Good day
I hope there’s an Advanced Squid and squidGuard user/administrator somewhere on this forum :’(
I’m running openSuse 10.3, Squid 2.6 STABLE14 and squidGuard 1.3 and the db in use is a scaled down version of the “shallalist.tar.gz”
All traffic is just passed through and none of the Group filters and Blocks work
Two errors/problems I can see: 1) the squidGuard.log shows a “syntax error in configfile /etc/squidGuard.conf line 50” after all the dbfiles were loaded. This then causes I gather the Emergency Mode that squidGuard is running in.
Checking the squidGuard.conf file on line 50 shows only acl {
A google solution suggested that it could be due to access rights to the DBs…
I have checked that all the db files are compiled after edits by running this cmd: /usr/sbin/squidGuard -c /etc/squidGuard.conf -C all
This took forever and never came to the point where it returned back to the shell prompt, so after about two hours I pressed Ctrl+C
The db files are there with current dates
After this I did a chown squid.root *.db and then a squid -k reconfigure as per said Google suggestions
A complete restart of the server was done as well.
Now though I get a Msg that the /etc/squidGuard.conf can’t be opened and still the ‘going into emergency mode’ msg
I did also check in the /etc/squid/squid.conf file and found that the cache_effective_user is … squid , and then passing a chown squid.squid /etc/squidGuard.conf returns that squid.squid : invalid user
I’m at wit’s end…
So in summary: How do I get squidGuard to open it’s own squidGuard.conf file again? The only user on this setup is the root
How do I trace what’s causing it exactly to start in emergency mode?
First of all, the correct syntax for user:group spec is now:
chown user:group ...
Colon instead of period separates the user from group. This is the POSIX standard so get used to typing user:group. Old Linux systems may let you get away with user.group.
Secondly check that squidguard isn’t running as some other user, perhaps squidguard? IIRC squidguard is a separate process. In that case the file should be readable by squidguard, not squid.
Fix the permission and ownership problem of /etc/squidGuard.conf first, then go back and fix up the syntax error. Perhaps there really was something wrong with that line or it’s a feature that’s not supported in your version of squidguard.
thank you for the speedy reply… I tried using chown squid:squid /etc/squidGuard.conf as well as root:squid and both returned Invalid Group. Passing squid:root does not give any errors but the log again shows it’s not able to open the .conf
Squid is running as user squid. How do I change the process to run as root (if that is what’s supposed to happen?) ? I stopped squid and tried starting it by: sudo -u root squid , but it’s still running as squid
Thanx in advance
P.S. I just rechecked the Log and it’s no longer returning the error that squidGuard.conf can’t be opened, so now I have to add that the Error was generated the moment I typed >>squidGuard in the shell… maybe it’s cause it was already ‘locked’ by a currently running process. My next question will then be, if ACL is maybe not supported by squidGuard 1.3, and my Suse Jedi master is leaving me to the Wolves to figure this out on my own, is there a safe and “easy” way of upgrading to v1.4, safe as in all current Config files will still be intact?
It’s not impossible that squidGuard.conf has a syntax error, either as supplied or introduced by an edit of yours. Perhaps even something as simple as a missing semicolon on the line above. Why not have a look at the lines around 50, or paste them here so that we can see what the problem might be.
It turns out it’s the famous old thing of, It’s not the line number mentioned, but the one before… I was missing a } brace on the previous line.
Thank you much :messed:
May I ask a next question hoping someone could answer? If I type
>> squidGuard -C p2p/domains it doesn’t indicate that it’s working or doing anything, even a short list of domains does not compile into db and then return back to the prompt. Any ideas please?