Hello Joop, SquidGuard is running fine when you run it at command prompt, logged on as root. But SquidGuard goes into emergency mode when called by squid, logged on as squid.
Try to connect with the "squid" account, and run squidguard by hand. I guess this will fail. I think the solution is "chmod ug+x /var/lib/squidGuard/db". Add a +x access right on every subfolders in "dbhome". With "rw-rw-r", the squid user can't chdir into, but root can. HTH, Rémi > -----Message d'origine----- > De : Joop Beris [mailto:[EMAIL PROTECTED] > Envoyé : mercredi 20 septembre 2006 14:09 > À : [email protected] > Objet : squidguard going into emergency mode > > > Hello all, > > I am hoping that you can help me with a baffling problem I have with > squidguard. I'm sorry for the long email, but I want you to > know what I > already checked. > I'm using squidguard as a redirector for squid (of course) > for a site with > some 160 users. However, since updating the blacklist, > squidguard keeps going > into emergency mode. However, the permissions on the > blacklist are okay: > > # ls -l > drwx------ 16 squid root 400 Sep 19 15:18 . > drwx------ 4 squid root 144 Apr 6 2004 .. > drw-rw-r-- 2 squid squid 128 Sep 19 15:18 ads > drw-rw-r-- 2 squid squid 96 Sep 20 08:32 aggressive > drw-rw-r-- 2 squid squid 96 Sep 19 15:18 audio-video > drw-rw-r-- 2 squid squid 96 Sep 19 15:18 drugs > drw-rw-r-- 2 squid squid 96 Sep 20 08:33 gambling > drw-rw-r-- 2 squid squid 96 Sep 20 08:33 games > drw-rw-r-- 2 squid squid 96 Sep 20 08:34 hacking > drw-rw-r-- 2 squid squid 96 Sep 19 15:18 mail > drw-rw-r-- 2 squid squid 72 Sep 20 08:36 phishing > drw-rw-r-- 2 squid squid 128 Sep 20 08:27 porn > drw-rw-r-- 2 squid squid 96 Sep 19 15:18 proxy > drw-rw-r-- 2 squid squid 272 Sep 19 15:59 risse > drw-rw-r-- 2 squid squid 96 Sep 19 15:18 violence > drw-rw-r-- 2 squid squid 96 Sep 19 15:18 warez > > # ls -l warez/* > -rw-rw-r-- 1 squid squid 1141 Sep 19 15:18 warez/domains > -rw-rw-r-- 1 squid squid 243 Sep 19 15:18 warez/urls > > If I call squidguard by hand, for debugging, I get the following: > > # echo "http://www.google.nl 10.0.1.1/- - GET" | /usr/sbin/squidGuard > -c /etc/squidguard.conf -d > > 2006-09-20 13:51:10 [6682] init > domainlist /var/lib/squidGuard/db/risse/allowedsites > 2006-09-20 13:51:10 [6682] init domainlist > /var/lib/squidGuard/db/risse/bng 2006-09-20 13:51:10 [6682] init > domainlist /var/lib/squidGuard/db/risse/gooddomains > 2006-09-20 13:51:10 [6682] init domainlist > /var/lib/squidGuard/db/porn/domains > 2006-09-20 13:51:49 [6682] init urllist > /var/lib/squidGuard/db/porn/urls 2006-09-20 13:51:49 [6682] init > expressionlist /var/lib/squidGuard/db/porn/expressions > 2006-09-20 13:51:49 [6682] init domainlist > /var/lib/squidGuard/db/ads/domains > 2006-09-20 13:51:49 [6682] init urllist > /var/lib/squidGuard/db/ads/urls 2006-09-20 13:51:49 [6682] init > expressionlist /var/lib/squidGuard/db/ads/expressions > 2006-09-20 13:51:49 [6682] init > domainlist /var/lib/squidGuard/db/aggressive/domains > 2006-09-20 13:51:49 [6682] init urllist > /var/lib/squidGuard/db/aggressive/urls > 2006-09-20 13:51:49 [6682] init > domainlist /var/lib/squidGuard/db/audio-video/domains > 2006-09-20 13:51:49 [6682] init > urllist /var/lib/squidGuard/db/audio-video/urls > 2006-09-20 13:51:49 [6682] init > domainlist /var/lib/squidGuard/db/drugs/domains > 2006-09-20 13:51:49 [6682] init urllist > /var/lib/squidGuard/db/drugs/urls 2006-09-20 13:51:49 [6682] init > domainlist /var/lib/squidGuard/db/gambling/domains > 2006-09-20 13:51:49 [6682] init urllist > /var/lib/squidGuard/db/gambling/urls > 2006-09-20 13:51:49 [6682] init > domainlist /var/lib/squidGuard/db/gambling/domains > 2006-09-20 13:51:49 [6682] init urllist > /var/lib/squidGuard/db/gambling/urls > 2006-09-20 13:51:49 [6682] init > domainlist /var/lib/squidGuard/db/hacking/domains > 2006-09-20 13:51:49 [6682] init urllist > /var/lib/squidGuard/db/hacking/urls > 2006-09-20 13:51:49 [6682] init domainlist > /var/lib/squidGuard/db/mail/domains > 2006-09-20 13:51:49 [6682] init urllist > /var/lib/squidGuard/db/mail/urls 2006-09-20 13:51:49 [6682] init > domainlist /var/lib/squidGuard/db/phishing/domains > 2006-09-20 13:51:49 [6682] init > domainlist /var/lib/squidGuard/db/proxy/domains > 2006-09-20 13:51:49 [6682] init urllist > /var/lib/squidGuard/db/proxy/urls 2006-09-20 13:51:49 [6682] init > domainlist /var/lib/squidGuard/db/violence/domains > 2006-09-20 13:51:49 [6682] init urllist > /var/lib/squidGuard/db/violence/urls > 2006-09-20 13:51:49 [6682] init > domainlist /var/lib/squidGuard/db/warez/domains > 2006-09-20 13:51:49 [6682] init urllist > /var/lib/squidGuard/db/warez/urls 2006-09-20 13:51:49 [6682] init > domainlist /var/lib/squidGuard/db/risse/domains > 2006-09-20 13:51:49 [6682] init urllist > /var/lib/squidGuard/db/risse/urls 2006-09-20 13:51:49 [6682] > urllist empty, removed from memory 2006-09-20 13:51:49 [6682] init > expressionlist /var/lib/squidGuard/db/risse/download > 2006-09-20 13:51:49 [6682] squidGuard 1.2.0 started > (1158753070.491) 2006-09-20 13:51:49 [6682] squidGuard ready > for requests (1158753109.975) > <---- blank line ----> > 2006-09-20 13:51:49 [6682] squidGuard stopped (1158753109.977) > > Squidguard returns a blank line, which would indicate it is > working correctly, > according to what it says here: > http://www.squidguard.org/faq/ in list item > 4. > > However, calling squidguard from squid, the log of squidguard > tells me this: > > 2006-09-20 13:54:33 [6426] ending emergency mode, stdin empty > 2006-09-20 13:54:33 [6427] ending emergency mode, stdin empty > 2006-09-20 13:54:33 [6429] ending emergency mode, stdin empty > 2006-09-20 13:54:33 [6430] ending emergency mode, stdin empty > 2006-09-20 13:54:33 [6428] ending emergency mode, stdin empty > 2006-09-20 13:54:33 [6730] init > domainlist /var/lib/squidGuard/db/risse/allowedsites > 2006-09-20 13:54:33 [6730] /var/lib/squidGuard/db/risse/allowedsites: > Permission denied > 2006-09-20 13:54:33 [6730] going into emergency mode > 2006-09-20 13:54:33 [6731] init > domainlist /var/lib/squidGuard/db/risse/allowedsites > 2006-09-20 13:54:33 [6731] /var/lib/squidGuard/db/risse/allowedsites: > Permission denied > 2006-09-20 13:54:33 [6731] going into emergency mode > 2006-09-20 13:54:33 [6734] init > domainlist /var/lib/squidGuard/db/risse/allowedsites > 2006-09-20 13:54:33 [6734] /var/lib/squidGuard/db/risse/allowedsites: > Permission denied > 2006-09-20 13:54:33 [6734] going into emergency mode > 2006-09-20 13:54:33 [6732] init > domainlist /var/lib/squidGuard/db/risse/allowedsites > 2006-09-20 13:54:33 [6732] /var/lib/squidGuard/db/risse/allowedsites: > Permission denied > 2006-09-20 13:54:33 [6732] going into emergency mode > 2006-09-20 13:54:33 [6733] init > domainlist /var/lib/squidGuard/db/risse/allowedsites > 2006-09-20 13:54:33 [6733] /var/lib/squidGuard/db/risse/allowedsites: > Permission denied > 2006-09-20 13:54:33 [6733] going into emergency mode > > Before you ask, here are the permission of the file specified: > -rw-rw-r-- 1 squid squid 858 Mar 27 09:45 risse/allowedsites > > If I remove this file, it complains