Fix Services on Centos7

- revert centos7 to older systemd service file versions
dOpensource · Jun 18, 2024 · 2e00a28 · 2e00a28
1 parent 3bee7a4
commit 2e00a28
Show file tree

Hide file tree

Showing 8 changed files with 56 additions and 23 deletions.
diff --git a/dnsmasq/centos/install.sh b/dnsmasq/centos/install.sh
@@ -27,7 +27,11 @@ function install() {
     systemctl unmask dnsmasq.service
 
     # configure dnsmasq systemd service
-    cp -f ${DSIP_PROJECT_DIR}/dnsmasq/systemd/dnsmasq-v2.service /lib/systemd/system/dnsmasq.service
+    if (( ${DISTRO_VER} > 7 )); then
+        cp -f ${DSIP_PROJECT_DIR}/dnsmasq/systemd/dnsmasq-v2.service /lib/systemd/system/dnsmasq.service
+    else
+        cp -f ${DSIP_PROJECT_DIR}/dnsmasq/systemd/dnsmasq-v3.service /lib/systemd/system/dnsmasq.service
+    fi
     chmod 644 /lib/systemd/system/dnsmasq.service
     systemctl daemon-reload
     systemctl enable dnsmasq

diff --git a/dsiprouter.sh b/dsiprouter.sh
@@ -3503,22 +3503,19 @@ function updatePermissions() {
     setDnsmasqPerms() {
         mkdir -p /run/dnsmasq
         chown -R dnsmasq:dnsmasq /run/dnsmasq
-        chown dnsmasq:root /run/dnsmasq
-        chmod 771 /run/dnsmasq
+        chmod 770 /run/dnsmasq
     }
     # set permissions for files/dirs used by nginx
     setNginxPerms() {
         mkdir -p /run/nginx
         chown -R nginx:nginx /run/nginx
-        chown nginx:root /run/nginx
-        chmod 771 /run/nginx
+        chmod 770 /run/nginx
     }
     # set permissions for files/dirs used by kamailio
     setKamailioPerms() {
         mkdir -p /run/kamailio
         chown -R kamailio:kamailio /run/kamailio
-        chown kamailio:root /run/kamailio
-        chmod 771 /run/kamailio
+        chmod 770 /run/kamailio
 
         # dsiprouter needs to have control over the kamailio dir
         # this allows dsiprouter to update kamailio dynamically
@@ -3535,8 +3532,7 @@ function updatePermissions() {
     setDsiprouterPerms() {
         mkdir -p ${DSIP_RUN_DIR}
         chown -R dsiprouter:dsiprouter ${DSIP_RUN_DIR}
-        chown dsiprouter:root ${DSIP_RUN_DIR}
-        chmod 771 ${DSIP_RUN_DIR}
+        chmod 770 ${DSIP_RUN_DIR}
 
         # dsiprouter user is the only one making backups
         chown -R dsiprouter:root ${BACKUPS_DIR}
@@ -3557,8 +3553,7 @@ function updatePermissions() {
     setRtpenginePerms() {
         mkdir -p /run/rtpengine
         chown -R rtpengine:rtpengine /run/rtpengine
-        chown rtpengine:root /run/rtpengine
-        chmod 771 /run/rtpengine
+        chmod 770 /run/rtpengine
     }
 
     # no args given set permissions for all services

diff --git a/kamailio/centos/7.sh b/kamailio/centos/7.sh
@@ -182,7 +182,7 @@ EOF
     firewall-cmd --reload
 
     # Configure Kamailio systemd service
-    cp -f ${DSIP_PROJECT_DIR}/kamailio/systemd/kamailio-v2.service /lib/systemd/system/kamailio.service
+    cp -f ${DSIP_PROJECT_DIR}/kamailio/systemd/kamailio-v1.service /lib/systemd/system/kamailio.service
     chmod 644 /lib/systemd/system/kamailio.service
     systemctl daemon-reload
     systemctl enable kamailio

diff --git a/nginx/centos/7.sh b/nginx/centos/7.sh
@@ -119,8 +119,8 @@ function install {
         ${DSIP_PROJECT_DIR}/nginx/configs/nginx.conf >/etc/nginx/nginx.conf
 
     cp -f ${DSIP_PROJECT_DIR}/nginx/systemd/nginx-stop.sh /usr/sbin/nginx-stop
-    cp -f ${DSIP_PROJECT_DIR}/nginx/systemd/nginx-v2.service /lib/systemd/system/nginx.service
-    cp -f ${DSIP_PROJECT_DIR}/nginx/systemd/nginx-watcher-v2.service /lib/systemd/system/nginx-watcher.service
+    cp -f ${DSIP_PROJECT_DIR}/nginx/systemd/nginx-v1.service /lib/systemd/system/nginx.service
+    cp -f ${DSIP_PROJECT_DIR}/nginx/systemd/nginx-watcher-v1.service /lib/systemd/system/nginx-watcher.service
     perl -p \
         -e "s%PathChanged\=.*%PathChanged=${DSIP_CERTS_DIR}/%;" \
         ${DSIP_PROJECT_DIR}/nginx/systemd/nginx-watcher.path >/lib/systemd/system/nginx-watcher.path

diff --git a/rtpengine/centos/install.sh b/rtpengine/centos/install.sh
@@ -292,7 +292,11 @@ function install {
 
