vicidial.org

[Kumba]

ViciBox v.7.0.0 lead loader fix, update for correct PERL version

1) mkdir -p /usr/lib/perl5/site_perl/5.18.2/Crypt/
2) ln -s /usr/lib/perl5/vendor_perl/5.18.2/Crypt/RC4.pm /usr/lib/perl5/site_perl/5.18.2/Crypt/RC4.pm

---------------

ViciBox v.7.0.0 telephony script fix, was not set executable during build, resulted in ramdrive not being created plus other minor things. This only needs to be ran on telephony servers. It has no affect on web or database servers.

1) chmod 755 /usr/src/astguiclient/conf/vicibox-tel.sh
2) /usr/src/astguiclient/conf/vicibox-tel.sh
3) reboot

--------------

ViciBox v.7.0.1 and under has a quasi-bug with MariaDB v.10. The issue is that sometimes during an unclean shutdown the temporary files created by the database will not be removed causing an issue when the database goes to recreate them. This is not related to the tmpdir to temporary tables, but an internal mechanism by which MySQL writes an old table out to a new file and then swaps the table contents. This primarily happens when an optimize is ran on the tables or when the table rebuilds itself after every 1000 update/delete queries. The fix is to upgrade to MariaDB 10.1.6 or better.

Instructions for installing MariaDB 10.1.6+.

1) zypper ar http://download.opensuse.org/repositori ... abase.repo
2) zypper refresh (When prompted about the added repository, press 'a' and hit enter to always trust this repo)
3) service mysql stop
4) zypper dup
5) Delete any TMM files that you can find in the mysql directories in order to give it a good fresh start
7) service mysql start

--------------

ViciBox v.7 comes with Asterisk 11 by default as noted in both the install manual and the ViciBox website. For those who have a ViciDial installation that is too old to support Asterisk 11 and do not want to upgrade, these instructions will allow you to downgrade to Asterisk v.1.8 for compatibility. This is not a bug with ViciBox as much as it is a cluster that is just old. If your SVN revision is older then 2347 you will need to run these instructions to install Asterisk v.1.8 or upgrade ViciDial to a newer SVN revision.

Downgrade Asterisk to v.1.8 for ViciDial SVN revision 2347 and under:

1) zypper rr 3 (use 'zypper lr' to see which repo is home:vicidial:asterisk-11_Leap_42.1)
2) zypper ar http://download.opensuse.org/repositori ... k-1_8.repo
3) zypper ref
4) zypper in --force asterisk asterisk-dahdi asterisk-snmp
5) zypper dup (if asked about wanrouter/libosptk file conflicts, just say 'yes')
6) cd /etc/asterisk
7) * SEE OPTIONAL INSTRUCTIONS BELOW
reboot

* If you have already installed the dialer and added it to a cluster before noticing that your version of ViciDial does not support Asterisk v.11, run these additional instructions before rebooting.

1) cd /usr/src/astguiclient/trunk
2) perl install.pl --copy_sample_conf_files --no-prompt --asterisk_version=1.8


Finally, you will need to change the Asterisk Version under Admin --> Servers for that particular dialer to '1.8.32.3-vici' and tell it to rebuild it's conf files. You will also need to double check that the asterisk version in /etc/astguiclient.conf is set to '1.8' instead of '11'. That will complete the downgrade.

--------------

ViciBox v.7.0.2 and earlier does not properly set the 'server-id' directive in my.cnf for a slave server. You will need to set this manually in the file /etc/my.cnf. The first slave server should have a server-id of '2', the second should be '3', and so on. You can edit the file by doing the following:

1) sed -i 's/server-id=1/server-id=X' /etc/my.cnf (replace the 'X' with the correct server ID to use)
2) service mysql restart

--------------

ViciBox v.7.0.2 and earlier have some old PERL packages that didn't exist in the official repositories and were built in home:vicidial repository instead. These packages have since become available from official repositories and were recently removed from the home:vicidial repo. It is recommended to update to the packages from the official repositories. You can do that by running the following:

1) zypper ref
2) zypper dup

You might get a notice about files changing vendor, or resolving conflicts. This is normal and you should allow the installer to continue.

