[squid-users] Problems with effective user

From: Lloyd Parkes <Lloyd.Parkes@dont-contact.us>
Date: Mon, 20 Jun 2005 11:55:36 +1200

Hi there,
I've got my squid 2.5 STABLE10 configured to run with an effective user of 'squid' for all the normal reasons. This only seems to half work. Only one of the two squid processes runs as 'squid' the parent still runs as 'root'

     UID PID PPID C STIME TTY TIME CMD
   squid 14199 14197 0 09:34:07 ? 0:06 (squid) -sYDf /usr/local/squid/squid2/etc/squid2.conf
    root 14197 1 0 09:34:07 ? 0:00 /usr/local/squid/sbin/squid -sYDf /usr/local/squid/squid2/etc/squid2.conf

This is a problem because now the 'squid -k' commands don't work. 'squid -k' switches to the 'squid' uid and can't send signals to the parent squid running as root.

I've had a quick look at the source code (main.c rev 1.345.2.25) and my first guess is that watch_child needs to bracket the execvp() call with enter_suid() and leave_suid().

Unfortunately I won't be able to test this until next week because I'm travelling overseas in a few minutes. With luck someone will be able to confirm/disprove my theory while I'm away.

Cheers,
Lloyd
Received on Sun Jun 19 2005 - 17:55:54 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Jul 01 2005 - 12:00:02 MDT