Closed geerlingguy closed 3 months ago
This is also breaking CI on my php-redis role: https://github.com/geerlingguy/ansible-role-php-redis/issues/6
During first run (before redis restarts):
[root@instance /]# ls -lah /etc/redis
total 16K
drwxr-xr-x 2 root root 4.0K Jul 31 05:16 .
drwxr-xr-x 1 root root 4.0K Jul 31 05:16 ..
-rw-r--r-- 1 root root 609 Jul 31 05:16 redis.conf
After first run (after redis restarts):
[root@instance /]# ls -lah /etc/redis
total 124K
drwxr-x--- 2 redis root 4.0K Jul 31 05:17 .
drwxr-xr-x 1 root root 4.0K Jul 31 05:17 ..
-rw-r--r-- 1 root root 609 Jul 31 05:16 redis.conf
-rw-r----- 1 redis root 92K Oct 30 2022 redis.conf.rpmnew
-rw-r----- 1 redis root 14K Oct 30 2022 sentinel.conf
Well... idempotence was fixed on RockyLinux9, but now is still failing on Ubuntu2404. Testing locally on that.
During first run (before redis restarts):
root@instance:/# ls -lah /etc/redis
total 16K
drwxr-x--- 2 root root 4.0K Jul 31 05:32 .
drwxr-xr-x 1 root root 4.0K Jul 31 05:32 ..
-rw-r----- 1 root root 616 Jul 31 05:32 redis.conf
After first run (after redis restarts):
root@instance:/# ls -lah /etc/redis
total 124K
drwxrws--- 2 redis redis 4.0K Jul 31 05:32 .
drwxr-xr-x 1 root root 4.0K Jul 31 05:32 ..
-rw-r----- 1 redis redis 616 Jul 31 05:32 redis.conf
-rw-r----- 1 root root 105K Apr 1 07:33 redis.conf.dpkg-dist
It looks like the group setuid bit would == 02750
? Ugh... might have to make this configurable between Debian / RHELs.
Should be fixed now!
Hi @geerlingguy, I'm having issues with running this ansible role after upgrading from 1.7.0
to 1.9.0
- Redis is unable to start because it cannot open the config file: Fatal error, can't open config file '/etc/redis/redis.conf'
.
I'm not that fluent with Linux permissions, but could it be that the permissions of the config directory are causing the issue? I saw this was one of the changes made recently in the role:
redis_conf_dir_mode: 02770
Edit: setting the mode to 02771
seems to do the trick for me..
All the documentation online seems to point to 770 permissions for that file... it works in CI, but that doesn't mean it works in all real world deployments.
Also related: #80