Getting Ready for SafeSquid 4.2.1

Getting Ready for SafeSquid 4.2.1

Postby sachin » Mon Oct 08, 2007 6:24 pm

# Preamble -

SafeSquid produces logs in three distinct formats.
We traditionally name them as safesquid.log (Native Log Format), access.log (Access Log Format) & extended.log (NCSA / Extended log format).
Versions prior to SafeSquid 4.1.x only Advanced Edition produced all these three formats. The other editions produced only Native & Squid log formats.
However since 4.1.0 all editions of SafeSquid are capable of producing all the three formats.
Of course, the application owners have a choice of deciding the name and path of each of these logs. The users can also choose if they do not want to produce any one or all of these three logs.
These logs contain a wealth of information, that can be used by application managers, to understand the overall operation and functioning of the application.
The access.log has been traditional favorite, because it can be used by a variety of log analyzers like Calamaris, SARG, Squint, SquidTailD, etc. The reports produced by these log analyzers reveal useful details of the overall usage and the pattern of access of the application. The Native Log records the conditions encountered by the application and processes undertaken by SafeSquid. The Extended log records maximum details of each request handled by the proxy application.

# Improvisation -

For SafeSquid 4.2.1 we focused on improvisations in logs, and handling of forwarded requests.

Until SafeSquid 4.2.0 SafeSquid needed a restart when the logfiles reached 2GB size.
From 4.2.1 this limitation has been removed. The limitation was enforced by using the older 32-bit referencing while opening files. Most SafeSquid users have now migrated to newer kernel, and modern distros, that support 64-bit referencing of files, so this shouldn't effect users using Linux Kernel 2.6.x

The Native log now records the application of "profiles". Profiles are undoubtedly one of the most important aspects of SafeSquid. From 4.2.1 onwards addition or removal of profiles is logged for every request, in the Native Logs. The Extended Logs will now, also record the profiles that were applied to each request that was handled by the application. Unfortunately there isn't yet a log analyser completely compatible to generate reports from the extended logs. Though Awstats may be used for some benefits. A uniue record identifier is now printed with every line of extended log, to easily prevent duplication of records when imported into SQL databases.

The new format for extended log:

"UNIQUE_RECORDID" ELAPSED_TIME_IN_MSEC CLIENT_IP "USER_NAME" "CLIENT_CONNECTION_ID" [DATE_TIME_OF_REQUEST] "METHOD URL" "HTTP_STATUS_CODE" BYTES_TRANSFERRED "REFERRER_URL" "USER_AGENT" MIME_TYPE "FILTER_NAME FILTERING_REASON" "COMMA_SEPARATED_LIST_OF_PROFILES_APPLIED" "INTERFACE_IP:INTERFACE_PORT"


Example:

"1191586598.504-7-192.168.0.221-8888" 929 192.168.0.150 "anonymous" "7" [05/Oct/2007:17:46:39] "GET http://updates.f-prot.com:80/cgi-bin/ch ... protocol=1" 200 750 "-" "FPAV_Update_Monitor/3.16f (Windows; WINNT; 2000 Professional; SP4)" text/plain "- -" "-" "192.168.0.221:8888"


Details:

"UNIQUE_RECORDID" - A unique record identifier, to prevent duplication of records when imported into SQL databases. E.g. "1191586598.504-7-192.168.0.221-8888"

ELAPSED_TIME_IN_MSEC - Elapsed time of the request, in milliseconds. E.g. 929

CLIENT_IP - The IP address of the requesting client. E.g. 192.168.0.150

"USER_NAME" - The username, (or user ID) used by the client for authentication. If no value is present, "anonymous" is substituted. E.g. "anonymous"

"CLIENT_CONNECTION_ID" - The internal SafeSquid ID associated with this connection. E.g. "7".

[DATE_TIME_OF_REQUEST] - The date and time stamp of the HTTP request.
The fields in the date/time field are [dd/MMM/yyyy:hh:mm:ss +-hhmm], where the fields are defined as follow:
dd is the day of the month, MMM is the month, yyy is the year, hh is the hour, mm is the minute, ss is the seconds.
E.g. [05/Oct/2007:17:46:39]

"METHOD URL" - The HTTP request. The request field contains three pieces of information. The main piece is the requested resource. The request field also contains the HTTP method. E.g. "GET http://updates.f-prot.com:80/cgi-bin/ch ... protocol=1"

"HTTP_STATUS_CODE" - The status code is the numeric code indicating the success or failure of the HTTP request. E.g. 200.

