Have heard several reports of this during the last year, but I have not
been able to pinpoint when it happens. Presumabely something goes wrong
during a reconfigure or log rotate.
My only recommendation is to not start Squid as root, or use the
chroot_dir directive from Squid-2.3 to cause Squid to fully drop it's
root privilegies.
My startup script reads
su squid -c /usr/local/squid/bin/squid
You only need to start Squid as root if you are listening on a low port,
like port 80.
You also need to run a chown -R squid:squid /cache0 to clean up the
mess. (I have a user squid and a group squid for running Squid)
-- Henrik Nordstrom Squid hacker Konstantin Barinov wrote: > Squid 2.3S2, running on solaris 2.6 (it's there for very long time, > and 2.3S2 is the latest version I use). Problem is also very old. > > The issue is that squid makes lots of swap files belonging to user root > in spool directory. However squid is running from nobody. Look what > the typical picture is: > > l /cache0/05/C2/ ... > -rw-r--r-- 1 nobody nobody 2189 Mar 8 16:12 001E632D > -rw-r--r-- 1 root nobody 849 Mar 13 11:54 001E632E > -rw-r--r-- 1 root nobody 38002 Mar 13 11:54 001E632F > -rw-r--r-- 1 nobody nobody 19967 Mar 8 16:12 001E6330 > -rw-r--r-- 1 nobody nobody 2253 Mar 8 16:12 001E6331 > -rw-r--r-- 1 nobody nobody 17954 Mar 8 16:12 001E6332 > -rw-r--r-- 1 nobody nobody 16350 Mar 8 16:12 001E6333 > -rw-r--r-- 1 root nobody 809 Mar 15 13:48 001E6334 > -rw-r--r-- 1 root nobody 694 Mar 15 13:48 001E6335 > -rw-r--r-- 1 root nobody 810 Mar 15 13:48 001E6336 > -rw-r--r-- 1 nobody nobody 17830 Mar 8 16:12 001E6337 > -rw-r--r-- 1 nobody nobody 1297 Mar 8 16:12 001E6338 > -rw-r--r-- 1 root nobody 7303 Mar 15 13:48 001E6339 > > I was unable to figure out why this happens, but it messes squid operation. > > Cache log says: > > 2000/03/15 13:48:43| storeAufsOpenDone: (13) Permission denied > 2000/03/15 13:48:43| /cache0/05/C2/001E6300 > 2000/03/15 13:48:44| storeAufsOpenDone: (13) Permission denied > 2000/03/15 13:48:44| /cache0/05/C2/001E6300 > 2000/03/15 13:48:45| storeAufsOpenDone: (13) Permission denied > 2000/03/15 13:48:45| /cache0/05/C2/001E6300 > > Pls help, if you can. And excuse me for bothering you. ;) > > rgds > -- > Konstantin Barinov, Senior Network Manager > INFONET AS http://infonet.ee sbr@infonet.eeReceived on Thu Mar 16 2000 - 17:50:43 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:52:16 MST