[squid-users] Need assistance debugging Squid error: ssl_ctrd helpers crashing too quickly
Yuri
yvoinov at gmail.com
Mon Sep 11 18:33:26 UTC 2017
Most probably you squid runs as another user than squid.
Check your squid.conf for cache_effective_user and cache_effective_group
values.
Then change SSL cache permissions to this values. Should work.
12.09.2017 0:30, Rohit Sodhia пишет:
> Thanks for the feedback! I just used yum (it's a CentOS 7 VB) and it
> set it up like that. I changed the owner and group to squid:squid and
> tried restarting squid, but still get the same errors. I thought to
> run the command again, but this time it says
>
> /usr/lib64/squid/ssl_crtd: Cannot create /var/lib/ssl_db
>
> If this folder has incorrect permissions are there possibly other
> permission issues?
>
> On Mon, Sep 11, 2017 at 2:25 PM, Yuri <yvoinov at gmail.com
> <mailto:yvoinov at gmail.com>> wrote:
>
> Here you root of problem.
>
> Should be (on my setups):
>
> # ls -al /var/lib/ssl_db
> total 326
> drwxr-xr-x 3 squid squid 5 Sep 5 00:53 .
> drwxr-xr-x 8 root other 8 Sep 5 00:53 ..
> drwxr-xr-x 2 squid squid 454 Sep 11 23:37 certs
> -rw-r--r-- 1 squid squid 280575 Sep 11 23:37 index.txt
> -rw-r--r-- 1 squid squid 7 Sep 11 23:37 size
>
> I.e. Squid has no access to SSL cache dir structures.
>
>
> 12.09.2017 0:23, Rohit Sodhia пишет:
>> total 8
>> drwxr-xr-x. 3 root root 48 Sep 11 12:42 .
>> drwxr-xr-x. 32 root root 4096 Sep 11 12:42 ..
>> drwxr-xr-x. 2 root root 6 Sep 11 12:42 certs
>> -rw-r--r--. 1 root root 0 Sep 11 12:42 index.txt
>> -rw-r--r--. 1 root root 1 Sep 11 12:42 size
>>
>>
>> On Mon, Sep 11, 2017 at 2:22 PM, Yuri <yvoinov at gmail.com
>> <mailto:yvoinov at gmail.com>> wrote:
>>
>> Show output of
>>
>> ls -al /var/lib/ssl_db
>>
>>
>> 12.09.2017 0:21, Rohit Sodhia пишет:
>>> Yes, but telling me it's crashing unfortunately doesn't help
>>> me figure out why or how to fix it. I've run the command it
>>> suggests but it doesn't help. I'm unfortunately not an ops
>>> guy familiar with this kind of stuff; I don't see anything
>>> on how to figure out what to do about it.
>>>
>>> On Mon, Sep 11, 2017 at 2:17 PM, Yuri <yvoinov at gmail.com
>>> <mailto:yvoinov at gmail.com>> wrote:
>>>
>>> It tells you what's happens.
>>>
>>>
>>> 11.09.2017 23:50, Rohit Sodhia пишет:
>>> > (ssl_crtd): Uninitialized SSL certificate database
>>> directory:
>>> > /var/lib/ssl_db. To initialize, run "ssl_crtd -c -s
>>> /var/lib/ssl_db".
>>>
>>>
>>>
>>> _______________________________________________
>>> squid-users mailing list
>>> squid-users at lists.squid-cache.org
>>> <mailto:squid-users at lists.squid-cache.org>
>>> http://lists.squid-cache.org/listinfo/squid-users
>>> <http://lists.squid-cache.org/listinfo/squid-users>
>>>
>>>
>>
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20170912/7d98c51a/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20170912/7d98c51a/attachment-0001.sig>
More information about the squid-users
mailing list