EDR: Services fail to start with cb-redis
Article ID: 289718
Updated On:
Products
Carbon Black EDR (formerly Cb Response)
Issue/Introduction
- Services fail to start at cb-redis
- /var/log/cb/redis/startup.log shows the following message
-
*** FATAL CONFIG FILE ERROR *** Reading the configuration file, at line 69 >>> 'logfile /var/log/cb/redis/redis.log' Can't open the log file: Permission denied
-
Environment
- EDR Server: 6.2.3 and higher
- CentOS: 7.5 and higher
- SELinux enabled
Cause
The SELinux permissions on the file/directory has changed.
Resolution
- Run the cbcheck utility to identify SELinux security context mismatches:
-
/usr/share/cb/cbcheck selinux -m
-
- Apply the correct SELinux security contexts:
-
/usr/share/cb/cbcheck selinux -a
-
Additional Information
- SELinux permissions can be checked on the files by running:
-
sudo ls -lZ /var/log/cb/redis
-
- To check the status of SELinx, run:
-
sudo sestatus
-
Feedback
Yes
No
Powered by
