chroot squid-1.1.22 on bsdi3.1 fails

From: Gerhard Brosig <Gerhard.Brosig@dont-contact.us>
Date: Tue, 28 Jul 1998 13:19:46 +0200

Hi folks,

compiling the squid-1.1.22 on a bsdi3.1 box
( Patches installed up to: patch M310-032)
I got some warnings, but the gcc completed successfully.
        ./configure --prefix=/var/www/squid-1.1.22
        make all
        make install
        Modify the config file....

Trying to run the squid in a non-chroot environment

        Excerpts from cache.log:
        1998/07/27 19:43:21| Started 16 'dnsserver' processes
1998/07/27 19:43:21| ftpInitialize: Initializing...
1998/07/27 19:43:21| ftpget -S socket on FD 25
1998/07/27 19:43:21| comm_close: FD 25
1998/07/27 19:43:21| commCallCloseHandlers: FD 25
1998/07/27 19:43:21| leave_suid: PID 23570 called
1998/07/27 19:43:21| leave_suid: PID 23570 giving up root priveleges
forever
1998/07/27 19:43:21| leave_suid: PID 23571 called
1998/07/27 19:43:21| leave_suid: PID 23571 giving up root priveleges
forever
1998/07/27 19:43:21| comm_set_fd_lifetime: FD 24 lft -1
1998/07/27 19:43:21| Unlinkd pipe opened on FD 24
1998/07/27 19:43:21| urlInitialize: Initializing...
.......

But starting in a chroot-environment like

         /usr/sbin/chroot /var/www/squid-1.1.22 \
                /bin/squid -s -f /etc/squid.conf.medmail.8080

resulted in:
        "Squid is not safe to run as root! If you must"
        "start Squid as root, then you must configure"
        "it to run as a non-priveledged user with the"
        "'cache_effective_user' option in the config file."
        "Don't run Squid as root, set 'cache_effective_user'!"

But

root@medmail 148 # grep cache_effective_user
/var/www/squid-1.1.22/etc/squid.conf.medmail.8080
# TAG: cache_effective_user
cache_effective_user nobody nogroup
root@medmail 149 #

There are the shared libraries in the chroot env. too
root@medmail 151 # ls -la /var/www/squid-1.1.22/shlib/libc_s.3.0.0
-rwxr-xr-x 1 root www 420006 Jul 27 15:15
/var/www/squid-1.1.22/shlib/libc_s.3.0.0
root@medmail 152 #

Any ideas?

E-Mail: Gerhard.Brosig@oit.med.uni-muenchen.de
           Organisation und Informationstechnik
        der Medizinischen Fakultaet der LMU Muenchen
Microsoft gives you Windows, UNIX gives you the whole house
Received on Tue Jul 28 1998 - 04:22:27 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:41:17 MST