Project

General

Profile

Actions

Bug #4857

closed

Cannot install squid3 on pfsense 2.2.3

Added by Louis-Philippe Allard over 9 years ago. Updated about 9 years ago.

Status:
Not a Bug
Priority:
Very High
Assignee:
-
Category:
-
Target version:
-
Start date:
07/20/2015
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Affected Version:
Affected Plus Version:
Affected Architecture:

Description

I have tried migrating from squid2 to squid3 because I was having issues with squid2 and package repos, and trying to install squid3 it seems not to work. After package is installed, I see a lot of errors in the system logs:

Jul 21 00:22:14 php-fpm49674: /rc.filter_configure_sync: SQUID is installed but not started. Not installing "filter" rules.
Jul 21 00:22:14 php-fpm49674: /rc.filter_configure_sync: SQUID is installed but not started. Not installing "pfearly" rules.
Jul 21 00:22:14 php-fpm49674: /rc.filter_configure_sync: SQUID is installed but not started. Not installing "nat" rules.
Jul 21 00:22:12 check_reload_status: Reloading filter
Jul 20 20:22:12 Squid_Alarm34082: Reconfiguring filter...
Jul 20 20:22:09 Squid_Alarm32631: Attempting restart...
Jul 20 20:22:09 Squid_Alarm32309: Squid has exited. Reconfiguring filter.
Jul 20 20:21:23 squid40783: Exiting due to repeated, frequent failures
Jul 20 20:21:23 squid40783: Squid Parent: (squid-1) process 12963 will not be restarted due to repeated, frequent failures
Jul 20 20:21:23 squid40783: Squid Parent: (squid-1) process 12963 exited with status 1
Jul 20 20:21:23 (squid-1): Cannot open '/var/squid/logs/access.log' for writing. The parent directory must be writeable by the user 'proxy', which is the cache_effective_user set in squid.conf.
Jul 20 20:21:23 squid40783: Squid Parent: (squid-1) process 12963 started
Jul 20 20:21:20 squid40783: Squid Parent: (squid-1) process 12307 exited with status 1
Jul 20 20:21:20 (squid-1): Cannot open '/var/squid/logs/access.log' for writing. The parent directory must be writeable by the user 'proxy', which is the cache_effective_user set in squid.conf.
Jul 20 20:21:20 squid40783: Squid Parent: (squid-1) process 12307 started
Jul 21 00:21:19 php-fpm73214: /rc.filter_configure_sync: There was an error while parsing the package filter rules for /usr/local/pkg/squid.inc.
Jul 21 00:21:19 php-fpm73214: /rc.filter_configure_sync: The command '/sbin/pfctl -nf /tmp/rules.test.packages' returned exit code '1', the output was '/tmp/rules.test.packages:55: syntax error'
Jul 21 00:21:19 php-fpm73214: /rc.filter_configure_sync: There was an error while parsing the package filter rules for /usr/local/pkg/squid.inc.
Jul 21 00:21:19 php-fpm73214: /rc.filter_configure_sync: The command '/sbin/pfctl -nf /tmp/rules.test.packages' returned exit code '1', the output was '/tmp/rules.test.packages:56: syntax error'
Jul 21 00:21:18 php-fpm49674: /rc.filter_configure_sync: There was an error while parsing the package filter rules for /usr/local/pkg/squid.inc.
Jul 21 00:21:18 php-fpm49674: /rc.filter_configure_sync: The command '/sbin/pfctl -nf /tmp/rules.test.packages' returned exit code '1', the output was '/tmp/rules.test.packages:55: syntax error'
Jul 21 00:21:18 php-fpm49674: /rc.filter_configure_sync: There was an error while parsing the package filter rules for /usr/local/pkg/squid.inc.
Jul 21 00:21:18 php-fpm49674: /rc.filter_configure_sync: The command '/sbin/pfctl -nf /tmp/rules.test.packages' returned exit code '1', the output was '/tmp/rules.test.packages:56: syntax error'
Jul 21 00:21:17 php-fpm73214: /pkg_mgr_install.php: Successfully installed package: squid3.
Jul 21 00:21:17 check_reload_status: Syncing firewall
Jul 20 20:21:17 squid40783: Squid Parent: (squid-1) process 92542 exited with status 1
Jul 20 20:21:17 (squid-1): Cannot open '/var/squid/logs/access.log' for writing. The parent directory must be writeable by the user 'proxy', which is the cache_effective_user set in squid.conf.
Jul 21 00:21:17 check_reload_status: Reloading filter
Jul 21 00:21:17 php-fpm73214: /pkg_mgr_install.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/local/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy'
Jul 20 20:21:17 squid40783: Squid Parent: (squid-1) process 92542 started
Jul 21 00:21:17 php-fpm73214: /pkg_mgr_install.php: Reloading Squid for configuration sync
Jul 21 00:21:17 php-fpm73214: /pkg_mgr_install.php: Squid - Missing /var/db/clamav/*.cvd or .cld files. Running freshclam on background.
Jul 21 00:21:16 php-fpm73214: /pkg_mgr_install.php: [Squid] - Squid_resync function call pr:1 bp: rpc:no
Jul 21 00:21:16 check_reload_status: Reloading filter
Jul 21 00:21:16 php-fpm73214: /pkg_mgr_install.php: The command '/usr/pbi/squid-amd64/sbin/squid -k reconfigure -f /usr/pbi/squid-amd64/local/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy'
Jul 21 00:21:16 php-fpm73214: /pkg_mgr_install.php: Reloading Squid for configuration sync
Jul 20 20:21:16 squid68495: Squid Parent: (squid-1) process 68634 exited with status 0
Jul 20 20:21:15 squid68495: Squid Parent: (squid-1) process 68634 started
Jul 20 20:21:15 squid68495: Squid Parent: will start 1 kids
Jul 21 00:21:15 php-fpm73214: /pkg_mgr_install.php: The command '/usr/pbi/squid-amd64/sbin/squid -k kill -f /usr/pbi/squid-amd64/local/etc/squid/squid.conf' returned exit code '1', the output was 'squid: ERROR: No running copy'
Jul 20 20:21:14 squid40783: Squid Parent: (squid-1) process 60547 exited with status 1
Jul 20 20:21:14 (squid-1): Cannot open '/var/squid/logs/access.log' for writing. The parent directory must be writeable by the user 'proxy', which is the cache_effective_user set in squid.conf.
Jul 20 20:21:13 squid40783: Squid Parent: (squid-1) process 60547 started
Jul 21 00:21:11 php-fpm73633: /rc.filter_configure_sync: There was an error while parsing the package filter rules for /usr/local/pkg/squid.inc.
Jul 21 00:21:11 php-fpm73633: /rc.filter_configure_sync: The command '/sbin/pfctl -nf /tmp/rules.test.packages' returned exit code '1', the output was '/tmp/rules.test.packages:55: syntax error'
Jul 21 00:21:11 php-fpm73633: /rc.filter_configure_sync: There was an error while parsing the package filter rules for /usr/local/pkg/squid.inc.
Jul 21 00:21:11 php-fpm73633: /rc.filter_configure_sync: The command '/sbin/pfctl -nf /tmp/rules.test.packages' returned exit code '1', the output was '/tmp/rules.test.packages:56: syntax error'
Jul 20 20:21:10 squid40783: Squid Parent: (squid-1) process 40863 exited with status 1
Jul 20 20:21:10 (squid-1): I don't handle this error well!
Jul 21 00:21:10 php-fpm73214: /pkg_mgr_install.php: Creating squid cache subdirs in /var/squid/cache
Jul 21 00:21:10 php-fpm73214: /pkg_mgr_install.php: Squid - Missing /var/db/clamav/
.cvd or *.cld files. Running freshclam on background.
Jul 21 00:21:10 check_reload_status: Syncing firewall
Jul 20 20:21:09 squid40783: Squid Parent: (squid-1) process 40863 started
Jul 20 20:21:09 squid40783: Squid Parent: will start 1 kids
Jul 21 00:21:09 php-fpm73214: /pkg_mgr_install.php: [Squid] - Squid_resync function call pr: bp: rpc:no
Jul 21 00:21:09 check_reload_status: Reloading filter
Jul 21 00:21:09 php-fpm73214: /pkg_mgr_install.php: Starting a proxy monitor script
Jul 21 00:21:09 php-fpm73214: /pkg_mgr_install.php: Starting Squid
Jul 20 20:21:09 squid35573: Squid Parent: (squid-1) process 35923 exited with status 0
Jul 20 20:21:09 squid35573: Squid Parent: (squid-1) process 35923 started
Jul 20 20:21:09 squid35573: Squid Parent: will start 1 kids
Jul 21 00:21:09 php-fpm73214: /pkg_mgr_install.php: The command '/usr/pbi/squid-amd64/sbin/squid -k kill -f /usr/pbi/squid-amd64/local/etc/squid/squid.conf' returned exit code '1', the output was 'WARNING: Cannot write log file: /var/log/squid/cache.log /var/log/squid/cache.log: No such file or directory messages will be sent to 'stderr'. 2015/07/20 20:21:09| Set Current Directory to /var/squid/cache squid: ERROR: No running copy'
Jul 21 00:21:04 php-fpm73214: /pkg_mgr_install.php: Creating squid cache subdirs in /var/squid/cache
Jul 21 00:21:03 php-fpm73214: /pkg_mgr_install.php: Stopping any running proxy monitors
Jul 20 20:21:03 squid23513: Squid Parent: (squid-1) process 23904 exited with status 0
Jul 20 20:21:02 squid23513: Squid Parent: (squid-1) process 23904 started
Jul 20 20:21:02 squid23513: Squid Parent: will start 1 kids
Jul 21 00:21:02 php-fpm73214: /pkg_mgr_install.php: The command '/usr/pbi/squid-amd64/sbin/squid -k kill -f /usr/pbi/squid-amd64/local/etc/squid/squid.conf' returned exit code '1', the output was 'WARNING: Cannot write log file: /var/log/squid/cache.log /var/log/squid/cache.log: No such file or directory messages will be sent to 'stderr'. 2015/07/20 20:21:02| Set Current Directory to /var/squid/cache squid: ERROR: No running copy'
Jul 21 00:20:57 php-fpm73214: /pkg_mgr_install.php: Creating squid cache subdirs in /var/squid/cache
Jul 21 00:20:57 php-fpm73214: /pkg_mgr_install.php: Creating Squid cache dir /var/squid/cache
Jul 21 00:20:57 check_reload_status: Syncing firewall
Jul 21 00:20:28 check_reload_status: Syncing firewall
Jul 21 00:20:27 php-fpm73214: /pkg_mgr_install.php: Beginning package installation for squid3 .

