BookmarkSubscribeRSS Feed

SAS Viya 3.5 Automatic Home Directories

Started ‎03-12-2020 by
Modified ‎03-12-2020 by
Views 10,370

SAS Viya 3.5 now fully supports automatically creating home directories for those components where having a home directory is important. In this blog we’ll review the options that were available with SAS Viya 3.4 and introduce the new options with SAS Viya 3.5.

 

Ideally, customers will have a single network mountable home directory for all their end-users. Each time an end-user connects to a host their single network mounted home directory will be made available to that host. Then the end-users do not have to worry about ensuring their files are copied to the different hosts they need to access.

 

However, many organizations are not in the idyllic place. Especially, with the move towards cloud computing. Many of these organizations will rely on local home directories for their users and rely on the Pluggable Authentication Module (PAM) configuration creating these on-demand the first time a user logs into a system.

 

Some of the SAS Viya 3.5 components still need access to a home directory for the end-users:

  1. SAS Studio 5.2 (Basic) – to be able to log into the application
  2. SAS Studio 5.2 (Enterprise) – to be able to log into the application (unless using service accounts)
  3. SAS Cloud Analytic Services – for either username/password connections or host launched sessions the CASUSER caslib will be pointed to the home directory

These SAS components do not call far enough into the PAM stack to trigger any automatic creation of home directories. The SAS Object Spawner and SAS Compute Server have provided an option to enable the automatic creation of the home directory with SAS Viya 3.4. With SAS Viya 3.5 SAS Cloud Analytic Services also now supports the automatic creation of home directories.

 

Remember, with the SAS Object Spawner and SAS Compute Server, for the automatic creation of home directories the process must "know" where to put the directory. This means that the user attributes returned from the operating system must correctly identify where the home directory should be located. This could be through reading a specific user attribute or something like SSSD fallback_homedir option.

 

For completeness, as well as showing you how to configure automatic home directory creation for SAS Cloud Analytic Services, we will also repeat the information for SAS Launcher Server & SAS Compute Server as well as the SAS Object Spawner.

SAS Cloud Analytic Services

SAS Cloud Analytic Services with SAS Viya 3.5 relies on three environment variables to configure the automatic creation of home directories. The first environment variable CASMAKEHOMEDIR, enables the creation of home directories and defines on which CAS machine(s) the directory is created on. The possible values are:

  • CONTROLLER - creates a home directory on the primary controller machine only.
  • WORKER - creates a home directory on the primary controller and the worker machines.
  • BACKUP - creates a home directory on the primary controller and the backup controller.
  • ALL - creates a home directory on all the nodes.

The second environment variable CASHOMEDIRLOC, specifies the location of the directory where each user’s home directory is created and matches the user name in the system. The final environment variable CASHOMEDIRPERMS, specifies the permission mode for the home directory on a CAS machine. These permissions are specified in UNIX Octal format. Supported directory permission values are between 0700 and 0777. The default setting (0700) provides Read/Write/Execute permissions to the user only. If you’d like more information or to calculate the correct Octal value, try this site: http://permissions-calculator.org/.

 

Both CASHOMEDIRLOC and CASHOMEDIRPERMS are optional, and only have an impact if CASMAKEHOMEDIR is set, otherwise they are ignored. If CASHOMEDIRLOC is not set, then the user’s attributes are used to define the location of the home directory. In this way SAS Cloud Analytic Services will operate the same as the SAS Object Spawner and SAS Launcher Server.

 

The three environment variables are set in the /opt/sas/viya/config/etc/cas/default/casconfig_usermods.lua file. For example, adding the following to casconfig_usermods.lua:

 

env.CASMAKEHOMEDIR='ALL' 
env.CASHOMEDIRLOC='/home' 
env.CASHOMEDIRPERMS='0700'

 

Will result in the home directories being created on all CAS hosts, in the /home directory with the default permissions. For the changes in the casconfig_usermods.lua file to be picked up the SAS Cloud Analytic Services process must be restarted. For example, on RedHat Linux 7.x you would use the following command:

 

systemctl restart sas-viya-cascontroller-default

 

Now when connecting as an end-user with a host-launched session the home directory will be created automatically. This does not impact end-users who do not have a host-launched session. So will not impact, in the default setup, the end-users of the SAS Viya visual applications. End-users of the SAS Viya visual applications who have their sessions run as the CAS service account have their personal CASLIB pointing to a directory under the configuration directory (/opt/sas/viya/config/data/cas/default/casuserlibraries).

