No, ignore the step 5 stuff, that's not relevant. I'm asking about unix permissions on the filesystem only.
More detail - I'm trying to permit shared group-write for development where a developer could ssh into the search-head and build their app via some combination of manual editing and using the gui to build dashboards etc. If they stay all gui for their development, the app works, but the group and world permissions are getting reset by the gui 'save' actions to something other than the state the tree started with (in general, the group-write gets removed, sometimes even group-read). If they work all interactively in an editor, the app doesn't always work due to needing service resets all the time if they edit any .conf files or the like.
So I'm trying to dig into what the 'unix' filesystem permissions are supposed to be in $SPLUNK_HOME/etc/apps/myappname
Also, the permissions there differ a lot for unix and mac variants of splunk, which I can't explain either. Is there a way to reverse engineer what the splunk gui is setting when you hit 'save' ?
... View more