Hi!<br><br>I've defined a new redis-service:<br></div></div><br>The Service I derived this from:<br>Code:[Unit]<div>Description=Advanced key-value store</div><div>After=network.target</div><div>Documentation=http://redis.io/documentation, man:redis-server(1)</div><div><br></div><div>[Service]</div><div>Type=forking</div><div>ExecStart=/usr/bin/redis-server /etc/redis/redis-openvas.conf</div><div>PIDFile=/run/redis/redis-server-openvas.pid</div><div>TimeoutStopSec=0</div><div>Restart=always</div><div>User=redis</div><div>Group=redis</div><div>RuntimeDirectory=redis</div><div>RuntimeDirectoryMode=2755</div><div><br></div><div>UMask=007</div><div>PrivateTmp=yes</div><div>LimitNOFILE=65535</div><div>PrivateDevices=yes</div><div>ProtectHome=yes</div><div>ReadOnlyDirectories=/</div><div>ReadWritePaths=-/var/lib/redis</div><div>ReadWritePaths=-/var/log/redis</div><div>ReadWritePaths=-/var/run/redis</div><div><br></div><div>NoNewPrivileges=true</div><div>CapabilityBoundingSet=CAP_SETGID CAP_SETUID CAP_SYS_RESOURCE</div><div>MemoryDenyWriteExecute=true</div><div>ProtectKernelModules=true</div><div>ProtectKernelTunables=true</div><div>ProtectControlGroups=true</div><div>RestrictRealtime=true</div><div>RestrictNamespaces=true</div><div>RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX</div><div><br></div><div># redis-server can write to its own config file when in cluster mode so we</div><div># permit writing there by default. If you are not using this feature, it is</div><div># recommended that you replace the following lines with "ProtectSystem=full".</div><div>ProtectSystem=true</div><div>ReadWriteDirectories=-/etc/redis</div><div><div><br></div><div>[Install]</div><div>WantedBy=multi-user.target</div><div>Alias=redis-openvas.service</div><div></div></div><br>Any idea why one starts and the other waits forCode:[Unit]<div>Description=Advanced key-value store</div><div>After=network.target</div><div>Documentation=http://redis.io/documentation, man:redis-server(1)</div><div><br></div><div>[Service]</div><div>Type=forking</div><div>ExecStart=/usr/bin/redis-server /etc/redis/redis.conf</div><div>PIDFile=/run/redis/redis-server.pid</div><div>TimeoutStopSec=0</div><div>Restart=always</div><div>User=redis</div><div>Group=redis</div><div>RuntimeDirectory=redis</div><div>RuntimeDirectoryMode=2755</div><div><br></div><div>UMask=007</div><div>PrivateTmp=yes</div><div>LimitNOFILE=65535</div><div>PrivateDevices=yes</div><div>ProtectHome=yes</div><div>ReadOnlyDirectories=/</div><div>ReadWritePaths=-/var/lib/redis</div><div>ReadWritePaths=-/var/log/redis</div><div>ReadWritePaths=-/var/run/redis</div><div><br></div><div>NoNewPrivileges=true</div><div>CapabilityBoundingSet=CAP_SETGID CAP_SETUID CAP_SYS_RESOURCE</div><div>MemoryDenyWriteExecute=true</div><div>ProtectKernelModules=true</div><div>ProtectKernelTunables=true</div><div>ProtectControlGroups=true</div><div>RestrictRealtime=true</div><div>RestrictNamespaces=true</div><div>RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX</div><div><br></div><div># redis-server can write to its own config file when in cluster mode so we</div><div># permit writing there by default. If you are not using this feature, it is</div><div># recommended that you replace the following lines with "ProtectSystem=full".</div><div>ProtectSystem=true</div><div>ReadWriteDirectories=-/etc/redis<br><br></div><div><div>[Install]</div><div>WantedBy=multi-user.target</div><div>Alias=redis.service</div><div><br>Code:systemd-tty-ask-password-agent</div>Code:root 810 0.0 0.2 4444 2356 pts/1 Ss 08:28 0:00 \_ -bash<div>root 846 0.2 0.1 6136 1056 pts/1 S+ 08:31 0:00 | \_ systemctl start redis-server-openvas</div><div>root 847 0.5 0.2 11416 2584 pts/1 S+ 08:31 0:00 | \_ /bin/systemd-tty-ask-password-agent --watch
