It came to our attention that while the /etc/redis/redis-persistent.conf configuration file for the persistent Redis instance was readable by the app user, the default /etc/redis/redis.conf was not. We’ve now changed our configuration management to also make the redis.conf readable.
before:
app@pup1w8-vdloo-magweb-cmbl:~$ cat /etc/redis/redis.conf
cat: /etc/redis/redis.conf: Permission denied
app@pup1w8-vdloo-magweb-cmbl:~$ cat /etc/redis/redis-persistent.conf
# See https://raw.githubusercontent.com/antirez/redis/3.0/redis.conf for a documented version of all available options
daemonize yes
pidfile /var/run/redis/redis-server-persistent.pid
...
after:
app@pup1w8-vdloo-magweb-cmbl:~$ cat /etc/redis/redis.conf
# See https://raw.githubusercontent.com/antirez/redis/3.0/redis.conf for a documented version of all available options
daemonize yes
pidfile /var/run/redis/redis-server.pid
...
app@pup1w8-vdloo-magweb-cmbl:~$ cat /etc/redis/redis-persistent.conf
# See https://raw.githubusercontent.com/antirez/redis/3.0/redis.conf for a documented version of all available options
daemonize yes
pidfile /var/run/redis/redis-server-persistent.pid
...
For more information about our Redis configuration see this article.