Date: Wed, 06 Jul 2005 04:17:52 +0930 From: Wayne Sierke <ws@au.dyndns.ws> To: Chuck Swiger <cswiger@mac.com> Cc: freebsd-questions@freebsd.org Subject: Re: squid bind to port 80 fails when started via squid.sh script Message-ID: <1120589272.57575.81.camel@au.dyndns.ws> In-Reply-To: <42CAC5B3.6070400@mac.com> References: <1120584597.57575.51.camel@au.dyndns.ws> <42CAC5B3.6070400@mac.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 2005-07-05 at 13:38 -0400, Chuck Swiger wrote: > Wayne Sierke wrote: > > FreeBSD 5.4-RELEASE/squid-2.5.9_3 > > > > If I start squid via the script (as root), I get: > > > > /var/log/squid_cache.log: > > > > commBind: Cannot bind socket FD 11 to *:80: (13) Permission denied > > FATAL: Cannot open HTTP Port > > Squid Cache (Version 2.5.STABLE9): Terminated abnormally. > > The squid startup script probably changes to a non-root user before running the > squid binary, which means that squid cannot bind to a port below 1024. > Normally, people run squid on port 3128, although 8080 is also relatively common. You are exactly right, of course. I hadn't been able to spot anything obvious as to where that might be happening in the script so after your response I was prompted to grep through /etc/rc.subr. I now know what all those $(name)_* vars in the startup scripts are for! :) Given that squid.conf contains 'cache_effective_user' and 'cache_effective_group' settings, the 'squid_user' variable in the script is probably redundant. And that seems to be confirmed by a comparison of 'ps aux | grep squid' results from launching squid directly and, now, via the script with the squid_user var removed: root 92882 0.0 0.3 3172 1764 ?? Is 2:51AM 0:00.00 /usr/local/sbin/squid -D squid 92884 0.0 1.3 7472 6668 ?? S 2:51AM 0:00.24 (squid) -D (squid) squid 92885 0.0 0.1 1188 548 ?? Is 2:51AM 0:00.01 (unlinkd) (unlinkd) root 93310 0.0 0.3 3172 1764 ?? Is 3:29AM 0:00.00 /usr/local/sbin/squid -D squid 93312 0.0 1.3 7472 6668 ?? S 3:29AM 0:00.19 (squid) -D (squid) squid 93313 0.0 0.1 1188 548 ?? Is 3:29AM 0:00.01 (unlinkd) (unlinkd) I suppose the remaining question is whether there exists a valid reason to keep the squid_user variable in the script, or is it purely redundant and, in this case, troublesome. (By the way, the reason for running squid on port 80 is to run it as an httpd_accelerator, and in my case specifically, to allow for the handling of virtual web-hosts on a single IP over multiple servers.) In any case I suppose I should pose this question to the port maintainer. Many thanks, Wayne
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1120589272.57575.81.camel>