Yes, Im agree that anyhow it will be on local, but only root user have the right to read this file. So how can I change the permission of my.cnf file to be able to read it from kamailio only when I start or reboot? Thank you.
El mié., 18 nov. 2020 17:18, Daniel-Constantin Mierla miconda@gmail.com escribió:
On 18.11.20 16:45, Daniel-Constantin Mierla wrote:
One alternative is to pass user/password via environment variables and then use #!substdef in configuration file, with the replacement using the corresponding $env(...) variables.
If the goal is protecting the configuration file content in long term against being read in the future, two other options:
- remove kamailio.cfg after starting kamailio, it is not needed at
runtime
Obviously, instead of removing, the permissions kamailio.cfg can be changed after starting kamailio -- adding this after seeing in another message being mentioned the option with mysql my.cfg, user/password is in a local file anyhow.
Cheers, Daniel
- encrypt kamailio.cfg and pipe its decrypted content to kamailio at
startup, like:
decryptapp kamailio-encrypted.cfg | kamailio -f - ...
Cheers, Daniel On 18.11.20 15:27, David Villasmil wrote:
I just get the params from AWS Parameter Store and pass it to Kamailio on startup. Downsize is you can see them in “ps”.
On Wed, 18 Nov 2020 at 12:40, Alexandru Covalschi 568691@gmail.com wrote:
Alternative way is to use unixodbc, but it just means you put the password into another file.
ср, 18 нояб. 2020 г. в 14:35, Alexandru Covalschi 568691@gmail.com:
Don't use databases. Create an API and use it to access the data you need. Won't work for every possible usage, but in general API-driven SIP-routing is very possible with Kamailio, especially with KEMI.
ср, 18 нояб. 2020 г. в 11:32, Ahmed Marsou amarsou1988@gmail.com:
Hi; I want to remove all plain text usernames an passwords from kamailio.cfg file. Like modparam("auth_db", "db_url", "dbdriver:// username:password@dbhost/dbname") or this modparam("sqlops","sqlcon","ca=>dbdriver://username:password @dbhost/dbname") Can you help me with some ideas of how can I handle that? Thank you. _______________________________________________ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
-- Alexandru Covalschi VoIP engineer and system administrator tel: +37367398493
-- Alexandru Covalschi VoIP engineer and system administrator tel: +37367398493
Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
-- Regards,
David Villasmil email: david.villasmil.work@gmail.com phone: +34669448337
Kamailio (SER) - Users Mailing Listsr-users@lists.kamailio.orghttps://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
-- Daniel-Constantin Mierla -- www.asipto.comwww.twitter.com/miconda -- www.linkedin.com/in/miconda Funding: https://www.paypal.me/dcmierla
-- Daniel-Constantin Mierla -- www.asipto.comwww.twitter.com/miconda -- www.linkedin.com/in/miconda Funding: https://www.paypal.me/dcmierla
Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users