Public bug reported:
I enabled the (optional) squid apparmor profile
(/etc/apparmor.d/usr.sbin.squid) and configured squidguard.
squid fails to launch or talk to the squidguard helper after that and enters a
loop:
2018/08/16 13:36:53 kid1| Starting new helpers
2018/08/16 13:36:53 kid1| helperOpenServers: Starting 1/20 'squidGuard'
processes
2018/08/16 13:36:53 kid1| WARNING: redirector #Hlpr6977 exited
2018/08/16 13:36:53 kid1| Too few redirector processes are running (need 1/20)
2018/08/16 13:36:53 kid1| Starting new helpers
2018/08/16 13:36:53 kid1| helperOpenServers: Starting 1/20 'squidGuard'
processes
2018/08/16 13:36:53 kid1| WARNING: redirector #Hlpr6978 exited
2018/08/16 13:36:53 kid1| Too few redirector processes are running (need 1/20)
2018/08/16 13:36:53 kid1| Starting new helpers
2018/08/16 13:36:53 kid1| helperOpenServers: Starting 1/20 'squidGuard'
processes
2018/08/16 13:36:53 kid1| WARNING: redirector #Hlpr6979 exited
dmesg reports:
[ 477.494344] audit: type=1400 audit(1534426533.919:2434): apparmor="DENIED"
operation="file_inherit" profile="/usr/sbin/squid" pid=8122 comm="squidGuard"
family="unix" sock_type="stream" protocol=0 requested_mask="send receive"
denied_mask="send receive" addr=none peer_addr=none
peer="/usr/sbin/squid//squidguard"
** Affects: squid3 (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Server, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/1787409
Title:
apparmor profile incorrect for squidguard usage
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1787409/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
