Deployment Architecture
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Solved! Jump to solution

Ubuntu on Windows - tar Splunk is permission denied; why?

morethanyell
Builder
‎05-07-2019 09:39 PM

As someone who grew up on Windows but is now learning Splunk, it's very important for me to learn Linux/Unix. It must be a gift from heaven that we can now run Ubuntu on top of Windows via their new app on Windows Store called Ubuntu which allows you to use Ubuntu terminal while on Windows via cmd (not VM).

I have learned that it's very important not to install Splunk as root or using sudo. Why am I getting permission denied?

Here's what I did;

  1. Installed Ubuntu from Windows Store
  2. Opened bash from cmd
  3. Wget the Splunk tgz
  4. Used tar to install on /opt/apps/

See:

alt text

My intention is to practice myself navigating on Linux as this is required in my job. Thanks for your help!

Preview file
84 KB
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

koshyk
Super Champion
‎05-08-2019 12:10 AM

The best thing to do is
- Run as root . (sudo to root)
- untar as root
- after it is completely unpacked, the do chown -R splunk:splunk /opt/splunk

View solution in original post

0 Karma
Reply
Solved! Jump to solution

tom_frotscher
Builder
‎05-08-2019 12:17 AM

Looks like your problem is not the tar itself. Seems like your user does not have enough rights to create a folder at /opt/apps/splunk. Try

sudo tar -xzvf ...

And when you finished, change the owner of the splunk installation path back to the desired owner (e.g. a user called splunk). This is also shown in the splunk installation manual:

https://docs.splunk.com/Documentation/Splunk/7.2.6/Installation/RunSplunkasadifferentornon-rootuser#...

Reply
Solved! Jump to solution

morethanyell
Builder
‎05-08-2019 12:42 AM

Thank you. I would also accept this as answer but another one has came in first.

0 Karma
Reply
Solved! Jump to solution
Solution

koshyk
Super Champion
‎05-08-2019 12:10 AM

The best thing to do is
- Run as root . (sudo to root)
- untar as root
- after it is completely unpacked, the do chown -R splunk:splunk /opt/splunk

0 Karma
Reply
Solved! Jump to solution

morethanyell
Builder
‎05-08-2019 12:18 AM

Hey. thanks for the response. what is splunk:splunk? should I be changing that to my username?

0 Karma
Reply
Solved! Jump to solution

tom_frotscher
Builder
‎05-08-2019 12:22 AM

No, you should create a user and a group called "splunk". With the chown command you can change the owner of a folder to another user and group. in this case to the the user splunk and the group splunk = splunk:splunk.

Simple: you install as root, but since best practise is not to run splunk as root, you change back to an other user after installation.

As mentioned, there is a step by step guide in the docs: https://docs.splunk.com/Documentation/Splunk/7.2.6/Installation/RunSplunkasadifferentornon-rootuser#...

0 Karma
Reply
Solved! Jump to solution

morethanyell
Builder
‎05-08-2019 12:42 AM

thank you. accepted answer

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

May 2026 Splunk Expert Sessions: Security & Observability

Level Up Your Operations: May 2026 Splunk Expert Sessions Whether you are refining your security posture or ...

Network to App: Observability Unlocked [May & June Series]

In today’s digital landscape, your environment is no longer confined to the data center. It spans complex ...

SPL2 Deep Dives, AppDynamics Integrations, SAML Made Simple and Much More on Splunk ...

Splunk Lantern is Splunk’s customer success center that provides practical guidance from Splunk experts on key ...