Re: [Devil-Linux-discuss] Squid trouble in DL 1.8.0-rc2

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi,
I tried to do an simple "squid -v" and the process died also with
Illegal Instruction.
And, like Frank allready wrote, the config file isn't open at this time.

strace shows at last the reading of /dev/urandom:
getrlimit(RLIMIT_STACK, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
futex(0x70a4a82614e8, FUTEX_WAKE_PRIVATE, 2147483647) = 0
brk(0)                                  = 0xfd7480
brk(0xff8480)                           = 0xff8480
brk(0xff9000)                           = 0xff9000
open("/dev/urandom", O_RDONLY)          = 3
fcntl(3, F_GETFD)                       = 0
fcntl(3, F_SETFD, FD_CLOEXEC)           = 0
fstat(3, {st_mode=S_IFCHR|0666, st_rdev=makedev(1, 9), ...}) = 0
getrusage(0x1 /* RUSAGE_??? */, {ru_utime={0, 39999}, ru_stime={0,
79999}, ...}) = 0
read(3,
"pu\17\2559L\0017O\221\354\241\363!{\222\370\353d\314S\216\242ND}\26\300Y\37Jp",
32) = 32
read(3,
".\375\267\247IG.\3266+L\26\36\313\30_\225\2055\211\33\201\257\251.\26\26;\347\0215\366",
32) = 32
read(3, "\245m#\314=@**", 8)            = 8
futex(0x70a4aa316480, FUTEX_WAKE_PRIVATE, 2147483647) = 0
futex(0x70a4aa316470, FUTEX_WAKE_PRIVATE, 2147483647) = 0
brk(0x101a000)                          = 0x101a000
mmap(NULL, 266240, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0x70a4abfb0000
--- SIGILL {si_signo=SIGILL, si_code=ILL_ILLOPN, si_addr=0x793b78} ---
+++ killed by SIGILL +++
At this time also network isn't in use (which is on Franks strace output).

Udo

On 09.08.2016 08:58, Frank Weis wrote:
> Hi Heiko,
>
>
> it doesn't get to the point where it logs anything.
>
> I have copied in the /etc/squid.conf supplied with the source (or even
> started without conf file).
>
> When I strace it, I see that it opens some libs, and /dev/urandom, but
> not /etc/squid.conf. It calls uname and gets the name of the host.
>
>
> The last 20 lines from strace:
>
>                                                                                                                                                                                             
>
> fcntl64(3, F_GETFD)                     = 0
> fcntl64(3, F_SETFD, FD_CLOEXEC)         = 0
> fstat64(3, {st_mode=S_IFCHR|0666, st_rdev=makedev(1, 9), ...}) = 0
> getrusage(0x1 /* RUSAGE_??? */, {ru_utime={0, 29999}, ru_stime={0,
> 6666}, ...}) = 0
> read(3,
> "\337\3617\312X\270\340\203\244\376\25+\0316\201\246\205\23\354\245\227\321\23\275l\357\345Ff\324\177\345",
> 32) = 32
> read(3,
> "W\247\352\227\254\v\303\221Pi\362\22Dw\6\24\201\200\232\263\252K\331\237o\337\332\372!\347\31[",
> 32) = 32
> read(3, "\16\250\0240\334\360\333\272", 8) = 8
> futex(0xbcd810, FUTEX_WAKE_PRIVATE, 2147483647) = 0
> futex(0xbcd808, FUTEX_WAKE_PRIVATE, 2147483647) = 0
> brk(0xb2a6000)                          = 0xb2a6000
> mmap2(NULL, 266240, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
> 0) = 0xb538d000
> brk(0xb2c9000)                          = 0xb2c9000
> brk(0xb2ed000)                          = 0xb2ed000
> brk(0xb311000)                          = 0xb311000
> brk(0xb335000)                          = 0xb335000
> socket(PF_INET6, SOCK_STREAM, IPPROTO_IP) = 4
> setsockopt(4, SOL_IPV6, IPV6_V6ONLY, [0], 4) = 0
> close(4)                                = 0
> --- SIGILL {si_signo=SIGILL, si_code=ILL_ILLOPN, si_addr=0x8251e40} ---
> +++ killed by SIGILL +++
>
>
> When I start squid from inside the lfssystem (chrooted), it complains
> about missing /etc/squid.conf
>
> On a booted DL, it makes no difference if the conf file is present or not.
