Hi,
Which I am trying to upload the custom app to splunk cloud it is not passing the vetting, how we can fix this issue?
I have tried this in the Linux
COPYFILE_DISABLE=1 tar --format ustar -cvzf <appname>.tar.gz <appname_directory>
[ Failure Summary ]
Failures will block the Cloud Vetting. They must be fixed.
check_for_bin_files
This file has execute permissions for owners, groups, or others. File: README/ta_mandiant_advantage_account.conf.spec
This file has execute permissions for owners, groups, or others. File: appserver/static/correlation_details_multiselect.js
This file has execute permissions for owners, groups, or others. File: README/ta_mandiant_advantage_settings.conf.spec
This file has execute permissions for owners, groups, or others. File: README/inputs.conf.spec
This file has execute permissions for owners, groups, or others. File: static/appIcon.png
This file has execute permissions for owners, groups, or others. File: README/addon_builder.conf.spec
This file has execute permissions for owners, groups, or others. File: default/collections.conf
This file has execute permissions for owners, groups, or others. File: appserver/static/correlation_details_button.css
This file has execute permissions for owners, groups, or others. File: third_party/pytz_lic.txt
This file has execute permissions for owners, groups, or others. File: default/data/ui/views/threat_intelligence_matched_events.xml
This file has execute permissions for owners, groups, or others. File: default/searchbnf.conf
This file has execute permissions for owners, groups, or others. File: default/data/ui/views/inputs.xml
This file has execute permissions for owners, groups, or others. File: appserver/static/js/jquery_mandiant.js
This file has execute permissions for owners, groups, or others. File: app.manifest
This file has execute permissions for owners, groups, or others. File: default/ta_mandiant_advantage_settings.conf
This file has execute permissions for owners, groups, or others. File: appserver/static/js/build/custom/datamodel_hook.js
This file has execute permissions for owners, groups, or others. File: metadata/default.meta
This file has execute permissions for owners, groups, or others. File: default/web.conf
This file has execute permissions for owners, groups, or others. File: appserver/static/js/build/custom/alerts_input_hook.js
This file has execute permissions for owners, groups, or others. File: appserver/static/js/build/0.licenses.txt
This file has execute permissions for owners, groups, or others. File: appserver/static/js/build/custom/account_hook.js
This file has execute permissions for owners, groups, or others. File: appserver/static/js/build/1.licenses.txt
This file has execute permissions for owners, groups, or others. File: default/data/ui/views/threat_intelligence_matched_events_summary.xml
This file has execute permissions for owners, groups, or others. File: default/app.conf
This file has execute permissions for owners, groups, or others. File: default/server.conf
This file has execute permissions for owners, groups, or others. File: default/inputs.conf
This file has execute permissions for owners, groups, or others. File: default/data/ui/views/security_validation_overview.xml
This file has execute permissions for owners, groups, or others. File: appserver/templates/base.html
This file has execute permissions for owners, groups, or others. File: appserver/static/js/jquery-3.5.0.min.js
This file has execute permissions for owners, groups, or others. File: default/commands.conf
This file has execute permissions for owners, groups, or others. File: splunkbase.manifest
This file has execute permissions for owners, groups, or others. File: appserver/static/js/build/entry_page.js
This file has execute permissions for owners, groups, or others. File: static/appIcon_2x.png
This file has execute permissions for owners, groups, or others. File: appserver/static/indicator_info_send.js
This file has execute permissions for owners, groups, or others. File: appserver/static/js/build/custom/vuln_fields_hook.js
This file has execute permissions for owners, groups, or others. File: appserver/static/js/build/3.js
This file has execute permissions for owners, groups, or others. File: static/appLogo_2x.png
This file has execute permissions for owners, groups, or others. File: TA-mandiant-advantage.aob_meta
This file has execute permissions for owners, groups, or others. File: appserver/static/js/build/0.js
This file has execute permissions for owners, groups, or others. File: appserver/static/js/mktoform.js
This file has execute permissions for owners, groups, or others. File: appserver/static/js/build/custom/matched_events_hook.js
This file has execute permissions for owners, groups, or others. File: default/data/ui/views/vulnerability_details.xml
This file has execute permissions for owners, groups, or others. File: appserver/static/js/build/globalConfig.json
This file has execute permissions for owners, groups, or others. File: appserver/static/correlation_details_button.js
This file has execute permissions for owners, groups, or others. File: appserver/static/vulnerability_overview.css
This file has execute permissions for owners, groups, or others. File: static/appIconAlt_2x.png
This file has execute permissions for owners, groups, or others. File: default/transforms.conf
This file has execute permissions for owners, groups, or others. File: default/data/ui/views/configuration.xml
This file has execute permissions for owners, groups, or others. File: static/appIconAlt.png
