我安装了Squid Proxy服务器，但是我收到如下错误：

Jul 14 15:09:02 server1 squid[5315]: Squid Parent: child process 5317 started
Jul 14 15:09:02 server1 squid[5317]: Cannot open HTTP Port
Jul 14 15:09:02 server1 squid[5315]: Squid Parent: child process 5317 exited due to signal 6
Jul 14 15:09:02 server1 setroubleshoot: SELinux is preventing the squid (squid_t) from binding to port 5000. For complete SELinux messages. run sealert -l 1cf3c788-35f7-4752-8439-92a1d0719466

我该如何解决这个问题？

Squid的默认端口是3128，您已将其更改为5000。
SELinux是RHEL/CentOS/Fedora的一部分，可防止在任何其他端口上运行squid。
执行以下命令以查看详细消息：

sealert -l 1cf3c788-35f7-4752-8439-92a1d0719466

输出示例：

sealert -l 1cf3c788-35f7-4752-8439-92a1d0719466

Summary:

SELinux is preventing the squid (squid_t) from binding to port 5000.

Detailed Description:

SELinux has denied the squid from binding to a network port 5000 which does not
have an SELinux type associated with it. If squid is supposed to be allowed to
listen on this port, you can use the semanage command to add this port to a port
type that squid_t can bind to. semanage port -l will list all port types. Please
file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against
the selinux-policy package. If squid is not supposed to bind to this port, this
could signal a intrusion attempt. If this system is running as an NIS Client,
turning on the allow_ypbind boolean, may fix the problem. setsebool -P
allow_ypbind=1.

Allowing Access:

If you want to allow squid to bind to this port semanage port -a -t PORT_TYPE -p
PROTOCOL 5000 Where PORT_TYPE is a type that squid_t can bind and PROTOCOL is
udp or tcp.

Additional Information:

Source Context                root:system_r:squid_t
Target Context                system_u:object_r:port_t
Target Objects                None [ tcp_socket ]
Source                        squid
Source Path                   /usr/sbin/squid
Port                          5000
Host                          server1.theitroad.com
Source RPM Packages           squid-2.6.STABLE21-6.el5
Target RPM Packages           
Policy RPM                    selinux-policy-2.4.6-279.el5
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   bind_ports
Host Name                     server1.theitroad.com
Platform                      Linux server1.theitroad.com 2.6.18-194.8.1.el5 #1
                              SMP Wed Jun 23 10:52:51 EDT 2010 x86_64 x86_64
Alert Count                   5
First Seen                    Wed Jul 14 15:09:02 2010
Last Seen                     Wed Jul 14 15:09:15 2010
Local ID                      1cf3c788-35f7-4752-8439-92a1d0719466
Line Numbers                  

Raw Audit Messages            

host=server1.theitroad.com type=AVC msg=audit(1279138155.644:158): avc:  denied  { name_bind } for  pid=5366 comm="squid" src=5000 scontext=root:system_r:squid_t:s0 tcontext=system_u:object_r:port_t:s0 tclass=tcp_socket

host=server1.theitroad.com type=SYSCALL msg=audit(1279138155.644:158): arch=c000003e syscall=49 success=no exit=-13 a0=11 a1=7ffff9929280 a2=10 a3=7ffff992929c items=0 ppid=5315 pid=5366 auid=0 uid=23 gid=23 euid=0 suid=0 fsuid=0 egid=23 sgid=23 fsgid=23 tty=(none) ses=1 comm="squid" exe="/usr/sbin/squid" subj=root:system_r:squid_t:s0 key=(null)

但是，如何解决此问题并将Squid使用端口5000？

执行以下命令以为Squid服务添加新的SELinux端口映射：

# semanage port -a -t http_cache_port_t -p tcp 5000
# service squid start
# chkconfig squid on
# tail -f /var/log/messages