[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: seLinux, Squid and adzap

On Sun, 2005-10-07 at 12:15 -0400, David Niemi wrote:
> I am trying to get squid to run as an accelerator and also do ad zapping
> with Cameron Simpson's AdZap routine. I am getting lots of SELinux
> errors for the zapping script to be run by squid and also that squid do
> something with swap.state and swap log
> setting the SELinux protection off for squid still results in the error
> about the swap.state and swap log.
> so it seems that I need to change something with the SELinux context for
> squid and the adzap scripts but have no real idea how to go about.  I
> tried relabeling but that didn't do it.
 < SNIP >
> 2005/07/10 11:33:21| /var/spool/squid/swap.state: (13) Permission denied
> FATAL: storeUfsDirOpenSwapLog: Failed to open swap log.
> Squid Cache (Version 2.5.STABLE9): Terminated abnormally.

Some searching with google revealed that the swap.state is not owned by
squid but by root. I did a chown squid:squid /var/spool/squid/swap.state
and now squid starts.

For the AdZap files:
> [root rhonda bin]# ls -alZ
> drwxr-xr-x  root     root     system_u:object_r:bin_t   .
> drwxr-xr-x  root     root     system_u:object_r:usr_t   ..
> -rwxr-xr-x  root     root     system_u:object_r:bin_t   squid_redirect
> -rwxr-xr-x  root     root     system_u:object_r:bin_t   wrapzap

Should these be owned by squid also or ?

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]