Re: [squid-users] Need assistance debugging Squid error: ssl_ctrd helpers crashing too quickly

Hi guys, You got so close but not quite. Rohit; * check your running Squid to see what user account it is using. You should not need to configure the effective user explicitly (unless it is that 'nobody' account - best prevent that account from playing with cert creation). * Remove the ss

Re: [squid-users] ipcCreate: fork: (12) Cannot allocate memory

Ok, thanks i grow the swap [root@squid /]# free -h totalusedfree shared buff/cache available Mem: 3,7G1,0G117M 29M2,6G 2,4G Swap: 6,0G124M5,9G related to swappiness what would be a go

Re: [squid-users] squid-users Digest, Vol 37, Issue 30

gt;>>>>>>> >>>>>>>> Should be (on my setups): >>>>>>>> >>>>>>>> # ls -al /var/lib/ssl_db >>>>>>>> total 326 >>>>>>>> drwxr-xr-x 3 squid squid 5 Sep 5 00:53 . >>>>>>>> drwxr-xr-x 8 root oth

Re: [squid-users] Need assistance debugging Squid error: ssl_ctrd helpers crashing too quickly

Everything happens once for the first time;) 12.09.2017 2:18, Rohit Sodhia пишет: > Ok. Looks like 3.5.20 is the latest on the yum repo I'm using, so > guess I'll have to learn how to compile it myself; never compiled a > package before. > > On Mon, Sep 11, 2017 at 4:17 PM, Yuri

Re: [squid-users] Need assistance debugging Squid error: ssl_ctrd helpers crashing too quickly

Ok. Looks like 3.5.20 is the latest on the yum repo I'm using, so guess I'll have to learn how to compile it myself; never compiled a package before. On Mon, Sep 11, 2017 at 4:17 PM, Yuri wrote: > Hardly, > > most probably something in repo's package. However, upgrade is always > recommended, es

Re: [squid-users] Need assistance debugging Squid error: ssl_ctrd helpers crashing too quickly

Hardly, most probably something in repo's package. However, upgrade is always recommended, especially with modern functionality. It changes fast enough. 12.09.2017 2:15, Rohit Sodhia пишет: > Ah. I'm on 3.5.20; not sure how far back that is. Is that the core of > the problem? > > On Mon, Sep 11,

Re: [squid-users] Need assistance debugging Squid error: ssl_ctrd helpers crashing too quickly

Ah. I'm on 3.5.20; not sure how far back that is. Is that the core of the problem? On Mon, Sep 11, 2017 at 4:07 PM, Yuri wrote: > Seems latest 4.0.21 is good enough. Most critical SSL-related bugs almost > closed or closed. > > At least latest 3.5.27 is released. AFAIK this is minimum to problem

Re: [squid-users] Need assistance debugging Squid error: ssl_ctrd helpers crashing too quickly

Seems latest 4.0.21 is good enough. Most critical SSL-related bugs almost closed or closed. At least latest 3.5.27 is released. AFAIK this is minimum to problem-free running. Repositories software sometimes has strange quirks, or sometimes rancid. 12.09.2017 2:05, Rohit Sodhia пишет: > I'll try

Re: [squid-users] Need assistance debugging Squid error: ssl_ctrd helpers crashing too quickly

I'll try to find it, but I read a few articles/SO questions that suggested there were bugs in 4 relating to SSL bumping? If they were wrong, I'd be glad to go forward. Should I be removing the yum squid package and compile my own? Is 3.5 problematic besides being old? On Mon, Sep 11, 2017 at 4:02

Re: [squid-users] Need assistance debugging Squid error: ssl_ctrd helpers crashing too quickly

Wait. Squid 3.5.20? So ancient? 12.09.2017 1:58, Rohit Sodhia пишет: > sslcrtd_program /usr/lib64/squid/ssl_crtd -s /var/lib/ssl_db -M 4MB > > I used the line from the Stack Overflow question I linked earlier. > > On Mon, Sep 11, 2017 at 3:41 PM, Yuri > wrote: > > W

Re: [squid-users] Need assistance debugging Squid error: ssl_ctrd helpers crashing too quickly

sslcrtd_program /usr/lib64/squid/ssl_crtd -s /var/lib/ssl_db -M 4MB I used the line from the Stack Overflow question I linked earlier. On Mon, Sep 11, 2017 at 3:41 PM, Yuri wrote: > Well. Let's check more deep. > > Show me parameter sslcrtd_program in your squid.conf > > 12.09.2017 1:23, Rohit

Re: [squid-users] Need assistance debugging Squid error: ssl_ctrd helpers crashing too quickly

Well. Let's check more deep. Show me parameter sslcrtd_program in your squid.conf 12.09.2017 1:23, Rohit Sodhia пишет: > Unfortunately, no luck yet. Thank you again for your help before. > > I found that the user squid and group squid existed already, so I added > > cache_effective_user squid >

Re: [squid-users] Need assistance debugging Squid error: ssl_ctrd helpers crashing too quickly

Unfortunately, no luck yet. Thank you again for your help before. I found that the user squid and group squid existed already, so I added cache_effective_user squid cache_effective_group squid to my config (first two lines), made sure /var/lib/ssl_db and it's contents were set to squid:squid and

Re: [squid-users] Need assistance debugging Squid error: ssl_ctrd helpers crashing too quickly

I'll try that immediately, thanks! I appreciate all your advice; hopefully I won't have to reach out again :p On Mon, Sep 11, 2017 at 2:39 PM, Yuri wrote: > I'm not Linux fanboy, but modern squid never runs as root. So, most > probably it runs as nobody user. > > Ah, yes: > > # TAG: cache_effec

Re: [squid-users] Need assistance debugging Squid error: ssl_ctrd helpers crashing too quickly

I'm not Linux fanboy, but modern squid never runs as root. So, most probably it runs as nobody user. Ah, yes: #  TAG: cache_effective_user #    If you start Squid as root, it will change its effective/real #    UID/GID to the user specified below.  The default is to change #    to UID of nobody.

