[squid-users] squid in chroot, child-process killed with ERR_READ-TIMEOUT

Would it be better to update to a more recent version of squid ?

>Hi !
>i have compiled squid-2.3STABLE5 under RH 7.1 and created a chroot-jail in
>/chroot/squid with the files listed at the end of this message.
>In /chroot/squid/etc/squid/squid.conf
>i modified the tags like:
>cache_effective_user / group squid
>icon_directory chroot/squid/etc/squid/icons
>error_directory /chroot/squid/etc/squid/errors
>pid_filename /chroot/squid/var/log/squid/squid.pid
>chroot /chroot/squid

>I build the /cache directory successfully without the chroot-tag enabled.
>When I start squid WITHOUT the "chroot" tag in squid.conf
># /chroot/squid/usr/sbin/squid -sYDX -f /chroot/squid/etc/squid/squid.conf
>the daemon starts successfully.

>When I start squid WITH the "chroot" tag in squid.conf
>the parent starts but every child is killed with
>Aug 29 08:46:14 wsiv-686-6 squid[1036]: errorTryLoadText:
>'/chroot/squid/etc/squid/errors/ERR_READ_TIMEOUT': (2) No such file or
>directory
>Aug 29 08:46:14 wsiv-686-6 squid[1036]: errorTryLoadText:
>'/usr/local/squid/etc/errors/ERR_READ_TIMEOUT': (2) No such file or
>directory
>After serveral killed childs the parent dies too.

>Yes I know, it looks like a permisson problem but a

># su squid
># cat /chroot/squid/etc/squid/errors/ERR_READ_TIMEOUT

>works !

>I also moved the "errors"-directory to an other places like /x or
/chroot/x
>and gave 0777 and rwxrwxrwx rights. Same error.

>Any hints ??

>files in chroot:
>~~~~~~~~~
>drwxr-xr-x 2 root squid 4096 Apr 26 14:24 dev
> crw-rw-rw- 1 root squid 1, 3 Aug 2 15:28 null
>
>drwxr-xr-x 3 root squid 4096 Aug 2 15:47 etc
> -rw-r--r-- 1 root squid 12 Aug 28 14:27 group [fake]
> -rw-r--r-- 1 root squid 755 Apr 26 19:17 localtime
> -rw-r--r-- 1 root squid 1422 Apr 19 20:07 nsswitch.conf
> -rw-r--r-- 1 root squid 59 Aug 28 16:42 passwd [fake]
> -rw-r--r-- 1 root squid 44 Apr 20 23:29 resolv.conf

> drwxr-xr-x 4 root squid 4096 Aug 2 15:46 squid
> -rw-r--r-- 1 root squid 26101 Aug 2 15:30
mib.txt
> -rw-r--r-- 1 root squid 6912 Aug 2 15:30
mime.conf
> -rw-r--r-- 1 root squid 79178 Aug 28 17:45
squid.conf

> drwxr-xr-x 2 root squid 4096 Aug 2
15:30 errors
> -rw-r--r-- 1 root squid 610 Aug 2
15:30 ERR_READ_TIMEOUT
                    ...
> drwxr-xr-x 2 root squid 4096 Aug 2
15:30 icons

>drwxr-xr-x 2 root squid 4096 Aug 2 15:38 lib
> -rwxr-xr-x 1 root squid 471781 Aug 2 15:36 ld-linux.so.2
> -rwxr-xr-x 1 root squid 95362 Aug 2 15:37 libcrypt.so.1
> -rwxr-xr-x 1 root squid 1236396 Aug 2 15:37 libc.so.6
> -rwxr-xr-x 1 root squid 143712 Aug 2 15:37 libm.so.6
> -rwxr-xr-x 1 root squid 445289 Aug 2 15:38 libnsl.so.1
> -rwxr-xr-x 1 root squid 274054 Aug 2 15:38
libresolv.so.2

>drwxr-xr-x 4 root squid 4096 Aug 28 15:41 usr
> drwxr-xr-x 2 root squid 4096 Aug 2 15:32 lib
> -rwxr-xr-x 1 root squid 25436 Aug 2 15:35
cachemgr.cgi
> -rwxr-xr-x 1 root squid 6500 Aug 2 15:35
dnsserver
> -rwxr-xr-x 1 root squid 3736 Aug 2 15:35 unlinkd

> drwxr-xr-x 2 root squid 4096 Aug 2 15:34 sbin
> -rwxr-xr-x 1 root squid 20352 Aug 2 15:34 client
> -rwxr-xr-x 1 root squid 585200 Aug 2 15:33 squid

>drwxr-xr-x 4 root squid 4096 Aug 28 17:42 var
> drwxr-xr-x 3 root squid 4096 Aug 28 17:42 log
> -rw-r--r-- 1 420 squid 1 Aug 28 16:12
>squidstore.log
> drwxr-x--- 2 420 squid 4096 Apr 25 20:17 squid
> drwxr-xr-x 2 root squid 4096 Aug 28 17:29
logs
> -rw-r--r-- 1 root squid 1 Aug 2 17:19
squid.out
               -rw-r--r-- 1 root squid 5 Aug 28 17:44
squid.pid

> drwxr-xr-x 3 root squid 4096 Aug 28 17:44 squid
> -rw-r--r-- 1 squid root 1 Aug 2 17:19 access.log
> -rw-r--r-- 1 squid root 2280 Aug 28 17:44 cache.log

(Embedded image moved to file: pic19169.pcx)

--------------------------------------------
English : autocreated E-Mail Appendix: The content of this E-Mail is not
legally binding upon Junghans, even though the certified electronic
signature technique may point to the writer of the E-Mail. If this E-Mail
was transmitted to you by error, then please inform us accordingly (+49
7422 18-1). In such case you are requested to erase the message. Any
unauthorized reproduction, disclosure, modification, distribution and/or
publication of such E-Mail message is strictly prohibited.
Deutsch : automatisch erzeugter E-Mail Anhang: In Verbindung mit
Kostenuebernahmen, Lieferungen, Angeboten und Vertraegen ist der Inhalt
dieses E-Mails fuer Junghans rechtlich nicht verbindlich, auch wenn die
Anwendung des elektronischen, zertifizierten Signaturverfahrens den
Ersteller des E-Mails nachweist. Informieren Sie uns bitte, wenn Sie dieses
E-Mail faelschlicherweise erhalten haben (+49 7422 18-1). Bitte löschen
Sie in diesem Fall die Nachricht. Jede unerlaubte Form der Reproduktion,
Bekanntgabe, Aenderung, Verteilung und/oder Publikation dieser E-Mail ist
strengstens verboten.