SELinux denies access to Squid 3.3 running on Centos 7
Hi I recently decided to setup a proxy server for our company using Squid 3.3 on Centos 7.
I thought that having a dedicated hard disk for the cache would be a good idea so I mounted /dev/sdb as /var/spool/squid. I was meticulous ensuring that the permissions and ownership were exactly the same as the mount point /var/log/squid. When starting squid I got the error: ERROR opening swap log /var/spool/squid/swap.state: Permission denied After much run-around trying to figure out what I'd done wrong I decided to disable SELinux as a stab in the dark. I ran "setenforce 0" and tried to start squid again and bingo it worked. So I now know that SELinux is interfering with Squid writing to the disk I mounted but I have almost no knowledge about SELinux and how to go about resolving this. I imagine that its a bad idea to leave SELinux in permissive mode. Any help would be greatly appreciated. |
The SELinux security context is not the same, you can see the security context label by using the -Z option, for example: ls -lZ /var/spool/squid
Start by looking at /var/log/messages: grep setroubleshoot /var/log/messages More then likely you probably just need to run: restorecon -Rv /var/spool/squid. Watch this tutorial: https://www.youtube.com/watch?v=q_y30qZ_plQ Watch this tutorial: https://www.youtube.com/watch?v=bQqX3RWn0Yw Reference: http://wiki.centos.org/HowTos/SELinux |
Quote:
Code:
# Generic: |
Thank you for the feedback. I'm going to try what you have suggested.
|
All times are GMT -5. The time now is 07:20 AM. |