Package: squid3 Version: 3.3.4-1 Severity: normal Dear Maintainer,
When using more than one worker process ("workers 2" in squid.conf) squid wants to create some sockets in /var/run/squid: $ ls -l /var/run/squid total 0 srwxr-x--- 1 proxy proxy 0 May 28 13:00 coordinator.ipc srwxr-x--- 1 proxy proxy 0 May 28 13:00 kid-1.ipc srwxr-x--- 1 proxy proxy 0 May 28 13:00 kid-2.ipc If this directory does not exist squid starts, but fails to listen on any of the defined http_port: 2013/05/28 11:40:33 kid2| commBind: Cannot bind socket FD 15 to [::]: (2) No such file or directory As now /var/run is a symlink to /run, which is a tmpfs, we need to recreate this directory before starting squid. I propose something like the following in /etc/init.d/squid3: --- /etc/init.d/squid3~ 2013-05-14 17:46:35.000000000 +0200 +++ /etc/init.d/squid3 2013-05-28 12:07:03.287783823 +0200 @@ -58,6 +58,9 @@ cache_dir=`find_cache_dir cache_dir` cache_type=`find_cache_type cache_dir` + mkdir -p /var/run/squid + chown proxy /var/run/squid + # # Create spool dirs if they don't exist. # Greetings Haegar -- System Information: Debian Release: 7.0 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.32-sdinet155-hetzner (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages squid3 depends on: ii adduser 3.113+nmu3 ii libbsd0 0.4.2-1 ii libc6 2.13-38 ii libcap2 1:2.22-1.2 ii libcomerr2 1.42.5-1.1 ii libdb5.1 5.1.29-5 ii libecap2 0.2.0-1 ii libexpat1 2.1.0-1 ii libgcc1 1:4.7.2-5 ii libgssapi-krb5-2 1.10.1+dfsg-5 ii libk5crypto3 1.10.1+dfsg-5 ii libkrb5-3 1.10.1+dfsg-5 ii libldap-2.4-2 2.4.31-1+nmu2 ii libltdl7 2.4.2-1.1 ii libnetfilter-conntrack3 1.0.3-1 ii libpam0g 1.1.3-7.1 ii libsasl2-2 2.1.25.dfsg1-6 ii libstdc++6 4.7.2-5 ii libxml2 2.8.0+dfsg1-7+nmu1 ii logrotate 3.8.1-4 ii lsb-base 4.1+Debian8 ii netbase 5.0 ii squid3-common 3.3.4-1 squid3 recommends no packages. Versions of packages squid3 suggests: pn resolvconf <none> pn smbclient <none> pn squid-cgi <none> pn squid-purge <none> pn squidclient <none> pn ufw <none> pn winbindd <none> -- Configuration Files: /etc/init.d/squid3 changed: NAME=squid3 DESC="Squid HTTP Proxy 3.x" DAEMON=/usr/sbin/squid3 PIDFILE=/var/run/$NAME.pid CONFIG=/etc/squid3/squid.conf SQUID_ARGS="-YC -f $CONFIG" [ ! -f /etc/default/squid3 ] || . /etc/default/squid3 . /lib/lsb/init-functions PATH=/bin:/usr/bin:/sbin:/usr/sbin [ -x $DAEMON ] || exit 0 ulimit -n 65535 find_cache_dir () { w=" " # space tab res=`sed -ne ' s/^'$1'['"$w"']\+[^'"$w"']\+['"$w"']\+\([^'"$w"']\+\).*$/\1/p; t end; d; :end q' < $CONFIG` [ -n "$res" ] || res=$2 echo "$res" } find_cache_type () { w=" " # space tab res=`sed -ne ' s/^'$1'['"$w"']\+\([^'"$w"']\+\).*$/\1/p; t end; d; :end q' < $CONFIG` [ -n "$res" ] || res=$2 echo "$res" } start () { cache_dir=`find_cache_dir cache_dir` cache_type=`find_cache_type cache_dir` mkdir -p /var/run/squid chown proxy /var/run/squid # # Create spool dirs if they don't exist. # if [ "$cache_type" = "coss" -a -d "$cache_dir" -a ! -f "$cache_dir/stripe" ] || [ "$cache_type" != "coss" -a -d "$cache_dir" -a ! -d "$cache_dir/00" ] then log_warning_msg "Creating $DESC cache structure" $DAEMON -z -f $CONFIG fi umask 027 ulimit -n 65535 cd $cache_dir start-stop-daemon --quiet --start \ --pidfile $PIDFILE \ --exec $DAEMON -- $SQUID_ARGS < /dev/null return $? } stop () { PID=`cat $PIDFILE 2>/dev/null` start-stop-daemon --stop --quiet --pidfile $PIDFILE --exec $DAEMON # # Now we have to wait