Ubuntu
squid3 package

Automatic squid reload on resolv.conf update does not work

Bug #1748471 reported by Kyrylo Bohdanenko
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
squid3 (Ubuntu)
Expired
Undecided
Unassigned

Bug Description

There is a script (/etc/resolvconf/update-libc.d/squid) provided by the squid package which calls:

  invoke-rc.d reload squid || true

The thing is, that command somehow does not cause the squid to reload. This is particularly painful when Ubuntu is being contained in VirtualBox and some resolv.conf changes are done during the boot process. I.e. after the system boot the squid proxy server is just not working (it returns HTTP/500 and HTTP header X-Squid-Error: ERR_CANNOT_FORWARD). In access log one can see something like this:

  1518190105.150 0 127.0.0.1 TCP_MISS/500 4495 GET http://security.ubuntu.com/ubuntu/dists/artful-security/InRelease - HIER_NONE/- text/html
  1518190105.153 0 127.0.0.1 TCP_MISS/500 4474 GET http://pl.archive.ubuntu.com/ubuntu/dists/artful/InRelease - HIER_NONE/- text/html

I.e. HIER_NONE appears practically after 0 miliseconds means that squid is experiencing connectivity problems.

That being said, reloading squid using systemd equivalent of the invoke-rc.d command works just fine (in the script also):

  systemctl reload squid || true

So, to sum up, I would like to ask to fix the squid package by either:
* Change /etc/resolvconf/update-libc.d/squid to use `systemctl reload squid`
* Make `invoke-rc.d reload` work properly for squid

Environment:
Description: Ubuntu 17.10
Release: 17.10
squid:
  Installed: 3.5.23-5ubuntu1.1
  Candidate: 3.5.23-5ubuntu1.1

ProblemType: Bug
DistroRelease: Ubuntu 17.10
Package: squid 3.5.23-5ubuntu1.1
ProcVersionSignature: Ubuntu 4.13.0-32.35-generic 4.13.13
Uname: Linux 4.13.0-32-generic x86_64
ApportVersion: 2.20.7-0ubuntu3.7
Architecture: amd64
CurrentDesktop: KDE
Date: Fri Feb 9 17:03:47 2018
InstallationDate: Installed on 2016-08-03 (555 days ago)
InstallationMedia: Kubuntu 16.04.1 LTS "Xenial Xerus" - Release amd64 (20160719)
SourcePackage: squid3
UpgradeStatus: Upgraded to artful on 2017-10-05 (127 days ago)
mtime.conffile..etc.squid.squid.conf: 2017-11-27T19:29:36.332000

Revision history for this message
Kyrylo Bohdanenko (kyrboh) wrote :
Revision history for this message
Ubuntu Foundations Team Bug Bot (crichton) wrote :

The attachment "Proposed fix: use systemd in /etc/resolvconf/update-libc.d/squid" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.]

tags: added: patch
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Hi,
the command is actually:
$ invoke-rc.d squid reload
not
$ invoke-rc.d reload squid

Fortunately the latter is what I already see in debian/squid.resolvconf which is what becomes /etc/resolvconf/update-libc.d/squid

I see in the log of the daemon correct reload entries when running the above:
Feb 16 10:16:11 bionic-test systemd[1]: Reloading LSB: Squid HTTP Proxy version 3.x.
Feb 16 10:16:11 bionic-test squid[19363]: * Reloading Squid HTTP Proxy configuration files
Feb 16 10:16:11 bionic-test squid[19363]: ...done.

So IMHO it is not the change invoke.rc -> systemctl that is needed.
Instead I'd assume you are affected by bug 1713803

Could you check if resolveconf is even installed (so that the hooks would be processed)?

Changed in squid3 (Ubuntu):
status: New → Incomplete
Revision history for this message
Kyrylo Bohdanenko (kyrboh) wrote :

Hi Christopher,

Sorry for the invoke-rc.d command mistake: it was jsut a typo. Of course you are right and the actual command there like you have said.

