+1 How can I reproduce he error? Is there a bug report open for this issue?
Thanks, Eliezer ---- Eliezer Croitoru Linux System Administrator Mobile: +972-5-28704261 Email: [email protected] -----Original Message----- From: squid-dev [mailto:[email protected]] On Behalf Of Amos Jeffries Sent: Wednesday, March 15, 2017 6:43 AM To: [email protected] Subject: Re: [squid-dev] To make squid works in snap world. On 15/03/2017 3:44 a.m., Gary Wang wrote: > Hi guys > I'm sorry that I'm here so late. :( > Generally, regarding the purpose of this MP. > > https://code.launchpad.net/~gary-wzl77/squid/ipc_prefix/+merge/318714 > > I'd like to make squid snap works as a confined > <https://snapcraft.io/docs/reference/confinement>snap in snap world. > So that we can ship this snap in ubuntu-core. > The reason why I need to add compile option to enable to customize > IPC prefix at compiling time is that in order to use shared memory in > an app which released as a snap package the only allowed file path > will be like this <https://bugs.launchpad.net/snappy/+bug/1653955>(in > the following > namespace) > /dev/shm/sem.snap.@{SNAP_NAME}.* > > Hence in our case, the shared memory file path should be > /dev/shm/sem.snap.squid-snap.{random-string} > Otherwise, you will get the following error when running the squid > in snap world > http://paste.ubuntu.com/24175840/ > Having looked at this a lot more now I think the patch is based on an incorrect assumption. You see Squid complaining of /dev/shm Permissions error. Other people getting that error in snap world were using semaphores and fixed it by using snap /dev/shm/sem.* names. So you fixed the /dev/shm naming to match snap semaphore naming. ... but Squid does *not* use semaphores. Simply making Squid pretend to be doing semaphores to bypass the security is not the right way forward. The real question is why the permissions error is occuring? What in snap world is refusing permission? Amos _______________________________________________ squid-dev mailing list [email protected] http://lists.squid-cache.org/listinfo/squid-dev _______________________________________________ squid-dev mailing list [email protected] http://lists.squid-cache.org/listinfo/squid-dev
