diff options
Diffstat (limited to 'net-proxy/squid/files')
| -rw-r--r-- | net-proxy/squid/files/squid.confd-r1 | 12 | ||||
| -rw-r--r-- | net-proxy/squid/files/squid.cron | 5 | ||||
| -rw-r--r-- | net-proxy/squid/files/squid.initd-r4 | 117 | ||||
| -rw-r--r-- | net-proxy/squid/files/squid.logrotate | 8 | ||||
| -rw-r--r-- | net-proxy/squid/files/squid.pam | 7 |
5 files changed, 149 insertions, 0 deletions
diff --git a/net-proxy/squid/files/squid.confd-r1 b/net-proxy/squid/files/squid.confd-r1 new file mode 100644 index 0000000..a29d33d --- /dev/null +++ b/net-proxy/squid/files/squid.confd-r1 @@ -0,0 +1,12 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +# Config file for /etc/init.d/squid + +SQUID_OPTS="-YC" + +# Kerberos keytab file to use. This is required if you enable kerberos authentication. +SQUID_KEYTAB="" + +# Use max_filedescriptors setting in squid.conf to determine the maximum number +# of filedescriptors squid can open. diff --git a/net-proxy/squid/files/squid.cron b/net-proxy/squid/files/squid.cron new file mode 100644 index 0000000..8726ddd --- /dev/null +++ b/net-proxy/squid/files/squid.cron @@ -0,0 +1,5 @@ +#!/bin/sh +if test -e /var/run/squid.pid ; then + test -n "$(cat /var/run/squid.pid|xargs ps -p|grep squid)" && \ + /usr/sbin/squid -k rotate +fi diff --git a/net-proxy/squid/files/squid.initd-r4 b/net-proxy/squid/files/squid.initd-r4 new file mode 100644 index 0000000..3e84eda --- /dev/null +++ b/net-proxy/squid/files/squid.initd-r4 @@ -0,0 +1,117 @@ +#!/sbin/openrc-run +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +extra_started_commands="reload rotate" + +depend() { + use dns net +} + +checkconfig() { + if [ ! -f /etc/squid/${SVCNAME}.conf ]; then + eerror "You need to create /etc/squid/${SVCNAME}.conf first." + eerror "An example can be found in /etc/squid/squid.conf.default" + return 1 + fi + + local PIDFILE=$(awk '/^[ \t]*pid_filename[ \t]+/ { print $2 }' < /etc/squid/${SVCNAME}.conf) + [ -z ${PIDFILE} ] && PIDFILE=/run/squid.pid + if [ /run/${SVCNAME}.pid != ${PIDFILE} ]; then + eerror "/etc/squid/${SVCNAME}.conf must set pid_filename to" + eerror " /run/${SVCNAME}.pid" + eerror "CAUTION: http_port, cache_dir and *_log parameters must be different than" + eerror " in any other instance of squid." + return 1 + fi + + # Maximum file descriptors squid can open is determined by: + # a basic default of N=1024 + # ... altered by ./configure --with-filedescriptors=N + # ... overridden on production by squid.conf max_filedescriptors (if, + # and only if, setrlimit() RLIMIT_NOFILE is able to be built+used). + # Since we do not configure hard coded # of filedescriptors anymore, + # there is no need for ulimit calls in the init script. + # Use max_filedescriptors in squid.conf instead. + + local CACHE_SWAP=$(awk '/^[ \t]*cache_dir[ \t]+/ { if ( $2 == "rock" ) printf "%s/rock ", $3; else if ( $2 == "coss" ) printf "%s/stripe ", $3; else printf "%s/00 ", $3; }' < /etc/squid/${SVCNAME}.conf) + [ -z "$CACHE_SWAP" ] && CACHE_SWAP="/var/cache/squid/00" + + local x + for x in $CACHE_SWAP ; do + if [ ! -e $x ] ; then + ebegin "Initializing cache directory ${x%/*}" + local ORIG_UMASK=$(umask) + umask 027 + + if ! (mkdir -p ${x%/*} && chown squid ${x%/*}) ; then + eend 1 + return 1 + fi + + local INIT_CACHE_RESPONSE="$(/usr/sbin/squid -z -N -f /etc/squid/${SVCNAME}.conf 2>&1)" + if [ $? != 0 ] || echo "$INIT_CACHE_RESPONSE" | grep -q "erminated abnormally" ; then + umask $ORIG_UMASK + eend 1 + echo "$INIT_CACHE_RESPONSE" + return 1 + fi + + umask $ORIG_UMASK + eend 0 + break + fi + done + + return 0 +} + +start() { + checkconfig || return 1 + checkpath -d -q -m 0750 -o squid:squid /run/${SVCNAME} + + ebegin "Starting ${SVCNAME}" + KRB5_KTNAME="${SQUID_KEYTAB}" /usr/sbin/squid ${SQUID_OPTS} -f /etc/squid/${SVCNAME}.conf + eend $? && sleep 1 +} + +stop() { + ebegin "Stopping ${SVCNAME}" + if /usr/sbin/squid -k shutdown -f /etc/squid/${SVCNAME}.conf ; then + # Now we have to wait until squid has _really_ stopped. + sleep 1 + if [ -f /run/${SVCNAME}.pid ] ; then + einfon "Waiting for squid to shutdown ." + cnt=0 + while [ -f /run/${SVCNAME}.pid ] ; do + cnt=$(expr $cnt + 1) + if [ $cnt -gt 60 ] ; then + # Waited 120 seconds now. Fail. + echo + eend 1 "Failed." + break + fi + sleep 2 + echo -n "." + done + echo + fi + else + eerror "Squid shutdown failed, probably service is already down." + fi + eend 0 +} + +reload() { + checkconfig || return 1 + ebegin "Reloading ${SVCNAME}" + /usr/sbin/squid -k reconfigure -f /etc/squid/${SVCNAME}.conf + eend $? +} + +rotate() { + service_started ${SVCNAME} || return 1 + ebegin "Rotating ${SVCNAME} logs" + /usr/sbin/squid -k rotate -f /etc/squid/${SVCNAME}.conf + eend $? +} diff --git a/net-proxy/squid/files/squid.logrotate b/net-proxy/squid/files/squid.logrotate new file mode 100644 index 0000000..5bf2896 --- /dev/null +++ b/net-proxy/squid/files/squid.logrotate @@ -0,0 +1,8 @@ +/var/log/squid/*.log { + copytruncate + compress + notifempty + missingok + sharedscripts +} + diff --git a/net-proxy/squid/files/squid.pam b/net-proxy/squid/files/squid.pam new file mode 100644 index 0000000..75eeaa9 --- /dev/null +++ b/net-proxy/squid/files/squid.pam @@ -0,0 +1,7 @@ +#%PAM-1.0 +auth required pam_nologin.so +auth include system-auth +account include system-auth +password include system-auth +session optional pam_limits.so +session include system-auth |