Hi,
Just for the records: exactly the same error messages occur with 'squid 4.0.24'.
Best, Matthias
On 21.01.2018 19:57, Michael Tremer wrote:
Hello,
yes this is correct.
We don't allow an unprivileged user to load any kernel modules.
What does squid need this for? Why are you playing around with squid 4? You should be able to load the module first and then start squid.
Best, -Michael
On Sun, 2018-01-21 at 01:50 +0100, Matthias Fischer wrote:
Hi,
Just to keep in touch, I tested 'squid 4.0.23' yesterday - it seemed to run fine at first. But after a while I took a closer look at the logs and discovered a bunch of kernel messages within a few hours and I don't know what exactly triggered these messages:
... 132 Time(s): grsec: denied kernel module auto-load of nf_conntrack_netlink by uid 23 ...
As far as I found out: "uid 23" => squid-user, and the new squid tried to 'autoload' a module which 'grsec' didn't like. Is this a correct interpretation and has anyone some useable clue how to avoid this?
Besides, after going back to '3.5.27' the messages didn't came back again. '4.0.22' didn't throw these messages, too. They changed something and I don't know what it is...
Thanks for all tips!
Best, Matthias