Re: [squid-users] Segfault on squid 3.1.X on Ubuntu 12.04 with external_acl_type

Em 13-09-2012 17:19, Eliezer Croitoru escreveu:
> On 9/13/2012 10:28 PM, Marcio Merlone wrote:
>>> We can try to help you figure out some basics and to move on from
>>> there.
>>> What exactly do you need? LDAP or PAM?
>> See above. PAM is required for auth, LDAP is not needed if
>> squid_unix_group works - pam_ldap is working fine for users and auth.
>> Complied latest source squid-3.2.1.tar.gz as per Ubuntu docs like this:
>>
>> ./configure --prefix=/usr \
>> --localstatedir=/var \
>> --libexecdir=/usr/lib/squid3 \
>> --srcdir=. \
>> --datadir=/usr/share/squid3 \
>> --sysconfdir=/etc/squid3 \
>> --disable-ipv6 \
>> --enable-auth-basic="PAM"
>>
>> make all && make install
> just notice that nothing is forcing you to use specific directory for
> squid and you can use two different compiled squid both at the same
> time in different locations.
> I like to use /opt/ and use only prefix which gives me an easy to use
> and if needed chroot the process.
Good choice. I am trying to keep as close as possible to distro's stock
paths though.

> I have been using:
> '--prefix=/opt/squid3120a' '--enable-delay-pools'
> '--enable-icap-client' '--enable-ssl' '--enable-linux-netfilter'
> '--disable-translation' '--disable-auto-locale'
> '--with-default-user=proxy' '--with-large-files' '--with-dl'
> '--enable-esi' '--disable-ipv6'
I did:

./configure --prefix=/usr \
   --localstatedir=/var \
   --libexecdir=/usr/lib/squid3 \
   --srcdir=. \
   --datadir=/usr/share/squid3 \
   --sysconfdir=/etc/squid3 \
   --disable-ipv6 \
   --with-default-user=proxy \
   --enable-external-acl-helpers \
   --with-large-files \
   --with-dl \
   --enable-auth-basic="PAM"

> which is kind of basic for my needs.
> I wrote a start\stop\pasre\reload\restart init.d script by myself to
> this specific system.
I got a copy from an older server and adjusted.

> What I can say that if you are not bound to PAM\unix by default dont
> use it yet.
> There are better choices that can fit your needs.
> If it's only for the proxy you can use other DB that will make it more
> easy for squid helper to work with.
> Other options are mysql\sqlite\nosql.
The server will run other services which will need pam, so for the sake
of simplicity I'll stick with pam.

At the end I got it working as needed, but I consider this solution
(compiling) as a workaround, since I prefer to stick with pre-build
packages so I can stay a lazy admin. The ideal solution would be to
debug and fix the segmentation fault with the distro package, will turn
to their bugzilla to see what happens.

Thanks a lot for your time, best regards.

-- 
*Marcio Merlone*