Usage Note 15481: SETUID issues when SASĀ® 9 deployment is remotely mounted via NFS
As documented in SAS KB0036200, the SAS modules sasauth, elssrv, and sasperm must be owned by root and have the setuid bit set in UNIX environments.
If a SAS 9 deployment resides on an NFS mount, the following issues should be noted:
- The NFS client must allow setuid execution for files stored on the NFS server.
On the mount command, the default setting is setuid. That is the correct setting. Do not specify nosuid.
- The NFS server controls how requests from root are mapped.
By default, the effective user ID of all NFS client users, both anonymous and root, is 65534. In order to be valid for setuid root, the NFS credentials must be modified.
To correct the problem, change the anon option in the /etc/exports file to a value of 0, which maps to root.
Note: This problem might also occur when using NFS-mounted file systems with Platform LSF.
Operating System and Release Information
| SAS System | N/A | 64-bit Enabled AIX | 9.1 TS1M3 SP1 | |
| 64-bit Enabled HP-UX | 9.1 TS1M3 SP1 | |
| 64-bit Enabled Solaris | 9.1 TS1M3 SP1 | |
| HP-UX IPF | 9.1 TS1M3 SP1 | |
| Linux | 9.1 TS1M3 SP1 | |
| Linux on Itanium | 9.1 TS1M3 SP1 | |
| OpenVMS Alpha | 9.1 TS1M3 SP1 | |
| Tru64 UNIX | 9.1 TS1M3 SP1 | |
*
For software releases that are not yet generally available, the Fixed
Release is the software release in which the problem is planned to be
fixed.
| Type: | Usage Note |
| Priority: | medium |
| Topic: | System Administration ==> Installation
System Administration ==> Security ==> Authentication
|
| Date Modified: | 2010-05-13 15:11:45 |
| Date Created: | 2005-06-07 14:11:18 |
