Re: [squid-users] Suggested init.d startup script.

Can you verify if SELINUX is enabled\enforced?
If so change it to disabled as a basic test to the ssl_crtd issue.

Eliezer

On 06/26/2014 07:37 AM, Mike wrote:
> I am looking for suggestions on a newer or slightly altered startup
> script for use with squid 3.4.5 and CentOS based system (Scientific
> Linux 6.5).
>
> The issue is after a system reboot, during startup the ssl_crtd helpers
> are crashing causing squid to not load on startup. Yet we can do a
> "service squid start" immediately after it stops, and it starts and
> works fine until the next reboot. I suspect there is something needed in
> the script to avert this issue since it is a newer squid. I tried the
> one that came with the 3.4.5 (squid.rc) but it is not functioning
> properly on this system.
> We have tried a delay script of up to 2 minutes and that is not helping,
> any initial statup still has the same problem.
>
> This is a remote server and we need it to work on startup without
> needing to do extra time via SSH after it reboots to start it up every
> time, especially once we roll this out to the 5 other servers. I've
> checked the squid.out, cache.log and other squid and system related logs
> and none of them give us any idea of why it is doing that only at startup.
>
> 12 seconds after initial startup attempt and multiple ssl_crtd helper
> crashes:
> Jun 25 23:25:47 i3540 (squid-1): The ssl_crtd helpers are crashing too
> rapidly, need help!
> Jun 25 23:25:47 i3540 squid[1674]: Squid Parent: (squid-1) process 1762
> exited with status 1
> Jun 25 23:25:47 i3540 squid[1674]: Squid Parent: (squid-1) process 1762
> will not be restarted due to repeated, frequent failures
> Jun 25 23:25:47 i3540 squid[1674]: Exiting due to repeated, frequent
> failures
>
> Then after we do a "service squid start":
> Jun 25 23:26:24 i3540 squid[1810]: Squid Parent: will start 1 kids
> Jun 25 23:26:25 i3540 squid[1810]: Squid Parent: (squid-1) process 1812
> started
>
> and no more crashes.
>
> I have tried at least 3 or 4 versions online and none of them work.
> Either they do not work properly with "service squid start" or there are
> other issues.
>
> My current squid init script which was borrowed from a previous version
> (3.1.10). again, everything works except the ssl_crtd crashing ONLY on
> startup after a reboot:
>
> =====
>
> #!/bin/bash
> # chkconfig: - 90 25
> # pidfile: /var/run/squid.pid
> # config: /etc/squid/squid.conf
> #
> ### BEGIN INIT INFO
> # Provides: squid
> # Short-Description: starting and stopping Squid Internet Object Cache
> # Description: Squid - Internet Object Cache. Internet object caching is \
> # a way to store requested Internet objects (i.e., data available \
> # via the HTTP, FTP, and gopher protocols) on a system closer to
> the \
> # requesting site than to the source. Web browsers can then use the \
> # local Squid cache as a proxy HTTP server, reducing access time as \
> # well as bandwidth consumption.
> ### END INIT INFO
>
>
> PATH=/usr/bin:/sbin:/bin:/usr/sbin
> export PATH
>
> # Source function library.
> . /etc/rc.d/init.d/functions
>
> # Source networking configuration.
> . /etc/sysconfig/network
>
> if [ -f /etc/sysconfig/squid ]; then
> . /etc/sysconfig/squid
> fi
>
