Cвязка SQUID+REJIK - шибка в логе SQUID

Обсуждение программы редиректора
wary
Сообщения: 9
Зарегистрирован: Чт фев 05, 2009 15:44

Cвязка SQUID+REJIK - шибка в логе SQUID

Сообщение wary »

ОС: FreeBSD 7.0-RELEASE
squid-2.7.5
redirector-3.2.1


Пытаюсь подключить РЕЖИК к сквиду, в результате чего в сквиде в логе caсhe.log вываливается следующее
====
Squid Cache (Version 2.7.STABLE5): Terminated abnormally.
CPU Usage: 0.152 seconds = 0.051 user + 0.101 sys
Maximum Resident Size: 7076 KB
Page faults with physical i/o: 0
2009/02/04 14:29:13| Starting Squid Cache version 2.7.STABLE5 for i386-portbld-freebsd7.0...
2009/02/04 14:29:13| Process ID 5911
2009/02/04 14:29:13| With 3117 file descriptors available
2009/02/04 14:29:13| Using kqueue for the IO loop
2009/02/04 14:29:13| Performing DNS Tests...
2009/02/04 14:29:13| Successful DNS name lookup tests...
2009/02/04 14:29:13| helperOpenServers: Starting 5 'dnsserver' processes
2009/02/04 14:29:13| helperOpenServers: Starting 5 '' processes
2009/02/04 14:29:13| ipcCreate: /usr/local/rejik3/: (13) Permission denied
2009/02/04 14:29:13| ipcCreate: /usr/local/rejik3/: (13) Permission denied
2009/02/04 14:29:13| ipcCreate: /usr/local/rejik3/: (13) Permission denied
2009/02/04 14:29:13| ipcCreate: /usr/local/rejik3/: (13) Permission denied
2009/02/04 14:29:13| helperStatefulOpenServers: Starting 5 'ntlm_auth' processes
2009/02/04 14:29:13| ipcCreate: /usr/local/rejik3/: (13) Permission denied
2009/02/04 14:29:13| helperOpenServers: Starting 5 'ntlm_auth' processes
2009/02/04 14:29:14| logfileOpen: opening log /usr/local/squid/logs/access.log
2009/02/04 14:29:14| Unlinkd pipe opened on FD 31
2009/02/04 14:29:14| Swap maxSize 102400 + 8192 KB, estimated 0 objects
2009/02/04 14:29:14| Target number of buckets: 425
2009/02/04 14:29:14| Using 8192 Store buckets
2009/02/04 14:29:14| Max Mem size: 8192 KB
2009/02/04 14:29:14| Max Swap size: 102400 KB
2009/02/04 14:29:14| logfileOpen: opening log /usr/local/squid/logs/store.log
2009/02/04 14:29:14| Rebuilding storage in /usr/local/squid/cache (DIRTY)
2009/02/04 14:29:14| Using Least Load store dir selection
2009/02/04 14:29:14| Set Current Directory to /usr/local/squid/cache
2009/02/04 14:29:14| Loaded Icons.
2009/02/04 14:30:10| Accepting proxy HTTP connections at 0.0.0.0, port 3128, FD 33.
2009/02/04 14:30:10| Accepting ICP messages at 0.0.0.0, port 3130, FD 34.
2009/02/04 14:30:10| WCCP Disabled.
2009/02/04 14:30:10| Ready to serve requests.
2009/02/04 14:30:10| WARNING: url_rewriter #1 (FD 12) exited
2009/02/04 14:30:10| WARNING: url_rewriter #2 (FD 13) exited
2009/02/04 14:30:10| WARNING: url_rewriter #3 (FD 14) exited
2009/02/04 14:30:10| Too few url_rewriter processes are running
2009/02/04 14:30:10| Starting new helpers
2009/02/04 14:30:10| helperOpenServers: Starting 5 '' processes
2009/02/04 14:30:10| ipcCreate: /usr/local/rejik3/: (13) Permission denied
2009/02/04 14:30:10| ipcCreate: /usr/local/rejik3/: (13) Permission denied
2009/02/04 14:30:10| ipcCreate: /usr/local/rejik3/: (13) Permission denied
2009/02/04 14:30:10| ipcCreate: /usr/local/rejik3/: (13) Permission denied
2009/02/04 14:30:10| ipcCreate: /usr/local/rejik3/: (13) Permission denied
2009/02/04 14:30:10| WARNING: url_rewriter #4 (FD 15) exited
2009/02/04 14:30:10| WARNING: url_rewriter #5 (FD 16) exited
2009/02/04 14:30:10| WARNING: url_rewriter #1 (FD 12) exited
2009/02/04 14:30:10| WARNING: url_rewriter #2 (FD 13) exited
2009/02/04 14:30:10| WARNING: url_rewriter #3 (FD 35) exited
2009/02/04 14:30:10| Too few url_rewriter processes are running
FATAL: The url_rewriter helpers are crashing too rapidly, need help!

