<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic Re: owner of props.conf ? in Getting Data In</title>
    <link>https://community.splunk.com/t5/Getting-Data-In/owner-of-props-conf/m-p/164181#M33267</link>
    <description>&lt;P&gt;Hi martinh3,&lt;/P&gt;

&lt;P&gt;there are two answers related to this topic:&lt;BR /&gt;
&lt;A href="http://answers.splunk.com/answers/145385/should-we-run-splunk-as-root-or-non-root-user.html"&gt;http://answers.splunk.com/answers/145385/should-we-run-splunk-as-root-or-non-root-user.html&lt;/A&gt;&lt;BR /&gt;
&lt;A href="http://answers.splunk.com/answers/186821/is-there-any-reason-not-to-run-splunk-as-root.html"&gt;http://answers.splunk.com/answers/186821/is-there-any-reason-not-to-run-splunk-as-root.html&lt;/A&gt;&lt;/P&gt;

&lt;P&gt;To sum them up, it is not advised to run Splunk as root - run it with the &lt;CODE&gt;splunk&lt;/CODE&gt; user account.&lt;/P&gt;

&lt;P&gt;Hope this helps ...&lt;/P&gt;

&lt;P&gt;cheers, MuS&lt;/P&gt;</description>
    <pubDate>Mon, 15 Jun 2015 22:22:52 GMT</pubDate>
    <dc:creator>MuS</dc:creator>
    <dc:date>2015-06-15T22:22:52Z</dc:date>
    <item>
      <title>owner of props.conf ?</title>
      <link>https://community.splunk.com/t5/Getting-Data-In/owner-of-props-conf/m-p/164180#M33266</link>
      <description>&lt;P&gt;I'm fairly new to Splunk, but I use it both at home (on openSUSE linux) and at work (redhat linux).&lt;BR /&gt;
At home, most of the installed files are owned by "splunk". &lt;BR /&gt;
At work, we're working with a fairly new install, and I noticed that the .conf files on the Splunk Enterprise are owned by root, and read/writable only for root :  ( -rw------- )  . &lt;BR /&gt;
Can anyone think of a possible configuration where this would be advisable? &lt;/P&gt;</description>
      <pubDate>Mon, 15 Jun 2015 22:16:06 GMT</pubDate>
      <guid>https://community.splunk.com/t5/Getting-Data-In/owner-of-props-conf/m-p/164180#M33266</guid>
      <dc:creator>martinh3</dc:creator>
      <dc:date>2015-06-15T22:16:06Z</dc:date>
    </item>
    <item>
      <title>Re: owner of props.conf ?</title>
      <link>https://community.splunk.com/t5/Getting-Data-In/owner-of-props-conf/m-p/164181#M33267</link>
      <description>&lt;P&gt;Hi martinh3,&lt;/P&gt;

&lt;P&gt;there are two answers related to this topic:&lt;BR /&gt;
&lt;A href="http://answers.splunk.com/answers/145385/should-we-run-splunk-as-root-or-non-root-user.html"&gt;http://answers.splunk.com/answers/145385/should-we-run-splunk-as-root-or-non-root-user.html&lt;/A&gt;&lt;BR /&gt;
&lt;A href="http://answers.splunk.com/answers/186821/is-there-any-reason-not-to-run-splunk-as-root.html"&gt;http://answers.splunk.com/answers/186821/is-there-any-reason-not-to-run-splunk-as-root.html&lt;/A&gt;&lt;/P&gt;

&lt;P&gt;To sum them up, it is not advised to run Splunk as root - run it with the &lt;CODE&gt;splunk&lt;/CODE&gt; user account.&lt;/P&gt;

&lt;P&gt;Hope this helps ...&lt;/P&gt;

&lt;P&gt;cheers, MuS&lt;/P&gt;</description>
      <pubDate>Mon, 15 Jun 2015 22:22:52 GMT</pubDate>
      <guid>https://community.splunk.com/t5/Getting-Data-In/owner-of-props-conf/m-p/164181#M33267</guid>
      <dc:creator>MuS</dc:creator>
      <dc:date>2015-06-15T22:22:52Z</dc:date>
    </item>
  </channel>
</rss>

