Re: Squid creating files as root from Clifton Royston on 1999-10-04 (squid-users)

From: Clifton Royston <cliftonr@dont-contact.us>
Date: Mon, 4 Oct 1999 10:37:48 -1000

On Mon, Oct 04, 1999 at 02:55:44PM +0100, Steve Gailey wrote:
[...]
> > cache_effective_user nobody
> > cache_effective_group nogroup
> >
> > and squid mostly creates its cachefiles with this ownership but
> > sometimes squid creates file as owner root.
[...]
> I didn't see a reply to Franks message and now I am experiencing
> the same problem.
>
> I am starting Squid (on Solaris 2.6) from /etc/init.d (rc3.d) and have
> experienced exactly the same behaviour. The Filesystem is Veritas
> and all was fine for the first three days. This Sunday evening, with
> little or no activity the system started reporting:
>
> storeSwapOutFileOpened: Unable to open swapfile: /cachea/ca...
> (13) Permission denied
>
> The only thing I can think of is the first restart for squid since
> installation (it's a Netscape upgrade).

Did you do a restart or reconfigure? They're not the same. The
safest way to change full configuration is to shutdown and restart.

> I have two such Squid machines and both are exhibiting the same
> behaviour. Also, ps shows the (squid) process running as nobody
> sometimes and root at others.
>
> Any help would be much appreciated.

A couple people (including myself) have found that squid can engage
in bizarre behavior relating to process owner, permissions, etc., if
you run squid as a user which can not read its own squid.conf file and
then use the "reconfigure" signal to it.

In place of running squid as nobody/nogroup, you might find it easier
to manage if you create a squid user with its own user and group. Then
you can either launch it from root if you need to keep squid with a low
port number, or (preferred) always start squid as the squid user and
squid group so it need not change euid/egid.

(One indirect moral: when you first start introducing a proxy to your
testers or users, announce it on a high port number if possible.)

-- Clifton

-- 
 Clifton Royston  --  LavaNet Systems Architect --  cliftonr@lava.net
        "An absolute monarch would be absolutely wise and good.  
           But no man is strong enough to have no interest.  
             Therefore the best king would be Pure Chance.  
              It is Pure Chance that rules the Universe; 
          therefore, and only therefore, life is good." - AC

Received on Mon Oct 04 1999 - 14:51:54 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:48:43 MST