Re: [squid-users] squid chroot jail no running copy error
On Thu, 26 Aug 2004, Rick G. Kilgore wrote: I removed the conf and binary from the chroot volume. Left the passwd, hosts, resolv files, and librarys on the chroot volume. Is this correct? Sounds reasonable. You can even get rid of most of those unless your Squid is relying on helpers requiring these files. Regards Henrik
Re: [squid-users] squid chroot jail no running copy error
I removed the conf and binary from the chroot volume. Left the passwd, hosts, resolv files, and librarys on the chroot volume. Is this correct? Henrik Nordstrom wrote: On Wed, 25 Aug 2004, Rick G. Kilgore wrote: I did try the chroot_directive today. Had trouble finding infomation on sintax. Any way I tried to use it as I would the normal chroot command. chroot_dir /path/to/chroot/directory After startup squid was logging in old test directory not current prod dir. Sounds like it was given the wrong config file, or you are using the wrong binary. Is there some place I can get an example of how to set the chroot up for squid. The same as any other chroot, except that the squid binary and configuration file is left outside the chroot. Regards Henrik -- Hoy es: viernes julio veintedos des miles y cuatro fase del dia > coma esta usted --- how are you This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the email by you is prohibited. Este mensaje esta' para el recipiente sen~alado solamente y puede contener la informacio'n privilegiada, propietaria, o de otra manera privada. Si usted lo ha recibido en error, notifique por favor el remitente inmediatamente y suprima la original. Cualquier otro uso del email de usted se prohi'be. Rick G. Kilgore State of Colorado Department of Revenue IT/CSTARS (DDP/CCR/RWOC) E-Mail: [EMAIL PROTECTED] Phone: (303) 205-5659 Fax: (303) 205-5715
Re: [squid-users] squid chroot jail no running copy error
On Wed, 25 Aug 2004, Rick G. Kilgore wrote: I did try the chroot_directive today. Had trouble finding infomation on sintax. Any way I tried to use it as I would the normal chroot command. chroot_dir /path/to/chroot/directory After startup squid was logging in old test directory not current prod dir. Sounds like it was given the wrong config file, or you are using the wrong binary. Is there some place I can get an example of how to set the chroot up for squid. The same as any other chroot, except that the squid binary and configuration file is left outside the chroot. Regards Henrik
Re: [squid-users] squid chroot jail no running copy error
I did try the chroot_directive today. Had trouble finding infomation on sintax. Any way I tried to use it as I would the normal chroot command. After startup squid was logging in old test directory not current prod dir. Is there some place I can get an example of how to set the chroot up for squid. I have the squid binary and the config on a duplicate tree where the chroot jail is. Henrik Nordstrom wrote: On Fri, 20 Aug 2004, Rick G. Kilgore wrote: I'm not what you would call a Fedora pro, but I suspect you will need to chroot to the enviroment in order to run the squid -k reconfigure... E.g. chroot /wka usr/local/squidSTABLE6/sbin/squid -k reconfigure That works, would have never thought that this would be necessary. Now I have to know why. on a mission. Because you chroot:ed Squid when you started it, all paths opened by Squid is relative to the chroot, not the normal system root. If you do not chroot "squid -k ..." in the same manner "squid -k ..." runs in a different environment and won't find the correct paths to either your configuration file or the pid file as it's view is relative to the system root directory, not your chroot. Using the chroot_dir directive in squid.conf is generally adviseable over manual chrooting of Squid. This makes sure paths is always correct and also allows you to keep sensitive information such as the configuration file and Squid binary etc outside of the chroot. Regards Henrik -- Hoy es: viernes julio veintedos des miles y cuatro fase del dia > coma esta usted --- how are you This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the email by you is prohibited. Este mensaje esta' para el recipiente sen~alado solamente y puede contener la informacio'n privilegiada, propietaria, o de otra manera privada. Si usted lo ha recibido en error, notifique por favor el remitente inmediatamente y suprima la original. Cualquier otro uso del email de usted se prohi'be. Rick G. Kilgore State of Colorado Department of Revenue IT/CSTARS (DDP/CCR/RWOC) E-Mail: [EMAIL PROTECTED] Phone: (303) 205-5659 Fax: (303) 205-5715
Re: [squid-users] squid chroot jail no running copy error