until squid has _really_ stopped. # sleep 2 if test -n "$PID" && kill -0 $PID 2>/dev/null then log_action_begin_msg " Waiting" cnt=0 while kill -0 $PID 2>/dev/null do cnt=`expr $cnt + 1` if [ $cnt -gt 24 ] then log_action_end_msg 1 return 1 fi sleep 5 log_action_cont_msg "" done log_action_end_msg 0 return 0 else return 0 fi } case "$1" in start) log_daemon_msg "Starting $DESC" "$NAME" if start ; then log_end_msg $? else log_end_msg $? fi ;; stop) log_daemon_msg "Stopping $DESC" "$NAME" if stop ; then log_end_msg $? else log_end_msg $? fi ;; reload|force-reload) log_action_msg "Reloading $DESC configuration files" start-stop-daemon --stop --signal 1 \ --pidfile $PIDFILE --quiet --exec $DAEMON log_action_end_msg 0 ;; restart) log_daemon_msg "Restarting $DESC" "$NAME" stop if start ; then log_end_msg $? else log_end_msg $? fi ;; status) status_of_proc -p $PIDFILE $DAEMON $NAME && exit 0 || exit 3 ;; *) echo "Usage: /etc/init.d/$NAME {start|stop|reload|force-reload|restart|status}" exit 3 ;; esac exit 0 /etc/squid3/squid.conf changed: workers 2 auth_param basic program /usr/lib/squid3/basic_ncsa_auth /etc/squid3/htpasswd acl own_to_localhost url_regex -i ^(https?|ftp)://(localhost|127\.0\.0) acl localnet src 193.103.159.0/24 acl localnet src 2001:6f8:94b::/48 acl localnet src 192.168.22.0/24 acl localnet src 182.168.18.0/23 acl localnet src 2001:6f8:96b::/48 acl to_localnet url_regex -i ^(https?|ftp)://193\.103\.159\. acl to_localnet url_regex -i ^(https?|ftp)://192\.168\.22\. acl to_localnet url_regex -i ^(https?|ftp)://192\.168\.19\. acl to_localnet url_regex -i ^(https?|ftp)://192\.168\.18\. acl to_localnet url_regex -i ^(https?|ftp)://172\.31\.22\. acl to_localnet url_regex -i ^(https?|ftp)://172\.31\.19\. acl to_localnet url_regex -i ^(https?|ftp)://172\.31\.18\. acl blacklist url_regex -i ^http://alive.boingo.com/ acl blacklist url_regex -i ^http://android.clients.google.com/packages/ota/google_crespo/ acl SSL_ports port 80 # http acl SSL_ports port 443 # https acl SSL_ports port 563 # snews acl SSL_ports port 873 # rsync acl SSL_ports port 1863 # msn acl SSL_ports port 3690 # svn acl SSL_ports port 5222 # jabber acl SSL_ports port 5223 # jabber acl SSL_ports port 8090 # SHS Hummingbird acl SSL_ports port 9418 # git acl SSL_ports port 9443 # vmware esx acl Safe_ports port 80 # http acl Safe_ports port 81 acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl Safe_ports port 631 # cups acl Safe_ports port 873 # rsync acl Safe_ports port 901 # SWAT acl CONNECT method CONNECT acl passwd proxy_auth REQUIRED http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access deny to_localhost http_access deny own_to_localhost http_access deny blacklist http_access allow localnet http_access allow localhost http_access deny to_localnet http_access allow passwd http_access deny all icp_access deny all http_port 3127 http_port 3126 transparent disable-pmtu-discovery=transparent hierarchy_stoplist hierarchy_stoplist-disabled-e7a0ffa1793cf55da5d23082c838116acb24e0a2 cache_mem 256 MB if ${process_number} = 1 cache_dir aufs /var/spool/squid3/1 1024 8 8 endif if ${process_number} = 2 cache_dir aufs /var/spool/squid3/2 1024 8 8 endif maximum_object_size 256 MB coredump_dir none refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern (Release|Package(.gz|.bz2)*)$ 0 20% 2880 refresh_pattern . 0 20% 4320 via off shutdown_lifetime 2 seconds -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org