BYTES_TRANSFERRED - This field is a numeric field containing the number of bytes of data transferred as part of the HTTP request, not including the HTTP header. E.g. 750.

"REFERRER_URL" - The referrer is the URL of the HTTP resource that referred the user to the resource requested. "-" is substituted when there are no referrers.

"USER_AGENT" - An HTTP client that makes HTTP requests. It is customary for an HTTP client, such as a Web browser, to identify itself by name when making an HTTP request. It is not required, but most HTTP clients do identify themselves by name. E.g. "FPAV_Update_Monitor/3.16f (Windows; WINNT; 2000 Professional; SP4)"

MIME_TYPE - The MIME-type of the requested object. E.g. text/plain.

"FILTER_NAME FILTERING_REASON" - If the request get blocked, then this field contains the name of the filter, or the reason for which the request was blocked. "- -" is substituted when there are no blocks.

"COMMA_SEPARATED_LIST_OF_PROFILES_APPLIED" - The comma separated list of profiles that were applied to the request. "-" is substituted when no profiles are applied.

"INTERFACE_IP:INTERFACE_PORT" - The IP:PORT that received the request. This can be important when SafeSquid is listening on multiple IPs or Ports. E.g. "192.168.0.221:8888".


The Access Logs are rather legacy in nature, and any change in their content or structure could break the compatibility with the popular and legacy analysers. The structure of Access logs therefore remain unchanged. HOWEVER, prior to 4.2.1, the time spent by the user on an HTTPS / SSL session was not recorded. From 4.2.1 the CONNECT requests will be appropriately logged. Unfortunately, at this time, the quantity of data transferred (bytes) is shown as "0", and will be substituted with the correct value in a future release.

4.2.1 also introduces new variables for use in Custom Templates and External Parsers.
The following is the list of all variables, that may be used with SafeSquid 4.2.1 and subsequent versions.

VERSION - The Version of SafeSquid being used.
INTERFACE - The I.P. address of the SafeSquid Service, that recieved the request
PORT - The I.P. address of the SafeSquid Service, that recieved the request
IP - The I.P. address of the source of the request.
CLIENTID - The unique Client ID allocated to the connection handled.
USERNAME - The username of the client.
TIME - The time of the request.
URL - The full URL requested
HTTP_HOST - The target Host that served the response.
HTTP_FILE - The File that was served as a response by the target web-server
HTTP_PORT - The port of the web-server to which the request was made.
HTTP_METHOD - The HTTP method ( GET / POST / CONNECT ) used for the request
HTTP_PROTO - The protocol, over HTTP used to make the request, ( HTTP / FTP / CONNECT )
MIME - The mime-type of the downloaded content
SIZE - The size in bytes of the downloaded data
DOWNLOADLIMIT - The effective maximum downloadlimit in bytes
TRANSFERRED - The amount of data transferred in bytes
UPLOADLIMIT - The effective maximum uploadlimit in bytes
MTIME - The last-modified time of the cached file
FILTER -The name of the Filter that blocked the content
THRESHOLD - The Threshold limit defined for keyword filtering
SCORE - The total score resulting from all the keyword filtering rules
AVSCANNER - The name of the virus scanner that detected virus
VIRUSNAME - The name of the virus that was detected
CATEGORY - The name of the category that was determined by the UrlBlacklist Filter
IMAGESCORE - The score applied to the image by the Image Filter
IMAGETHRESHOLD - The Threshold limit set for Image Filter

Obviously some of the above listed variables, would be available, if content was blocked. Additionally, for every header received from the remote website and set by a client, an environment variable is set. All the environment variables for the server's headers start with SERVER_, and the client's start with CLIENT_; All '-' (dashes) in the header type are converted to '_' (underscores), and all characters are in uppercase. If an executable returns with a non-zero status code, the original content is returned.

Please view the sample shell scripts and templates available along with the installation package, for a better understanding.


