Hi Chris, On 10/10/2015 07:55 PM, Chris Lamb wrote: >> unixsocket /tmp/redis.sock > > So, I'm not sure "/tmp" is really a suitable location for a system-wide > socket file.
just have used that because OpenVAS is defaulting to this location but i agree that this is not the best location. There seems to be also an older bugreport about that default location here: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=632931 > Would you be okay if I changed the (commented-out) default to somewhere > in, say, /var/run? That would seem to match most other daemons that use > UNIX sockets like this (MySQL, PostgreSQL, etc. etc.) That probably would be the best thing to do here. redis-server itself has no permissions to write directly into /var/run but in /var/run/redis so this is what i'm currently using. > I don't really want to disable PrivateTmp=True as it's quite an easy > security measure and -- as a bonus -- prevents multiple instances of > Redis from conflicting with each other. Ah, thats the reason for this extra tmp folder. Wasn't aware of this functionality and the reason behind it.