什么是Redis改变自己的配置 [英] What is Redis change its own configurations
问题描述
Redis 将自己的配置目录更改为 /etc/cron.d 并将 dbfile 更改为 ntp 而不是默认配置.一旦我们重新启动 redis,它将重置为/var/lib/redis 和 dump.rdb,但过了一会儿,它会给出打开 RDB 文件失败"错误
Redis change its own config dir to /etc/cron.d and dbfile to ntp instead of default configuration. Once we restart the redis it will reset to /var/lib/redis and dump.rdb but after awhile, it gives "Failed opening the RDB file" error
默认的 dire 和 rdb 文件具有正确的权限,redis 只允许内部 IP.
Default dire and rdb file has correct permission and redis only allow for internal IPs.
cli 输出
127.0.0.1:6381> CONFIG GET dir
1) "dir"
2) "/etc/cron.d"
127.0.0.1:6381> CONFIG GET "dbfilename"
1) "dbfilename"
2) "ntp"
/var/log/redis/redis-server.log
/var/log/redis/redis-server.log
3204:M 21 May 16:07:19.124 * Background saving terminated with success
3204:M 21 May 16:12:18.962 * 10000 changes in 60 seconds. Saving...
3204:M 21 May 16:12:18.967 * Background saving started by pid 25469
25469:C 21 May 16:12:20.931 * DB saved on disk
25469:C 21 May 16:12:20.934 * RDB: 3 MB of memory used by copy-on-write
3204:M 21 May 16:12:20.968 * Background saving terminated with success
3204:M 21 May 16:17:21.082 * 10 changes in 300 seconds. Saving...
3204:M 21 May 16:17:21.088 * Background saving started by pid 25865
25865:C 21 May 16:17:22.800 * DB saved on disk
25865:C 21 May 16:17:22.803 * RDB: 3 MB of memory used by copy-on-write
3204:M 21 May 16:17:22.891 * Background saving terminated with success
3204:M 21 May 16:17:43.669 # Failed opening the RDB file root (in server root dir /var/spool/cron) for saving: Read-only file system
3204:M 21 May 16:17:45.320 # Failed opening the RDB file ntp (in server root dir /etc/cron.d) for saving: Read-only file system
3204:M 21 May 16:22:23.086 * 10 changes in 300 seconds. Saving...
3204:M 21 May 16:22:23.092 * Background saving started by pid 26264
26264:C 21 May 16:22:23.093 # Failed opening the RDB file ntp (in server root dir /etc/cron.d) for saving: Read-only file system
3204:M 21 May 16:22:23.194 # Background saving error
3204:M 21 May 16:22:29.104 * 10 changes in 300 seconds. Saving...
3204:M 21 May 16:22:29.109 * Background saving started by pid 26265
26265:C 21 May 16:22:29.109 # Failed opening the RDB file ntp (in server root dir /etc/cron.d) for saving: Read-only file system
3204:M 21 May 16:22:29.209 # Background saving error
3204:M 21 May 16:22:35.016 * 10 changes in 300 seconds. Saving...
推荐答案
您的服务器是否可以通过 Internet 公开访问?
最可能的解释是有人连接到 redis 并发送命令以远程重新配置它,试图控制服务器.
The most likely explanation is that somebody is connecting to the redis and sending commands to reconfigure it remotely, trying to take control over the server.
机器人 24/7 全天候扫描互联网,寻找暴露的软件和已知漏洞.快速的经验法则是,将在不到 5 分钟的时间内发现并攻击上线的新服务.(尝试运行未打补丁的 Windows XP 服务器,您会惊讶于它的持续时间如此之短).
There are bots scanning the internet 24/7 looking for exposed software and known vulnerabilities. Quick rule of thumb is that a new service coming up online will be discovered and attacked in less than 5 minutes. (Try running an unpatched Windows XP server and be amazed how short it lasts).
考虑到 redis 和可能整个服务器都受到了威胁.我希望你在这个 redis 中没有敏感信息或者这是一个数据泄露.
Consider that redis and potentially the whole server was compromised. I hope for you that there was no sensitive information in this redis or that's a data breach.
阻止公共访问,停用虚拟机,从头开始设置新的.
相关redis票:https://github.com/antirez/redis/issues/3594
这篇关于什么是Redis改变自己的配置的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
