Dear Amos, Thank you to your guideline. I mistake to have ownership run as "squid" but it would be by default "nobody". Now my squid running ok. Thanks Monzur ----- Original Message ----- From: "Amos Jeffries" <squid3@xxxxxxxxxxxxx> To: "Jeff Pang" <pangj@xxxxxxxx> Cc: "Monzur Md.. Alam" <monzur@xxxxxxxxxxxx>, squid-users@xxxxxxxxxxxxxxx Sent: Thursday, May 7, 2009 5:23:35 AM GMT +06:00 Astana / Dhaka Subject: Re: cache.log: Permission denied > Monzur Md.. Alam : >> I have a trouble when i have traying creat swap file in Proxy server ( >> Squid v3). >> >> [root@gclc ~]# /usr/local/squid/sbin/squid & >> [1] 3422 >> [root@gclc ~]# WARNING: Cannot write log file: >> /usr/local/squid/var/logs/cache.l >> og >> /usr/local/squid/var/logs/cache.log: Permission denied >> messages will be sent to 'stderr'. >> >> But my all prmission is ok.... >> Please see.. >> [root@gclc ~]# cd /usr/local/squid/var/ >> [root@gclc var]# ls -al >> total 24 >> drwxr-xr-x 3 squid squid 4096 May 6 09:10 . >> drwxrwxrwx 9 squid squid 4096 May 6 09:08 .. >> drwxr-xr-x 2 squid squid 4096 May 6 12:32 logs > > > Hi, > > Squid run as nobody user by default, not the "squid". > see: > > cache_effective_user > cache_effective_group > > in squid.conf. No. Squid-3 runs as the user configured with --with-default-user=XX 'nobody' is the default value of that setting to cope with old setups which assume 'nobody'. cache_effective_user overrides --with-default-user for special circumstances where a rebuild with new user cannot be done. cache_effective_group is deprecated and should not be used unless truly needed. If you become aware of a situation where local system security is inadequate and still requires this please let squid-dev know. This is exactly equivalent to creating XX user for squid and assigning them to only one privilege group. Amos