SAS Launcher Server & SAS Compute Server

End-user’s accessing SAS Studio 5.2 (Enterprise) or leveraging other solution components such as SAS Model Studio will have their SAS Compute Server session launched by the SAS Launcher Server. As the documentation states we can set a configuration property within SAS Configuration Server that will trigger the automatic creation of the home directory. Unfortunately, at this time there is no-way to complete this within SAS Environment Manager and SAS Bootstrap Config tool needs to be used.

 

First initialize the environment variables required by the SAS Bootstrap Config tool:

 

source /opt/sas/viya/config/consul.conf
export CONSUL_TOKEN=`cat /opt/sas/viya/config/etc/SASSecurityCertificateFramework/tokens/consul/default/client.token`

 

With the environment variables set the SAS Bootstrap Config tool can be used to set the configuration property:

 

/opt/sas/viya/home/bin/sas-bootstrap-config kv write --force --key config/launcher-server/global/environment/SASMAKEHOMEDIR --value 1

 

Optionally, the default home directory permissions 0700 can be changed as well by setting another property:

 

/opt/sas/viya/home/bin/sas-bootstrap-config kv write --force --key config/launcher-server/global/environment/SASHOMEDIRPERMS --value <permissions>

 

Where the <permissions> are the required permissions on the home directory. These permissions are specified in UNIX Octal format. So, the default 0700 permissions provide read/write/execute to the user only. Supported values are between 0700 and 0777.

 

Finally restart the runlauncher operating system process, for example:

 

systemctl restart sas-viya-runlauncher-default

 

Now as end-user log into SAS Studio 5.2 (Enterprise), so long as their POSIX user attributes include a home directory specification, their home directory will be created for them.

SAS Object Spawner

SAS Studio 5.2 (Basic) does not use the SAS Launcher Server, instead this leverages a SAS Object Spawner to launch a SAS Workspace Server as the end-user logs in. The changes above will have no impact on end-users accessing SAS Studio 5.2 (Basic). However, the same environment variables can be set for the SAS Studio 5.2 (Basic) users to trigger the automatic home directory creation.

 

For SAS Studio 5.2 (Basic) users we need to edit the SAS Object Spawner launch script to set the environment variables. So, edit the file:

 

/opt/sas/viya/config/etc/spawner/default/spawner_usermods.sh

 

And add the environment variables:

 

export SASMAKEHOMEDIR=1
export SASHOMEDIRPERMS=<permissions>

 

Where the <permissions> are the required permissions on the home directory, just as we discussed above.

 

Then just restart the SAS Object Spawner, for example:

 

systemctl restart sas-viya-spawner-default

 

So now we have the same behavior for the SAS Studio 5.2 (Basic) end-users, as they log in their home directories will be automatically created for them assuming the end-user’s POSIX attributes include a home directory specification.

Conclusion

In this post we have shown that with SAS Viya 3.5, the process for automatically creating home directories is both simplified and more consistent across the three components that require home directories. The options for the SAS Object Spawner and SAS Launcher Server were available with SAS Viya 3.4. While the options for SAS Cloud Analytic Services are new with SAS Viya 3.5.

Version history
Last update:
‎03-12-2020 11:45 AM
Updated by:
Contributors

sas-innovate-2024.png

📢

ANNOUNCEMENT

The early bird rate has been extended! Register by March 18 for just $695 - $100 off the standard rate.

 

Check out the agenda and get ready for a jam-packed event featuring workshops, super demos, breakout sessions, roundtables, inspiring keynotes and incredible networking events. 

 

Register now!

Free course: Data Literacy Essentials

Data Literacy is for all, even absolute beginners. Jump on board with this free e-learning  and boost your career prospects.

Get Started

Article Tags