As for the resolvconf, it is installed on my machine:

  $ apt policy resolvconf
  resolvconf:
    Installed: 1.79ubuntu8
    Candidate: 1.79ubuntu8
    Version table:
   *** 1.79ubuntu8 500
          500 http://pl.archive.ubuntu.com/ubuntu artful/universe amd64 Packages
          500 http://pl.archive.ubuntu.com/ubuntu artful/universe i386 Packages
          100 /var/lib/dpkg/status

I would like to underline that on my Artful installation `invoke-rc.d squid reload` somehow does not cause Squid to re-load the configuration correctly: it is not able to go to network (although network is set up correctly) showing instant HIER_NONE/ in the access.log.

However, like in your case there are entries in /var/log/syslog about squid reloading:

  Feb 15 19:17:39 hatchling systemd[1]: Reloading LSB: Squid HTTP Proxy version 3.x.
  Feb 15 19:17:39 hatchling squid[4613]: * Reloading Squid HTTP Proxy configuration files
  Feb 15 19:17:39 hatchling squid[4613]: ...done.
  Feb 15 19:17:39 hatchling systemd[1]: Reloaded LSB: Squid HTTP Proxy version 3.x.

Revision history for this message
Kyrylo Bohdanenko (kyrboh) wrote :
Download full text (5.9 KiB)

Or let me put it the other way. Below goes what I have figured out so far.

1. Whenever I start my virtual machine (from a "Powered Off" state) internet via proxy does not work.

  $ env | grep -i http_proxy
  HTTP_PROXY=http://localhost:48080/
  http_proxy=http://localhost:48080/

  $ systemctl status squid
  ● squid.service - LSB: Squid HTTP Proxy version 3.x
     Loaded: loaded (/etc/init.d/squid; generated; vendor preset: enabled)
     Active: active (running) since Fri 2018-02-16 13:11:38 CET; 7min ago
       Docs: man:systemd-sysv-generator(8)
    Process: 2081 ExecReload=/etc/init.d/squid reload (code=exited, status=0/SUCCESS)
    Process: 383 ExecStart=/etc/init.d/squid start (code=exited, status=0/SUCCESS)
      Tasks: 4 (limit: 4915)
     CGroup: /system.slice/squid.service
             ├─ 539 /usr/sbin/squid -YC -f /etc/squid/squid.conf
             ├─ 541 (squid-1) -YC -f /etc/squid/squid.conf
             ├─2095 (logfile-daemon) /var/log/squid/access.log
             └─2285 (pinger)

  Feb 16 13:11:38 hatchling squid[539]: Squid Parent: will start 1 kids
  Feb 16 13:11:38 hatchling squid[539]: Squid Parent: (squid-1) process 541 started
  Feb 16 13:11:49 hatchling systemd[1]: Reloading LSB: Squid HTTP Proxy version 3.x.
  Feb 16 13:11:49 hatchling squid[904]: * Reloading Squid HTTP Proxy configuration files
  Feb 16 13:11:49 hatchling squid[904]: ...done.
  Feb 16 13:11:49 hatchling systemd[1]: Reloaded LSB: Squid HTTP Proxy version 3.x.
  Feb 16 13:13:58 hatchling systemd[1]: Reloading LSB: Squid HTTP Proxy version 3.x.
  Feb 16 13:13:58 hatchling squid[2081]: * Reloading Squid HTTP Proxy configuration files
  Feb 16 13:13:58 hatchling squid[2081]: ...done.
  Feb 16 13:13:58 hatchling systemd[1]: Reloaded LSB: Squid HTTP Proxy version 3.x.

  $ sudo netstat -tulpn | grep 48080
  tcp6 0 0 :::48080 :::* LISTEN 541/(squid-1)

  $ wget google.com
  --2018-02-16 13:20:59-- http://google.com/
  Resolving localhost (localhost)... 127.0.0.1
  Connecting to localhost (localhost)|127.0.0.1|:48080... connected.
  ...

Read more...

Revision history for this message
Launchpad Janitor (janitor) wrote :

[Expired for squid3 (Ubuntu) because there has been no activity for 60 days.]

Changed in squid3 (Ubuntu):
status: Incomplete → Expired
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.