From f2a93f5c0e2b160882607e4a4b646a64faf5def4 Mon Sep 17 00:00:00 2001
From: doktornotor <notordoktor@gmail.com>
Date: Wed, 9 Sep 2015 11:14:00 +0200
Subject: Squid3 - squid pinger helper needs to be suid root (Bug #5114)

---
 config/squid3/34/squid.inc | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

(limited to 'config/squid3/34/squid.inc')

diff --git a/config/squid3/34/squid.inc b/config/squid3/34/squid.inc
index 57527876..f0eea327 100755
--- a/config/squid3/34/squid.inc
+++ b/config/squid3/34/squid.inc
@@ -306,9 +306,10 @@ function squid_install_command() {
 	update_status("Creating squid cache pools... One moment please...");
 	squid_dash_z();
 
-	/* make sure pinger is executable */
+	/* make sure pinger is executable and suid root */
+	// XXX: Bug #5114
 	if (file_exists(SQUID_LOCALBASE. "/libexec/squid/pinger"))
-		@chmod(SQUID_LOCALBASE. "/libexec/squid/pinger", 0755);
+		@chmod(SQUID_LOCALBASE. "/libexec/squid/pinger", 4755);
 
 	// XXX: Is it really necessary?
 	if (file_exists("/usr/local/etc/rc.d/squid"))
@@ -1876,10 +1877,10 @@ function squid_resync($via_rpc="no") {
 	// write config file
 	file_put_contents(SQUID_CONFFILE, $conf);
 
-	/* make sure pinger is executable */
-	// XXX: Is it really necessary? Who could change its permission?
+	/* make sure pinger is executable and suid root */
+	// XXX: Bug #5114
 	if (file_exists(SQUID_LOCALBASE . "/libexec/squid/pinger"))
-		@chmod(SQUID_LOCALBASE. "/libexec/squid/pinger", 0755);
+		@chmod(SQUID_LOCALBASE. "/libexec/squid/pinger", 4755);
 
 	$log_dir="";
 	// check if squid is enabled
-- 
cgit v1.2.3


From bca9c324b12ca25bd87b4390852fd188f1a00b23 Mon Sep 17 00:00:00 2001
From: doktornotor <notordoktor@gmail.com>
Date: Wed, 9 Sep 2015 11:33:33 +0200
Subject: do not silence errors with chmod

---
 config/squid3/34/squid.inc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'config/squid3/34/squid.inc')

diff --git a/config/squid3/34/squid.inc b/config/squid3/34/squid.inc
index f0eea327..76deb94c 100755
--- a/config/squid3/34/squid.inc
+++ b/config/squid3/34/squid.inc
@@ -309,7 +309,7 @@ function squid_install_command() {
 	/* make sure pinger is executable and suid root */
 	// XXX: Bug #5114
 	if (file_exists(SQUID_LOCALBASE. "/libexec/squid/pinger"))
-		@chmod(SQUID_LOCALBASE. "/libexec/squid/pinger", 4755);
+		chmod(SQUID_LOCALBASE. "/libexec/squid/pinger", 4755);
 
 	// XXX: Is it really necessary?
 	if (file_exists("/usr/local/etc/rc.d/squid"))
@@ -1880,7 +1880,7 @@ function squid_resync($via_rpc="no") {
 	/* make sure pinger is executable and suid root */
 	// XXX: Bug #5114
 	if (file_exists(SQUID_LOCALBASE . "/libexec/squid/pinger"))
-		@chmod(SQUID_LOCALBASE. "/libexec/squid/pinger", 4755);
+		chmod(SQUID_LOCALBASE. "/libexec/squid/pinger", 4755);
 
 	$log_dir="";
 	// check if squid is enabled
-- 
cgit v1.2.3