Re: [squid-users] Need assistance debugging Squid error: ssl_ctrd helpers crashing too quickly

Neither of those values are set in my config. Even though I'm not using squid for caching, I need those values? They aren't set in the default configs either. On Mon, Sep 11, 2017 at 2:33 PM, Yuri wrote: > Most probably you squid runs as another user than squid. > > Check your squid.conf for cac

Re: [squid-users] Need assistance debugging Squid error: ssl_ctrd helpers crashing too quickly

Most probably you squid runs as another user than squid. Check your squid.conf for cache_effective_user and cache_effective_group values. Then change SSL cache permissions to this values. Should work. 12.09.2017 0:30, Rohit Sodhia пишет: > Thanks for the feedback! I just used yum (it's a CentOS

Re: [squid-users] Need assistance debugging Squid error: ssl_ctrd helpers crashing too quickly

Thanks for the feedback! I just used yum (it's a CentOS 7 VB) and it set it up like that. I changed the owner and group to squid:squid and tried restarting squid, but still get the same errors. I thought to run the command again, but this time it says /usr/lib64/squid/ssl_crtd: Cannot create /var/

Re: [squid-users] Need assistance debugging Squid error: ssl_ctrd helpers crashing too quickly

Here you root of problem. Should be (on my setups): # ls -al /var/lib/ssl_db total 326 drwxr-xr-x 3 squid squid  5 Sep  5 00:53 . drwxr-xr-x 8 root  other  8 Sep  5 00:53 .. drwxr-xr-x 2 squid squid    454 Sep 11 23:37 certs -rw-r--r-- 1 squid squid 280575 Sep 11 23:37 index.txt -rw-r--r-

Re: [squid-users] Need assistance debugging Squid error: ssl_ctrd helpers crashing too quickly

total 8 drwxr-xr-x. 3 root root 48 Sep 11 12:42 . drwxr-xr-x. 32 root root 4096 Sep 11 12:42 .. drwxr-xr-x. 2 root root6 Sep 11 12:42 certs -rw-r--r--. 1 root root0 Sep 11 12:42 index.txt -rw-r--r--. 1 root root1 Sep 11 12:42 size On Mon, Sep 11, 2017 at 2:22 PM, Yuri wrote: >

Re: [squid-users] Need assistance debugging Squid error: ssl_ctrd helpers crashing too quickly

Show output of ls -al /var/lib/ssl_db 12.09.2017 0:21, Rohit Sodhia пишет: > Yes, but telling me it's crashing unfortunately doesn't help me figure > out why or how to fix it. I've run the command it suggests but it > doesn't help. I'm unfortunately not an ops guy familiar with this kind > of st

Re: [squid-users] Need assistance debugging Squid error: ssl_ctrd helpers crashing too quickly

Yes, but telling me it's crashing unfortunately doesn't help me figure out why or how to fix it. I've run the command it suggests but it doesn't help. I'm unfortunately not an ops guy familiar with this kind of stuff; I don't see anything on how to figure out what to do about it. On Mon, Sep 11, 2

Re: [squid-users] Need assistance debugging Squid error: ssl_ctrd helpers crashing too quickly

It tells you what's happens. 11.09.2017 23:50, Rohit Sodhia пишет: > (ssl_crtd): Uninitialized SSL certificate database directory: > /var/lib/ssl_db. To initialize, run "ssl_crtd -c -s /var/lib/ssl_db". signature.asc Description: OpenPGP digital signature _

[squid-users] Need assistance debugging Squid error: ssl_ctrd helpers crashing too quickly

I've been trying to setup a Squid box to bump SSL requests via the tutorial on the Squid site and https://stackoverflow.com/questions/34398484/can-i-use-squid-to-upgrade-client-tls-connections Unfortunately, when I run it, I get the following errors in my squid logs: Squid Cache (Version 3.5.20):

Re: [squid-users] squid cache takes a break

On 11/09/17 20:49, Vieri wrote: From: Amos Jeffries a) start fewer helpers at a time. b) reduce cache_mem. c) add concurrency support to the helpers. So I decreased the startup, idle, cache_mem values: # egrep 'startup=|idle=' squid.conf external_acl_type

Re: [squid-users] Http write cache

Thank you Amos for this enlightenment. I really do appreciate your help. I will stay with the reverse proxy configuration for our POC. We need more to cache the libraries data reads than the writes at the moment. And the next version of OneDrive client should help with the asynchronous writes. Sti

Re: [squid-users] squid cache takes a break

From: Amos Jeffries > > a) start fewer helpers at a time. > > b) reduce cache_mem. > > c) add concurrency support to the helpers. So I decreased the startup, idle, cache_mem values: # egrep 'startup=|idle=' squid.conf external_acl_type bllookup ttl=86400 nega