Hi,
For some background, I'm trying to get Asterisk to work with the stock ISDN drivers (ie. misdn 2.0 instead of dahdi). This works by running LCR, which handles the ISDN stuff (and can be used as a standalone ISDN PBX), in parallel with Asterisk. The two communicate with each other using a UNIX socket, and with the kernel using ISDN sockets.
After some fiddling I managed to make the control part (handled over the UNIX socket) to work using a custom policy for the Asterisk module, but I still get no audio if SELinux is set to enforcing. Switching to permissive mode gives me audio, but in both cases there are no AVC denials.
Any ideas?
Both Asterisk and LCR are started via systemd. I did not bother to write a policy module for LCR, so it is running as
system_u:system_r:initrc_t:s0 (which seems to be working fine). The Asterisk policy module is quite simple:
Code:
policy_module(asterisk_lcr,1.0.0)
require {
type var_run_t;
type asterisk_t;
type initrc_t;
class sock_file write;
class socket { create bind };
class unix_stream_socket connectto;
}
#####################################################
# Allow Asterisk (via chan_lcr.so) to connect to #
# /var/run/lcr/LCR.socket #
#####################################################
allow asterisk_t initrc_t:unix_stream_socket connectto;
allow asterisk_t var_run_t:sock_file write;
allow asterisk_t self:socket { create bind };
Linear Mode