On Fri, 20 Aug 2004, Rick G. Kilgore wrote: I'm not what you would call a Fedora pro, but I suspect you will need to chroot to the enviroment in order to run the squid -k reconfigure... E.g. chroot /wka usr/local/squidSTABLE6/sbin/squid -k reconfigure That works, would have never thought that this would be necessary. Now I have to know why. on a mission. Because you chroot:ed Squid when you started it, all paths opened by Squid is relative to the chroot, not the normal system root. If you do not chroot "squid -k ..." in the same manner "squid -k ..." runs in a different environment and won't find the correct paths to either your configuration file or the pid file as it's view is relative to the system root directory, not your chroot. Using the chroot_dir directive in squid.conf is generally adviseable over manual chrooting of Squid. This makes sure paths is always correct and also allows you to keep sensitive information such as the configuration file and Squid binary etc outside of the chroot. Regards Henrik
Re: [squid-users] squid chroot jail no running copy error
Manual chroot currently. On Sat, Aug 21, 2004 at 01:01:53AM +0200, Henrik Nordstrom wrote: > > > On Fri, 20 Aug 2004, Rick G. Kilgore wrote: > > > I am new to the squid proxy. I do like it allot and it has already been > > very useful. > > Problem I have put squid in a chroot jail. I tested the squid > > configuration and function prior to building the chroot volume. every > > thing seems to work ok logging and chaching. > > When I try to do a squid -k shutdown or rotate the system tells me that > > their is no running copy. > > Then "squid -k ..." does not find the pid file. > > > Are you doing manual chrooting or using the chroot_dir directive in > squid.conf? > > Regards > Henrik --
Re: [squid-users] squid chroot jail no running copy error
On Fri, 20 Aug 2004, Rick G. Kilgore wrote: I am new to the squid proxy. I do like it allot and it has already been very useful. Problem I have put squid in a chroot jail. I tested the squid configuration and function prior to building the chroot volume. every thing seems to work ok logging and chaching. When I try to do a squid -k shutdown or rotate the system tells me that their is no running copy. Then "squid -k ..." does not find the pid file. Are you doing manual chrooting or using the chroot_dir directive in squid.conf? Regards Henrik
Re: [squid-users] squid chroot jail no running copy error
That works, would have never thought that this would be necessary. Now I have to know why. on a mission. Thank you for you help and time. Dave Raven wrote: I'm not what you would call a Fedora pro, but I suspect you will need to chroot to the enviroment in order to run the squid -k reconfigure... E.g. chroot /wka usr/local/squidSTABLE6/sbin/squid -k reconfigure ? -Original Message- From: Rick G. Kilgore [mailto:[EMAIL PROTECTED] Sent: 20 August 2004 04:02 PM To: Mohsin Khan Cc: [EMAIL PROTECTED] Subject: Re: [squid-users] squid chroot jail no running copy error I am starting squid via the /etc/rc.d/rc3.d/S99local init file right now. the command in the file is "chroot /wka usr/local/squidSTABLE6/sbin/squid -sD I can see the process running as squid with ps -ef | grep squid. The pid from ps matches the pid in the squid.pid in the logs directory. OS type Fedora core 1. Mohsin Khan wrote: do you run the squid from jail chroot enviroment. ? Do you see the process when you do ps awux. --- "Rick G. Kilgore" <[EMAIL PROTECTED]> wrote: Hello all, I am new to the squid proxy. I do like it allot and it has already been very useful. Problem I have put squid in a chroot jail. I tested the squid configuration and function prior to building the chroot volume. every thing seems to work ok logging and chaching. When I try to do a squid -k shutdown or rotate the system tells me that their is no running copy. I did look at the FAQ and did try the solution for 11.43, did not help. squid pid is on the correct volume in the correct place. I was unable to locate anything in the mail archive. Hopefully I am not This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the email by you is prohibited. Este mensaje esta' para el recipiente sen~alado solamente y puede contener la informacio'n privilegiada, propietaria, o de otra manera privada. Si usted lo ha recibido en error, notifique por favor el remitente inmediatamente y suprima la original. Cualquier otro uso del email de usted se prohi'be. Rick G. Kilgore State of Colorado Department of Revenue IT/CSTARS (DDP/CCR/RWOC) E-Mail: [EMAIL PROTECTED] Phone: (303) 205-5659 Fax: (303) 205-5715 = Regards, Mohsin Khan CCNA ( Cisco Certified Network Associate 2.0 ) http://pk.aaghaz.net Happy is the one who can smile<<< __ Do you Yahoo!? Yahoo! Mail Address AutoComplete - You start. We finish. http://promotions.yahoo.com/new_mail -- Hoy es: viernes julio veintedos des miles y cuatro fase del dia > coma esta usted --- how are you This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the email by you is prohibited. Este mensaje esta' para el recipiente sen~alado solamente y puede contener la informacio'n privilegiada, propietaria, o de otra manera privada. Si usted lo ha recibido en error, notifique por favor el remitente inmediatamente y suprima la original. Cualquier otro uso del email de usted se prohi'be. Rick G. Kilgore State of Colorado Department of Revenue IT/CSTARS (DDP/CCR/RWOC) E-Mail: [EMAIL PROTECTED] Phone: (303) 205-5659 Fax: (303) 205-5715