---------------

ViciBox v.7.0.3 and under has an issue with the init script and starting Wanpipe. The issue is that it does not properly find the configuration files that trigger it to load. You will
need to patch the /etc/init.d/vicidial init script to make these changes. If you are not using Sangoma Wanpipe for T1/PRI then you do not need to apply this patch.

1) cd /root
2) wget http://download.vicidial.com/patches/vi ... init.patch
3) patch /etc/init.d/vicidial < vicibox7-init.patch

---------------

ViciBox v.7.0.3 and under has an issue with the permission for the recordings directory of a dialer not allowing apache to access those recordings. This results in a 403 error when clicking on recording links. Below is the fix for this. Simply need to fix the permissions on one of the directories to fix.

1) chmod 755 /var/spool/asterisk

---------------

ViciBox v.7.0.4 and under is eligible for a package update for OpenSSH when doing 'zypper dup'. The new security feature disables remote root logins in some instances. You need to re-enable those if you want them. You can do so by issuing the following commands.

1) sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config
2) passwd (You'll need to set the root password again on some systems)
3) service sshd restart

---------------

ViciBox v.7.0.4 and under may have an issue during 'zypper dup' that results in the DAHDI kernel driver being uninstalled. This is due to the security update of the OpenSSH package. When OpenSSH updates it resets all SSH connections which results in all currently logged in SSH users being disconnected. If you are doing the zypper updates through an SSH connection, and zypper is also upgrading the DAHDI packages, then there is a chance that it will uninstall the old DAHDI kernel and lose connection before it gets a chance to install the new package. There are currently two solutions if you are affected by this issue:

Solution 1 - Run 'zypper dup' in a screen session so that it won't be interrupted during the OpenSSH upgrade
Solution 2 - Manually install the DAHDI kernel driver by running the following command: zypper in dahdi-linux-kmp-default

[williamconley]

Should these be executed before install or after install?

[Kumba]

They can be ran at any time after the OS installation (Phase 1) has been completed. I updated the vicibox-tel.sh instructions as it really only needs to be run on Telephony servers. The '-tel' stands for Telephony in case anyone was wondering.

[Merchant007]

in vicidial 7.0.1 is this issue fixed? going to install 7.0.1 on a production environment


in 7.0.1 vicibox where is the default location where db is stored? cause i cant find under /srv/

i guess fixed , cause just after fresh install on VM for testing and by running
find / -name *.TMM gives no result , ty

edit

Code: Select all

vicibox7:/srv/www/htdocs/vtigercrm # find / -name *.TMM
/var/lib/mysql/asterisk/vicidial_daily_max_stats.TMM

[davesdatasystems]

Where are the .TMM files located on Vicibox7. I attempted to find them, and had o luck. But i am in the middle of having the table crash issue as well, i tried looking where you said, could not find the file.

[williamconley]

i think your answer lies in "what is a tmm table". temp file created by mysqlcheck? and that means it will be in the temp folder location and that may or may not be the /var/lib/mysql subfolder depending on configuration. vicibox 7 is a leap forward to a new version of opensuse and mysql could very well be handling this differently.

http://bugs.mysql.com/bug.php?id=54828

[Kumba]

There is a thread with a tentative fix for the TMM MariaDB file issue. The fix is to upgrade the database to MariaDB 10.1.6 and delete the TMM files. If you can please post in that thread after upgrading MAriaDB and running for a week if the fix works then I will include it in the OP as the fix.


Post here after you've been running it for a week or so and if you had issues with the TMM files anymore:
viewtopic.php?f=8&t=35435


Instructions for installing MariaDB 10.1.6+.

