cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
BookmarkSubscribeRSS Feed
🔒 This topic is solved and locked. Need further help from the community? Please sign in and ask a new question.
sathya66
Barite | Level 11 sathya66
Barite | Level 11
Go to Solution

Metadata server log permission

Posted 06-03-2020 05:23 AM (1496 views)

All,

Currently our SASMeta_MetadataServer.log log permissions are set to 600 .How can we set the metadata server log file permission to 644.

I tried to set the permissions in logconfig.xml in metadata server but it didn't help us as that file has Rolling log file with default rollover of midnight.

is there anyway we can set to 644 or please can you advise on this.

Thanks,

SS

0 Likes
1 ACCEPTED SOLUTION

Accepted Solutions
sathya66
Barite | Level 11 sathya66
Barite | Level 11

Re: Metadata server log permission

Posted 06-03-2020 09:05 AM (1422 views)  |   In reply to sathya66

Ignore me.
It worked ,If I change logconfig.xml file
from <param name="FilePermissions" value="A::u::rw-,A::g::---,A::o::---"/>
to <param name="FilePermissions" value="A::u::rw-,A::g::r--,A::o::r--"/>
group and other should have "r--".

Thanks for your response and help.

View solution in original post

0 Likes
9 REPLIES 9
Anand_V
Ammonite | Level 13 Anand_V
Ammonite | Level 13

Re: Metadata server log permission

Posted 06-03-2020 07:01 AM (1470 views)  |   In reply to sathya66
Does only the Metadata logs are generated with 600 permission or any file created using 'SAS Installer Account' with same permission?

Could you please share how did you change this config in logconfig.xml file?

you can try to set umask value for the 'SAS Installer Account' to 0022. This will generate all the files by this ID with permission of 644. You can add this in .bashrc file for this user.
0 Likes
sathya66
Barite | Level 11 sathya66
Barite | Level 11

Re: Metadata server log permission

Posted 06-03-2020 08:32 AM (1446 views)  |   In reply to Anand_V

Yes all files created using SAS installer account has 600 permissions (ex: objectspwaner,metadata,etc but not the mid tier server logs have 640 permissions).
I changed like below
<param name="FilePermissions" value="A::u::rw-,A::g::---,A::o::---"/>
it worked in Workspace server logconfig file as that one doesn't have rolling log.

I am looking for only logs with 644 permissions. If I change umask to 0022 in .bashrc then it is for all files which is created by sas installer account?
0 Likes
alexal
SAS Employee alexal
SAS Employee

Re: Metadata server log permission

Posted 06-03-2020 08:59 AM (1433 views)  |   In reply to sathya66

If I change umask to 0022 in .bashrc then it is for all files which is created by sas installer account?

Yes.

0 Likes
sathya66
Barite | Level 11 sathya66
Barite | Level 11

Re: Metadata server log permission

Posted 06-03-2020 09:05 AM (1423 views)  |   In reply to sathya66

Ignore me.
It worked ,If I change logconfig.xml file
from <param name="FilePermissions" value="A::u::rw-,A::g::---,A::o::---"/>
to <param name="FilePermissions" value="A::u::rw-,A::g::r--,A::o::r--"/>
group and other should have "r--".

Thanks for your response and help.

0 Likes
gwootton
SAS Super FREQ gwootton
SAS Super FREQ

Re: Metadata server log permission

Posted 06-03-2020 09:11 AM (1415 views)  |   In reply to sathya66

The FilePermissions parameter is valid for the RollingFileAppender. Did you restart the Metadata Server after making the change?

 

SAS® 9.4 Logging: Configuration and Programming Reference - RollingFileAppender

 

Your example seems to indicate you are setting the permissions to 600 instead of 644. Here is the example from the documentation:

 

Example The following parameter sets permissions that enable only the owning user to write to the log file. All other users can only read the file. 
<param name="FilePermissions" value="A::u::rw-,A::g::r--,A::o::r--"/>
--
Greg Wootton | Principal Systems Technical Support Engineer
sathya66
Barite | Level 11 sathya66
Barite | Level 11

Re: Metadata server log permission

Posted 06-03-2020 09:23 AM (1405 views)  |   In reply to gwootton
Yes, I wanted to see the file permissions straight away after making the change so I restarted the metadata server otherwise I need to wait until next day to see the file permission is changed or not .
I think we don't need to restart the metadata server.
0 Likes
gwootton
SAS Super FREQ gwootton
SAS Super FREQ

Re: Metadata server log permission

Posted 06-03-2020 09:55 AM (1397 views)  |   In reply to sathya66
The contents of the log configuration file are only read during startup, so changes would not be read in unless the server is restarted.
For on-demand servers like a Workspace Server this means the log configuration is read when the next Workspace Server starts, but for persistent servers like Object Spawners and Metadata a restart is required.
--
Greg Wootton | Principal Systems Technical Support Engineer
0 Likes
sathya66
Barite | Level 11 sathya66
Barite | Level 11

Re: Metadata server log permission

Posted 03-29-2022 07:10 AM (1011 views)  |   In reply to gwootton

By setting up the permissions like this. It is only creating a file with 644 permissions after restarting metadata server but not giving the 644 permissions for every day logs.Any idea?

Our logs rotates every day(time-based ).

See below on 19th we restarted metadata server so it has given 644 but remaining logs it is with 600 only

 

sathya66_0-1648552171743.png

 

0 Likes
gwootton
SAS Super FREQ gwootton
SAS Super FREQ

Re: Metadata server log permission

Posted 03-29-2022 04:46 PM (990 views)  |   In reply to sathya66
You may wish to engage SAS Technical Support to review the configuration and behavior.
--
Greg Wootton | Principal Systems Technical Support Engineer
0 Likes

suga badge.PNGThe SAS Users Group for Administrators (SUGA) is open to all SAS administrators and architects who install, update, manage or maintain a SAS deployment. 

Join SUGA 

Get Started with SAS Information Catalog in SAS Viya

SAS technical trainer Erin Winters shows you how to explore assets, create new data discovery agents, schedule data discovery agents, and much more.

Watch Get Started with SAS Information Catalog in SAS Viya on YouTube

Find more tutorials on the SAS Users YouTube channel.

Discussion stats
  • 9 replies
  • ‎06-03-2020 05:23 AM
  • 1497 views
  • 1 like
  • 4 in conversation