Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Squid randomly quits
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
phajdan.jr
Retired Dev
Retired Dev


Joined: 23 Mar 2006
Posts: 1777
Location: Poland

PostPosted: Sat Nov 20, 2010 10:17 am    Post subject: Squid randomly quits Reply with quote

I'm running a squid transparent proxy, and recently it started to just randomly quit. I thought that maybe it's crashing, but dmesg shows no segfaults.

/etc/init.d/squid status shows that it's running, but ps aux | grep squid shows no squid processes.

/etc/init.d/squid zap && /etc/init.d/squid start fix the problem, but after a few days/weeks it returns.

Any ideas what might be happening?

Code:

[ebuild   R   ] net-proxy/squid-3.1.8  USE="epoll logrotate pam ssl -caps -ecap -icap-client (-ipf-transparent) -ipv6 -kerberos (-kqueue) -ldap -mysql -nis (-pf-transparent) -postgres -radius -samba -sasl (-selinux) -snmp -sqlite -test -tproxy -zero-penalty-hit" 3,178 kB

Portage 2.1.8.3 (hardened/linux/x86, gcc-4.4.4, glibc-2.11.2-r3, 2.6.32-hardened-r22 i686)
=================================================================
System uname: Linux-2.6.32-hardened-r22-i686-AMD_Athlon-tm-_64_X2_Dual_Core_Processor_4200+-with-gentoo-1.12.14
Timestamp of tree: Sat, 20 Nov 2010 09:15:01 +0000
app-shells/bash:     4.1_p7
dev-lang/python:     2.6.5-r3, 3.1.2-r4
dev-util/cmake:      2.8.1-r2
sys-apps/baselayout: 1.12.14-r1
sys-apps/sandbox:    2.3-r1
sys-devel/autoconf:  2.65-r1
sys-devel/automake:  1.11.1
sys-devel/binutils:  2.20.1-r1
sys-devel/gcc:       4.4.4-r2
sys-devel/gcc-config: 1.4.1
sys-devel/libtool:   2.2.10
sys-devel/make:      3.81-r2
virtual/os-headers:  2.6.30-r1
ACCEPT_KEYWORDS="x86"
ACCEPT_LICENSE="* -@EULA"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-march=athlon64 -O2 -pipe"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /var/yp/Makefile"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo"
CXXFLAGS="-march=athlon64 -O2 -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="assume-digests distlocks fixpackages news parallel-fetch protect-owned sandbox sfperms splitdebug strict unmerge-logs unmerge-orphans userfetch userpriv"
GENTOO_MIRRORS="ftp://mirror.qubenet.net/mirror/gentoo/ ftp://ftp.mneisen.org/gentoo http://gentoo.zie.pg.gda.pl http://gentoo.prz.rzeszow.pl http://212.219.56.133/sites/www.ibiblio.org/gentoo/ ftp://gentoo.mirror.web4u.cz/ http://ftp.gentoo.bg/ http://213.186.33.38/gentoo-distfiles/"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
MAKEOPTS="-j3"
PKGDIR="/usr/portage/packages"PORTAGE_CONFIGROOT="/"PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --
exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage"
USE="acl avahi berkdb bzip2 clamdtop cli cracklib crypt cups cxx dbus dri epoll foomaticdb gdbm hardened iconv logrotate mbox modules mudflap ncurses nls nptl nptlonly openmp pam pcre perl pic pppd python readline session ssl svg sysfs tcpd tftp threads unicode urandom usb x86 xorg zeroconf zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1   emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m       maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" APACHE2_MPMS="worker" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" FOO2ZJS_DEVICES="hp1020 xp6110" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" PHP_TARGETS="php5-2" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="apm ark chips cirrus cyrix dummy fbdev glint i128 i740 intel    mach64 mga neomagic nsc nv r128 radeon rendition s3 s3virge savage      siliconmotion sis sisusb tdfx tga trident tseng v4l vesa via vmware     voodoo" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account"
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS

_________________
http://phajdan-jr.blogspot.com/
Back to top
View user's profile Send private message
Jaglover
Watchman
Watchman


Joined: 29 May 2005
Posts: 7711
Location: Saint Amant, Acadiana

PostPosted: Sat Nov 20, 2010 10:45 am    Post subject: Reply with quote

OOM killer?
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 15969

PostPosted: Sat Nov 20, 2010 9:59 pm    Post subject: Reply with quote

According to emerge --info, you are on a hardened kernel. Have you enabled the GRsecurity options for extended signal logging? Mainline Linux logs segfaults, but if I recall correctly, GRsecurity can also log other signals, like SIGABRT.

You could try attaching sys-devel/gdb to the Squid process to see if you can capture any fatal signals. I am unsure whether this might have side effects, like breaking in due to internal non-fatal signals that Squid uses for self management.
Back to top
View user's profile Send private message
phajdan.jr
Retired Dev
Retired Dev


Joined: 23 Mar 2006
Posts: 1777
Location: Poland

PostPosted: Sun Nov 21, 2010 9:26 am    Post subject: Reply with quote

Jaglover wrote:
OOM killer?


I don't think so, this one is very easy to see in dmesg.

Hu wrote:
According to emerge --info, you are on a hardened kernel. Have you enabled the GRsecurity options for extended signal logging? Mainline Linux logs segfaults, but if I recall correctly, GRsecurity can also log other signals, like SIGABRT.


Good idea, enabled CONFIG_GRKERNSEC_SIGNAL.

Hu wrote:
You could try attaching sys-devel/gdb to the Squid process to see if you can capture any fatal signals. I am unsure whether this might have side effects, like breaking in due to internal non-fatal signals that Squid uses for self management.


Another good idea. Yeah, I considered something like that. Fortunately there is only one squid process, and I can tell gdb to ignore non-fatal signals.

Will report back when the data is there. :)
_________________
http://phajdan-jr.blogspot.com/
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum