[squid-users] Trying to add a custom python external_acl_type from Romeo Mihalcea on 2013-08-17 (squid-users)

From: Romeo Mihalcea <romeo.mihalcea_at_gmail.com>
Date: Sat, 17 Aug 2013 14:14:20 +0300

I'm trying to create an external acl helper for squid3 to (hopefully)
cut down some config lines from my squid3 server and I wrote a simple
python script for it:

#!/usr/bin/python

import sys
import logging
import time

logger = logging.getLogger( 'squid_auth' )
logger.setLevel( logging.DEBUG )
fh = logging.FileHandler( 'spam.log' )
fh.setLevel( logging.DEBUG )
formatter = logging.Formatter( '%(asctime)s - %(name)s - %(levelname)s
- %(message)s' )
fh.setFormatter( formatter )
logger.addHandler( fh )

def grant ():
sys.stdout.write( 'OK\n' )
sys.stdout.flush()

def deny ():
sys.stdout.write( 'ERR\n' )
sys.stdout.flush()

while True:
line = sys.stdin.readline().strip()
if line:
         logger.info( line )
         grant()
else:
         time.sleep( 1 )

and added it into my squid.conf:

external_acl_type custom_acl %SRC %LOGIN %DST
/etc/changemyip/squid/config/acl.py
acl CustomAcl external custom_acl
http_access allow CustomAcl

The path to the script is right (I can execute it in shell), the
program has execute rights and everything but, when I reload squid I
get this error about 5-6 times then squid crashes:

    Aug 17 14:08:52 server7 (squid): The custom_acl helpers are
crashing too rapidly, need help!
    Aug 17 14:08:52 server7 squid[28233]: Squid Parent: child process
28290 exited with status 1
    Aug 17 14:08:52 server7 squid[28233]: Exiting due to repeated,
frequent failures

As you can see the script is just printing `OK\n` to the stdout to
grant everyone. I haven't even started implementing any logic to it.

Tested with squid version: `3.1.19`

configure options: '--prefix=/etc/squid-test/squid'
'--enable-async-io' '--enable-icmp' '--enable-useragent-log'
'--enable-snmp' '--enable-cache-digests'
'--enable-follow-x-forwarded-for' '--enable-storeio=aufs'
'--enable-removal-policies=heap,lru' '--with-maxfd=16384'
'--enable-poll' '--disable-ident-lookups' '--enable-truncate'
'--exec-prefix=/etc/squid-test/squid/exec'
'--bindir=/etc/squid-test/squid/bin'
'--libexecdir=/etc/squid-test/squid/lib'
'--localstatedir=/etc/squid-test/squid/state' '--srcdir=.'
'--datadir=/etc/squid-test/squid/data'
'--sysconfdir=/etc/squid-test/squid/config'
'--with-logdir=/etc/squid-test/squid/logs'
'--with-pidfile=/etc/squid-test/squid/squid.pid'
--with-squid=/root/squid-3.1.19 --enable-ltdl-convenience
Received on Sat Aug 17 2013 - 11:14:34 MDT

This archive was generated by hypermail 2.2.0 : Sat Aug 17 2013 - 12:00:10 MDT