Deployment Architecture
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to set automatically executable attribute of file in Splunk for Unix and Linux technology add-on

sieutruc
Contributor
‎09-27-2012 08:17 AM

Hello,

When i deploy Splunk for Unix TA by using deployment server, after client downloaded that app, it could't run immediately all the executable files because it hasn't enough right to do, i have to change the attributes (executable bit) of all files in ../bin/[scriptName].sh manually.
So do you know how to setup those attributes from deployment server, by which Universal Forwarder can run without touching anymore configuration files ?

Tags (1)
Reply

dwaddle
SplunkTrust
SplunkTrust
‎09-27-2012 09:04 AM

Is your deployment server Windows? I'm guessing it is. My unix deployment servers don't have this issue. The Windows NTFS filesystem has no understanding of the execute-bit on files, and it is probably getting lost in translation between the two. I'm not sure there is a good solution here, and would recommend you reach out to Splunk support. Or, move your deployment server to a Linux host...

Reply

dwaddle
SplunkTrust
SplunkTrust
‎09-27-2012 11:24 AM

When an app is deployed by deployment server, the relevant permissions settings from the source-app in $SPLUNK_HOME/etc/deployment-apps are effectively copied. (Some things, like setuid are probably not, but let's leave those out.) If the permissions are correct on the deployment server's copy of the app, they should be correct on each deployment client. You may need to "force" the deployment clients to re-pull the app, by doing something like a blank line at the end of a .conf file, then doing a splunk reload deploy-server.

0 Karma
Reply

sieutruc
Contributor
‎09-27-2012 10:41 AM

No, i did all of them on Linux hosts (Open Suse). I copied Splunk add-on to deployment server and copied inputs.conf from default to local. After that, when i saw Splunkd.log, it said that those such scripts couldn't run. I went into the folder and chmod 744 and then it worked .
So if i do chmod in deployment server, won't client need to change attribute manually ?

0 Karma
Reply
Get Updates on the Splunk Community!

Detecting Remote Code Executions With the Splunk Threat Research Team

REGISTER NOWRemote code execution (RCE) vulnerabilities pose a significant risk to organizations. If ...

Observability | Use Synthetic Monitoring for Website Metadata Verification

If you are on Splunk Observability Cloud, you may already have Synthetic Monitoringin your observability ...

More Ways To Control Your Costs With Archived Metrics | Register for Tech Talk

Tuesday, May 14, 2024  |  11AM PT / 2PM ET Register to Attend Join us for this Tech Talk and learn how to ...