Getting Data In

Why is Splunk AppInspect failing with error "FAILURE: A world-writable file was found" when requesting app certification?

Engager

When I try to check an app with appinspector I get the following failure for each file:

FAILURE: A world-writable file was found. File: *< filename >*

This happens when running the command for "Review a Splunk app before requesting certification" which is described on the web page: http://dev.splunk.com/view/appinspect/SP-CAAAFAM

python splunk-appinspect inspect "<full path to the app>" --mode precert --included-tags splunk_appinspect

Modifying the default.meta file does not help. Here is the content of the default.meta file:

# Application-level permissions

[]
access = read : [ * ], write : [ admin ]
export = system

I tested it with a .zip file, a .spl file and an uncompressed directory (like the app is stored below C:\Program Files\splunk\etc\apps). The error occurs every time.

The command for being compliant with the cloud requirements, does not throw any error and works fine.

python splunk-appinspect inspect "<full path to the app>" --mode precert --included-tags cloud

What can I do to get rid of this error?

Path Finder

I have been looking at how to resolve this within windows and came to the conclusion after many attempts messing around with the filesystem permissions, cygwin, etc that it was just far easier to install Virtualbox and a copy of Ubuntu (other Linix based OS are available). After setting this up and applying the suggested permissions, mine passed first-time!

I'd rather there was an easier way but its not too difficult to use as a workaround.

0 Karma

SplunkTrust
SplunkTrust

I use cygwin on WIndows 10 and have had no issues with file permissions inside the app...

0 Karma

Path Finder

for whatever reason, I couldn't get it to work correctly for me... It was a shame because I would have much preferred to use that than to have to use virtualbox

0 Karma

Splunk Employee
Splunk Employee

The full message should be

Splunk recommends 644 for all files outside of bin/ and 755 for
all directories and files in the bin/ directory.
FAILURE: A world-writable file was found. File: README.md
FAILURE: A world-writable file was found.

So you would need to update your file permissions accordingly (e.g., "chmod -R 644 myappdir"

0 Karma

Builder

OK, now imagine you are living in a Windows world where 644 is but a number. Apparently the script was not tested on Windows?!?

0 Karma

Splunk Employee
Splunk Employee

@helge We target *nix systems for these standards because the overwhelming majority of installations for Splunk are on *nix and we are looking to follow best practices in that environment.

0 Karma