BugFix -
A bug was identified in SafeSquid's ICAP Client. Some legacy ICAP services exhibit "Response Modified" characteristics, without providing a modified response content. SafeSquid versions prior to 4.2.1, suffered crashes in such situations. A fix has been implemented against this in SafeSquid 4.2.1. If you are using SafeSquid with an ICAP service and application frequently crashes, you surely must upgrade to SafeSquid 4.2.1

If you are already using SafeSquid 4.2.0. and your application does not use ICAP, you may safely skip migration to SafeSquid 4.2.1., in case the enhancements in 4.2.1 do not impress you. Maybe 4.2.2 will attract you more.

4.2.2 is already under development and also focuses on logs. The WebGUI (right upto 4.2.1) buffers and displays processed actions as "View Log Entries". If you noticed, this display is quite identical in content and format to the Native Log. 4.2.2 will similarly provide option to view requests handled by SafeSquid, in a structure, quite similar to the structure of Extended Logs.
sachin
 

Re: Getting Ready for SafeSquid 4.2.1

Postby zenny » Tue Apr 15, 2008 6:44 pm

Dear Satish, it seems to be a wonderful work. I downloaded v4.2.2RC7 (free edition) and followed every details: But it does not seem to work I get the follwoing error:

Starting safesquid
/var/safesquid/safesquid/safesquid -c /var/safesquid/safesquid/config.xml -s /var/safesquid/bin/section.xml -u ssquid -g root -P 1000:360 -t 256 -z 23 -p /var/safesquid/safesquid/run/safesquid.pid -d 1 -l /var/safesquid/safesquid/logs/native/safesquid.log -a /var/safesquid/safesquid/logs/access/access.log -e /var/safesquid/safesquid/logs/extended/extended.log -H ssquid -L 212.247.39.172:3128 -m /var/safesquid/modules -x safesquid -T 1 -C 1
validating succesful starup
Will check this for 120 tries, at 1 Second intervals

1 . /var/safesquid/safesquid/run/safesquid.pid not found ... ...
2 . /var/safesquid/safesquid/run/safesquid.pid not found ... ...
3 . /var/safesquid/safesquid/run/safesquid.pid not found ... ...
4 . /var/safesquid/safesquid/run/safesquid.pid not found ... ...
5 . /var/safesquid/safesquid/run/safesquid.pid not found ... ...
6 . /var/safesquid/safesquid/run/safesquid.pid not found ... ...



I already checked two forum posts and followed everything, yet it is not working, any pointers?

The links I visited before posting this are:
http://www.safesquid.com/html/viewtopic.php?t=2239
http://www.safesquid.com/html/viewtopic.php?t=2432

My params looks like:

# /etc/init.d/safesquid params
Reading Parameters from /var/safesquid/safesquid/init.d/startup.conf


ACCESSLOG=access.log
CONFIG_FILE=/var/safesquid/safesquid/config.xml
EXTENDEDLOG=extended.log
GROUP=root
HOSTNAME=ssquid
INSTALL_DIR=/var/safesquid
INSTANCE_DIR=/var/safesquid/safesquid
INSTANCE=safesquid
LISTEN=*:3128 (also used with the IP address like xxx.yyy.zzz.aaa:3128 using adjust.sh script)
LOGDIR=/var/log/safesquid
LOGLEVEL=1
LOG_SIZE_LIMIT=1073741823
MASTER=
MAXTHREADS=256
MODDIR=/var/safesquid/modules
MODE=
MONIT_DIR=/etc/monit.d
NATIVELOG=safesquid.log
PAM_DIR=/etc/pam.d
PAM_NAME=safesquid
PASSWORD_CACHE=1000:360
PIDDIR=run
RAMDEVICE=/dev/ram1
RC_DIR=/etc/init.d
SAMPLING=1000
SOCKET_TIMEOUT=1
STACKSIZE=23
SYNCTIME=
THREAD_TIMEOUT=1
TMPDRV=/tmp/safesquid
USER=ssquid

Native logs: /var/safesquid/safesquid/logs/native/safesquid.log
Access logs: /var/safesquid/safesquid/logs/access/access.log
Extended logs: /var/safesquid/safesquid/logs/extended/extended.log
Diagnostic Logs: /var/safesquid/safesquid/logs/stats/stats

