Re: [squid-users] Suggested init.d startup script.

Yes we always disable selinux or at least change to the non-blocking
permissive mode until server is ready for development.

Mike

On 6/26/2014 12:57 AM, Eliezer Croitoru wrote:
> Can you verify if SELINUX is enabled\enforced?
> If so change it to disabled as a basic test to the ssl_crtd issue.
>
> Eliezer
>
> On 06/26/2014 07:37 AM, Mike wrote:
>> I am looking for suggestions on a newer or slightly altered startup
>> script for use with squid 3.4.5 and CentOS based system (Scientific
>> Linux 6.5).
>>
>> The issue is after a system reboot, during startup the ssl_crtd helpers
>> are crashing causing squid to not load on startup. Yet we can do a
>> "service squid start" immediately after it stops, and it starts and
>> works fine until the next reboot. I suspect there is something needed in
>> the script to avert this issue since it is a newer squid. I tried the
>> one that came with the 3.4.5 (squid.rc) but it is not functioning
>> properly on this system.
>> We have tried a delay script of up to 2 minutes and that is not helping,
>> any initial statup still has the same problem.
>>
>> This is a remote server and we need it to work on startup without
>> needing to do extra time via SSH after it reboots to start it up every
>> time, especially once we roll this out to the 5 other servers. I've
>> checked the squid.out, cache.log and other squid and system related logs
>> and none of them give us any idea of why it is doing that only at
>> startup.
>>
>> 12 seconds after initial startup attempt and multiple ssl_crtd helper
>> crashes:
>> Jun 25 23:25:47 i3540 (squid-1): The ssl_crtd helpers are crashing too
>> rapidly, need help!
>> Jun 25 23:25:47 i3540 squid[1674]: Squid Parent: (squid-1) process 1762
>> exited with status 1
>> Jun 25 23:25:47 i3540 squid[1674]: Squid Parent: (squid-1) process 1762
>> will not be restarted due to repeated, frequent failures
>> Jun 25 23:25:47 i3540 squid[1674]: Exiting due to repeated, frequent
>> failures
>>
>> Then after we do a "service squid start":
>> Jun 25 23:26:24 i3540 squid[1810]: Squid Parent: will start 1 kids
>> Jun 25 23:26:25 i3540 squid[1810]: Squid Parent: (squid-1) process 1812
>> started
>>
>> and no more crashes.
>>
>> I have tried at least 3 or 4 versions online and none of them work.
>> Either they do not work properly with "service squid start" or there are
>> other issues.
>>
>> My current squid init script which was borrowed from a previous version
>> (3.1.10). again, everything works except the ssl_crtd crashing ONLY on
>> startup after a reboot:
>>
>> =====
>>
>> #!/bin/bash
>> # chkconfig: - 90 25
>> # pidfile: /var/run/squid.pid
>> # config: /etc/squid/squid.conf
>> #
>> ### BEGIN INIT INFO
>> # Provides: squid
>> # Short-Description: starting and stopping Squid Internet Object Cache
>> # Description: Squid - Internet Object Cache. Internet object caching
>> is \
>> # a way to store requested Internet objects (i.e., data
>> available \
>> # via the HTTP, FTP, and gopher protocols) on a system closer to
>> the \
>> # requesting site than to the source. Web browsers can then use
>> the \
>> # local Squid cache as a proxy HTTP server, reducing access
>> time as \
>> # well as bandwidth consumption.
>> ### END INIT INFO
>>
>>
>> PATH=/usr/bin:/sbin:/bin:/usr/sbin
>> export PATH
>>
>> # Source function library.
>> . /etc/rc.d/init.d/functions
>>
>> # Source networking configuration.
>> . /etc/sysconfig/network
>>
>> if [ -f /etc/sysconfig/squid ]; then
