Hello all, I am hoping that you can help me with a baffling problem I have with squidguard. I'm sorry for the long email, but I want you to know what I already checked. I'm using squidguard as a redirector for squid (of course) for a site with some 160 users. However, since updating the blacklist, squidguard keeps going into emergency mode. However, the permissions on the blacklist are okay:
# ls -l drwx------ 16 squid root 400 Sep 19 15:18 . drwx------ 4 squid root 144 Apr 6 2004 .. drw-rw-r-- 2 squid squid 128 Sep 19 15:18 ads drw-rw-r-- 2 squid squid 96 Sep 20 08:32 aggressive drw-rw-r-- 2 squid squid 96 Sep 19 15:18 audio-video drw-rw-r-- 2 squid squid 96 Sep 19 15:18 drugs drw-rw-r-- 2 squid squid 96 Sep 20 08:33 gambling drw-rw-r-- 2 squid squid 96 Sep 20 08:33 games drw-rw-r-- 2 squid squid 96 Sep 20 08:34 hacking drw-rw-r-- 2 squid squid 96 Sep 19 15:18 mail drw-rw-r-- 2 squid squid 72 Sep 20 08:36 phishing drw-rw-r-- 2 squid squid 128 Sep 20 08:27 porn drw-rw-r-- 2 squid squid 96 Sep 19 15:18 proxy drw-rw-r-- 2 squid squid 272 Sep 19 15:59 risse drw-rw-r-- 2 squid squid 96 Sep 19 15:18 violence drw-rw-r-- 2 squid squid 96 Sep 19 15:18 warez # ls -l warez/* -rw-rw-r-- 1 squid squid 1141 Sep 19 15:18 warez/domains -rw-rw-r-- 1 squid squid 243 Sep 19 15:18 warez/urls If I call squidguard by hand, for debugging, I get the following: # echo "http://www.google.nl 10.0.1.1/- - GET" | /usr/sbin/squidGuard -c /etc/squidguard.conf -d 2006-09-20 13:51:10 [6682] init domainlist /var/lib/squidGuard/db/risse/allowedsites 2006-09-20 13:51:10 [6682] init domainlist /var/lib/squidGuard/db/risse/bng 2006-09-20 13:51:10 [6682] init domainlist /var/lib/squidGuard/db/risse/gooddomains 2006-09-20 13:51:10 [6682] init domainlist /var/lib/squidGuard/db/porn/domains 2006-09-20 13:51:49 [6682] init urllist /var/lib/squidGuard/db/porn/urls 2006-09-20 13:51:49 [6682] init expressionlist /var/lib/squidGuard/db/porn/expressions 2006-09-20 13:51:49 [6682] init domainlist /var/lib/squidGuard/db/ads/domains 2006-09-20 13:51:49 [6682] init urllist /var/lib/squidGuard/db/ads/urls 2006-09-20 13:51:49 [6682] init expressionlist /var/lib/squidGuard/db/ads/expressions 2006-09-20 13:51:49 [6682] init domainlist /var/lib/squidGuard/db/aggressive/domains 2006-09-20 13:51:49 [6682] init urllist /var/lib/squidGuard/db/aggressive/urls 2006-09-20 13:51:49 [6682] init domainlist /var/lib/squidGuard/db/audio-video/domains 2006-09-20 13:51:49 [6682] init urllist /var/lib/squidGuard/db/audio-video/urls 2006-09-20 13:51:49 [6682] init domainlist /var/lib/squidGuard/db/drugs/domains 2006-09-20 13:51:49 [6682] init urllist /var/lib/squidGuard/db/drugs/urls 2006-09-20 13:51:49 [6682] init domainlist /var/lib/squidGuard/db/gambling/domains 2006-09-20 13:51:49 [6682] init urllist /var/lib/squidGuard/db/gambling/urls 2006-09-20 13:51:49 [6682] init domainlist /var/lib/squidGuard/db/gambling/domains 2006-09-20 13:51:49 [6682] init urllist /var/lib/squidGuard/db/gambling/urls 2006-09-20 13:51:49 [6682] init domainlist /var/lib/squidGuard/db/hacking/domains 2006-09-20 13:51:49 [6682] init urllist /var/lib/squidGuard/db/hacking/urls 