RE: [squid-users] Squid with SquidGuard

From: Brian Phillips <brian.phillips@dont-contact.us>
Date: Mon, 16 Jan 2006 14:54:48 -0700

> [root@localhost mark]# su - squid
> This account is currently not available.
> [root@localhost mark]#
> Hmmm... *Should* that work?

Kind of. It shouldn't work because the system has not given a shell to the
user 'squid' (protecting the system against possible security risks.) It
should work because "squid" will be used later to run "squidGuard".

I start squid in a similar fashion and this is what 'ps -ef' shows us:

root 1996 1 0 14:14 ? 00:00:00 /usr/sbin/squid -D -sYC
proxy 1998 1996 0 14:14 ? 00:00:00 (squid) -D -sYC
proxy 2008 1998 0 14:14 ? 00:00:00 (squidGuard) -c
/etc/squid/squid
proxy 2009 1998 0 14:14 ? 00:00:00 (squidGuard) -c
/etc/squid/squid
proxy 2010 1998 0 14:14 ? 00:00:00 (squidGuard) -c
/etc/squid/squid

You can see that squid runs as root, but then the parent process is ran as
"proxy" (the same user as "squid" on your machine). This same "proxy" user
runs squidGuard. (side note: I can 'su - proxy' and get a prompt on my
machine. )

That could be why your machine is not allowing squidGuard to start. A way
for you to find out would be to give a shell to "squid" and then try and log
in again as squid. If you get a prompt such as [squid@localhost ~]$ then
you know "squid" has a shell, and you should go back to root user and run
your 'service squid start' and see if that removes the error from cache.log.
If not, restore your /etc/passwd file to what it was before this test and
we'll keep looking for why squidGuard starts with errors.

brian
Received on Mon Jan 16 2006 - 14:54:59 MST

This archive was generated by hypermail pre-2.1.9 : Wed Feb 01 2006 - 12:00:01 MST