[squid-users] Squid 3.5.9 RPM are available
Eliezer Croitoru
eliezer at ngtech.co.il
Tue Sep 29 13:59:26 UTC 2015
Hey Veiko,
I am not a SELINUX expert but something might be wrong on your system
settings or permissions.
What OS exactly are you using? What version of CentOS?
I am using CentOS 7 with latest updates and it seems to work fine.
From the information you have supplied it seems that SELINUX either
doesn't like squid accessing the tmpfs ie shm fs or another part of the fs.
After we will have the OS version we can be smarter.
And also in any case you can just simply eliminate SELINUX for a sec and
see how it works.
If it works then maybe there is a need to allow couple things in SELINUX
using audit2allow.
So supply the exact OS and also if possible squid.conf(removing
password, spaces,comments etc)
Eliezer
On 29/09/2015 16:34, Veiko Kukk wrote:
> On 24/09/15 03:00, Eliezer Croitoru wrote:
>> Since it's a security release I will not write an article this time.
>> But I am happy to release the new RPMs for squid cache 3.5.9.
>
> Since there are no new rpm-s in 3.4 branch after 3.4.10, I decided to
> try/upgrade to 3.5.9. Squid does not start, fails with error message:
>
> FATAL: Ipc::Mem::Segment::create failed to
> shm_open(/squid-cf__metadata.shm): (13) Permission denied
>
> Seems that something is wrong with SELinux rules:
>
> type=AVC msg=audit(1443532370.438:1986): avc: denied { write } for
> pid=20771 comm="squid" name="/" dev=tmpfs ino=5734
> scontext=unconfined_u:system_r:squid_t:s0
> tcontext=system_u:object_r:tmpfs_t:s0 tclass=dir
> type=SYSCALL msg=audit(1443532370.438:1986): arch=c000003e syscall=2
> success=no exit=-13 a0=7ffeca42b530 a1=a0042 a2=180 a3=7ffeca42b2b0
> items=0 ppid=20763 pid=20771 auid=502 uid=23 gid=23 euid=23 suid=0
> fsuid=23 egid=23 sgid=23 fsgid=23 tty=pts1 ses=122 comm="squid"
> exe="/usr/sbin/squid" subj=unconfined_u:system_r:squid_t:s0 key=(null)
>
> This was not case with 3.4.10.
>
> Best regards,
> Veiko
>
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
More information about the squid-users
mailing list