cache.log was being created as root, then would later fail to open

with 'Permission denied'.  We were calling leave_suid() after parsing
the config, but before calling configDoConfigure().

We must call configDoConfigure() before leave_suid() because
configDoConfigure() is where we turn username strings into
uid values.

diff --git a/src/cache_cf.cc b/src/cache_cf.cc
index b8cdc1d6af872e9bdb96fbfce2dbab79713163bf..2c5af9d00c0f9e492f429a7ffdde79f87f8bf164 100644 (file)
--- a/src/cache_cf.cc
+++ b/src/cache_cf.cc
@@ -1,6 +1,6 @@
 
 /*
- * $Id: cache_cf.cc,v 1.506 2007/04/06 12:15:51 serassio Exp $
+ * $Id: cache_cf.cc,v 1.507 2007/04/11 22:57:34 wessels Exp $
  *
  * DEBUG: section 3     Configuration File Parsing
  * AUTHOR: Harvest Derived
@@ -328,14 +328,19 @@ parseConfigFile(const char *file_name, CacheManager & manager)
 
     defaults_if_none();
 
+    /*
+     * We must call configDoConfigure() before leave_suid() because
+     * configDoConfigure() is where we turn username strings into
+     * uid values.
+     */
+    configDoConfigure();
+
     if (!Config.chroot_dir) {
         leave_suid();
         _db_init(Config.Log.log, Config.debugOptions);
         enter_suid();
     }
 
-    configDoConfigure();
-
     if (opt_send_signal == -1) {
         manager.registerAction("config",
                                "Current Squid Configuration",

diff --git a/src/debug.cc b/src/debug.cc
index 13bc44d59bf7a3f18c10328b19dbf3d2fc182fb8..b33182f501376a5a0222854edbfd1625c970ba42 100644 (file)
--- a/src/debug.cc
+++ b/src/debug.cc
@@ -1,6 +1,6 @@
 
 /*
- * $Id: debug.cc,v 1.99 2006/08/28 10:11:10 serassio Exp $
+ * $Id: debug.cc,v 1.100 2007/04/11 22:57:34 wessels Exp $
  *
  * DEBUG: section 0     Debug Routines
  * AUTHOR: Harvest Derived
@@ -263,6 +263,7 @@ debugOpenLog(const char *logfile) {
     if (debug_log && debug_log != stderr)
         fclose(debug_log);
 
+    assert(geteuid() != 0);
     debug_log = fopen(logfile, "a+");
 
     if (!debug_log) {