[Bug 1585056] Re: snapd not give privileges to squid3
** Branch linked: lp:~cprov/squid/snap -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1585056 Title: snapd not give privileges to squid3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1585056/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1585056] Re: snapd not give privileges to squid3
Thanks for the report, this exploratory work requires a lot more
attention from me.
It turns out that squid is offending snap confinement is many different
fronts (logging and working dir, on top of the setgid) and I need to
investigate what would be the best solution from the squid perspective.
For now, to unblock users and potential contributors, I've republished
it as devmode on 16 edge channel (so it's clear that it's not ready for
production) with a custom squid.conf that allows it to start (barely):
{{{
$ sudo snap install squid3 --devmode --channel=edge
14.99 MB / 14.99 MB
[>_] 100.00 % 3.07 MB/s
NameVersion Rev Developer
squid3 3.5.16-3 5cprov
$ sudo mkdir -m o+rw /var/snap/squid3/current/logs
$ squid3 -N
...
}}}
Current snapcraft setup and custom configuration can be found at
https://code.launchpad.net/~cprov/+git/squid-snap
Sorry for the inconvenience and misleading expectation I've caused.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1585056
Title:
snapd not give privileges to squid3
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1585056/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1585056] Re: snapd not give privileges to squid3
nope -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1585056 Title: snapd not give privileges to squid3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1585056/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1585056] Re: snapd not give privileges to squid3
Indeed, it looks like the squid3 snap is buggy: ``` ubuntu@localhost:~$ sudo squid3 Bad system call ubuntu@localhost:~$ dmesg |tail -1 [ 2433.369346] audit: type=1326 audit(1464602357.655:49): auid=1000 uid=0 gid=0 ses=2 pid=4425 comm="squid" exe="/snap/squid3/3/sbin/squid" sig=31 arch=c03e syscall=116 compat=0 ip=0x7f0733603f49 code=0x0 ubuntu@localhost:~$ scmp_sys_resolver 116 setgroups ``` -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1585056 Title: snapd not give privileges to squid3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1585056/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
