Bug 487204
Summary: | selinux error for squid | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | stanl |
Component: | squid | Assignee: | Jiri Skala <jskala> |
Status: | CLOSED WORKSFORME | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | 10 | CC: | aglotov, dwalsh, henrik, jonathansteffan, jskala, mnagy |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2009-03-03 02:36:31 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
stanl
2009-02-24 18:48:02 UTC
Is there anything relevant in cache.log? Here is the last restart cyle from the cache.log. I don't see anything. 2009/02/22 20:16:20| Preparing for shutdown after 76 requests 2009/02/22 20:16:20| Waiting 30 seconds for active connections to finish 2009/02/22 20:16:20| FD 14 Closing HTTP connection 2009/02/22 20:16:51| Shutting down... 2009/02/22 20:16:51| Closing unlinkd pipe on FD 12 2009/02/22 20:16:51| storeDirWriteCleanLogs: Starting... 2009/02/22 20:16:51| Finished. Wrote 15 entries. 2009/02/22 20:16:51| Took 0.00 seconds (14395.39 entries/sec). CPU Usage: 0.295 seconds = 0.155 user + 0.140 sys Maximum Resident Size: 0 KB Page faults with physical i/o: 0 Memory usage for squid via mallinfo(): total space in arena: 6144 KB Ordinary blocks: 5994 KB 21 blks Small blocks: 0 KB 7 blks Holding blocks: 936 KB 4 blks Free Small blocks: 0 KB Free Ordinary blocks: 149 KB Total in use: 6930 KB 113% Total free: 149 KB 2% 2009/02/22 20:16:51| Squid Cache (Version 3.0.STABLE13): Exiting normally. 2009/02/22 20:16:53| Starting Squid Cache version 3.0.STABLE13 for x86_64-redhat-linux-gnu... 2009/02/22 20:16:53| Process ID 24514 2009/02/22 20:16:53| With 1024 file descriptors available 2009/02/22 20:16:53| DNS Socket created at 0.0.0.0, port 37343, FD 7 2009/02/22 20:16:53| Adding domain ph.cox.net from /etc/resolv.conf 2009/02/22 20:16:53| Adding domain ph.cox.net from /etc/resolv.conf 2009/02/22 20:16:53| Adding nameserver 68.2.16.30 from /etc/resolv.conf 2009/02/22 20:16:53| Adding nameserver 68.2.16.25 from /etc/resolv.conf 2009/02/22 20:16:53| User-Agent logging is disabled. 2009/02/22 20:16:53| Referer logging is disabled. 2009/02/22 20:16:53| Unlinkd pipe opened on FD 12 2009/02/22 20:16:53| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec 2009/02/22 20:16:53| Swap maxSize 102400 KB, estimated 7876 objects 2009/02/22 20:16:53| Target number of buckets: 393 2009/02/22 20:16:53| Using 8192 Store buckets 2009/02/22 20:16:53| Max Mem size: 8192 KB 2009/02/22 20:16:53| Max Swap size: 102400 KB 2009/02/22 20:16:53| Version 1 of swap file without LFS support detected... 2009/02/22 20:16:53| Rebuilding storage in /var/spool/squid (CLEAN) 2009/02/22 20:16:53| Using Least Load store dir selection 2009/02/22 20:16:53| Set Current Directory to /var/spool/squid 2009/02/22 20:16:53| Loaded Icons. 2009/02/22 20:16:53| Accepting HTTP connections at 0.0.0.0, port 3128, FD 14. 2009/02/22 20:16:53| HTCP Disabled. 2009/02/22 20:16:53| Configuring Parent 127.0.0.1/8118/7 2009/02/22 20:16:53| Ready to serve requests. 2009/02/22 20:16:53| Done reading /var/spool/squid swaplog (15 entries) 2009/02/22 20:16:53| Finished rebuilding storage from disk. 2009/02/22 20:16:53| 15 Entries scanned 2009/02/22 20:16:53| 0 Invalid entries. 2009/02/22 20:16:53| 0 With invalid flags. 2009/02/22 20:16:53| 15 Objects loaded. 2009/02/22 20:16:53| 0 Objects expired. 2009/02/22 20:16:53| 0 Objects cancelled. 2009/02/22 20:16:53| 0 Duplicate URLs purged. 2009/02/22 20:16:53| 0 Swapfile clashes avoided. 2009/02/22 20:16:53| Took 0.04 seconds (395.92 objects/sec). 2009/02/22 20:16:53| Beginning Validation Procedure 2009/02/22 20:16:53| Completed Validation Procedure 2009/02/22 20:16:53| Validated 55 Entries 2009/02/22 20:16:53| store_swap_size = 200 2009/02/22 20:16:54| storeLateRelease: released 0 objects 2009/02/22 20:28:25| tunnelReadServer: FD 20: read failure: (0) Success Did you happen to be in the /mnt directory when you executed this command? I can get this avc to happen if I cd /mnt And execute /etc/init.d/squid restart But not service. Confined programs have a bad habbit of searching the Current Working Directory when they start which can generate an AVC like this. service script cd / when it is executed, so I am surprised you got this. Actually I was in the /etc/squid directory while I was doing this. I ran it a few times while tweaking the squid.conf file to see if I could get it to go away. I was logged in as root. This system had been running for a long time without a reboot when I was doing this. Is it possible that could cause problems like this? I am pretty sure you can ignore it. Anything mounted on /mnt? On a subdir of /mnt? Yeah, other instances of fedora, so I can get to their file systems. Mounted as non check (0 0) from fstab. Updates-testing had the latest selinux packages and a new kernel, so I rebooted to get the new kernel and did an /.autorelabel so that everything would be consistent with the latest policy. Then cleared out setroubleshooter log. Will see what happens. Reopen if it happens again. |