RE: [squid-users] squid chroot jail no running copy error
I'm not what you would call a Fedora pro, but I suspect you will need to chroot to the enviroment in order to run the squid -k reconfigure... E.g. chroot /wka usr/local/squidSTABLE6/sbin/squid -k reconfigure ? -Original Message- From: Rick G. Kilgore [mailto:[EMAIL PROTECTED] Sent: 20 August 2004 04:02 PM To: Mohsin Khan Cc: [EMAIL PROTECTED] Subject: Re: [squid-users] squid chroot jail no running copy error I am starting squid via the /etc/rc.d/rc3.d/S99local init file right now. the command in the file is "chroot /wka usr/local/squidSTABLE6/sbin/squid -sD I can see the process running as squid with ps -ef | grep squid. The pid from ps matches the pid in the squid.pid in the logs directory. OS type Fedora core 1. Mohsin Khan wrote: > do you run the squid from jail chroot enviroment. ? Do > you see the process when you do ps awux. > --- "Rick G. Kilgore" <[EMAIL PROTECTED]> > wrote: > > >>Hello all, >> >>I am new to the squid proxy. I do like it allot and >>it has already been >>very useful. >>Problem I have put squid in a chroot jail. I tested >>the squid >>configuration and function prior to building the >>chroot volume. every >>thing seems to work ok logging and chaching. >>When I try to do a squid -k shutdown or rotate the >>system tells me that >>their is no running copy. >>I did look at the FAQ and did try the solution for >>11.43, did not help. >>squid pid is on the correct volume in the correct >>place. >>I was unable to locate anything in the mail archive. >>Hopefully I am not >> >> >> >>This message is for the designated recipient only >>and may contain >>privileged, proprietary, or otherwise private >>information. If you have >>received it in error, please notify the sender >>immediately and delete >>the original. >>Any other use of the email by you is prohibited. >> >> >>Este mensaje esta' para el recipiente sen~alado >>solamente y puede contener >>la informacio'n privilegiada, propietaria, o de otra >>manera privada. Si >>usted lo ha recibido en error, notifique por favor >>el remitente >>inmediatamente y suprima la original. Cualquier otro >>uso del email de >>usted se prohi'be. >> >> >>Rick G. Kilgore >>State of Colorado Department of Revenue IT/CSTARS >>(DDP/CCR/RWOC) >>E-Mail: [EMAIL PROTECTED] >>Phone: (303) 205-5659 >>Fax: (303) 205-5715 >> >> > > > > = > Regards, > Mohsin Khan > CCNA ( Cisco Certified Network Associate 2.0 ) > http://pk.aaghaz.net > > >>>>Happy is the one who can smile<<< >>> > > > > > > > > > __ > Do you Yahoo!? > Yahoo! Mail Address AutoComplete - You start. We finish. > http://promotions.yahoo.com/new_mail > -- Hoy es: viernes julio veintedos des miles y cuatro fase del dia > coma esta usted --- how are you This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the email by you is prohibited. Este mensaje esta' para el recipiente sen~alado solamente y puede contener la informacio'n privilegiada, propietaria, o de otra manera privada. Si usted lo ha recibido en error, notifique por favor el remitente inmediatamente y suprima la original. Cualquier otro uso del email de usted se prohi'be. Rick G. Kilgore State of Colorado Department of Revenue IT/CSTARS (DDP/CCR/RWOC) E-Mail: [EMAIL PROTECTED] Phone: (303) 205-5659 Fax: (303) 205-5715
Re: [squid-users] squid chroot jail no running copy error
I am starting squid via the /etc/rc.d/rc3.d/S99local init file right now. the command in the file is "chroot /wka usr/local/squidSTABLE6/sbin/squid -sD I can see the process running as squid with ps -ef | grep squid. The pid from ps matches the pid in the squid.pid in the logs directory. OS type Fedora core 1. Mohsin Khan wrote: do you run the squid from jail chroot enviroment. ? Do you see the process when you do ps awux. --- "Rick G. Kilgore" <[EMAIL PROTECTED]> wrote: Hello all, I am new to the squid proxy. I do like it allot and it has already been very useful. Problem I have put squid in a chroot jail. I tested the squid configuration and function prior to building the chroot volume. every thing seems to work ok logging and chaching. When I try to do a squid -k shutdown or rotate the system tells me that their is no running copy. I did look at the FAQ and did try the solution for 11.43, did not help. squid pid is on the correct volume in the correct place. I was unable to locate anything in the mail archive. Hopefully I am not This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the email by you is prohibited. Este mensaje esta' para el recipiente sen~alado solamente y puede contener la informacio'n privilegiada, propietaria, o de otra manera privada. Si usted lo ha recibido en error, notifique por favor el remitente