Re: Squid creating files as root

From: Steve Gailey <Steve.Gailey@dont-contact.us>
Date: Wed, 6 Oct 1999 09:07:19 +0100

It was a full restart from cron. The server came down and I used -k
check until it had gone and then started it again.

Steve

> On Mon, Oct 04, 1999 at 02:55:44PM +0100, Steve Gailey wrote:
> [...]
> > > cache_effective_user nobody
> > > cache_effective_group nogroup
> > >
> > > and squid mostly creates its cachefiles with this ownership but
> > > sometimes squid creates file as owner root.
> [...]
> > I didn't see a reply to Franks message and now I am experiencing the
> > same problem.
> >
> > I am starting Squid (on Solaris 2.6) from /etc/init.d (rc3.d) and
> > have experienced exactly the same behaviour. The Filesystem is
> > Veritas and all was fine for the first three days. This Sunday
> > evening, with little or no activity the system started reporting:
> >
> > storeSwapOutFileOpened: Unable to open swapfile: /cachea/ca...
> > (13) Permission denied
> >
> > The only thing I can think of is the first restart for squid since
> > installation (it's a Netscape upgrade).
>
> Did you do a restart or reconfigure? They're not the same. The
> safest way to change full configuration is to shutdown and restart.
>
> > I have two such Squid machines and both are exhibiting the same
> > behaviour. Also, ps shows the (squid) process running as nobody
> > sometimes and root at others.
> >
> > Any help would be much appreciated.
>
> A couple people (including myself) have found that squid can engage
> in bizarre behavior relating to process owner, permissions, etc., if
> you run squid as a user which can not read its own squid.conf file and
> then use the "reconfigure" signal to it.
>
> In place of running squid as nobody/nogroup, you might find it
> easier
> to manage if you create a squid user with its own user and group.
> Then you can either launch it from root if you need to keep squid with
> a low port number, or (preferred) always start squid as the squid user
> and squid group so it need not change euid/egid.
>
> (One indirect moral: when you first start introducing a proxy to
> your
> testers or users, announce it on a high port number if possible.)
>
> -- Clifton
>
> --
> Clifton Royston -- LavaNet Systems Architect -- cliftonr@lava.net
> "An absolute monarch would be absolutely wise and good.
> But no man is strong enough to have no interest.
> Therefore the best king would be Pure Chance.
> It is Pure Chance that rules the Universe;
> therefore, and only therefore, life is good." - AC
Received on Wed Oct 06 1999 - 02:40:20 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:48:44 MST