Re: [squid-users] Fwd: chroot,Open UDP port & big CPU time

From: Henrik Nordstrom <hno@dont-contact.us>
Date: 16 Apr 2003 16:53:05 +0200

ons 2003-04-16 klockan 13.46 skrev Przemyslaw Borkowski:

> I'm using Squid squid-2.5.STABLE2 on linux 2.4.20 in config there's an
> option to chroot, I'v set all directories everything that needs, squid is
> starting properly and all except one thread has user nobody

Are you sure it starts properly. Your child seems to be using a whole
lot of CPU time.. maybe it have problems to start helpers or similar..

Inside the chroot directory you need to have

  dev/null
  dev/zero

  lib/* as needed by the configured helpers, including unlinkd. See the
output of "ldd /path/to/helper" to determine which helpers you need.

  .../libexec/* helpers as needed..

  any configuration files used by the helpers.

> Can this process drop priviliges too ?

No, but you can select not to have it at all.. see the -N command line
option.

> Other thing you can see CPU usage, one of threads takes whole CPU time,
> and other thread open's udp port on external interface

The UDP port is most likely the UDP port used for making DNS queries.
See cache.log.

This port only accepts DNS replies from configured DNS servers.

-- 
Free Squid-users support provided by Henrik Nordström <hno@squid-cache.org>
Donations welcome if you consider my Free Squid support helpful.
https://www.paypal.com/xclick/business=hno%40squid-cache.org
If you need commercial Squid support or cost effective Squid and
firewall appliances please refer to MARA Systems AB, Sweden
http://www.marasystems.com/, info@marasystems.com
Received on Wed Apr 16 2003 - 08:53:24 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:15:00 MST