Well, at least we are marking things off the list, one by one.
I'm going to assume that this clip from one of your previous post is
still true:
> Now I thought I'd retry doing #bin/squidGuard -u
> This time squidGuard.log complained that
> squidGuard/db/porn/domains.diff didn't exist
> (even though it did with correct permissions)
> and just hung; when I did Ctrl-C to get the prompt
> back it went into emergency mode.
> #squid -k reconfigure
> got squidGuard restarted properly but still no update.
If:
*) ${DBHOME}/porn/domains.diff exists
*) ${DBHOME}/porn/domains.diff has the proper permissions
*) squid.conf has effective user and group set to squid.squid
then the only reason that a squidGuard -u command would tell you
that domains.diff does not exist would be if the domains.diff file
is not owned by squid.squid. Would you please check that again?
Rick
-----Original Message-----
From: Nigel Pauli [mailto:[EMAIL PROTECTED]]
Sent: Monday, February 04, 2002 4:09 PM
To: Rick Matthews; Squidguard Mailing List
Subject: Re: Updating database problem
On Monday 04 February 2002 19:18, Rick Matthews wrote:
>
> Do you have these statements in your squid.conf file?
> cache_effective_user squid
> cache_effective_group squid
Yes.
> If so, the 640 should work fine. From the configuration page
> (http://www.squidguard.org/config/), "Notes" section:
> -------- Clip from Configuration page --------
> To avoid publishing to your users a complete guide to banned
sites,
> you probably want to have some or all of these files protected by
> for instance:
> chmod 640 /wherever/filter/db/dest/adult/*
> chown cache_effective_user /wherever/filter/db/dest/adult/*
> chgrp cache_effective_group /wherever/filter/db/dest/adult/*
> where cache_effective_user and cache_effective_group are the
values
> for the corresponding tags as defined in squid.conf.
> -------- End of Clip -------------------------
>
> Whoa! I just realized that I put 740 in my previous post! It
should
> be 640. My apologies.
>
> The other important point is that your destination directories
> should have the same owner and group as specified in your
squid.conf
> for cache_effective_user and cache_effective_group.
>
> I have a few questions/comments after looking at your
> squidGuard.conf file:
>
> (1) Your dbhome statement points to /var/squidguard/db. Does the
> directory name have a lower case "g" to match your dbhome
statement?
Yes - I know that "g" is odd - but it matches ${DBHOME}
> (2) Did you use the blacklists.tar.gz file from the squidGuard
site?
> If you did, and if you installed (unpacked) it using the command
> listed in the installation instructions, all of your destination
> directories would be under a /blacklists directory, for example:
> ${DBHOME}/blacklists/ads
> ${DBHOME}/blacklists/hacking
> ${DBHOME}/blacklists/porn
> etc.
I did use the blacklists.tar.gz file so, even though I have no
memory
or note of having done so, I must have moved them there manually -
as
you say. Quick inspection shows there is an all but empty
${DBHOME}/blacklists containing only a mail subdirectory. I will
dispose of it.
> Based on your squidGuard.conf, squidGuard will look for your
> destination directories here:
> ${DBHOME}/ads
> ${DBHOME}/hacking
> ${DBHOME}/porn
> etc.
>
> If that's where those directories are, you probably had to
manually
> move/rename them to get them there.
>
> (3) What are the contents of
/usr/local/squidGuard/log/blocked.log?
> Does it have entries for the sites successfully blocked?
Yes it does - for sites in the current database. What I can't do is
add
or subtract to that database.
> (4) You mentioned that you were able to get squidGuard started
> properly. You should be seeing multiple "loading dbfile...", "init
> domainlist...", "init urllist..." statements in your log file,
> ending with "squidGuard ready for requests...". Is that what you
are
> seeing?
Exactly as you describe. This walk through is proving very useful in
terms of telling me what I should and should not be seeing.
> (5) This may be a dumb question, but are you certain that "#"
lines
> in the squidGuard.conf file are considered comments? If I read
that
> I forgot it, and I can't remember ever seeing sample conf files
that
> included comment lines (and they would have been helpful as
in-line
> documentation).
Whoops! You've caught me out on messy housekeeping. That was me
experimenting with different configurations and those comment lines
are
the fossilised remains of the ones that didn't make it. I debated
with
myself whether or not to clean them out before posting it but
thought I
better leave them in just in case they proved to be "material" in
the
insurance industry sense of the word.
> Hopefully things are getting better for you?
Thanks very much for the time and advice, Rick. As I said, what
you've
told me so far reassures me that my squidGuard setup is normal; but
that there are a couple of things I should look at. After each tweak
I'll restart and see what happens.
Nigel
--
Nigel Pauli - I.T. Manager
St. John's School, Northwood, U.K.
http://www.st-johns.org.uk/