Actions #1

Updated by Louis-Philippe Allard over 9 years ago

Other than the multiple errors I dont really understand, I have worked on the two file permission errors:

  1. Cannot open '/var/squid/logs/access.log' for writing. The parent directory must be writeable by the user 'proxy', which is the cache_effective_user set in squid.conf

/var/squid/logs is owned by proxy:proxy and /var/squid/logs/cache.log has some stuff in it (2015/07/20 20:21:16 kid1| Creating missing swap directories)

  1. Cannot write log file: /var/log/squid/cache.log /var/log/squid/cache.log: No such file or directory

/var/log/squid is owned by proxy:proxy but is totally empty.

Actions #2

Updated by Louis-Philippe Allard over 9 years ago

Reinstalled pfsense from scratch using the config.xml backup I had previously created, and ended up in the same situation.

Then I exported the config piece by piece instead of selecting "ALL" and restricted the restore to the following elements:

aliases
dhcpd-config
filter-config
interfaces
nat-config
system-config

I then reinstalled pfsense again from scratch and restored the config files above, all seems to be fine now.

I suppose this is due to a bug between the recent squid3 and pfsense releases, the pfsense I kept upgrading for more than a year and a half, and my settings..?

Actions #3

Updated by Louis-Philippe Allard over 9 years ago

I confirm squid3 dies or doesnt work on pfsense 2.2.3

After a few days qwhere everything was running fine, squid seems to have stopped working for no apparent reasons.

The access.log file stopped being populated at the same time squidguard stopped doing its thing.

Now pfsense's logs are populated with

php-fpm63954: /rc.filter_configure_sync: There was an error while parsing the package filter rules for /usr/local/pkg/squid.inc.

Actions #4

Updated by Philipp Schmid over 9 years ago

I also tried to install squid3 on pfsense 2.2.4, but get this in the logs:

