Squid3-ログファイルを書き込めません
新しくインストールしたsquid(Linux ubuntu-server 4.13.0-36-genericのSquid 3.5.27)の起動に問題があります。取得し続ける:
$ squid
WARNING: Cannot write log file: /var/log/squid/cache.log
/var/log/squid/cache.log: Permission denied
messages will be sent to 'stderr'.
許可を次のように変更しました(コメントによる)。
$ Sudo chmod 644 /var/log/squid/cache.log
$ namei -l /var/log/squid/cache.log
f: /var/log/squid/cache.log
drwxr-xr-x root root /
drwxr-xr-x root root var
drwxrwxr-x root syslog log
drwxr-xr-x proxy proxy squid
-rw-r--r-- 755 proxy cache.log
ユーザーproxyは正しいですか?いくつかの投稿でユーザーsquidが参照されていますが、サーバー/ etc/passwdでは、ユーザーproxyのみが表示されています。変更後、デバッグオプションを使用してsquidを実行します。
$ squid -NCd1
WARNING: Cannot write log file: /var/log/squid/cache.log
/var/log/squid/cache.log: Permission denied
messages will be sent to 'stderr'.
2018/03/14 13:55:57| Set Current Directory to /var/cache/squid
WARNING: Cannot write log file: /var/log/squid/cache.log
/var/log/squid/cache.log: Permission denied
messages will be sent to 'stderr'.
2018/03/14 13:55:57| WARNING: Closing open FD 2
2018/03/14 13:55:57| Starting Squid Cache version 3.5.27 for x86_64-pc-linux-gnu...
2018/03/14 13:55:57| Service Name: squid
2018/03/14 13:55:57| Process ID 4200
2018/03/14 13:55:57| Process Roles: master worker
2018/03/14 13:55:57| With 1024 file descriptors available
2018/03/14 13:55:57| Initializing IP Cache...
2018/03/14 13:55:57| DNS Socket created at [::], FD 8
2018/03/14 13:55:57| DNS Socket created at 0.0.0.0, FD 9
2018/03/14 13:55:57| Adding nameserver 127.0.0.53 from /etc/resolv.conf
2018/03/14 13:55:57| Adding domain WORKGROUP from /etc/resolv.conf
2018/03/14 13:55:57| Logfile: opening log daemon:/var/log/squid/access.log
2018/03/14 13:55:57| Logfile Daemon: opening log /var/log/squid/access.log
2018/03/14 13:55:57| WARNING: no_suid: setuid(0): (1) Operation not permitted
2018/03/14 13:55:57| Store logging disabled
2018/03/14 13:55:57| Swap maxSize 0 + 262144 KB, estimated 20164 objects
2018/03/14 13:55:57| Target number of buckets: 1008
2018/03/14 13:55:57| Using 8192 Store buckets
2018/03/14 13:55:57| Max Mem size: 262144 KB
2018/03/14 13:55:57| Max Swap size: 0 KB
2018/03/14 13:55:57| Using Least Load store dir selection
2018/03/14 13:55:57| Set Current Directory to /var/cache/squid
2018/03/14 13:55:57| Finished loading MIME types and icons.
2018/03/14 13:55:57| HTCP Disabled.
fopen: Permission denied
2018/03/14 13:55:57| WARNING: no_suid: setuid(0): (1) Operation not permitted
2018/03/14 13:55:57| Pinger socket opened on FD 16
2018/03/14 13:55:57| /var/run/squid.pid: (13) Permission denied
2018/03/14 13:55:57| Closing HTTP port [::]:3128
2018/03/14 13:55:57| Closing HTTPS port [::]:3130
FATAL: Could not write pid file
Squid Cache (Version 3.5.27): Terminated abnormally.
CPU Usage: 0.034 seconds = 0.022 user + 0.011 sys
Maximum Resident Size: 76608 KB
Page faults with physical i/o: 0
2018/03/14 13:55:57| pinger: Initialising ICMP pinger ...
2018/03/14 13:55:57| icmp_sock: (1) Operation not permitted
2018/03/14 13:55:57| pinger: Unable to start ICMP pinger.
2018/03/14 13:55:57| icmp_sock: (1) Operation not permitted
2018/03/14 13:55:57| pinger: Unable to start ICMPv6 pinger.
2018/03/14 13:55:57| FATAL: pinger: Unable to open any ICMP sockets.
Aborted (core dumped)
(コメントごとに)デバッグにプロキシユーザーを使用すると、次のようになります。
$ Sudo -u proxy squid -NCd1
2018/03/14 16:00:50| Set Current Directory to /var/cache/squid
2018/03/14 16:00:50| Starting Squid Cache version 3.5.27 for x86_64-pc-linux-gnu...
2018/03/14 16:00:50| Service Name: squid
2018/03/14 16:00:50| Process ID 4468
2018/03/14 16:00:50| Process Roles: master worker
2018/03/14 16:00:50| With 1024 file descriptors available
2018/03/14 16:00:50| Initializing IP Cache...