2006-09-20 13:51:49 [6682] init domainlist /var/lib/squidGuard/db/mail/domains 2006-09-20 13:51:49 [6682] init urllist /var/lib/squidGuard/db/mail/urls 2006-09-20 13:51:49 [6682] init domainlist /var/lib/squidGuard/db/phishing/domains 2006-09-20 13:51:49 [6682] init domainlist /var/lib/squidGuard/db/proxy/domains 2006-09-20 13:51:49 [6682] init urllist /var/lib/squidGuard/db/proxy/urls 2006-09-20 13:51:49 [6682] init domainlist /var/lib/squidGuard/db/violence/domains 2006-09-20 13:51:49 [6682] init urllist /var/lib/squidGuard/db/violence/urls 2006-09-20 13:51:49 [6682] init domainlist /var/lib/squidGuard/db/warez/domains 2006-09-20 13:51:49 [6682] init urllist /var/lib/squidGuard/db/warez/urls 2006-09-20 13:51:49 [6682] init domainlist /var/lib/squidGuard/db/risse/domains 2006-09-20 13:51:49 [6682] init urllist /var/lib/squidGuard/db/risse/urls 2006-09-20 13:51:49 [6682] urllist empty, removed from memory 2006-09-20 13:51:49 [6682] init expressionlist /var/lib/squidGuard/db/risse/download 2006-09-20 13:51:49 [6682] squidGuard 1.2.0 started (1158753070.491) 2006-09-20 13:51:49 [6682] squidGuard ready for requests (1158753109.975) <---- blank line ----> 2006-09-20 13:51:49 [6682] squidGuard stopped (1158753109.977) Squidguard returns a blank line, which would indicate it is working correctly, according to what it says here: http://www.squidguard.org/faq/ in list item 4. However, calling squidguard from squid, the log of squidguard tells me this: 2006-09-20 13:54:33 [6426] ending emergency mode, stdin empty 2006-09-20 13:54:33 [6427] ending emergency mode, stdin empty 2006-09-20 13:54:33 [6429] ending emergency mode, stdin empty 2006-09-20 13:54:33 [6430] ending emergency mode, stdin empty 2006-09-20 13:54:33 [6428] ending emergency mode, stdin empty 2006-09-20 13:54:33 [6730] init domainlist /var/lib/squidGuard/db/risse/allowedsites 2006-09-20 13:54:33 [6730] /var/lib/squidGuard/db/risse/allowedsites: Permission denied 2006-09-20 13:54:33 [6730] going into emergency mode 2006-09-20 13:54:33 [6731] init domainlist /var/lib/squidGuard/db/risse/allowedsites 2006-09-20 13:54:33 [6731] /var/lib/squidGuard/db/risse/allowedsites: Permission denied 2006-09-20 13:54:33 [6731] going into emergency mode 2006-09-20 13:54:33 [6734] init domainlist /var/lib/squidGuard/db/risse/allowedsites 2006-09-20 13:54:33 [6734] /var/lib/squidGuard/db/risse/allowedsites: Permission denied 2006-09-20 13:54:33 [6734] going into emergency mode 2006-09-20 13:54:33 [6732] init domainlist /var/lib/squidGuard/db/risse/allowedsites 2006-09-20 13:54:33 [6732] /var/lib/squidGuard/db/risse/allowedsites: Permission denied 2006-09-20 13:54:33 [6732] going into emergency mode 2006-09-20 13:54:33 [6733] init domainlist /var/lib/squidGuard/db/risse/allowedsites 2006-09-20 13:54:33 [6733] /var/lib/squidGuard/db/risse/allowedsites: Permission denied 2006-09-20 13:54:33 [6733] going into emergency mode Before you ask, here are the permission of the file specified: -rw-rw-r-- 1 squid squid 858 Mar 27 09:45 risse/allowedsites If I remove this file, it complains about the following file in squidguard.conf. The permissions on all