After upgrading Debian, it has an issue starting redis-server.service
.
In the output of journalctl -xe
I see the following:
redis-server.service: Failed at step NAMESPACE spawning /usr/bin/redis-server: Stale file handle.
I can't start the redis-server.service and in the output of the systemctl start redis-server
I have:
Job for redis-server.service failed because the control process exited with error code.
See "systemctl status redis-server.service" and "journalctl -xe" for details.
In the output of systemctl status redis-server
I have:
● redis-server.service - Advanced key-value store
Loaded: loaded (/lib/systemd/system/redis-server.service; disabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Mon 2018-01-29 10:29:08 MSK; 58s ago
Docs: http://redis.io/documentation,
man:redis-server(1)
Process: 11701 ExecStop=/bin/kill -s TERM $MAINPID (code=exited, status=226/NAMESPACE)
Process: 11720 ExecStart=/usr/bin/redis-server /etc/redis/redis.conf (code=exited, status=226/NAMESPACE)
Main PID: 10193 (code=exited, status=0/SUCCESS)
Jan 29 10:29:08 xxx systemd[1]: redis-server.service: Service hold-off time over, scheduling restart.
Jan 29 10:29:08 xxx systemd[1]: redis-server.service: Scheduled restart job, restart counter is at 5.
Jan 29 10:29:08 xxx systemd[1]: Stopped Advanced key-value store.
My question how to fix this issue and start redis-server.service?
Found a workaround solution:
I've played around with the /lib/systemd/system/redis-server.service
editing service file as root, commenting out different fields trying to find where the failure happens and restarting systemd (via systemctl daemon-reload
, systemctl stop redis-server
, systemctl start redis-server
)
For me the issue was the following line in the redis-server.service file:
ReadOnlyDirectories=/
which I have commented out and that allowed redis-server to start succesfully.
So my current /lib/systemd/system/redis-server.service
is:
[Unit]
Description=Advanced key-value store
After=network.target
Documentation=http://redis.io/documentation, man:redis-server(1)
[Service]
Type=forking
ExecStart=/usr/bin/redis-server /etc/redis/redis.conf
ExecStop=/bin/kill -s TERM $MAINPID
PIDFile=/var/run/redis/redis-server.pid
TimeoutStopSec=0
Restart=always
User=redis
Group=redis
RuntimeDirectory=redis
RuntimeDirectoryMode=2755
UMask=007
PrivateTmp=yes
LimitNOFILE=65535
PrivateDevices=yes
ProtectHome=yes
#Modified 20180129 to avoid issue to start redis
#redis-server.service: Failed at step NAMESPACE spawning /usr/bin/redis-server: Stale file handle
#ReadOnlyDirectories=/
ReadWriteDirectories=-/var/lib/redis
ReadWriteDirectories=-/var/log/redis
ReadWriteDirectories=-/var/run/redis
NoNewPrivileges=true
CapabilityBoundingSet=CAP_SETGID CAP_SETUID CAP_SYS_RESOURCE
MemoryDenyWriteExecute=true
ProtectKernelModules=true
ProtectKernelTunables=true
ProtectControlGroups=true
RestrictRealtime=true
RestrictNamespaces=true
RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
# redis-server can write to its own config file when in cluster mode so we
# permit writing there by default. If you are not using this feature, it is
# recommended that you replace the following lines with "ProtectSystem=full".
ProtectSystem=true
ReadWriteDirectories=-/etc/redis
[Install]
WantedBy=multi-user.target
Alias=redis.service