vadim64 писал(а):а что у вас сейчас в manager.conf
То как сейчас выглядит manager.conf
Код: Выделить всё
# cat -n /usr/local/etc/asterisk/manager.conf
2 ; AMI - The Asterisk Manager Interface
4 ; Third party application call management support and PBX event supervision
6 ; This configuration file is read every time someone logs in
8 ; Use the "manager show commands" at the CLI to list available manager commands
9 ; and their authorization levels.
11 ; "manager show command <command>" will show a help text.
13 ; ---------------------------- SECURITY NOTE -------------------------------
14 ; Note that you should not enable the AMI on a public IP address. If needed,
15 ; block this TCP port with iptables (or another FW software) and reach it
16 ; with IPsec, SSH, or SSL vpn tunnel. You can also make the manager
17 ; interface available over http/https if Asterisk's http server is enabled in
18 ; http.conf and if both "enabled" and "webenabled" are set to yes in
19 ; this file. Both default to no. httptimeout provides the maximum
20 ; timeout in seconds before a web based session is discarded. The
21 ; default is 60 seconds.
24 enabled = yes
25 webenabled = yes
27 port = 5038
28 bindaddr = 188.8.131.52
30 ; Parameters that control AMI over TLS. ("enabled" must be set too).
31 ; You can open a connection to this socket with e.g.
33 ; openssl s_client -connect my_host:5039
35 ;tlsenable=no ; set to YES to enable it
36 ;tlsbindport=5039 ; the port to bind to
37 ;tlsbindaddr=0.0.0.0 ; address to bind to, default to bindaddr
38 ;tlscertfile=/tmp/asterisk.pem ; path to the certificate.
39 ;tlsprivatekey=/tmp/private.pem ; path to the private key, if no private given,
40 ; if no tlsprivatekey is given, default is to search
41 ; tlscertfile for private key.
42 ;tlscipher=<cipher string> ; string specifying which SSL ciphers to use or not use
44 ;allowmultiplelogin = yes ; IF set to no, rejects manager logins that are already in use.
45 ; ; The default is yes.
47 ;displayconnects = yes
49 ; Add a Unix epoch timestamp to events (not action responses)
51 ;timestampevents = yes
53 ;brokeneventsaction = yes ; Restore previous behavior that caused the events
54 ; action to not return a response in certain
55 ; circumstances. Defaults to 'no'.
58 ; Display certain channel variables every time a channel-oriented
59 ; event is emitted:
61 ;channelvars = var1,var2,var3
63 ; debug = on ; enable some debugging info in AMI messages (default off).
64 ; Also accessible through the "manager debug" CLI command.
66 ; authtimeout specifies the maximum number of seconds a client has to
67 ; authenticate. If the client does not authenticate beofre this timeout
68 ; expires, the client will be disconnected. (default: 30 seconds)
70 ;authtimeout = 30
72 ; authlimit specifies the maximum number of unauthenticated sessions that will
73 ; be allowed to connect at any given time.
75 ;authlimit = 50
77 ;httptimeout = 60
78 ; a) httptimeout sets the Max-Age of the http cookie
79 ; b) httptimeout is the amount of time the webserver waits
80 ; on a action=waitevent request (actually its httptimeout-10)
81 ; c) httptimeout is also the amount of time the webserver keeps
82 ; a http session alive after completing a successful action
86 secret = 123
90 ;eventfilter=Event: Newchannel
91 ;eventfilter=!Channel: DAHDI*
92 ; The eventfilter option is used to whitelist or blacklist events per user to be
93 ; reported with regular expressions and are allowed if both the regex matches
94 ; and the user has read access set below. Filters are assumed to be for whitelisting
95 ; unless preceeded by an exclamation point, which marks it as being black.
96 ; Evaluation of the filters is as follows:
97 ; - If no filters are configured all events are reported as normal.
98 ; - If there are white filters only: implied black all filter processed first,
99 ; then white filters.
100 ; - If there are black filters only: implied white all filter processed first,
101 ; then black filters.
102 ; - If there are both white and black filters: implied black all filter processed
103 ; first, then white filters, and lastly black filters.
106 ; If the device connected via this user accepts input slowly,
107 ; the timeout for writes to it can be increased to keep it
108 ; from being disconnected (value is in milliseconds)
110 writetimeout = 100
112 displayconnects = yes ; Display on CLI user login/logoff
114 ; Authorization for various classes
116 ; Read authorization permits you to receive asynchronous events, in general.
117 ; Write authorization permits you to send commands and get back responses. The
118 ; following classes exist:
120 ; all - All event classes below (including any we may have missed).
121 ; system - General information about the system and ability to run system
122 ; management commands, such as Shutdown, Restart, and Reload.
123 ; call - Information about channels and ability to set information in a
124 ; running channel.
125 ; log - Logging information. Read-only. (Defined but not yet used.)
126 ; verbose - Verbose information. Read-only. (Defined but not yet used.)
127 ; agent - Information about queues and agents and ability to add queue
128 ; members to a queue.
129 ; user - Permission to send and receive UserEvent.
130 ; config - Ability to read and write configuration files.
131 ; command - Permission to run CLI commands. Write-only.
132 ; dtmf - Receive DTMF events. Read-only.
133 ; reporting - Ability to get information about the system.
134 ; cdr - Output of cdr_manager, if loaded. Read-only.
135 ; dialplan - Receive NewExten and VarSet events. Read-only.
136 ; originate - Permission to originate new calls. Write-only.
137 ; agi - Output AGI commands executed. Input AGI command to execute.
138 ; cc - Call Completion events. Read-only.
139 ; aoc - Permission to send Advice Of Charge messages and receive Advice
140 ; - Of Charge events.
141 ; test - Ability to read TestEvent notifications sent to the Asterisk Test
142 ; Suite. Note that this is only enabled when the TEST_FRAMEWORK
143 ; compiler flag is defined.
145 read = system,call,log,verbose,agent,user,config,dtmf,reporting,cdr,dialplan
146 write = system,call,agent,user,config,command,reporting,originate
147 ;read = system,call,log,verbose,command,agent,config,user
148 ;write = system,call,log,verbose,command,agent,config,user
На сколько я понял то за права доступа отвечает именно эта запись:
Код: Выделить всё
read = system,call,log,verbose,agent,user,config,dtmf,reporting,cdr,dialplan
write = system,call,agent,user,config,command,reporting,originate