Jim Breton wrote:
> chroot yes
> chroot on
> chroot /usr/local/squid
chroot /usr/local/squid
and /usr/local/squid must exists as a directory.
> How should I be doing this? And do I still need to create the
> mini-filesystem by hand?
Any helper processes used by Squid needs to be available and runnable in
the chroot jail.
> The second problem I am seeing is that Squid does not appear to be
> dropping all root privileges when I run it. I have set the
> cache_effective_user and group to "squid" -- a local account on my
> system, which is Debian potato running on a 2.2.14 kernel.
Squid only drops all root privilegies when chroot_dir is used. Without
chroot_dir it runs as root with effective user nobody.
I have never tried if chroot_dir actually works in Squid-2.3. I have
only used my original 2.2.STABLE5 patch, but the source looks OK.
-- Henrik Nordstrom Squid hackerReceived on Tue Apr 18 2000 - 15:05:54 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:52:59 MST