2018/03/14 16:00:50| DNS Socket created at [::], FD 9
2018/03/14 16:00:50| DNS Socket created at 0.0.0.0, FD 10
2018/03/14 16:00:50| Adding nameserver 127.0.0.53 from /etc/resolv.conf
2018/03/14 16:00:50| Adding domain WORKGROUP from /etc/resolv.conf
2018/03/14 16:00:50| Logfile: opening log daemon:/var/log/squid/access.log
2018/03/14 16:00:50| Logfile Daemon: opening log /var/log/squid/access.log
2018/03/14 16:00:50| WARNING: no_suid: setuid(0): (1) Operation not permitted
2018/03/14 16:00:50| Store logging disabled
2018/03/14 16:00:50| Swap maxSize 0 + 262144 KB, estimated 20164 objects
2018/03/14 16:00:50| Target number of buckets: 1008
2018/03/14 16:00:50| Using 8192 Store buckets
2018/03/14 16:00:50| Max Mem size: 262144 KB
2018/03/14 16:00:50| Max Swap size: 0 KB
2018/03/14 16:00:50| Using Least Load store dir selection
2018/03/14 16:00:50| Set Current Directory to /var/cache/squid
2018/03/14 16:00:50| Finished loading MIME types and icons.
2018/03/14 16:00:50| HTCP Disabled.
2018/03/14 16:00:50| WARNING: no_suid: setuid(0): (1) Operation not permitted
2018/03/14 16:00:50| Pinger socket opened on FD 17
2018/03/14 16:00:50| /var/run/squid.pid: (13) Permission denied
2018/03/14 16:00:50| Closing HTTP port [::]:3128
2018/03/14 16:00:50| Closing HTTPS port [::]:3130
FATAL: Could not write pid file
Aborted
Chownプロキシでsquid.pidを追加すると、実行中のsquidが得られます。
$ Sudo -u proxy squid -NCd1
2018/03/14 16:10:54| Set Current Directory to /var/cache/squid
2018/03/14 16:10:54| Starting Squid Cache version 3.5.27 for x86_64-pc-linux-gnu...
2018/03/14 16:10:54| Service Name: squid
2018/03/14 16:10:54| Process ID 4520
2018/03/14 16:10:54| Process Roles: master worker
2018/03/14 16:10:54| With 1024 file descriptors available
2018/03/14 16:10:54| Initializing IP Cache...
2018/03/14 16:10:54| DNS Socket created at [::], FD 9
2018/03/14 16:10:54| DNS Socket created at 0.0.0.0, FD 10
2018/03/14 16:10:54| Adding nameserver 127.0.0.53 from /etc/resolv.conf
2018/03/14 16:10:54| Adding domain WORKGROUP from /etc/resolv.conf
2018/03/14 16:10:54| Logfile: opening log daemon:/var/log/squid/access.log
2018/03/14 16:10:54| Logfile Daemon: opening log /var/log/squid/access.log
2018/03/14 16:10:54| WARNING: no_suid: setuid(0): (1) Operation not permitted
2018/03/14 16:10:54| Store logging disabled
2018/03/14 16:10:54| Swap maxSize 0 + 262144 KB, estimated 20164 objects
2018/03/14 16:10:54| Target number of buckets: 1008
2018/03/14 16:10:54| Using 8192 Store buckets
2018/03/14 16:10:54| Max Mem size: 262144 KB
2018/03/14 16:10:54| Max Swap size: 0 KB
2018/03/14 16:10:54| Using Least Load store dir selection
2018/03/14 16:10:54| Set Current Directory to /var/cache/squid
2018/03/14 16:10:54| Finished loading MIME types and icons.
2018/03/14 16:10:54| HTCP Disabled.
2018/03/14 16:10:54| WARNING: no_suid: setuid(0): (1) Operation not permitted
2018/03/14 16:10:54| Pinger socket opened on FD 17
2018/03/14 16:10:54| Squid plugin modules loaded: 0
2018/03/14 16:10:54| Adaptation support is off.
2018/03/14 16:10:54| Accepting SSL bumped HTTP Socket connections at local=[::]:3128 remote=[::] FD 14 flags=9
2018/03/14 16:10:54| Accepting NAT intercepted SSL bumped HTTPS Socket connections at local=[::]:3130 remote=[::] FD 15 flags=41
2018/03/14 16:10:55| storeLateRelease: released 0 objects
コメントごとに編集。
chown 755 ... chmod 755を意味したのですか?ファイルの所有者をID 755のユーザーに設定します(おそらく、そのようなユーザーはいないでしょう)。 proxyユーザーが所有するように戻す:
Sudo chown proxy /var/log/squid/cache.log
また、ログファイルには実行権限は必要ありません。 chmod 644で十分です。