Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Carbon Black cb-nginx service fails to start with a permission denied message for "/live-response/tmp/"

Carbon Black cb-nginx service fails to start with a permission denied message for "/live-response/tmp/"

Version

This solution applies to Carbon Black v5.0.0.

Issue

The cb-nginx service fails to start with the message:

Starting cb-nginx: nginx: [emerg] mkdir() "/<data_dir>/live-response/tmp/" failed (13: Permission denied)

[FAILED]


Cause

SELinux context for the custom data directory is not correct.

Solution

To resolve the issue perform the following steps:

1. Edit the file /etc/cb/nginx/conf.d/cb.conf (or the cb-multihome.conf file, depending which is currently being used).

2. Comment out the below include statement by including a hash mark in front, such as:

# include /var/cb/nginx/props/nginx.runtime.cblr_api.client_body_temp_path.prop;

3. Restart the cb-nginx service:

service cb-nginx restart

Important Note(s)

This issue is resolved in v5.0.1. An upgrade to v5.0.1 will also correctly set the SELinux context. Following an upgrade the User will be prompted to reconcile changes in the Nginx cb.conf file, while a .rpmnew file will be located in the /etc/cb/nginx/conf.d directory with this include statement un-commented.

Labels (1)
Was this article helpful? Yes No
No ratings
Article Information
Author:
Creation Date:
‎04-03-2015
Views:
861
Contributors