On 26/06/2014 4:37 p.m., Mike wrote: > I am looking for suggestions on a newer or slightly altered startup > script for use with squid 3.4.5 and CentOS based system (Scientific > Linux 6.5). > > The issue is after a system reboot, during startup the ssl_crtd helpers > are crashing causing squid to not load on startup. Yet we can do a > "service squid start" immediately after it stops, and it starts and > works fine until the next reboot. I suspect there is something needed in > the script to avert this issue since it is a newer squid. I tried the > one that came with the 3.4.5 (squid.rc) but it is not functioning > properly on this system. > We have tried a delay script of up to 2 minutes and that is not helping, > any initial statup still has the same problem. > > This is a remote server and we need it to work on startup without > needing to do extra time via SSH after it reboots to start it up every > time, especially once we roll this out to the 5 other servers. I've > checked the squid.out, cache.log and other squid and system related logs > and none of them give us any idea of why it is doing that only at startup. > > 12 seconds after initial startup attempt and multiple ssl_crtd helper > crashes: > Jun 25 23:25:47 i3540 (squid-1): The ssl_crtd helpers are crashing too > rapidly, need help! > Jun 25 23:25:47 i3540 squid[1674]: Squid Parent: (squid-1) process 1762 > exited with status 1 > Jun 25 23:25:47 i3540 squid[1674]: Squid Parent: (squid-1) process 1762 > will not be restarted due to repeated, frequent failures > Jun 25 23:25:47 i3540 squid[1674]: Exiting due to repeated, frequent > failures > > Then after we do a "service squid start": > Jun 25 23:26:24 i3540 squid[1810]: Squid Parent: will start 1 kids > Jun 25 23:26:25 i3540 squid[1810]: Squid Parent: (squid-1) process 1812 > started > > and no more crashes. > > I have tried at least 3 or 4 versions online and none of them work. > Either they do not work properly with "service squid start" or there are > other issues. > > My current squid init script which was borrowed from a previous version > (3.1.10). again, everything works except the ssl_crtd crashing ONLY on > startup after a reboot: > > ===== > > #!/bin/bash > # chkconfig: - 90 25 > # pidfile: /var/run/squid.pid > # config: /etc/squid/squid.conf > # > ### BEGIN INIT INFO > # Provides: squid > # Short-Description: starting and stopping Squid Internet Object Cache > # Description: Squid - Internet Object Cache. Internet object caching is \ > # a way to store requested Internet objects (i.e., data available \ > # via the HTTP, FTP, and gopher protocols) on a system closer to > the \ > # requesting site than to the source. Web browsers can then use the \ > # local Squid cache as a proxy HTTP server, reducing access time as \ > # well as bandwidth consumption. > ### END INIT INFO > > > PATH=/usr/bin:/sbin:/bin:/usr/sbin > export PATH > > # Source function library. > . /etc/rc.d/init.d/functions > > # Source networking configuration. > . /etc/sysconfig/network > > if [ -f /etc/sysconfig/squid ]; then > . /etc/sysconfig/squid > fi > > # don't raise an error if the config file is incomplete > # set defaults instead: > SQUID_OPTS=${SQUID_OPTS:-""} > SQUID_PIDFILE_TIMEOUT=${SQUID_PIDFILE_TIMEOUT:-20} > SQUID_SHUTDOWN_TIMEOUT=${SQUID_SHUTDOWN_TIMEOUT:-60} > SQUID_CONF=${SQUID_CONF:-"/etc/squid/squid.conf"} > SQUID_PIDFILE_DIR="/var/run/squid" > SQUID_USER="squid" > SQUID_DIR="squid" > > # determine the name of the squid binary > [ -f /usr/sbin/squid ] && SQUID=squid > > prog="$SQUID" > > # determine which one is the cache_swap directory > CACHE_SWAP=`sed -e 's/#.*//g' $SQUID_CONF | \ > grep cache_dir | awk '{ print $3 }'` > > RETVAL=0 > > probe() { > # Check that networking is up. > [ ${NETWORKING} = "no" ] && exit 1 > > [ `id -u` -ne 0 ] && exit 4 > > # check if the squid conf file is present > [ -f $SQUID_CONF ] || exit 6 > } > > start() { > # echo "1 minute startup delay - to give ssl_crtd time to restart > properly" > # sleep 60 > # Check if $SQUID_PIDFILE_DIR exists and if not, lets create it > and give squid permissions. > if [ ! -d $SQUID_PIDFILE_DIR ] ; then mkdir $SQUID_PIDFILE_DIR ; > chown -R $SQUID_USER.$SQUID_DIR $SQUID_PIDFILE_DIR; fi > probe > > parse=`$SQUID -k parse -f $SQUID_CONF 2>&1` > RETVAL=$? > if [ $RETVAL -ne 0 ]; then > echo -n $"Starting $prog: " > echo_failure > echo > echo "$parse" > return 1 > fi > for adir in $CACHE_SWAP; do > if [ ! -d $adir/00 ]; then > echo -n "init_cache_dir $adir... " > $SQUID -z -F -f $SQUID_CONF >> > /var/log/squid/squid.out 2>&1 > fi > done This is unnecessary and wastes time repeating squid -z calls. squid -z does a create if missing ignores existing directories, and with SMP workers will create needed directories whose names cannot be found explicitly in the config file. Just run squid -z once and let it do whats necessary. > echo -n $"Starting $prog: " > $SQUID $SQUID_OPTS -f $SQUID_CONF >> /var/log/squid/squid.out 2>&1 > RETVAL=$? > if [ $RETVAL -eq 0 ]; then > timeout=10; > while : ; do > [ ! -f /var/run/squid.pid ] || break > if [ $timeout -ge $SQUID_PIDFILE_TIMEOUT ]; then > RETVAL=1 > break > fi > sleep 10 && echo -n "." > timeout=$((timeout+1)) > done > fi > [ $RETVAL -eq 0 ] && touch /var/lock/subsys/$SQUID > [ $RETVAL -eq 0 ] && echo_success > [ $RETVAL -ne 0 ] && echo_failure > echo > return $RETVAL > } > > stop() { > echo -n $"Stopping $prog: " > $SQUID -k check -f $SQUID_CONF >> /var/log/squid/squid.out 2>&1 > RETVAL=$? > if [ $RETVAL -eq 0 ] ; then > $SQUID -k shutdown -f $SQUID_CONF & > rm -f /var/lock/subsys/$SQUID > timeout=0 > while : ; do > [ -f /var/run/squid.pid ] || break > if [ $timeout -ge $SQUID_SHUTDOWN_TIMEOUT ]; then > echo > return 1 > fi > sleep 2 && echo -n "." > timeout=$((timeout+2)) > done > echo_success > echo > else > echo_failure > if [ ! -e /var/lock/subsys/$SQUID ]; then > RETVAL=0 > fi > echo > fi > rm -rf $SQUID_PIDFILE_DIR/* > return $RETVAL > } > > reload() { > $SQUID $SQUID_OPTS -k reconfigure -f $SQUID_CONF > } > > restart() { > stop > rm -rf $SQUID_PIDFILE_DIR/* I am seeing this erase in several places. Please be aware that more than a PID file may get put in there by Squid now, and if its not cleared up then something is still active. The new instance complaining about existing instance is something that needs fixing not working around. Amos