files are the same. Here is our squidguard.conf: ---------------------------------- logdir /var/log/squidGuard/ dbhome /var/lib/squidGuard/db # THE GROUP ADMINS, WITH UNRESTRICTED ACCESS src admin { user root vdbroek bruijne jberis trendmicro } # DEFINE THE GROUP WITH ACCESS ONLY TO SITES WHICH ARE SPECIFIED IN THE FILE ~/risse/allowedsites # ALL OTHER ACCESS IS DISALLOWED !! src restricted { user Risse } # DEFINE THE GROUP bng WHICH IS USED ONLY FOR BANKING ACROSS THE INTERNET # ONLY ALLOWED ACCESS IS THE BANKING WEBSITE !! src bng { user bng } # DEFINE THE FILE WHICH SPECIFIES ACCESS FOR THE GROUP "RESTRICTED" dest good { domainlist risse/allowedsites } # DEFINE THE FILE WHICH SPECIFIES ACCESS FOR THE GROUP "BNG" dest bng { domainlist risse/bng } # DEFINE SITES WHICH ARE ALLOWED, DESPITE BEING BLOCKED BY THE DEFAULT DB dest gooddomains { domainlist risse/gooddomains } # DEFINE DESTINATIONS WHICH ARE BLOCKED BY THE DEFAULT SQUIDGUARD DB !! dest porn { domainlist porn/domains urllist porn/urls expressionlist porn/expressions log porn.log } dest ads { domainlist ads/domains urllist ads/urls expressionlist ads/expressions log ads.log } dest aggressive { domainlist aggressive/domains urllist aggressive/urls log aggressive.log } dest audio-video { domainlist audio-video/domains urllist audio-video/urls log audio-video.log } dest drugs { domainlist drugs/domains urllist drugs/urls log drugs.log } dest gambling { domainlist gambling/domains urllist gambling/urls log gambling.log } dest games { domainlist gambling/domains urllist gambling/urls log games.log } dest hacking { domainlist hacking/domains urllist hacking/urls log hacking.log } dest mail { domainlist mail/domains urllist mail/urls log mail.log } dest phishing { domainlist phishing/domains log phishing.log } dest proxy { domainlist proxy/domains urllist proxy/urls log proxy.log } dest violence { domainlist violence/domains urllist violence/urls log violence.log } dest warez { domainlist warez/domains urllist warez/urls log warez.log } # DOMAINS, URLS AND EXPRESSIONS SPECIFICALLY BLOCKED BY DE RISSE !! dest risse { domainlist risse/domains urllist risse/urls expressionlist risse/download log risse.log } # BLOCKING SOME STUFF THAT SHOULDN'T BE DOWNLOADED #dest download { # expressionlist risse/download # redirect http://127.0.0.1/redirect/download.html # log download.log #} # ACCESS CONTROL RULES, ADMINS PASS ALL, RESTRICTED PASS NOTHING EXCEPT ALLOWED SITES # DEFAULT (everyone else) PASS ALL, EXCEPT DOMAINS/URLS/EXPRESSIONS BLOCKED BY SQUIDGUARD acl { admin { pass all } restricted { pass good none } bng { pass bng none } default { pass !risse !porn !ads !aggressive !audio-video !drugs !gambling !games !phishing !hacking !mail !proxy !violence !warez gooddomains good all redirect http://127.0.0.1/redirect/blocked.html } } ------------------------- The versions of squid and squidguard: squid-2.5.STABLE5-42.44 squidGuard-1.2.0-373 Can anyone please shed some light on this for me, because I do not know what else to do or check. Any help or insight is appreciated because our management wants the redirector up. Kind regards, Joop Beris