inmediatamente y suprima la original. Cualquier otro uso del email de usted se prohi'be. Rick G. Kilgore State of Colorado Department of Revenue IT/CSTARS (DDP/CCR/RWOC) E-Mail: [EMAIL PROTECTED] Phone: (303) 205-5659 Fax: (303) 205-5715 = Regards, Mohsin Khan CCNA ( Cisco Certified Network Associate 2.0 ) http://pk.aaghaz.net Happy is the one who can smile<<< __ Do you Yahoo!? Yahoo! Mail Address AutoComplete - You start. We finish. http://promotions.yahoo.com/new_mail -- Hoy es: viernes julio veintedos des miles y cuatro fase del dia > coma esta usted --- how are you This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the email by you is prohibited. Este mensaje esta' para el recipiente sen~alado solamente y puede contener la informacio'n privilegiada, propietaria, o de otra manera privada. Si usted lo ha recibido en error, notifique por favor el remitente inmediatamente y suprima la original. Cualquier otro uso del email de usted se prohi'be. Rick G. Kilgore State of Colorado Department of Revenue IT/CSTARS (DDP/CCR/RWOC) E-Mail: [EMAIL PROTECTED] Phone: (303) 205-5659 Fax: (303) 205-5715
Re: [squid-users] squid chroot jail no running copy error
do you run the squid from jail chroot enviroment. ? Do you see the process when you do ps awux. --- "Rick G. Kilgore" <[EMAIL PROTECTED]> wrote: > Hello all, > > I am new to the squid proxy. I do like it allot and > it has already been > very useful. > Problem I have put squid in a chroot jail. I tested > the squid > configuration and function prior to building the > chroot volume. every > thing seems to work ok logging and chaching. > When I try to do a squid -k shutdown or rotate the > system tells me that > their is no running copy. > I did look at the FAQ and did try the solution for > 11.43, did not help. > squid pid is on the correct volume in the correct > place. > I was unable to locate anything in the mail archive. > Hopefully I am not > > > > This message is for the designated recipient only > and may contain > privileged, proprietary, or otherwise private > information. If you have > received it in error, please notify the sender > immediately and delete > the original. > Any other use of the email by you is prohibited. > > > Este mensaje está para el recipiente señalado > solamente y puede contener > la información privilegiada, propietaria, o de otra > manera privada. Si > usted lo ha recibido en error, notifique por favor > el remitente > inmediatamente y suprima la original. Cualquier otro > uso del email de > usted se prohíbe. > > > Rick G. Kilgore > State of Colorado Department of Revenue IT/CSTARS > (DDP/CCR/RWOC) > E-Mail: [EMAIL PROTECTED] > Phone: (303) 205-5659 > Fax: (303) 205-5715 > > = Regards, Mohsin Khan CCNA ( Cisco Certified Network Associate 2.0 ) http://pk.aaghaz.net >>>Happy is the one who can smile<<< __ Do you Yahoo!? Yahoo! Mail Address AutoComplete - You start. We finish. http://promotions.yahoo.com/new_mail
Re: [squid-users] squid chroot jail no running copy error
Version 2.5.STABLE6 Elsen Marc wrote: Hello all, I am new to the squid proxy. I do like it allot and it has already been very useful. Problem I have put squid in a chroot jail. I tested the squid configuration and function prior to building the chroot volume. every thing seems to work ok logging and chaching. When I try to do a squid -k shutdown or rotate the system tells me that their is no running copy. I did look at the FAQ and did try the solution for 11.43, did not help. squid pid is on the correct volume in the correct place. I was unable to locate anything in the mail archive. Hopefully I am not Squid version ? M. -- Hoy es: viernes julio veintedos des miles y cuatro fase del dia > coma esta usted --- how are you This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the email by you is prohibited. Este mensaje está para el recipiente señalado solamente y puede contener la información privilegiada, propietaria, o de otra manera privada. Si usted lo ha recibido en error, notifique por favor el remitente inmediatamente y suprima la original. Cualquier otro uso del email de usted se prohíbe. Rick G. Kilgore State of Colorado Department of Revenue IT/CSTARS (DDP/CCR/RWOC) E-Mail: [EMAIL PROTECTED] Phone: (303) 205-5659 Fax: (303) 205-5715
RE: [squid-users] squid chroot jail no running copy error
> Hello all, > > I am new to the squid proxy. I do like it allot and it has > already been > very useful. > Problem I have put squid in a chroot jail. I tested the squid > configuration and function prior to building the chroot volume. every > thing seems to work ok logging and chaching. > When I try to do a squid -k shutdown or rotate the system > tells me that > their is no running copy. > I did look at the FAQ and did try the solution for 11.43, did > not help. > squid pid is on the correct volume in the correct place. > I was unable to locate anything in the mail archive. > Hopefully I am not > Squid version ? M.