[K12OSN] SquidGuard won't start

mrok12osn at eastgranby.k12.ct.us mrok12osn at eastgranby.k12.ct.us
Sat Mar 5 02:49:15 UTC 2005 

If your using FC3 with SELINUX enabled (K12LTSP 4.2.0), there is a problem
with squidGuard and SELinux.  See

https://listman.redhat.com/archives/k12osn/2005-January/msg00188.html

from Eric Harrison for how to fix it.

Mark Orenstein
East Granby, CT School System




> I am trying to set up Squid and SquidGuard.
>
> It seems that Squid starts, but Squidguard will not start.  When I type
> service squid start ....  [FAILED]
> but then
> service squid status shows that it is running with 2 processes.  I know
> that it is working, because I can use it as a proxy from another machine
> in the network. But it will not filter unwanted sites.  Is the [FAILED]
> there because it knows that squidguard did not start properly
>
> I also notice that there are TWO config files - squid.conf and
> squid-squidGuard.conf.  Which one of these is used?
>
> In the services, do I tell the server to start BOTH squid and squidGuard
> on startup?  Or will it start both when squidguard is started.  I ask this
> because when I put in /etc/init.d/squidguard start it seems to start squid
> first and then try to start squidguard. ... will only setting squidguard
> suffice?  If both are selected to start on boot, will it load too many
> processes of itself?
>
> any help is appreciated as always
> Joe Guenther
>
> P.S.  I have included a few log files & squidGuard.conf...
> = = = = = =
> /var/log/squidGuard/squidGuard.log
>
> 2005-03-03 17:21:43 [5339] init domainlist
> /var/squidGuard/blacklists/ads/domains
> 2005-03-03 17:21:43 [5337] init domainlist
> /var/squidGuard/blacklists/ads/domains
> 2005-03-03 17:21:43 [5340] init domainlist
> /var/squidGuard/blacklists/ads/domains
> 2005-03-03 17:21:43 [5341] init domainlist
> /var/squidGuard/blacklists/ads/domains
> 2005-03-03 17:21:43 [5338] init domainlist
> /var/squidGuard/blacklists/ads/domains
> 2005-03-03 17:21:43 [5340] /var/squidGuard/blacklists/ads/domains:
> Permission denied
> 2005-03-03 17:21:43 [5340] going into emergency mode
> 2005-03-03 17:21:43 [5341] /var/squidGuard/blacklists/ads/domains:
> Permission denied
> 2005-03-03 17:21:43 [5341] going into emergency mode
> 2005-03-03 17:21:43 [5339] /var/squidGuard/blacklists/ads/domains:
> Permission denied
> 2005-03-03 17:21:43 [5339] going into emergency mode
> 2005-03-03 17:21:43 [5338] /var/squidGuard/blacklists/ads/domains:
> Permission denied
> 2005-03-03 17:21:43 [5338] going into emergency mode
> 2005-03-03 17:21:43 [5337] /var/squidGuard/blacklists/ads/domains:
> Permission denied
> 2005-03-03 17:21:43 [5337] going into emergency mode
>
> = = = = = = = =
> /var/log/squid/cache.log
>
> 2005/03/03 17:20:43| Preparing for shutdown after 413 requests
> 2005/03/03 17:20:43| Waiting 30 seconds for active connections to finish
> 2005/03/03 17:20:43| FD 12 Closing HTTP connection
> 2005/03/03 17:20:45| Shutting down...
> 2005/03/03 17:20:45| FD 13 Closing ICP connection
> 2005/03/03 17:20:45| Closing unlinkd pipe on FD 10
> 2005/03/03 17:20:45| storeDirWriteCleanLogs: Starting...
> 2005/03/03 17:20:45|   Finished.  Wrote 409 entries.
> 2005/03/03 17:20:45|   Took 0.0 seconds (101262.7 entries/sec).
> CPU Usage: 35.189 seconds = 34.331 user + 0.858 sys
> Maximum Resident Size: 0 KB
> Page faults with physical i/o: 1
> Memory usage for squid via mallinfo():
>         total space in arena:   29032 KB
>         Ordinary blocks:        28954 KB     20 blks
>         Small blocks:               0 KB      5 blks
>         Holding blocks:           200 KB      1 blks
>         Free Small blocks:          0 KB
>         Free Ordinary blocks:      77 KB
>         Total in use:           29154 KB 100%
>         Total free:                77 KB 0%
> 2005/03/03 17:20:45| Squid Cache (Version 2.5.STABLE8): Exiting normally.
> 2005/03/03 17:21:11| Starting Squid Cache version 2.5.STABLE8 for
> i386-redhat-linux-gnu...
> 2005/03/03 17:21:11| Process ID 5315
> 2005/03/03 17:21:11| With 1024 file descriptors available
> 2005/03/03 17:21:11| DNS Socket created at 0.0.0.0, port 32775, FD 5
> 2005/03/03 17:21:11| Adding nameserver 10.24.100.3 from /etc/resolv.conf
> 2005/03/03 17:21:11| helperOpenServers: Starting 5 'squidGuard' processes
> 2005/03/03 17:21:43| User-Agent logging is disabled.
> 2005/03/03 17:21:43| Referer logging is disabled.
> 2005/03/03 17:21:43| Unlinkd pipe opened on FD 15
> 2005/03/03 17:21:43| Swap maxSize 102400 KB, estimated 7876 objects
