All Apps and Add-ons

Apps deployed on forwarders from deployment server has owner root

deovratdeshmukh
Loves-to-Learn

I have setup a deployment server which manages multiple forwarders. All my instances run with user splunk.

When I try to push apps from deployment server to forwarders the owner of the app reflects as "root" which should be splunk otherwise the app doesn't works.

It is very inconvenient to login to each forwarder and change the owner to splunk and restart the service again after the app is pushed.

Any solution for this?

Labels (1)
Tags (1)
0 Karma

Omar_hh77
Observer

Hello, I've been facing the same issue

where you able to find the reason for this?

0 Karma

isoutamo
SplunkTrust
SplunkTrust

Hi

Are your DS and DCs all linux servers or have you Windows DS? If later then you must change your DS to linux.

r. Ismo

0 Karma

mhotsi
Explorer

Make sure Splunk reboots as user Splunk not root.

0 Karma

richgalloway
SplunkTrust
SplunkTrust

Have you verified the ownership of $SPLUNK_HOME/etc/deployment-apps (on the deployment server) and everything within it?

---
If this reply helps you, Karma would be appreciated.
0 Karma

deovratdeshmukh
Loves-to-Learn

Yes, everything in deployment-apps has owner as "splunk".

0 Karma
Get Updates on the Splunk Community!

Explore the Latest Educational Offerings from Splunk [January 2025 Updates]

At Splunk Education, we are committed to providing a robust learning experience for all users, regardless of ...

Developer Spotlight with Paul Stout

Welcome to our very first developer spotlight release series where we'll feature some awesome Splunk ...

State of Splunk Careers 2024: Maximizing Career Outcomes and the Continued Value of ...

For the past four years, Splunk has partnered with Enterprise Strategy Group to conduct a survey that gauges ...