===

Вот какие права стоят на /usr/local/rejik3/

squid:squid 40774

Также пробовал ставить права 775, 755, 777 - НЕПОМОГАЕТ!

помогите разобраться!

Slava
Site Admin
Сообщения: 2251
Зарегистрирован: Пт апр 02, 2004 12:34
Контактная информация:

Сообщение Slava »

1. Покажите строчку, как режик прописан в сквиде
2. Что говорит check-redirector?

wary
Сообщения: 9
Зарегистрирован: Чт фев 05, 2009 15:44

Сообщение wary »

# TAG: url_rewrite_program
# Specify the location of the executable for the URL rewriter.
# Since they can perform almost any function there isn't one included.
#
# For each requested URL rewriter will receive on line with the format
#
# URL <SP> client_ip "/" fqdn <SP> user <SP> method <SP> urlgroup
# [<SP> kvpairs] <NL>
#
# In the future, the rewriter interface will be extended with
# key=value pairs ("kvpairs" shown above). Rewriter programs
# should be prepared to receive and possibly ignore additional
# whitespace-separated tokens on each input line.
#
# And the rewriter may return a rewritten URL. The other components of
# the request line does not need to be returned (ignored if they are).
#
# The rewriter can also indicate that a client-side redirect should
# be performed to the new URL. This is done by prefixing the returned
# URL with "301:" (moved permanently) or 302: (moved temporarily).
#
# It can also return a "urlgroup" that can subsequently be matched
# in cache_peer_access and similar ACL driven rules. An urlgroup is
# returned by prefixing the returned URL with "!urlgroup!".
#
# By default, a URL rewriter is not used.
#
#Default:
# none
url_rewrite_program /usr/local/rejik3/ /usr/local/rejik3/redirector.conf


# ./check-redirector
This account is currently not available.

Slava
Site Admin
Сообщения: 2251
Зарегистрирован: Пт апр 02, 2004 12:34
Контактная информация:

Сообщение Slava »

wary писал(а): url_rewrite_program /usr/local/rejik3/ /usr/local/rejik3/redirector.conf
url_rewrite_program /usr/local/rejik3/redirector /usr/local/rejik3/redirector.conf

wary
Сообщения: 9
Зарегистрирован: Чт фев 05, 2009 15:44

Сообщение wary »

огромнейшее СПАСИБО! заработало!

wary
Сообщения: 9
Зарегистрирован: Чт фев 05, 2009 15:44

Сообщение wary »

скажите, о чем говорит это предупреждение?

2009/02/05 15:31:23| WARNING: url_rewriter #4 (FD 14) exited
2009/02/05 15:31:23| WARNING: url_rewriter #5 (FD 15) exited
2009/02/05 15:31:23| WARNING: url_rewriter #1 (FD 11) exited
2009/02/05 15:31:23| WARNING: url_rewriter #2 (FD 12) exited
2009/02/05 15:31:23| WARNING: url_rewriter #3 (FD 34) exited
2009/02/05 15:31:23| Too few url_rewriter processes are running

Slava
Site Admin
Сообщения: 2251
Зарегистрирован: Пт апр 02, 2004 12:34
Контактная информация:

Сообщение Slava »

Это значит, что процессы режика были завершены или не запущены.

wary
Сообщения: 9
Зарегистрирован: Чт фев 05, 2009 15:44

Сообщение wary »

как я понимаю, это значит что режик не работает? подскажите в каком направлении копать :?