Sep 21 18:06:43 php-fpm61548: /pkg_mgr_install.php: Beginning package installation for squid3 .
Sep 21 18:06:47 check_reload_status: Syncing firewall
Sep 21 18:06:55 check_reload_status: Syncing firewall
Sep 21 18:06:55 php-fpm61548: /pkg_mgr_install.php: Stopping any running proxy monitors
Sep 21 18:06:56 php-fpm61548: /pkg_mgr_install.php: Starting Squid
Sep 21 18:06:56 php-fpm61548: /pkg_mgr_install.php: Starting a proxy monitor script
Sep 21 18:06:56 check_reload_status: Reloading filter
Sep 21 18:06:56 php-fpm61548: /pkg_mgr_install.php: [Squid] - Squid_resync function call pr: bp: rpc:no
Sep 21 18:06:57 squid9448: Squid Parent: will start 1 kids
Sep 21 18:06:57 squid9448: Squid Parent: (squid-1) process 9569 started
Sep 21 18:06:57 check_reload_status: Syncing firewall
Sep 21 18:06:58 (squid-1): I don't handle this error well!
Sep 21 18:06:58 squid9448: Squid Parent: (squid-1) process 9569 exited with status 1
Sep 21 18:07:01 squid9448: Squid Parent: (squid-1) process 13226 started
Sep 21 18:07:02 (squid-1): I don't handle this error well!
Sep 21 18:07:02 squid9448: Squid Parent: (squid-1) process 13226 exited with status 1
Sep 21 18:07:05 squid9448: Squid Parent: (squid-1) process 13969 started
Sep 21 18:07:06 (squid-1): I don't handle this error well!
Sep 21 18:07:06 squid9448: Squid Parent: (squid-1) process 13969 exited with status 1
Sep 21 18:07:09 squid9448: Squid Parent: (squid-1) process 24376 started
Sep 21 18:07:10 (squid-1): I don't handle this error well!
Sep 21 18:07:10 squid9448: Squid Parent: (squid-1) process 24376 exited with status 1
Sep 21 18:07:13 squid9448: Squid Parent: (squid-1) process 27913 started
Sep 21 18:07:14 (squid-1): I don't handle this error well!
Sep 21 18:07:14 squid9448: Squid Parent: (squid-1) process 27913 exited with status 1
Sep 21 18:07:14 squid9448: Squid Parent: (squid-1) process 27913 will not be restarted due to repeated, frequent failures
Sep 21 18:07:14 squid9448: Exiting due to repeated, frequent failures
Sep 21 18:08:01 squid33410: Squid Parent: will start 1 kids
Sep 21 18:08:01 squid33410: Squid Parent: (squid-1) process 33582 started
Sep 21 18:08:01 squid33410: Squid Parent: (squid-1) process 33582 exited with status 0
Sep 21 18:12:37 check_reload_status: Syncing firewall
Sep 21 18:12:45 check_reload_status: Syncing firewall
Sep 21 18:12:45 check_reload_status: Syncing firewall
Sep 21 18:12:45 check_reload_status: Reloading filter
Sep 21 18:12:45 check_reload_status: Reloading filter

Actions #5

Updated by Kill Bill over 9 years ago

I don't think any of these are actual problem with Squid. When you install it, the way the package is written and how's package install process handled by pfSense package manager code itself, it gets (re)started so many times that I'm pretty sure it gets confused and eventually bails out, esp. on slower boxes. Let things settle down, resave the config and then try starting it manually (if it doesn't start itself upon saving config). If it still doesn't work, you at least get relevant errors. The above is just noise resulting from start/restart cycles.

Actions #6

Updated by Philipp Schmid about 9 years ago

I don't even get menu item or service entry for squid, so that I cannot even resave squids config. I guess it happens early in the install process.

The machine has 2% cpu utilisation 4% memory utilisation and dual core atom cpus handling maybe 10 clients (as in laptops and phones).

I will try on a fresh pfsense installation in a virtual machine.

Actions #7

Updated by Philipp Schmid about 9 years ago

If I try to install squid3 via the command line I get the following error:

pfSsh.php playback installpkg "squid3"

Starting the pfSense developer shell....

Installing package "squid3"...
Trying to fetch package info... Done.

Beginning package installation for squid3 . 100%
Installing squid3 and its dependencies. 100%
Warning: include(/usr/local/pkg/squid_reverse.inc): failed to open stream: No such file or directory in /usr/local/pkg/squid.inc on line 1596

Warning: include(): Failed opening '/usr/local/pkg/squid_reverse.inc' for inclusion (include_path='.:/etc/inc:/usr/local/www:/usr/local/captiveportal:/usr/local/pkg') in /usr/local/pkg/squid.inc on line 1596
Reconfiguring filter... One moment please...

Actions #8

Updated by Kill Bill about 9 years ago

Yeah, it obviously will never work without the required include file. This is not a place to get support, move to forums.pfsense.org.

Actions #9

Updated by Chris Buechler about 9 years ago

  • Status changed from New to Not a Bug
Actions #10

Updated by Kill Bill about 9 years ago

There are major sanitizations done to package install in https://github.com/pfsense/pfsense-packages/pull/1080 (namely https://github.com/doktornotor/pfsense-packages/commit/e0bf22a296a66b1bbf35bacd6ad05db8fe930557). The current state is simply madness, resulting in restarting the services at least 6 times during install.

Actions

Also available in: Atom PDF