>> . /etc/sysconfig/squid
>> fi
>>
>> # don't raise an error if the config file is incomplete
>> # set defaults instead:
>> SQUID_OPTS=${SQUID_OPTS:-""}
>> SQUID_PIDFILE_TIMEOUT=${SQUID_PIDFILE_TIMEOUT:-20}
>> SQUID_SHUTDOWN_TIMEOUT=${SQUID_SHUTDOWN_TIMEOUT:-60}
>> SQUID_CONF=${SQUID_CONF:-"/etc/squid/squid.conf"}
>> SQUID_PIDFILE_DIR="/var/run/squid"
>> SQUID_USER="squid"
>> SQUID_DIR="squid"
>>
>> # determine the name of the squid binary
>> [ -f /usr/sbin/squid ] && SQUID=squid
>>
>> prog="$SQUID"
>>
>> # determine which one is the cache_swap directory
>> CACHE_SWAP=`sed -e 's/#.*//g' $SQUID_CONF | \
>> grep cache_dir | awk '{ print $3 }'`
>>
>> RETVAL=0
>>
>> probe() {
>> # Check that networking is up.
>> [ ${NETWORKING} = "no" ] && exit 1
>>
>> [ `id -u` -ne 0 ] && exit 4
>>
>> # check if the squid conf file is present
>> [ -f $SQUID_CONF ] || exit 6
>> }
>>
>> start() {
>> # echo "1 minute startup delay - to give ssl_crtd time to restart
>> properly"
>> # sleep 60
>> # Check if $SQUID_PIDFILE_DIR exists and if not, lets create it
>> and give squid permissions.
>> if [ ! -d $SQUID_PIDFILE_DIR ] ; then mkdir $SQUID_PIDFILE_DIR
>> ; chown -R $SQUID_USER.$SQUID_DIR $SQUID_PIDFILE_DIR; fi
>> probe
>>
>> parse=`$SQUID -k parse -f $SQUID_CONF 2>&1`
>> RETVAL=$?
>> if [ $RETVAL -ne 0 ]; then
>> echo -n $"Starting $prog: "
>> echo_failure
>> echo
>> echo "$parse"
>> return 1
>> fi
>> for adir in $CACHE_SWAP; do
>> if [ ! -d $adir/00 ]; then
>> echo -n "init_cache_dir $adir... "
>> $SQUID -z -F -f $SQUID_CONF >>
>> /var/log/squid/squid.out 2>&1
>> fi
>> done
>> echo -n $"Starting $prog: "
>> $SQUID $SQUID_OPTS -f $SQUID_CONF >>
>> /var/log/squid/squid.out 2>&1
>> RETVAL=$?
>> if [ $RETVAL -eq 0 ]; then
>> timeout=10;
>> while : ; do
>> [ ! -f /var/run/squid.pid ] || break
>> if [ $timeout -ge $SQUID_PIDFILE_TIMEOUT ];
>> then
>> RETVAL=1
>> break
>> fi
>> sleep 10 && echo -n "."
>> timeout=$((timeout+1))
>> done
>> fi
>> [ $RETVAL -eq 0 ] && touch /var/lock/subsys/$SQUID
>> [ $RETVAL -eq 0 ] && echo_success
>> [ $RETVAL -ne 0 ] && echo_failure
>> echo
>> return $RETVAL
>> }
>>
>> stop() {
>> echo -n $"Stopping $prog: "
>> $SQUID -k check -f $SQUID_CONF >> /var/log/squid/squid.out 2>&1
>> RETVAL=$?
>> if [ $RETVAL -eq 0 ] ; then
>> $SQUID -k shutdown -f $SQUID_CONF &
>> rm -f /var/lock/subsys/$SQUID
>> timeout=0
>> while : ; do
>> [ -f /var/run/squid.pid ] || break
>> if [ $timeout -ge $SQUID_SHUTDOWN_TIMEOUT ];
>> then
>> echo
>> return 1
>> fi
>> sleep 2 && echo -n "."
>> timeout=$((timeout+2))
>> done
>> echo_success
>> echo
>> else
>> echo_failure
>> if [ ! -e /var/lock/subsys/$SQUID ]; then
>> RETVAL=0
>> fi
>> echo
>> fi
>> rm -rf $SQUID_PIDFILE_DIR/*
>> return $RETVAL
>> }
>>
>> reload() {
>> $SQUID $SQUID_OPTS -k reconfigure -f $SQUID_CONF
>> }
>>
>> restart() {
>> stop
>> rm -rf $SQUID_PIDFILE_DIR/*
>> start
>> }
>>
>> condrestart() {
>> [ -e /var/lock/subsys/squid ] && restart || :
>> }
>>
>> rhstatus() {
>> status $SQUID && $SQUID -k check -f $SQUID_CONF
>> }
>>
>>
>> case "$1" in
>> start)
>> start
>> ;;
>>
>> stop)
>> stop
>> ;;
>>
>> reload|force-reload)
>> reload
>> ;;
>>
>> restart)
>> restart
>> ;;
>>
>> condrestart|try-restart)
>> condrestart
>> ;;
>>
>> status)
>> rhstatus
>> ;;
>>
>> probe)
>> probe
>> ;;
>>
>> *)
>> echo $"Usage: $0
>> {start|stop|status|reload|force-reload|restart|try-restart|probe}"
>> exit 2
>> esac
>>
>> exit $?
>>
>> =====
>>
>>
>> Any help on this would be appreciated
>>
>>
>> Mike
>>
>
Received on Thu Jun 26 2014 - 14:17:04 MDT