Desktop productivity for business analysts and programmers

User saved SAS data on Unix server but can't be viewed by others

Accepted Solution Solved
Reply
New Contributor
Posts: 2
Accepted Solution

User saved SAS data on Unix server but can't be viewed by others

Hi, Experts,

 

I have a user who created a data set using EG 7.1 for Windows. The server is on RHEL, so their code looks similar to this:

 

libname myLib "/u01/sasdata/myFolder";

 

data myLib.test;

...[stuff]...

run;

 

I see that the data is now in /u01/sasdata/myFolder, but it has permissions of 660. Normally, this isn't a problem, except that the owner of the file is the user who created it, and the group is also the user who created it, so no one else can see this data. That is, when I do a ls -lart on the directory, I see the data set like this:

 

-rw-rw---- 1 dataCreator dataCreator 131072 Jan 24 13:51 test.sas7bdat

 

What I'd like to see, ideally, is:

 

-rw-rw---- 1 dataCreator    sasvba   131072 Jan 24 13:51 test.sas7bdat

 

...where sasvba is the group for dataCreator.

 

Otherwise, I can apply a umask and get it to look like this:

 

-rw-rw-rw- 1 dataCreator dataCreator 131072 Jan 24 13:51 test.sas7bdat

 

...but that wouldn't be ideal, since everyone could read/write to the data set.


Accepted Solutions
Solution
‎01-30-2018 09:44 AM
New Contributor
Posts: 2

Re: User saved SAS data on Unix server but can't be viewed by others

Posted in reply to SenseiCAY

We solved it by putting a umask in WorkspaceServer_usermods.sh.

 

Change the line that says "USERMODS_OPTIONS=" to "USERMODS_OPTIONS= umask 022"

 

Also, from SAS TS, note that the instructions located at http://support.sas.com/kb/38/040.html do not mention that the locations to put the umask option are hierarchical, meaning something in sasenv_local will override everything else, something in ObjectSpawner.sh will override anything other than sasenv_local, and so on, which is the problem I was having.

 

View solution in original post


All Replies
SAS Employee
Posts: 315

Re: User saved SAS data on Unix server but can't be viewed by others

Posted in reply to SenseiCAY

The group=dataCreator is being set because it's the primary group for user=dataCreator

 

You can either change this primary group or consider the use of the GUID on the target folder. From experience I prefer the GUID route since then it's guaranteed the data will land up with the correct group ownership. Using the former method assumes the primary group for the user is always correct, which many times it's not.

 

The forum can't provide specific answers since this design all relies on your security model, which differs from site to site. Your UNIX admins will be able to guide since this is more a UNIX topic than a SAS topic.

SAS Employee
Posts: 315

Re: User saved SAS data on Unix server but can't be viewed by others

Posted in reply to SenseiCAY

As an example...there are many posts on the web:

 

http://www.toptip.ca/2010/03/linux-setgid-on-directory.html

 

Solution
‎01-30-2018 09:44 AM
New Contributor
Posts: 2

Re: User saved SAS data on Unix server but can't be viewed by others

Posted in reply to SenseiCAY

We solved it by putting a umask in WorkspaceServer_usermods.sh.

 

Change the line that says "USERMODS_OPTIONS=" to "USERMODS_OPTIONS= umask 022"

 

Also, from SAS TS, note that the instructions located at http://support.sas.com/kb/38/040.html do not mention that the locations to put the umask option are hierarchical, meaning something in sasenv_local will override everything else, something in ObjectSpawner.sh will override anything other than sasenv_local, and so on, which is the problem I was having.

 

☑ This topic is solved.

Need further help from the community? Please ask a new question.

Discussion stats
  • 3 replies
  • 152 views
  • 3 likes
  • 2 in conversation