aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authordoktornotor <notordoktor@gmail.com>2015-09-27 11:39:30 +0200
committerdoktornotor <notordoktor@gmail.com>2015-09-27 11:39:30 +0200
commite0bf22a296a66b1bbf35bacd6ad05db8fe930557 (patch)
treebb2190101f4492f1ba62d8b4967f8cbcc9747e3a
parentc802438703949cb7e211c37f7859aeee7c92a6d7 (diff)
downloadpfsense-packages-e0bf22a296a66b1bbf35bacd6ad05db8fe930557.tar.gz
pfsense-packages-e0bf22a296a66b1bbf35bacd6ad05db8fe930557.tar.bz2
pfsense-packages-e0bf22a296a66b1bbf35bacd6ad05db8fe930557.zip
sanitize squid3 package install process
- On package install, custom_php_resync_config_command is automatically called. There is no need to call it yet again. - When squid_resync() is called on install, logdir will get created if needed, cache dir will get set up as needed via squid_dash_z(), and finally firewall will get reconfigured. There is absolutely no need to setup cache 4 times, there is also definitely no need to reconfigure filter 3 times and no need to restart the services (at least) 3 times in one minute. This seriously confuses Squid3 and breaks things, as in Bug #4857 - Finally, modify squid_resync() so that it only (re)starts services if Squid3 is actually enabled, and stops them otherwise
-rwxr-xr-xconfig/squid3/34/squid.inc73
1 files changed, 32 insertions, 41 deletions
diff --git a/config/squid3/34/squid.inc b/config/squid3/34/squid.inc
index 3e305936..a0bf7c87 100755
--- a/config/squid3/34/squid.inc
+++ b/config/squid3/34/squid.inc
@@ -313,10 +313,6 @@ function squid_install_command() {
update_status("Writing configuration... One moment please...");
write_config();
- /* create cache */
- update_status("Creating squid cache pools... One moment please...");
- squid_dash_z();
-
/* make sure pinger is executable and suid root */
// XXX: Bug #5114
if (file_exists(SQUID_LOCALBASE . "/libexec/squid/pinger")) {
@@ -348,34 +344,9 @@ function squid_install_command() {
squid_chown_recursive($dir, SQUID_UID, SQUID_GID);
}
- /* kill any running proxy alarm scripts */
- update_status("Checking for running processes... One moment please...");
- log_error("Stopping any running proxy monitors");
- mwexec("/usr/local/etc/rc.d/sqp_monitor.sh stop");
- sleep(1);
-
if (!file_exists(SQUID_CONFBASE . '/mime.conf') && file_exists(SQUID_CONFBASE . '/mime.conf.default'))
copy(SQUID_CONFBASE . '/mime.conf.default', SQUID_CONFBASE . '/mime.conf');
- update_status("Checking cache... One moment please...");
- squid_dash_z();
-
- if (!is_service_running('squid')) {
- update_status("Starting... One moment please...");
- log_error("Starting Squid");
- mwexec_bg(SQUID_BASE. "/sbin/squid -f " . SQUID_CONFFILE);
- } else {
- update_status("Reloading Squid for configuration sync... One moment please...");
- log_error("Reloading Squid for configuration sync");
- mwexec_bg(SQUID_BASE. "/sbin/squid -k reconfigure -f " . SQUID_CONFFILE);
- }
-
- /* restart proxy alarm scripts */
- log_error("Starting a proxy monitor script");
- mwexec_bg("/usr/local/etc/rc.d/sqp_monitor.sh start");
-
- update_status("Reconfiguring filter... One moment please...");
- filter_configure();
}
function squid_deinstall_command() {
@@ -1980,43 +1951,63 @@ function squid_resync($via_rpc = "no") {
}
$log_dir = "";
+ $squid_enabled = false;
// check if Squid is enabled
if (is_array($config['installedpackages']['squid']['config'])) {
if ($config['installedpackages']['squid']['config'][0]['active_interface'] != "") {
$log_dir = $config['installedpackages']['squid']['config'][0]['log_dir'] . '/';
+ $squid_enabled = true;
}
} elseif (is_array($config['installedpackages']['squidreversegeneral']['config'])) {
// check if squidreverse is enabled
if ($config['installedpackages']['squidreversegeneral']['config'][0]['reverse_interface'] != "") {
$log_dir = "/var/squid/logs/";
+ $squid_enabled = true;
}
}
- // do not start squid if there is no log dir
- if ($log_dir != "") {
- if (!is_dir($log_dir)) {
- log_error("Creating Squid log dir $log_dir");
- safe_mkdir($log_dir, 0755);
- squid_chown_recursive($log_dir, SQUID_UID, SQUID_GID);
- }
+ // create log dir if required
+ if (!is_dir($log_dir)) {
+ log_error("Creating Squid log dir $log_dir");
+ safe_mkdir($log_dir, 0755);
+ squid_chown_recursive($log_dir, SQUID_UID, SQUID_GID);
+ }
- squid_dash_z();
+ // check cache dir and create if necessary
+ squid_dash_z();
+ // reconfigure and (re)start service as needed if enabled, otherwise stop them
+ // do not (re)start squid services on boot
+ if ((!isset($boot_process)) && ($squid_enabled)) {
+ /* kill any running proxy alarm scripts */
+ log_error("Stopping any running proxy monitors");
+ mwexec("/usr/local/etc/rc.d/sqp_monitor.sh stop");
+ sleep(1);
if (!is_service_running('squid')) {
log_error("Starting Squid");
mwexec(SQUID_BASE . "/sbin/squid -f " . SQUID_CONFFILE);
- } elseif (!isset($boot_process)) {
+ } else {
log_error("Reloading Squid for configuration sync");
mwexec(SQUID_BASE . "/sbin/squid -k reconfigure -f " . SQUID_CONFFILE);
}
-
- // Sleep for a couple seconds to give squid a chance to fire up fully.
+ // sleep for a couple seconds to give squid a chance to fire up fully.
for ($i = 0; $i < 10; $i++) {
if (!is_service_running('squid')) {
sleep(1);
}
}
- filter_configure();
+ /* restart proxy alarm scripts */
+ log_error("Starting a proxy monitor script");
+ mwexec_bg("/usr/local/etc/rc.d/sqp_monitor.sh start");
+ } elseif (!$squid_enabled) {
+ /* Squid is disabled - kill any running proxy alarm scripts and stop Squid services */
+ log_error("Stopping any running proxy monitors");
+ mwexec("/usr/local/etc/rc.d/sqp_monitor.sh stop");
+ sleep(1);
+ log_error("Stopping Squid");
+ stop_service("squid");
}
+
+ filter_configure();
conf_mount_ro();
}