1) zypper ar http://download.opensuse.org/repositori ... abase.repo
2) zypper refresh (When prompted about the added repository, press 'a' and hit enter to always trust this repo)
3) service mysql stop
4) zypper dup
5) Delete any TMM files that you can find in the mysql directories in order to give it a good fresh start
7) service mysql start

[dpochet]

Hi I install vicibox 7 in virtualbox machine for to test, I use the vicibox-install command, but I dont know if the issue that have a is a bug or I missing some thing of the new vicibox 7. the problem that I have, is dont show the campaing menu in the campaign section like Show Campaigns | Add A New Campaign | Copy Campaign | Real-Time Campaigns Summary

[mflorell]

Upgrade to the latest SVN/trunk, that issue has been fixed.

[antuan]

Upgrade to the latest SVN/trunk, that issue has been fixed.

What do i run to do the last upgrade svn/trunk (command line)???

[Merchant007]

http://www.eflo.net/VICIDIALforum/viewtopic.php?t=16326

optional

Code: Select all

/usr/share/astguiclient/ADMIN_backup.pl --debugX

Code: Select all

cd /usr/src/astguiclient

Download Vicidial trunk on ALL servers

Code: Select all

svn checkout svn://svn.eflo.net:3690/agc_2-X/trunk

Code: Select all

cd /usr/src/astguiclient/trunk

Code: Select all

perl ./install.pl

[williamconley]

Backup!

Code: Select all

/usr/share/astguiclient/ADMIN_backup.pl --debugX


Get Instructions.

Code: Select all

cd /usr/src/astguiclient/trunk
cat UPGRADE


Get the newest code (If you have edited sip.conf for the "externip" value, you'll need to edit it again!)

Code: Select all

cd /usr/src/astguiclient/trunk
svn up
perl ./install.pl --copy_sample_conf_files


Read the instructions for the DB upgrade (never forget the DB upgrade!)

Then probably something like this if you have no root mysql pass:

Code: Select all

mysql asterisk < /usr/src/astguiclient/trunk/extras/upgrade_2.12.sql


Or this if you DO have a root mysql pass:

Code: Select all

mysql asterisk -p < /usr/src/astguiclient/trunk/extras/upgrade_2.12.sql


[randy_delgado_03]

Kumba/Vicidial Group,

Note: I'm using the latest version of Vicibox stated on my signature ...

Just an FYI:

I found the following errors on /var/log/apache2/error_log:

[Thu Apr 28 17:48:14.688241 2016] [php5:error] [pid 2990] [client 172.27.116.129:52829] PHP Warning: Missing argument 7 for user_authorization(), called in /srv/www/htdocs/agc/vdc_db_query.php on line 942 and defined in /srv/www/htdocs/agc/functions.php on line 37

[Thu Apr 28 17:48:14.880122 2016] [php5:error] [pid 1550] [client 172.27.116.129:52819] PHP Warning: Missing argument 7 for user_authorization(), called in /srv/www/htdocs/agc/conf_exten_check.php on line 203 and defined in /srv/www/htdocs/agc/functions.php on line 37

These errors occurs every time i login on the agent web form.

I dig in to this and found out that the parameters on the php scripts below:
/srv/www/htdocs/agc/vdc_db_query.php on line 942
/srv/www/htdocs/agc/conf_exten_check.php on line 203

are not matching the parameters need when calling /srv/www/htdocs/agc/functions.php.

Line 942 of /srv/www/htdocs/agc/vdc_db_query.php:
$auth_message = user_authorization($user,$pass,'',0,1,0);

Line 203 of /srv/www/htdocs/agc/conf_exten_check.php:
$auth_message = user_authorization($user,$pass,'',0,$bcrypt,0);

Line 37 of /srv/www/htdocs/agc/functions.php:
##### BEGIN validate user login credentials, check for failed lock out #####
function user_authorization($user,$pass,$user_option,$user_update,$bcrypt,$return_hash,$api_call)

This server is just 3 days old and yet the /var/log/apache2/error_log is already at 250gig.

