Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Using CBCLUSTER as a Non-Root User Frequently Asked Questions

Using CBCLUSTER as a Non-Root User Frequently Asked Questions

Version

Cb Response 5.1.1 and above

Topic

This solution has been created to answer some common questions around "Using CBCLUSTER as a Non-Root User".

Q/A

Question 1

What version(s) of Cb Response is this feature supported in?

Answer

As of Carbon Black version 5.1.1, it is possible to define a non-root user as the remote user for minion communication and execution.  Previously, when adding a minion node to a cluster, the cbcluster utility required availability of root user on the minion node.

Question 2

Where can I locate the instructions on how to use this functionality?

Answer

These steps appear in 'Carbon Black Enterprise Response User Guide 5.1.1', Appendix L, titled "Using CBCLUSTER as a Non-Root User"

Question 3

If the password associated with the username configured to utilize NOPASSWD is going to change, will this affect minion functionality?

Answer

This is the NON-Root account that is setup for cluster management.  In the sudoers file, all commands are setup with NOPASSWORD. Since we use SSH authorized keys and NOPASSWORD in the sudoers, the account password can be changed without any interruption of service.

Labels (1)
Was this article helpful? Yes No
No ratings
Article Information
Author:
Creation Date:
‎11-04-2016
Views:
751
Contributors