Re: [squid-users] cache.log: Permission denied

Dear Amos,
Thank you to your guideline. I mistake to have ownership run as "squid" but it would be by default "nobody".
Now my squid running ok.

Thanks
Monzur

----- Original Message -----
From: "Amos Jeffries" <squid3_at_treenet.co.nz>
To: "Jeff Pang" <pangj_at_arcor.de>
Cc: "Monzur Md.. Alam" <monzur_at_citechco.net>, squid-users_at_squid-cache.org
Sent: Thursday, May 7, 2009 5:23:35 AM GMT +06:00 Astana / Dhaka
Subject: Re: [squid-users] cache.log: Permission denied

> Monzur Md.. Alam :
>> I have a trouble when i have traying creat swap file in Proxy server (
>> Squid v3).
>>
>> [root_at_gclc ~]# /usr/local/squid/sbin/squid &
>> [1] 3422
>> [root_at_gclc ~]# WARNING: Cannot write log file:
>> /usr/local/squid/var/logs/cache.l
>> og
>> /usr/local/squid/var/logs/cache.log: Permission denied
>> messages will be sent to 'stderr'.
>>
>> But my all prmission is ok....
>> Please see..
>> [root_at_gclc ~]# cd /usr/local/squid/var/
>> [root_at_gclc var]# ls -al
>> total 24
>> drwxr-xr-x 3 squid squid 4096 May 6 09:10 .
>> drwxrwxrwx 9 squid squid 4096 May 6 09:08 ..
>> drwxr-xr-x 2 squid squid 4096 May 6 12:32 logs
>
>
> Hi,
>
> Squid run as nobody user by default, not the "squid".
> see:
>
> cache_effective_user
> cache_effective_group
>
> in squid.conf.

No.

Squid-3 runs as the user configured with --with-default-user=XX

'nobody' is the default value of that setting to cope with old setups
which assume 'nobody'.

cache_effective_user overrides --with-default-user for special
circumstances where a rebuild with new user cannot be done.

cache_effective_group is deprecated and should not be used unless truly
needed. If you become aware of a situation where local system security is
inadequate and still requires this please let squid-dev know.
 This is exactly equivalent to creating XX user for squid and assigning
them to only one privilege group.

Amos
Received on Sat May 09 2009 - 07:45:54 MDT