Dustin C. Hatch
7569c9da0d
Running `squid -z` as *root* leaves behind temporary files in `/dev/shm`. When *squid.service* starts squid, in the proper SELinux domain, it is unable to access these files and crashes. To avoid this, we mount a private *tmpfs* so no existing files are accessible in the service's namespace.
15 lines
318 B
YAML
15 lines
318 B
YAML
- name: reload systemd
|
|
systemd:
|
|
daemon_reload: true
|
|
|
|
- name: initialize squid cache directories
|
|
command:
|
|
/usr/sbin/squid -N -z -F -f /etc/squid/squid.conf
|
|
|
|
- name: reload squid
|
|
service:
|
|
name=squid
|
|
state=reloaded
|
|
- name: save firewalld configuration
|
|
command: firewall-cmd --runtime-to-permanent
|