Band aid solution was to turn off the apache logging but still looking for some work around and/or permanent solution ...

[mflorell]

Should be fixed now if you upgrade to the latest svn/trunk code.

[randy_delgado_03]

Noted on this, thanks Matt ...

[mattyou1985]

ViciBox v.7.0.3-160505 just did a full up grade after install this is the most current version and with it all of the above problums are resolved ok apart from Asterisk 11.21.2-vici needed to be down graded so it will work in a cluster looking good fellers much thanks

[Kumba]

ViciBox v.7.0.3-160505 just did a full up grade after install this is the most current version and with it all of the above problums are resolved ok apart from Asterisk 11.21.2-vici needed to be down graded so it will work in a cluster looking good fellers much thanks

There's no reason to downgrade to Asterisk 1.8 unless your ViciDial code is over 3-years old. Asterisk 11 and 1.8 work perfectly fine together.

[williamconley]

There's no reason to downgrade to Asterisk 1.8 unless your ViciDial code is over 3-years old. Asterisk 11 and 1.8 work perfectly fine together.

I gotta one-up ya on that. We have clusters with 1.2, 1.4, 1.8 and 11 and so far have never had anything even closely resembling a compatibility issue from "mixing" asterisk versions in a cluster.

Of course, we have added new severs to old clusters that restricted the asterisk version to 1.4 or 1.8, but the old installers still work fine. So we install with Vicibox 6.0.4 or 5.0.3 or 4.0.3 to get the correct version of Asterisk for the client. Thanks Kumba.

[mflorell]

We have seen issues in the past with IAX problems with Asterisk 1.2 interacting with newer Asterisk versions, and given the documented security issues with Asteirsk 1.2, and it's age, we always strongly recommend upgrading it whenever we come across it at a client. As for Asterisk versions 1.4 up to 13 that we are testing with now, they all get along fine together, and in fact that is something we test for as we approve new versions of Asterisk to use with VICIdial.

[williamconley]

We've had ZERO problems with security with any version of asterisk after whitelisting a server. All our servers are whitelisted.

[kieran333]

We've had ZERO problems with security with any version of asterisk after whitelisting a server. All our servers are whitelisted.

What concerns me about that is, what if somebody is sitting under the whitelist (customer's office) with bad intentions?

[williamconley]

We've had ZERO problems with security with any version of asterisk after whitelisting a server. All our servers are whitelisted.

What concerns me about that is, what if somebody is sitting under the whitelist (customer's office) with bad intentions?

To quote Microsoft: If you have someone in physical contact with your server, your security problem is not with the code.

In this case, I have never suggested that anyone open their door to the public and allow everyone in. You still have to vet your agents and staff. The Vicidial system itself is not a hardened application. It is entirely possible to increase security, but there is a "return on investment" for this sort of concern.

For instance: when you hire employees and allow them to sit in your office: Do you put a camera on them and hire staff to watch their monitors remotely? Do you have a security guard pat down your employees when they leave the office? Do you have a database monitoring system set up to verify that every record an agent accesses was necessary, and that they are not actually harvesting client data?

We've built several interesting security-scenario solutions for various concerns and in various software packages over the years. They generally address a specific behavior. The cost for protecting all software involved against all possible invasion/exploitation is ... prohibitive.

In the end, each company has to decide how much security is necessary in any particular category. The firewall is only there to stop people who are not authorized from invading your system. Vetting those who are authorized, and/or hardening the system against those to whom you are going to give access credentials is a whole different matter.

This is just the first stage: Just like locking your doors. Not perfect, not foolproof, but certainly a good first step and certainly not something to skip because it's not perfect. lol

[mflorell]

<shameless plug>
If you're worried about physical security, our VICIhost services are hosted in SSAE-16 certified hosting facilities, and we do offer the exclusive VICIdial add-on for encrypted custom list fields. For more information on our hosted security features, go here:
http://www.vicihost.com/?p=131
</shameless plug>