EDR Server: cb-rabbitmq and cb-redis services don't start on CentOS 7.5+
search cancel

EDR Server: cb-rabbitmq and cb-redis services don't start on CentOS 7.5+

book

Article ID: 286314

calendar_today

Updated On:

Products

Carbon Black EDR (formerly Cb Response)

Issue/Introduction

  • cb-rabbitmq and cb-redis services fail to start on CentOS 7.5 and higher
  • Services can manually be started in order successfully

Environment

  • EDR Server: 7.5 or Greater
  • CentOS: 7.5 and higher
  • SELinux enabled

Cause

There is an issue with how SELinux policy changes are interacting with EDR services. Carbon Black is investigating the cause.

Resolution

Workaround:
  • Verify and update SELinux policy with the EDR cbcheck application 
    /usr/share/cb/cbcheck selinux -m 
/usr/share/cb/cbcheck selinux -a
  • Start services manually in order
    1. Start Solr 
      /usr/share/cb/cbservice cb-solr start
    2. Start Coreservices 
      /usr/share/cb/cbservice cb-coreservices start
    3. Start Sensorservices 
      /usr/share/cb/cbservice cb-sensorservices start
    4. Start Datastore 
      /usr/share/cb/cbservice cb-datastore start
    5. Start Live Response 
      /usr/share/cb/cbservice cb-liveresponse start
    6. Start Alliance Client 
      /usr/share/cb/cbservice cb-allianceclient start
    7. Start Enterprised 
      /usr/share/cb/cbservice cb-enterprised start
    8. Start Nginx 
      /usr/share/cb/cbservice cb-nginx start
Powered by Wolken Software