ANY POINTERS?
zenny
 
Posts: 8
Joined: Tue Apr 15, 2008 5:51 pm

Re: Getting Ready for SafeSquid 4.2.1

Postby satish7619 » Tue Apr 15, 2008 7:02 pm

Hello,

I hope you have downloaded the safesquid com20 free edition .

run this command in the console

/etc/init.d/safesquid dircheck

and give the path of the file startup.conf file which is normally located default in /opt/safesquid/safesquid/init.d/startup.conf

Bbut in your case it will be located in the /var/safesquid/safesquid/init.d/startup.conf

after giving the path give yes to every question . it will verify and set all the parameters.

then restart safesquid service

/etc/init.d/safesquid restart

and check if its restart the service. if the service fails i would advice you to do the fresh installation by choosing the default values.
satish7619
 
Posts: 1138
Joined: Thu Apr 15, 2004 3:55 pm
Location: India

Postby zenny » Tue Apr 15, 2008 7:32 pm

Didn't work even after the /etc/init.d/safesquid dircheck command

Could you explain how to uninstall the old installation and install a new one with the default configuration?
zenny
 
Posts: 8
Joined: Tue Apr 15, 2008 5:51 pm

Re: Getting Ready for SafeSquid 4.2.1

Postby zenny » Tue Apr 15, 2008 8:34 pm

Even after reinstallation in default paths, it landed at the same error in CentOS 5.1. Something seems to be buggy!
zenny
 
Posts: 8
Joined: Tue Apr 15, 2008 5:51 pm

Postby Manish » Tue Apr 15, 2008 9:46 pm

Let's see
1. you ensured that you did the installation as root ?
2. Could you edit the init script and do this:
search for "MOD=" and you will notice it's set to some number, could you simply change it to 777, and then see if running /etc/init.d/safesquid dircheck solves your problem.

Since it doesn't throw up any probems, I am guessing it must have something to do with directory permissions.
-----------------
Manish Kochar
Manish
Site Admin
 
Posts: 1318
Joined: Wed Apr 14, 2004 9:09 pm
Location: Mumbai

Re: Getting Ready for SafeSquid 4.2.1

Postby zenny » Fri Apr 18, 2008 4:04 pm

1. Of course, it was installed as root

2. Which init script you are referring to? startup.conf or something else?

3. I found MOD= lines in /etc/init.d/safesquid, but which ones to chmod 777?

And giving 777 permission to all will not be a security issue?

Zenny

The /etc/init.d/safesquid with MOD= lines reads like this:

#
OWNER=""
[ x"${USR}" == "x1" ] && OWNER="${USER}"
[ x"${OWNER}" != "x" ] && [ x"${GRP}" == "x1" ] && OWNER="${USER}:${GROUP}"
#
echo -ne "Granting ownersip of INSTANCE_DIR ${INSTANCE_DIR} to ${OWNER}"
DIRECTORIES=( `echo -ne ${INSTANCE_DIR}` ) && MOD="" && make_and_set_dir
#
echo -ne "Checking if TMPDRV exists"
DIRECTORIES=( `echo -ne ${TMPDRV}` ) && MOD=644 && make_and_set_dir
#
echo -ne "Searching for the executable binary in ${INSTALL_DIR}"
[ -d ${INSTALL_DIR} ] && echo " ... Success!" || ( echo " ... failed!" ; exit 3)
echo -ne "Validating if ${INSTALL_DIR}/bin/safesquid exists"
[ -e ${INSTALL_DIR}/bin/safesquid ] && echo " ... Success!" || ( echo " ... failed!" ; exit 3)
VAR=( `eval ${INSTALL_DIR}/bin/safesquid 2>&1 | grep "VERSION"` ) && echo "${VAR[*]}"
[ x"${OWNER}" != "x" ] && su ${USER} --command="${PROGRAM}" || ( echo "But ${USER} cannot execute it." ; exit 4)
#
echo -ne "Validating if ${INSTALL_DIR}/bin/section.xml exists"
[ -e ${INSTALL_DIR}/bin/section.xml ] && echo " ... Success!" || ( echo " ... failed!" ; exit 5 )
[ x"${OWNER}" != "x" ] && su ${USER} --command="cat ${INSTALL_DIR}/bin/section.xml > /dev/null" || ( echo "But ${USER} cannot read it." ; exit 5)
#
echo -ne "Setting the soft-link for ${INSTANCE}"
PROGRAM=${INSTALL_DIR}/bin/safesquid
ln -fs ${PROGRAM} ${INSTANCE_DIR}/${INSTANCE} && echo " ... success!" || ( echo " ... failed!" ; exit 6 )
#
echo -ne "Validating if ${CONFIG_FILE} exists"
[ -e ${CONFIG_FILE} ] && echo " ... Success!" || ( echo " ... failed!" ; exit 5 )
chmod 664 ${CONFIG_FILE}
[ x"${OWNER}" != "x" ] && su ${USER} --command="cat ${CONFIG_FILE} > /dev/null" || ( echo "But ${USER} cannot read it." ; exit 5)

#
echo "Setting the soft-link in the RC_DIR ${RC_DIR}"
[ x"${LINK_SET}" == "xN" ] && ln -fs ${INSTANCE_DIR}/init.d/init.file ${RC_DIR}/${INSTANCE}
readlink -f ${RC_DIR}/${INSTANCE} && echo " ... Success! "
#
echo "Checking Content Cache Store directories"
find_cache && [ x"${cache_check}" == "x1" ] && echo "${CACHEDIR[*]} set as Cache stores in ${CONFIG_FILE}"
DIRECTORIES=( `echo -ne ${CACHEDIR[*]}` )

echo "This can take a lot of time, press \"s\" if you wish to skip this check"
echo "Press any other key to continue checking this"
CHK=""; read -e -n 1 INPUT; CHK=`echo ${INPUT} | tr a-z A-Z`
[ x"${CHK}" != "xS" ] && MOD=764 && make_and_set_dir
#
echo "Checking Log Directories"
DIRECTORIES=( `echo ${LOGDIR}/${INSTANCE}/` )
MOD=777 && make_and_set_dir
#
echo -ne "Creating a soft-link for ${LOGDIR}/${INSTANCE}/ to ${S_LOGDIR} "
ln -fs ${LOGDIR}/${INSTANCE}/ ${S_LOGDIR} && echo " ... Success!" || echo " ... Failure!"
echo "The Log files will now be physically created at respective folders in ${LOGDIR}/${INSTANCE}/, but can be referenced at ${S_LOGDIR}"
DIRECTORIES=( `echo ${NATIVE_LOG_DIR} ${ACCESS_LOG_DIR} ${EXTENDED_LOG_DIR} ${REPORT_DIR}` )
MOD=777 && make_and_set_dir
#
echo "Checking PID directory"
DIRECTORIES=( `echo ${INSTANCE_DIR}/${PIDDIR}` )
MOD=777 && make_and_set_dir
#
echo "Checking Temp directory"
DIRECTORIES=( `echo ${TMPDRV}` )
MOD=777 && make_and_set_dir
#
zenny
 
Posts: 8
Joined: Tue Apr 15, 2008 5:51 pm

Postby Manish » Fri Apr 18, 2008 6:02 pm

we can address that once the basic issue is addressed
-----------------
Manish Kochar
Manish
Site Admin
 
Posts: 1318
Joined: Wed Apr 14, 2004 9:09 pm
Location: Mumbai

Re: Getting Ready for SafeSquid 4.2.1

Postby zenny » Fri Apr 18, 2008 6:32 pm

Manish:

What is the "basic issue" then?

I was just wondering what prevents it from running, you said chmod to 777 and done, stil the same problem. Do you mean it is a bug?!
zenny
 
Posts: 8
Joined: Tue Apr 15, 2008 5:51 pm

Postby sachin » Fri Apr 18, 2008 6:53 pm

zenny,

Will it be possible for you to join an online interactive meeting from a Windows system, that has a connectivity to your SafeSquid box? It will enable us to look into your installation and resolve the issue online.

Regards
sachin
 

Re: Getting Ready for SafeSquid 4.2.1

Postby zenny » Fri Apr 18, 2008 7:17 pm

Sachin:

Thank you for your offer, so nice of you!

