Univention Bugzilla – Bug 34045
U@S32R2: squid - more auth helpers and URL redirectors by default
Last modified: 2015-12-21 16:28:09 CET
By default, squid.conf starts 5 authentication helpers and 5 URL redirector processes. That might not be enough for a school: ---cache.log WARNING: All ntlmauthenticator processes are busy. WARNING: 10 pending requests queued Consider increasing the number of ntlmauthenticator processes in your co nfig file. ... WARNING: All redirector processes are busy. WARNING: 5 pending requests queued Consider increasing the number of redirector processes in your config file --- ucr set squid/ntlmauth/children=50 ucr set squid/basicauth/children=50 Since there is not an UCR variable like squid/redirect/children, the change has to be made in the local configuration file: #---/etc/squid3/local.conf #... url_rewrite_children 20 #--- There is an old bug about this: Bug #18456
This is a problem that occurs quite often in UCS@school, e.g. 2015100121000411 2015093021000646 To be honest, I'm not aware of a productive UCS@school environment that we are involved in, where we did not have to increase this.
Which value is usually set in manually configured customer environments?
(In reply to Sönke Schwardt-Krummrich from comment #2) > Which value is usually set in manually configured customer environments? Sorry, I could've mentioned that right away. AFAIR we usually set it to '50'.
Prepared erratum for UCS@school 3.2 R2: ucs-school-webproxy now sets the following UCR variables if still unset: - squid/rewrite/children?20 - squid/basicauth/children?50 - squid/ntlmauth/children?50 - squid/krb5auth/children?50 Exept for squid/ntlmauth/children all UCR variable should be unset if unmodified. squid/ntlmauth/children is set to 10 by ucs-school-webproxy in previous versions. If the UCR variable still holds a value of "10", the UCR variable is updated to 50 automatically. xml changelog entry has been added ucs-school-webproxy (10.0.5-1): r65956 | Bug #34045: increase number of squid helper processes
Bug: squid/ntlmauth/children is still set to "10" after update.
preinst is never called with "$1" = configure: https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html#s-mscriptsinstact
ucs-school-webproxy (10.0.5-2): r65983 | Bug #34045: removed outdated code block that has never been called r65982 | Bug #34045: automatically raise default of squid/ntlmauth/children to 50 r65956 | Bug #34045: increase number of squid helper processes
OK: code OK: result: root@ucs32:~# ucr search squid/.*/children squid/basicauth/children: 50 squid/krb5auth/children: 50 squid/ntlmauth/children: 50 squid/rewrite/children: 20 root@ucs32:~# pstree | grep squid |-squid3---squid3-+-20*[squidGuard] | |-50*[squid_ldap_auth] | |-50*[squid_ldap_ntlm]
UCS@school 3.2 R2 v5 has been released. If this error occurs again, please use "Clone This Bug".