On Fri, 6 May 2005, warren, anthony wrote:
May 6 11:04:03 uranus kernel: audit(1115373843.232:0): avc: denied {
append } for pid=2952 exe=/usr/sbin/squid name=c
ache.log dev=sdb1 ino=10354692 scontext=root:system_r:squid_t
tcontext=user_u:object_r:usr_t tclass=file
Permission errro on cache.log, either filesystem permission problem or perhaps a selinux permission/policy problem.
May 6 11:04:03 uranus kernel: audit(1115373843.233:0): avc: denied {
append } for pid=2952 exe=/usr/sbin/squid name=a
ccess.log dev=sdb1 ino=10354693 scontext=root:system_r:squid_t
tcontext=user_u:object_r:usr_t tclass=file
May 6 11:04:03 uranus (squid): Cannot open
'/opt/secng/secnglogs/access.log' for writing. The parent directory
must
be writeable by the user 'squid', which is the cache_effective_user
set in squid.conf.
Same here but for access.log.
Now I have checked permission all the way into the logs directory and from what I can see all is correct.
What cache_effective_user are you using?
To check this, I gave the squid user a shell, did an su squid, and then made my way into the correct directories and touched access.log and cache.log
Below is how the permissions are setup currently:
[EMAIL PROTECTED] filtproxy]# cd /opt [EMAIL PROTECTED] opt]# ls -al total 56 drwxr-xr-x 6 squid root 4096 Apr 20 15:51 . drwxr-xr-x 23 root root 4096 Apr 21 11:29 .. drwxr-xr-x 4 squid root 4096 Apr 20 15:53 filtproxy drwx------ 2 squid root 16384 Apr 14 16:00 lost+found drwxr-xr-x 4 squid root 4096 Apr 20 15:53 ning drwxr-xr-x 4 squid squid 4096 Apr 20 15:52 secng
[EMAIL PROTECTED] secng]# ls -al total 32 drwxr-xr-x 4 squid squid 4096 Apr 20 15:52 . drwxr-xr-x 6 squid root 4096 Apr 20 15:51 .. drwxr-xr-x 2 squid squid 4096 Apr 28 16:52 secngcache drwxr-xr-x 2 squid squid 4096 Apr 22 11:17 secnglogs [EMAIL PROTECTED] secng]#
What permissions are set on the actual files?
Regards Henrik