But I am sorry I don't use windows machine at all. I don't feel sorry for it.

What I can state is I followed each and every instructions and also checked the matter, but could not locate the reason.

I was just wondering why there is not a single error message besides:

1 . /opt/safesquid/safesquid/run/safesquid.pid not found ... ...

Do you think that it is a bug? I run CentOS 5.1 box for safesquid whereas I am curently using debian sid to write these lines. I use slackware instead.
zenny
 
Posts: 8
Joined: Tue Apr 15, 2008 5:51 pm

Postby sachin » Fri Apr 18, 2008 7:29 pm

zenny,

The online meeting that we use, gotomeeting.com & gomeetnow.com, support only Windows. There are no applications available that support Linux. This is a great disadvantage for us too :(

Nobody has reported a similar problem, so chances of this being a bug is pretty low. We ourselves have installed on CentOS, without any problems.

Can you please run the following and post the output -

/etc/init.d/safesquid dircheck | tee -a /tmp/safesquid.report

This should help in reveling the problem.

Regards.
sachin
 

Re: Getting Ready for SafeSquid 4.2.1

Postby zenny » Fri Apr 18, 2008 7:34 pm

Dear Sachin:

Please find below safesquid.report:

Reading Parameters from /opt/safesquid/safesquid/init.d/startup.conf
The INSTANCE_DIR has been set to /opt/safesquid/safesquid
If this is correct please press "Y"
Else press any key to exit immedately
Checking if group root exists ... Failure!
Checking if user ssquid exists ... ssquid exists
Granting ownersip of INSTANCE_DIR /opt/safesquid/safesquid to ssquid:root/opt/safesquid/safesquid exists
Recursively enforcing the ownership of ssquid:root on /opt/safesquid/safesquid
changed ownership of `/opt/safesquid/safesquid/contrib/safesquid.monit' to ssquid:root
changed ownership of `/opt/safesquid/safesquid/safesquid' to ssquid:root
changed ownership of `/opt/safesquid/safesquid/adjust.sh' to ssquid:root
changed ownership of `/opt/safesquid/safesquid/logs' to ssquid:root
Checking if TMPDRV exists/tmp/safesquid exists
Recursively enforcing the CHMOD to 644 on /tmp/safesquid
mode of `/tmp/safesquid' changed to 0644 (rw-r--r--)
mode of `/tmp/safesquid/lost+found' changed to 0644 (rw-r--r--)
Recursively enforcing the ownership of ssquid:root on /tmp/safesquid
Searching for the executable binary in /opt/safesquid ... Success!
Validating if /opt/safesquid/bin/safesquid exists ... Success!
Composite Edition for 20 users - VERSION - 4.2.2.RC7 - BUILD - 1201611616
Validating if /opt/safesquid/bin/section.xml exists ... Success!
But ssquid cannot read it.
Setting the soft-link for safesquid ... success!
Validating if /opt/safesquid/safesquid/config.xml exists ... Success!
But ssquid cannot read it.
Setting the soft-link in the RC_DIR /etc/init.d
/opt/safesquid/safesquid/init.d/init.file
... Success!
Checking Content Cache Store directories
/var/cache/safesquid/ set as Cache stores in /opt/safesquid/safesquid/config.xml
This can take a lot of time, press "s" if you wish to skip this check
Press any other key to continue checking this
/var/cache/safesquid/ exists
Recursively enforcing the CHMOD to 764 on /var/cache/safesquid/
Recursively enforcing the ownership of ssquid:root on /var/cache/safesquid/
Checking Log Directories
/var/log/safesquid/safesquid/ exists
Recursively enforcing the CHMOD to 777 on /var/log/safesquid/safesquid/
mode of `/var/log/safesquid/safesquid/' changed to 0777 (rwxrwxrwx)
mode of `/var/log/safesquid/safesquid/native' changed to 0777 (rwxrwxrwx)
mode of `/var/log/safesquid/safesquid/access' changed to 0777 (rwxrwxrwx)
mode of `/var/log/safesquid/safesquid/extended' changed to 0777 (rwxrwxrwx)
mode of `/var/log/safesquid/safesquid/stats' changed to 0777 (rwxrwxrwx)
mode of `/var/log/safesquid/safesquid/stats/stats' changed to 0777 (rwxrwxrwx)
Recursively enforcing the ownership of ssquid:root on /var/log/safesquid/safesquid/
Creating a soft-link for /var/log/safesquid/safesquid/ to /opt/safesquid/safesquid/logs ... Success!
The Log files will now be physically created at respective folders in /var/log/safesquid/safesquid/, but can be referenced at /opt/safesquid/safesquid/logs
/opt/safesquid/safesquid/logs/native exists
Recursively enforcing the CHMOD to 777 on /opt/safesquid/safesquid/logs/native
Recursively enforcing the ownership of ssquid:root on /opt/safesquid/safesquid/logs/native
/opt/safesquid/safesquid/logs/access exists
Recursively enforcing the CHMOD to 777 on /opt/safesquid/safesquid/logs/access
Recursively enforcing the ownership of ssquid:root on /opt/safesquid/safesquid/logs/access
/opt/safesquid/safesquid/logs/extended exists
Recursively enforcing the CHMOD to 777 on /opt/safesquid/safesquid/logs/extended
Recursively enforcing the ownership of ssquid:root on /opt/safesquid/safesquid/logs/extended
/opt/safesquid/safesquid/logs/stats exists
Recursively enforcing the CHMOD to 777 on /opt/safesquid/safesquid/logs/stats
Recursively enforcing the ownership of ssquid:root on /opt/safesquid/safesquid/logs/stats
Checking PID directory
/opt/safesquid/safesquid/run exists
Recursively enforcing the CHMOD to 777 on /opt/safesquid/safesquid/run
mode of `/opt/safesquid/safesquid/run' changed to 0777 (rwxrwxrwx)
Recursively enforcing the ownership of ssquid:root on /opt/safesquid/safesquid/run
Checking Temp directory
/tmp/safesquid exists
Recursively enforcing the CHMOD to 777 on /tmp/safesquid
mode of `/tmp/safesquid' changed to 0777 (rwxrwxrwx)
mode of `/tmp/safesquid/lost+found' changed to 0777 (rwxrwxrwx)
Recursively enforcing the ownership of ssquid:root on /tmp/safesquid
Mounting RamDisk
/dev/ram1 on /tmp/safesquid type ext2 (rw)
Checking PAM configuration file
If /etc/pam.d/safesquid does not exist we will soft-link /opt/safesquid/safesquid/pam.d/pam.conf to /etc/pam.d/safesquid
/etc/pam.d/safesquid ... found!
... done
Checking for Monit Configuration Includes directory ... /etc/monit.d found
Creating Include file for MONIT ... Success!
Removing the stale PIDFILE: /opt/safesquid/safesquid/run/safesquid.pid ... Done