This file has execute permissions for owners, groups, or others. File: appserver/static/img/mandiant_img2.png
This file has execute permissions for owners, groups, or others. File: default/savedsearches.conf
This file has execute permissions for owners, groups, or others. File: appserver/static/js/build/entry_page.licenses.txt
This file has execute permissions for owners, groups, or others. File: appserver/static/js/build/3.licenses.txt
This file has execute permissions for owners, groups, or others. File: CP_mandiant_advantage.tar.gz
This file has execute permissions for owners, groups, or others. File: appserver/static/js/build/5.js
This file has execute permissions for owners, groups, or others. File: static/appLogo.png
This file has execute permissions for owners, groups, or others. File: appserver/static/js/underscore-min.js
This file has execute permissions for owners, groups, or others. File: default/addon_builder.conf
This file has execute permissions for owners, groups, or others. File: appserver/static/js/build/custom/input_hook.js
This file has execute permissions for owners, groups, or others. File: default/data/ui/views/dtm_alerts.xml
This file has execute permissions for owners, groups, or others. File: appserver/static/js/build/1.js
This file has execute permissions for owners, groups, or others. File: default/data/ui/views/asm_issues.xml
This file has execute permissions for owners, groups, or others. File: third_party/tenacity_lic.txt
This file has execute permissions for owners, groups, or others. File: appserver/static/pop_up.js
This file has execute permissions for owners, groups, or others. File: default/data/ui/views/threat_intelligence_overview.xml
This file has execute permissions for owners, groups, or others. File: default/data/ui/views/vulnerability_overview.xml
This file has execute permissions for owners, groups, or others. File: default/props.conf
This file has execute permissions for owners, groups, or others. File: README.txt
This file has execute permissions for owners, groups, or others. File: default/data/ui/views/security_validation_details.xml
This file has execute permissions for owners, groups, or others. File: default/data/ui/nav/default.xml
This file has execute permissions for owners, groups, or others. File: appserver/static/js/build/4.js
This file has execute permissions for owners, groups, or others. File: default/restmap.conf
This file has execute permissions for owners, groups, or others. File: default/macros.conf
This file has execute permissions for owners, groups, or others. File: default/data/ui/views/asm_entities.xml
Thanks in advance
Hi @AL3Z,
how do you created your app, in Linux or in Windows?
open you tar.gz file in Linux and the the correct grants that you can see in another app download from splunkbase:
in other words, you probably have grants 777 for your files that isn't acceptable for Splunk Cloud.
Ciao.
Giuseppe
Hello,
I actually untarred the file in Windows using 7zip. Afterward, I employed the Ubuntu app from the app store and executed the following command:
bash
COPYFILE_DISABLE=1 tar --format ustar -cvzf <appname>.tar.gz <appname_directory>
Despite using "chmod 644 appname," the permissions persist at 777. Any suggestions on how to rectify this?
Thanks
Hi @AL3Z ,
as I said, you have to set 644 for all conf files and 755 for folders.
As also @PickleRick said, do this ation on a Linux server.
Ciao.
Giuseppe
I have changed the permissions sucessfully but after installing it is throwing a new error
Something went wrong!
Failed to load current state for selected entity in form!
Details
Error: Request failed with status code 500
ERR0005
How do we fix this issue any idea?
Thanks in advance.
Hi @AL3Z ,
where is the issue: in the upload procedure or in dashboard running?
if in upload procedure, the message should say what's the object with the issue.
In in dashboard running, there's something wrong or missing in the dashboard.
Ciao.
Giuseppe
Yes it is in the dashboard running, Do you want me to paste the source code of dashboard here ?
That's another story. In order to keep the forums tidy, please create a separate thread for a new problem. Describe precisely what's going on and we'll see if we can help you.
Hi @AL3Z ,
this means that the issue on the upload procedure is solved, now you have to debug your code to understand if there's something wrong or missing, e.g. an image or a JS.
If you need help, you should share the dashboard code (only if it's in Classical Dashboard).
Ciao.
Giuseppe
Don't use windows for manipulating unix-related files/archives. It's the same problem as with managing apps with deployment server run on Windows box - windows doesn't handle unix file permissions properly and even if you run WSL-based ubuntu to access your windows filesystem, it won't work properly since windows file permissions don't "match" unix ones.
Just copy your tar archive to the _inside_ of your WSL instance and untar it there.
Hi @AL3Z,
don't untar the app in windows, copy it in Ubuntu and untar it in Ubuntu, so you can modify it as you want and you can give to files and folders the correct grants.
Than tar it (tar.gz) and copy the tarred file in the machine that you will use for the upload (also windows).
In other words, passing in windows erase the grants, so, when you try to upload it in Splunk Cloud it has wrong grants.
It's the same issue that you have if you try to use a Windows Deployment Server to deploy apps to Linux servers.
Ciao.
Giuseppe