# squid "permission denied..." no matter what



## igorino (Aug 15, 2013)

When I try to start the Squid service, www/lusca-head, with `/usr/local/etc/rc.d/squid start`, I'm getting the following error:

```
FATAL: Unable to open configuration file: /usr/local/etc/squid/squid.conf: (13) Permission denied
```
Trying to initialize the cache, with `squid -z`, I get the error:

```
FATAL: Failed to make swap directory /var/cache/squid/aufs: (13) Permission denied
```
In my squid.conf I have the following lines:

```
cache_dir aufs /var/cache/squid/aufs 30720 16 256
cache_effective_user squid
cache_effective_group wheel
```

In /etc/passwd

```
squid:*:100:100:Squid caching-proxy pseudo user:/usr/local/squid:/usr/sbin/nologin
```

In /etc/fstab

```
/dev/gpt/cacheaufs /var/cache/squid ufs rw      2       2
```

`ls -l /usr/local/etc/squid/squid.conf` returns

```
-rwxr--r--  1 squid  wheel  3329 Aug 14 21:11 /usr/local/etc/squid/squid.conf
```

And `ls -l /var/cache/squid` returns

```
drwxrwxrwx  18 squid  wheel  512 Aug 14 19:26 aufs
```

That's really weird, since even setting the correct user and file permissions in those files I cannot start the service. Does anybody know what could be done to start it?


----------



## DutchDaemon (Aug 15, 2013)

I don't understand why anything run by Squid would be group-owned by wheel. It's entirely unnecessary. The cache directory itself (the one that contains the 00, 01, etc. directories) can be squid:squid and 755. The configuration file should be squid:squid, 444. I see you have a separate mountpoint for your cache. It may be worth the try to change the mountpoint to squid:squid as well (before mounting, so the mountpoint, not the mounted directory).


----------



## igorino (Aug 15, 2013)

DutchDaemon said:
			
		

> I don't understand why anything run by Squid would be group-owned by wheel. It's entirely unnecessary. The cache directory itself (the one that contains the 00, 01, etc. directories) can be squid:squid and 755. The configuration file should be squid:squid, 444. I see you have a separate mountpoint for your cache. It may be worth the try to change the mountpoint to squid:squid as well (before mounting, so the mountpoint, not the mounted directory).



Changed some permissions and owners
`chown -R squid:squid /var/cache/squid`
`chmod -R 755 /var/cache/squid`
`chown squid:squid /usr/local/etc/squid/squid.conf`
`chmod 444 /usr/local/etc/squid/squid.conf`

Now in /usr/local/etc/squid/squid.conf I have

```
cache_effective_group squid
```

Still receiving 

```
FATAL: Unable to open configuration file: /usr/local/etc/squid/squid.conf: (13) Permission denied
```
when I try to `/usr/local/etc/rc.d/squid start`

and

```
FATAL: Failed to make swap directory /var/cache/squid/aufs: (13) Permission denied
```
with `squid -z`

I forget to mention that I have the line 
	
	



```
squid_user="squid"
```
 in /etc/rc.conf too.

I tried to `pkg_delete "lusca-head*"` then reinstall it again, but is no go either.


----------



## Anonymous (Aug 15, 2013)

igorino said:
			
		

> ...
> 
> 
> 
> ...



Check `# ls -ld /usr/local/etc/squid`. Mine is:


```
drwxr-xr-x  4 root  squid  512 Jan  7 09:46 /usr/local/etc/squid
```



			
				igorino said:
			
		

> ...
> 
> 
> 
> ...



Try `# chmod -R g+w /var/cache/squid`


----------



## DutchDaemon (Aug 15, 2013)

Make sure the mountpoint has the correct permissions. Unmount the cache first.


----------



## igorino (Aug 15, 2013)

DutchDaemon said:
			
		

> Make sure the mountpoint has the correct permissions. Unmount the cache first.



Setting the correct permission and owner on /var/cache did the trick.

Must be some concept that I was mistaken about. If in /etc/fstab I have the line 
	
	



```
/dev/gpt/cacheaufs /var/cache/squid ufs rw      2       2
```
then my mountpoint is /var/cache not /var/cache/squid?

Thank you everybody!

p.s.: I almost feel ashamed for not having mentioned that I have two other partitions for COSS cache too.


----------