wary
Сообщения: 9
Зарегистрирован: Чт фев 05, 2009 15:44

Сообщение wary »

в логе режика валятся вот такие ошибки

====
2009-02-05 15:56:10 [1974] MAKE-CACHE: ERROR: Can't open file /usr/local/rejik3/banlists/banners/lock.file: Permission denied

2009-02-05 15:56:10 [1974] Waiting for make-cache finished
2009-02-05 15:56:10 [1974] MAKE-CACHE: ERROR: fcntl return error: Bad file descriptor
2009-02-05 15:56:10 [1975] MAKE-CACHE: ERROR: Can't open file /usr/local/rejik3/banlists/banners/lock.file: Permission denied

2009-02-05 15:56:10 [1975] Waiting for make-cache finished
2009-02-05 15:56:10 [1975] MAKE-CACHE: ERROR: fcntl return error: Bad file descriptor
2009-02-05 15:56:10 [1976] MAKE-CACHE: ERROR: Can't open file /usr/local/rejik3/banlists/banners/lock.file: Permission denied

2009-02-05 15:56:10 [1976] Waiting for make-cache finished
2009-02-05 15:56:10 [1976] MAKE-CACHE: ERROR: fcntl return error: Bad file descriptor
2009-02-05 15:56:10 [1977] MAKE-CACHE: ERROR: Can't open file /usr/local/rejik3/banlists/banners/lock.file: Permission denied

2009-02-05 15:56:10 [1977] Waiting for make-cache finished
2009-02-05 15:56:10 [1977] MAKE-CACHE: ERROR: fcntl return error: Bad file descriptor
2009-02-05 15:56:10 [1978] MAKE-CACHE: ERROR: Can't open file /usr/local/rejik3/banlists/banners/lock.file: Permission denied

2009-02-05 15:56:10 [1978] Waiting for make-cache finished
2009-02-05 15:56:10 [1978] MAKE-CACHE: ERROR: fcntl return error: Bad file descriptor
2009-02-05 15:56:15 [2005] MAKE-CACHE: ERROR: Can't open file /usr/local/rejik3/banlists/banners/lock.file: Permission denied

2009-02-05 15:56:15 [2005] Waiting for make-cache finished
2009-02-05 15:56:15 [2005] MAKE-CACHE: ERROR: fcntl return error: Bad file descriptor
2009-02-05 15:56:15 [2004] MAKE-CACHE: ERROR: Can't open file /usr/local/rejik3/banlists/banners/lock.file: Permission denied

2009-02-05 15:56:15 [2004] Waiting for make-cache finished
2009-02-05 15:56:15 [2004] MAKE-CACHE: ERROR: fcntl return error: Bad file descriptor
2009-02-05 15:56:15 [2006] MAKE-CACHE: ERROR: Can't open file /usr/local/rejik3/banlists/banners/lock.file: Permission denied

2009-02-05 15:56:15 [2006] Waiting for make-cache finished
2009-02-05 15:56:15 [2006] MAKE-CACHE: ERROR: fcntl return error: Bad file descriptor
2009-02-05 15:56:15 [2007] MAKE-CACHE: ERROR: Can't open file /usr/local/rejik3/banlists/banners/lock.file: Permission denied

2009-02-05 15:56:15 [2007] Waiting for make-cache finished
2009-02-05 15:56:15 [2007] MAKE-CACHE: ERROR: fcntl return error: Bad file descriptor
2009-02-05 15:56:15 [2008] MAKE-CACHE: ERROR: Can't open file /usr/local/rejik3/banlists/banners/lock.file: Permission denied

2009-02-05 15:56:15 [2008] Waiting for make-cache finished
2009-02-05 15:56:15 [2008] MAKE-CACHE: ERROR: fcntl return error: Bad file descriptor
2009-02-05 15:56:20 [2029] MAKE-CACHE: ERROR: Can't open file /usr/local/rejik3/banlists/banners/lock.file: Permission denied

2009-02-05 15:56:20 [2029] Waiting for make-cache finished
2009-02-05 15:56:20 [2029] MAKE-CACHE: ERROR: fcntl return error: Bad file descriptor
2009-02-05 15:56:20 [2030] MAKE-CACHE: ERROR: Can't open file /usr/local/rejik3/banlists/banners/lock.file: Permission denied

