D7net
Home
Console
Upload
information
Create File
Create Folder
About
Tools
:
/
proc
/
self
/
root
/
proc
/
thread-self
/
root
/
proc
/
thread-self
/
root
/
usr
/
local
/
lsws
/
lsns
/
bin
/
Filename :
redis_svc.sh
back
Copy
#!/bin/bash # Starts/stops redis user services # Parameters start|stop $USER if (( $# < 2 )); then echo "You must specify an action and a user" exit 1 fi ACTION=$1 USER=$2 HOMEDIR=$(/usr/bin/getent passwd "$USER" | /usr/bin/cut -d: -f6) if [[ -e "/etc/cagefs/cagefs.mp" ]] ; then SOCKDIR1="${HOMEDIR}/.cagefs" SOCKDIR="${HOMEDIR}/.cagefs/tmp" REDISDIR="${HOMEDIR}/.cagefs/tmp/redis" else SOCKDIR1="${HOMEDIR}/.lsns" SOCKDIR="${HOMEDIR}/.lsns/tmp" REDISDIR="${HOMEDIR}/.lsns/tmp/redis" fi if [ "$ACTION" == "start" ]; then # V12 (CWE-276): ensure per-user redis runtime dirs exist and are 0700. # mkdir -p is a no-op when the dir already exists, so this also remediates # pre-existing 0777 dirs created before this hardening was applied. mkdir -p "$SOCKDIR1" -m 0700 chown "$USER" "$SOCKDIR1" chmod 0700 "$SOCKDIR1" mkdir -p "$SOCKDIR" -m 0700 chown "$USER" "$SOCKDIR" chmod 0700 "$SOCKDIR" mkdir -p "$REDISDIR" -m 0700 chown "$USER" "$REDISDIR" chmod 0700 "$REDISDIR" DIR="$(dirname "$0")" PACKAGE_SIZES="${DIR}/../conf/redis_package_size.conf" if [ -e "${DIR}/../conf/use-valkey" ]; then REDIS="valkey" else REDIS="redis" fi if [ -e "${REDISDIR}/redis.size" ] && \ SIZEMB=$(cat "${REDISDIR}/redis.size") ; then echo "SIZEMB from size file: ${SIZEMB}" elif [ -e "${REDISDIR}/redis.package" ] && \ PACKAGE=$(cat "${REDISDIR}/redis.package") && \ PKGLINE=$(grep "${PACKAGE}", < "${PACKAGE_SIZES}") && \ SIZEMB=$(echo "${PKGLINE}" | cut -d',' -f2 | tr -d '\r') then echo "SIZEMB from package ${PACKAGE}: ${SIZEMB}" elif SIZEMB=$("cat" "${DIR}/../conf/redis_default_size.conf") ; then echo "SIZEMB from default file: ${SIZEMB}" else SIZEMB="64" echo "SIZEMB final default: ${SIZEMB}" fi rm -f "${REDISDIR}"/*.rdb "/usr/bin/${REDIS}-server" --port 0 --unixsocketperm 700 --unixsocket "${SOCKDIR}"/redis.sock --dir "${REDISDIR}" --maxmemory "${SIZEMB}"mb --supervised systemd elif [ "$ACTION" == "stop" ]; then echo "Stopping redis for ${USER}" else echo "Undefined action: ${ACTION}" exit 1 fi