Closed simontol closed 2 years ago
simontol
commented
2 years ago drwxr-xr-x 1 redis root 48 May 3 09:40 data
drwxr-xr-x 5 root root 340 May 3 06:44 dev
drwxr-xr-x 1 root root 22 Apr 27 07:58 etcps aux | grep redis
1 redis 0:20 redis-server *:6379redis-server is running as redis user and trying to write in /etc that is root:root instead of /data
yosifkit
commented
2 years ago In normal operation, it is unlikely that redis would write to /etc, especially crontab. It is possible that you have ports: in your compose file and are thus exposing a non-password protected database to external actors.
Edit: network_mode: host will be doing the same as the ports: I mentioned, and so the redis database will be exposed to anyone with access to the host's IP address. I'd highly recommend adding authentication or not using host mode networking.
simontol
commented
2 years ago HI @yosifkit, thanks for your answer. This redis instance is running locally on a developement machine. The port is not reachable outside of my local network, so I suppose that is something in the symfony application that I'm running that tries to change the configuration.
tianon
commented
2 years ago Any luck figuring out what's responsible for changing this configuration in your environment?
I'm inclined to close this issue as there's probably not much we can do to fix this in the image itself :sweat_smile: For more assistance, I'd suggest trying a dedicated support forum, such as the Docker Community Forums, the Docker Community Slack, or Stack Overflow.
simontol
commented
2 years ago @tianon please close the issue. I've reinstalled the environment and the error is gone. I have no idea what was the cause.
I keep getting this message in logs:
# Failed opening the RDB file crontab (in server root dir /etc) for saving: Permission deniedIf I runredis-cli config set dir "/data"then I get:Background saving terminated with successAm I missing something? I run redis from docker-compose: