Splunk Search

Upgrading Splunk as root modified file system using tar.gz

splunkreal
Motivator

Hello,

looks like upgrading Splunk as root modified our file system using tar.gz, is this normal behaviour?

 

[root@xhost ~]# ll /OPT/siem/splunk/
total 2396
drwxr-xr-x 4 siem siem 4096 Oct 17 2018 bin
-r--r--r-- 1 siem siem 57 Oct 17 2018 copyright.txt
drwxr-xr-x 16 siem siem 4096 Jun 6 2019 etc
drwxr-xr-x 3 siem siem 44 Oct 17 2018 include
drwxr-xr-x 6 siem siem 4096 Oct 17 2018 lib
-r--r--r-- 1 siem siem 61779 Oct 17 2018 license-eula.txt
drwxr-xr-x 3 siem siem 58 Oct 17 2018 openssl
-r--r--r-- 1 siem siem 844 Oct 17 2018 README-splunk.txt
drwxr-xr-x 3 siem siem 86 Oct 17 2018 share
-r--r--r-- 1 siem siem 2365100 Oct 17 2018 splunk-7.1.4-5a7a840afcb3-linux-2.6-x86_64-manifest
lrwxrwxrwx 1 siem siem 9 May 28 2019 var -> /VAR/siem


[root@xhost tmp]# ll /OPT/siem/splunk/
total 4616
drwxr-xr-x 4 10777 xgroup 4096 Jan 8 2020 bin
-r--r--r-- 1 10777 xgroup 57 Jan 8 2020 copyright.txt
drwxr-xr-x 16 10777 xgroup 4096 Jan 8 2020 etc
-rw-r--r-- 1 10777 xgroup 0 Jan 8 2020 ftr
drwxr-xr-x 3 10777 xgroup 44 Jan 8 2020 include
drwxr-xr-x 7 10777 xgroup 4096 Jan 8 2020 lib
-r--r--r-- 1 10777 xgroup 62762 Jan 8 2020 license-eula.txt
drwxr-xr-x 3 10777 xgroup 58 Jan 8 2020 openssl
-r--r--r-- 1 10777 xgroup 844 Jan 8 2020 README-splunk.txt
drwxr-xr-x 4 10777 xgroup 108 Jan 8 2020 share
-r--r--r-- 1 siem siem 2365100 Oct 17 2018 splunk-7.1.4-5a7a840afcb3-linux-2.6-x86_64-manifest
-r--r--r-- 1 10777 xgroup 2270678 Jan 8 2020 splunk-7.3.4-13e97039fb65-linux-2.6-x86_64-manifest
lrwxrwxrwx 1 siem siem 9 May 28 2019 var -> /VAR/siem
[root@xhost tmp]#

 

Thanks.

* If this helps, please upvote or accept solution if it solved *
0 Karma
1 Solution

schose
Builder

Hi,

normal tar behavior..

--no-same-owner extract files as yourself (default for ordinary users)

--owner=NAME force NAME as owner for added files

https://linux.die.net/man/1/tar

regards,

Andreas

View solution in original post

schose
Builder

Hi,

normal tar behavior..

--no-same-owner extract files as yourself (default for ordinary users)

--owner=NAME force NAME as owner for added files

https://linux.die.net/man/1/tar

regards,

Andreas

Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Get Updates on the Splunk Community!

Thanks for the Memories! Splunk University, .conf25, and our Community

Thank you to everyone in the Splunk Community who joined us for .conf25, which kicked off with our iconic ...

Data Persistence in the OpenTelemetry Collector

This blog post is part of an ongoing series on OpenTelemetry. What happens if the OpenTelemetry collector ...

Introducing Splunk 10.0: Smarter, Faster, and More Powerful Than Ever

Now On Demand Whether you're managing complex deployments or looking to future-proof your data ...