Actually, I was hoping for a clue from Henrik on how the Squid process
gets access to a file outside of the chroot during a reconfigure. I
believed Henrik when he said it needed to be outside of the chroot.
Just looking to understand Squid's chroot implementation a more deeply. ;-)
Rick G. Kilgore wrote:
> Works just as if it was not chroot jailed at all. Actually with the
> conf file in the chroot I had more problems accessing external ACL and
> other oddities.
>
>
>
> Joe Cooper wrote:
>
>> Henrik Nordstrom wrote:
>>
>>> On Tue, 31 Aug 2004, Joe Cooper wrote:
>>>
>>>> resolve.conf) that Squid relies on (it could be that shared
>>>> libraries are pulled in before Squid chroots, and so they might not
>>>> be needed--Henrik wrote the chroot code I think, or at least
>>>> maintains it now, maybe he'll chime in with clarification).
>>>
>>>
>>>
>>>
>>> If you use the chroot directive in squid.conf then only logs, cache
>>> and a dev/null node is minimally required within the chroot directory
>>> structure. It is also a good idea to set up a syslog socket within
>>> the chroot (man syslogd).
>>>
>>> The squid configuration file and any data referenced from there
>>> should be outside of the chroot directory, and unless you use any
>>> helpers no libraries is required either.
>>
>>
>>
>> Out of curiosity: without squid.conf in the chroot, how does a -k
>> reconfigure work?
>>
>
>
Received on Tue Aug 31 2004 - 16:07:19 MDT
This archive was generated by hypermail pre-2.1.9 : Wed Sep 01 2004 - 12:00:03 MDT