659d0e4677
redis 7.0.10 CVE-2023-28425 boo#1209528 OBS-URL: https://build.opensuse.org/request/show/1073382 OBS-URL: https://build.opensuse.org/package/show/server:database/redis?expand=0&rev=220 |
||
---|---|---|
.gitattributes | ||
ppc-atomic.patch | ||
README.SUSE | ||
redis-7.0.10.tar.gz | ||
redis-conf.patch | ||
redis-sentinel.target | ||
redis-sentinel@.service | ||
redis-user.conf | ||
redis.changes | ||
redis.hashes | ||
redis.logrotate | ||
redis.spec | ||
redis.sysctl | ||
redis.target | ||
redis.tmpfiles.d | ||
redis@.service | ||
reproducible.patch |
README.SUSE ------------- Redis Server ============== 1. cp -a /etc/redis/default.conf.example /etc/redis/instancename.conf We use the "cp -a" here, so that our permissions are preserved. In case you copied the file with out the "-a" chown root:redis /etc/redis/instancename.conf chmod u=rw,g=r,o= /etc/redis/instancename.conf 2. change at least pidfile, logfile and dir setting # the pid file *has* to match your config filename without the ".conf" pidfile /run/redis/instancename.pid logfile /var/log/redis/instancename.log dir /var/lib/redis/instancename/ If you want to run more than one instance you also have to change the socket path and/or the ip:port combination. e.g. /run/redis/instancename.sock Also make sure if you copy configurations from somewhere, that "daemonize" should be set to "no". 3. create the database dir: $ install -d -o redis -g redis -m 0750 /var/lib/redis/instancename/ 4. systemctl start redis@instancename 5. systemctl enable redis@instancename 6. To stop/restart all instances at the same time use: systemctl restart redis.target systemctl stop redis.target Redis Sentinel ================ 1. cp -a /etc/redis/sentinel.conf.example /etc/redis/sentinel-instancename.conf We use the "cp -a" here, so that our permissions are preserved. In case you copied the file with out the "-a" chown root:redis /etc/redis/sentinel-instancename.conf chmod u=rw,g=rw,o= /etc/redis/sentinel-instancename.conf Please note that the sentinel config needs write permissions for the group. The chmod line differs from the line for the normal redis server. 2. change at least pidfile, logfile setting # the pid file *has* to match your config filename without the ".conf" pidfile /run/redis/instancename.pid logfile /var/log/redis/instancename.log If you want to run more than one instance you also have to change the socket path and/or the ip:port combination. e.g. /run/redis/instancename.sock Also make sure if you copy configurations from somewhere, that "daemonize" should be set to "no". 4. systemctl start redis-sentinel@instancename 5. systemctl enable redis-sentinel@instancename 6. To stop/restart all instances at the same time use: systemctl restart redis-sentinel.target systemctl stop redis-sentinel.target Integration with apache when using unix domain sockets ========================================================= If you plan to use redis in combination with apache, then you should add 'redis' to apache group and set 'unixsocketperm 770': $ usermod -a -G redis wwwrun $ systemctl restart apache2 then apache is able to connect to redis socket