Search squid archive

Re: Problems with effective user

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Mon, 27 Jun 2005, Lloyd Parkes wrote:


I agree. I can see that the command line squid is trying to signal the child squid that is running as squid and not the parent that is running as root.


The big question is why it is failing for you.
The signal should be sent as your cache_effective_user to the child process running as the cache_effective_user..
You are entirely correct. I've had a lot of luck in the past with adding patches from squid-cache.org to STABLE releases of squid, so I threw in all the patches (six of them).
The patch as such is verified on Linux, and not expected to cause any trouble. But it's the only thing which has touched this area of Squid in ages..
I noticed that my test machine worked fine, so I ran "truss /usr/local/squid/sbin/squid -k reconfigure 2> truss.out" on each machine and compared the output. The production machine was doing completely different stuff from my test machine. I quickly confirmed that I had different binaries on the two machines (bad me).
Both squids read in the config file, but with the chroot patch, the config file gets 'activated'. I'm guessing it's the call to configDoConfigure() that does it. Later on squid calls setuid(squid) which sets the real, effective and saves user id to squid. It then tries to send the signal to the child squid. Unfortunately the child squid is running as 

    USER    RUSER   PID  PPID  PGID   SID COMMAND
   squid     root   768   766   766   766 (squid) -sDYf /usr/local/squid/etc/squid.conf

and the real user id of the two processes need to match if the signal is to be delivered.


Seems to me that your running Squid is not running chrooted.
The release of Squid-2.5.STABLE11 is blocked until it can be resolved what is going on in your installation.
After reading your signal comments above I have one idea. If Squid is not configured to chroot AND the OS does not allow users to send signals to processes running as their effective user id but different real user id then the current patch would cause "squid -k" problems due to the second part.
I have updated the patch slightly to account for this posisble situation. Please test if the updates patch makes any difference. 

Regards
Henrik
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux