diff --git a/SOURCES/redis.sysusers b/SOURCES/redis.sysusers
new file mode 100644
index 0000000..0494785
--- /dev/null
+++ b/SOURCES/redis.sysusers
@@ -0,0 +1 @@
+u     redis  -   "Redis Database Server"  /var/lib/redis      /sbin/nologin
diff --git a/SOURCES/redis.tmpfiles b/SOURCES/redis.tmpfiles
new file mode 100644
index 0000000..75ba125
--- /dev/null
+++ b/SOURCES/redis.tmpfiles
@@ -0,0 +1,4 @@
+Z /etc/redis     ~0750 redis root  -
+D /run/redis      0755 redis redis -
+d /var/lib/redis  0750 redis redis -
+d /var/log/redis  0750 redis redis -
diff --git a/SPECS/redis.spec b/SPECS/redis.spec
index febf883..44c3f87 100644
--- a/SPECS/redis.spec
+++ b/SPECS/redis.spec
@@ -24,7 +24,7 @@
 
 Name:              redis
 Version:           7.2.11
-Release:           1%{?dist}
+Release:           2%{?dist}
 Summary:           A persistent key-value database
 # redis, hiredis: BSD-3-Clause
 # hdrhistogram, jemalloc, lzf, linenoise: BSD-2-Clause
@@ -39,6 +39,10 @@ Source3:           %{name}.service
 Source7:           %{name}-limit-systemd
 Source9:           macros.%{name}
 Source10:          https://github.com/%{name}/%{name}-doc/archive/%{doc_commit}/%{name}-doc-%{short_doc_commit}.tar.gz
+Source11:          %{name}.sysusers
+Source12:          %{name}.tmpfiles
+
+
 
 # To refresh patches:
 # tar xf redis-xxx.tar.gz && cd redis-xxx && git init && git add . && git commit -m "%%{version} baseline"
@@ -58,11 +62,11 @@ BuildRequires:     tcl
 BuildRequires:     pkgconfig(libsystemd)
 BuildRequires:     systemd-devel
 BuildRequires:     systemd-rpm-macros
+%{?sysusers_requires_compat}
 BuildRequires:     openssl-devel
 # redis-trib functionality migrated to redis-cli
 Obsoletes:         redis-trib < 5
 Requires:          logrotate
-Requires(pre):     shadow-utils
 Requires(post):    systemd
 Requires(preun):   systemd
 Requires(postun):  systemd
@@ -165,6 +169,12 @@ fi
 %install
 make %{make_flags} install
 
+# System user
+install -p -D -m 0644 %{SOURCE11} %{buildroot}%{_sysusersdir}/%{name}.conf
+
+# Install tmpfiles.d file
+install -p -D -m 0644 %{SOURCE12} %{buildroot}%{_tmpfilesdir}/%{name}.conf
+
 # Filesystem.
 install -d %{buildroot}%{_sharedstatedir}/%{name}
 install -d %{buildroot}%{_localstatedir}/log/%{name}
@@ -223,11 +233,7 @@ make %{make_flags} test-sentinel
 %endif
 
 %pre
-getent group %{name} &> /dev/null || \
-groupadd -r %{name} &> /dev/null
-getent passwd %{name} &> /dev/null || \
-useradd -r -g %{name} -d %{_sharedstatedir}/%{name} -s /sbin/nologin \
--c 'Redis Database Server' %{name} &> /dev/null
+%sysusers_create_compat %{SOURCE11}
 exit 0
 
 %post
@@ -291,6 +297,8 @@ fi
 %dir %{_sysconfdir}/systemd/system/%{name}-sentinel.service.d
 %config(noreplace) %{_sysconfdir}/systemd/system/%{name}-sentinel.service.d/limit.conf
 %dir %attr(0755, redis, redis) %ghost %{_localstatedir}/run/%{name}
+%{_sysusersdir}/%{name}.conf
+%{_tmpfilesdir}/%{name}.conf
 
 %files devel
 # main package is not required
@@ -306,6 +314,10 @@ fi
 
 
 %changelog
+* Tue Jan 13 2026 Lukas Javorsky <ljavorsk@redhat.com> - 7.2.11-2
+- add sysusers.d file for user management
+- add tmpfiles.d file for temporary dir management
+
 * Thu Oct 16 2025 Remi Collet <rcollet@redhat.com> - 7.2.11-1
 - rebase to 7.2.11 for CVE-2025-49844 CVE-2025-46817 CVE-2025-46818 CVE-2025-46819