I am preparing to upgrade to Splunk 6.3 and am setting up a dev environment.
I have three Search heads in a pool running 6.0.3 all attached to an NFS mount.
When I issue the following commands I have no issues on any of the search heads:
xx@xx:/mnt/S2HPS$ ~/splunk/bin/splunk pooling display Search head pooling is enabled with shared storage at: /mnt/S2HPS xx@xx:/mnt/S2HPS$ ~/splunk/bin/splunk pooling validate Search head pooling validation passed
However when I issue:
sudo ./splunk/bin/splunk enable boot-start -user xx
I get the following errors:
ERROR IniFile - Cannot open file=/mnt/S2HPS/etc/pooling/pooling.ini for parsing: Permission denied
ERROR SearchHeadPoolInfo - Error reading search head pool info: Error reading search head pool info /mnt/S2HPS/etc/pooling/pooling.ini: Permission denied
ERROR UsernameMapper - Cannot create username mapping file: /mnt/S2HPS/etc/users/users.ini: Permission denied
ERROR IniFile - Cannot open file=/mnt/S2HPS/etc/users/users.ini for parsing: Permission denied
ERROR UsernameMapper - Error opening username mapping file: /mnt/S2HPS/etc/users/users.ini
ERROR ConfObjectManagerDB - Cannot initialize: /mnt/S2HPS/etc/apps/learned/metadata/local.meta: Permission denied
ERROR IniFile - Cannot open file=/mnt/S2HPS/etc/pooling/pooling.ini for parsing: Permission denied
ERROR SearchHeadPoolInfo - Error reading search head pool info: Error reading search head pool info /mnt/S2HPS/etc/pooling/pooling.ini: Permission denied
ERROR UsernameMapper - Cannot create username mapping file: /mnt/S2HPS/etc/users/users.ini: Permission denied
ERROR IniFile - Cannot open file=/mnt/S2HPS/etc/users/users.ini for parsing: Permission denied
ERROR UsernameMapper - Error opening username mapping file: /mnt/S2HPS/etc/users/users.ini
ERROR ConfObjectManagerDB - Cannot initialize: /mnt/S2HPS/etc/apps/learned/metadata/local.meta: Permission denied
ERROR IniFile - Cannot open file=/mnt/S2HPS/etc/pooling/pooling.ini for parsing: Permission denied
ERROR SearchHeadPoolInfo - Error reading search head pool info: Error reading search head pool info /mnt/S2HPS/etc/pooling/pooling.ini: Permission denied
ERROR UsernameMapper - Cannot create username mapping file: /mnt/S2HPS/etc/users/users.ini: Permission denied
ERROR IniFile - Cannot open file=/mnt/S2HPS/etc/users/users.ini for parsing: Permission denied
ERROR UsernameMapper - Error opening username mapping file: /mnt/S2HPS/etc/users/users.ini
ERROR ConfObjectManagerDB - Cannot initialize: /mnt/S2HPS/etc/apps/learned/metadata/local.meta: Permission denied
ERROR IniFile - Cannot open file=/mnt/S2HPS/etc/pooling/pooling.ini for parsing: Permission denied
ERROR SearchHeadPoolInfo - Error reading search head pool info: Error reading search head pool info /mnt/S2HPS/etc/pooling/pooling.ini: Permission denied
ERROR UsernameMapper - Cannot create username mapping file: /mnt/S2HPS/etc/users/users.ini: Permission denied
ERROR IniFile - Cannot open file=/mnt/S2HPS/etc/users/users.ini for parsing: Permission denied
ERROR UsernameMapper - Error opening username mapping file: /mnt/S2HPS/etc/users/users.ini
ERROR ConfObjectManagerDB - Cannot initialize: /mnt/S2HPS/etc/apps/learned/metadata/local.meta: Permission denied
I checked and I have at least read access as the user xx, and can issue a cat command to view the configuration files in the error.
Should I be concerned given that I seem to have access to the NFS without any issues, except when setting up boot-start?
run it as root user
to do it, run sudo command.
you can try like
$sudo ./splunk/bin/splunk enable boot-start
password:
or
$sudo su
password:
./splunk/bin/splunk enable boot-start
Thanks for the answer, yes that will solve the issue but I don't want to run splunk as root. I would like to run it as user xx. That user has access to all those directories on all the servers.
see this link it can help you Mr michael_peters
http://wiki.splunk.com/Community:DeployHardenedSplunk