Deployment Architecture
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Errors running enable boot-start with specific user on a Search Head with pooling config

theunf
Communicator
‎04-01-2014 01:06 PM

Hi all,

I´m running a Lab with two Search Heads on a pool using a third server as NFS mount point.

Everything is working fine, users e apps being synchronized almost instantaneously but when I used the splunk enable boot-start -user splunk it returned a lot of errors :

splunk@SearchHead01:/opt/splunk/bin$ sudo ./splunk enable boot-start -user splunk
ERROR IniFile - Cannot open file=/mnt/pooling/etc/pooling/pooling.ini for parsing: Permission denied
ERROR SearchHeadPoolInfo - Error reading search head pool info: Error reading search head pool info /mnt/pooling/etc/pooling/pooling.ini: Permission denied
ERROR UsernameMapper - Cannot create directory: /mnt/pooling/etc/users: Permission denied
ERROR UsernameMapper - Cannot create username mapping file: /mnt/pooling/etc/users/users.ini: Permission denied
ERROR IniFile - Cannot open file=/mnt/pooling/etc/users/users.ini for parsing: Permission denied
ERROR UsernameMapper - Error opening username mapping file: /mnt/pooling/etc/users/users.ini
ERROR IniFile - Cannot open file=/mnt/pooling/etc/pooling/pooling.ini for parsing: Permission denied
ERROR SearchHeadPoolInfo - Error reading search head pool info: Error reading search head pool info /mnt/pooling/etc/pooling/pooling.ini: Permission denied
ERROR UsernameMapper - Cannot create directory: /mnt/pooling/etc/users: Permission denied
ERROR UsernameMapper - Cannot create username mapping file: /mnt/pooling/etc/users/users.ini: Permission denied
ERROR IniFile - Cannot open file=/mnt/pooling/etc/users/users.ini for parsing: Permission denied
ERROR UsernameMapper - Error opening username mapping file: /mnt/pooling/etc/users/users.ini
ERROR IniFile - Cannot open file=/mnt/pooling/etc/pooling/pooling.ini for parsing: Permission denied
ERROR SearchHeadPoolInfo - Error reading search head pool info: Error reading search head pool info /mnt/pooling/etc/pooling/pooling.ini: Permission denied
ERROR UsernameMapper - Cannot create directory: /mnt/pooling/etc/users: Permission denied
ERROR UsernameMapper - Cannot create username mapping file: /mnt/pooling/etc/users/users.ini: Permission denied
ERROR IniFile - Cannot open file=/mnt/pooling/etc/users/users.ini for parsing: Permission denied
ERROR UsernameMapper - Error opening username mapping file: /mnt/pooling/etc/users/users.ini
ERROR IniFile - Cannot open file=/mnt/pooling/etc/pooling/pooling.ini for parsing: Permission denied
ERROR UsernameMapper - Cannot create directory: /mnt/pooling/etc/users: Permission denied
ERROR UsernameMapper - Cannot create username mapping file: /mnt/pooling/etc/users/users.ini: Permission denied
ERROR IniFile - Cannot open file=/mnt/pooling/etc/users/users.ini for parsing: Permission denied
ERROR UsernameMapper - Error opening username mapping file: /mnt/pooling/etc/users/users.ini
 Adding system startup for /etc/init.d/splunk ...
   /etc/rc0.d/K20splunk -> ../init.d/splunk
   /etc/rc1.d/K20splunk -> ../init.d/splunk
   /etc/rc6.d/K20splunk -> ../init.d/splunk
   /etc/rc2.d/S20splunk -> ../init.d/splunk
   /etc/rc3.d/S20splunk -> ../init.d/splunk
   /etc/rc4.d/S20splunk -> ../init.d/splunk
   /etc/rc5.d/S20splunk -> ../init.d/splunk
Init script installed at /etc/init.d/splunk.

The weird solution was to set 777 on folder permissions at NFS server or add root to splunk group.

After that, the command runs normally but a lot of files were created under /mnt/pooling/etc/.

Those errors and the need of extra permissions is a limitation of a bug ?
Which files should reside on the mouting point ?

0 Karma
Reply

theunf
Communicator
‎09-02-2014 01:46 AM

Boot-start scripts from newest buils start splunk directy and sub-processes follow SPLUNK_OS_USER directive at $SPLUNK_HOME/etc/splunk-launch.conf but it does not bind a GroupID to the process.

So any file that´s created or changed will be saved and owned by :root .

To solve it I start using old Splunk startup script which starts splunk using su command :

RUNAS=splunk
SPLUNK_HOME=/splunk_bin/splunk

splunk_start() {
echo Starting Splunk...
if [ "$RUNAS" = "" ]; then
"$SPLUNK_HOME/bin/splunk start" --no-prompt --answer-yes
RETVAL=$?
else
su -c "$SPLUNK_HOME/bin/splunk start --no-prompt --answer-yes" $RUNAS
RETVAL=$?
fi
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/splunk
}

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Observability for AI

Don’t miss out on an exciting Tech Talk on Splunk Observability for AI! Discover how Splunk’s agentic AI ...

[Puzzles] Solve, Learn, Repeat: Dereferencing XML to Fixed-length events

This challenge was first posted on Slack #puzzles channelFor a previous puzzle, I needed a set of fixed-length ...

Stay Connected: Your Guide to December Tech Talks, Office Hours, and Webinars!

What are Community Office Hours? Community Office Hours is an interactive 60-minute Zoom series where ...