From owner-freebsd-ports@FreeBSD.ORG Tue Jan 27 00:38:16 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E45F7C4A for ; Tue, 27 Jan 2015 00:38:16 +0000 (UTC) Received: from mail-pd0-x233.google.com (mail-pd0-x233.google.com [IPv6:2607:f8b0:400e:c02::233]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id AC75EAD7 for ; Tue, 27 Jan 2015 00:38:16 +0000 (UTC) Received: by mail-pd0-f179.google.com with SMTP id v10so15288728pde.10 for ; Mon, 26 Jan 2015 16:38:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=hJE+t88JBMQpPz5D8EWPM+GwLxg2ZFHXk3VLAE9ay+Y=; b=rBlK/L/vVcO66ehmmbeYhjvDpSiZzmeROQnYwAJ6cCvjqLEBaF3vSgDPAkMS1uzQH1 xBX9sjmawG2wsSeCXpKVOyib9/aYXKRIpwbb0PMrOoyaor7isPuo5CiJfC+MG6rDuvda kdxxESS0FUbS8GXRCxhoZzz+QTDTVjRlpLAL1azeBUsp00UisMvKZp1tdYzQVA1HWldS mgIe7fYvqV2DOV8gRlQNW6qXZMZaVA52VMRybMcC+1FRCkHhz7QVcKJxrTZQVI+tkhyl aTF2qHC69G8uyd5Eq6TBBd3K45EQdeIOKEhIwuzjaXjW2LqiTmd7vSA8z1mO79FkBenG UKLw== MIME-Version: 1.0 X-Received: by 10.70.14.229 with SMTP id s5mr38595249pdc.143.1422319096231; Mon, 26 Jan 2015 16:38:16 -0800 (PST) Sender: kob6558@gmail.com Received: by 10.66.253.37 with HTTP; Mon, 26 Jan 2015 16:38:16 -0800 (PST) In-Reply-To: <20150126235655.5d371915@kirk.drpetervoigt.private> References: <20150126152433.52f07277f377f9396b65c9a8@mimar.rs> <20150127.002919.335530336.yasu@utahime.org> <20150126163934.32f199d43d86a70b00dd7e4a@mimar.rs> <20150127.010539.230444205.yasu@utahime.org> <54C6695E.6010704@freebsd.org> <20150126212514.56c8f0866f1d63bb98089dd0@mimar.rs> <20150126235655.5d371915@kirk.drpetervoigt.private> Date: Mon, 26 Jan 2015 16:38:16 -0800 X-Google-Sender-Auth: YWueRBV4i5sdbX2e062hd_iGQZg Message-ID: Subject: Re: www/squid does not shutdown via rc From: Kevin Oberman To: "Dr. Peter Voigt" Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.18-1 Cc: FreeBSD Ports ML X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Jan 2015 00:38:17 -0000 On Mon, Jan 26, 2015 at 2:56 PM, Dr. Peter Voigt wrote: > On Mon, 26 Jan 2015 21:25:14 +0100 > Marko Cupa=C4=87 wrote: > > > On Mon, 26 Jan 2015 16:20:46 +0000 > > Matthew Seaman wrote: > > > > > >> > Also, is there a chance they will be pushed to freebsd-update? > > > > > > No. Unless these are either security fixes or fixes for a major > > > regression (which this is not) in 10.1-RELEASE, then they won't be > > > applied to that branch. > > > > From OS point of view, this could be indeed seen as minor regression. > > > > But please consider server admin's point of view: > > - squid33 had latest release on 2014-08-27 > > - squid33 has been scheduled for expiration on 2015-01-31, but was > > extended to 2015-05-31 because of ntlm_auth issue in squid34 > > - squid34 does not run on 10.1-RELEASE-pX > > - 10.2-RELEASE is not likely to be before 2015-05-31 > > > > Which means that pkg installs of latest squid (www/squid34) will be > > useless on latest FreeBSD release (10.1-RELEASE) for a long time. > > > > > They will, however, be in the next release cut from stable/10, which > > > will be 10.2-RELEASE, and presumably in releases from other branches > > > from now on. > > > > > > Your best recourse at the moment is to manually patch the kernel > > > sources and build yourself a custom kernel on the affected machines. > > > > I was looking forward to avoid it. Perhaps I'm succumbing to > > conformism. > > I am suffering from the same 10.1/Squid problem for some time and I am > glad stumbling across this thread. Fortunately Squid is running stable > apart from this shutdown issue. > > To me it looks like a serious kernel issue and I can hardly believe it > will not be fixed in the 10.1-RELEASE. > > It is quite an effort to compile, manually patch and install a custom > kernel, if you aren't too experienced like I am. I have only managed > building the GENERIC kernel so far as part of the build world process > when upgrading to 10.1. > > While I can sympathize with those hitting this bug, shortly after a release FreeBSD support is turned over to the Security Officer and it is very difficult to get it pulled back. The fear that a change will break other stuff is too great, so it's very unlikely to happen for anything that is not: 1) A security issue 2) Causes the base system to have serious stability issues Painful as this may be to squid users, it is just not at the level a a release re-roll. As far as patching, it is really pretty easy and requires no special skills or knowledge. 1. Download the two patches as ~/A.patch and ~/B.patch 2. Apply them to the source # cd /usr/src # patch -p2 < ~/A.patch # patch -p2 < ~/B.patch 3. Save your existing kernel for future updates (security patches or 10.2) # cp /boot/kernel/kernel /boot/GENERIC 4. Rebuild the kernel # make buildkernel (If you have multiple cores, the kernel will build much faster if you add he '-jN' option where 'N' is 1 or two more than the number of cores) 5. Install the new kernel # make installkernel 6. Reboot to start the new kernel If the new kernel doesn't work, the old kernel can be restored from /boot/GENERIC or you can boot kernel.old. -- Kevin Oberman, Network Engineer, Retired E-mail: rkoberman@gmail.com