)
         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/opensipscli/modules/database.py", line 871, in get_db
    return osdb(db_url, db_name)
           ^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/opensipscli/db.py", line 235, in __init__
    raise osdbError("cannot handle {} dialect".
opensipscli.db.osdbError: cannot handle postgres dialect

Seems like there's something else going on here as well where documentation says to use a postgres:// url but sqlalchemy wants postgresql://.. but the whole osdb codebase expects postgres.. :thinking:

liviuchircu commented 9 months ago

Hey, @Igneous! Thanks for the feedback, I agree that if the /tmp/opensips_fifo path is accessed in multiple ways (e.g. by user module), then the same "sticky bit directories" info snippet should be printed similarly, on each exception handling. If you want to contribute, I will happily review it :)

Regarding the postgres SQLAlchemy issue, the exact problem you spotted should have been fixed by #108 and should be available starting with tomorrow's opensips-cli package build.

Igneous commented 9 months ago

Yeah absolutely. I'll shoot you a PR sometime in the next couple days -- it'd be an exciting privilege to contribute to osips