How to resolve systemd (code=exited, status=227/NO_NEW_PRIVILEGES)?

Solution 1

I would guess you are running into this result of the systemd NoNewPrivileges= directive. Assuming that the redis-server package generally works Ubuntu 16.04 systems, this suggests that your system may custom global settings for NoNewPrivileges= or a related directive that's causing Redis to fail to start.

Read the docs linked about about NoNewPrivileges= and the related directives, then search in your /etc/systemd/ directory to see if any of those values have been customized on your system. If not, confirm that the redis package you are installing is indeed supported on the operating system version you are installing it on.

Solution 2

This has been raised as a Debian bug, back in December 2017, but the bug was closed without a service fix. If you have the details that Chris Lamb requested, please supply them.

A similar problem was reported for Debian's MariaDB 10.1 package back in July 2017, which was closed without fix when the package was removed from Debian.

A local fix is to change the service's settings to be

NoNewPrivileges=no
PrivateDevices=no

Do not edit /etc/systemd/system/redis.service or /usr/lib/systemd/system/redis-server.service directly. The latter is not supposed to be hand-edited by local administrators at all, and the former isn't the actual service unit file that comes with the Debian package.

Instead use systemctl edit redis.service to create a unit drop-in file and put the settings there. This also does a daemon-reload implicitly, which one would have to do by hand if one were modifying unit files by hand.

For those trying to find this in the source package: The packaged redis.service and [email protected] files are generated by a Debian program called generate-systemd-service-files.

This is one of several problems that people have had with use of systemd's restriction mechanisms in the service units that are generated and packaged by the Debian people. Others are that its ProtectHome=yes setting stops a symbolically linked /home from working, in a launchpad bug, and that its ReadOnlyDirectories=/ setting yields a 226/NAMESPACE error code, in a StackOverflow Q&A. The local fix takes the same form for all, a drop-in unit file with a setting override.

Further reading

• Mauro Ziliani (2017-12-19). redis-server exit with code 227/NO_NEW_PRIVILEGES. Debian bug #884764.
• Andrew France (2016-11-01). redis-server fails to start after 16.04 to 16.10 upgrade. Launchpad bug #1638410.
• https://stackoverflow.com/a/48496530/340790
• ozzloy palindromemordnilap (2017-07-03). mariadb install fails with NO_NEW_PRIVILEGES (systemd). Debian bug #867137.
• systemctl - service exit codes and status information explanation

Related videos on Youtube

01 : 25

How to fix Cannot open output file: Permission denied collect2.exe: error: ld returned 1 exit status

67-O-68-E

460

02 : 10

Fix Error: Undefined Reference to WinMain | Collect2.exe: error: ld returned 1 exit status | C/C++

BoostMyTool

176

02 : 47

How to resolve systemd (code=exited, status=227/NO_NEW_PRIVILEGES)? (3 Solutions!!)

Roel Van de Paar

31

03 : 04

Solve the error Arduino collect2.exe error ld returned 5 exit status ld.exe- English Version

elmaestrodetecno

27

03 : 58

[SOLUTION] How to Fix/Solve Exit Status 259 in Dev-C++

Vincent Jonathan

22

03 : 35

Arduino ошибка компиляции collect2.exe: error: id returned 5 exit status

Умный Дом

15

00 : 55

C/C++ VISUAL STUDIO CODE (1d returned error)//WINDOWS 10

Sharath Chandra

4

05 : 31

Systemctl, Systemd, update-rc.d and run levels: configuring services to run at boot time

Prime Radiant Security

3

Author by

Tankernn

Updated on September 18, 2022