0

I have a Django website running via nginx under user www-data and gunicorn under user myuser bound at /run/gunicorn.sock.

nginx works just fine; it acts as a proxy to the gunicorn Unix domain socket. I'm not having any problems with nginx.

redis-server also works just fine. It's domain socket is at /var/run/redis/redis-server.sock.

When I enable CACHES in my Django settings file, I get the following exception from gunicorn:

Error 13 connecting to unix socket: /run/redis/redis-server.sock. Permission denied.

Using ps aux | grep redis, I find that /usr/bin/redis-server is running under the redis user, which is totally expected and acceptable, I think. I have added myuser to the redis group, and restarted the server. I continue to receive that exception.

What am I doing wrong? How can I get the two daemons to work together: gunicorn and redis-server?

Bobort
  • 126
  • 4

1 Answers1

0

I used the default redis.conf file at /etc/redis and just uncommented their example with regards to the Unix socket.

It had this information:

# Unix socket.
#
# Specify the path for the Unix socket that will be used to listen for
# incoming connections. There is no default, so Redis will not listen
# on a unix socket when not specified.
#
unixsocket /var/run/redis/redis-server.sock
unixsocketperm 700

I commented out the unixsocketperm line and added this one:

unixsocketperm 660

It worked right away. I'm quite excited and can't wait to see the results of using a cache server.

The reason that it worked is because the middle number in the permissions is 6, and it applies to the group permissions. Prior to my update, the redis group had 0 permissions on the socket file. After my update, it now has read and write permissions on the socket file. I read somewhere that socket files do not need execute permission for users, so I removed that permission for security's sake.

Bobort
  • 126
  • 4