On Mon, 20 Sep 2004, R. Benjamin Kessler wrote:
Has anyone hacked together a HOWTO for setting-up Squid in a chroot environment?
How to depends very much on which helpers if any you require.
If your setup does not require any helpers then chrooting is trivial
Assuming you are using the default setup where Squid is contained within /usr/local/squid/...
set up /usr/local/squid for chroot
cd /usr/local/squid
mkdir -p usr/local
ln -s ../.. usr/local/squid
[now you should end up in /usr/local/squid if you try to cd to /usr/local/squid/usr/local/squid]
mkdir dev
mknod -m 666 dev/null c 1 3
add the following to squid.conf
chroot /usr/local/squid
If your Squid depends on helpers (including but not limited to the unlinkd helper) then a bit more work is needed as the chroot needs to be fully prepared to run the helpers in question. For this the normal howtos on how to chroot an application applies. You need to copy any dynamic libraries and other files required by the helper or the libraries used by the helper.
Regards Henrik
