[squid-users] HTTPS woes
Amos Jeffries
squid3 at treenet.co.nz
Wed Apr 19 16:52:46 UTC 2017
On 20/04/17 04:30, Olly Lennox wrote:
> Sorry it's back,
>
>
> I've narrowed down the problem, hopefully someone can help. When Squid starts it creates the directory /var/run/squid as user proxy:proxy.
>
> If I remove this or leave it as is then the application won't launch on subsequent reboots.
>
> If I chown the directory as root:root then the application will launch on boot but proxy:proxy takes back ownership and it won't launch again on subsequent reboots.
>
> I'm guessing this is something to do with the running processes, does anyone know what's going wrong?
>
/var/run/squid/* is where the FHS standard requires Squid's run-time
dynamic data to be stored. The exception on some systems is the PID file
- though it should really be in there too. The Squid init script on
Debian is enforcing that.
If you have SELinux on the system it may be breaking access to HTTPS
related things since the OpenSSL features are not part of Debian
normally. For example, after initializing the ssl_db directory and
ensuring it has the correct permissions you may need to run 'restorecon
-R' on it.
Amos
More information about the squid-users
mailing list