06-26-2015 08:19 AM
We're experiencing inconsistent behavior from our SAS EG [Version: 5.1 (220.127.116.1119)(64-bit)] wherein some users are unable to view particular folders in the server list, while others can.
Our directories and files are in Unix servers, while our SAS Applications are in Windows. The user accounts are all in the same groups, which means they should have the same permissions and restrictions. All symbolic links to the directories are set per user home directory (Unix), as well. Despite this, User A is able to see the contents of the directory after drilling down to the Application Server -> Files -> Folder x, while User B can't.
Any thoughts as to what is causing this?
Thanks in advance!
06-26-2015 07:03 PM
The Files navigation feature in EG reflects the configuration of the SAS Workspace Server which, by default, only shows the contents of the SASUSER folder (and below). In this default configuration each user will see their own isolated SASUSER folder and below, and if use A creates a new folder, user B will not see it. If required, the SAS Workspace Server can be reconfigured to widen the file navigation scope to shared content such as the entire file system (subject to opsys permissions) or a specified location (once again subject to opsys permissions).
Do you know if your SAS Workspace Server is configured as-default for the file navigation feature? This might explain what you are seeing. Or has it been reconfigured to show shared content already?
If you're not already familiar with this setting, Angela Hall's 2009 blog post SAS Enterprise Guide - Server File Access discusses it, with a screenshot to help locate the setting in SAS Management Console.
06-27-2015 10:19 AM
It doesn't make any sense stating your applications are at Windows but your directories and files are at Unix. The reason is that a SAS application is a bundle of files (suffix .sas)at the OS level in your case Unix.
As your users have their home directories at Unix (mostly a part of the /home filesystem) the classic Unix security should be understood. There is a lot misunderstanding about that. Let start:
* is the owner of the directory files that are setting the security for new items. There is no centrally managed security for that is is with Windows.
* the HFS structure is the one that should be centrally architecture as that one can be managed with groups. Better sais each level can be used for limiting in a hierarchy with just one group each level. That is different with Windows allowing many groups at each level with different rights.
* There is no search for checking allowance in one of the others as of owner / group / others for each level. This is having adding another concept of putting jerks in special groups to limit rights. That is the other way of thinking as groups only allowing rights as is common with Windows and SAS metadata.
* You will need the execute rights on directies being set (traversal) it is change dir not the executing of files. The sticky bit on directories can be needed to allow others to write/update files but not deleting them
* in most examples of the chmod you will see 3 numbers. In reality there are 4 octets.
Let the users use a wel behaved ssh she'll or sftp program to check all this is done correctly by them as the owner.
Eguide is accessing those conforming os level rights as they cannot be overruled by SAS. You are having some issues there.
07-01-2015 05:41 AM
Thank you for all the helpful input -- as it turns out, it wasn't a SAS issue. The user's home directory in the Unix server was pointing to the wrong path.
Need further help from the community? Please ask a new question.