seLinux, Squid and adzap
Daniel J Walsh
dwalsh at redhat.com
Mon Jul 11 13:09:59 UTC 2005
David Niemi wrote:
>On Sun, 2005-10-07 at 12:15 -0400, David Niemi wrote:
>
>
>>I am trying to get squid to run as an accelerator and also do ad zapping
>>with Cameron Simpson's AdZap routine. I am getting lots of SELinux
>>errors for the zapping script to be run by squid and also that squid do
>>something with swap.state and swap log
>>
>>setting the SELinux protection off for squid still results in the error
>>about the swap.state and swap log.
>>
>>so it seems that I need to change something with the SELinux context for
>>squid and the adzap scripts but have no real idea how to go about. I
>>tried relabeling but that didn't do it.
>>
>>
>>
> < SNIP >
>
>
>>2005/07/10 11:33:21| /var/spool/squid/swap.state: (13) Permission denied
>>FATAL: storeUfsDirOpenSwapLog: Failed to open swap log.
>>Squid Cache (Version 2.5.STABLE9): Terminated abnormally.
>>
>>
>
>Some searching with google revealed that the swap.state is not owned by
>squid but by root. I did a chown squid:squid /var/spool/squid/swap.state
>and now squid starts.
>
>For the AdZap files:
>/usr/local/bin/
>
>
>>[root at rhonda bin]# ls -alZ
>>drwxr-xr-x root root system_u:object_r:bin_t .
>>drwxr-xr-x root root system_u:object_r:usr_t ..
>>-rwxr-xr-x root root system_u:object_r:bin_t squid_redirect
>>-rwxr-xr-x root root system_u:object_r:bin_t wrapzap
>>
>>
>>
>
>Should these be owned by squid also or ?
>
>
>
No
--
More information about the fedora-list
mailing list