Re: squid 2.2.STABLE4 in a chroot environment

From: Michael Mittelstadt <meek@dont-contact.us>
Date: Tue, 7 Sep 1999 18:54:02 -0500

[Quoth Marco.Lammert@net-and-works.de]
] Hey squid users!
]
] I have installed a few days ago squid (Squid Cache: Version 2.2.STABLE4) for the
] first time on a
] Linux 2.2.5 into the default install directory (/usr/local/squid). Squid worked
] immediately as expected.
]

I've been chroot'ing my squids. I compile as normal with '--prefix=/'.

I then mkdir /usr/local/squid with this tree:

/cache/ - I put subdirs here for each cache drive
/bin/squid
     redir
     client
     dnsserver
     unlinkd
/etc/mib.txt
     resolv.conf
     passwd
     protocols
     services
     hosts
     squid.conf
     mime.conf
     icons/ - subdir for icons
     errors/ - subdir for error files
/logs - subdir for log files
/dev/zero - the only device file needed. This is likely your problem.
/lib/ld-linux.so.2
     ld.so
     libc.so.6
     libm.so.6
     libresolv.so.2
     libnss_files.so.1
     libnss_dns.so.1
     libpthread.so.0

In the config files, set logs to /logs/access_log, cache to /cache/0, etc.

It's also fairly easy to get perl into the chroot if you want to have
a perl redirector. I also use a wrapper program to chroot then become
user 'squid' and then run squid, so I don't have to run as root in the
chroot.

] But because my real intention was to run squid in a chroot environment I
] continued with the following
] (listed as exactly as I can remember the scenario...):
]
] 1) mkdir -p /usr/local/anywhere/jail (in the continuing progression this should
] be our new root)
] 2) mkdir -p /usr/local/anywhere/jail/usr/local
] 3) mkdir -p /usr/local/anywhere/jail/etc
] 4) I didn't know which files are the important ones therfore I copied all /etc
] contents to the
] /usr/local/anywhere/jail/etc
] I have done the same procedure with the files in the /lib path (the commands
] in the /bin section are
] dynamic executables) and with some files (bash, date, expr, sh, sleep) needed
] by the script RunCache.
]
] 5) cd /usr/src/squid2/squid-2.2.STABLE4
] 6) su squid
] 7) ./configure
] 8) Modified in ./src/Makefile the entry
] LDFLAGS = -g -static
]
] 9) make all
] 10) make install
] 11) cd /usr/local/squid
] 12) Modified some entries in the squid.conf file among these
] cache_dir /usr/local/anywhere/jail/var/squid/cache 900 16 256
] cache_effective_user squid
] cache_effective_group nogroup
]
] 13) squid -z
]
] At this stage squid is working!
]
] After...
] cd /usr/local
] mv ./squid/ /usr/local/anywhere/jail/usr/local/
] cd /usr/local/anywhere/jail/usr/local/
] modifying in squid.conf the entry
] cache_dir /var/squid/cache 900 16 256
]
] switching to user root (only root can perform the chroot command)
] chroot /usr/local/anywhere/jail /usr/local/squid/bin/RunCache
]
] ...I got the following cache.log:
]
] 1999/09/07 14:07:00| Starting Squid Cache version 2.2.STABLE4 for
] i586-pc-linux-gnu...
] 1999/09/07 14:07:00| Process ID 2751
] 1999/09/07 14:07:00| With 1024 file descriptors available
] 1999/09/07 14:07:00| Performing DNS Tests...
] 1999/09/07 14:07:00| Successful DNS name lookup tests...
] 1999/09/07 14:07:00| helperOpenServers: Starting 5 'dnsserver' processes
] 1999/09/07 14:07:00| FD -1: fcntl F_GETFL: (9) Bad file descriptor
] 1999/09/07 14:07:00| FD -1: fcntl F_GETFL: (9) Bad file descriptor
] ...
] ... truncated thousands of 'Bad file descriptor' messages
]
]
] Sorry for the long explanation and thank you in advance for any constructive
] comment!
]
]
] Best Regards,
]
] Marco
]

-- 
Michael Mittelstadt - ExecPC (Voyager.Net)    WorkMail: meek@execpc.com
Sr. Vice President of Network Engineering     PersonalMail: meek@vib.org
PGP: http://www.execpc.com/~meek/pgpkey.html  WWW: http://www.execpc.com/~meek/
SnailMail: 2105 S.170th/New Berlin, WI/53151  Voice: 1.800.ExecPC.1
Received on Tue Sep 07 1999 - 18:08:15 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:48:22 MST