Solved: Re: Installing rpm as different user and not creat...

aaronkorn · ‎04-11-2013

Is it possible to install the universal forwarder rpm as a different user and not have the rpm create the "splunk" user?

dart · ‎04-11-2013

In this scenario I'd usually use the tarball to install Splunk

Does that option work for you?

View solution in original post

dart · ‎04-11-2013

In this scenario I'd usually use the tarball to install Splunk

Does that option work for you?

aaronkorn · ‎04-11-2013

Thank you both for your contributions. This will work for me.

kristian_kolb · ‎04-11-2013

Hm, I guess it would be possible to:

a) install the rpm
b) chown all files in /opt/splunkforwarder
c) delete the 'splunk' user account
d) create the init.d script to run splunk with the user of your choice.

However, I have not tried this, and I'm also unsure if it would survive an upgrade.

Or if you download the tgz instead of rpm, it won't create any accounts, AFAIK.

/Kristian

Installing rpm as different user and not creating splunk user

Detecting Remote Code Executions With the Splunk Threat Research Team

Observability | Use Synthetic Monitoring for Website Metadata Verification

More Ways To Control Your Costs With Archived Metrics | Register for Tech Talk