Univention Bugzilla – Bug 40593
Add option dbtemp to squidguard
Last modified: 2016-03-02 13:53:59 CET
squidguard is part of UCS, so the patched package should be delivered also via errata updates, so avoid update problems later on (see bug 40541). +++ This bug was initially created as a clone of Bug #40541 +++ Ticket#2016012821000323 In /var/tmp were lot's of files (~15000; 77GB) from the last 3 years. The files were owned by proxy:proxy and contained database information. I digged into the code of squidguard and libdb and for me it looks like if squidguard is using an unnamed in-memory btree via libdb. If the amount of data still fits into the in memory cache, no file is created. If too much data is stored within the btree, a temporary backing file is created in /var/tmp (if nothing else is defined in DB_ENV). Currently I have no idea who is responsible for the backing file. If I'm right, squidguard does not get an file handle for the backing file and is therefore unable to take care of it. It is possible to define a different tmpdir for the backing files but e.g. /tmp is no real solution since we have multiple squidguard instances running which are quite often restarted. On each start of an instance, a new backing file is created. The problem got much worse since the increase of started squidguard instances (2→20). See also: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=721314
squidguard has been patched. A new config option "dbtemp" has been added. If defined, the bdb backing files will be placed within that directory. If unset, squidguard shows the old behaviour (using /var/tmp as temp dir for backing files). In UCS@school in ucs-test-ucsschool the test 11_squidguard_test_dbtemp_option has been added to test the new option and correct functionality. squidguard.yaml: r67235 | Bug #40593: updated squidguard.yaml r67228 | Bug #40593: added squidguard.yaml Patch in squidguard/4.0-0-0-ucs/1.5-1-ucs-school-4.0r2/001-added_dbtemp_option.patch: r15857 | Bug #40541: added option "dbtemp" to specify directory for temporary backing files r15855 | Bug #40541: added option "dbtemp" to specify directory for temporary backing files r15854 | Bug #40541: added option "dbtemp" to specify directory for temporary backing files r15853 | Bug #40541: added option "dbtemp" to specify directory for temporary backing files r15852 | Bug #40541: added option "dbtemp" to specify directory for temporary backing files r15851 | Bug #40541: added option "dbtemp" to specify directory for temporary backing files r15850 | Bug #40541: converted patch to debian patch r15813 | Bug #40541: converted patch to debian patch r15812 | Bug #40541: set tmp dir for libdb in squidguard r15811 | Bug #40541: set tmp dir for libdb in squidguard
During QA please check if there's a memory that may cause problems during regular use.
Please note: squidguard has been patched and built in ucs-school-4.0r2 AND errata4.0-4 to avoid problems with security/debian updates later on.
OK squidguard 1.5-1.23.201602051322 OK squidguard 1.5-1.25.201602051324
YAML: OK
<http://errata.software-univention.de/ucs/4.0/404.html>