Re: [squid-users] Fwd: squid-3.2.0.6 - make issue on OpenBSD 4.8 - 64 bit from Amos Jeffries on 2011-04-08 (squid-users)

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Fri, 08 Apr 2011 20:23:58 +1200

On 08/04/11 19:13, Indunil Jayasooriya wrote:
>>
>> The problem is that netinet/in.h must be included before arpa/inet.h in
>> include/util.h (at least for 3.1.11). Just add
>> #include<netinet/in.h> before the #include<arpa/inet.h> line in this
>> file. At least that fixed the same problem with Squid 3.1.11 on OpenBSD 4.9.
>
> Thanks for your help. Sorry for the delay in replying.
>
> As said, I added the below 2 lines to include/util.h file
>
> #include<netinet/in.h>
> #include<arpa/inet.h>

Thank you. This is being tracked in
http://bugs.squid-cache.org/show_bug.cgi?id=3185

Can you test the patch I've added there please?

> I added below line to squid.conf file
>
>
> http_port 3129 intercept
>
> cache_mem 256 MB
>
> cache_effective_user _squid

Can be replaced by a configure option:
--with-default-user=_squid

> cache_effective_group _squid

Remove cache_effective_group.
Assign user _squid to group _squid instead (must be done anyways).

>
> # Define the access log format
> logformat squid %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %un %Sh/%<A %mt
>

3.2 should be complaining about that alteration to the default ... is it?

> # Log client request activities ('squid' is the name of the log format to use)
> access_log /var/squid/logs/access.log squid
>
> # Log information about the cache's behavior
> cache_log /var/squid/logs/cache.log
>
> # Log the activities of the storage manager
> cache_store_log /var/squid/logs/store.log
>
>
> We can access with squid. But , I get the below error
>
>
> # tail -f /var/squid/logs/cache.log
> 2011/04/08 18:07:26 kid1| Intercept.cc(305) PfInterception: PF open
> failed: (13) Permission denied
> 2011/04/08 18:07:35 kid1| Intercept.cc(305) PfInterception: PF open
> failed: (13) Permission denied
> 2011/04/08 18:07:35 kid1| Intercept.cc(305) PfInterception: PF open
> failed: (13) Permission denied
>
>
> any idea? shall we solve ?
>
> permision of /dev/pf
>
> crw------- 1 root wheel 73, 0 Apr 1 19:30 /dev/pf
>

Is wheel the usual group for /dev/pf?
I would expect some other less privileged group has read access to
/dev/pf. You then add the _squid user as a member of that low-privilege
group.

Amos

-- 
Please be using
   Current Stable Squid 2.7.STABLE9 or 3.1.12
   Beta testers wanted for 3.2.0.6

Received on Fri Apr 08 2011 - 08:24:04 MDT

This archive was generated by hypermail 2.2.0 : Fri Apr 08 2011 - 12:00:03 MDT