about the following file in > squidguard.conf. The permissions on all files are the same. > > Here is our squidguard.conf: > > ---------------------------------- > logdir /var/log/squidGuard/ > dbhome /var/lib/squidGuard/db > > # THE GROUP ADMINS, WITH UNRESTRICTED ACCESS > src admin { > user root > vdbroek > bruijne > jberis > trendmicro > } > > # DEFINE THE GROUP WITH ACCESS ONLY TO SITES WHICH ARE > SPECIFIED IN THE FILE > ~/risse/allowedsites > # ALL OTHER ACCESS IS DISALLOWED !! > src restricted { > user Risse > } > > # DEFINE THE GROUP bng WHICH IS USED ONLY FOR BANKING ACROSS > THE INTERNET # ONLY ALLOWED ACCESS IS THE BANKING WEBSITE !! src bng { > user bng > } > > > > > # DEFINE THE FILE WHICH SPECIFIES ACCESS FOR THE GROUP > "RESTRICTED" dest good { > domainlist risse/allowedsites > } > > # DEFINE THE FILE WHICH SPECIFIES ACCESS FOR THE GROUP "BNG" > dest bng { > domainlist risse/bng > } > > > # DEFINE SITES WHICH ARE ALLOWED, DESPITE BEING BLOCKED BY > THE DEFAULT DB dest gooddomains { > domainlist risse/gooddomains > } > > > # DEFINE DESTINATIONS WHICH ARE BLOCKED BY THE DEFAULT > SQUIDGUARD DB !! dest porn { > domainlist porn/domains > urllist porn/urls > expressionlist porn/expressions > log porn.log > } > > dest ads { > domainlist ads/domains > urllist ads/urls > expressionlist ads/expressions > log ads.log > } > > dest aggressive { > domainlist aggressive/domains > urllist aggressive/urls > log aggressive.log > } > > dest audio-video { > domainlist audio-video/domains > urllist audio-video/urls > log audio-video.log > } > > dest drugs { > domainlist drugs/domains > urllist drugs/urls > log drugs.log > } > > dest gambling { > domainlist gambling/domains > urllist gambling/urls > log gambling.log > } > > dest games { > domainlist gambling/domains > urllist gambling/urls > log games.log > } > > dest hacking { > domainlist hacking/domains > urllist hacking/urls > log hacking.log > } > > dest mail { > domainlist mail/domains > urllist mail/urls > log mail.log > } > > dest phishing { > domainlist phishing/domains > log phishing.log > } > > dest proxy { > domainlist proxy/domains > urllist proxy/urls > log proxy.log > } > > dest violence { > domainlist violence/domains > urllist violence/urls > log violence.log > } > > dest warez { > domainlist warez/domains > urllist warez/urls > log warez.log > } > > # DOMAINS, URLS AND EXPRESSIONS SPECIFICALLY BLOCKED BY DE > RISSE !! dest risse { > domainlist risse/domains > urllist risse/urls > expressionlist risse/download > log risse.log > } > > # BLOCKING SOME STUFF THAT SHOULDN'T BE DOWNLOADED > #dest download { > # expressionlist risse/download > # redirect http://127.0.0.1/redirect/download.html > # log download.log > #} > > > # ACCESS CONTROL RULES, ADMINS PASS ALL, RESTRICTED PASS > NOTHING EXCEPT > ALLOWED SITES > # DEFAULT (everyone else) PASS ALL, EXCEPT > DOMAINS/URLS/EXPRESSIONS BLOCKED BY > SQUIDGUARD > acl { > > admin { > pass all > } > restricted { > pass good none > } > bng { > pass bng none > } > default { > pass !risse !porn !ads !aggressive !audio-video !drugs > !gambling !games !phishing !hacking !mail !proxy !violence !warez > gooddomains good all > redirect http://127.0.0.1/redirect/blocked.html > } > } > ------------------------- > > The versions of squid and squidguard: > squid-2.5.STABLE5-42.44 > squidGuard-1.2.0-373 > > Can anyone please shed some light on this for me, because I > do not know what > else to do or check. Any help or insight is appreciated because our > management wants the redirector up. > > Kind regards, > > Joop Beris >
