Splunk Enterprise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Issue after upgrade from HF splunk 9.2.1 to 9.2.2

Xander13
Observer
‎10-04-2024 09:06 AM

Issue after upgrade from HF splunk 9.2.1 to 9.2.2.
OS Running on Redhat 8.10 latest kernel version

Tried to change give permissions to splunk folder.
Tried to set to permissive mode the sestatus.

[afmpcc-prabdev@sgmtihfsv001 splunk]$ sudo -u splunk /mnt/splunk/splunk/bin/splunk start --accept-license --answer-yes
Error calling execve(): Permission denied
Error launching systemctl show command: Permission denied

This appears to be an upgrade of Splunk.
--------------------------------------------------------------------------------)

Splunk has detected an older version of Splunk installed on this machine. To
finish upgrading to the new version, Splunk's installer will automatically
update and alter your current configuration files. Deprecated configuration
files will be renamed with a.deprecated extension.

You can choose to preview the changes that will be made to your configuration
files before proceeding with the migration and upgrade:

If you want to migrate and upgrade without previewing the changes that will be
made to your existing configuration files, choose 'y'.
If you want to see what changes will be made before you proceed with the
upgrade, choose 'n'.

Perform migration and upgrade without previewing configuration changes? [y/n] y
Can't run "btool server list clustering --no-log": Permission denied
[afmpcc-prabdev@sgmtihfsv001 splunk]$[afmpcc-prabdev@sgmtihfsv001 splunk]$ sudo -u splunk /mnt/splunk/splunk/bin/splunk btool server list clustering --no-log
execve: Permission denied
while running command /mnt/splunk/splunk/bin/btool
[afmpcc-prabdev@sgmtihfsv001 splunk]$

Labels (1)
Labels
0 Karma
Reply

Xander13
Observer
‎10-06-2024 02:57 AM

Thank you guys. Issue was resolved. There is NOEXEC restriction configured on the account in SUDOERS file.

 

 

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎10-06-2024 02:58 AM

hi @Xander13 ,


good for you, see next time!

Ciao and happy splunking

Giuseppe

P.S.: Karma Points are appreciated by all the contributors 😉

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎10-06-2024 01:28 AM

Hi @Xander13 ,

you're using the splunk user to run the upgrade and probably there are some files owned by root.

You have two choices:

  1. run the upgrade by root,
  2. run by root the command "chown -R splunk:splunk /opt/splunk" and then run the upgrade by splunk user

Ciao.

Giuseppe

0 Karma
Reply

inventsekar
SplunkTrust
SplunkTrust
‎10-05-2024 10:36 PM

Hi @Xander13 

the error - Error calling execve(): Permission denied

was discussed in this post. could you pls check this once, thanks. 

https://community.splunk.com/t5/Getting-Data-In/When-trying-to-start-Splunk-I-m-getting-an-quot-exec...

 

 

thanks and best regards,
Sekar

PS - If this or any post helped you in any way, pls consider upvoting, thanks for reading !
0 Karma
Reply
Get Updates on the Splunk Community!

Splunk AI Assistant for SPL | Key Use Cases to Unlock the Power of SPL

Splunk AI Assistant for SPL | Key Use Cases to Unlock the Power of SPL  The Splunk AI Assistant for SPL ...

Buttercup Games: Further Dashboarding Techniques (Part 5)

This series of blogs assumes you have already completed the Splunk Enterprise Search Tutorial as it uses the ...

Customers Increasingly Choose Splunk for Observability

For the second year in a row, Splunk was recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for ...