Hendrik Voigtländer wrote:
>
>
> denis bonnenfant wrote:
>
>> Hendrik Voigtländer wrote:
>>
>>> denis bonnenfant wrote:
>>>
>>>> Hello list,
>>>>
>>>> I'm using squid 2.5 and squidguard with a transparent proxy setup.
>>>> internet acces is granted to users using lists of client's IPs in
>>>> squidguard. these lists are automatically generated with samba logon
>>>> scripts, allowing real user access control with transparent proxy
>>>> and without authentification.
>>>>
>>>> squidgard is reloading the ip_src lists using #killall -HUP
>>>> squidGuard command
>>>
>>>
>>>
>>>
>>> I reload squidguard & squid with # squid -k reconfigure to activate
>>> either modified squid.cond or blacklists. I wonder if this causes the
>>> same problems. Nobody has ever complained (so far).
>>
>>
>>
>> I discovered the problem after 1 year in production...
>>
>
> Uh oh... This box (i.e. our first squid featuring squidguard) is in
> production for almost a year now :-)
>
>>> Regards, Hendrik Voigtländer
>>
>>
>>
>> Ok, I haven't tried it yet. Maybe it's the solution.
>> Will try it soon...
>>
> I forgot to mention that our squid is non transparent. No idea if this
> makes a difference.
maybe on the client side ? but i d'ont think that the problem is here
> Did you check the cache.log while reloading? Maybe the redirectors are
> crashing (just a wild guess).
They are not crashing but it simply seems that sending HUP signal to
squidGuard is killing squidguard redirectors, so during the lists
reloading, redirectors are not availiable and squid crash and restart :
Nov 17 22:35:06 proxy squid[25267]: Too few redirector processes are running
Nov 17 22:35:06 proxy squid[25063]: Squid Parent: child process 25267
exited due to signal 6
2004-11-17 22:35:06 [25272] squidGuard stopped (1100727306.777)
Nov 17 22:35:09 proxy squid[25063]: Squid Parent: child process 25300
started
so it is bad to kill squidguard.
squid -k reconfigure seems to do the same, but.....
error : can't read /etc/squid.conf : permission denied
Well.... It crashes here!!!!!! and then really restart, rebuilding its
cache (very long)
/etc/squid.conf belongs to root, so let's change it to :
chown proxy.proxy /etc/squid.conf
And it's OK !!!!!!!!!! downloads are not interrupted anymore with squid
-k reconfigure
so you were right !
the strangest thing is that squid was accepting to start, but not
reloading with /etc/squid.conf root owned...
Thanks a lot
Received on Wed Nov 17 2004 - 15:16:14 MST
This archive was generated by hypermail pre-2.1.9 : Wed Dec 01 2004 - 12:00:01 MST