Hello,
looks like upgrading Splunk as root modified our file system using tar.gz, is this normal behaviour?
[root@xhost ~]# ll /OPT/siem/splunk/
total 2396
drwxr-xr-x 4 siem siem 4096 Oct 17 2018 bin
-r--r--r-- 1 siem siem 57 Oct 17 2018 copyright.txt
drwxr-xr-x 16 siem siem 4096 Jun 6 2019 etc
drwxr-xr-x 3 siem siem 44 Oct 17 2018 include
drwxr-xr-x 6 siem siem 4096 Oct 17 2018 lib
-r--r--r-- 1 siem siem 61779 Oct 17 2018 license-eula.txt
drwxr-xr-x 3 siem siem 58 Oct 17 2018 openssl
-r--r--r-- 1 siem siem 844 Oct 17 2018 README-splunk.txt
drwxr-xr-x 3 siem siem 86 Oct 17 2018 share
-r--r--r-- 1 siem siem 2365100 Oct 17 2018 splunk-7.1.4-5a7a840afcb3-linux-2.6-x86_64-manifest
lrwxrwxrwx 1 siem siem 9 May 28 2019 var -> /VAR/siem
[root@xhost tmp]# ll /OPT/siem/splunk/
total 4616
drwxr-xr-x 4 10777 xgroup 4096 Jan 8 2020 bin
-r--r--r-- 1 10777 xgroup 57 Jan 8 2020 copyright.txt
drwxr-xr-x 16 10777 xgroup 4096 Jan 8 2020 etc
-rw-r--r-- 1 10777 xgroup 0 Jan 8 2020 ftr
drwxr-xr-x 3 10777 xgroup 44 Jan 8 2020 include
drwxr-xr-x 7 10777 xgroup 4096 Jan 8 2020 lib
-r--r--r-- 1 10777 xgroup 62762 Jan 8 2020 license-eula.txt
drwxr-xr-x 3 10777 xgroup 58 Jan 8 2020 openssl
-r--r--r-- 1 10777 xgroup 844 Jan 8 2020 README-splunk.txt
drwxr-xr-x 4 10777 xgroup 108 Jan 8 2020 share
-r--r--r-- 1 siem siem 2365100 Oct 17 2018 splunk-7.1.4-5a7a840afcb3-linux-2.6-x86_64-manifest
-r--r--r-- 1 10777 xgroup 2270678 Jan 8 2020 splunk-7.3.4-13e97039fb65-linux-2.6-x86_64-manifest
lrwxrwxrwx 1 siem siem 9 May 28 2019 var -> /VAR/siem
[root@xhost tmp]#
Thanks.
Hi,
normal tar behavior..
--no-same-owner extract files as yourself (default for ordinary users)
--owner=NAME force NAME as owner for added files
https://linux.die.net/man/1/tar
regards,
Andreas
Hi,
normal tar behavior..
--no-same-owner extract files as yourself (default for ordinary users)
--owner=NAME force NAME as owner for added files
https://linux.die.net/man/1/tar
regards,
Andreas