When I try to check an app with appinspector I get the following failure for each file:
FAILURE: A world-writable file was found. File: *< filename >*
This happens when running the command for "Review a Splunk app before requesting certification" which is described on the web page: http://dev.splunk.com/view/appinspect/SP-CAAAFAM
python splunk-appinspect inspect "<full path to the app>" --mode precert --included-tags splunk_appinspect
Modifying the default.meta file does not help. Here is the content of the default.meta file:
# Application-level permissions
[]
access = read : [ * ], write : [ admin ]
export = system
I tested it with a .zip file, a .spl file and an uncompressed directory (like the app is stored below C:\Program Files\splunk\etc\apps). The error occurs every time.
The command for being compliant with the cloud requirements, does not throw any error and works fine.
python splunk-appinspect inspect "<full path to the app>" --mode precert --included-tags cloud
What can I do to get rid of this error?
I have been looking at how to resolve this within windows and came to the conclusion after many attempts messing around with the filesystem permissions, cygwin, etc that it was just far easier to install Virtualbox and a copy of Ubuntu (other Linix based OS are available). After setting this up and applying the suggested permissions, mine passed first-time!
I'd rather there was an easier way but its not too difficult to use as a workaround.
I use cygwin on WIndows 10 and have had no issues with file permissions inside the app...
for whatever reason, I couldn't get it to work correctly for me... It was a shame because I would have much preferred to use that than to have to use virtualbox
The full message should be
Splunk recommends 644 for all files outside of bin/ and 755 for
all directories and files in the bin/ directory.
FAILURE: A world-writable file was found. File: README.md
FAILURE: A world-writable file was found.
So you would need to update your file permissions accordingly (e.g., "chmod -R 644 myappdir"
I was having the same issues, I fixed this by running the chmods as root in WSL on my windows machine -
find APPNAME_HERE -type d -exec chmod 700 {} \;
find APPNAME_HERE -type f -exec chmod 644 {} \;
OK, now imagine you are living in a Windows world where 644 is but a number. Apparently the script was not tested on Windows?!?
@helge We target *nix systems for these standards because the overwhelming majority of installations for Splunk are on *nix and we are looking to follow best practices in that environment.