     # Reconfigure systemd service files
     rm -f /lib/systemd/system/rtpengine.service 2>/dev/null
-    cp -f ${DSIP_PROJECT_DIR}/rtpengine/systemd/rtpengine-v2.service /lib/systemd/system/rtpengine.service
+    if (( ${DISTRO_VER} > 7 )); then
+        cp -f ${DSIP_PROJECT_DIR}/rtpengine/systemd/rtpengine-v3.service /lib/systemd/system/rtpengine.service
+    else
+        cp -f ${DSIP_PROJECT_DIR}/rtpengine/systemd/rtpengine-v2.service /lib/systemd/system/rtpengine.service
+    fi
 
     # Reload systemd configs
     systemctl daemon-reload

diff --git a/rtpengine/debian/install.sh b/rtpengine/debian/install.sh
@@ -232,9 +232,7 @@ function install {
 
     # Reconfigure systemd service files
     rm -f /lib/systemd/system/rtpengine.service 2>/dev/null
-    cp -f ${DSIP_PROJECT_DIR}/rtpengine/systemd/rtpengine-v2.service /lib/systemd/system/rtpengine.service
-    cp -f ${DSIP_PROJECT_DIR}/rtpengine/rtpengine-{start-pre,stop-post} /usr/sbin/
-    chmod +x /usr/sbin/rtpengine-{start-pre,stop-post} /usr/bin/rtpengine
+    cp -f ${DSIP_PROJECT_DIR}/rtpengine/systemd/rtpengine-v3.service /lib/systemd/system/rtpengine.service
 
     # Reload systemd configs
     systemctl daemon-reload

diff --git a/rtpengine/systemd/rtpengine-v2.service b/rtpengine/systemd/rtpengine-v2.service
@@ -9,22 +9,23 @@ DefaultDependencies=no
 
 [Service]
 Type=forking
+PermissionsStartOnly=true
 EnvironmentFile=/etc/default/rtpengine.conf
 User=rtpengine
 Group=rtpengine
-# runtime only directory /run/rtpengien
-RuntimeDirectory=rtpengien
+# runtime only directory /run/rtpengine
+RuntimeDirectory=rtpengine
 RuntimeDirectoryMode=0770
 # PIDFile requires an absolute path
 PIDFile=/run/rtpengine/rtpengine.pid
 # process capabilities
 AmbientCapabilities=CAP_NET_ADMIN CAP_SYS_NICE
 CapabilityBoundingSet=CAP_NET_ADMIN CAP_SYS_NICE
 # ExecStart* requires an absolute path for the program
-ExecStartPre=!-/usr/bin/dsiprouter chown -rtpengine
-ExecStartPre=+/usr/sbin/ngcp-rtpengine-iptables-setup start
+ExecStartPre=/usr/bin/dsiprouter chown -rtpengine
+ExecStartPre=/usr/sbin/ngcp-rtpengine-iptables-setup start
 ExecStart=/usr/bin/rtpengine --config-file=${CONFIG_FILE} --pidfile=${PID_FILE}
-ExecStopPost=+/usr/sbin/ngcp-rtpengine-iptables-setup stop
+ExecStopPost=/usr/sbin/ngcp-rtpengine-iptables-setup stop
 Restart=on-failure
 
 [Install]

diff --git a/rtpengine/systemd/rtpengine-v3.service b/rtpengine/systemd/rtpengine-v3.service
@@ -0,0 +1,31 @@
+[Unit]
+Description=RTPEngine proxy for RTP and other media streams
+Requires=basic.target network.target
+After=network.target network-online.target systemd-journald.socket basic.target
+After=iptables.service redis.service rsyslog.service
+# iptables.service is required only if the RTPEngine uses its kernel module.
+# redis.service is required if the Redis server is working on the same machine along with the RTPEngine
+DefaultDependencies=no
+
+[Service]
+Type=forking
+EnvironmentFile=/etc/default/rtpengine.conf
+User=rtpengine
+Group=rtpengine
+# runtime only directory /run/rtpengine
+RuntimeDirectory=rtpengine
+RuntimeDirectoryMode=0770
+# PIDFile requires an absolute path
+PIDFile=/run/rtpengine/rtpengine.pid
+# process capabilities
+AmbientCapabilities=CAP_NET_ADMIN CAP_SYS_NICE
+CapabilityBoundingSet=CAP_NET_ADMIN CAP_SYS_NICE
+# ExecStart* requires an absolute path for the program
+ExecStartPre=!-/usr/bin/dsiprouter chown -rtpengine
+ExecStartPre=+/usr/sbin/ngcp-rtpengine-iptables-setup start
+ExecStart=/usr/bin/rtpengine --config-file=${CONFIG_FILE} --pidfile=${PID_FILE}
+ExecStopPost=+/usr/sbin/ngcp-rtpengine-iptables-setup stop
+Restart=on-failure
+
+[Install]
+WantedBy=multi-user.target