> 2005/03/03 17:21:43| Target number of buckets: 393
> 2005/03/03 17:21:43| Using 8192 Store buckets
> 2005/03/03 17:21:43| Max Mem  size: 8192 KB
> 2005/03/03 17:21:43| Max Swap size: 102400 KB
> 2005/03/03 17:21:43| Rebuilding storage in /var/spool/squid (CLEAN)
> 2005/03/03 17:21:43| Using Least Load store dir selection
> 2005/03/03 17:21:43| Set Current Directory to /var/spool/squid
> 2005/03/03 17:21:43| Loaded Icons.
> 2005/03/03 17:21:43| Accepting HTTP connections at 0.0.0.0, port 3128, FD
> 17.
> 2005/03/03 17:21:43| Accepting ICP messages at 0.0.0.0, port 3130, FD 18.
> 2005/03/03 17:21:43| WCCP Disabled.
> 2005/03/03 17:21:43| Ready to serve requests.
> 2005/03/03 17:21:44| Done reading /var/spool/squid swaplog (409 entries)
> 2005/03/03 17:21:44| Finished rebuilding storage from disk.
> 2005/03/03 17:21:44|       409 Entries scanned
> 2005/03/03 17:21:44|         0 Invalid entries.
> 2005/03/03 17:21:44|         0 With invalid flags.
> 2005/03/03 17:21:44|       409 Objects loaded.
> 2005/03/03 17:21:44|         0 Objects expired.
> 2005/03/03 17:21:44|         0 Objects cancelled.
> 2005/03/03 17:21:44|         0 Duplicate URLs purged.
> 2005/03/03 17:21:44|         0 Swapfile clashes avoided.
> 2005/03/03 17:21:44|   Took 1.9 seconds ( 213.8 objects/sec).
> 2005/03/03 17:21:44| Beginning Validation Procedure
> 2005/03/03 17:21:45|   Completed Validation Procedure
> 2005/03/03 17:21:45|   Validated 409 Entries
> 2005/03/03 17:21:45|   store_swap_size = 4096k
> 2005/03/03 17:21:45| storeLateRelease: released 0 objects
>
> = = = = =
> /etc/squidGuard.conf
>
> #
> # CONFIG FILE FOR SQUIDGUARD
> #
> # See http://www.squidguard.org/config/ for more examples
> #
>
> dbhome /var/squidGuard/blacklists
> logdir /var/log/squidGuard
>
> dest ads {
>     log        ads
>     domainlist    ads/domains
>     urllist        ads/urls
> }
>
> dest audio-video {
>     log        audio-video
>     domainlist    audio-video/domains
>     urllist        audio-video/urls
> }
>
> dest aggressive {
>     log        aggressive
>     domainlist    aggressive/domains
>     urllist        aggressive/urls
> }
>
> dest drugs {
>     log        drugs
>     domainlist    drugs/domains
>     urllist        drugs/urls
> }
>
> dest gambling{
>     log        gambling
>     domainlist    gambling/domains
>     urllist        gambling/urls
> }
>
> dest hacking {
>     log        hacking
>     domainlist    hacking/domains
>     urllist        hacking/urls
> }
>
> dest mail {
>     log        mail
>     domainlist    mail/domains
>     urllist        mail/urls
> }
>
> dest porn{
>     log        porn
>     domainlist    porn/domains
>     urllist        porn/urls
> }
>
> dest proxy{
>     log        proxy
>     domainlist    proxy/domains
>     urllist        proxy/urls
> }
>
> dest violence{
>     log        violence
>     domainlist    violence/domains
>     urllist        violence/urls
> }
>
> dest warez{
>     log        warez
>     domainlist    warez/domains
>     urllist        warez/urls
> }
>
> dest local-ok{
>     domainlist      local-ok/domains
>     urllist         local-ok/urls
> }
>
> dest local-block{
>     log             local-block
>     domainlist      local-block/domains
>     urllist         local-block/urls
> }
>
> rewrite google {
>     s@(google.com/search.*q=.*)@\1\&safe=active at i
>     s@(google.com/images.*q=.*)@\1\&safe=active at i
>     s@(google.com/groups.*q=.*)@\1\&safe=active at i
>     s@(google.com/news.*q=.*)@\1\&safe=active at i
>     # log google
> }
>
> acl {
>     default {
> 	# for google to be in "safe mode"
> 	rewrite google
>
> 	# the default categories are conservative, please add any additional
> 	# categories listed above or simply comment out this line and uncomment
> 	# out the line below it.
>         pass local-ok !local-block !gambling !porn !warez all
> #        pass local-ok !local-block !aggressive !drugs !gambling !hacking
> !porn !proxy !violence !warez all
>
>         redirect
> 302:http://squid.chinooksedge.ab.ca/cgi-bin/squidGuard.cgi?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetgroup=%t&url=%u
>         # redirect
> 302:http://squid.chinooksedge.ab.ca/cgi-bin/squidGuard-simple.cgi?clientaddr=%a&clientname=%n&clientident=%i&srcclass=%s&targetclass=%t&url=%u
>     }
> }
>
>
> = = = = = = = = = = = = =
> Lantech - Didsbury
> Chinook's Edge School Div.
>
>
>
>
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
>

More information about the K12OSN mailing list