>
>
> Thanks
>
>
> On 2016-08-08 21:00, Heiko Zuerker wrote:
>> Frank,
>>
>> Try increasing the log level and see if it spits anything else out in
>> the squid log, before it crashes.
>> Are you using an existing configuration? If yes, try with a clean one.
>> You can also try the server version to see if it's related to any of
>> our security enhancements.
>>
>> Heiko
>>
>> Quoting Frank Weis <Fra...@cg... <mailto:Fra...@cg...>>:
>>
>>> Hi Heiko,
>>>
>>>  
>>>
>>> I got the latest squid installed, it still crashes:
>>>
>>>  
>>>
>>> squid -version
>>> Squid Cache: Version 3.5.20-20160805-r14070
>>> Service Name: squid
>>> configure options:  '--prefix=/usr' '--sysconfdir=/etc'
>>> '--bindir=/usr/sbin' '--libexecdir=/usr/sbin'
>>> '--datadir=/usr/share/squid' '--localstatedir=/var/squid'
>>> '--sharedstatedir=/var/squid' '--enable-delay-pools
>>> ' '--enable-useragent-log' '--enable-referer-log' '--enable-arp-acl'
>>> '--enable-ssl' '--with-openssl' '--enable-htcp'
>>> '--enable-linux-netfilter' '--enable-auth' '--disable-auth-negotiate'
>>> '--enable-auth-basic' '-
>>> -enable-auth-ntlm' '--disable-auth-digest'
>>> '--enable-log-daemon-helpers' '--enable-external-acl-helpers'
>>> '--enable-url-rewrite-helpers' '--enable-delay-icmp' '--enable-esi'
>>> '--enable-ecap' '--enable-follow-x-for
>>> warded-for' '--enable-default-err-language=English'
>>> '--enable-err-languages=English' 'CFLAGS=-mtune=i686 -march=i686'
>>> 'CXXFLAGS=-mtune=i686 -march=i686'
>>> Illegal instruction
>>>
>>> Any other ideas?
>>>
>>>  
>>>
>>> Thanks
>>>
>>> On 2016-08-03 17:48, Heiko Zuerker wrote:
>>>> Frank,
>>>>
>>>> It's core dumping, but that could be for a million reasons.
>>>> Can you try updating squid and see if it makes a difference?
>>>>
>>>> Heiko
>>>>
>>>> Quoting Frank Weis <Fra...@cg... <mailto:Fra...@cg...>>:
>>>>
>>>>> Hi all,
>>>>>
>>>>>  
>>>>>
>>>>> squid exits immediately and I have the following log messages. This
>>>>> happens in rc1 and rc2. Any hints?
>>>>>
>>>>>  
>>>>>
>>>>> [10504.225825] grsec: Illegal instruction occurred at 083a5893 in
>>>>> /usr/sbin/squid[squid:2504] uid/euid:0/0 gid/egid:0/0, parent
>>>>> /etc/init.d/squid[squid:2497] uid/euid:0/0 gid/egid:0/0
>>>>> [10504.225868] grsec: denied resource overstep by requesting 4096
>>>>> for RLIMIT_CORE against limit 0 for /usr/sbin/squid[squid:2504]
>>>>> uid/euid:0/0 gid/egid:0/0, parent /etc/init.d/squid[squid:2497]
>>>>> uid/euid:0/0 gid/
>>>>> egid:0/0
>>>>>  
>>>>>
>>>>>  
>>>>>
>>>>> Thanks a lot
>>>>>
>>>>> Frank
>>>>> --
>>>>>
>>>>> *Frank Weis*
>>>>> Conseiller informaticien
>>>>>
>>>>> LE GOUVERNEMENT DU GRAND-DUCHÉ DE LUXEMBOURG
>>>>> Ministère de l’Éducation nationale, de l’Enfance et de la Jeunesse
>>>>> Centre de gestion informatique de l’éducation 
>>>>>
>>>>> eduPôle - Walferdange
>>>>> Route de Diekirch, L-7220 Walferdange 
>>>>> _Adresse postale_ : B.P. 98, L-7201 Bereldange
>>>>>
>>>>> Tél. : (+352) 247-85973 . Fax : (+352) 247-85174
>>>>> E-mail : Fra...@cg... <mailto:Fra...@cg...>
>>>>> www.cgie.lu <http://www.cgie.lu/>
>>>>> www.men.lu <http://www.men.lu/>
>>>>> www.gouvernement.lu <http://www.gouvernement.lu>
>>>>>
>>>>> Ce message et toutes pièces jointes sont établis à l'intention
>>>>> exclusive de ses destinataires. Ils peuvent contenir des
>>>>> informations confidentielles. Si vous recevez ce message par
>>>>> erreur, merci de le détruire et d'en avertir immédiatement
>>>>> l'expéditeur. Toute utilisation de ce message non conforme à sa
>>>>> destination, toute diffusion ou toute publication, totale ou
>>>>> partielle, est interdite, sauf autorisation expresse. Ce message a
>>>>> fait l'objet d'un traitement anti-virus.
>>>>>
>>>>> Le contenu de ce message et des pièces jointes ne pourrait engager
>>>>> la responsabilité du ministère que s'il a été émis par une personne
>>>>> dûment habilitée agissant dans le strict cadre des fonctions
>>>>> auxquelles elle est employée et à des fins non étrangères à ses
>>>>> attributions.
>>>>>  
>>>>
>>>>
>>>> --
>>>>
>>>> Regards
>>>>   Heiko Zuerker
>>>>  
>>> --
>>>
>>> *Frank Weis*
>>> Conseiller informaticien
>>>
>>> LE GOUVERNEMENT DU GRAND-DUCHÉ DE LUXEMBOURG
>>> Ministère de l’Éducation nationale, de l’Enfance et de la Jeunesse
>>> Centre de gestion informatique de l’éducation 
>>>
>>> eduPôle - Walferdange
>>> Route de Diekirch, L-7220 Walferdange 
>>> _Adresse postale_ : B.P. 98, L-7201 Bereldange
>>>
>>> Tél. : (+352) 247-85973 . Fax : (+352) 247-85174
>>> E-mail : Fra...@cg... <mailto:Fra...@cg...>
>>> www.cgie.lu <http://www.cgie.lu/>
>>> www.men.lu <http://www.men.lu/>
>>> www.gouvernement.lu <http://www.gouvernement.lu>
>>>
>>> Ce message et toutes pièces jointes sont établis à l'intention
>>> exclusive de ses destinataires. Ils peuvent contenir des informations
>>> confidentielles. Si vous recevez ce message par erreur, merci de le
>>> détruire et d'en avertir immédiatement l'expéditeur. Toute
>>> utilisation de ce message non conforme à sa destination, toute
>>> diffusion ou toute publication, totale ou partielle, est interdite,
>>> sauf autorisation expresse. Ce message a fait l'objet d'un traitement
>>> anti-virus.
>>>
>>> Le contenu de ce message et des pièces jointes ne pourrait engager la
>>> responsabilité du ministère que s'il a été émis par une personne
>>> dûment habilitée agissant dans le strict cadre des fonctions
>>> auxquelles elle est employée et à des fins non étrangères à ses
>>> attributions.
>>>  
>>
>>
>> --
>>
>> Regards
>>   Heiko Zuerker
>>  
>
>
> ------------------------------------------------------------------------------
> What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
> patterns at an interface-level. Reveals which users, apps, and protocols are 
> consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
> J-Flow, sFlow and other flows. Make informed decisions using capacity 
> planning reports. http://sdm.link/zohodev2dev
>
>
> _______________________________________________
> Devil-linux-discuss mailing list
> Dev...@li...
> https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss