Re: [squid-users] Bungled Squid.conf

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Tue, 17 Jul 2012 22:59:32 +1200

On 17/07/2012 7:06 p.m., Carolyn Longfoot wrote:
>>> On 6..4..012 4::0,, Carolyn Longfoot wrote:
>>> Hello,
>>>
>>> I am trying to use squidguard and per the instructions given I have
>>> added
>>> url_rewrite_program /usr/local/bin/squidGuard -c
>>> /usr/local/etc/squid/squidGuard.conf
>>>
>>> to squid.conf and this line is giving the 'bungled' error message on
>>> squid -k check
>>> FATAL: Bungled squid.conf line 600:: url_rewrite_program
>>> /usr/local/bin/squidGuard -c /usr/local/etc/squid/squidGuard.conf
>>> Squid Cache (Version ....STABLE)): Terminated abnormally.
>>>
>>> Some information:
>>> ls -l /usr/local/bin/squidGuard
>>> -rwxr-xr-x squid squid 0590 Feb 5 7::9 /usr/local/bin/squidGuard
>>>
>>> ls -l /usr/local/etc/squid/squidGuard.conf
>>> -rwxr-xr-x squid squid 495 Feb 6 9::3
>>> /usr/local/etc/squid/squidGuard.conf
>> Permissions seem to be okay, but does squidGuard really need the squid
>> user account as its owner?
>>
>> Did you accidentally get any strange characters (tabs, vertical space,
>> carriage return etc) inside the config line?
>>
>> upper/lower case problems on that binary name "squidGuard"? seems a bit
>> strange to have upper case G.
>>
>> Is squid -k check being run with user account "squid:squid" or with
>> your own admin user account? global rx permission means this should not
>> matter, but its worth testing just in case.
>>
>> Is there a SELinux or AppArmour profile preventing squid from accessing
>> the squidGard application or any of the path /usr/local/bin/
>> directories?
> Amos
>
>
> Thanks for all the leads!
>
> I checked permissions up and down, as well as spelling and special chars
> and there is nothing detectable.
>
> squid -k check
> fails regardless of the user, squidGuard works ok if started from the command
> line, so I have to come back to some kind of error in the squid.conf file.
>
> What does 'Bungled squid.conf line' really mean? Is that only a syntax
> check or
> is the rewriter actually executed and tested for results? The text
> itself is ok,
> I can copy/paste it to the command line and it launches squidGuard without
> problems.

Bungled with a line number means syntax parser for the config file read
something unexpected. The recent releases try to place a FATAL or ERROR
message ahead of Bungled which explains what part of the line Squid was
processing and how it failed, but YMMV in accordance with our progress
updating the parser.

Bungled with line 0 or a line number greater than the length of yoru
config file indicates the helper stat() check to see if it exists has
failed. But IIRC that is one of the checks with a useful error message
attached.

>
> The nice folks at the squidGuard mailing list have not been able to
> shed light
> on this so far, so I'm trying again here.

It's *probably* not SG directly since it runs fine on the command line.
At worst it might be the permissions Squid runs it under, but you
checked those.

I've recently been notified of a bug where some releases built on Linux
were not dropping the user account down from root. So check SG runs
properly under both root and the squid:squid user account before
eliminating that.

The other things really is character set in the config file. tabs or
spaces should not matter, but the UTF-8 non-ASCII whitespace characters
vs ASCII ones do matter.

Amos
Received on Tue Jul 17 2012 - 10:59:50 MDT

This archive was generated by hypermail 2.2.0 : Tue Jul 17 2012 - 12:00:02 MDT