> # don't raise an error if the config file is incomplete
> # set defaults instead:
> SQUID_OPTS=${SQUID_OPTS:-""}
> SQUID_PIDFILE_TIMEOUT=${SQUID_PIDFILE_TIMEOUT:-20}
> SQUID_SHUTDOWN_TIMEOUT=${SQUID_SHUTDOWN_TIMEOUT:-60}
> SQUID_CONF=${SQUID_CONF:-"/etc/squid/squid.conf"}
> SQUID_PIDFILE_DIR="/var/run/squid"
> SQUID_USER="squid"
> SQUID_DIR="squid"
>
> # determine the name of the squid binary
> [ -f /usr/sbin/squid ] && SQUID=squid
>
> prog="$SQUID"
>
> # determine which one is the cache_swap directory
> CACHE_SWAP=`sed -e 's/#.*//g' $SQUID_CONF | \
> grep cache_dir | awk '{ print $3 }'`
>
> RETVAL=0
>
> probe() {
> # Check that networking is up.
> [ ${NETWORKING} = "no" ] && exit 1
>
> [ `id -u` -ne 0 ] && exit 4
>
> # check if the squid conf file is present
> [ -f $SQUID_CONF ] || exit 6
> }
>
> start() {
> # echo "1 minute startup delay - to give ssl_crtd time to restart
> properly"
> # sleep 60
> # Check if $SQUID_PIDFILE_DIR exists and if not, lets create it
> and give squid permissions.
> if [ ! -d $SQUID_PIDFILE_DIR ] ; then mkdir $SQUID_PIDFILE_DIR
> ; chown -R $SQUID_USER.$SQUID_DIR $SQUID_PIDFILE_DIR; fi
> probe
>
> parse=`$SQUID -k parse -f $SQUID_CONF 2>&1`
> RETVAL=$?
> if [ $RETVAL -ne 0 ]; then
> echo -n $"Starting $prog: "
> echo_failure
> echo
> echo "$parse"
> return 1
> fi
> for adir in $CACHE_SWAP; do
> if [ ! -d $adir/00 ]; then
> echo -n "init_cache_dir $adir... "
> $SQUID -z -F -f $SQUID_CONF >>
> /var/log/squid/squid.out 2>&1
> fi
> done
> echo -n $"Starting $prog: "
> $SQUID $SQUID_OPTS -f $SQUID_CONF >> /var/log/squid/squid.out 2>&1
> RETVAL=$?
> if [ $RETVAL -eq 0 ]; then
> timeout=10;
> while : ; do
> [ ! -f /var/run/squid.pid ] || break
> if [ $timeout -ge $SQUID_PIDFILE_TIMEOUT ]; then
> RETVAL=1
> break
> fi
> sleep 10 && echo -n "."
> timeout=$((timeout+1))
> done
> fi
> [ $RETVAL -eq 0 ] && touch /var/lock/subsys/$SQUID
> [ $RETVAL -eq 0 ] && echo_success
> [ $RETVAL -ne 0 ] && echo_failure
> echo
> return $RETVAL
> }
>
> stop() {
> echo -n $"Stopping $prog: "
> $SQUID -k check -f $SQUID_CONF >> /var/log/squid/squid.out 2>&1
> RETVAL=$?
> if [ $RETVAL -eq 0 ] ; then
> $SQUID -k shutdown -f $SQUID_CONF &
> rm -f /var/lock/subsys/$SQUID
> timeout=0
> while : ; do
> [ -f /var/run/squid.pid ] || break
> if [ $timeout -ge $SQUID_SHUTDOWN_TIMEOUT ]; then
> echo
> return 1
> fi
> sleep 2 && echo -n "."
> timeout=$((timeout+2))
> done
> echo_success
> echo
> else
> echo_failure
> if [ ! -e /var/lock/subsys/$SQUID ]; then
> RETVAL=0
> fi
> echo
> fi
> rm -rf $SQUID_PIDFILE_DIR/*
> return $RETVAL
> }
>
> reload() {
> $SQUID $SQUID_OPTS -k reconfigure -f $SQUID_CONF
> }
>
> restart() {
> stop
> rm -rf $SQUID_PIDFILE_DIR/*
> start
> }
>
> condrestart() {
> [ -e /var/lock/subsys/squid ] && restart || :
> }
>
> rhstatus() {
> status $SQUID && $SQUID -k check -f $SQUID_CONF
> }
>
>
> case "$1" in
> start)
> start
> ;;
>
> stop)
> stop
> ;;
>
> reload|force-reload)
> reload
> ;;
>
> restart)
> restart
> ;;
>
> condrestart|try-restart)
> condrestart
> ;;
>
> status)
> rhstatus
> ;;
>
> probe)
> probe
> ;;
>
> *)
> echo $"Usage: $0
> {start|stop|status|reload|force-reload|restart|try-restart|probe}"
> exit 2
> esac
>
> exit $?
>
> =====
>
>
> Any help on this would be appreciated
>
>
> Mike
>
Received on Thu Jun 26 2014 - 05:59:25 MDT