Bug#879639: squid takes 30 seconds to restart, should be < 1 second

2017-12-10 Thread Amos Jeffries 

Package: squid
Version: 4.0.21-1~exp5

This should be fixed in the upcoming Squid-4 packages.

Amos Jeffries

Bug#879639: squid takes 30 seconds to restart, should be < 1 second

2017-10-24 Thread Amos Jeffries 
This is a systemd problem. It does not track the correct processes for 
its actions.


For more detail see 
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871602#10 and 
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855268#26


In short: do not use systemctl or its "service" alias with Squid-3. 
Either use the init Script provided by the package, or 'squid -k' 
commands directly.



Amos

Bug#879639: squid takes 30 seconds to restart, should be < 1 second

2017-10-23 Thread Daniel Kahn Gillmor 
Package: squid
Version: 3.5.23-5
Severity: normal

The squid service takes significantly longer to restart than other
network services.  I think it's doing some kind of unnecessary
30-second wait.  Here's a demonstration:

0 root@host:~# time systemctl restart ssh

real0m0.039s
user0m0.013s
sys 0m0.005s
0 root@host:~# time systemctl restart squid

real0m32.192s
user0m0.011s
sys 0m0.005s
0 root@host:~# journalctl -u squid --since '2 minutes ago'
-- Logs begin at Sat 2014-10-11 10:16:57 EDT, end at Mon 2017-10-23 15:13:51 
EDT. --
Oct 23 15:12:31 host systemd[1]: Stopping LSB: Squid HTTP Proxy version 3.x...
Oct 23 15:13:03 host squid[13538]: Squid Parent: (squid-1) process 13540 exited 
with status 0
Oct 23 15:13:03 host squid[13657]: Stopping Squid HTTP Proxy: squid 
Waiting.done.
Oct 23 15:13:03 host squid[13657]: .
Oct 23 15:13:03 host systemd[1]: squid.service: Killing process 13540 (n/a) 
with signal SIGKILL.
Oct 23 15:13:03 host systemd[1]: squid.service: Killing process 13540 (n/a) 
with signal SIGKILL.
Oct 23 15:13:03 host systemd[1]: Stopped LSB: Squid HTTP Proxy version 3.x.
Oct 23 15:13:03 host systemd[1]: Starting LSB: Squid HTTP Proxy version 3.x...
Oct 23 15:13:03 host squid[13723]: Squid Parent: will start 1 kids
Oct 23 15:13:03 host squid[13723]: Squid Parent: (squid-1) process 13725 started
Oct 23 15:13:03 host squid[13685]: Starting Squid HTTP Proxy: squid.
Oct 23 15:13:03 host systemd[1]: squid.service: PID file /var/run/squid.pid not 
readable (yet?) after start: No such file or directory
Oct 23 15:13:03 host systemd[1]: squid.service: Supervising process 13725 which 
is not our child. We'll most likely not notice when it exits.
Oct 23 15:13:03 host systemd[1]: Started LSB: Squid HTTP Proxy version 3.x.
0 root@host:~# grep '^[^#]' /etc/squid/squid.conf 
acl SSL_ports port 443
acl Safe_ports port 80  # http
acl Safe_ports port 21  # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70  # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow localhost
http_access deny all
http_port 3128
coredump_dir /var/spool/squid
refresh_pattern ^ftp:   144020% 10080
refresh_pattern ^gopher:14400%  1440
refresh_pattern -i (/cgi-bin/|\?) 0 0%  0
refresh_pattern .   0   20% 4320
0 root@host:~# df -h /var/spool/squid/
Filesystem Size  Used Avail Use% Mounted on
/dev/mapper/vg_host0-var  5.4G  4.1G 1009M  81% /var
0 root@host:~#

There is no additional CPU or disk or network activity during the
shutdown that i can see.  So this looks like a deliberate 30 second
delay, and systemd is issuing a SIGKILL.  This doesn't seem
like a good idea.

If there is any debugging information you want from me, i'm happy to
try to provide it.

Thanks for maintaining squid in debian!

   --dkg

-- System Information:
Debian Release: buster/sid
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing'), (500, 'oldstable'), 
(200, 'unstable-debug'), (200, 'unstable'), (1, 'experimental-debug'), (1, 
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.13.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages squid depends on:
ii  adduser  3.116
ii  libc62.24-17
ii  libcap2  1:2.25-1.1
ii  libcomerr2   1.43.7-1
ii  libdb5.3 5.3.28-13.1
ii  libdbi-perl  1.637-1
ii  libecap3 1.0.1-3.2
ii  libexpat12.2.3-1
ii  libgcc1  1:7.2.0-11
ii  libgssapi-krb5-2 1.15.1-2
ii  libkrb5-31.15.1-2
ii  libldap-2.4-22.4.45+dfsg-1
ii  libltdl7 2.4.6-2
ii  libnetfilter-conntrack3  1.0.6-2
ii  libnettle6   3.3-2
ii  libpam0g 1.1.8-3.6
ii  libsasl2-2   2.1.27~101-g0780600+dfsg-3
ii  libstdc++6   7.2.0-11
ii  libxml2  2.9.4+dfsg1-5
ii  logrotate3.11.0-0.1
ii  lsb-base 9.20170808
ii  netbase  5.4
ii  squid-common 3.5.23-5

Versions of packages squid recommends:
ii  libcap2-bin  1:2.25-1.1

Versions of packages squid suggests:
pn  resolvconf   
ii  smbclient2:4.6.7+dfsg-2
pn  squid-cgi
pn  squid-purge  
pn  squidclient  
pn  ufw  
pn  winbindd