diff options
| author | doktornotor <notordoktor@gmail.com> | 2015-09-09 11:22:11 +0200 |
|---|---|---|
| committer | doktornotor <notordoktor@gmail.com> | 2015-09-09 11:22:11 +0200 |
| commit | 25d07ebf925d7007724e63453d23533c986196fb (patch) | |
| tree | 69d8398e94a2ddf3443b9dac0e3926226890be32 | |
| parent | a10decb034a9860173709071cab8cba78c8c5ca6 (diff) | |
| download | pfsense-packages-25d07ebf925d7007724e63453d23533c986196fb.tar.gz pfsense-packages-25d07ebf925d7007724e63453d23533c986196fb.tar.bz2 pfsense-packages-25d07ebf925d7007724e63453d23533c986196fb.zip | |
Squid - squid pinger helper needs to be suid root (Bug #5114)
| -rw-r--r-- | config/squid/squid.inc | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/config/squid/squid.inc b/config/squid/squid.inc index 48a92a75..27bff27b 100644 --- a/config/squid/squid.inc +++ b/config/squid/squid.inc @@ -210,9 +210,11 @@ function squid_install_command() { /* create cache */ update_status("Creating squid cache pools... One moment please..."); squid_dash_z(); - /* make sure pinger is executable */ + /* make sure pinger is executable and suid root */ + // XXX: Bug #5114 if(file_exists(SQUID_LOCALBASE . "/libexec/squid/pinger")) exec("/bin/chmod a+x " . SQUID_LOCALBASE . "/libexec/squid/pinger"); + exec("/bin/chmod u+s " . SQUID_LOCALBASE . "/libexec/squid/pinger"); if(file_exists(SQUID_LOCALBASE . "/etc/rc.d/squid")) exec("/bin/rm " . SQUID_LOCALBASE . "/etc/rc.d/squid"); squid_write_rcfile(); @@ -1096,9 +1098,11 @@ function squid_resync() { squid_resync_users(); squid_write_rcfile(); - /* make sure pinger is executable */ + /* make sure pinger is executable and suid root */ + // XXX: Bug #5114 if(file_exists(SQUID_LOCALBASE . "/libexec/squid/pinger")) - exec("chmod a+x " . SQUID_LOCALBASE . "/libexec/squid/pinger"); + exec("/bin/chmod a+x " . SQUID_LOCALBASE . "/libexec/squid/pinger"); + exec("/bin/chmod u+s " . SQUID_LOCALBASE . "/libexec/squid/pinger"); foreach (array( SQUID_CONFBASE, SQUID_ACLDIR, |