Deployment Architecture
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Ubuntu on Windows - tar Splunk is permission denied; why?

morethanyell
Builder
‎05-07-2019 09:39 PM

As someone who grew up on Windows but is now learning Splunk, it's very important for me to learn Linux/Unix. It must be a gift from heaven that we can now run Ubuntu on top of Windows via their new app on Windows Store called Ubuntu which allows you to use Ubuntu terminal while on Windows via cmd (not VM).

I have learned that it's very important not to install Splunk as root or using sudo. Why am I getting permission denied?

Here's what I did;

  1. Installed Ubuntu from Windows Store
  2. Opened bash from cmd
  3. Wget the Splunk tgz
  4. Used tar to install on /opt/apps/

See:

alt text

My intention is to practice myself navigating on Linux as this is required in my job. Thanks for your help!

Preview file
1 KB
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

koshyk
Super Champion
‎05-08-2019 12:10 AM

The best thing to do is
- Run as root . (sudo to root)
- untar as root
- after it is completely unpacked, the do chown -R splunk:splunk /opt/splunk

View solution in original post

0 Karma
Reply
Solved! Jump to solution

tom_frotscher
Builder
‎05-08-2019 12:17 AM

Looks like your problem is not the tar itself. Seems like your user does not have enough rights to create a folder at /opt/apps/splunk. Try

sudo tar -xzvf ...

And when you finished, change the owner of the splunk installation path back to the desired owner (e.g. a user called splunk). This is also shown in the splunk installation manual:

https://docs.splunk.com/Documentation/Splunk/7.2.6/Installation/RunSplunkasadifferentornon-rootuser#...

Reply
Solved! Jump to solution

morethanyell
Builder
‎05-08-2019 12:42 AM

Thank you. I would also accept this as answer but another one has came in first.

0 Karma
Reply
Solved! Jump to solution
Solution

koshyk
Super Champion
‎05-08-2019 12:10 AM

The best thing to do is
- Run as root . (sudo to root)
- untar as root
- after it is completely unpacked, the do chown -R splunk:splunk /opt/splunk

0 Karma
Reply
Solved! Jump to solution

morethanyell
Builder
‎05-08-2019 12:18 AM

Hey. thanks for the response. what is splunk:splunk? should I be changing that to my username?

0 Karma
Reply
Solved! Jump to solution

tom_frotscher
Builder
‎05-08-2019 12:22 AM

No, you should create a user and a group called "splunk". With the chown command you can change the owner of a folder to another user and group. in this case to the the user splunk and the group splunk = splunk:splunk.

Simple: you install as root, but since best practise is not to run splunk as root, you change back to an other user after installation.

As mentioned, there is a step by step guide in the docs: https://docs.splunk.com/Documentation/Splunk/7.2.6/Installation/RunSplunkasadifferentornon-rootuser#...

0 Karma
Reply
Solved! Jump to solution

morethanyell
Builder
‎05-08-2019 12:42 AM

thank you. accepted answer

0 Karma
Reply
Get Updates on the Splunk Community!

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...

Introducing the 2024 Splunk MVPs!

We are excited to announce the 2024 cohort of the Splunk MVP program. Splunk MVPs are passionate members of ...