Permissions issue Executable for Splunk App

Roy_9

Hi,

I am facing a executable permission issue for the few scripts for a splunk app and seeing these errors on various search heads, what is the best way to fix it? can someone help me with the script or a fix if you ever come across?

thanks in advance.

Roy_9

Hi @gcusello

This is happening for splunk add-on for nix and OS is linux in a clustered SH. I checked the permissions are set to executible in the code repository but those are not getting replicated to search heads.

gcusello

Hi @Roy_9 ,

when you speak of code repository, are you meaning the SHC-Deployer or what else?

check in the SHC-Deployer the grants and owners of all files and push again the app from the SHC-Deployer to the SH members.

Ciao.

Giuseppe

Roy_9

@gcusello We are using git repo for any code changes and i have validated that the permissions are set to executable on the deployers, do you want me to push these once again?

gcusello

Hi @Roy_9,

check executable grants and check if the file owner (splunk I suppose) is the owner also of the splunkd process running on the server.

If the owner is root and the process runs as splunk there could be an issue.

Ciao.

Giuseppe

gcusello

i @Roy_9 ,

you shared too few information to help you:

Which kind of scripts are you speaching ?
which OS are you using?
Have you a lustered or stand alone SH ?
Why do you want to execute these scripts on SH?

Ciao.

Giuseppe

Permissions issue Executable for Splunk App

subsearch

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases