App Control: Linux agent not able to connect to kernel
search cancel

App Control: Linux agent not able to connect to kernel

book

Article ID: 286549

calendar_today

Updated On:

Products

Carbon Black App Control (formerly Cb Protection)

Issue/Introduction

  • Agent is unable to connect to kernel.
  • Issuing the command /opt/bit9/bin/b9cli --status returns:
    Kernel: Not Connected
  • Issuing the command systemctl status b9daemon returns a similar error:
    Nov 09 13:06:11 b9daemon[1885]: modprobe: ERROR: could not insert 'cbproxy_cbp_852_20201002': Required key not available
    Nov 09 13:06:11 b9daemon[1885]: insmod /lib/modules/3.10.0-1160.2.1.el7.x86_64/kernel/lib/cbproxy_cbp_852_20201002.ko
    Nov 09 13:06:11 b9daemon[1885]: modprobe: ERROR: could not insert 'b9k_852177': Required key not available
    Nov 09 13:06:11 b9daemon[1885]: insmod /lib/modules/3.10.0-1160.2.1.el7.x86_64/kernel/lib/cbproxy_cbp_852_20201002.ko
    

Environment

  • App Control Agent: All Supported Versions
  • Linux: All Supported Versions

Cause

Secure Boot is enabled on the endpoint and the Linux Agent does not currently (officially) support Secure Boot.

Resolution

Option 1: Disable UEFI Secure Boot:
  1. Reboot the computer > Enter into the UEFI firmware / BIOS configuration.
  2. Find the Secure Boot option (possibly under the security menu) and set it to disabled.
  3. Save the change and reboot.
Option 2: A best effort guide to sign the Agent is available here.