Does anyone have any thoughts on my problem? Anthony -----Original Message----- From: warren, anthony [mailto:anthony.warren@xxxxxxxxxxxxx] Sent: 06 May 2005 11:28 To: squid-users@xxxxxxxxxxxxxxx Subject: [squid-users] Puzzling permissions problem Hi, I have a problem with cache directory permissions. What I am trying to do is run multiple instances of squid on a RHEL4 server, with squid configured to listen on different IP address and use the TCP_OUTGOING_ADDRESS config option, so I can apply different Websense policies based on the IP address. I installed squid via RHEL's up2date RPM install procedure (to enable easy version updates). The default cache directory is /var/spool/squid What I want to do is create the following structure: Instance 1: Cache dir = /opt/secng/secngcache Logs dir = /opt/secng/secnglogs Instance 2: Cache dir = /opt/filtproxy/filtcache Logs dir = /opt/filtproxy/filtlogs Instance 3: Cache dir = /opt/ning/ningcache Logs dir = /opt/ning/ninglogs I am trying to get the secng instance working at the moment but whenever I try to initialize the cache dir I get the following in /var/log/messages: May 6 11:04:00 uranus squid[2930]: Squid Parent: child process 2947 exited due to signal 6 May 6 11:04:03 uranus squid[2930]: Squid Parent: child process 2952 started May 6 11:04:03 uranus kernel: audit(1115373843.232:0): avc: denied { append } for pid=2952 exe=/usr/sbin/squid name=c ache.log dev=sdb1 ino=10354692 scontext=root:system_r:squid_t tcontext=user_u:object_r:usr_t tclass=file May 6 11:04:03 uranus kernel: audit(1115373843.233:0): avc: denied { append } for pid=2952 exe=/usr/sbin/squid name=a ccess.log dev=sdb1 ino=10354693 scontext=root:system_r:squid_t tcontext=user_u:object_r:usr_t tclass=file May 6 11:04:03 uranus (squid): Cannot open '/opt/secng/secnglogs/access.log' for writing. The parent directory must be writeable by the user 'squid', which is the cache_effective_user set in squid.conf. May 6 11:04:03 uranus squid[2930]: Squid Parent: child process 2952 exited due to signal 6 May 6 11:04:03 uranus squid[2930]: Exiting due to repeated, frequent failures Now I have checked permission all the way into the logs directory and from what I can see all is correct. To check this, I gave the squid user a shell, did an su squid, and then made my way into the correct directories and touched access.log and cache.log Below is how the permissions are setup currently: [root@uranus filtproxy]# cd /opt [root@uranus opt]# ls -al total 56 drwxr-xr-x 6 squid root 4096 Apr 20 15:51 . drwxr-xr-x 23 root root 4096 Apr 21 11:29 .. drwxr-xr-x 4 squid root 4096 Apr 20 15:53 filtproxy drwx------ 2 squid root 16384 Apr 14 16:00 lost+found drwxr-xr-x 4 squid root 4096 Apr 20 15:53 ning drwxr-xr-x 4 squid squid 4096 Apr 20 15:52 secng [root@uranus secng]# ls -al total 32 drwxr-xr-x 4 squid squid 4096 Apr 20 15:52 . drwxr-xr-x 6 squid root 4096 Apr 20 15:51 .. drwxr-xr-x 2 squid squid 4096 Apr 28 16:52 secngcache drwxr-xr-x 2 squid squid 4096 Apr 22 11:17 secnglogs [root@uranus secng]# Please can someone offer some advice as it is driving me crazy and I am up against a fairly tight timescale to get this working. Many thanks, Anthony Warren