LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 08-24-2009, 07:27 AM   #1
lieb39
LQ Newbie
 
Registered: Aug 2004
Posts: 7

Rep: Reputation: 0
Squid cannot access ACL (strtokfile error)


Hello everyone,

I'm banging my head on this one. I've configured squid (via squid.conf) to read my ACL, as per below:

Quote:
acl blacklist url_regex "/var/www/blacklist.acl"
http_access deny blacklist
I believe I have the correct permissions set on the file:
Quote:
ls -l blacklist.acl
-rwxrwxr-x 1 root squid 38 Aug 18 22:16 blacklist.acl
Yet when I restart squid I get this..
Quote:
service squid restart
Stopping squid: 2009/08/18 22:38:49| strtokFile: /var/www/blacklist.acl not found
2009/08/18 22:38:49| aclParseAclLine: WARNING: empty ACL: acl blacklist url_regex "/var/www/blacklist.acl"
2009/08/18 22:38:49| Failed to acquire SSL certificate '(null)': error:0200100E:system library:fopen:Bad address
. [OK]
Starting squid: . [ OK]
Anyone have any ideas why this is failing? I have no idea!

Thanks,

lieb39
 
Old 08-24-2009, 08:15 AM   #2
ilikejam
Senior Member
 
Registered: Aug 2003
Location: Glasgow
Distribution: Fedora / Solaris
Posts: 3,109

Rep: Reputation: 96
Hi.

What are the permissions on /var/www ?

Dave
 
Old 08-24-2009, 08:17 AM   #3
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Are the permissions for /var/www okay?

EDIT: Sorry, ilikejam. I should have refreshed the page before submitting.

Last edited by win32sux; 08-24-2009 at 08:19 AM.
 
Old 08-24-2009, 08:26 AM   #4
lieb39
LQ Newbie
 
Registered: Aug 2004
Posts: 7

Original Poster
Rep: Reputation: 0
Quote:
ls -l
drwxr-xrwx 6 root apache_edit 4096 Aug 16 22:18 www
I've set the 'others' permissions to full, since it's the apache folder and I don't exactly want to remove apache.. (I'm not too comfortable with Linux File Permissions)

Thanks,
lieb39
 
Old 08-24-2009, 10:03 AM   #5
ilikejam
Senior Member
 
Registered: Aug 2003
Location: Glasgow
Distribution: Fedora / Solaris
Posts: 3,109

Rep: Reputation: 96
Hmmm. Looks OK.

Are you using Fedora or RedHat perhaps? Maybe SELinux is getting in your way?

Dave
 
Old 08-24-2009, 05:38 PM   #6
lieb39
LQ Newbie
 
Registered: Aug 2004
Posts: 7

Original Poster
Rep: Reputation: 0
Disabled SELinux - Using Centos 5.3.

I've tried to make a "ln" link so the file has the path /etc/squid/ but no luck. But If a just make a fresh file in /etc/squid - no issues. Of course, this isn't possible..

Anything ideas?

Odd thing is that in the Webmin GUI, Webmin can see the file and displays it in the little textbox.. but squid still doesn't see it.

Thanks
 
Old 08-24-2009, 05:50 PM   #7
ilikejam
Senior Member
 
Registered: Aug 2003
Location: Glasgow
Distribution: Fedora / Solaris
Posts: 3,109

Rep: Reputation: 96
Well this is all very odd. What happens if you do:
chmod 777 /var
chmod 777 /var/www
chmod 777 /var/www/blacklist.acl
and start squid again?

I wouldn't leave the permissions that open for long, but it would make sure it is/isn't a permissions thing.

Dave
 
Old 08-25-2009, 02:24 AM   #8
lieb39
LQ Newbie
 
Registered: Aug 2004
Posts: 7

Original Poster
Rep: Reputation: 0
Well, problem fixed. one of the blokes in my class did it - easy.

setfacl -m u:apache:r blacklist.acl

that's it - fixed.

Cheers
 
Old 08-25-2009, 05:20 AM   #9
ilikejam
Senior Member
 
Registered: Aug 2003
Location: Glasgow
Distribution: Fedora / Solaris
Posts: 3,109

Rep: Reputation: 96
Ah.

Just out of interest, could you show us what 'getfacl /var/www/blacklist.acl' looks like?

Dave
 
Old 08-25-2009, 06:12 AM   #10
lieb39
LQ Newbie
 
Registered: Aug 2004
Posts: 7

Original Poster
Rep: Reputation: 0
No worries -
Quote:
getfacl: Removing leading '/' from absolute path names
# file: var/www/blacklist.acl
# owner: root
# group: squid
user::rwx
user:squid:r--
group::rwx
mask::rwx
other::r-x
Cheers
 
Old 08-25-2009, 12:20 PM   #11
anomie
Senior Member
 
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora, Lubuntu, FreeBSD
Posts: 3,930
Blog Entries: 5

Rep: Reputation: Disabled
Does blacklist.acl contain anything, or is it empty?

$ file /var/www/blacklist.acl
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Squid ACL error dellthinker Linux - Server 2 08-21-2009 04:31 PM
squid acl Winanjaya Linux - Server 1 04-23-2009 12:03 PM
Squid : Multiple access log files (ACL Wise) suhas! Linux - Server 0 09-24-2007 01:43 AM
Squid ACL - what happens when a user go goes past their allowed access time? Grizzlednewbie Linux - Software 0 07-07-2004 01:37 AM
Squid ACL dfctve_end_user Linux - Networking 2 01-13-2003 10:30 AM


All times are GMT -5. The time now is 02:01 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration