?
Solved

Apache & Squid

Posted on 2008-11-11
21
Medium Priority
?
675 Views
Last Modified: 2012-08-13
hi

I want apache to be able to read files from /var/spool/squid/video_cache/
I use squid v2.6. what commands needed? to have access of it instead of the Forbidden error .
0
Comment
Question by:adaheem
  • 11
  • 9
21 Comments
 
LVL 2

Expert Comment

by:artms
ID: 22934247
I think /var/spool/squid permissions do not allow apache to read files from there, please check if apache user can access /var/spool/squid/ and directories deeper. An easy way to check it is:
usermod -s /bin/bash apache
su - apache
cd /var/spool/squid
cd video_cache
exit
usermod -s /sbin/nologin apache

Apache is the user apache is running under, on RHEL or centos (and most redhat based it is apache). If you cannot change dir to /var/spool/squid, then change mode to 0755, or change directory group to apache.
0
 

Author Comment

by:adaheem
ID: 22934944
hi

when i used the command     su - apache    it gives me: This account is currently not available.

when i use  usermod -s /sbin/nologin apache    , it accepts it
when i put in the browser   http://192.186.10.1         it gives me the apache page

still have this forbidden error for   http://192.186.10.1/video_cache/
 

0
 

Author Comment

by:adaheem
ID: 22934961
where can i see the result of the chown and chmod ???
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 2

Expert Comment

by:artms
ID: 22935112
ls -l /var/spool/ will print all directories in /var/spool/ and their owner/groups and directory mode.

I wrote usermod -s /bin/bash apache <- this enables bash for apache, after this command su - apache will return shell, not that message, to return old shell less apache account you had to write usermod -s /sbin/nologin apache
0
 

Author Comment

by:adaheem
ID: 22935159
This was the result:

[root@star squid]# ls -l /var/spool/
total 112
drwxr-xr-x  2 root   root   4096 Nov 12 00:48 anacron
drwx------  3 daemon daemon 4096 Nov 12 00:39 at
drwxrwx---  2 smmsp  smmsp  4096 Mar 15  2007 clientmqueue
drwx------  2 root   root   4096 Nov 10  2007 cron
drwx--x---  3 root   lp     4096 Nov 12 00:38 cups
drwxr-xr-x  2 root   root   4096 Mar 29  2007 lpd
drwxrwxr-x  2 root   mail   4096 Nov 12 00:39 mail
drwx------  2 root   mail   4096 Mar 15  2007 mqueue
drwxr-xr-x  8 news   news   4096 Nov 12 00:40 news
drwxr-xr-x  2 rpm    rpm    4096 May 24 21:44 repackage
drwxr-xr-x  2 root   root   4096 Jan  7  2007 rwho
drwxrwxrwt  2 root   root   4096 May 26 00:41 samba
drwxr-x--- 19 squid  squid  4096 Nov 12 03:18 squid
drwxrwxrwt  2 root   root   4096 May 24 18:06 vbox
[root@star squid]# usermod -s /bin/bash apache
[root@star squid]# su - apache
-bash-3.2$
-bash-3.2$
0
 
LVL 2

Expert Comment

by:artms
ID: 22935251
Well squid directory is accessible only by squid (and root) apache doesn't have rights to enter there. There are two solution, change mode to 0755 (chmod 0755 /var/spool/squid), or change group (chown :apache /var/spool/squid). Both solution are not secure, but the second one is better (only apache and squid will be able to read files, not all other user on that server).

If you are using RHEL or centos, please also enter this command:
sestatus


Selinux might block request even after you change directory rights to correct ones.
0
 

Author Comment

by:adaheem
ID: 22935306
hi

still not working
can i type the permission manually somewhere in a file?
0
 
LVL 2

Expert Comment

by:artms
ID: 22935343
Please write output of this commands:
ls -l /var/spool/
sestatus
ls -l /var/spool/squid | grep video_cache

0
 

Author Comment

by:adaheem
ID: 22935366
[root@star ~]# ls -l /var/spool/
total 112
drwxr-xr-x  2 root   root   4096 Nov 12 00:48 anacron
drwx------  3 daemon daemon 4096 Nov 12 00:39 at
drwxrwx---  2 smmsp  smmsp  4096 Nov 12 04:04 clientmqueue
drwx------  2 root   root   4096 Nov 10  2007 cron
drwx--x---  3 root   lp     4096 Nov 12 00:38 cups
drwxr-xr-x  2 root   root   4096 Mar 29  2007 lpd
drwxrwxr-x  2 root   mail   4096 Nov 12 04:04 mail
drwx------  2 root   mail   4096 Nov 12 04:04 mqueue
drwxr-xr-x  8 news   news   4096 Nov 12 00:40 news
drwxr-xr-x  2 rpm    rpm    4096 May 24 21:44 repackage
drwxr-xr-x  2 root   root   4096 Jan  7  2007 rwho
drwxrwxrwt  2 root   root   4096 May 26 00:41 samba
drwxr-xr-x 19 squid  apache 4096 Nov 12 03:18 squid
drwxrwxrwt  2 root   root   4096 May 24 18:06 vbox
You have new mail in /var/spool/mail/root
[root@star ~]# sestatus
SELinux status:                 disabled
[root@star ~]# ls -l /var/spool/squid | grep video_cache
drwxr-xr-x  11 root  apache  4096 Nov 12 02:15 video_cache
0
 
LVL 2

Expert Comment

by:artms
ID: 22935416
Please provide error message from apache error log, and apache configuration part where you configured access to /var/spool/squid/video_cache.


0
 

Author Comment

by:adaheem
ID: 22935476
ok

but httpd.conf cannot be attached ,here is the part:

<Directory "/var/spool/squid/video_cache">
 Order Allow,Deny
 Allow from all
</Directory>
0
 
LVL 2

Expert Comment

by:artms
ID: 22941991
What is the documentroot? You can attach httpd.conf if you will rename it to httpd.txt
0
 

Author Comment

by:adaheem
ID: 22942951
Hi

you can see the setup file at http://www.cachevideos.com

youtube_cache-1.2.tar.gz

i can't upload its extension


httpd.txt
squid.txt
youtube-cache.txt
0
 
LVL 2

Expert Comment

by:artms
ID: 22943966
hmm, in httpd.conf there is no <Directory "/var/spool/squid/video_cache">... you forgot to include some file...
0
 

Author Comment

by:adaheem
ID: 22944223
still no luck
0
 
LVL 2

Expert Comment

by:artms
ID: 22944243
Ok, if you want to see your files, then as an experiment change documentroot to /var/spool/squid/video_cache

Btw, what link are you using when you test access to video_cache...
0
 

Author Comment

by:adaheem
ID: 22945666
in IE i use it as follow:

http://192.186.10.1/video_cache
0
 
LVL 2

Expert Comment

by:artms
ID: 22953235
From your given configuration it is not possible to access that directory, because you simply didn't tell apache to serve from there
Change
DocumentRoot "/var/www/html"

To
DocumentRoot "/var/spool/squid/"
And the use that link.
0
 
LVL 3

Accepted Solution

by:
jdarwin earned 1000 total points
ID: 23093523
Hi,

If none of above suggestions worked, try this:

ln -s /var/spool/squid/video_cache /var/www/html/video_cache

Please remember to accept this solution, if it worked for your goodness dear!

Regards.
0
 

Author Comment

by:adaheem
ID: 23188553
hi
there was a bug in the software i was using. its author has corrected it and now its working very fine .
thanks for the help
0
 

Author Closing Comment

by:adaheem
ID: 31515586
there was a bug in the software i was using and its corrected by the author. thanks for the help
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As Wikipedia explains 'robots.txt' as -- the robot exclusion standard, also known as the Robots Exclusion Protocol or robots.txt protocol, is a convention to prevent cooperating web spiders and other web robots from accessing all or part of a websit…
If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
this video summaries big data hadoop online training demo (http://onlineitguru.com/big-data-hadoop-online-training-placement.html) , and covers basics in big data hadoop .
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…
Suggested Courses
Course of the Month15 days, 18 hours left to enroll

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question