LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 12-15-2011, 09:24 PM   #1
mrpurple
Member
 
Registered: May 2010
Posts: 50

Rep: Reputation: 1
reloading squid changes ownership and kills transparent proxy


I'd like to reload my modified ACLs using
Code:
sudo service squid reload
except when I do, my transparent proxy stops working
Code:
 ps aux | grep squid
gives
Code:
root      6484  0.3 80.9 515804 359436 ?       Rs   15:46   0:05 /usr/sbin/squid -N -D
tango     6998  0.0  0.1   3324   804 pts/0    S+   16:15   0:00 grep --color=auto squid
If i restart squid with
Code:
sudo service squid restart
and ps aux again i get
Code:
proxy     7010 34.8 86.5 515408 384160 ?       Ss   16:15   0:04 /usr/sbin/squid -N -D
tango     7013  0.0  0.1   3324   804 pts/0    S+   16:15   0:00 grep --color=auto squid
And the transparent proxy starts working again???
Anybody know why the ownership (and functionality) changes? I would rather use reload as its substantially faster but its not much use at the moment.
I'm using ubuntu 10.04 and squid 2.7STABLE7
 
Old 12-16-2011, 02:56 AM   #2
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,937

Rep: Reputation: 1330Reputation: 1330Reputation: 1330Reputation: 1330Reputation: 1330Reputation: 1330Reputation: 1330Reputation: 1330Reputation: 1330Reputation: 1330
Hi,

I guess you hit this bug. Try to update your squid version and see if it works.

Regards
 
Old 12-18-2011, 04:15 PM   #3
mrpurple
Member
 
Registered: May 2010
Posts: 50

Original Poster
Rep: Reputation: 1
Thanks,
Wow my first bug! (rather than operator error)
OK I followed an upgrade how to from here http://ubuntuforums.org/showthread.php?t=1460005
And managed to get squid3 up and running but I'm still having similar problems so I'm going for squid3 into a clean (no squid 2.7) installation and see how that pans out.
Thanks again
For those who want to know here were the commands (As best as I could document them for by 32bit system as I went) to get Squid3.1.16 onto ubuntu 10.04
Code:
cd ~/
mkdir newsquid
cd newsquid
sudo apt-get install build-essential libldap2-dev libpam0g-dev libdb-dev dpatch cdbs libsasl2-dev debhelper libcppunit-dev libkrb5-dev comerr-dev libcap2-dev libexpat1-dev libxml2-dev libcap2-dev dpkg-dev curl
wget http://ftp.us.debian.org/debian/pool/main/libm/libmd5-perl/libmd5-perl_2.03-1_all.deb
sudo dpkg -i libmd5-perl_2.03-1_all.deb
#go to http://ftp.us.debian.org/debian/pool/main/libm/libmd5-perl/ and find the latest version of the all_deb file copy the file name into the following commands where approriate
wget http://ftp.de.debian.org/debian/pool/main/s/squid3/squid3_3.1.16-1.dsc
wget http://ftp.de.debian.org/debian/pool/main/s/squid3/squid3_3.1.16.orig.tar.gz
wget http://ftp.de.debian.org/debian/pool/main/s/squid3/squid3_3.1.16-1.debian.tar.gz
sudo dpkg-source -x squid3_3.1.16-1.dsc
cd  squid3-3.1.16
sudo apt-get install libltdl-dev
sudo dpkg-buildpackage -b
cd ../
wget http://ftp.nz.debian.org/debian/pool/main/s/squid-langpack/squid-langpack_20110902-1_all.deb
sudo dpkg -i squid-langpack_20110902-1_all.deb
wget http://ftp.de.debian.org/debian/pool/main/s/squid3/squid3-common_3.1.16-1_all.deb
sudo dpkg -i squid3-common_3.1.16-1_all.deb
wget http://ftp.de.debian.org/debian/pool/main/s/squid3/squid3_3.1.16-1_i386.deb
sudo dpkg -i squid3_3.1.16-1_i386.deb
wget http://ftp.de.debian.org/debian/pool/main/s/squid3/squid-cgi_3.1.16-1_i386.deb
sudo dpkg -i squid-cgi_3.1.16-1_i386.deb
sudo cp /usr/share/doc/squid3-common/squid.conf.documented.gz /etc/squid3
sudo gunzip /etc/squid3/squid.conf.documented.gz
sudo nano /etc/squid3/squid.conf
#Now you have to make the changes to the conf file as you did with the old squid including some changes related to the new version such as
#http_port 3128 transparent
#Becomes
http_port 3128 intercept
#I had to add back in my ACLs too but mostly had them in includes files so that was easy
#removed old squid
sudo apt-get remove squid
sudo /etc/init.d/squid3 start
 
Old 12-19-2011, 01:39 PM   #4
mrpurple
Member
 
Registered: May 2010
Posts: 50

Original Poster
Rep: Reputation: 1
Ok so installing the latest from scratch landed me in effectinvely the same position with the squid process being owned by root instead of proxy.
Here's what I did to fix: It seems that a failed configuration is the cause in this case. Checking the /var/log/cache.log pointed me to various issues, including conflicting acl rules, which when fixed allowed the reload to run squid owned by proxy.
 
Old 12-19-2011, 01:58 PM   #5
mrpurple
Member
 
Registered: May 2010
Posts: 50

Original Poster
Rep: Reputation: 1
Its probably worth adding that if an error in a custom rule does switch the ownership to root then you have to fix it AND restart squid to get proxy ownership back
 
  


Reply

Tags
ownership, proxy, squid, transparent


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Squid transparent proxy astalavista2000 Linux - Server 3 11-20-2011 07:40 PM
Squid Transparent Proxy SBN Linux - Server 6 07-11-2007 03:54 AM
Squid as a transparent proxy kemplej Linux - Software 2 12-08-2004 05:00 PM
Squid Transparent Proxy 1jamie Linux - Security 7 09-26-2003 06:09 AM
squid transparent proxy...... hitesh_linux Linux - Networking 1 06-13-2003 03:24 AM


All times are GMT -5. The time now is 11:18 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration