[K12OSN] rsyncing blacklists from mesd
Rob Owens
hick518 at yahoo.com
Thu Jun 23 10:02:01 UTC 2005
Thanks Bill and Eric. I'm using a standalone box for
my SquidGuard, not the K12LTSP box, so this
information is very helpful.
Eric, since you're recommending not to use the
--delete option, can I assume that you never remove
anything from the blacklists? (Nothing gets
blacklisted by mistake and then removed the following
day?)
Thanks again for all the great info.
-Rob
--- Eric Harrison <eharrison at mail.mesd.k12.or.us>
wrote:
> On Wed, 22 Jun 2005, Bill Bardon wrote:
>
> > On Wednesday, Jun 22 Rob Owens wrote:
> >> 1) How often should I rsync my blacklist?
> >
> > Don't know the answer to this one. Will be
> interested to find out
> > myself.
>
> Updates usually happen once a day. The K12LTSP
> squidGuard package is
> set to automatically sync at 5:00am every day.
>
> >> 2) Should I use the --delete option?
> > No. The --delete is an rsync option that works on
> a file-by-file basis,
> > so would do you no good if you're just rsyncing
> one tar file.
>
> No, I you probably don't want to use --delete. The
> "--delete" option
> will likley remove any of your custom & local
> blacklists. Without
> the "--delete" option, only specific blacklist
> categories are
> updated. You can see the list by running this
> command:
>
> rsync squidguard.mesd.k12.or.us::filtering
>
>
> >> 3) When I rsync'd the first time, the owner and
> group
> >> for all files and directories showed up on my
> machine
> >> as "23". Is the proper way to solve this to
> write a
> >> script which rsyncs and then changes the
> ownership to
> >> something that makes sense to my machine, or is
> there
> >> a better way?
> >
> > I have a script that came with the Debian install
> of squidguard that
> > does pretty much just what you described. It sets
> the correct owner and
> > permissions, then updates the squidguard db files
> and restarts squid.
> > Note, it doesn't included the rsync itself.
> >
> > Since it's so small, I can quote the whole thing
> here:
>
> This script would work if you are rolling your own.
> The user needs
> to be changed from "proxy.proxy" to "squid.squid"
> and the path
> from "/var/lib/squidguard/db" to
> "/var/squidGuard/blacklists/".
>
> I'll attach the K12LTSP update script.
>
> > #! /bin/sh
> > # db update script
> > #
> >
> > echo -n "Double checking directory and file
> permissions..."
> > chown -R proxy.proxy /var/lib/squidguard/db
> >/dev/null 2>&1
> > chmod 2770 /var/lib/squidguard/db >/dev/null 2>&1
> > echo "done!"
> > echo -n "Re-building SquidGuard db files..."
> > su - proxy -c "squidGuard -C all" >/dev/null 2>&1
> > su - proxy -c "squidGuard -u" >/dev/null 2>&1
> > echo "done!"
> > if [ -e /etc/init.d/squid ]; then
> > echo -n "Reloading Squid..."
> > /etc/init.d/squid reload >/dev/null 2>&1
> > echo "done!"
> > fi
>
>
> -Eric> #!/bin/sh
>
> TARGET=/var/squidGuard/blacklists
>
> cd $TARGET || exit
>
> # only run if squidGuard is active!
> [ "`ps auxw | grep squid[G]uard`" ] || exit
>
> rsync -az squidguard.mesd.k12.or.us::filtering
> $TARGET
>
> for DIR in `ls $TARGET`
> do
> if [ -f $DIR/domains.include ]
> then
> TMP=$RANDOM
> cat $DIR/domains
> $DIR/domains.include | sort | uniq >
> $DIR/domains.$TMP
> mv -f $DIR/domains.$TMP $DIR/domains
> fi
> if [ -f $DIR/urls.include ]
> then
> TMP=$RANDOM
> cat $DIR/urls $DIR/urls.include |
> sort | uniq > $DIR/urls.$TMP
> mv -f $DIR/urls.$TMP $DIR/urls
> fi
> done
>
> /usr/sbin/squidGuard -c /etc/squid/squidGuard.conf
> -C all
> # /usr/sbin/squidGuard -c /etc/squid/squidGuard.conf
> -u
>
> chown -R squid.squid $TARGET
> chown -R squid.squid /var/log/squidGuard/
>
> sleep 5s
>
> /usr/bin/killall -HUP squid
>
> > _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
____________________________________________________
Yahoo! Sports
Rekindle the Rivalries. Sign up for Fantasy Football
http://football.fantasysports.yahoo.com
More information about the K12OSN
mailing list