logo

Knowledge Base

Access official resources from Carbon Black experts

Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

EDR: When Using the Edr-Docker exec cbdiag Command it Stops Running and Asks for Password

EDR: When Using the Edr-Docker exec cbdiag Command it Stops Running and Asks for Password

Environment

EDR Container: All Supported

Symptoms

The command #edr-docker exec cbdiag halts at asking for a password for the current user

Cause

 The PASS_MAX_DAYS for the container accounts is set to 90 days

Resolution

Attach to the container with the following command  
#docker container exec -it carbonblack-edr /bin/sh

Then inside the container run the following commands 
sh-5.0#chage -M 999 root

and

sh-5.0#chage -M 999 cb

exit the container and try  #edr-docker exec cbdiag again


 

Additional Notes

The PASS_MAX_DAYS value can be found in  /etc/login.defs in the container

Related Content


Labels (1)
Labels:
Tags (2)
Was this article helpful? Yes No
No ratings
Article Information
Author:
CB_Support
Creation Date:
‎09-22-2023
Views:
148
Contributors
logo

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.