I could not figure out anything from this either :-( Please share if you found anything.

zenny
zenny
 
Posts: 8
Joined: Tue Apr 15, 2008 5:51 pm

Re: Getting Ready for SafeSquid 4.2.1

Postby sachin » Fri Apr 18, 2008 8:31 pm

There is definitely some permission problem.
Check these lines -

Checking if group root exists ... Failure!

Validating if /opt/safesquid/bin/section.xml exists ... Success!
But ssquid cannot read it.

Validating if /opt/safesquid/safesquid/config.xml exists ... Success!
But ssquid cannot read it.
sachin
 

Re: Getting Ready for SafeSquid 4.2.1

Postby zenny » Tue Apr 22, 2008 3:04 pm

sachin";p="8904 wrote:There is definitely some permission problem.
Check these lines -

Checking if group root exists ... Failure!

Validating if /opt/safesquid/bin/section.xml exists ... Success!
But ssquid cannot read it.

Validating if /opt/safesquid/safesquid/config.xml exists ... Success!
But ssquid cannot read it.



The group root exists: /etc/group has the first line:
root:x:0:root,ssquid


I have manually chmod the two xml files to 777, yet the problem persists.
zenny
 
Posts: 8
Joined: Tue Apr 15, 2008 5:51 pm

Next

Return to Latest Releases

Who is online

Users browsing this forum: No registered users and 1 guest

cron