How do you build and start it, init.d/squid or systemd start squid In case of last, what i suspect, I seen more if these messages on previous version.. But all my version dont show this on Debian 10. This is my latest startup for systemd # /lib/systemd/system/squid.service ## Copyright (C) 1996-2021 The Squid Software Foundation and contributors ## ## Squid software is distributed under GPLv2+ license and includes ## contributions from numerous individuals and organizations. ## Please see the COPYING and CONTRIBUTORS files for details. ## [Unit] Description=Squid Web Proxy Server Documentation=man:squid(8) After=network.target network-online.target nss-lookup.target [Service] Type=notify PIDFile=/run/squid.pid ExecStartPre=/usr/sbin/squid --foreground -z ExecStart=/usr/sbin/squid --foreground -sYC ExecReload=/bin/kill -HUP $MAINPID KillMode=mixed NotifyAccess=all [Install] WantedBy=multi-user.target --- these are the settings from a debian (own) build setup with squid 4.16. ( with ssl enabled) squid -v Squid Cache: Version 4.16 Service Name: squid Debian linux This binary uses OpenSSL 1.1.1d 10 Sep 2019. For legal restrictions on distribution see https://www.openssl.org/source/license.html configure options: '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=${prefix}/include' '--mandir=${prefix}/share/man' '--infodir=${prefix}/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--libexecdir=${prefix}/lib/squid' '--srcdir=.' '--disable-maintainer-mode' '--disable-dependency-tracking' '--disable-silent-rules' 'BUILDCXXFLAGS=-g -O2 -fdebug-prefix-map=/build/squid-4.16=. -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2 -Wl,-z,relro -Wl,-z,now -Wl,--as-needed' 'BUILDCXX=x86_64-linux-gnu-g++' '--with-build-environment=default' '--enable-build-info=Debian linux' '--datadir=/usr/share/squid' '--sysconfdir=/etc/squid' '--libexecdir=/usr/lib/squid' '--mandir=/usr/share/man' '--enable-inline' '--disable-arch-native' '--enable-async-io=8' '--enable-storeio=ufs,aufs,diskd,rock' '--enable-removal-policies=lru,heap' '--enable-delay-pools' '--enable-cache-digests' '--enable-ica p-client' '--enable-follow-x-forwarded-for' '--enable-auth-basic=DB,fake,getpwnam,LDAP,NCSA,NIS,PAM,POP3,RADIUS,SASL,SMB' '--enable-auth-digest=file,LDAP' '--enable-auth-negotiate=kerberos,wrapper' '--enable-auth-ntlm=fake,SMB_LM' '--enable-external-acl-helpers=file_userip,kerberos_ldap_group,LDAP_group,session,SQL_session,time_quota,unix_group,wbinfo_group' '--enable-security-cert-validators=fake' '--enable-storeid-rewrite-helpers=file' '--enable-url-rewrite-helpers=fake' '--enable-eui' '--enable-esi' '--enable-icmp' '--enable-zph-qos' '--enable-ecap' '--disable-translation' '--with-swapdir=/var/spool/squid' '--with-logdir=/var/log/squid' '--with-pidfile=/var/run/squid.pid' '--with-filedescriptors=65536' '--with-large-files' '--with-default-user=proxy' '--with-gnutls' '--enable-ssl' '--enable-ssl-crtd' '--with-openssl' '--enable-linux-netfilter' 'build_alias=x86_64-linux-gnu' 'CC=x86_64-linux-gnu-gcc' 'CFLAGS=-g -O2 -fdebug-prefix-map=/buil d/squid-4.16=. -fstack-protector-strong -Wformat -Werror=format-security -Wall' 'LDFLAGS=-Wl,-z,relro -Wl,-z,now -Wl,--as-needed' 'CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2' 'CXX=x86_64-linux-gnu-g++' 'CXXFLAGS=-g -O2 -fdebug-prefix-map=/build/squid-4.16=. -fstack-protector-strong -Wformat -Werror=format-security' look if you also see : '--with-default-user=proxy' and if its self compiled. sudo adduser --system proxy And when thats done verify the needed folders and there rights/ownerships. The "debian" folder if you want it have a look of what i use currently in production. https://apt.van-belle.nl/debian/pool/main/s/squid/squid_4.16-0.1ssl1buster1.debian.tar.xz <https://apt.van-belle.nl/debian/pool/main/s/squid/squid_4.16-0.1ssl1buster1.debian.tar.xz> As soon i can make debian packages of 5.1, im making a buster and bullseye version. I hope this helps you a bit. Greetz, Louis ________________________________ Van: squid-users [mailto:squid-users-bounces@xxxxxxxxxxxxxxxxxxxxx] Namens David Touzeau Verzonden: woensdag 15 september 2021 12:40 Aan: squid-users@xxxxxxxxxxxxxxxxxxxxx Onderwerp: squid 5.1/Debian WARNING: no_suid: setuid(0): (1) Operation not permitted On Debian 10 64bits with squid 5.1 we have thousand warning as this: 2021/09/15 08:00:18 kid1| WARNING: no_suid: setuid(0): (1) Operation not permitted 2021/09/15 08:00:18 kid2| WARNING: no_suid: setuid(0): (1) Operation not permitted 2021/09/15 08:00:18 kid1| WARNING: no_suid: setuid(0): (1) Operation not permitted 2021/09/15 08:00:18 kid2| WARNING: no_suid: setuid(0): (1) Operation not permitted 2021/09/15 08:00:18 kid1| WARNING: no_suid: setuid(0): (1) Operation not permitted 2021/09/15 08:00:18 kid2| WARNING: no_suid: setuid(0): (1) Operation not permitted 2021/09/15 08:00:18 kid1| WARNING: no_suid: setuid(0): (1) Operation not permitted When squid try to load external acls binaries add chmod 04755 in binaries did not resolve the issue. No issue with same configuration with squid 3.5x branch Any tips ? _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