2009-02-05 15:56:20 [2030] Waiting for make-cache finished
2009-02-05 15:56:20 [2030] MAKE-CACHE: ERROR: fcntl return error: Bad file descriptor
2009-02-05 15:56:20 [2031] MAKE-CACHE: ERROR: Can't open file /usr/local/rejik3/banlists/banners/lock.file: Permission denied

2009-02-05 15:56:20 [2031] Waiting for make-cache finished
2009-02-05 15:56:20 [2031] MAKE-CACHE: ERROR: fcntl return error: Bad file descriptor
2009-02-05 15:56:20 [2032] MAKE-CACHE: ERROR: Can't open file /usr/local/rejik3/banlists/banners/lock.file: Permission denied

2009-02-05 15:56:20 [2032] Waiting for make-cache finished
2009-02-05 15:56:20 [2032] MAKE-CACHE: ERROR: fcntl return error: Bad file descriptor
2009-02-05 15:56:20 [2033] MAKE-CACHE: ERROR: Can't open file /usr/local/rejik3/banlists/banners/lock.file: Permission denied

2009-02-05 15:56:20 [2033] Waiting for make-cache finished
2009-02-05 15:56:20 [2033] MAKE-CACHE: ERROR: fcntl return error: Bad file descriptor

====

Права на /usr/local/rejik3/banlists/banners/lock.file: 777

Slava
Site Admin
Сообщения: 2251
Зарегистрирован: Пт апр 02, 2004 12:34
Контактная информация:

Сообщение Slava »

Дайте права пользователю режика создавать файлы в папке /usr/local/rejik3/banlists/banners

wary
Сообщения: 9
Зарегистрирован: Чт фев 05, 2009 15:44

Сообщение wary »

права раздал, лог ошибок режика - пустой, но в логе сквида по прежнему осталось WARNING: url_rewriter #1 (FD 11) exited

Slava
Site Admin
Сообщения: 2251
Зарегистрирован: Пт апр 02, 2004 12:34
Контактная информация:

Сообщение Slava »


wary
Сообщения: 9
Зарегистрирован: Чт фев 05, 2009 15:44

Сообщение wary »

========
# Запускаем check-redirector из папки tools, читаем логи редиректора.

Если check-redirector выдает "This account is currently not available.", то это означает, что в Вашей системе, в целях безопасности, у пользователя сквида отсутствует шел. Вы можете или пропустить шаг тестирования или прописать шел на время тестирования:

Шел обычно прописан в /etc/passwd, например:
slava:x:1000:100::/home/slava:/bin/bash

/bin/bash - шел

у Вас наверное что-то вроде
squid:x:1008:100:::/bin/false

замените /bin/false на /bin/bash на время тестирования.
========
1. У меня в passwd не /bin/false а usr/sbin/nologin (squid:*:100:100:Squid caching-proxy pseudo user:/usr/local/squid:/usr/sbin/nologin). Как правильно мне поменять строчку?
2. После тестирования строчку вернуть как была?

Slava
Site Admin
Сообщения: 2251
Зарегистрирован: Пт апр 02, 2004 12:34
Контактная информация:

Сообщение Slava »

Замените /usr/sbin/nologin на то, что написано у пользователя root (скорее всего /bin/bash)

fortune
Сообщения: 2
Зарегистрирован: Чт фев 05, 2009 19:12

Сообщение fortune »

Здраствуйте! вобщем у меня аналогичная проблема - режик выдает ошибку:
2009/02/05 18:34:31| WARNING: url_rewriter #1 (FD 12) exited
2009/02/05 18:34:31| WARNING: url_rewriter #2 (FD 13) exited
2009/02/05 18:34:31| WARNING: url_rewriter #3 (FD 14) exited
2009/02/05 18:34:31| Too few url_rewriter processes are running
FATAL: The url_rewriter helpers are crashing too rapidly, need help!
============================================
check-redirector выдает "This account is currently not available." хотя по совету Slava менял шелл на рутовый.В сквиде строчка url_rewrite_program /usr/local/rejik3/redirector /usr/local/rejik3/redirector.conf - тоже правильная,на папку rejik3 дал доступ 777,но ничего не помогает =((((

Ответить