Arthur Dent wrote:
On Thu, 2009-12-10 at 20:50 +0000, Arthur Dent wrote:
Hello all,
I have been using squid / squidGuard for so long now that I have
completely forgotten how I set it up!
Now, following a recent upgrade to SQUID 3.0.STABLE20 I find that the
squidGuard redirect page fails with the error:
"You don't have permission to access /cgi-bin/squidGuard.cgi on this
server"
My first action was to check the permissions of that file:
# ls -la /var/www/cgi-bin/squidGuard.cgi
-rwxr-xr-x. 1 root root 11169 2009-08-17 19:34 /var/www/cgi-bin/squidGuard.cgi
Which is, I think, how it was when it was still working. Just in case it
had anything to do with users I "chown'ed" it to squid.
# ls -la /var/www/cgi-bin/squidGuard.cgi
-rwxr-xr-x. 1 squid squid 11169 2009-08-17 19:34 /var/www/cgi-bin/squidGuard.cgi
Considering this CGI is going to be served by your web server, you
should make sure the user it runs as has permissions to this file.
Still no joy.
I can access the squidGuard.cgi file directly from a browser on a
machine on the network so actually I'm sure it's not a permission
problem. It's only when called from squid / squidGuard that I get the
error.
In my squid.conf I do have "cache_effective_user squid" set.
I know I'm missing something silly - what have I forgotten to do or
check?
Thanks in advance for any help or suggestions...
Mark
Can nobody help me on this one?
I am still at a loss as to how to progress this. The .cgi file works
when accessed directly from the browser - just not when called from
squid/squidGuard...
Considering the fact that Squid will just send the browser a 302 (Moved
Temporarily) and the URL for the error page (which could be on an
entirely separate server), it should work (as long as the URL you use to
access the CGI directly is exactly the same as the one Squid/SquidGuard
redirect to). Using a tool such as the Live HTTP Headers plugin for the
Firefox browser, or a packet trace between the client and Squid might
give some insight in to what is going on.
Thanks again for your consideration...
Mark
Chris
