Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have a DMZ with Ubuntu 11.04 on the web server and Ubuntu 11.10 on the applications server. I am thinking of setting the Squid proxy up on the web server in order to enhance security by having Squid keep a log of packets that go in and out.
I read here that on should have a separate account for Squid. But the article is pretty old and a more recent article about using Squid for security does not mention doing that. Also I am running a web site and it seems that I need to be logged into the account I am running the web site from.
Any advice about whether I should have a separate account for Squid would be greatly appreciated.
I recommend installing it with your package manager and then reading /usr/share/doc/squid/README.Debian.gz and then decide if you want to (and how)
to run as a dedicated user.
Depends on how you want it set up really. But I would stick with separate accounts for separate tasks, just for logging purposes. But maybe it's easier to have one account for everything, but when the time comes to troubleshoot it may be harder to find the trouble point.
I recommend installing it with your package manager and then reading /usr/share/doc/squid/README.Debian.gz and then decide if you want to (and how)
to run as a dedicated user.
Evo2.
Thank you for your reply. I got the following errors when I tried to install Squid from the Ubuntu (v 11.04) software center.
Code:
installArchives() failed: Preconfiguring packages ...
Preconfiguring packages ...
Preconfiguring packages ...
Selecting previously deselected package squid.
(Reading database ...
(Reading database ... 5%
(Reading database ... 10%
(Reading database ... 15%
(Reading database ... 20%
(Reading database ... 25%
(Reading database ... 30%
(Reading database ... 35%
(Reading database ... 40%
(Reading database ... 45%
(Reading database ... 50%
(Reading database ... 55%
(Reading database ... 60%
(Reading database ... 65%
(Reading database ... 70%
(Reading database ... 75%
(Reading database ... 80%
(Reading database ... 85%
(Reading database ... 90%
(Reading database ... 95%
(Reading database ... 100%
(Reading database ... 263966 files and directories currently installed.)
Unpacking squid (from .../squid_2.7.STABLE9-2.1ubuntu6_i386.deb) ...
Processing triggers for ureadahead ...
Processing triggers for ufw ...
Processing triggers for man-db ...
Setting up rsh-client (0.17-15) ...
update-alternatives: error: alternative link /usr/bin/rcp is already managed by rcpDisabled.
dpkg: error processing rsh-client (--configure):
subprocess installed post-installation script returned error exit status 2
Setting up squid (2.7.STABLE9-2.1ubuntu6) ...
squid start/running, process 24039
Errors were encountered while processing:
rsh-client
Setting up rsh-client (0.17-15) ...
update-alternatives: error: alternative link /usr/bin/rcp is already managed by rcpDisabled.
dpkg: error processing rsh-client (--configure):
subprocess installed post-installation script returned error exit status 2
Depends on how you want it set up really. But I would stick with separate accounts for separate tasks, just for logging purposes. But maybe it's easier to have one account for everything, but when the time comes to troubleshoot it may be harder to find the trouble point.
Thank you for your reply. Sorry if this is a stupid question. A lot of this is new to me. If I am running Squid from a separate account, would I not need to log out of any other account and log into the Squid account in order for Squid to run?
Thank you for your reply. Sorry if this is a stupid question. A lot of this is new to me. If I am running Squid from a separate account, would I not need to log out of any other account and log into the Squid account in order for Squid to run?
The daemon startup would be initiated by root but an su to the squid user would be performed before squid is launched. This is standard practice for a huge number of daemons that run on *nix type systems.
Please check the README.Debian.gz as I suggested earlier.
I got the following errors when I tried to install Squid from the Ubuntu (v 11.04) software center.
for some reason you seem to be trying to install rsh-client. Unfortunately the full output is missing (or perhaps this is a "feature" of "software center") so I don't know why that is happening.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.